martin f krafft wrote:
Is there a way to automatically log out users after a certain idle
period? I would need this automatic logout on a per-service basis,
thus e.g. logging out KDE and tty users while keeping SSH users
logged in.
Does PAM provide for this? Are there other means?
also sprach Christofer Algotsson [EMAIL PROTECTED] [2004.11.15.1151 +0100]:
Idled might be a solution.
http://www.darkwing.com/idled/
Well, this seems rather dead upstream. I'll ping.
--
Please do not CC me when replying to lists; I read them!
.''`. martin f. krafft [EMAIL PROTECTED]
Hi,
I'm using bind9 and want to enable my users to configure DNS over
web-interface. Is it anyhow possible to configure bind9 over LDAP or
MySQL or must I work with text files?
And one more question - Have anybody heard about open-source (GPL)
web-based administration for bind9?
Many thanks
also sprach Antonin Karasek [EMAIL PROTECTED] [2004.11.15.1619 +0100]:
And one more question - Have anybody heard about open-source (GPL)
web-based administration for bind9?
webmin-bind should work
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft
Quoting Antonin Karasek [EMAIL PROTECTED]:
I'm using bind9 and want to enable my users to configure DNS over
web-interface. Is it anyhow possible to configure bind9 over LDAP or
MySQL or must I work with text files?
http://www.venaas.no/ldap/bind-sdb/
And one more question - Have anybody
hi,
i've exim4 and courier maildrop delivering mail to users, with LDAP
lookups for various data.
this works fine, and has been for a few months. however, any .mailfilter
files don't seem to be getting read, despite the presence of said file.
when i add an option to the router to set the home
On Monday 15 November 2004 17:15, [EMAIL PROTECTED] wrote:
so really, this is 2 problems in one: one is the .mailfilter file isn't
read, and that log snippet which no sense.
Seems like the same problem--mailrop is not given the correct home dir.
Put some logging in /etc/courier/maildroprc
Ce jour Mon, 15 Nov 2004, Mark Bucciarelli a dit:
On Monday 15 November 2004 17:15, [EMAIL PROTECTED] wrote:
so really, this is 2 problems in one: one is the .mailfilter file isn't
read, and that log snippet which no sense.
Seems like the same problem--mailrop is not given the correct
On Mon, 2004-11-15 at 21:51, Christofer Algotsson wrote:
martin f krafft wrote:
Is there a way to automatically log out users after a certain idle
period? I would need this automatic logout on a per-service basis,
thus e.g. logging out KDE and tty users while keeping SSH users
logged in.
Ce jour Mon, 15 Nov 2004, Francisco Castillo a dit:
Hello,
when i connect from a cuteftp client from a 192.168.0.Y ip the client get
the correct pasive port to get data (4) from the proftpd server but
if i try to access from a public client ip (with cuteftp too) the server
said
(BNote: JP stands for Japanese.
(B
(BALERT!!
(BThis e-mail contained one or more virus-infected files and have been rejected.
(B(JP:$B%3%s%T%e!<%?%&%#%k%9$rH/8+$7$^$7$?$N$G!"%a!<%k$NAw?.$rCf;_$7$^$7$?!#(J)
(B
(BThe following attachments were infected:
(B(JP:[EMAIL
Hello
On 2004-11-12 martin f krafft wrote:
also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.12.1538 +0100]:
I remember a network sniffer that could be run e.g. over a week to
collects a list of all used tcp/udp ports which could then be used
as base for creating a firewall script
First, read out aloud the first line of my signature, then read the
Debian list policy, then verify the Mail-Followup-To header of my
posts, and then do not CC anyone again unless requested.
also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.13.1228 +0100]:
fetches data on Port 12345 but
Hi people.. :-)
I've a debian internet gateway sharing the internet
to ppp and pppoe users. I really don't know why do ppp
clients can't browse some sites like hotmail.com.
Pppoe users are all fine. I well tested my firewall
rules and it's working as it should be.
