SV: automatically logging out users

martin f krafft wrote: Is there a way to automatically log out users after a certain idle period? I would need this automatic logout on a per-service basis, thus e.g. logging out KDE and tty users while keeping SSH users logged in. Does PAM provide for this? Are there other means?

Re: SV: automatically logging out users

also sprach Christofer Algotsson [EMAIL PROTECTED] [2004.11.15.1151 +0100]: Idled might be a solution. http://www.darkwing.com/idled/ Well, this seems rather dead upstream. I'll ping. -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft [EMAIL PROTECTED]

on-line DNS administration

Hi, I'm using bind9 and want to enable my users to configure DNS over web-interface. Is it anyhow possible to configure bind9 over LDAP or MySQL or must I work with text files? And one more question - Have anybody heard about open-source (GPL) web-based administration for bind9? Many thanks

Re: on-line DNS administration

also sprach Antonin Karasek [EMAIL PROTECTED] [2004.11.15.1619 +0100]: And one more question - Have anybody heard about open-source (GPL) web-based administration for bind9? webmin-bind should work -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft

Re: on-line DNS administration

Quoting Antonin Karasek [EMAIL PROTECTED]: I'm using bind9 and want to enable my users to configure DNS over web-interface. Is it anyhow possible to configure bind9 over LDAP or MySQL or must I work with text files? http://www.venaas.no/ldap/bind-sdb/ And one more question - Have anybody

exim4 and maildrop

hi, i've exim4 and courier maildrop delivering mail to users, with LDAP lookups for various data. this works fine, and has been for a few months. however, any .mailfilter files don't seem to be getting read, despite the presence of said file. when i add an option to the router to set the home

Re: exim4 and maildrop

On Monday 15 November 2004 17:15, [EMAIL PROTECTED] wrote: so really, this is 2 problems in one: one is the .mailfilter file isn't read, and that log snippet which no sense. Seems like the same problem--mailrop is not given the correct home dir. Put some logging in /etc/courier/maildroprc

Re: exim4 and maildrop

Ce jour Mon, 15 Nov 2004, Mark Bucciarelli a dit: On Monday 15 November 2004 17:15, [EMAIL PROTECTED] wrote: so really, this is 2 problems in one: one is the .mailfilter file isn't read, and that log snippet which no sense. Seems like the same problem--mailrop is not given the correct

Re: SV: automatically logging out users

On Mon, 2004-11-15 at 21:51, Christofer Algotsson wrote: martin f krafft wrote: Is there a way to automatically log out users after a certain idle period? I would need this automatic logout on a per-service basis, thus e.g. logging out KDE and tty users while keeping SSH users logged in.

Re: problem with pasive MODE and NAT

Ce jour Mon, 15 Nov 2004, Francisco Castillo a dit: Hello, when i connect from a cuteftp client from a 192.168.0.Y ip the client get the correct pasive port to get data (4) from the proftpd server but if i try to access from a public client ip (with cuteftp too) the server said

File was infected with a virus

(BNote: JP stands for Japanese. (B (BALERT!! (BThis e-mail contained one or more virus-infected files and have been rejected. (B(JP:$B%3%s%T%e!<%?%&%#%k%9$rH/8+$7$^$7$?$N$G!"%a!<%k$NAw?.$rCf;_$7$^$7$?!#(J) (B (BThe following attachments were infected: (B(JP:[EMAIL

Re: Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script

Hello On 2004-11-12 martin f krafft wrote: also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.12.1538 +0100]: I remember a network sniffer that could be run e.g. over a week to collects a list of all used tcp/udp ports which could then be used as base for creating a firewall script

Re: Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script

First, read out aloud the first line of my signature, then read the Debian list policy, then verify the Mail-Followup-To header of my posts, and then do not CC anyone again unless requested. also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.13.1228 +0100]: fetches data on Port 12345 but

Sharing Problem

Hi people.. :-) I've a debian internet gateway sharing the internet to ppp and pppoe users. I really don't know why do ppp clients can't browse some sites like hotmail.com. Pppoe users are all fine. I well tested my firewall rules and it's working as it should be. I checked the mtu

