From bschonhorst Tue Jun 1 09:21:20 2004 From: bschonhorst (Brad Schonhorst) Date: Tue, 1 Jun 2004 09:21:20 -0400 Subject: [nycbug-talk] Anyone with a contact at MSN? In-Reply-To: <40B74274.27458.14EC1E98@localhost> References: <40B74274.27458.14EC1E98@localhost> Message-ID: <9274DFB0-B3CE-11D8-A481-000A9573D036@vcsnyc.org> On May 28, 2004, at 1:45 PM, Dan Langille wrote: > Do you know someone at MSN? > > My laptop was stolen. It logs into MSN Messenger automatically. > Yesterday I was logged out of MSN Messenger on my home desktop. I > suspect the thief powered on the laptop and that's why I was logged > out of MSN Messenger. Dan- I have a friend who works with MSN chat services. Its probably a long shot, but I'll see if he has any ideas. -Brad -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2373 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040601/917089eb/attachment.bin From bschonhorst Tue Jun 1 09:29:55 2004 From: bschonhorst (Brad Schonhorst) Date: Tue, 1 Jun 2004 09:29:55 -0400 Subject: [nycbug-talk] Anyone with a contact at MSN? In-Reply-To: <40B74274.27458.14EC1E98@localhost> References: <40B74274.27458.14EC1E98@localhost> Message-ID: On May 28, 2004, at 1:45 PM, Dan Langille wrote: > Do you know someone at MSN? > > My laptop was stolen. It logs into MSN Messenger automatically. > Yesterday I was logged out of MSN Messenger on my home desktop. I > suspect the thief powered on the laptop and that's why I was logged > out of MSN Messenger. > As I just emailed my buddy at MSN, I had another thought. If no better options come up, you could try to get the ip address he is using. I don't use MSN but with AIM I believe you can sniff the IP address if you send a file over the messenger. If you are just chatting, you only get the IP of AOL's chat relay, but sending a file is supposed to go direct. So, you'd need a second account, and a sniffer. Then you could send your old account a picture or something and grap the ip that way.... -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2373 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040601/644560ad/attachment.bin From mikel.king Tue Jun 1 09:42:22 2004 From: mikel.king (mikel king) Date: Tue, 01 Jun 2004 09:42:22 -0400 Subject: [nycbug-talk] FreeBSD 4:10 T-Shirt In-Reply-To: References: <9339CECE-B030-11D8-B05B-000393A620A4@daemonnews.org> <0025483F-B13D-11D8-B5BA-000A95BD8054@theholymountain.com> Message-ID: <40BC87BE.8010609@ocsny.com> G.Rosamond wrote: > > On May 29, 2004, at 2:54 AM, Jesse Callaway wrote: > > > >>> ideas? Non-NYC-centric, project agnostic. . . >>> >>> g >> >> >> I think a turtle would be appropriate. Each scale of the shell could >> represent a diffrent BSD. It doesn't have to be a 1to 1 >> correspondence. On second thought they might be percieved as being >> slow and hermit-like. >> > > yes, and remember we're talking about fbsd 5.3. ..which may no longer > be considered "new technology." > >> Strictly incorporating the demon + pitchfork with a sea theme yields >> Neptune. But that doesn't mean anything. >> > > but it's there. . . > >> Hammer and anvil? Tools of a blacksmith.. a toolmaker. Or we could go >> more high-tech to like a machinist. I just thought of the calipers >> and maybe it's getting too Masonic here. But I think the blacksmith >> line of thought could go pretty far. >> > > Deep. . . > > I can see the blacksmith thing working. . .but again, i think that the > theme of fbsd 5.3 being the first stable needs to stand out. . . > > maybe the theme of atlas holding the globe? no more tornadoes or > rain, no more earthquakes or volcanoes. . . > > g > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk How about a daemon mason, laying bricks into a wall, each brick representing the various technologies and BSDs that 5.3 is built upon, and that it symbolizes a solid foundation for future growth...et cettera blah blah blah....Just my $.05 cheers, m! From mikel.king Tue Jun 1 10:11:58 2004 From: mikel.king (mikel king) Date: Tue, 01 Jun 2004 10:11:58 -0400 Subject: [nycbug-talk] Help In-Reply-To: <53C2D822-B37D-11D8-96E8-000D9368D406@lesmuug.org> References: <53C2D822-B37D-11D8-96E8-000D9368D406@lesmuug.org> Message-ID: <40BC8EAE.2070201@ocsny.com> Isaac Levy wrote: > Hi Harold, > > sorry to send again- forgot to cc to the list. > > On May 29, 2004, at 5:35 PM, Harold Bush wrote: > >> Folks >> >> I need some help making a decision. I'm moving my hosting clients >> from a rented server in Atlanta to a location near my office where a >> friend and I are sharing a T1 (Wodstock NY). I have a few questions. >> I will be providing web host/mail service for about 30 clients and am >> wondering whether to use FreeBSD 4.10 or 5.2.1. The goal is to >> provide a stable hosting situation that will not require a lot of >> work once installed. > > > For a web server you wish not to become painful or surprising: > > I'd DEFINATELY suggest going 4.10, (or 4.9 even, but 4.10 is indeed > the current production release at the time of this writing). > > With FreeBSD, it is best practice (and simply sane) to heed these > words: DO NOT attempt to use anything but a Production release for > Production systems, unless you specifically know what your doing and > have the time/energy/economics to deal with the blood which can spill > on the cutting edge. > > Also, the FreeBSD cvsup system enables you to elegantly compile a full > system upgrade in a given system, so a future of the 5.3 FreeBSD, (the > first *gulp* production 5.x release) will be a snap when the time comes. > Worth noting however that a cvsup from 4.x to 5.x may not attain the complete benefits of a straight 5.x install, because of the ifferences between UFS and UFS2. Unless you need finegrained ACL support and have the latest hyperthreaded cpus then stick with the 4.x release, and wait to upgrade to 5.x when you replace the box. >> I intend to use Apache and Postfix and some web mail front end not >> yet determined (suggestions?). > > > Apache, rocks. Stick to the 1.3.x branch instead of the 2.x branch, > for the same general reasons I suggested above re. FreeBSD 5.x, though > the details are much more involved. > > Re. MTA's, Postfix is popular and lots of documentation out there, > Exim is also popular- both great MTA's (but that's not my specialty, > so worth asking