I checked the mtu
also sprach John Goerzen [EMAIL PROTECTED] [2004.11.12.0612 +0100]:
And I get many legitimate e-mails with a bad HELO. In fact,
I would argue that your rule here is wrong. If I send you an
e-mail from my laptop, it is not going to send you an address of
a server that can receive mail (or has
On Friday 12 November 2004 07.47, Craig Sanders wrote:
On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote:
4 ETRN
Weird, people are just sending ETRN commands to you?
me too. One is a mail server of a respected company that is apparently
misconfigured, and has been for a
On Fri, Nov 12, 2004 at 10:09:36AM +0100, Adrian 'Dagurashibanipal' von Bidder
wrote:
On Friday 12 November 2004 07.47, Craig Sanders wrote:
On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote:
4 ETRN
Weird, people are just sending ETRN commands to you?
me too.
On Fri, Nov 12, 2004 at 05:47:17PM +1100, Craig Sanders wrote:
On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote:
i like the way it works. makes it easy to model the flow of mail from
component to component.
On the other hand, it introduces complexity into the system. It's a lot
Hello
I remember a network sniffer that could be run e.g. over a week to collects a
list of all used tcp/udp ports which could then be used as base for creating a
firewall script for hosts.
Does anybody know the name of this tool?
bye,
-christian-
--
To UNSUBSCRIBE, email to [EMAIL
also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.12.1538 +0100]:
I remember a network sniffer that could be run e.g. over a week to
collects a list of all used tcp/udp ports which could then be used
as base for creating a firewall script for hosts.
What an extraordinarily bad idea. You
Sorry, this email address has been disabled by the KeyGhost webmaster due to an
overflow of incoming spam.
If you wish to contact us, please visit our website for a valid email address.
Thank you,
The KeyGhost Team
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe.
also sprach Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED]
[2004.11.11.0842 +0100]:
To optimize random small reads, it's best if a read can be satisfied by
touching only one disk, so large stripe sizes should be better - with your
avg file size, 8k or 16k stripes should be fine; even
Ah, ok that changes everything. mailboxes ;)
At 12:30 AM 11/11/04 +0100, Marcin Owsiany wrote:
If u still need RAID 5 then I would make the stripe size equal to
average file size / number of data disks up to no more than 32KB stripe.
Since avg file size would be something around 2500 bytes,
On Thursday 11 November 2004 09.12, Chris Wagner wrote:
Since you (happy Adrian??)
Much easier to read :-)
[...]
If u have 32KB stripes so that
almost every file fits in 1 stripe, the leftover space is wasted. So a
2.5KB file written in a 32 KB stripe wastes 30.5 KB.
Err. This statement
Yo!
I'll be setting up a mailserver here soon - based on postfix (let's not
argue about that in this thread, please :-) and cyrus imapd (the latter
because AFAICT opengroupware.org requires it or at least runs best with
cyrus). I'm wondering how to set up my virus and spam defenses
-
Hey,
You can simply add amavisd-new to your setup. You only need to configure
postfix to use it, and that's about it. From there you can start adding
scanners like ClamAV and Spamassassin. Since you want per-user
customability, i suggest you take a look at
On Saturday 06 November 2004 22:19, Rodney Richison wrote:
Are most of you using exim or postfix? Just curious. I've never tried
exim.
neither. courier-mta. just starting to have some production experience,
and so far i like it quite a bit.
i chose it because it has everything integrated:
I just switched from Postfix to Exim. I am now a big fan of Exim.
http://changelog.complete.org/articles/2004/11/08/latest-experiment-exim/
http://changelog.complete.org/articles/2004/11/11/exim-transition-successful/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
On Saturday 06 November 2004 22:19, Rodney Richison wrote:
Are most of you using exim or postfix? Just curious. I've never tried
exim.
i use postfix/courier-imap,pop3/maildrop/sqwebmail with amavisd-new, clamav,
spamassasin, razor and pyzor. mysql is my userdatabase and postfixadmin my
Oh yeah ur right. :) The file system itself is written in the stripes and
stripe boundaries don't have to correspond to cluster boundaries although I
think this would be advantageous. 1 cluster - 1 stripe would be the
optimum speed configuration I think.
