Re: [nlug] fail2ban alternative for CentOS 7
On Fri, May 05, 2023 at 05:00:14PM -0500, THOMAS BARTKUS wrote: > > That's a canard. It would be more accurate to say that it is not > enough. And it isn't. But anything that prevents a significant number > hack attempts is helpful. So one should strive for obscurity. Just > because there are "persistent pests" out there doesn't mean you should > make it easier for them. After playing the game for 40+ years I stand by my statement. John -- He may be mad, but there's method in his madness. There nearly always is method in madness. It's what drives men mad, being methodical. -- G. K. Chesterton, The Fad of the Fisherman (1922) -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20230506112032.GE24663%40elros.gerdesas.com. signature.asc Description: PGP signature
Re: [nlug] fail2ban alternative for CentOS 7
On Fri, May 05, 2023 at 10:16:59AM -0700, Thomas Bartkus wrote: > > Yes. Moving to an odd port dramatically cuts the number of pwd attacks. > And I would call that increased security. Security through obscurity does not work :) This is merely a method to reduce alert & log volume so one can concentrate on more important matters. You will find that persistent pests will find the alternate port and start probing but the automated skiddies will go on to lower-hanging fruit. John -- Engineer (n): Someone who does precision guesswork based upon unreliable data provided by those of questionable knowledge". - short-bike - Libera.Chat -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20230505204452.GD24663%40elros.gerdesas.com. signature.asc Description: PGP signature
Re: [nlug] fail2ban alternative for CentOS 7
On Wed, May 03, 2023 at 07:22:28PM -0500, Michael L wrote: > google search yielded: > "By default, fail2ban works with iptables. However, > *this has been deprecated in favor of the firewalld" . * fail2ban is available in EPEL for EL7: yum --enablerepo=extras install epel-release yum --enablerepo=epel install fail2ban-server fail2ban-sendmail fail2ban-systemd Configure as necessary and then enable and start with: systemctl enable fail2ban.service systemctl start fail2ban.service > I have a 29 character root password and will lengthen the other sudo > passwords. I hope to be rid of this CentOS 7 system soon, but until then > it's best to install an additional roadblock to the brute force login > attempts. Move sshd to another port; it does nothing to heighten security but it will reduce log / alert volume by more than a bit. John -- In view of the fact that God limited the intelligence of man, it seems unfair that he did not also limit his stupidity. -- Konrad Hermann Josef Adenauer (1876-1967), West German Chancellor from 1949-1963, as quoted in Through Russian Eyes: President Kennedy's 1036 Days (1973) by Anatoli-Andreevich Gromyko -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20230504003823.GC24663%40elros.gerdesas.com. signature.asc Description: PGP signature
Re: [nlug] [SOLVED] Re: DNF certificates for Rocky 8.6
On Sun, Aug 21, 2022 at 05:30:00PM -0700, Csaba Toth wrote: > Maybe if you are an operator at the secret uranium enrichment plant in > Nathanz Iran and you want an air gap for fortification, then you don't want > networking (even in that case the Stuxnet / Olympic Games will jump the air > gap, but that's another story). In any other case you want networking. I'm > all for security by default, but I think in this case the default off is > silly. If you install via a network install method the setting defaults to on otherwise it defaults to off. John -- Never, never be afraid to do what's right, especially if the well-being of a person or animal is at stake. Society's punishments are small compared to the wounds we inflict on our soul when we look the other way. -- Martin Luther King Jr. (1929-1968), civil-rights leader -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20220824182642.GU4494%40elros.gerdesas.com. signature.asc Description: PGP signature
Re: [nlug] RHEL8's "Enterprise Agreement" (for the free usages)
On Mon, Jan 31, 2022 at 03:02:59AM -0600, Mark J. Bailey wrote: > > I must admit, it was a bit of an eye opener. For my part, don’t think > I’ve ever seen anything quite like this in the OSS “free” world. > Anyways, it’s by and large a moot point of concern for most everyone > present here, but still…. It's been present in their Enterprise Agreements for quite some time and is applicable to both the free and non-free tiers. Current Enterprise Agreement for North America is at: https://www.redhat.com/licenses/Enterprise_Agreement_Webversion_NA_English_20211109.pdf In this document the section in question is section 10. John -- Do not train [children] to learning by force and harshness, but direct them to it by what amuses their minds, so that you may be better able to discover with accuracy the peculiar bent of the genius of each. -- Plato (c 427 BC - 347 BC), Greek philosopher, student of Socrates, teacher of Aristotle, founder of the Academy of Athens, in The Republic, Book VII, section 16 -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20220131133709.GP1382%40elros.gerdesas.com. signature.asc Description: PGP signature
Re: [nlug] Re: Have seen any comments on here about this yet - CentOS getting IBM'd (Retro'd)
On Tue, Jan 12, 2021 at 03:10:27PM -0800, Vincent Brown wrote: > This would be good to discuss at tonight's meeting. Speaking of which, the > meeting link is posted on the meetup event. Just as a small point of clarification there is zero indication that IBM had anything to do with this, both from speaking with insiders at the 'hat, my connection to the CentOS Project, or the timelines involved. This also dates back to the 2019 release of CentOS 8 which was delayed by politics which have since been verified to been a fight over whether to release 8 or not at all. They didn't have the spine to kill it so they let it go GA knowing full well that they would be killing it off in the near(ish) future. It would have been far better for all involved, consumers and the 'hat both, if they would have never let CentOS-8 see the light of day. Disclaimer: I have been part of the CentOS project for 10+ years; take what I say as you will. John -- I consider the media to be indispensable to democracy, We need an independent media to hold people like me to account. Power can be very addictive and it can be corrosive, and it's important for the media to call to account people who abuse their power, whether it be here or elsewhere. -- Former President George W Bush, "Today" show interview, 27 February 2017 -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20210112233805.GU5777%40elros.gerdesas.com.
Re: [nlug] Cron Job Failed
On Fri, Dec 11, 2020 at 02:03:25AM -0600, Paul Boniol wrote: > > crontab -e as my usual user. > > 0 0 * * * timeout 4h cvlc -I dummy > https://stream.revma.ihrhls.com/zc2149/hls.m3u8 :no-video > :sout="#transcode{acodec=mp3,ab=128}:std{access=file,mux=dummy,dst=/home/paul/Audio/Coast-$(date > '+%Y-%m-%d-%H-%M-%S').mp3" Any '%' in a crontab needs to be escaped as it has special meaning to cron: "A "%" character in the command, unless escaped with a backslash (\), will be changed into newline characters, and all data after the first % will be sent to the command as standard input." (man 5 crontab) -- Live every day like it's your last because someday you're going to be right. -- Muhammad Ali -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20201211081614.GF5777%40elros.gerdesas.com. signature.asc Description: PGP signature
Re: [nlug] CentOS Rolling Release
On Thu, Dec 10, 2020 at 02:32:27PM -0800, Dave wrote: > I thought Fedora served the purpose they're claiming Centos8 Stream will > fulfill. I wonder how Fedora fits in that picture now. The flow is Fedora ELN -> Stream -> RHEL where Stream is (effectively) RHEL X.Y+1. At least this is how it is on paper; how the flow will work in a few months when the rest of the tooling is in place... that remains to be seen. -- Somebody's boring me. I think it's me. -- Dylan Thomas (1914-1953), Welsh poet and writer, quoted in Rayner Heppenstall's "Four Absentees" (1963) -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20201211005208.GD5777%40elros.gerdesas.com. signature.asc Description: PGP signature
Re: [nlug] fstab, I am missing something obvious
On Sun, Mar 29, 2020 at 09:00:19AM -0500, Howard White wrote: > > But can I add the essential elements to /etc/fstab > UUID=c1056823-6a68-4bfd-92ba-c6e2f6e7cf37 /raid ext4default > 0 0 'default' should be 'defaults' I believe. -- "Anyone can write code. Writing code that works is harder." -- Wietse Venema, postfix-users mailing list, Oct 28, 2012 -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20200329152756.GC17620%40new-elrond.gerdesas.com. pgp1OcaFBqn7V.pgp Description: PGP signature
Re: [nlug] CentOS "yum" problem
On Fri, Mar 01, 2019 at 09:43:41PM -0600, Chris McQuistion wrote: > > "Warning: RPMDB altered outside of yum." This is merely an indication that someone or something ran a manual rpm operation that updated the databases outside of yum's tracking. This will resolve the next time yum updates its databases or you reconcile history manually with "yum history sync" > I've tried a few operations like "yum check" and "rpm --rebuilddb" and a > handful of other things, but nothing seems to get these two systems happy > again. The sitting and waiting sounds like bdb spinning on a journal lock on /var/lib/rpm/__db.00?; make sure there are no rpm or yum processes running and then move those files out of the way or just nuke 'em. In some cases you will need to rebuild rpm's databases but on 7 that should be pretty rare. If the above doesn't resolve it please pop into ircs://freenode.net/#centos and we'll be happy to assist you with a bit less latency. John -- This is all happening because my father didn't buy me a train set as a kid. -- Warren Buffett, joking about his decision to buy a railroad, the Burlington Northern Santa Fe Corporation, New York Times, 4 November 2009 -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. pgpLVg8bapmUS.pgp Description: PGP signature
Re: [nlug] How to Remove?
On Sun, Apr 09, 2017 at 08:14:22AM -0500, Howard White wrote: > Is it just time to backup and punt? Build a fresh install of ???; maybe > even consider migrating to PostgreSQL? I still don't see mention of platform in this string... Assuming this is EL: man yum-shell yum's 'shell' provides an interactive environment where one can run multiple yum steps as a single transaction, thus keeping dependencies happy. Example: to remove something and install otherthing: # yum shell remove something install otherthing run I'm sure other package managers have similar functionality. John -- "There's no sense in being precise when you don't know what you're talking about." -- John von Neumann -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. signature.asc Description: PGP signature
Re: [nlug] backups vs archives?
On Tue, May 17, 2016 at 09:30:16PM -0500, Kent Perrier wrote: > It was included in RHEL 6.8 > > https://access.redhat.com/downloads/content/rear/1.17.2-4.el6/i686/fd431d51/package That explains it. We just dropped CR packages (packages that will effectively be part of 6.8 when released, made available now for early access testing and for those that need to update against known CVEs and other issues - think: openssl) yesterday and I am not indexing our CR repos (about to get fixed). And sure enough, it's in the upstream release notes for 6.8 which I apparently glossed over when I was looking through them last week. Thanks for the clarification, Kent. John - Normal is getting dressed in clothes that you buy for work and driving through traffic in a car that you are still paying for -- in order to get to the job you need to pay for the clothes and the car, and the house you leave vacant all day so you can afford to live in it. -- Ellen Goodman (1941-), American journalist and Pulitzer Prize-winning syndicated columnist -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. pgpWRlOQHBuWJ.pgp Description: PGP signature
Re: [nlug] backups vs archives?