Re: exim or postfix

also sprach John Goerzen [EMAIL PROTECTED] [2004.11.12.0612 +0100]: And I get many legitimate e-mails with a bad HELO. In fact, I would argue that your rule here is wrong. If I send you an e-mail from my laptop, it is not going to send you an address of a server that can receive mail (or has

Re: exim or postfix

On Friday 12 November 2004 07.47, Craig Sanders wrote: On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: 4 ETRN Weird, people are just sending ETRN commands to you? me too. One is a mail server of a respected company that is apparently misconfigured, and has been for a

Re: exim or postfix

On Fri, Nov 12, 2004 at 10:09:36AM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: On Friday 12 November 2004 07.47, Craig Sanders wrote: On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: 4 ETRN Weird, people are just sending ETRN commands to you? me too.

Re: exim or postfix

On Fri, Nov 12, 2004 at 05:47:17PM +1100, Craig Sanders wrote: On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: i like the way it works. makes it easy to model the flow of mail from component to component. On the other hand, it introduces complexity into the system. It's a lot

Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script

Hello I remember a network sniffer that could be run e.g. over a week to collects a list of all used tcp/udp ports which could then be used as base for creating a firewall script for hosts. Does anybody know the name of this tool? bye, -christian- -- To UNSUBSCRIBE, email to [EMAIL

Re: Looking for a network sniffer that collects a used-ports list to help preparing a portfilter firewall script

also sprach Christian Hammers [EMAIL PROTECTED] [2004.11.12.1538 +0100]: I remember a network sniffer that could be run e.g. over a week to collects a list of all used tcp/udp ports which could then be used as base for creating a firewall script for hosts. What an extraordinarily bad idea. You

Re: stolen

Sorry, this email address has been disabled by the KeyGhost webmaster due to an overflow of incoming spam. If you wish to contact us, please visit our website for a valid email address. Thank you, The KeyGhost Team -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe.

Re: What stripe size for mail server?

also sprach Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED] [2004.11.11.0842 +0100]: To optimize random small reads, it's best if a read can be satisfied by touching only one disk, so large stripe sizes should be better - with your avg file size, 8k or 16k stripes should be fine; even

Re: What stripe size for mail server?

Ah, ok that changes everything. mailboxes ;) At 12:30 AM 11/11/04 +0100, Marcin Owsiany wrote: If u still need RAID 5 then I would make the stripe size equal to average file size / number of data disks up to no more than 32KB stripe. Since avg file size would be something around 2500 bytes,

Re: What stripe size for mail server?

On Thursday 11 November 2004 09.12, Chris Wagner wrote: Since you (happy Adrian??) Much easier to read :-) [...] If u have 32KB stripes so that almost every file fits in 1 stripe, the leftover space is wasted. So a 2.5KB file written in a 32 KB stripe wastes 30.5 KB. Err. This statement

Current status in antivirus antispam / MTA integration

Yo! I'll be setting up a mailserver here soon - based on postfix (let's not argue about that in this thread, please :-) and cyrus imapd (the latter because AFAICT opengroupware.org requires it or at least runs best with cyrus). I'm wondering how to set up my virus and spam defenses -

Re: Current status in antivirus antispam / MTA integration

Hey, You can simply add amavisd-new to your setup. You only need to configure postfix to use it, and that's about it. From there you can start adding scanners like ClamAV and Spamassassin. Since you want per-user customability, i suggest you take a look at

Re: exim or postfix

On Saturday 06 November 2004 22:19, Rodney Richison wrote: Are most of you using exim or postfix? Just curious. I've never tried exim. neither. courier-mta. just starting to have some production experience, and so far i like it quite a bit. i chose it because it has everything integrated:

Re: exim or postfix

I just switched from Postfix to Exim. I am now a big fan of Exim. http://changelog.complete.org/articles/2004/11/08/latest-experiment-exim/ http://changelog.complete.org/articles/2004/11/11/exim-transition-successful/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of

Re: exim or postfix

On Saturday 06 November 2004 22:19, Rodney Richison wrote: Are most of you using exim or postfix? Just curious. I've never tried exim. i use postfix/courier-imap,pop3/maildrop/sqwebmail with amavisd-new, clamav, spamassasin, razor and pyzor. mysql is my userdatabase and postfixadmin my

Re: What stripe size for mail server?