around). > >> >> On page 70 of Greg Lehey's book "The Complete FreeBSD" he states: >> ... I now recommend: >> Make a single root file system >> Do not have a seaparate /usr file system >> Do not have a separate /var file system unless you have a good idea >> how big it should be. A good example may be a web server, where >> (contrary to FreeBSD's recommendations) it is a good idea to put the >> web pages on the var file system > > > Well, if this is your first Unix box in some time, and your going to > be feeling it all out, I'd highly suggest making a single root > filesystem (for example, what if you end up storing your website > somewhere in /usr/local?) > >> >> This is a little confusing to me (I haven't done any Unix work since >> 95). Can someone recommend a file structure that will support web >> hosting and mail serving that is a known good configuration (in >> general)? > > > I'll leave the rest of this to the list for lack of time here- and > since I just suggested not to setup a complex partition scheme until > you have figured out your individual usage patterns for your system. > >> >> Harold Bush >> Technologist >> digitalBRANDS ? > > > Happy hacking! > > Rocket, > .ike > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/tal > k Harold, listen most of us on this list would agree go with the stable versions of everything, for your production box, and play with the nettech in your lab, especially since you haven't done this in a while. The last thing you need when you are getting back into the fold is to get that call inthe early am that you money maker has kicked the bucket...;-) So when you say client do you mean sepeate domains or mail accounts or what? Taaaaahere are several comercial control panels out there that work rath nicely for what you are planning, but they can be pricey... cheers, m! From mlists Tue Jun 1 10:22:51 2004 From: mlists (mlists at bizintegrators.com) Date: Tue, 1 Jun 2004 10:22:51 -0400 Subject: [nycbug-talk] Help In-Reply-To: References: Message-ID: <20040601142251.GF7939@bizintegrators.com> On Sat, May 29, 2004 at 05:35:04PM -0400, Harold Bush wrote: > Folks > > I need some help making a decision. I'm moving my hosting clients from a > rented server in Atlanta to a location near my office where a friend and I > are sharing a T1 (Wodstock NY). I have a few questions. I will be providing > web host/mail service for about 30 clients and am wondering whether to use > FreeBSD 4.10 or 5.2.1. The goal is to provide a stable hosting situation 4.10. > that will not require a lot of work once installed. I intend to use Apache > and Postfix and some web mail front end not yet determined (suggestions?). Since this is a matter of religion.. :) > > On page 70 of Greg Lehey's book "The Complete FreeBSD" he states: > ... I now recommend: > Make a single root file system > Do not have a seaparate /usr file system > Do not have a separate /var file system unless you have a good idea how big > it should be. A good example may be a web server, where (contrary to > FreeBSD's recommendations) it is a good idea to put the web pages on the > var file system > > This is a little confusing to me (I haven't done any Unix work since 95). > Can someone recommend a file structure that will support web hosting and > mail serving that is a known good configuration (in general)? That is a strange recommendation. It might be ok for a personal workstation (haven't read the book so might be missing a context). I suggest at least: / /usr /var /tmp /home Then, you can also make another one for web users. -bruno -- http://www.bizintegrators.com From lists Tue Jun 1 11:13:33 2004 From: lists (michael) Date: Tue, 1 Jun 2004 11:13:33 -0400 Subject: [nycbug-talk] Help In-Reply-To: References: Message-ID: <20040601111333.0697d080@delinux.abwatley.com> On Sat, 29 May 2004 17:35:04 -0400 "Harold Bush" wrote: > The goal is to provide a stable hosting situation > that will not require a lot of work once installed. I intend to use > Apache and Postfix and some web mail front end not yet determined > (suggestions?). > Since I agree with your choices For web mail, I have been using SquirrelMail with success: http://squirrelmail.org/ What is SquirrelMail? SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation. It requires Apache, PHP, and others like Perl, MySQL, Aspell optional but helpful. It may seem like a lot but I already planned on compiling these. I chose Postfix as the MTA. I also chose maildir (over mbox) and Courier for IMAP: http://www.courier-mta.org/ I don't know whether GNU GPL is a problem- Michael -- --- From hans Tue Jun 1 12:53:44 2004 From: hans (Hans Zaunere) Date: Tue, 1 Jun 2004 09:53:44 -0700 Subject: [nycbug-talk] FreeBSD 5 Message-ID: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> Hey all, Anyone have any firsthand experience with 5 in a production environment? I know it's not christened production yet, but figured some might have it out there anyway. Of particular interest is the new threading lib. Anyone pound MySQL against FreeBSD 5? Thanks, H From scottro Tue Jun 1 13:03:16 2004 From: scottro (Scott Robbins) Date: Tue, 1 Jun 2004 13:03:16 -0400 Subject: [nycbug-talk] FreeBSD 5 In-Reply-To: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> Message-ID: <20040601170316.GA2195@nyserve1.starlofashions.com> On Tue, Jun 01, 2004 at 09:53:44AM -0700, Hans Zaunere wrote: > > Hey all, > > Anyone have any firsthand experience with 5 in a production environment? > I know it's not christened production yet, but figured some might have > it out there anyway. Of particular interest is the new threading lib. > Anyone pound MySQL against FreeBSD 5? I'm using it in a very unstressed, non-critical way, sort of a backup samba and print server. No problems. However, I WOULD NOT consider this a true test. :) -- Scott GPG KeyID EB3467D6 ( 1B848 077D 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Spike:'Made with care for Randy.' (looks at Giles angrily) Randy Giles? Why not just call me 'Horny Giles,' or 'Desperate for a Shag Giles'? I knew there was a reason I hated you! Giles: Randy's ... a family name, undoubtedly. From pete Tue Jun 1 13:08:26 2004 From: pete (Pete Wright) Date: Tue, 01 Jun 2004 13:08:26 -0400 Subject: [nycbug-talk] FreeBSD 5 In-Reply-To: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> Message-ID: <40BCB80A.3050108@nomadlogic.org> Hans Zaunere wrote: >Hey all, > >Anyone have any firsthand experience with 5 in a production environment? >I know it's not christened production yet, but figured some might have >it out there anyway. Of particular interest is the new threading lib. >Anyone pound MySQL against FreeBSD 5? > > I've run it in some production roles, as well as on my laptop to do daily sys admin type things. it did not like my laptop at all, problems with the em driver (Thinkpad X31). Running it on an SMP machine was pretty stable, altho GIANT has not been completely removed from the FreeBSD 5.x tree yet, so there are still some issues to be worked out performance wise. Also, I remember this from the Bacula list, there are some issues with 5.x and MySQL i believe (altho that may be on 4.x). I'm sure Dan or someone will correct me on this one... So yea, there are alot of fun new features to play with, altho I would not deem it ready for production or SMP system use yet. Maybe around 5.3 things will speed up. -p >Thanks, > >H >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From hans Tue Jun 1 13:17:10 2004 From: hans (Hans Zaunere) Date: Tue, 1 Jun 2004 10:17:10 -0700 Subject: [nycbug-talk] FreeBSD 5 Message-ID: <41EE526EC2D3C74286415780D3BA9F870241DFEE@ehost011-1.exch011.intermedia.net> > at all, problems with the em driver (Thinkpad X31). Running > it on an SMP machine was pretty stable, altho GIANT has not > been completely removed from the FreeBSD 5.x tree yet, so > there are still some issues to be worked out performance > wise. Also, I remember this from the Bacula list, there are I wanted to get some more details on Giant, so found this link: http://ezine.daemonnews.org/200008/dadvocate.html Thanks for the feedback guys... H From mikel.king Tue Jun 1 13:28:56 2004 From: mikel.king (mikel king) Date: Tue, 01 Jun 2004 13:28:56 -0400 Subject: [nycbug-talk] FreeBSD 5 In-Reply-To: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> Message-ID: <40BCBCD8.2050007@ocsny.com> Hans Zaunere wrote: >Hey all, > >Anyone have any firsthand experience with 5 in a production environment? >I know it's not christened production yet, but figured some might have >it out there anyway. Of particular interest is the new threading lib. >Anyone pound MySQL against FreeBSD 5? > >Thanks, > >H >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > Been running it on my oneof my main mail, dns, web, & ftp server for approx 200+ domains. only complaind a little when I put up spamassassin and clamav but Ithink thats more box related, jut too under powered for the amount of spam we were getting... In any event it works. cheers, m! From scottro Tue Jun 1 14:20:58 2004 From: scottro (Scott Robbins) Date: Tue, 1 Jun 2004 14:20:58 -0400 Subject: [nycbug-talk] Xorg Message-ID: <20040601182058.GB2679@nyserve1.starlofashions.com> I was going to hijack the thread on 5.x but figured I'd better not. :-( I'm just curious is anyone using xorg? There's a discussion about it on the forums, the upgrade isn't totally seamless but is fairly straightforward if one follows the recommended procedure. So far, I've just done it on a couple of test boxes and haven't run into problems, but wondering what other folks' experiences were? As I don't make too much use of X I haven't tested it too deeply. -- Scott GPG KeyID EB3467D6 ( 1B848 077D 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: So, Buffy, how'd the slaying go last night? Buffy: Xander! Xander: I mean, how'd the laying go? No, I don't mean that either. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040601/a085ed6d/attachment.bin From george Tue Jun 1 15:00:45 2004 From: george (George Georgalis) Date: Tue, 1 Jun 2004 15:00:45 -0400 Subject: [nycbug-talk] some OS X questions... DNS Message-ID: <20040601190045.GA15936@trot.local> I have a Mac visiting me here on a dhcp lan. It doesn't seem to properly resolve hosts on my .local domain. ".local.stage" is also here and that works fine. No clue from /etc/hosts, is is the "local" domain "prohibited"? Per logs, that domain doesn't reach my dnscache, Few more questions, but guess better to put on separate messages... // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From pete Tue Jun 1 15:08:39 2004 From: pete (Pete Wright) Date: Tue, 01 Jun 2004 15:08:39 -0400 Subject: [nycbug-talk] some OS X questions... DNS In-Reply-To: <20040601190045.GA15936@trot.local> References: <20040601190045.GA15936@trot.local> Message-ID: <40BCD437.7040108@nomadlogic.org> George Georgalis wrote: >I have a Mac visiting me here on a dhcp lan. It doesn't >seem to properly resolve hosts on my .local domain. >".local.stage" is also here and that works fine. No clue >from /etc/hosts, is is the "local" domain "prohibited"? >Per logs, that domain doesn't reach my dnscache, > >Few more questions, but guess better to put on separate messages... > >// George > > > have you checked out Netinfo in Apps/Utilites/NetinfoManager (it's something like that). this is the kludge i use to manage my hosts file on OSX. Under the machines entry i add each of the boxen that i would normally have in my /etc/hosts file. maybe the bigger mac heads have a better workaround. you might want to also check /etc/resolv.conf and make sure "file" is set before netinfo...altho i *think* this get's reset after reboot. -pete -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From bob Tue Jun 1 15:08:32 2004 From: bob (Bob Ippolito) Date: Tue, 1 Jun 2004 15:08:32 -0400 Subject: [nycbug-talk] some OS X questions... DNS In-Reply-To: <20040601190045.GA15936@trot.local> References: <20040601190045.GA15936@trot.local> Message-ID: <12FC960C-B3FF-11D8-9B3A-000A95686CD8@redivi.com> On Jun 1, 2004, at 3:00 PM, George Georgalis wrote: > > I have a Mac visiting me here on a dhcp lan. It doesn't > seem to properly resolve hosts on my .local domain. > ".local.stage" is also here and that works fine. No clue > from /etc/hosts, is is the "local" domain "prohibited"? > Per logs, that domain doesn't reach my dnscache, > > Few more questions, but guess better to put on separate messages... The .local TLD is reserved for link-local mDNS (zeroconf).. I hate to say it, but you should probably choose another TLD for that LAN. I personally use .lan for my regular link-local DNS. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040601/668ffb96/attachment.bin From chrisc Tue Jun 1 19:09:23 2004 From: chrisc (Chris Coleman) Date: Tue, 1 Jun 2004 18:09:23 -0500 Subject: [nycbug-talk] FreeBSD 5 In-Reply-To: <40BCBCD8.2050007@ocsny.com> References: <41EE526EC2D3C74286415780D3BA9F870241DFA4@ehost011-1.exch011.intermedia.net> <40BCBCD8.2050007@ocsny.com> Message-ID: I'm running 5.2.1 release on my dual proc amd 1500+ and it regularly locks up under X or when I scp 4G files from it. I think the locking up under X is video card related, because it does it on 4.x as well. However the scp problem is new. -Chris On Jun 1, 2004, at 12:28 PM, mikel king wrote: > Hans Zaunere wrote: > >> Hey all, >> >> Anyone have any firsthand experience with 5 in a production >> environment? >> I know it's not christened production yet, but figured some might have >> it out there anyway. Of particular interest is the new threading lib. >> Anyone pound MySQL against FreeBSD 5? >> >> Thanks, >> >> H >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk >> > Been running it on my oneof my main mail, dns, web, & ftp server for > approx 200+ domains. only complaind a little when I put up > spamassassin and clamav but Ithink thats more box related, jut too > under powered for the amount of spam we were getting... > > In any event it works. > > > cheers, > m! > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Chris Coleman Editor in Chief Daemon News http://www.daemonnews.org BSD Mall http://www.bsdmall.com Print Magazine http://magazine.daemonnews.org From chrisc Tue Jun 1 19:11:10 2004 From: chrisc (Chris Coleman) Date: Tue, 1 Jun 2004 18:11:10 -0500 Subject: [nycbug-talk] some OS X questions... DNS In-Reply-To: <20040601190045.GA15936@trot.local> References: <20040601190045.GA15936@trot.local> Message-ID: From what I have heard, Mac OS X uses the .local domain internally for its rendezvous protocol, so when you use .local in a real DNS it gets confused. -Chris On Jun 1, 2004, at 2:00 PM, George Georgalis wrote: > > I have a Mac visiting me here on a dhcp lan. It doesn't > seem to properly resolve hosts on my .local domain. > ".local.stage" is also here and that works fine. No clue > from /etc/hosts, is is the "local" domain "prohibited"? > Per logs, that domain doesn't reach my dnscache, > > Few more questions, but guess better to put on separate messages... > > // George > > -- > George Georgalis, Architect and administrator, Linux services. IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Chris Coleman Editor in Chief Daemon News http://www.daemonnews.org BSD Mall http://www.bsdmall.com Print Magazine http://magazine.daemonnews.org From jromero Tue Jun 1 19:14:53 2004 From: jromero (Jeronimo Romero) Date: Tue, 01 Jun 2004 19:14:53 -0400 Subject: [nycbug-talk] mounting ufs2 on freebsd 4.x Message-ID: <1086131693.54693.1.camel@mail.save-ferris.com> running freebsd 4.10 release on a new server. would like to mount disk formatted with ufs2 with previously belonged to system running 5.2.1. Is there a way to mount it ??? From pete Tue Jun 1 20:32:28 2004 From: pete (Pete Wright) Date: Tue, 01 Jun 2004 19:32:28 -0500 Subject: [nycbug-talk] mounting ufs2 on freebsd 4.x In-Reply-To: <1086131693.54693.1.camel@mail.save-ferris.com> References: <1086131693.54693.1.camel@mail.save-ferris.com> Message-ID: <40BD201C.7000100@nomadlogic.org> Jeronimo Romero wrote: >running freebsd 4.10 release on a new server. >would like to mount disk formatted with ufs2 with previously belonged to >system running 5.2.1. Is there a way to mount it ??? > > here is a nice thread i found on www.google.com/bsd http://lists.freebsd.org/pipermail/freebsd-questions/2004-January/032960.html in short...sorry, looks like you are outta luck. -pete -- ~~~oO00Oo~~~ Pete Wright pete at nomadlogic.org www.nomadlogic.org/~pete From george Tue Jun 1 19:36:09 2004 From: george (George Georgalis) Date: Tue, 1 Jun 2004 19:36:09 -0400 Subject: [nycbug-talk] some OS X questions... XDarwin In-Reply-To: References: <20040601190045.GA15936@trot.local> Message-ID: <20040601233609.GB18853@trot.local> For such a cool "retail" system, I've seen a heck of a lot of quirks. I know OS X is cool cause for most people, all that unix stuff *works* with gui, maybe it's just *me* that needs command line, I'm the last one to prefer gui, but my issues have sensible once I figured what they are. Thanks for the responses. I was thinking I'd take a look if there was an nsswitch file, but I was answering questions like "what are you doing to my mac" when the answer was "this is a command line" and got distracted. So, I did manage to get open office running, after I discovered I had to make a system lib keyboard directory and put a USA.keyboard file, I downloaded, in there, whew. But, I wasn't about to start explaining twm to a novice. So, is sawfish available? what XDarwin window managers do people recommend? From where? ...I don't really have an opportunity to experiment. It looks like there is something to interface the Mac X API but I couldn't get that to work, was I just missing something? // George On Tue, Jun 01, 2004 at 06:11:10PM -0500, Chris Coleman wrote: >From what I have heard, Mac OS X uses the .local domain internally for >its rendezvous protocol, so when you use .local in a real DNS it gets >confused. > >-Chris > >On Jun 1, 2004, at 2:00 PM, George Georgalis wrote: > >> >>I have a Mac visiting me here on a dhcp lan. It doesn't >>seem to properly resolve hosts on my .local domain. >>".local.stage" is also here and that works fine. No clue >>from /etc/hosts, is is the "local" domain "prohibited"? >>Per logs, that domain doesn't reach my dnscache, >> >>Few more questions, but guess better to put on separate messages... >> >>// George >> >>-- >>George Georgalis, Architect and administrator, Linux services. IXOYE >>http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org >>Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 >> >>_______________________________________________ >>talk mailing list >>talk at lists.nycbug.org >>http://lists.nycbug.org/mailman/listinfo/talk >> >Chris Coleman Editor in Chief >Daemon News http://www.daemonnews.org >BSD Mall http://www.bsdmall.com >Print Magazine http://magazine.daemonnews.org > -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From