On Tue, May 17, 2016 at 07:21:09PM -0500, Kent Perrier wrote: > > Red Hat just included this in RHEL. They did? Do you happen to know what channel is providing that? I'm not seeing it in our CentOS repos anywhere or I am not looking for the right package name. Thanks, John -- The world is moved along not only by the mighty shoves of the heroes, but also by the aggregate of the tiny pushes of each honest worker. -- John Richard Green (1837-1883), Life and Letters of John Richard Green, Leslie Stephen, Ed (1901) -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. pgpTCKY8ZKcB6.pgp Description: PGP signature
Re: [nlug] ssh keys
On Thu, Jul 02, 2015 at 01:08:37AM -0400, Andrew Farnsworth wrote: > Normal ssh (non-key based) works fine from my laptop with no delays or > problems. Same from another server in the rack. That said, DNS lookup > should not be a problem and sshd should be enabled or that wouldn't work. Probably selinux - 'restorecon -fRv /home/$user/.ssh' There is zero need to disable GSSAPI auth. There is zero need to disable rDNS lookups; neither are fatal and will only delay login in corner-cases. John -- What lies behind us and what lies before us are tiny matters compared to what lies within us. -- Ralph Waldo Emerson -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. pgpgHIV9bYWoW.pgp Description: PGP signature
Re: [nlug] Pondering a new system
On Sun, Mar 08, 2015 at 10:14:00PM -0500, Dave Manginelli wrote: > > I wonder if Hans Reiser can/will ever get back to coding in jail: > http://en.wikipedia.org/wiki/Hans_Reiser Hopefully he rots like the murdering scum that he is, locked in a deep, dark hole. John -- An age is called Dark not because the light fails to shine, but because people refuse to see it. -- James Albert Michener (1907-1997), novelist, Space (1982) -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. pgpXaAnNjEVt9.pgp Description: PGP signature
Re: RE: [nlug] I never saw this form of Windows 10 coming!
On Mon, Feb 02, 2015 at 06:20:52PM -0600, Michael L wrote: > Mark J. Bailey, about the FreeBSD NIC setup. > > Guess I don't yet know how to participate in the discussion. -M I fail to see the problem here. Mark Bailey made a comment, to which you not only replied to but quoted the message in question. Not sure how it's not obvious to whom you were directing your reply. John -- A constitution is not the act of a government, but of a people constituting a government; and government without a constitution is power without a right. All power exercised over a nation, must have some beginning. It must be either delegated, or assumed. There are not other sources. All delegated power is trust, and all assumed power is usurpation. Time does not alter the nature and quality of either. -- Thomas Paine (1737-1809), Rights of Man (1791) -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. pgpxsT7XNmXzg.pgp Description: PGP signature
Re: [nlug] Mount-only mount point?
On Fri, Oct 24, 2014 at 01:41:53PM -0500, Tilghman Lesher wrote: > I have an issue for which I haven't been able to come up with a good > solution. We have a backup solution whereby multiple disks, attached > via USB, are used for backups. Normally, those disks are mounted > automatically with udev, so backups can proceed normally. The problem > comes in when the disks are not attached, and the backup process runs, > writing to the same directory, which fills up the root disk. > > What I'd like to have is the ability to designate specific directories > as mount-only and deny all writes to those directories, if the disk > normally mounted there is missing. Any ideas on how to do something > like this? Currently, we're using the workaround of removing the > mount point when the disk is unmounted, but that tends to be fragile, > as we've already found out (where a directory didn't get removed and > the root disk was filled). Tested and works on linux. chattr +i the mount point. Nothing, including root, can write to the directory itself however mounts on top of the directory work fine. John -- I do not envy people who think they have a complete explanation of the world, for the simple reason that they are obviously wrong. -- Salman Rushdie (1947-), Indian-born British author, Salman Rushdie Talking with David Frost (1993) pgpfszNT6XeJU.pgp Description: PGP signature
Re: [nlug] No, you may NOT seize my data!
On Fri, Oct 03, 2014 at 04:10:49PM -0500, John F. Eldredge wrote: > This reminds me of a detail my father told me about his days as a > military pilot in World War II. Some classified communications > equipment had self-destruct charges built in. Before reaching enemy > territory, the crew were supposed to arm sensors that would trigger > the self-destruct charges if the plane crashed. Upon reaching friendly > territory, the crash sensors were supposed to be disabled, so that a > hard landing wouldn't trigger them. It wasn't clear whether the > self-destruct charges involved incendiaries or small explosive > charges. My uncle was a bombardier during WWII; I believe those charges were magnesium based. John -- "I'm sorry but our engineers do not have phones." As stated by a Network Solutions Customer Service representative when asked to be put through to an engineer. pgpVw0jYtjZmg.pgp Description: PGP signature
Re: [nlug] No, you may NOT seize my data!
On Thu, Oct 02, 2014 at 08:55:48AM -0400, Andrew Farnsworth wrote: > You can also set them to self destruct if they have not seen a cell signal > in a certain number of hours or if they are disconnected from the SATA > controller. Both are a little dangerous. What happens if your computer > dies and you need to move the SSD to another computer? It does appear they > have some type of input screen and keyboard so maybe you can disable all > that with a password. One would hope that both those options default to off. John -- I don't know why everybody is running to buy these expensive and useless machines. I can overcome the body scanners with enough explosives to bring down a Boeing 747. That's why we haven't put them in our airport. -- Rafi Sela, Israeli airport security expert, referring to Tel Aviv's Ben Gurion International Airport, addressing Canada's Parliament, 22 April 2010 pgpflcGf11LhW.pgp Description: PGP signature
Re: [nlug] No, you may NOT seize my data!
On Thu, Oct 02, 2014 at 07:37:29AM -0500, Curt Lundgren wrote: > If someone steals or seizes these SSDs, an SMS message will cause them to > physically destroy themselves. I eagerly await the first hack to come down the pipeline that wipes out a large array of these devices. John -- Gullibility and credulity are considered undesirable qualities in every department of human life -- except religion. -- Christopher Hitchens (13 April 1949 - 15 December 2011), author and journalist pgpLipx_B4BFw.pgp Description: PGP signature
Re: [nlug] Who wants to lead the discussion about ShellShock?
On Thu, Sep 25, 2014 at 03:15:20PM -0500, Bruce W. Martin wrote: > Is it fumble fingers or bad auto correct? I actually "shut" down the debian > server. I'm going with "freudian slip". John -- Basic research is when I am doing what I don't know what I am doing. -- Wernher von Braun (1912-1977), German-born rocket scientist, in an interview in the New York Times, 16 December 1957 pgpbi8u0reATH.pgp Description: PGP signature
Re: [nlug] Who wants to lead the discussion about ShellShock?
On Thu, Sep 25, 2014 at 02:58:51PM -0500, Bruce W. Martin wrote: > I am a bit confused about this bug. What is the vector to exploit > this? If I turn off the web server daemon is the only vector then from > those who can log in with appropriate credentials? I have an old RHEL > server that no longer gets updates and a debian server that suddenly > apt-get does not seem to work. I have shit down the debian server and > turned off the web server daemon on the old RHEL box. Does that make > it safe as long as no miscreant can log in via ssh (no telnet daemon > in decades)? The press seems all sensational and says this is worse > than Heartbleed but beyond that there is not much substance in > what I have found so far. I have updated all of my RHEL/CentOS > 5 & 6 boxes and run the test and it says I am clean, for now. > For my MacOS I guess I have to wait for Apple. Can I tell my > Mac users to turn off the web server and wait for the patch > from Apple. Not that I think any of my mac users have turned > on the web server but it is the only thing that I have seen as > a vector short of a login. Part of the problem is that on any system that has bash as /bin/sh _any_ "system()" style function call goes through it. You could have perl / python CGIs sitting on a web site but if you can manipulate their environment and they do a system() you're boned. ssh forcecommands in ~/.ssh/authorized_keys have a similar issue. There are mitigation strategies for dealing with some of this (see my previous link which contains said workarounds) but there are also tons of embedded web servers and such that are going to be exploitable for many, many weeks / months / years to come. The media in general is useless and they do so love sensationalism; whether this is worse than heartbleed, well, gut tells me no. This is, however, a very serious and credible threat as there are exploits in the wild against it. > Comments? Whomever on vendorsec leaked this should be dragged outside and beaten with a piece of rebar. John -- There is as much difference between us and ourselves as between us and others. -- Michel de Montaigne (1533-1592) French essayist, lawyer, and politician pgp7_57p2fHCL.pgp Description: PGP signature
Re: [nlug] Who wants to lead the discussion about ShellShock?
On Thu, Sep 25, 2014 at 09:17:23AM -0500, Holland Griffis wrote: > Meh, already patched. Sadly, no, it isn't. The first set of patches addressed only a part of the problem, there is a subsequent issue, CVE-2014-7169, that remains unpatched by Red Hat or other distros at this point. See https://access.redhat.com/articles/1200223 for more information. John -- "Political Correctness is a doctrine, fostered by a delusional, illogical, liberal minority and rabidly promoted by an unscrupulous mainstream media, which holds forth the proposition that it is entirely possible to pick up a turd by the clean end." -- Unknown pgpXDcDkqNc9g.pgp Description: PGP signature
Re: [nlug] PHP versions
On Mon, Sep 22, 2014 at 03:45:53PM -0500, Sabuj Pattanayek wrote: > Use remi's repo : > > http://rpms.famillecollet.com/ Good lord... no. Remi refuses to play nice with others and has interop issues with various components in base. Use IUS which is community vetted, plays nice with everyone, and has a bottom-line requirement for operational sanity as it's the same repo set that Rackspace uses for their own paying customers. Link available at: http://wiki.centos.org/AdditionalResources/Repositories John -- I have come to believe that a great teacher is a great artist and that there are as few as there are any other great artists. It might even be the greatest of the arts since the medium is the human mind and spirit. -- John Steinbeck (1902-1968), American writer, Nobel laureate, Pultizer Prize awardee, "...like captured fireflies" (1955) pgph2qvRXTx5v.pgp Description: PGP signature
Re: [nlug] Obtuse bash script question
On Fri, Jun 27, 2014 at 08:43:20AM -0500, Tilghman Lesher wrote: > I suspect the reason has more to do with internationalization. Ding ding ding. We have ourselves a winner. John -- "The surest way to corrupt a youth is to instruct him to hold in higher esteem those who think alike than those who think differently." -- Friedrich Nietzsche pgp5Lod9YMT3G.pgp Description: PGP signature
[nlug] Officers
Who are the current NLUG officers? I can only see the 2012-2013 officers listed on the web site. John -- Live a good life. If there are gods and they are just, they will not care how devout you have been, but will welcome you based on the virtues you have lived by. If there are gods, but unjust, then you should not want to worship them. If there are no gods, then you will be gone, but will have lived a noble life that will live on in the memories of your loved ones. -- Marcus Aurelius (121-180), philosopher and writer pgpmysdf_jyMu.pgp Description: PGP signature
Re: [nlug] a quick test to determine heartbleed vulnerability
On Thu, Apr 10, 2014 at 04:44:30PM -0500, andrew mcelroy wrote: > > That's irrelevant. Just download the code and run it locally. And, once again, you miss the entire point. John -- Failure is the condiment that gives success its flavor. -- Truman Capote (1924-1984), American writer, Portraits and Observations, The Essays of Truman Capote, "Self Portrait" (1972) pgpxRkXPkgAjO.pgp Description: PGP signature
Re: [nlug] a quick test to determine heartbleed vulnerability
On Thu, Apr 10, 2014 at 04:30:52PM -0500, andrew mcelroy wrote: > It's open source. See that fork on GitHub. You're welcome Let me know when you are able to confirm that is what's running on that web site. John -- You know, sometimes, when they say you're ahead of your time, it's just a polite way of saying you have a real bad sense of timing. -- George McGovern (19 July 1922 - 21 October 2012), American historian, author, US Representative and Senator, 1972 Democratic presidential nominee pgpYXel9qKfCA.pgp Description: PGP signature
Re: [nlug] a quick test to determine heartbleed vulnerability
On Thu, Apr 10, 2014 at 11:41:48AM -0500, andrew mcelroy wrote: > I wish I had seen this sooner, but it's a useful tool > http://filippo.io/Heartbleed/ Sure. If you like the idea of submitting possibly vulnerable sites to some completely random .io domain that may well be snarfing creds and keys. There exist multiple working detectors on the net that are a simple google away that you can run yourself after looking the code over. Jared Stafford's can be found at: http://stuff.gerdesas.com/heartbleed/detector.py Using such tools narrows down the threat surface; granted not much, but something is better than nothing. John -- Among the many lessons that I've learned from this whole experience is to try to speak a little bit less. -- Former Illinois Governor Rod R. Blagojevich, after being convicted of 17 counts in a corruption case, New York Times, 28 June 2011 pgpMZ8gVMSeWc.pgp Description: PGP signature
Re: Heartbleed; was Re: [nlug] Meeting tonight
On Tue, Apr 08, 2014 at 11:57:49AM -0500, Blake Dunlap wrote: > Part of it is they didn't actually fix the bug, they just disabled the > vulnerable feature. The Red Hat update is a patch to remove the info disclosure, as far as I know going bu their changelog / RHSA and discussion with Red Hatters on IRC. John -- "GUIs let people who don’t understand the technology think that they are capable of managing it." -- http://lamejournal.com/2013/11/06/why-wont-have-a-job-in-5-years/ pgp9AzTbkmWn2.pgp Description: PGP signature