Oh yeah ur right. :) The file system itself is written in the stripes and stripe boundaries don't have to correspond to cluster boundaries although I think this would be advantageous. 1 cluster - 1 stripe would be the optimum speed configuration I think. -- To UNSUBSCRIBE, email to

Re: exim or postfix

On Thu, Nov 11, 2004 at 09:25:52PM +, John Goerzen wrote: I just switched from Postfix to Exim. I am now a big fan of Exim. http://changelog.complete.org/articles/2004/11/08/latest-experiment-exim/ http://changelog.complete.org/articles/2004/11/11/exim-transition-successful/ glad to

Re: exim or postfix

On Thursday 11 November 2004 17:04, Craig Sanders wrote: 22256 Bad HELO wow. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: exim or postfix

Hi Craig, 2. postfix does support filtering during the SMTP transaction. the difference is that the postfix author tells you up front that it is inherently problematic (for *ANY* MTA, not just postfix) because of the potential for SMTP timeouts if the filter takes too long to run

Re: exim or postfix

On 2004-11-11, Craig Sanders [EMAIL PROTECTED] wrote: On Thu, Nov 11, 2004 at 09:25:52PM +, John Goerzen wrote: a few comments, though: 1. synchronization detection - postfix has done this for years, except that it's called reject_unauth_pipelining. you enable it as one of the

Re: exim or postfix

On Thu, Nov 11, 2004 at 05:12:10PM -0500, Mark Bucciarelli wrote: On Thursday 11 November 2004 17:04, Craig Sanders wrote: 22256 Bad HELO wow. most of them being spammers trying to use my IP address or a bogus domain name in the HELO/EHLO string. and most of them from Korea. most of

Re: exim or postfix

On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: 2. postfix does support filtering during the SMTP transaction. the difference is that the postfix author tells you up front that it is inherently problematic (for *ANY* MTA, not just postfix) because of the potential for

Re: exim or postfix

On Wed, Nov 10, 2004 at 08:21:14AM +0100, martin f krafft wrote: also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.0010 +0100]: There have been some very simple things that I've needed to find solutions to with postfix in the past which I ended up having to do with procmail that I

Re: exim or postfix

also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.0901 +0100]: Anyway, if you are so confident about postfix, then maybe you can teach me how to set up spamassassin to run under the local user's identity, procmail, maildrop or whatever local delivery agent you use can run

Re: exim or postfix

also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.1014 +0100]: I agree. But exim can do it. And even though this is the LDA part of it, postfix also includes an LDA, which is just not up to speed. and postfix can do it too. No, it cannot, unless you use spamassassin as the LDA,

Re: Limiting User Commands

Michael Graham wrote: Ben Hutchings wrote: Christopher Swingley wrote: Change the ownership and permissions on their .bash_profile and .bashrc to root:root 644: -rw-r--r--1 root root 420 Sep 21 13:05 .bash_profile -rw-r--r--1 root root 746 Sep 21 13:05

Re: exim or postfix

On Wed, Nov 10, 2004 at 11:09:47AM +0100, martin f krafft wrote: also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.1014 +0100]: I agree. But exim can do it. And even though this is the LDA part of it, postfix also includes an LDA, which is just not up to speed. and postfix can

This Is a Test Mail

-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Value of backup MX

On Wed, 10 Nov 2004, Craig Sanders wrote: backup MX is obsolete these days, very few people need it (most of This does seem to be a prevailing opinion but I think backup MXs are valuable now for the same reason they always were - outages happen. We have no way of knowing how long a remote MTA

Re: Value of backup MX

On Wed, 10 Nov 2004, Craig Sanders wrote: if you do have a backup MX, then you need to have the same anti-spam anti-virus rules as on your primary server AND (most important!) it needs to have a list of valid recipients, so that it can 5xx reject mail for unknown users rather than accept and

Re: Value of backup MX

* Robert Brockway ([EMAIL PROTECTED]) [041110 20:20]: Oh you mean reject mail for unknown recipients rather than bounce the mail[1]. Ok, I can see why you are suggesting it but it is an RFC violation. Why should it be a RFC violation to reject mail for unknown recipients with 550? If a remote

Re: Value of backup MX

On Wed, Nov 10, 2004 at 02:10:18PM -0500, Robert Brockway wrote: On Wed, 10 Nov 2004, Craig Sanders wrote: backup MX is obsolete these days, very few people need it (most of This does seem to be a prevailing opinion but I think backup MXs are valuable now for the same reason they always