--
To UNSUBSCRIBE, email to
On Thu, Nov 11, 2004 at 09:25:52PM +, John Goerzen wrote:
I just switched from Postfix to Exim. I am now a big fan of Exim.
http://changelog.complete.org/articles/2004/11/08/latest-experiment-exim/
http://changelog.complete.org/articles/2004/11/11/exim-transition-successful/
glad to
On Thursday 11 November 2004 17:04, Craig Sanders wrote:
22256 Bad HELO
wow.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi Craig,
2. postfix does support filtering during the SMTP transaction. the difference
is that the postfix author tells you up front that it is inherently
problematic
(for *ANY* MTA, not just postfix) because of the potential for SMTP timeouts
if
the filter takes too long to run
On 2004-11-11, Craig Sanders [EMAIL PROTECTED] wrote:
On Thu, Nov 11, 2004 at 09:25:52PM +, John Goerzen wrote:
a few comments, though:
1. synchronization detection - postfix has done this for years, except that
it's called reject_unauth_pipelining. you enable it as one of the
On Thu, Nov 11, 2004 at 05:12:10PM -0500, Mark Bucciarelli wrote:
On Thursday 11 November 2004 17:04, Craig Sanders wrote:
22256 Bad HELO
wow.
most of them being spammers trying to use my IP address or a bogus domain name
in the HELO/EHLO string. and most of them from Korea.
most of
On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote:
2. postfix does support filtering during the SMTP transaction. the
difference
is that the postfix author tells you up front that it is inherently
problematic
(for *ANY* MTA, not just postfix) because of the potential for
On Wed, Nov 10, 2004 at 08:21:14AM +0100, martin f krafft wrote:
also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.0010 +0100]:
There have been some very simple things that I've needed to find
solutions to with postfix in the past which I ended up having to
do with procmail that I
also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.0901 +0100]:
Anyway, if you are so confident about postfix, then maybe you
can teach me how to set up spamassassin to run under the local
user's identity,
procmail, maildrop or whatever local delivery agent you use can
run
also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.1014 +0100]:
I agree. But exim can do it. And even though this is the LDA
part of it, postfix also includes an LDA, which is just not up
to speed.
and postfix can do it too.
No, it cannot, unless you use spamassassin as the LDA,
Michael Graham wrote:
Ben Hutchings wrote:
Christopher Swingley wrote:
Change the ownership and permissions on their .bash_profile and .bashrc
to root:root 644:
-rw-r--r--1 root root 420 Sep 21 13:05
.bash_profile -rw-r--r--1 root root 746 Sep 21
13:05
On Wed, Nov 10, 2004 at 11:09:47AM +0100, martin f krafft wrote:
also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.1014 +0100]:
I agree. But exim can do it. And even though this is the LDA
part of it, postfix also includes an LDA, which is just not up
to speed.
and postfix can
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Wed, 10 Nov 2004, Craig Sanders wrote:
backup MX is obsolete these days, very few people need it (most of
This does seem to be a prevailing opinion but I think backup MXs are
valuable now for the same reason they always were - outages happen. We
have no way of knowing how long a remote MTA
On Wed, 10 Nov 2004, Craig Sanders wrote:
if you do have a backup MX, then you need to have the same anti-spam
anti-virus rules as on your primary server AND (most important!) it
needs to have a list of valid recipients, so that it can 5xx reject
mail for unknown users rather than accept and
* Robert Brockway ([EMAIL PROTECTED]) [041110 20:20]:
Oh you mean reject mail for unknown recipients rather than bounce the
mail[1]. Ok, I can see why you are suggesting it but it is an RFC
violation.