Re: Heartbleed; was Re: [nlug] Meeting tonight
On Tue, Apr 08, 2014 at 11:27:30AM -0500, Wesley Duffee-Braun wrote: > I see that still says 1.0.1e though - why they didn't change the 1e to 1g > probably has to do with what upstream version was patched by RH, how Red > Hat names packages, etc. Red Hat will not version bump something like openssl during the lifetime of the distribution; patches are backported in. openssl will remain at 1.0.1e for the life time of the release. John -- The belief that there is only one truth and that oneself is in possession of it, seems to me the deepest root of all that is evil in the world. -- Max Born (1882-1970), German physicist and mathematician, 1954 Nobel Laureate in Physics, grandfather of Olivia Newton-John(!), Natural Philosophy of Cause and Chance (1964) pgpL4sknpdi1I.pgp Description: PGP signature
Re: Heartbleed; was Re: [nlug] Meeting tonight
On Tue, Apr 08, 2014 at 11:24:11AM -0500, Howard White wrote: > > Wesley, do you have any insight as to the RH implementation of > openssl-1.0.1g??? The Red Hat updates provide full mitigation against this issue. They were released GA last night after late-hours GA by upstream and followed the CentOS interim updates by less than 10 minutes. John >-- There's only one way to have a happy marriage and as soon as I learn what it is I'll get married again. -- Clint Eastwood pgpiQ3dRrqOuz.pgp Description: PGP signature
Re: [nlug] Meeting tonight
On Tue, Apr 08, 2014 at 11:01:39AM -0500, Howard White wrote: > > > > Had a customer get all out of breath about this, this morning. Good. They should be concerned. This is the most ominous issue that's come down the pike in years. John -- When I was a young man I observed that nine out of every ten things I did were failures. Not wanting to be a failure, I did ten times more work. -- George Bernard Shaw (1856-1950) Irish playwright, critic, political activist, and the only person to have been awarded both the Nobel Prize for Literature (1925) and an Oscar (1938) pgpdgGKotylTy.pgp Description: PGP signature
Re: [nlug] well, this will cause a "few" CentOS-based projects/products a "wee bit" of complication
On Tue, Mar 18, 2014 at 02:51:30PM -0400, Drew from Zhrodague wrote: > >I'm a fan of Scientific Linux and (hiss at me if you want) Oracle > >Enterprise Linux, at least in the free form. > > I am a long-time RHEL/CentOS user. I will be switching to > Scientific Linux - mostly because CentOS updates are a bit on the > slow side for me. Odd. Seeing as there have been multiple instances recently of CentOS updates being available on the tier-1 and many tier-2 mirrors before the upstream RHSAs/RHBAs being sent out :) John -- UNIX Russian Roulette: sudo [ $[ $RANDOM % 6 ] == 0 ] && rm -rf / || echo "You live" -- Fabian Arrotin pgptnRNbxu02e.pgp Description: PGP signature
Re: [nlug] Help Wanted
On Sat, Mar 29, 2014 at 01:42:18PM -0500, Mark J. Bailey wrote: > I guess I should qualify my mention of "32bit deprecating". I was > referring to Zimbra. They are dropping 32bit builds. The CentOS was for > loading Zimbra on, so going forward, you would need to install CentOS > 64bit for Zimbra requirements. You are correct in that 32bit CentOS itself > is here to stay for a good while longer. This doesn't shock me; for their specific needs 64bit makes more sense. John -- "it's like instagram is a way for people to distract from the fact that they are functionally useless" -- anonymous, Freenode IRC pgp6CTJp4dmo8.pgp Description: PGP signature
Re: [nlug] Help Wanted
On Sat, Mar 29, 2014 at 11:08:13AM -0500, Mark J. Bailey wrote: > Joe, > > Since you have vmware in your environment, why not setup an additional > "whitebox" test vmware host with the free version on desktop grade hardware? > From there you could personally experiment and learn more about vmware > without risking anything that is in production. You can google for whitebox > setups and see if you might have hardware handy that will run it. it will > usually run OK on any Intel-brand motherboard with quad+ core cpus. I know It will run on anything with hardware virt support. > You can load CentOS 6 Linux Minimal 64bit (avoid the 32bit, it is > deprecating) - under vmware to boot if you get that up and running: 32bit is, and will remain, fully supported. There also will be 32bit C7 releases, contrary to the Red Hat upstream. There are many reasons to continue to run 32bit instances, least of which is overheard. I would advise staying away from the minimal; use a netinstall image. > Install CentOS and take default filesystem layout (and most other defaults). > Minimal version is barebones and loads a specific set of packages. It misses so much it's not even funny (openssh-clients, man, network doesn't come up by default in many cases, etc). John -- We must remember that any oppression, any injustice, any hatred, is a wedge designed to attack our civilization. -- Franklin D. Roosevelt (1882-1945), 32nd President of the United States pgplGe2_pXFpZ.pgp Description: PGP signature
[nlug] Red Hat Reveals CentOS Plans
http://www.zdnet.com/red-hat-reveals-centos-plans-727812/?utm_source=dlvr.it John -- Most people hate the idea of evolution because they realize that if it were working properly, they'd be dead. -- Anonymous pgp68UHyKHR_V.pgp Description: PGP signature
Re: [nlug] well, this will cause a "few" CentOS-based projects/products a "wee bit" of complication
On Mon, Mar 17, 2014 at 04:43:34PM -0500, Mark J Bailey (JobsoftInc) wrote: > http://nerdvittles.com/?p=8721 Old news. > Ward Mundy at Nerd Vittles has always been level headed (IMHO) and thorough. I've never read anything else by him that I can recall but this specific article is chock-full of FUD. > and is now putting some new restrictions on the use of CentOS as the basis > for a custom distribution (product or project - like Scientific Linux or > Elastix) unless it is an "official" CentOS packaging/distribution. Not sure There are no restrictions on the use of CentOS other than the same restrictions that apply to any other US corporation as far as export laws go. The restrictions are on the mis-use of the various project marks which the project has been unable to enforce for various reasons throughout the years. > if they will provide a way for one to be "certified" by Red Hat or not, but > either way, this is going to rain on quite a few parades. End users can > still install CentOS and then load other stuff, but the days of the open and > free use of CentOS as the basis for a rolled up specialized distro are now > over. This is absolutely false. You are not permitted to use the CentOS brand or marks in such a project any longer unless it's been authorized by the CentOS Board. Technically these projects have been infringing on marks in one way or another all along for the most part anyway so good riddance. You are still free to go through the same debranding process to remove any infringing material (most notably the artwork) as CentOS itself has to go through when respining upstream packages and then you can ship anything you want, sans mark infringement. > To think Red Hat actually appreciated all that revenue being lost to CentOS > over the past decade was just that. wishful thinking. Obviously, as Ward > points out, this is going to take a while to legally settle out, and could > really muddy the waters. If you can provide _tangible_ numbers with regards to "lost revenue" I would dearly love to see them. I've been hearing this same line for the past decade and as of yet there has been no justification for such claims. Some RHAT sales pukes were pissy about lost commissions - boo hoo. Red Hat _management_ have been on record for years saying that CentOS is a valuable asset and not a revenue sink. I am unsure as to what anyone thinks needs to be legally settled in this. It's a done deal. > Wow! Who didn't see this coming?! Me :( And I've been involved with the project in one way or another or nearly the entire past decade. No one saw this coming. This was straight out of left field. John -- We're not ending the journey today, we're completing a chapter of a journey that will never end. Let's light this shuttle one more time ... and witness this nation at its best. The crew of Atlantis is ready to launch. -- Atlantis Commander Chris Ferguson, just before the 11:29:29am EDT launch of STS-135, the final Space Shuttle mission, 8 July 2011 pgp3Q44YIsH2B.pgp Description: PGP signature
Re: [nlug] Internet pricing
On Wed, Jan 29, 2014 at 07:25:09AM -0600, Nathanael Ries wrote: > Are there any net-neutral companies left? Ones that allow you to run > servers, don't cap your usage, and don't do packet shaping? I heard that > even Google Fiber doesn't have net neutrality, they still monitor their > networks for suspected server traffic. I'm not sure why you're lumping residential broadband in with the net neutrality umbrella. That being said two of the major players in the market area under discussion, Comcrap and Charter, both offer business class services that are not capped and permit hosting. John -- We can be knowledgeable with other men's knowledge but we cannot be wise with other men's wisdom. -- Michel Montaigne (1533-1592), essayist, Essais, Book 1, Chapter 25 pgptiX6qlaAM6.pgp Description: PGP signature
Re: [nlug] Internet pricing
On Tue, Jan 28, 2014 at 07:29:04AM -0600, Curt Lundgren wrote: > price. 2 Gbps for $50/month? What on earth do you do with 2 Gbps? I Porn. What else? John -- Many people, especially ignorant people, want to punish you for speaking the truth, for being correct, for being you. Never apologize for being correct, or for being years ahead of your time. If you're right and you know it, speak your mind even if you are a minority of one. The truth is still the truth. -- Mohandas Gandhi pgpWGJQm_kXva.pgp Description: PGP signature
Re: [nlug] Internet pricing
On Sun, Jan 26, 2014 at 09:14:49AM -0600, Curt Lundgren wrote: > > Do I sense a discrepancy? Welcome to the US. John -- The men the American public admire most extravagantly are the most daring liars; the men they detest most violently are those who try to tell them the truth. -- H. L. Mencken (1880-1956), journalist, satirist, and freethinker, The Smart set, Volume 68 (with George Jean Nathan) p 49 (1922) pgpXrH4SFBNNE.pgp Description: PGP signature
Re: Now they tell me; was Re: [nlug] continuing struggles with yum on CentOS 6.5
On Tue, Jan 14, 2014 at 09:50:15AM -0600, Howard White wrote: > > Trouble is, I've tried to create a CentOS site login and keep > getting rejected. I am feeling no love here what so ever. CentOS mailing list and archives: http://lists.centos.org/mailman/listinfo/centos CentOS IRC support is on irc.freenode.net in channel #centos (you must be registered with that network's nickserv to be able to join). Perhaps it might be worth a shot to seek assistance in official support venues if you've not done so already? John -- "I mean, whats not to love? Especially when you see how I party. Man, it was epic, the run I was on made Sinatra, Flynn, Jagger, Richards all of 'em just look like droopy-eyed armless children." -- Charlie Sheen pgpTLdkpwBL4X.pgp Description: PGP signature
Re: [nlug] CentOS / Red Hat
On Tue, Jan 07, 2014 at 04:05:29PM -0600, Mark J. Bailey wrote: > I hope this is a Good Thing. Seems a little counter-intuitive though. > Fedora is a test bed. CentOS takes $ away from Red Hat, though, they have > not shunned it as it pushes the platform. Nice that more $ for the guys, > but business is about profit, and so thus is Red Hat. I dunno It's actually one of the best announcements I can think of at this time; this removes any question of future respin releases whether they are CentOS, Scientific, PUIAS, GoOSe, or any other that appears. In fact, all respins will, moving forward, be using CentOS sources rather than Red Hat sources as CentOS will take over responsibility for the distribution and mirroring for the source RPM packages. This also allows CentOS to release certain components from Red Hat that were previously restricted from use. CentOS has never really impacted Red Hat's bottom line; in fact they are an important component of the Red Hat Enterprise Linux and are considered to build Red Hat business, as counter-intuitive as that sounds. Brian Stevens, Red Hat CTO/VP Engineering recently gave an interview praising CentOS and reaffirming their importance to the entire Red Hat ecosystem. CentOS will also be feeding back to Red Hat their recent work on the Xen4CentOS and other projects; which Red Hat can then take and provide to their customers, including support. All in all, this is _really_ good news. John -- The difference between a jogger and a runner is an entry blank. -- George Sheehan (1918-1993), American author, physician, and runner pgpALbOFlg0zA.pgp Description: PGP signature
[nlug] CentOS / Red Hat
http://lists.centos.org/pipermail/centos-announce/2014-January/020100.html John -- "It is time for us to stand and cheer for the doer, the achiever, the one who recognizes the challenge and does something about it." -- Vince Lombardi pgpq3a7tEs9rf.pgp Description: PGP signature
Re: [nlug] Disaster recovery site
On Mon, Jan 06, 2014 at 04:48:17PM -0600, Chris McQuistion wrote: > Actually. This is a subscription-based Google Group. Howard, and all of > the other administrators of the group, DO have power here. > > You can be easily unsubscribed if your behavior is not in keeping with this > community. ware is on timeout. John -- In the Soviet Union, capitalism triumphed over communism. In this country, capitalism triumphed over democracy. -- Fran Lebowitz (1950-), American journalist and author, Social Studies (1981) pgpodNMRvwFuv.pgp Description: PGP signature
Re: [nlug] Digest for nlug-talk@googlegroups.com - 2 Messages in 1 Topic
On Sat, Aug 31, 2013 at 08:49:03AM -0500, Paul Tabolinsky wrote: > This last URL you sent ...toolbox has two beginning char's that belong to > known and very disruptive malware web :"mxidj" that is extremely difficult > to remove once on a system. I've got it/had it (?) on mine and after > several months trying once in a while vestige of it returns for unknown > reason. Malware and antivirus prog's will not remove it. It takes a > lengthy process with out guarantees. Could be part of the problem. Uh... What? mxtoolbox is a well-known and very reputable site. John -- Our imagination is stretched to the utmost, not, as in fiction, to imagine things which are not really there, but just to comprehend those things which are there. -- Richard Phillips Feynman (1918-1988), American physicist, The Character of Physical Law (1965) pgp5vE8GE8ina.pgp Description: PGP signature
Re: [nlug] Happy birthday linux!