Re: Value of backup MX

On Wed, Nov 10, 2004 at 02:18:50PM -0500, Robert Brockway wrote: On Wed, 10 Nov 2004, Craig Sanders wrote: if you do have a backup MX, then you need to have the same anti-spam anti-virus rules as on your primary server AND (most important!) it needs to have a list of valid recipients, so

Re: Value of backup MX

On Wed, 10 Nov 2004, Andreas Barth wrote: * Robert Brockway ([EMAIL PROTECTED]) [041110 20:20]: Oh you mean reject mail for unknown recipients rather than bounce the mail[1]. Ok, I can see why you are suggesting it but it is an RFC violation. Why should it be a RFC violation to reject

What stripe size for mail server?

Hi! http://mail1.expro.pl/~porridge/dist.png shows the distribution of file sizes on our mail server (actually just the partition holding maildirs). The sample was 80 files. -512 means zero-byte files. 0 means the files whose sizes are greater than zero, but less than 512. 512: greater

..do I lose _anything_ going from apache-1.3.3x to apache-2.0.5x ?

Hi, ..seeing recent the exim vs postfix thread, and having both apache-1.3.3x and apache-2.0.5x available on a box, is obviously beyond overkill, it's pointless. ;-) So I'm choosing one. Figuring out which one? has asking myself a lot of questions. ..more importantly, do I lose _anything_

Re: What stripe size for mail server?

I would say that RAID 5 is probably overkill for a mail queue. Unless ur mail queue is running hundreds of gigabytes and overloading a single disk, a normal single hard drive is sufficient. Based on ur graph it looks like ur queue is under half a gig. If you want redundancy for the mail queue

Re: What stripe size for mail server?

On Wed, Nov 10, 2004 at 05:29:37PM -0500, Chris Wagner wrote: I would say that RAID 5 is probably overkill for a mail queue. It's not the mail queue. Its the mail store (maildirs). We have no problems with mail queue performance so far. Unless ur mail queue is running hundreds of gigabytes

Re: What stripe size for mail server?

On Wednesday 10 November 2004 23.29, Chris Wagner wrote: It's 'you' - three letters :-) If u still need RAID 5 then I would make the stripe size equal to average file size / number of data disks up to no more than 32KB stripe. To optimize random small reads, it's best if a read can be

Re: Limiting User Commands

Christopher Swingley wrote: snip This is what I've done when I wanted to reduce the set of commands a user could run. I'm sure a reasonably competant Unix user could easily circumvent these restrictions, but it's a good first start, and making such attempts would result in account suspension.

Re: Limiting User Commands

On Sun, Nov 07, 2004 at 11:54:40AM -0800, Stephen Le wrote: On Sun, 7 Nov 2004 14:41:42 -0500, Stephen Gran [EMAIL PROTECTED] wrote: apt-get remove --purge ftp telnet wget gcc rm /usr/bin/ssh /usr/bin/scp Unfortunately, I can't do that since I still want some users to be able to access

Value of backup MX

I'm looking at redoing my mail setup due primarily to spam filtering. Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html, they are suggesting not to use redundant mail servers unless needed for load balancing. The last time I set up a major mail server, which was indeed a few

Re: Value of backup MX

also sprach John Goerzen [EMAIL PROTECTED] [2004.11.09.1514 +0100]: It seems to make a lot of sense to me, but it seems too that I must be missing something. if the backup MX is configured exactly like the primary, then it makes sense. but it's all too easy to get out of sync. i usually have

Re: Value of backup MX

On 2004-11-09, Steve Drees [EMAIL PROTECTED] wrote: John Goerzen wrote: I'm looking at redoing my mail setup due primarily to spam filtering. Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html, they are suggesting not to use redundant mail servers unless needed for load

Re: Value of backup MX

i usually have my backup MX accept everything and then don't treat them specially on the primary. thus, policy is still enforced on the primary, but there is a proper backup path *under my control* should the primary be unreachable for whatever reason. With this approach you can't bounce

Re: Value of backup MX

also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1652 +0100]: With this approach you can't bounce RBLed messages at SMTP connect time though, right? (I realize that RBLs are semi-controversial, especially at the ISP level.) right. i use spamassassin for RBLs -- Please do not send