Why should it be a RFC violation to reject mail for unknown recipients
with 550? If a remote
On Wed, Nov 10, 2004 at 02:10:18PM -0500, Robert Brockway wrote:
On Wed, 10 Nov 2004, Craig Sanders wrote:
backup MX is obsolete these days, very few people need it (most of
This does seem to be a prevailing opinion but I think backup MXs are
valuable now for the same reason they always
On Wed, Nov 10, 2004 at 02:18:50PM -0500, Robert Brockway wrote:
On Wed, 10 Nov 2004, Craig Sanders wrote:
if you do have a backup MX, then you need to have the same anti-spam
anti-virus rules as on your primary server AND (most important!) it
needs to have a list of valid recipients, so
On Wed, 10 Nov 2004, Andreas Barth wrote:
* Robert Brockway ([EMAIL PROTECTED]) [041110 20:20]:
Oh you mean reject mail for unknown recipients rather than bounce the
mail[1]. Ok, I can see why you are suggesting it but it is an RFC
violation.
Why should it be a RFC violation to reject
Hi!
http://mail1.expro.pl/~porridge/dist.png shows the distribution of file
sizes on our mail server (actually just the partition holding maildirs).
The sample was 80 files.
-512 means zero-byte files.
0 means the files whose sizes are greater than zero, but less than 512.
512: greater
Hi,
..seeing recent the exim vs postfix thread, and having both
apache-1.3.3x and apache-2.0.5x available on a box, is obviously
beyond overkill, it's pointless. ;-) So I'm choosing one. Figuring
out which one? has asking myself a lot of questions.
..more importantly, do I lose _anything_
I would say that RAID 5 is probably overkill for a mail queue. Unless ur
mail queue is running hundreds of gigabytes and overloading a single disk, a
normal single hard drive is sufficient. Based on ur graph it looks like ur
queue is under half a gig. If you want redundancy for the mail queue
On Wed, Nov 10, 2004 at 05:29:37PM -0500, Chris Wagner wrote:
I would say that RAID 5 is probably overkill for a mail queue.
It's not the mail queue. Its the mail store (maildirs). We have no
problems with mail queue performance so far.
Unless ur
mail queue is running hundreds of gigabytes
On Wednesday 10 November 2004 23.29, Chris Wagner wrote:
It's 'you' - three letters :-)
If u still need RAID 5 then I would make the
stripe size equal to average file size / number of data disks up to no
more than 32KB stripe.
To optimize random small reads, it's best if a read can be
Christopher Swingley wrote:
snip
This is what I've done when I wanted to reduce the set of commands a
user could run. I'm sure a reasonably competant Unix user could easily
circumvent these restrictions, but it's a good first start, and making
such attempts would result in account suspension.
On Sun, Nov 07, 2004 at 11:54:40AM -0800, Stephen Le wrote:
On Sun, 7 Nov 2004 14:41:42 -0500, Stephen Gran [EMAIL PROTECTED] wrote:
apt-get remove --purge ftp telnet wget gcc
rm /usr/bin/ssh /usr/bin/scp
Unfortunately, I can't do that since I still want some users to be
able to access
I'm looking at redoing my mail setup due primarily to spam filtering.
Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html,
they are suggesting not to use redundant mail servers unless needed for
load balancing.
The last time I set up a major mail server, which was indeed a few
also sprach John Goerzen [EMAIL PROTECTED] [2004.11.09.1514 +0100]:
It seems to make a lot of sense to me, but it seems too that
I must be missing something.
if the backup MX is configured exactly like the primary, then it
makes sense. but it's all too easy to get out of sync.
i usually have
On 2004-11-09, Steve Drees [EMAIL PROTECTED] wrote:
John Goerzen wrote:
I'm looking at redoing my mail setup due primarily to spam filtering.
Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html,
they are suggesting not to use redundant mail servers unless needed
for load
i usually have my backup MX accept everything and then don't treat
them specially on the primary. thus, policy is still enforced on the
primary, but there is a proper backup path *under my control* should
the primary be unreachable for whatever reason.