On Sun, Aug 25, 2013 at 09:51:58PM -0500, Michael Chaney wrote: > Actually, probably the most popular unix of the time was something SCO (the > original SCO) was selling that ran on PC hardware. It was used in a lot of > vertical market apps, some of which I was familiar with. It was > particularly popular with the Unibase derivatives. Interactive UNIX was also quite popular in those days, as was Dell's SVr4 platform. And for people that didn't need the support or wanted to pay the nickel and dime prices for functionality there was also MWC's Coherent, which was ABI compliant with SCO and the other iBCS2 platforms. John -- We cannot do everything at once, but we can do something at once. -- Calvin Coolidge (1872-1933), 30th president of the United States pgp2TV89uBFiu.pgp Description: PGP signature
Re: [Solved] Re: [nlug] rsyncd differences in CentOS 6 vs. CentOS 5???
On Fri, Jul 12, 2013 at 02:38:33PM -0400, Drew from Zhrodague wrote: > > It is an excellent solution for those of us who want our stuff to > work, without having to fight with SELinux. I always disable > SELinux. Again, not a solution. Management of selinux is trivial these days with a wealth of information to assist in doing so available at your fingertips on the web. This type of behavior is dangerous and admins should be ashamed that they believe this to be a 'solution'; learn to use the tools available: setenforce 0 # drop to permissive load_policy # create reset point to assist in isolation of avcs # go through all motions to trigger all actions that need to be allowed audit2allow -M $module_name -l -i /var/log/audit/audit.log # build module setenforce 1 # restore enforcing less $module_name.te # inspect the module, salt to taste semodule -v -i $module_name.pp # load it profit $module_name is an arbitrary name of your choosing. Full documentation is available for everything above. John -- "Worry never robs tomorrow of its sorrow, it only saps today of its joy." ~~ Leo Buscaglia pgpg6KJmB9tbM.pgp Description: PGP signature
Re: [Solved] Re: [nlug] rsyncd differences in CentOS 6 vs. CentOS 5???
On Fri, Jul 12, 2013 at 05:34:12PM +, hwh...@vcch.com wrote: > At 4PM as I was trying to escape the office early to travel, the > SElinux lightbulb came on. Bingo! Setenforce 0 and rsync worked > fine. So many dead kittens :( That's not a 'solution' :( John -- DMR: So fsck was originally called something else. Q: What was it called? DMR: Well, the second letter was different. -- Dennis M. Ritchie, Usenix, June 18, 1998. pgpQ1c5VOygJl.pgp Description: PGP signature
Re: [nlug] rsyncd differences in CentOS 6 vs. CentOS 5???
On Thu, Jul 11, 2013 at 01:26:05PM -0500, Howard White wrote: > rsync: ERROR: cannot stat destination "/blah/blah/blah" (in module): > Permission denied (13). This could be pretty much anything from a bad module config to an actual permissions error to possibly an selinux context issue. If it's selinux it will be covered in /var/log/audit/audit.log (if running auditd) or /var/log/messages (if not running auditd). > One question, in the rsyncd.conf, we have defined the "auth users = > admin" but there is no /etc/passwd admin user. This works in CentOS > 5. ?? not CentOS 6 ?? "man 5 rsynd.conf" and "man 1 rsync" covers this in great detail; in a nutshell this is not a system name/password pair but rather one limited in scope to rsync and rsync only. John -- What happened should never, ever have happened. The families of those who died should not have had to live with the pain and hurt of that day, and a lifetime of loss. -- Prime Minister David Cameron of Britain, apologizing for the Bloody Sunday killings of 14 unarmed demonstrators by British soldiers in Londonderry, Northern Ireland, in 1972, New York Times, 16 June 2010 pgp4DMkcKIoFv.pgp Description: PGP signature
Re: [nlug] Script/Bash Question
On Thu, Jun 20, 2013 at 09:10:08AM -0500, Blake Dunlap wrote: > is that actually doing a numerical comparison, or is it just character > comparison? > > If its just character comparison, the 4 is > than the 3... Additionally you will likely want the -P argument to enforce POSIX portability and ensure that lines don't get split due to length. John -- The first principle is that you must not fool yourself, and you are the easiest person to fool. -- Richard Feynman (1918-1988), American physicist, "What is and What Should be the Role of Scientific Culture in Modern Society", lecture at the Galileo Symposium in Italy (1964) pgpLBUieKAJNO.pgp Description: PGP signature
Re: [nlug] stream of pulseaudio messages in /var/log/messages
On Thu, May 02, 2013 at 01:22:33PM -0500, Howard White wrote: > OS = CentOS 6.2 This is over a year out of date; current is 6.4. > My initial google search always hits on people wishing to replace > pusleaudio with alsa-mixer or some such, preserving audio > functionality. We don't care. Anybody know of adverse consequences > of nuking pusleaudio? Get a list of applicable packages for removal: rpm -qa \*pulseaudio\* Iterate over that list, running either: rpm -e --test $package to see what will cry about it being removed due to listed deps or yum erase $package And see what leaf packages yum wants to kill off with the listed package (yum does gratuitous removals of leaf packages by default, and it quite often gets it wrong). PA should be able to be gutted without too much trouble but it's always good to review via the above or similar means (repoquery looking for at the dep chains, for instance). John -- Cowardice asks the question, "Is it safe?" Expediency asks the question, "Is it politic?" Vanity asks the question, "Is it popular?" But, conscience asks the question, "Is it right?" And there comes a time when one must take a position that is neither safe, nor politic, nor popular but one must take it because one's conscience tells one that it is right. -- Martin Luther King, Jr. pgpww23pN5Fkj.pgp Description: PGP signature
Re: [nlug] Heads up Apache Admins. Linux/Cdorked.A. is pretty nasty
On Tue, Apr 30, 2013 at 01:20:20PM -0500, Kent Perrier wrote: > As often as I see "devops" stuff on GitHub that says to do "curl -O - > http://raw.github.com/path/to/script"; | bash" as root I find think it would > be pretty easy to run a some stuff as root on servers without the owners > having a clue as to what is happening. And anyone that does this deserves every last bit of trouble they get from it. Common sense is sorely lacking these days. John -- There are two kinds of fool. One says, "This is old, and therefore good." And one says, "This is new, and therefore better." -- John Brunner (1934-1995), science fiction writer, The Shockwave Rider (1975) pgpmXqOInY5hj.pgp Description: PGP signature
Re: [nlug] Google foo is weak today.
On Mon, Dec 10, 2012 at 01:36:05PM -0600, Howard White wrote: > Yeah, thanks for that confirmation. I read one comment on the > centos forums that said his system got fubar'ed three times by XFCE > which is why I kept looking for LXDE (not that they are that > different). I personally know a handful of people using it on C6/EL6 without incident and I know the maintainer's reputation as a long-standing member of the RHEL, Fedora and EPEL communities. If / when I am forced to use X on EL6 it will be using those packages. Also, one thing to be aware of is that there are more than a few people on the CentOS forums that should not be allowed near technology more advanced than crayons. YMMV John -- Power always has to be kept in check; power exercised in secret, especially under the cloak of national security, is doubly dangerous. -- William Proxmire (1915-2005), US senator, reformer pgpNedYd0CPfo.pgp Description: PGP signature
Re: [nlug] Google foo is weak today.