Re: Value of backup MX

John Goerzen wrote: On 2004-11-09, Steve Drees [EMAIL PROTECTED] wrote: John Goerzen wrote: I'm looking at redoing my mail setup due primarily to spam filtering. Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html, they are suggesting not to use redundant mail servers unless

RFC 1035 - FQDM maximum char length for a domainname

Hello, I read RFC 1035 and would like to know what the maximum char value for a domainname is. It concerns to a limit of 255 octals while one octal is equal 3 bit but there's not within google to find out how many letters are possible in theory concerning 255 octals and computer network's. --

RE: Value of backup MX

--On Tuesday, November 09, 2004 08:43 -0600 Steve Drees [EMAIL PROTECTED] wrote: I'd suggest having a backup MX but make sure you have all the filtering at your backup that you have at your primary. Unless you can check for valid users at the secondary, don't do it. Spammers will attempt to

Re: Value of backup MX

--On Tuesday, November 09, 2004 17:04 +0100 martin f krafft [EMAIL PROTECTED] wrote: also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1652 +0100]: With this approach you can't bounce RBLed messages at SMTP connect time though, right? (I realize that RBLs are semi-controversial,

Re: Value of backup MX

On Tue, Nov 09, 2004 at 05:04:09PM +0100, martin f krafft wrote: also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1652 +0100]: With this approach you can't bounce RBLed messages at SMTP connect time though, right? (I realize that RBLs are semi-controversial, especially at the ISP

Re: Value of backup MX

--On Tuesday, November 09, 2004 13:54 -0500 Dale E. Martin [EMAIL PROTECTED] wrote: This got me to thinking, it would be neat if one could _easily_ replicate RBLs on their own local DNS server. Then you could easily point primary and secondary at your local RBL and manage it just in your DNS

Re: Value of backup MX

also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]: This got me to thinking, it would be neat if one could _easily_ replicate RBLs on their own local DNS server. rbldns (djbdns) is (a) non-free, and (b) really nice and easy to use for this purpose. Then you could easily

Re: Value of backup MX

On Tue, 9 Nov 2004, Dale E. Martin wrote: i usually have my backup MX accept everything and then don't treat them specially on the primary. thus, policy is still enforced on the primary, but there is a proper backup path *under my control* should the primary be unreachable for whatever

Write permission on remote machine

Trying to back up one Linspire 4.5 machine to another, installed Konserve and configured for an smb connection to reach the backup directory. Konserve fails for lack of write permission on the remote machine. Checking: --remote machine has the directory set to share, with write permission for

Re: Write permission on remote machine

also sprach Bill Flanagan [EMAIL PROTECTED] [2004.11.09.2111 +0100]: Any pointers on things to look at? The Linspire support community The KDE mailing lists The Samba mailing lists A Linux reference *Maybe* debian-user -- but not here. Does putting a name and p/w into local client

RE: Value of backup MX

Quoting Steve Drees [EMAIL PROTECTED]: John Goerzen wrote: I'm looking at redoing my mail setup due primarily to spam filtering. Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html, they are suggesting not to use redundant mail servers unless needed for load balancing.

Re: Limiting User Commands

On Mon, 8 Nov 2004 09:28:10 -0900, Christopher Swingley [EMAIL PROTECTED] wrote: Make symbolic links between allowed commands and '/usr/local/rbin' As I said before, this is just a simple attempt to reduce priviledge. There are undoubtably ways around it, some easier than others depending on

Re: Value of backup MX

On Tue, Nov 09, 2004 at 04:10:07PM +0100, martin f krafft wrote: also sprach John Goerzen [EMAIL PROTECTED] [2004.11.09.1514 +0100]: It seems to make a lot of sense to me, but it seems too that I must be missing something. if the backup MX is configured exactly like the primary, then it

Re: Value of backup MX

On Tue, Nov 09, 2004 at 03:30:03PM +, John Goerzen wrote: On 2004-11-09, Steve Drees [EMAIL PROTECTED] wrote: John Goerzen wrote: I'm looking at redoing my mail setup due primarily to spam filtering. Over at http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/multimx.html, they are

Re: Value of backup MX

On Tue, Nov 09, 2004 at 08:04:24PM +0100, martin f krafft wrote: also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]: This got me to thinking, it would be neat if one could _easily_ replicate RBLs on their own local DNS server. rbldns (djbdns) is (a) non-free, nope.