With this approach you can't bounce
also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1652 +0100]:
With this approach you can't bounce RBLed messages at SMTP connect
time though, right? (I realize that RBLs are semi-controversial,
especially at the ISP level.)
right. i use spamassassin for RBLs
--
Please do not send
John Goerzen wrote:
On 2004-11-09, Steve Drees [EMAIL PROTECTED] wrote:
John Goerzen wrote:
I'm looking at redoing my mail setup due primarily to spam filtering.
Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html,
they are suggesting not to use redundant mail servers unless
Hello,
I read RFC 1035 and would like to know what the maximum char value
for a domainname is.
It concerns to a limit of 255 octals while one octal is equal
3 bit but there's not within google to find out how many letters
are possible in theory concerning 255 octals and computer network's.
--
--On Tuesday, November 09, 2004 08:43 -0600 Steve Drees
[EMAIL PROTECTED] wrote:
I'd suggest having a backup MX but make sure you have all the filtering at
your backup that you have at your primary.
Unless you can check for valid users at the secondary, don't do it.
Spammers will attempt to
--On Tuesday, November 09, 2004 17:04 +0100 martin f krafft
[EMAIL PROTECTED] wrote:
also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1652 +0100]:
With this approach you can't bounce RBLed messages at SMTP connect
time though, right? (I realize that RBLs are semi-controversial,
On Tue, Nov 09, 2004 at 05:04:09PM +0100, martin f krafft wrote:
also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1652 +0100]:
With this approach you can't bounce RBLed messages at SMTP connect
time though, right? (I realize that RBLs are semi-controversial,
especially at the ISP
--On Tuesday, November 09, 2004 13:54 -0500 Dale E. Martin
[EMAIL PROTECTED] wrote:
This got me to thinking, it would be neat if one could _easily_ replicate
RBLs on their own local DNS server. Then you could easily point primary
and secondary at your local RBL and manage it just in your DNS
also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]:
This got me to thinking, it would be neat if one could _easily_
replicate RBLs on their own local DNS server.
rbldns (djbdns) is (a) non-free, and (b) really nice and easy to use
for this purpose.
Then you could easily
On Tue, 9 Nov 2004, Dale E. Martin wrote:
i usually have my backup MX accept everything and then don't treat
them specially on the primary. thus, policy is still enforced on the
primary, but there is a proper backup path *under my control* should
the primary be unreachable for whatever
Trying to back up one Linspire 4.5 machine to another, installed Konserve and
configured for an smb connection to reach the backup directory. Konserve fails
for lack of write permission on the remote machine.
Checking:
--remote machine has the directory set to share, with write permission for
also sprach Bill Flanagan [EMAIL PROTECTED] [2004.11.09.2111 +0100]:
Any pointers on things to look at?
The Linspire support community
The KDE mailing lists
The Samba mailing lists
A Linux reference
*Maybe* debian-user
-- but not here.
Does putting a name and p/w into local client
Quoting Steve Drees [EMAIL PROTECTED]:
John Goerzen wrote:
I'm looking at redoing my mail setup due primarily to spam filtering.
Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html,
they are suggesting not to use redundant mail servers unless needed
for load balancing.
On Mon, 8 Nov 2004 09:28:10 -0900, Christopher Swingley
[EMAIL PROTECTED] wrote:
Make symbolic links between allowed commands and '/usr/local/rbin'
As I said before, this is just a simple attempt to reduce priviledge.
There are undoubtably ways around it, some easier than others depending
on
On Tue, Nov 09, 2004 at 04:10:07PM +0100, martin f krafft wrote:
also sprach John Goerzen [EMAIL PROTECTED] [2004.11.09.1514 +0100]:
It seems to make a lot of sense to me, but it seems too that
I must be missing something.
if the backup MX is configured exactly like the primary, then it
On Tue, Nov 09, 2004 at 03:30:03PM +, John Goerzen wrote:
On 2004-11-09, Steve Drees [EMAIL PROTECTED] wrote:
John Goerzen wrote:
I'm looking at redoing my mail setup due primarily to spam filtering.
Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html,
they are
On Tue, Nov 09, 2004 at 08:04:24PM +0100, martin f krafft wrote:
also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]:
This got me to thinking, it would be neat if one could _easily_
replicate RBLs on their own local DNS server.
rbldns (djbdns) is (a) non-free,
nope.
Don't give them shell access, and don't let them ftp to the server.
Make them email you all the changes so you can browse for bad code.
Then you
can upload the changes. You will get tired of that real quick. Other
than this method there is always a what if factor selinux,chroot,
virtual
## Craig Sanders ([EMAIL PROTECTED]):
On Tue, Nov 09, 2004 at 08:04:24PM +0100, martin f krafft wrote:
also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]:
rbldns (djbdns) is (a) non-free,
nope.
rbldnsd is NOT djbdns.
Confusion :)
There is rbldns, part of djbdns:
On Sun, Nov 07, 2004 at 01:40:30PM +, Brett Parker wrote:
There have been some very simple things that I've needed to find
solutions to with postfix in the past which I ended up having to
do with procmail that I can now deal with in ~ 3 lines in the exim
config.
my guess is that you just
On Tue, Nov 09, 2004 at 11:56:04PM +0100, Christoph Moench-Tegeder wrote:
## Craig Sanders ([EMAIL PROTECTED]):
On Tue, Nov 09, 2004 at 08:04:24PM +0100, martin f krafft wrote:
also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]:
rbldns (djbdns) is (a) non-free,
We recently bought a new machine. It's a Super Micro motherboard model
X5DPA-TGM with Intel's ICH5-SATA Serial ATA IDE chipset. I'd like to
know if anyone has experience with it in combination with Debian.
I did find http://www.lathi.net/twiki-bin/view/Main/DebianSataLvm, which
describes how
On Tue, 09 Nov 2004 17:43:19 -0500, Doug Griswold [EMAIL PROTECTED] wrote:
can upload the changes. You will get tired of that real quick. Other
than this method there is always a what if factor selinux,chroot,
virtual server etc...
The point is to minimize the what if factors by choosing
On Wed, 2004-11-10 at 11:20, Rhesa Rozendaal wrote:
We recently bought a new machine. It's a Super Micro motherboard model
X5DPA-TGM with Intel's ICH5-SATA Serial ATA IDE chipset. I'd like to
know if anyone has experience with it in combination with Debian.
I did find
Hi Everyone
enybody has any experienci migrating the users from a CISCO ACS (this
works on win2k and save all data on cvs, but the passwords) to a
Freeradius with MySQL.
I allready have a the freeradius working with with MySQL.
Besd Regards
Rene Mayorga
NOC
El Salvador Telecom.
--
To
also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.0010 +0100]:
There have been some very simple things that I've needed to find
solutions to with postfix in the past which I ended up having to
do with procmail that I can now deal with in ~ 3 lines in the exim
config.
my guess is
also sprach sin [EMAIL PROTECTED] [2004.11.08.0958 +0100]:
telnet machine.domain.tld 25
use netcat.
or swaks in this case.
250-AUTH LOGIN PLAIN
yeah! clear-text passwords!
smtpd_client_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_rbl_client sbl-xbl.spamhaus.org,
On Mon, Nov 08, 2004 at 03:14:53AM +0200, [EMAIL PROTECTED] wrote:
On Fri, Nov 05, 2004 at 07:53:33PM +0200, [EMAIL PROTECTED] wrote:
In regards to the latter method, would it be possible for me to change
the group ownership of the commands I don't want users to have access
to
and revoke
On Mon, Nov 08, 2004 at 08:34:11AM +0200, Alexandros Papadopoulos wrote:
[sent this to debian-user, got no suggestions - I hope this is not too
OT on this list]
On a sarge system, I was using apt-cacher with apache. No problems
there. Once I replaced apache with apache2, apt-cacher works
martin f krafft wrote:
also sprach sin [EMAIL PROTECTED] [2004.11.08.0958 +0100]:
telnet machine.domain.tld 25
use netcat.
or swaks in this case.