On Mon, Dec 10, 2012 at 12:31:59PM -0600, Howard White wrote: > Could some kind soul assist me in finding a link or pointer to > installing LXDE on CentOS 6.3? In circles I am going... No one, at least no one reputable, packages LXDE for CentOS. For EL6 you can use XFCE from EPEL (http://fedoraproject.org/wiki/EPEL) if you want a maintained and supported lightweight environment. John -- Ask the young. They know everything. -- Joseph Joubert (1754-1824), French moralist and essayist pgp5njaFn3s2T.pgp Description: PGP signature
Re: [nlug] /var/spool/mail
On Wed, Dec 05, 2012 at 02:33:25PM -0600, Curt Lundgren wrote: > Yeah, I'd still do it in Perl. Why? Because I do just about everything in > Perl. I've worked with that type of file; it's more programming to make my > approach work (probably not worth it.) Larry Wall might observe that > there's always another way to do it. I just don't understand this mentality. Wasting time better spent elsewhere on re-inventing a command that's been around since the dawn of time serves what purpose other that self-education? John -- I begin by taking. I shall find scholars later to demonstrate my perfect right. -- Euripides (c 480 BC - 406 BC), Greek playwright, Suppliants pgpiLnQLfiOwj.pgp Description: PGP signature
Re: [nlug] /var/spool/mail
On Wed, Dec 05, 2012 at 02:23:35PM -0600, John R. Dennison wrote: > > And boo on gratuitous forks() :) GNU find can short-circuit via -delete > or just dump out to xargs rm :) "Oopsie" - I missed your use of '+' which effectively duplicates the xargs hack internally. John -- A man who lies to himself, and believes his own lies, becomes unable to recognize truth, either in himself or in anyone else, and he ends up losing respect for himself and for others. -- Fyodor Dostoevsky (1821-1881), Russian novelist, The Brothers Karamazov (1879-1880) pgpXlACaxbCPe.pgp Description: PGP signature
Re: [nlug] /var/spool/mail
On Wed, Dec 05, 2012 at 02:19:09PM -0600, Tilghman Lesher wrote: > > Just curious as to why you wouldn't just use: > find /some/directory -mtime 30 -exec rm -f {} + Due to rounding issues that won't catch everything; I either use -mtime +31 or -daystart -mtime +30. "man find" and see write-up for -atime for more information on rounding. And boo on gratuitous forks() :) GNU find can short-circuit via -delete or just dump out to xargs rm :) John -- When you've driven race cars, and when you've jumped out of airplanes, cars are on fire, when you've been upside down at two hundred miles per hour waiting for your head to hit the ground, when you've been in Africa with a wounded Cape buffalo six feet in front of you, chargin' ya, I'll let someone else decide what the most dangerous thing I've ever done is. -- Carroll Shelby (11 January 1912 - 10 May 2012) American automotive designer, racing driver, and entrepreneur pgpXhOIIvg3dC.pgp Description: PGP signature
Re: [nlug] /var/spool/mail
On Wed, Dec 05, 2012 at 02:15:06PM -0600, Curt Lundgren wrote: > I wrote a Perl script a few years ago that deletes files from a directory > that are older than n number of days. We generally set n to 30 days, but > you can set it to be anything you want. Script can be replaced by a one-liner: find /path/to/dir -type f -mtime +31 | xargs rm or find /path/to/dir -type f -mtime +31 -delete This will handle maildir directories but not legacy mbox format spools as requested, however. John -- American youth attributes much more importance to arriving at driver's license age than at voting age. -- Marshall McLuhan (1911-1980), Canadian philosopher of communication theory, Understanding Media (1964) pgp0JUCJGZG9O.pgp Description: PGP signature
Re: [nlug] /var/spool/mail
On Wed, Dec 05, 2012 at 02:01:13PM -0600, Howard White wrote: > So my predecessor set up our customer systems with background jobs > writing results to local mail, /var/spool/mail/whomever. Just found > one such system whereon the /var partition was nearly full. Is > there a "logrotate" like utility to cull old stuff out of mail > files, like on say a days-old factor or some such? Try the mboxpurge.pl script from http://terminal.se/code.html - it should do what you want based on date spec. John -- The First Law of Holes: "It is a good thing to follow the First Law of Holes: if you are in one, stop digging." - Denis Healy pgpvvqUIXQdFe.pgp Description: PGP signature
Re: [nlug] Local co-location
On Wed, Oct 03, 2012 at 04:00:51PM -0500, Michael E. Jaggers wrote: > > Soeey, my mistake. Idiot web email interface for > Earthlink/Mindspring. I know better. :) John -- I want a government small enough to fit inside the Constitution. -- DownsizeDC.org co-founder Harry Browne (1933-2006) pgpMArGsL5yZz.pgp Description: PGP signature
Re: [nlug] Local co-location
On Wed, Oct 03, 2012 at 03:10:32PM -0500, Michael E. Jaggers wrote: Please do not post in HTML-only to mailing lists. Thanks. John -- Much of what looks like rudeness in hacker circles is not intended to give offense. Rather, it's the product of the direct, cut-through-the-bullshit communications style that is natural to people who are more concerned about solving problems than making others feel warm and fuzzy. http://www.tuxedo.org/~esr/faqs/smart-questions.html pgpd9j5ZqnJdJ.pgp Description: PGP signature
Re: [nlug] stepwise menu script
On Fri, Sep 28, 2012 at 03:54:52PM -0500, Tilghman Lesher wrote: > > I'd suggest that you "man dialog". This is what FreeBSD uses for its > ports system, and I'm more than certain that you'll find it to be > complete and helpful for your needs. If you'd be using something more > flexible, but less portable, like Perl or Python, the Newt modules are > extremely nice. Seconded. And newt is native in EL5/6 along with the perl module being present for both; however the python bindings are only available natively in EL6. John -- A man who lies to himself, and believes his own lies, becomes unable to recognize truth, either in himself or in anyone else, and he ends up losing respect for himself and for others. -- Fyodor Dostoevsky (1821-1881), Russian novelist, The Brothers Karamazov (1879-1880) pgpvtErSrbhxl.pgp Description: PGP signature
Re: [nlug] Yet another plaint from your not so super SysAdmin
On Wed, Sep 19, 2012 at 03:25:36PM -0500, Toth, Csaba wrote: > Cool! > It can be tricky with a crash if the stack is corrupted and/or the > analyzed software is not a debug version. Which will likely be the case here. You will need to install the -debug rpm for the package if you want symbolics to assist. This is one of the reasons I mentioned strace / ltrace. It can at be useful to see if it might be a shared library at fault. John -- UNIX Russian Roulette: sudo [ $[ $RANDOM % 6 ] == 0 ] && rm -rf / || echo "You live" -- Fabian Arrotin pgpIFijgnt1re.pgp Description: PGP signature
Re: [nlug] Yet another plaint from your not so super SysAdmin
On Tue, Sep 18, 2012 at 08:50:45PM -0500, Howard White wrote: > S.5T c /etc/a2ps-site.cfg > > hmmm Size, md5sum and timestamp differ. But that's a config file ('c' attribute) and has likely been adapted to your site's requirements. You may want to run a2ps under strace / ltrace if you have the tools available to trace what it's calling but if I recall the el5 package does everything internally while the el6 package pulls in TeX and a bunch of other cruft and calls lots of things during it's operation. Something I should have mentioned earlier, 5.7 is ~6 months behind on updates and there have been a few biggies in the interim; you may wish to consider an update. John -- The only time men should be dancing is when other men are shooting at their feet. -- Tim Allen, Last Man Standing pgpVmWRuphVk4.pgp Description: PGP signature
Re: [nlug] Yet another plaint from your not so super SysAdmin
On Tue, Sep 18, 2012 at 01:21:57PM -0500, Steven S. Critchfield wrote: > Csaba is sending you down a good path. There is a rpm command, I think > something with a -q option to verify the hashes of the installed > files. Start with the package containing a2ps, then work out to > anything that it depends on. rpm -V a2ps John -- Only puny secrets need protection. Big discoveries are protected by public incredulity. -- Marshall McLuhan pgpFMq6FXgfdo.pgp Description: PGP signature
Re: [nlug] Java security issue?
On Sat, Sep 08, 2012 at 09:24:36PM -0500, Raymond Beaudoin wrote: > I've sold hosting for game servers and other applications for some time, > but it's standard practice here to deny anything which requires Java. I was > talking to a long-time friend in the same business a few days ago and he > had to pull the plug on one of his larger nodes for a few hours because he > sells hosted Minecraft instances which relies heavily on Java. Well > needless to say, Java was hacked and his network became wide open. It's a > sad reality. The reality is that Oracle doesn't give a shit about its customers and never has. Look at the deplorable state of patches for it's namebrand database product for over the past decade. They just don't care. They never will. As long as Ellison gets to continue buying yachts and islands he's happy. John -- Without deviation from the norm, progress is not possible. -- Frank Zappa (1940-1993), composer, musician, film director pgpeRiuUf2pdk.pgp Description: PGP signature
Re: [nlug] Java security issue?
On Sat, Sep 08, 2012 at 08:39:51PM -0500, Toth, Csaba wrote: > I'm involved with Java, and it's sad to see that some big technology > sites advise to uninstall Java completely. Oracle sat on at least 2 root-able vectors for a long time. Disabling or uninstalling in the face of their security mismanagement is prudent considering that at least one 0-day in the wild was dropping root kits. John -- An age is called Dark not because the light fails to shine, but because people refuse to see it. -- James Albert Michener (1907-1997), novelist, Space (1982) pgpvQazKUUrVP.pgp Description: PGP signature
Re: [nlug] transition from RHEL 5.2 to current CentOS
On Thu, Aug 09, 2012 at 07:39:37AM -0500, Steven S. Critchfield wrote: > > Even with Centos6, I notice they are still in the 2.6 kernels. They > are starting to look old even compared to Debian Stable. Many features from newer kernels are backported to the 2.6.18 and 2.6.32 kernels used in EL5/EL6. For those that truly need the Oh! Shiny! you can get the mainline kernels from elrepo which are maintained by well-known community members and vetted by the community itself. John -- In a free society the state does not administer the affairs of men. It administers justice among men who conduct their own affairs. -- Walter Lippmann (1889-1974), "An Inquiry into the Principles of the Good Society" (1937) pgp7yMV6mOg0S.pgp Description: PGP signature
Re: [nlug] transition from RHEL 5.2 to current CentOS
On Wed, Aug 08, 2012 at 02:55:34PM -0500, Howard White wrote: > > Production system in another location (read customer). Don't have > much in the way of an offload scheme. Working on that also. http://wiki.centos.org/HowTos/MigrationGuide - there is a section on RHEL5 -> CentOS5 migrations. Additionally you want to review: http://wiki.centos.org/Manuals/ReleaseNotes/ for CentOS-5.3 ... 5.8. You may want to use the section on the MigrationGuide to upgrade to -5.3 first, and then point upgrade to 5.4, 5.5, etc. There may very well be issues that bite you during 5.2 to later point release updates and the release notes cover these in detail. Jumping from 5.2 to current may, or may not, depending on your setup bring the same issues to play. Hop on #centos on freenode or ping the centos mailing list for additional guidance. Mailing list info: http://www.centos.org/modules/tinycontent/index.php?id=16 John -- There is nothing more unequal than the equal treatment of unequals. -- Thomas Jefferson (attributed) pgpmvy10YLH6h.pgp Description: PGP signature
Re: [nlug] Raspberry Pi > BackupPC?