Re: Limiting User Commands

Don't give them shell access, and don't let them ftp to the server. Make them email you all the changes so you can browse for bad code. Then you can upload the changes. You will get tired of that real quick. Other than this method there is always a what if factor selinux,chroot, virtual

Re: Value of backup MX

## Craig Sanders ([EMAIL PROTECTED]): On Tue, Nov 09, 2004 at 08:04:24PM +0100, martin f krafft wrote: also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]: rbldns (djbdns) is (a) non-free, nope. rbldnsd is NOT djbdns. Confusion :) There is rbldns, part of djbdns:

Re: exim or postfix

On Sun, Nov 07, 2004 at 01:40:30PM +, Brett Parker wrote: There have been some very simple things that I've needed to find solutions to with postfix in the past which I ended up having to do with procmail that I can now deal with in ~ 3 lines in the exim config. my guess is that you just

Re: Value of backup MX

On Tue, Nov 09, 2004 at 11:56:04PM +0100, Christoph Moench-Tegeder wrote: ## Craig Sanders ([EMAIL PROTECTED]): On Tue, Nov 09, 2004 at 08:04:24PM +0100, martin f krafft wrote: also sprach Dale E. Martin [EMAIL PROTECTED] [2004.11.09.1954 +0100]: rbldns (djbdns) is (a) non-free,

Sarge on a supermicro X5DPA-TGM ?

We recently bought a new machine. It's a Super Micro motherboard model X5DPA-TGM with Intel's ICH5-SATA Serial ATA IDE chipset. I'd like to know if anyone has experience with it in combination with Debian. I did find http://www.lathi.net/twiki-bin/view/Main/DebianSataLvm, which describes how

Re: Limiting User Commands

On Tue, 09 Nov 2004 17:43:19 -0500, Doug Griswold [EMAIL PROTECTED] wrote: can upload the changes. You will get tired of that real quick. Other than this method there is always a what if factor selinux,chroot, virtual server etc... The point is to minimize the what if factors by choosing

Re: Sarge on a supermicro X5DPA-TGM ?

On Wed, 2004-11-10 at 11:20, Rhesa Rozendaal wrote: We recently bought a new machine. It's a Super Micro motherboard model X5DPA-TGM with Intel's ICH5-SATA Serial ATA IDE chipset. I'd like to know if anyone has experience with it in combination with Debian. I did find

experience migrating CISCO ACS to freeradius

Hi Everyone enybody has any experienci migrating the users from a CISCO ACS (this works on win2k and save all data on cvs, but the passwords) to a Freeradius with MySQL. I allready have a the freeradius working with with MySQL. Besd Regards Rene Mayorga NOC El Salvador Telecom. -- To

Re: exim or postfix

also sprach Craig Sanders [EMAIL PROTECTED] [2004.11.10.0010 +0100]: There have been some very simple things that I've needed to find solutions to with postfix in the past which I ended up having to do with procmail that I can now deal with in ~ 3 lines in the exim config. my guess is

Re: postfix sasl auth problem

also sprach sin [EMAIL PROTECTED] [2004.11.08.0958 +0100]: telnet machine.domain.tld 25 use netcat. or swaks in this case. 250-AUTH LOGIN PLAIN yeah! clear-text passwords! smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client sbl-xbl.spamhaus.org,

Re: Limiting User Commands

On Mon, Nov 08, 2004 at 03:14:53AM +0200, [EMAIL PROTECTED] wrote: On Fri, Nov 05, 2004 at 07:53:33PM +0200, [EMAIL PROTECTED] wrote: In regards to the latter method, would it be possible for me to change the group ownership of the commands I don't want users to have access to and revoke

Re: apt-cacher transition from apache to apache2

On Mon, Nov 08, 2004 at 08:34:11AM +0200, Alexandros Papadopoulos wrote: [sent this to debian-user, got no suggestions - I hope this is not too OT on this list] On a sarge system, I was using apt-cacher with apache. No problems there. Once I replaced apache with apache2, apt-cacher works