250-AUTH LOGIN PLAIN
yeah! clear-text passwords!
smtpd_client_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_rbl_client
Greetings,
* Osamu Aoki [EMAIL PROTECTED] [2004-Nov-05 14:13 AKST]:
On Fri, Nov 05, 2004 at 09:31:21AM -0800, Stephen Le wrote:
Is there an easy way to limit the commands a certain group of users
can execute?
I never done this but..
Use of chroot with bash started as rbash sems to be
martin f krafft said on Sat, Nov 06, 2004 at 12:30:06PM +0100:
also sprach Mark Ferlatte [EMAIL PROTECTED] [2004.11.06.0123 +0100]:
Do you really want your user's crontabs to run on every host in your
cluster?
They are mounted from master:/srv/var/spool/crontabs/${HOSTNAME}, so
they are
Rodney Richison said on Sat, Nov 06, 2004 at 09:19:40PM -0600:
Are most of you using exim or postfix? Just curious. I've never tried
exim.
Don't know about most; I use Postfix. I don't think exim is a bad choice,
though; I just liked Postfix better, and it performs well enough to meet my
On Fri, Nov 05, 2004 at 07:53:33PM +0200, [EMAIL PROTECTED] wrote:
In regards to the latter method, would it be possible for me to change
the group ownership of the commands I don't want users to have access to
and revoke execute permission from that group?
Yes, you can make something like
On Sat, Nov 06, 2004 at 09:19:40PM -0600, Rodney Richison wrote:
Are most of you using exim or postfix? Just curious. I've never tried
exim.
exim4 and postfix, depending on the machine, and who origionally set it
up. New machines are getting exim4 because it is far more flexible and
powerful
also sprach Mark Ferlatte [EMAIL PROTECTED] [2004.11.07.1013 +0100]:
Don't know about most; I use Postfix. I don't think exim is a bad choice,
though; I just liked Postfix better, and it performs well enough to meet my
needs.
Well said.
also sprach Brett Parker [EMAIL PROTECTED]
also sprach Mark Ferlatte [EMAIL PROTECTED] [2004.11.07.1012 +0100]:
Okay. I guess my next question is: why do you want your user
crontabs NFS mounted from your clients?
The cluster nodes are frequently reinstalled, so the crontabs need
to be installed automatically.
This actually closes a
On Sun, Nov 07, 2004 at 02:02:35PM +0100, martin f krafft wrote:
also sprach Brett Parker [EMAIL PROTECTED] [2004.11.07.1226 +0100]:
exim4 and postfix, depending on the machine, and who origionally set it
up. New machines are getting exim4 because it is far more flexible and
powerful that
also sprach Brett Parker [EMAIL PROTECTED] [2004.11.07.1440 +0100]:
Then, I've always prefered exim, I like having control at my
finger tips, and things to do what I expect :)
Ha! Flamebait! Consider yourself whacked. I won't even respond to
this. :)
/me embraces /etc/postfix/main.cf
Just
On Fri, Nov 05, 2004 at 03:35:11PM -0800, Stephen Le wrote:
See the example above. Users would still be able to upload their own
Perl scripts and get Apache to execute them without restriction - the
Perl script could call commands that I want to ban the users from
executing.
Lots of people
also sprach Steve Kemp [EMAIL PROTECTED] [2004.11.07.1514 +0100]:
If you're operating a shared system and want to keep seperate
web users isolated from each other using rbash, chroots or
similar should be sufficient.
Neither rbash not chroots are security measures. They are hurdles at
On Sun, Nov 07, 2004 at 02:02:35PM +0100, martin f krafft wrote:
[...]
I can't wait until I have time to try/use/improve Md's policy
framework.
Do you have an URL with more info about that policy framework?.
Thanks,
--
teo - http://blog.eltridente.org
Res publica non dominetur
--
To
401 - 500 of 19697 matches
Mail list logo