On Wed, Aug 01, 2012 at 10:28:26AM -0500, Perkins, Jerry wrote: >I have been looking to build a low wattage box to run only Backup > on. Have been looking at Raspberry Pi model B, but have not been > able to confirm that it has enough memory.I did some checking on > the two boxes that I have BackupPC running on and it seems to > require about 70 K of memory. >Does anyone have a clue if this might be a doable thing? BackupPC_dump uses considerably more than 70k; my server at the house is weighing in at 51m/39m for the parent/child dump processes; BackupPC_trashClean is using roughly an additional 10m. Of course some of that will be shared between processes. The nightly maintenance runs are likely to require similar amounts. pmap the processes while running to get a better idea of utilization. John -- UNIX Russian Roulette: sudo [ $[ $RANDOM % 6 ] == 0 ] && rm -rf / || echo "You live" -- Fabian Arrotin pgp5rPkvGXsvt.pgp Description: PGP signature
Re: [nlug] oracle invokes argument from authority on security with oracle linux
On Wed, Jul 18, 2012 at 05:35:39PM +, CindyYoho wrote: > We're using it on 4 servers and it seems to run fine for our needs. We > run a home grown data warehouse on one pair (dev and prod) and > Peoplesoft financials and hr on the other pair. Updates are kind of a > pain unless you pay Oracle for support, though. I am far from an Oracraple proponent, but in the interests of correctness you no longer need a support contract in place to receive OEL updates; all OEL bits (with the possible exception of their custom kernel) are available for free and should require no more effort than on any other RHEL respin. That being said I still wouldn't touch it no matter how much someone paid me. John -- The things that will destroy America are prosperity-at-any-price, peace-at-any-price, safety-first instead of duty-first, the love of soft living, and the get-rich-quick theory of life. -- Teddy Roosevelt pgp98Ax7CYnrR.pgp Description: PGP signature
Re: [nlug] Red Hat Linux paying to get past UEFI restrictions on Windows 8
On Tue, Jun 05, 2012 at 01:28:12PM -0500, Russ Crawford wrote: > Could this create a cooperative relationship between GNU/Linux and > Microsoft or does this spell "coercion"? FUD article. Techrepublic needs better "journalists". The blog post that has started all this is Matt Garrett's: http://mjg59.dreamwidth.org/12368.html I urge people to read that blog article as it reflects reality. This issue will affect any and all linux distributions that wish to co-exist and dual-boot on platforms carrying the Win8 logo on them unless one cares to disable SecureBoot on the platform. Points of contention in my brief skimming of the techrepublic article: There is no such thing as "Red Hat Linux" and hasn't been since September 2003 when they split RHL into RHEL and Fedora Core. Jack Wallen is well aware of this. The work being done is being done by and for Fedora, not RHEL. And while Fedora does come under the operating umbrella of Redhat they are two distinct bodies. Work done may or may not trickle into RHEL possibly for EL7 which is in Alpha at the moment, but more likely EL8 if at all. Wallen states in the article that the only way around the UEFI restrictions is to upload new firmware or have alternate OSes add their own keys. This is patently false. The specifications as outlined permit operation by disabling SecureBoot within a platforms setup firmware (what most people would refer to as the system's BIOS; not accurate in this case as UEFI replaces the BIOS, but it's what people will be able to relate to most easily). Even Win8 will boot and operate with SecureBoot disabled. Fedora's concern was being able to Just Work out of the box without having to have users, some of whom may not be technical, muck around in the guts of their system setup: there are still many users that are not comfortable with changes to their hardware at this level and Fedora took the stance that it is easier to play with SecureBoot than to encourage users to disable it. And it's only a single $99 payment from Fedora Unity to Verisign / Symantec; it's not going to make or break anyone :) Wallen questions whether virtual machines will function. Of course they will; UEFI != BIOS, VMs don't use UEFI, they use a virtualized BIOS. How Win8 VMs will function... I have no idea to be honest' but the overwhelming majority of virtual instances will continue to work just fine. He then starts to go off the deep end with conspiracy nonsense. The fact of the matter is this: Hardware vendors want to sell to the largest market shares. This is, still, Microsoft. In order to get sales they will need to provide hardware that will work with the Win8 Logo program, which requires UEFI presence. Railing at or against Microsoft is going to change this fact. People have the freedom to disable SecureBoot if they feel strongly enough about the issue and life will go on as it always has. Really, techrepublic needs better writers. John -- Sometimes a man wants to be stupid if it lets him do a thing his cleverness forbids. -- John Steinbeck (1902-1968), novelist, Nobel laureate, East of Eden, 1952 pgp8Tn4GjB2wW.pgp Description: PGP signature
Re: [nlug] Test
On Thu, May 31, 2012 at 01:53:06PM -0500, Bruce W. Martin wrote: > Just testing that i can still post to the list. > I sent two messages yesterday and never sow either one of them show up > on the list. Bruce, Two messages from you, dated 05/30/2112, made it to the list fine: May 30 Bruce W. Martin (8.2K) [nlug] Reschedule of TABEL-10 May 30 Bruce W. Martin (8.2K) [nlug] Reschedule of TABEL-10 (Correction) John -- Trial or not, John Edwards is the Charlie Sheen of American politics -- great hair and no chance for rehabilitation. -- Democratic consultant Jack Quinn, John Edwards' indictment in the cover-up of an extra-marital affair, 3 June 2011 pgpNdc27iMORu.pgp Description: PGP signature
Re: [nlug] Scientific Linux 6 (aka, moving away from CentOS)
On Mon, Jun 20, 2011 at 03:57:33PM -0500, Mark J. Bailey wrote: > We are all entitled to our opinions. *I* just don't have the same level > of confidence in CentOS as I once had. After almost 30 years at this, That's completely understandable. The project has left much to be desired over the past 6 months in many ways. That being said, it's not going anywhere. Not now. Not in the foreseeable future. It's the largest deployed EL in the field and in hosting nothing comes close to touching it, especially with cpanel dropping support for everything outside of EL as of next release. But with the delays and attitudes from various project members the confidence that people such as yourself and many others once had in the project is slipping away and it will be _very_ hard to get that confidence back. I defend the project in public, mostly, but the truth is that there are significant core issues at play that must get resolved; I don't believe the issues severe enough to put the project in jeopardy of shutting down but they are severe enough to cause damage and continual problems. > I've seen this pattern before. Maybe history will prove me wrong > (actually, I hope it does), but, like I said, my position is that > something has *fundamentally* changed with the project. I have to make Sadly, it has. And if you are following the community at all (lists / irc and to a _much_ lesser extent the forums) it is quite clear what the single point of failure for _all_ delays is. There are also multiple people that have, effectively, walked away from the project in the past 12 months. All of this is intertwined and I fully expect it to come to a head publicly after 6/6.1 drop. Again, nothing that will jeopardize the long term stability of the project as a whole but a shakeup that may get things back to where they need to be. > decisions that I ultimately am held accountable for (by paying customers) > based on my experience and gut feeling. I am not totally abandoning This is also quite understandable and I'm in the same boat. I've been pushing people that require an EL version 6 to RHEL when in the past I'd have recommended CentOS; but it is quite hard to recommend vaporware to clients. Thankfully many don't need 6/6.1 and C5 is supported until 3/31/2014. > CentOS, but intend to have options that don't require ponying up for RHEL6 > every time. SL6 is sort of in between the two as I see it (mainly CERN > behind and funding it), so, it is, I think, a viable option for me. > That's was primarily my point. SL is a solid project and for many it would be ideal; and having people paid to maintain it as their primary job role during release a cycle is a bonus. PS I find the sig entry below especially apropos. John -- An expectation is a premeditated resentment. -- Nina Paley, Mimi & Eunice, 14 September 2010, pgpvtBGzveTgx.pgp Description: PGP signature
Re: [nlug] Scientific Linux 6 (aka, moving away from CentOS)
On Mon, Jun 20, 2011 at 03:22:53PM -0500, John R. Dennison wrote: > > CentOS, for the history of the project, has never once released a public > beta ISO set or even opened up QA resources to those not on the QA team; > the only betas that exist are full-blown QA images on QA infrastructure. Meh - Retraction on the above: There have indeed been betas in the past; I got the above confirmation from the CentOS QA irc channel just to have it refuted by another team member and my own searches. Please ignore it. John -- There are people for whom nothing is more embarrassing than to be caught not in the know. To arm themselves against embarrassment, they choose knowingness, which is just ignorance hidden by information. -- Leon Wieseltier, Washington Diarist: In the Know, The New Republic: Books & Arts, 16 September 2010 pgpHCnVU82AoY.pgp Description: PGP signature
Re: [nlug] Scientific Linux 6 (aka, moving away from CentOS)
On Mon, Jun 20, 2011 at 02:58:28PM -0500, Mark J. Bailey wrote: > I have used CentOS the past for semi-, non-critical scenarios quite > successfully where RHEL was the platform was key. But, something's amiss > with the totally volunteer, somewhat closed-minded CentOS project over the > past 12-18 months (repeated delays, no communications, etc). Nothing news http://qaweb.dev.centos.org - not ideal but a far cry from anything in the past. This site was put up as stepping stone to opening up lines of communication. And holding a volunteer project to higher ideals than its commercial upstream is pretty silly. Redhat was "delayed" well over a year from its anticipated drop date and Redhat publishes absolutely no time-line; on top of which employees are specifically restricted from speaking in a public light regarding upcoming releases. > of the upstream or downstream RHEL6/EL6 repositories. In fact, they are > beta testing SL 6.1 right now and CentOS hasn't even released a betas of > 6.0 (something they always had done in the past). CentOS, for the history of the project, has never once released a public beta ISO set or even opened up QA resources to those not on the QA team; the only betas that exist are full-blown QA images on QA infrastructure. > Regardless of your feelings about Red Hat, CentOS, etc., despite the name > "Scientific Linux", it is a full build of RHEL6 with some extra stuff > available should you be a lab, etc. I think even oracle has tested out on > it. Worth a look in my book as CentOS no longer gives me a sense of Oracle is not even certified for use on Oracle's own EL respin, let alone SL unless something has changed. If so, I'd appreciate a reference if you happen to have one available so I can wave it under someones nose. > confidence in the project's stability with regard to counting on it for > paid project work. I, of course, just have the customer pony up for RHEL6 > when it is critical and/or commercial support is a must. CentOS 6 will > undoubtedly make it out, but something has definitely drastically changed > with that project group. Indeed it has. And once 6/6.1 are out the door I'm sure quite a bit will come to light that has been smoldering on the fringes for quite some time. It's also unfair to blame the "group" unless that group is defined; the CentOS group actually consists of various elements within the umbrella "group"; the delays being seen here are isolated to an extremely small subset of associated folks; with "small" defined here as a whole number greater than 0 and less than 5. John -- "Thinking implies disagreement; and disagreement implies non-conformity; and non-conformity implies heresy; and heresy implies disloyalty -- so obviously thinking must be stopped" [Call to Greatness, 1954] -- Adlai Stephenson pgpwDr4YHIEcs.pgp Description: PGP signature
Re: [nlug] SELinux
On Wed, Feb 23, 2011 at 08:09:41AM -0800, Terry Trapp wrote: > I have recently been brought back from the Dark Side™ to administer > some Linux boxen. Something that has changed in my absence is that > SELinux is now enabled by default and appears to have a fairly > prohibitive default policy. (On CentOS) I would like to draw on the > group's experience and know your thoughts, opinions and philosophy of > how best to deal with it. CentOS, like RHEL, has shipped with selinux enabled, using the targetted policy, for years. This is a Good Thing (tm). The best way to deal with it is to set aside some quality time and read the following resources: http://wiki.centos.org/HowTos/SELinux http://wiki.centos.org/TipsAndTricks/SelinuxBooleans http://docs.fedoraproject.org/selinux-user-guide/f10/en-US/ http://fedorasolved.org/security-solutions/selinux-module-building http://centoshelp.org/security/selinux-common-commands-troubleshooting (these are from my help triggers on the #centos channel on freenode) > My initial thought is to leave it enabled and adjust the policy as > needed for a given service. The issue I have ran into is that I have > not found a comprehensive CLI tool to administer the policy. Outright > disabling it has been the best answer in a couple of cases. That is an *excellent* initial thought; and much refreshing from the normal nonsense we see daily on IRC. The best way to manage things are with the tools provided which the above listed resources go over. setroubleshootd is a nice tool in that it will notify you via email of details of selinux policy violations and the needed steps to take in order to correct each violation it seems. Consider running your server(s) in Permissive rather than Enforcing mode in the beginning; put the boxes through their paces as far as processes and work-flows go; addressing each policy violation as it occurs and when done put it back into Enforcing mode. "man setenforce" for details. Permissive mode triggers violation notifications but as warnings only; the underlying activity will still be permitted to complete; it's ideal for fine tuning policies. > Also, does anyone know of a good book that can give an overview of the > current implementation of SELinux? I would, personally, start with the resources listed above. They should really go over everything you need. John -- "Political Correctness is a doctrine, fostered by a delusional,illogical, liberal minority and rabidly promoted by an unscrupulous mainstream media,which holds forth the proposition that it is entirely possible to pick up a turd by the clean end." -- Unknown pgp8k0Ur6nyl0.pgp Description: PGP signature
Re: [nlug] Any good how-to's on building a transparent caching proxy server?