Re: postfix sasl auth problem

martin f krafft wrote: also sprach sin [EMAIL PROTECTED] [2004.11.08.0958 +0100]: telnet machine.domain.tld 25 use netcat. or swaks in this case. 250-AUTH LOGIN PLAIN yeah! clear-text passwords! smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client

Re: Limiting User Commands

Greetings, * Osamu Aoki [EMAIL PROTECTED] [2004-Nov-05 14:13 AKST]: On Fri, Nov 05, 2004 at 09:31:21AM -0800, Stephen Le wrote: Is there an easy way to limit the commands a certain group of users can execute? I never done this but.. Use of chroot with bash started as rbash sems to be

Re: NFS-mounting crontabs

martin f krafft said on Sat, Nov 06, 2004 at 12:30:06PM +0100: also sprach Mark Ferlatte [EMAIL PROTECTED] [2004.11.06.0123 +0100]: Do you really want your user's crontabs to run on every host in your cluster? They are mounted from master:/srv/var/spool/crontabs/${HOSTNAME}, so they are

Re: exim or postfix

Rodney Richison said on Sat, Nov 06, 2004 at 09:19:40PM -0600: Are most of you using exim or postfix? Just curious. I've never tried exim. Don't know about most; I use Postfix. I don't think exim is a bad choice, though; I just liked Postfix better, and it performs well enough to meet my

Re: Limiting User Commands

On Fri, Nov 05, 2004 at 07:53:33PM +0200, [EMAIL PROTECTED] wrote: In regards to the latter method, would it be possible for me to change the group ownership of the commands I don't want users to have access to and revoke execute permission from that group? Yes, you can make something like

Re: exim or postfix

On Sat, Nov 06, 2004 at 09:19:40PM -0600, Rodney Richison wrote: Are most of you using exim or postfix? Just curious. I've never tried exim. exim4 and postfix, depending on the machine, and who origionally set it up. New machines are getting exim4 because it is far more flexible and powerful

Re: exim or postfix

also sprach Mark Ferlatte [EMAIL PROTECTED] [2004.11.07.1013 +0100]: Don't know about most; I use Postfix. I don't think exim is a bad choice, though; I just liked Postfix better, and it performs well enough to meet my needs. Well said. also sprach Brett Parker [EMAIL PROTECTED]

Re: NFS-mounting crontabs

also sprach Mark Ferlatte [EMAIL PROTECTED] [2004.11.07.1012 +0100]: Okay. I guess my next question is: why do you want your user crontabs NFS mounted from your clients? The cluster nodes are frequently reinstalled, so the crontabs need to be installed automatically. This actually closes a

Re: exim or postfix

On Sun, Nov 07, 2004 at 02:02:35PM +0100, martin f krafft wrote: also sprach Brett Parker [EMAIL PROTECTED] [2004.11.07.1226 +0100]: exim4 and postfix, depending on the machine, and who origionally set it up. New machines are getting exim4 because it is far more flexible and powerful that

Re: exim or postfix

also sprach Brett Parker [EMAIL PROTECTED] [2004.11.07.1440 +0100]: Then, I've always prefered exim, I like having control at my finger tips, and things to do what I expect :) Ha! Flamebait! Consider yourself whacked. I won't even respond to this. :) /me embraces /etc/postfix/main.cf Just

Re: Limiting User Commands

On Fri, Nov 05, 2004 at 03:35:11PM -0800, Stephen Le wrote: See the example above. Users would still be able to upload their own Perl scripts and get Apache to execute them without restriction - the Perl script could call commands that I want to ban the users from executing. Lots of people

Re: Limiting User Commands

also sprach Steve Kemp [EMAIL PROTECTED] [2004.11.07.1514 +0100]: If you're operating a shared system and want to keep seperate web users isolated from each other using rbash, chroots or similar should be sufficient. Neither rbash not chroots are security measures. They are hurdles at

Re: exim or postfix

On Sun, Nov 07, 2004 at 02:02:35PM +0100, martin f krafft wrote: [...] I can't wait until I have time to try/use/improve Md's policy framework. Do you have an URL with more info about that policy framework?. Thanks, -- teo - http://blog.eltridente.org Res publica non dominetur -- To

<    1   2   3   4   5   6   7   8   9   10   >