On Tue, Feb 15, 2011 at 02:14:43PM -0600, Greg Donald wrote: > > I've been using pfSense for the past 3 years or so. It too runs just > from a CD if you want. > > To me BSD just feels so much faster than Linux for routing and firewall stuff. As much as I still have nightmares over legacy BSD systems it makes a much better routing and filtering platform in most cases than Linux. There is significantly less overhead in the matching and forwarding code and the way it handles network buffers than the related Linux kernel bits. John -- "Since every individual is accountable ultimately to the self, the formation of that self demands our utmost care and attention." -- A Bene Gesserit teaching spoken by Miles Teg in "Chapterhouse: Dune" by Frank Herbert pgpnQmCAbnvAG.pgp Description: PGP signature
Re: [nlug] changes in linux (generally ubuntu) over the last several years.
On Thu, Dec 30, 2010 at 04:03:00PM -0600, andrew mcelroy wrote: > > BTW, is Xen still being considered depreciated to KVM? Depends on who you ask. Redhat is basing their corporate visualization on KVM as of EL6; there will no longer be dom0 Xen support but there will likely be 3rd party dom0 kernels available. However Linus has finally given in due to much cleaner implementation patches and Xen is in the Vanilla kernel tree as of 2.6.30 or 2.6.31 I believe; with minimal driver support and the rest to be implemented over the next release cycle. John -- I have come to believe that a great teacher is a great artist and that there are as few as there are any other great artists. It might even be the greatest of the arts since the medium is the human mind and spirit. -- John Steinbeck (1902-1968), American writer, Nobel laureate, Pultizer Prize awardee, "...like captured fireflies" (1955) pgpTlJhujdD01.pgp Description: PGP signature
Re: Re: [nlug] After the Meeting Tonight
On Wed, Dec 15, 2010 at 07:59:38PM -0600, Curt Lundgren wrote: > OK, John. I'm using Gmail. It does what it does. I don't control whether > the post is top or bottom, and really I don't care (after all, I don't > control it.) No; it does what *you* have it do. You completely control whether it is top- or bottom- posted. You don't bother moving the cursor before you start a reply, you blinding take what gmail gives you and you run with it. The only part of your paragraph I quoted above that bears any semblance of truth is "and really I don't care". Must be nice to live in a world where others don't matter. To quote, well, me: Top posting ruins the flow of the standard English written language and makes following conversation topics awkward, at best. A classic example of this is the following section: A: Yes. > Q: Are you sure? > > A: Because it reverses the logical flow of conversation. > > > Q: Why is top posting frowned upon? > > > > A: Top-posting. > > > > > Q: What is the most annoying thing in e-mail? As you can see the above makes absolutely no sense whatsoever and makes following the topic next to impossible. John -- Those who know do not speak; those who speak do not know. -- Tao pgpBGd6ghIr50.pgp Description: PGP signature
Re: [nlug] After the Meeting Tonight
On Wed, Dec 15, 2010 at 01:07:23PM -0600, Kent Perrier wrote: > On Wed, Dec 15, 2010 at 12:46 PM, Greg Donald wrote: > > > On Tue, Dec 14, 2010 at 8:51 PM, David R. Wilson wrote: > > > Hi guys, > > > > > > I would highly recommend you take a look at this: > > > > > > http://www.grassfire.com/ Why don't they change domain to: "lumpthehateonobama.com"? The rhetoric, hyperbole and outright bullshit on this site is nothing more than political nonsense. There are pending votes that can impact our freedoms; there are always such pending votes. Net neutrality, however, is not such a vote. This site, however, is nothing more than right-wing nonsense. Giving them publicity just makes it that much worse. You do realize, I hope, that the site is just a tea party front? I really do love how they've managed to spin net neutrality into something evil and heinous. And the sad part is people buy into this nonsense. > > Sounds like someone's been watching too much Faux News. > > > > Its better than having the government dictate that we have equal coverage of > Windows. I don't understand this statement at all. John -- There's only one way to have a happy marriage and as soon as I learn what it is I'll get married again. -- Clint Eastwood pgpyokhcDJPVW.pgp Description: PGP signature
[nlug] [i...@demandprogress.org: VICTORY!]
FYI John - Forwarded message from "Aaron Swartz, DemandProgress.org" - > Date: Fri, 19 Nov 2010 18:33:35 + > From: "Aaron Swartz, DemandProgress.org" > To: "John Dennison" > Subject: VICTORY! > > John -- big news! Yesterday the Senate Judiciary Committee voted >unanimously to send the Internet blacklist bill to the full Senate, but it >was quickly stopped by Sen. Ron Wyden (D-OR) who denounced it as "a >bunker-buster cluster bomb" aimed at the Internet and pledged to "do >everything I can to take the necessary steps to stop it from passing the >U.S. Senate." > >Wyden's opposition practically guarantees the bill is dead this year -- >and next year the new Congress will have to reintroduce the bill and start >all over again. But even that might not happen: Dianne Feinstein (D-CA), >Hollywood's own senator, told the committee that even she was >uncomfortable with the Internet censorship portion of the bill and hoped >it could be removed when they took it up again next year! > >This is incredible -- and all thanks to you. Just a month ago, the Senate >was planning to pass this bill unanimously; now even the senator from >Hollywood is backing away from it. But this fight is far from over -- next >year, there's going to be hearings, negotiations, and even more crucial >votes. We need to be there, continuing to fight. > >[1]Can you chip in a couple bucks so we can keep our lobbyist in DC? > >We're doing everything we can: working with key staffers to remove the >most egregious parts of the bill, lobbying more members of Congress to >speak out against this bill, and insisting on hearings so the whole Senate >can learn about how dangerous this is. And, of course, we'll keep working >with you to make sure more people hear about this bill and tell their >senators. > >[2]Chip in a couple dollars to support our work. Click here. > >http://act.demandprogress.org/go/13?akid=23.181544.LbjSNC&t=1 > >Keep on fighting, > >-- Aaron Swartz, David Segal, and the Demand Progress team > >P.S. Are you as outraged as we are at those new TSA scanners? [3]Click >here to write a letter to your state legislators asking them to ban the >practice. We've already gotten a bill introduced in New York -- will your >state be next? > >[4]http://act.demandprogress.org/go/12?akid=23.181544.LbjSNC&t=2 > > References > >Visible links >1. http://act.demandprogress.org/go/13?akid=23.181544.LbjSNC&t=3 >2. http://act.demandprogress.org/go/13?akid=23.181544.LbjSNC&t=4 >3. http://act.demandprogress.org/go/12?akid=23.181544.LbjSNC&t=5 >4. http://act.demandprogress.org/go/12?akid=23.181544.LbjSNC&t=6 > > Paid for by Demand Progress ([1]DemandProgress.org) and not authorized by any > candidate or candidate's committee. Contributions are not deductible as >charitable contributions for federal income tax purposes. > > -- > You can unsubscribe from this mailing list at any time: > http://act.demandprogress.org/cms/unsubscribe/unsubscribe/?akid=23.181544.LbjSNC&t=1 > > > References > >Visible links >1. http://demandprogress.org/ > - End forwarded message - -- If you always do what interests you, at least one person is pleased. -- Katharine Hepburn (1907-2003), American actress, writer pgp9VAVmUEXI6.pgp Description: PGP signature
Re: [nlug] Full disk encryption on Linux?
On Mon, Nov 01, 2010 at 04:10:21PM -0500, Chris McQuistion wrote: > I have an existing CentOS installation and need to encrypt certain > partitions. Encrypting after the fact would be my preference, as > re-installing this system would be rather complicated. To the best of my knowledge you can not use cryptsetup to encrypt an existing file system; the create / format operations will wipe the existing data. There may have been some movement in this area I am unaware of, but I've not come across anything recently. John -- The things that will destroy America are prosperity-at-any-price, peace-at-any-price, safety-first instead of duty-first, the love of soft living, and the get-rich-quick theory of life. -- Teddy Roosevelt pgpfa3zlIa96d.pgp Description: PGP signature
Re: [nlug] [Fwd: Re: Internet blacklist bill]
On Wed, Oct 27, 2010 at 03:01:33PM -0500, Kent Perrier wrote: > I notice that this progressive website does not actually talk about the bill > itself. Where is some information on what the bill actually does? I thought I had included this link in my original post on this: https://www.eff.org/issues/coica-internet-censorship-and-copyright-bill John -- No government is perfect. One of the chief virtues of a democracy, however, is that its defects are always visible and under democratic processes can be pointed out and corrected. -- Harry S Truman (1884 - 1972), 33rd US President, to a joint session of the US Congress (12 March 1947), outlining what became known as The Truman Doctrine pgpZnEuZb1na6.pgp Description: PGP signature
[nlug] [i...@demandprogress.org: Re: Internet blacklist]
I'm sure that by now you've heard of the Internet censorship bill that was attempted to be fast-tracked through the US Senate. This bill, titled "Combating Online Infringement and Counterfeits Act", grants broad discretionary powers to the US Department of Justice and, specifically, the US Attorney General, to censor Internet sites that fall under the auspices of piracy and infringement. The growing concern is that this censorship would not be limited solely to cases of infringement. Thankfully the vote on this bill was delayed until after the November elections but it's still pending on the Judiciary Committee docket. No matter what one may think of infringement it must be argued that censorship, in any form, is wrong. I prefer not to preach the merits of becoming involved in the fight against this bill, but I would like to take a moment and ask you to glance at the mail I've forwarded below and perhaps review the EFF page at: https://www.eff.org/issues/coica-internet-censorship-and-copyright-bill Thanks :) John - Forwarded message from "Aaron Swartz, DemandProgress.org" - > Date: Wed, 20 Oct 2010 18:08:17 + > From: "Aaron Swartz, DemandProgress.org" > To: "John Dennison" > Subject: Re: Internet blacklist > > John -- thanks again for signing our >petition opposing the Internet blacklist. We just broke 210,000 signatures >and we want to hit 250,000 before we start delivering them to Senate >candidates next week. It's crucial we get them on the record before the >election and every new signer shows that real voters care about this. > >Can you [1]click here to share it on Facebook and then forward the email >below to your friends? > > > >-- > > > >Hey -- have you heard about this new Internet blacklist bill? It would >allow the Attorney General to censor entire websites in the United States >-- even if the site hasn't been convicted of any crime! > >President Obama has been denouncing countries like China and Iran for >censoring the Internet -- but now the U.S. Senate is about to do the same >thing here at home. And they're trying to rush the bill through right >after the election without having any debate. > >[2]Can you take a second to sign a petition opposing this bill? Click >here. > >Already over 200,000 people have signed and they're trying to hit 250,000 >before they start delivering petitions at the end of this week. Adding >your name could make a real difference. > >Please forward this email far and wide -- people need to hear about this >bill. > >Thanks! > > > > > > References > >Visible links >1. http://act.demandprogress.org/go/3?akid=8.181544.a-UCAD&t=1 >2. http://act.demandprogress.org/go/4?akid=8.181544.a-UCAD&t=2 > > Paid for by Demand Progress ([1]DemandProgress.org) and not authorized by any > candidate or candidate's committee. Contributions are not deductible as >charitable contributions for federal income tax purposes. > > -- > You can unsubscribe from this mailing list at any time: > http://act.demandprogress.org/cms/unsubscribe/unsubscribe/?akid=8.181544.a-UCAD&t=1 > > > References > >Visible links >1. http://demandprogress.org/ > - End forwarded message - -- Like the wind crying endlessly through the universe, Time carries away the names and the deeds of conquerors and commoners alike. And all that we are, all that remains, is in the memories of those who cared we came this way for a brief moment. -- Harlan Ellison (27 May 1934-), American author and media critic, Paladin of the Lost Hour (1985) pgpgPnVUHFqJl.pgp Description: PGP signature
Re: [nlug] www.nlug.org website?
On Tue, Aug 24, 2010 at 05:54:16PM -0500, Kevin Eldridge wrote: > > It is on the front page of wikispot.org as well. I would say it is > legitimate. I checked a few various other wikispot hosted wiki's as found by google and those that I checked don't have it displayed. Perhaps it can be opted out of? John -- "My other computer is your windows box." -- Ralf Hildebrandt pgpGdbOyHvl6L.pgp Description: PGP signature
Re: [nlug] Reading a locked file.
On Thu, Aug 12, 2010 at 04:16:45PM -0400, Andrew Farnsworth wrote: > Thanks for the suggestion but it is not an option. If this was for normal > log rotation then it would be, but it is not. It is for troubleshooting and > we cannot move / rename / restart the log file for this, we need to just > copy or even tail it but even the tail might be too long as we could need as > much as a few weeks back in time. This brings up another point. Are the logs even being rotated at all? If so, what time period? Monthly? John -- Live a good life. If there are gods and they are just, they will not care how devout you have been, but will welcome you based on the virtues you have lived by. If there are gods, but unjust, then you should not want to worship them. If there are no gods, then you will be gone, but will have lived a noble life that will live on in the memories of your loved ones. -- Marcus Aurelius (121-180), philosopher and writer pgpGNkTHiiYEK.pgp Description: PGP signature
Re: [nlug] Reading a locked file.
On Thu, Aug 12, 2010 at 04:32:45PM -0500, Richard Thomas wrote: > > >Can you speed it up by copying to a ramdisk? > >(I don't know whether I'm thinking outside the box, or just reaching :-) > > > Use mirrored raid and yank one of the drives (I'm just being silly now) Can windows pivots / links be used to circumvent the lock? Shadow volumes likely could; but that's an intrusive change. John -- The best argument against democracy is a five minute conversation with the average voter. -- Winston Churchill pgplDp6nsBjUt.pgp Description: PGP signature
Re: [nlug] Reading a locked file.
On Thu, Aug 12, 2010 at 03:50:02PM -0500, gm5729 wrote: > > Putty in with a linux box and su -, use Vim off a linux box. "Putty in"? "su -"? It's a *WINDOWS* box in case that wasn't previously clear. To top it off, Andy is quite constrained in what he is and is not permitted to do to the windows box in question as it is a production server and, apparently, has quite rigorous change control in place (as it should be for critical infrastructure components). Any solutions must take this into account and must take advantage of native or currently in-place tools on the server; and most do so as to not affect the production environment and the contained services in any way. John -- We only think when we are confronted with problems. -- John Dewey (1859-1952), American philosopher, educator pgpenUNLr4Jov.pgp Description: PGP signature
Re: [nlug] Reading a locked file.
On Thu, Aug 12, 2010 at 04:18:23PM -0400, Andrew Farnsworth wrote: > > my thought was read until I get an error logging the distance into the file > I get, then close and reopen the file, seek to that location and continue > reading. repeat this process until the end of the file. That's likely to butt heads hard with lock contention issues I would think. Doesn't windows impose a non-exclusive read lock on reads? If it does, apache is going to block until it can get the exclusive lock. I am curious as to what solution you do come up with as I can probably make use of it myself in the future. Good luck :) John -- Cowardice asks the question, "Is it safe?" Expediency asks the question, "Is it politic?" Vanity asks the question, "Is it popular?" But, conscience asks the question, "Is it right?" And there comes a time when one must take a position that is neither safe, nor politic, nor popular but one must take it because one's conscience tells one that it is right. -- Martin Luther King, Jr. pgpR24ietR9qZ.pgp Description: PGP signature
Re: [nlug] Reading a locked file.
On Thu, Aug 12, 2010 at 02:48:04PM -0500, gm5729 wrote: > > Copy the file and use GVim. There is a Wintel version. The file has a mandatory and exclusive lock; you can't manipulate it in any way, and that includes copying it. How does the windows version handle log rotation? Can you force an early rotation run and then work with the resulting rotated log? John -- When there are too many policemen, there can be no liberty. When there are too many soldiers, there can be no peace. When there are too many lawyers, there can be no justice. -- Lin Yutang (10 October 1895 - 26 March 1976), Chinese writer and translator, as quoted in Alexander, James (2005). The World's Funniest Laws. Cheam: Crombie Jardine. pp. page 6 pgpyGq7ULNaPH.pgp Description: PGP signature
Re: [nlug] Partition Management
On Wed, Aug 11, 2010 at 05:48:37PM -0500, Paul Boniol wrote: > > I see several free and some commercial products in my search results. > I was just wondering if anyone had positive/negative experiences with > partition management software, esp. shrinking a Windows NTFS > partition? (Yes, I know a complete backup would be best... but it > takes quite a bit of time/disks.) I've used the Gparted in the past and it's worked without a hitch. John -- It was on my fifth birthday that Papa put his hand on my shoulder and said, "Remember, my son, if you ever need a helping hand, you'll find one at the end of your arm." -- Sam Levenson (1911-1980), American humorist and writer, In One Era & Out the Other pgpDkXZrftXv0.pgp Description: PGP signature
Re: [nlug] dirty tricks from Microsoft
On Fri, Jul 02, 2010 at 05:05:44PM -0500, j...@coats.org wrote: > 'Free' and Microsoft in the same sentence makes it an oxymoron. You do realize, I hope, that m$ is one of the top-ranking companies in charitble contributions? > This is just another marketing ploy from M$. I just like to know the > real reasons and > where the money is flowing before I believe in them as the tooth fairy. All this bagging on microsoft just for the sake of bagging is getting old. Frankly, I don't give a damn if they have ulterior motives; nor do I care if there are state dollars involved. People are out of work across the state, many from sales and manufacturing who may not have much experience with the various Office products; if programs like this get people back to work because they are more employable as a result of said programs... well... more power to 'em. John -- When I was the most junior Democrat in the Senate, I voted for John Paul Stevens. He was a Republican nominated by a Republican president who was going to be up for election, and we voted for him, and proudly. -- Senator Patrick J. Leahy, now chairman of the Judiciary Committee, on his respect for the associate justice who is retiring, New York Times, 10 April 2010 pgpGBLraFzbfV.pgp Description: PGP signature
Re: [nlug] dirty tricks from Microsoft
On Fri, Jul 02, 2010 at 03:12:34PM -0500, Michael Chaney wrote: > > You can probably guess the gist of the e-learning courses. I'm obviously missing something here. How is this a dirty trick? John -- We must respect the other fellow's religion, but only in the same sense and to the extent that we respect his theory that his wife is beautiful and his children smart. -- H. L. Mencken (1880-1956), writer, editor, and critic pgpZgIMqHBnPY.pgp Description: PGP signature
Re: [nlug] Re: Linux 101 Presentation
On Tue, Jun 22, 2010 at 07:31:26AM -0500, JMJ wrote: > > Good point. So how about this instead: > dr-xr-xr-xA read-only, searchable directory That's fine :) > Hmmm... I didn't include it because I didn't see it at: > http://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/index.html The LFH, as much as they would like it to be, isn't an end-all be-all guide. > I found this description, is it accurate? > "/sys has no officially designated function. Many distros use /sys as a > virtual file system to export data from the kernel to userspace > applications, such as when a new USB device is plugged in. However, this > is completely optional, and is a fairly recent addition to the kernel. It's a standard on RHEL, CentOS, Scientific, OEL, Fedora and all their respins. The above description is accurate. /sys was meant as a read-only replacement for /proc which is, technically unless they've changed it yet again, deprecated. /sys exports much more to userland than do the older /proc interfaces. > In some older Unix systems, /sys was used to contain the kernel sources." Heh - I remember those days :) > I'd like to shorten that up a lot if possible. Suggestions? "/sys acts as a window into the internal workings of the kernel and is used by some programs; most mere mortals need not tread here". > Should I also include /lost+found? Perhaps something like: > "/lost+found - data fragments that were unable to be recovered after a > system crash" Yes, indeed. Sorry to have overlooked that; good catch. John -- "I believe that at every level of society--familial, tribal, national and international--the key to a happier and more successful world is the growth of compassion. We do not need to become religious, nor do we need to believe in an ideology. All that is necessary is for each of us to develop our good human qualities." -- His Holiness the XIV Dalai Lama, from "Compassion and the Individual" pgpqDYzngT5U9.pgp Description: PGP signature
Re: [nlug] Re: Linux 101 Presentation
On Tue, Jun 22, 2010 at 12:42:17AM -0500, JMJ wrote: Everything looks quite nice until here: > Examples of file permissions: > -rwxrwxrwxthis is what most Windows files useful > -r--r--r--A read-only file > dr--r--r--A read-only directory > -rwxr-xr-xRead-write for the file owner, read-only for all others. Personally, I'd change the "read-only" directory example used as in real-life you are extremely unlike to ever see 444 modes on a directory as "execute" is also used as "search" for directories; 555 would be more accurate. And a little further down: > /proc - doesn't contain 'real' files but runtime system information Might want to include "/sys" here, also. I've gotten quite a few queries about "/sys" in the past couple of years. > /mnt - generic mount point under which you mount your filesystems or devices This is standard across all *nixes I'm familiar with. Other than these extremely trivial issues this is *very* well put together. John -- When there are too many policemen, there can be no liberty. When there are too many soldiers, there can be no peace. When there are too many lawyers, there can be no justice. -- Lin Yutang (10 October 1895 - 26 March 1976), Chinese writer and translator, as quoted in Alexander, James (2005). The World's Funniest Laws. Cheam: Crombie Jardine. pp. page 6 pgp1JztotbQQO.pgp Description: PGP signature
Re: [nlug] WGET for secure sites
On Mon, Jun 21, 2010 at 06:29:47PM -0400, Andrew Farnsworth wrote: > Good suggestion on robots.txt but I just checked and the robots.txt file > does not exist. If your wget is compiled with debug enabled try running it with --debug specified and see if you can locate the issue? What does the server {access,error}_log say? John -- We only think when we are confronted with problems. -- John Dewey (1859-1952), American philosopher, educator pgpUFd497B0xT.pgp Description: PGP signature
Re: [nlug] Google Command Line (Google CL)
On Sat, Jun 19, 2010 at 12:17:33AM -0500, Chris Faulkner wrote: > > GoogleCL is a command-line utility that provides access to various > Google services. It streamlines tasks such as posting to a Blogger > blog, adding events to Calendar, or editing documents on Google Docs. I'm not a huge proponent of google for various reasons but I *must* agree with you here. This is totally slick. John -- We have joy, we have fun, we have Linux on our Sun! -- Ralf Hildebrandt pgplqRRxxuY4i.pgp Description: PGP signature
Re: [nlug] [Promotion] Linux users are Invited
On Tue, Jun 15, 2010 at 04:22:48PM -0500, Don Delp wrote: > > I get the feeling this isn't local to us. :) Normally I refuse to open obfuscated links in these types of messages but I did so this time in a jailed lynx session; url's point to an India locale. I'm really not sure why this was moderated through - I noticed it last night and just left it. John -- "I'm sorry but our engineers do not have phones." As stated by a Network Solutions Customer Service representative when asked to be put through to an engineer. pgpKpueburAvQ.pgp Description: PGP signature