pete Tue Jun 1 20:45:30 2004 From: pete (Pete Wright) Date: Tue, 01 Jun 2004 19:45:30 -0500 Subject: [nycbug-talk] some OS X questions... XDarwin In-Reply-To: <20040601233609.GB18853@trot.local> References: <20040601190045.GA15936@trot.local> <20040601233609.GB18853@trot.local> Message-ID: <40BD232A.5040908@nomadlogic.org> George Georgalis wrote: >So, I did manage to get open office running, after I discovered I had >to make a system lib keyboard directory and put a USA.keyboard file, I >downloaded, in there, whew. But, I wasn't about to start explaining twm >to a novice. So, is sawfish available? what XDarwin window managers do >people recommend? From where? ...I don't really have an opportunity to >experiment. It looks like there is something to interface the Mac X API >but I couldn't get that to work, was I just missing something? > > > when i've ran openoffice from OSX/XFree86 i usually just opened an xterm then ran the app, it should be a bit quicker than running a windowmanager ontop of Quartz or whatever it's called. this was with 10.2.x releases tho, i'm not sure how it's setup now with 10.3.x but yes, gnome/sawfish/kde/windowmaker/etc. are pretty much all avail. i use fink (fink.sf.net) altho i know other people that like darwinports (http://darwinports.opendarwin.org/). -p -- ~~~oO00Oo~~~ Pete Wright pete at nomadlogic.org www.nomadlogic.org/~pete From george Tue Jun 1 20:21:51 2004 From: george (George Georgalis) Date: Tue, 1 Jun 2004 20:21:51 -0400 Subject: [nycbug-talk] ftp client.... In-Reply-To: <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> Message-ID: <20040602002151.GC18853@trot.local> On Tue, May 25, 2004 at 06:00:47AM -0400, Isaac Levy wrote: > > >but for plain ol' FTP, (eeeek!): > >Dedicated Client Software: >The Mac Finder: >all drag-n-drop n' such... >From the finder, Controll-K, and then enter the ftp server url... >(noteworthy, this works great across an SSH tunnel for when you >actually encounter some FTP resource in the wild...) >You can also flip the passive/active switch in the system preferences, >Network Pane, in the 'Proxies' tab for a given interface. > I got a chance to try this out, first hand, today. Humm, it didn't work though. I found the passive/active switch too (by the way, that means an unpredictable port vs port 20 for ftp-data, right? Maybe I'm spoiled with iptables connection tracking...). I even tried explicitly stating the protocol and ip, no go. I was able to use command line 'ftp' with tar to circumvent free webmail storage limitations ;-) ...all the more reason the above ctrl-k procedure not working is a big mystery. Oh, maybe I need ~ftp/lib/ and ~ftp/bin/ files? My anon ftp doesn't have any... On the near horizon is another unrelated problem I need to work out, give _virtual_ users ftp/scp/rsync-ssh access to _their_ and only _their_ public html docs directories. I saved this shell from a while back: http://www.panix.com/~atlunde/software/restricted-shell/rsync-restricted-shell I've not completely got my head around that one, it may do, but I would prefer not using system accounts, even if they are restricted, and I don't want one user to be able to cd to another's 'public' html, and read htaccess protected files for example. I'm thinking djb's checkpassword to chroot to the users's dir for a ftp/scp/rsync-ssh restricted shell (yes I need to enable ftp auth, securely) could do it, with everything in a cdb. But I'd like to get something acceptable (ftp) in place soon. :-} Any ideas? // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From george Tue Jun 1 20:53:01 2004 From: george (George Georgalis) Date: Tue, 1 Jun 2004 20:53:01 -0400 Subject: [nycbug-talk] some OS X questions... XDarwin In-Reply-To: <40BD232A.5040908@nomadlogic.org> References: <20040601190045.GA15936@trot.local> <20040601233609.GB18853@trot.local> <40BD232A.5040908@nomadlogic.org> Message-ID: <20040602005301.GD18853@trot.local> On Tue, Jun 01, 2004 at 07:45:30PM -0500, Pete Wright wrote: >George Georgalis wrote: > >>So, I did manage to get open office running, after I discovered I had >>to make a system lib keyboard directory and put a USA.keyboard file, I >>downloaded, in there, whew. But, I wasn't about to start explaining twm >>to a novice. So, is sawfish available? what XDarwin window managers do >>people recommend? From where? ...I don't really have an opportunity to >>experiment. It looks like there is something to interface the Mac X API >>but I couldn't get that to work, was I just missing something? >> >> >> >when i've ran openoffice from OSX/XFree86 i usually just opened an xterm >then ran the app, it should be a bit quicker than running a >windowmanager ontop of Quartz or whatever it's called. this was with >10.2.x releases tho, i'm not sure how it's setup now with 10.3.x Good point, no need to run a window manager... oh, but can you multitask with other native X apps? Or is your window up till you close it? I don't see these details on the website, but basically the OOo package included several packages (like gv) in addition to the OOo binary and XDarwin. There is an option to choose the X API OOo will use, native, something with a snake and an X in the icon, or XDarwin. For me only the XDarwin X server would work, (I didn't try it in the root window, only within native display). It works very much like a MacClassic app would run. This is what it says about ooo103darwingm.dmg This build is the DarwinPPC build that requires X11 to run. It is ideally targeted for developers and advanced Mac OS X and Darwin users who are comfortable using X11. As such, it does not yet have a standard Mac OS look and feel. Users who require a fully native Mac OS X solution should wait for the Quartz or Aqua tracks' releases before using the software when X11 will no longer be required. Oh, it does something funny when running too. It always appears as a new _disk_ on the desktop from which it runs, in addition to an icon on the doc and file in /Applications...?? The binary needs to mount itself locally run from that point. Weird. Even if I stop the app, copy the content of the mnt point to disk, remove original file and run my new copy, it mounts itself as a device to run from, again. Maybe I should let it be. :) > but yes, gnome/sawfish/kde/windowmaker/etc. are pretty much all >avail. i use fink (fink.sf.net) altho i know other people that like >darwinports (http://darwinports.opendarwin.org/). darwinports, very nice. look forward to trying that! // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From mikel.king Tue Jun 1 21:29:50 2004 From: mikel.king (Mikel King) Date: Tue, 01 Jun 2004 21:29:50 -0400 Subject: [nycbug-talk] Xorg In-Reply-To: <20040601182058.GB2679@nyserve1.starlofashions.com> References: <20040601182058.GB2679@nyserve1.starlofashions.com> Message-ID: <40BD2D8E.80009@ocsny.com> Scott Robbins wrote: >I was going to hijack the thread on 5.x but figured I'd better not. :-( > >I'm just curious is anyone using xorg? There's a discussion about it on >the forums, the upgrade isn't totally seamless but is fairly >straightforward if one follows the recommended procedure. So far, I've >just done it on a couple of test boxes and haven't run into problems, >but wondering what other folks' experiences were? As I don't make too >much use of X I haven't tested it too deeply. > > > >------------------------------------------------------------------------ > >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > Hi Scott, I am running x on my laptop with 5.1 and aside from some anomolies with portupgrade not exactly uh well upgrading things have been ok. -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org http://www.MySql.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. +------------------------------------------+ From bob Tue Jun 1 21:54:19 2004 From: bob (Bob Ippolito) Date: Tue, 1 Jun 2004 21:54:19 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh (was: ftp client....) In-Reply-To: <20040602002151.GC18853@trot.local> References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> Message-ID: On Jun 1, 2004, at 8:21 PM, George Georgalis wrote: > On the near horizon is another unrelated problem I need to work out, > give _virtual_ users ftp/scp/rsync-ssh access to _their_ and only > _their_ public html docs directories. I saved this shell from a while > back: > > http://www.panix.com/~atlunde/software/restricted-shell/rsync- > restricted-shell > > I've not completely got my head around that one, it may do, but I would > prefer not using system accounts, even if they are restricted, and I > don't want one user to be able to cd to another's 'public' html, and > read htaccess protected files for example. That 'shell' requires system accounts, and it's not chrooted. Seems like a pretty ghetto way to do it in any case... > I'm thinking djb's checkpassword to chroot to the users's dir for a > ftp/scp/rsync-ssh restricted shell (yes I need to enable ftp auth, > securely) could do it, with everything in a cdb. But I'd like to get > something acceptable (ftp) in place soon. :-} Any ideas? The solution I would use is to use servers designed to handle the virtual user scenario. I remember ProFTPd (?) being capable of doing this quite a few years ago. As for scp and rsync-ssh I don't know of any out of the box solutions, however if you're good with Python you may want to take a look at conch (a component of Twisted, http://twistedmatrix.com/), which is a Python implementation of the SSH protocol. I've personally seen it used to implement restricted virtual scp, but I don't think any such package has been released. Twisted does of course also have a FTP component that can be used more or less out of the box. I'm not really very familiar with the implementation of rsync, but I can't imagine it would be too hard to implement either. If you have a budget to support this configuration, I can find you a developer that'll be able to whip this up rather quickly. On the other hand, I've personally standardized on WebDAV with Apache2: - You probably already know how to configure it - You can authenticate and authorize however the hell you want - Encryption is easy, just use SSL - Anyone with a web browser can fetch files from it - Anyone with a non-ancient operating system can mount it as a filesystem without any additional software - Anyone with an ancient operating system can still get software that'll do it - Many software products integrate with it specifically Sure, it's not the most efficient transport, but it's (BY FAR) the most practical for my purposes. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040601/a71928d6/attachment.bin From pete Tue Jun 1 22:41:48 2004 From: pete (pete wright) Date: Tue, 1 Jun 2004 22:41:48 -0400 Subject: [nycbug-talk] ftp client.... In-Reply-To: <20040602002151.GC18853@trot.local> References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> Message-ID: <653A9716-B43E-11D8-9F34-000393BC62B8@nomadlogic.org> On Jun 1, 2004, at 8:21 PM, George Georgalis wrote: > On Tue, May 25, 2004 at 06:00:47AM -0400, Isaac Levy wrote: >> >> >> but for plain ol' FTP, (eeeek!): >> >> Dedicated Client Software: >> The Mac Finder: >> all drag-n-drop n' such... >> From the finder, Controll-K, and then enter the ftp server url... >> (noteworthy, this works great across an SSH tunnel for when you >> actually encounter some FTP resource in the wild...) >> You can also flip the passive/active switch in the system preferences, >> Network Pane, in the 'Proxies' tab for a given interface. >> > > > I got a chance to try this out, first hand, today. Humm, it didn't work > though. I found the passive/active switch too (by the way, that means > an unpredictable port vs port 20 for ftp-data, right? Maybe I'm spoiled > with iptables connection tracking...). I even tried explicitly stating > the protocol and ip, no go. > > I was able to use command line 'ftp' with tar to circumvent free > webmail storage limitations ;-) ...all the more reason the above ctrl-k > procedure not working is a big mystery. Oh, maybe I need ~ftp/lib/ and > ~ftp/bin/ files? My anon ftp doesn't have any... > > > On the near horizon is another unrelated problem I need to work out, > give _virtual_ users ftp/scp/rsync-ssh access to _their_ and only > _their_ public html docs directories. I saved this shell from a while > back: > i've just implemented proftpd authenticating via MySQL. the accounts are managed via a web gui. works pretty well, and each ftp user is chroot'd. i am not sure about ssh utils, altho i'm sure you can have fun with PAM etc... -p > http://www.panix.com/~atlunde/software/restricted-shell/rsync- > restricted-shell > > I've not completely got my head around that one, it may do, but I would > prefer not using system accounts, even if they are restricted, and I > don't want one user to be able to cd to another's 'public' html, and > read htaccess protected files for example. > > I'm thinking djb's checkpassword to chroot to the users's dir for a > ftp/scp/rsync-ssh restricted shell (yes I need to enable ftp auth, > securely) could do it, with everything in a cdb. But I'd like to get > something acceptable (ftp) in place soon. :-} Any ideas? > > // George > > > > -- > George Georgalis, Architect and administrator, Linux services. IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From jesse Tue Jun 1 22:51:42 2004 From: jesse (Jesse Callaway) Date: Tue, 1 Jun 2004 22:51:42 -0400 Subject: [nycbug-talk] mounting ufs2 on freebsd 4.x In-Reply-To: <1086131693.54693.1.camel@mail.save-ferris.com> References: <1086131693.54693.1.camel@mail.save-ferris.com> Message-ID: On Jun 1, 2004, at 7:14 PM, Jeronimo Romero wrote: > > running freebsd 4.10 release on a new server. > would like to mount disk formatted with ufs2 with previously belonged > to > system running 5.2.1. Is there a way to mount it ??? > Use the network. From joshmccormack Tue Jun 1 22:57:00 2004 From: joshmccormack (Josh McCormack) Date: Tue, 01 Jun 2004 22:57:00 -0400 Subject: [nycbug-talk] Anyone with a contact at MSN? In-Reply-To: References: <40B74274.27458.14EC1E98@localhost> Message-ID: <40BD41FC.2030402@travelersdiary.com> > On May 28, 2004, at 1:45 PM, Dan Langille wrote: > >> Do you know someone at MSN? >> >> My laptop was stolen. It logs into MSN Messenger automatically. >> Yesterday I was logged out of MSN Messenger on my home desktop. I >> suspect the thief powered on the laptop and that's why I was logged >> out of MSN Messenger. Here's an idea: try to chat with 'yourself' as someone who the thief would want to meet. Appeal to prurient or greedy desires, present an offer they can't refuse, and lay a trap. Josh From hans Tue Jun 1 23:51:35 2004 From: hans (Hans Zaunere) Date: Tue, 1 Jun 2004 20:51:35 -0700 Subject: [nycbug-talk] FreeBSD 5 Message-ID: <41EE526EC2D3C74286415780D3BA9F8702511D0D@ehost011-1.exch011.intermedia.net> > I'm running 5.2.1 release on my dual proc amd 1500+ and it > regularly locks up under X or when I scp 4G files from it. > > I think the locking up under X is video card related, because > it does it on 4.x as well. However the scp problem is new. Yeah, the scp is a bit scary (although 4gb is a magic number...) Thanks for the feedback everyone. From what I've gleamed, 5 still has a ways to go. If anyone has a fairly loaded system under 5, I'd be interested in hearing more. H From dan Wed Jun 2 06:18:35 2004 From: dan (Dan Langille) Date: Wed, 02 Jun 2004 06:18:35 -0400 Subject: [nycbug-talk] Anyone with a contact at MSN? In-Reply-To: <40BD41FC.2030402@travelersdiary.com> References: Message-ID: <40BD713B.28279.2D134369@localhost> On 1 Jun 2004 at 22:57, Josh McCormack wrote: > > On May 28, 2004, at 1:45 PM, Dan Langille wrote: > > > >> Do you know someone at MSN? > >> > >> My laptop was stolen. It logs into MSN Messenger automatically. > >> Yesterday I was logged out of MSN Messenger on my home desktop. I > >> suspect the thief powered on the laptop and that's why I was logged > >> out of MSN Messenger. > > > > > Here's an idea: try to chat with 'yourself' as someone who the thief > would want to meet. Appeal to prurient or greedy desires, present an > offer they can't refuse, and lay a trap. They only came online once. And were gone. -- Dan Langille : http://www.langille.org/ BSDCan - http://www.bsdcan.org/ From george Wed Jun 2 09:37:02 2004 From: george (George Georgalis) Date: Wed, 2 Jun 2004 09:37:02 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh (was: ftp client....) In-Reply-To: References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> Message-ID: <20040602133702.GA966@trot.local> On Tue, Jun 01, 2004 at 09:54:19PM -0400, Bob Ippolito wrote: >On Jun 1, 2004, at 8:21 PM, George Georgalis wrote: > >>I'm thinking djb's checkpassword to chroot to the users's dir for a >>ftp/scp/rsync-ssh restricted shell (yes I need to enable ftp auth, >>securely) could do it, with everything in a cdb. But I'd like to get >>something acceptable (ftp) in place soon. :-} Any ideas? > >The solution I would use is to use servers designed to handle the >virtual user scenario. I remember ProFTPd (?) being capable of doing >this quite a few years ago. I never noticed virtual users as a ProFTPd feature. It looks perfect, will have to give it a shot and worry about the other protocols later. > As for scp and rsync-ssh I don't know of >any out of the box solutions, however if you're good with Python you >may want to take a look at conch (a component of Twisted, >http://twistedmatrix.com/), which is a Python implementation of the SSH >protocol. I've personally seen it used to implement restricted virtual >scp, but I don't think any such package has been released. Twisted >does of course also have a FTP component that can be used more or less >out of the box. I'm not really very familiar with the implementation >of rsync, but I can't imagine it would be too hard to implement either. I think Twisted, http://twistedmatrix.com/ is a bit of a stretch. :) Thanks for the link anyhow. >On the other hand, I've personally standardized on WebDAV with Apache2: >- You probably already know how to configure it >- You can authenticate and authorize however the hell you want >- Encryption is easy, just use SSL >- Anyone with a web browser can fetch files from it >- Anyone with a non-ancient operating system can mount it as a >filesystem without any additional software >- Anyone with an ancient operating system can still get software >that'll do it >- Many software products integrate with it specifically It never occurred to me that I might actually _want_ Apache2 features. This looks worth looking into. Thanks. // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From bob Wed Jun 2 10:47:53 2004 From: bob (Bob Ippolito) Date: Wed, 2 Jun 2004 10:47:53 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh (was: ftp client....) In-Reply-To: <20040602133702.GA966@trot.local> References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> <20040602133702.GA966@trot.local> Message-ID: On Jun 2, 2004, at 9:37 AM, George Georgalis wrote: > On Tue, Jun 01, 2004 at 09:54:19PM -0400, Bob Ippolito wrote: >> On Jun 1, 2004, at 8:21 PM, George Georgalis wrote: >> >>> I'm thinking djb's checkpassword to chroot to the users's dir for a >>> ftp/scp/rsync-ssh restricted shell (yes I need to enable ftp auth, >>> securely) could do it, with everything in a cdb. But I'd like to get >>> something acceptable (ftp) in place soon. :-} Any ideas? >> >> The solution I would use is to use servers designed to handle the >> virtual user scenario. I remember ProFTPd (?) being capable of doing >> this quite a few years ago. > > I never noticed virtual users as a ProFTPd feature. It looks perfect, > will have to give it a shot and worry about the other protocols later. I also remember it having some exploits a few years ago.. but I'm sure that's probably settled down :) I don't think I've ran ProFTPd since 1999 or so.. >> As for scp and rsync-ssh I don't know of >> any out of the box solutions, however if you're good with Python you >> may want to take a look at conch (a component of Twisted, >> http://twistedmatrix.com/), which is a Python implementation of the >> SSH >> protocol. I've personally seen it used to implement restricted >> virtual >> scp, but I don't think any such package has been released. Twisted >> does of course also have a FTP component that can be used more or less >> out of the box. I'm not really very familiar with the implementation >> of rsync, but I can't imagine it would be too hard to implement >> either. > > I think Twisted, http://twistedmatrix.com/ is a bit of a stretch. :) > Thanks for the link anyhow. Why do you say it's a stretch? It's probably the only thing out there that's designed to facilitate the sort of configuration you want. >> On the other hand, I've personally standardized on WebDAV with >> Apache2: >> - You probably already know how to configure it >> - You can authenticate and authorize however the hell you want >> - Encryption is easy, just use SSL >> - Anyone with a web browser can fetch files from it >> - Anyone with a non-ancient operating system can mount it as a >> filesystem without any additional software >> - Anyone with an ancient operating system can still get software >> that'll do it >> - Many software products integrate with it specifically > > It never occurred to me that I might actually _want_ Apache2 features. > This looks worth looking into. Thanks. Apache 2 is definitely underrated. If you have to run really tightly integrated modules or really squeeze performance out of a box, Apache 1.3.x really isn't an option. Extra functionality is just icing on the cake. There is at least one WebDAV implementation for Apache 1.3.x, but it probably hasn't been updated much since the release of Apache 2.. so I would just bite the bullet and go with Apache 2. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040602/7a1d4a35/attachment.bin From ike Tue Jun 1 12:20:03 2004 From: ike (Isaac Levy) Date: Tue, 1 Jun 2004 12:20:03 -0400 Subject: [nycbug-talk] Help!!! (server problems...) In-Reply-To: <54926.68.237.206.112.1085667097.squirrel@mail.sddi.net> References: <54926.68.237.206.112.1085667097.squirrel@mail.sddi.net> Message-ID: <89570812-B3E7-11D8-8282-000D9368D406@lesmuug.org> Wah! On May 27, 2004, at 10:11 AM, G. Rosamond wrote: >>> hmm... maybe it wants coffee. >> >> No, that I'm sure of! Same client, a year or 2 back, I get a call >> about a PowerBook not working: turns out it took about half a grande >> latte in the keyboard. Nice piece of design, that keyboard: it kept >> the liquid away from the important bits. > > Ike has some insight about Dos Equis and PowerBooks. . . > > OOoooouch.... http://ikebook.structuredsystems.net Rocket- .ike From ike Tue Jun 1 10:49:51 2004 From: ike (Isaac Levy) Date: Tue, 1 Jun 2004 10:49:51 -0400 Subject: [nycbug-talk] BSD in the enterprise.... In-Reply-To: <1085810591.10913.21.camel@mckenzie> References: <1085810591.10913.21.camel@mckenzie> Message-ID: Hi Nigel, All, I know I'm a bit late responding here, but I really wanted to add some ikestyle history here about BSD's in 'Corporate' enviornnments. First things first, BSD and Linux come from different places, (and btw I'm not interested on starting some flame war here re. BSD vs. Linux). The BSD's, ancestrally, come directly from early UNIX systems dating back to the original Bell Labs UNIX of 69'. Various UNIX'es, in the latter third of the 20th century, defined what was computing in corporate environments. Unix has been a part of large corporate environments as long as computers have dominated the corporate working process. It was the PC revolution which changed the corporate computing landscape. The gradual switch from mainframe servers, to heavy use of client/workstation computers in the corporate workplace, (and now back to an interesting balance of the two). UNIX systems size and relative complexity was more than any sane PC could handle at the time, which is why UNIX has a hardcore reputation living in big iron. PC operating systems and software had to be re-thunk, (much like many chandheld and embedded devices today [think cellphones]). Microsoft has dominated the PC Corporate desktop/workstation from the start, and with that, as the internet moves us back into a networked WORLD, the server is again taking the spotlight- (though not nearly the singular role it had in past decades). With this change, MS Server products came to dominate the corporate server landscape based on the fact that they already run the PC systems that people came to touch, see, and rely on. But, with that, UNIX has never gone away- and in fact, various *nix'es matured and grew technologically well in advance of MS, in order to compete with the massive marketing/market resources of MS (and others). -- Rewind to 1990-ish, PC systems have passed a threshold where UNIX can sanely run on a PC chipset- the mature Berleley Software Distribution for UNIX is given a Kernel (all it needed to become a full OS), and Linux rose out of PC hackers. This is a fundamental difference between Linux and BSD, Linux comes from PC (x86) hackers creating an arguably POSIX compliant UNIX OS, and The BSD's come from OLD Unix being re-born for the PC (x86). At this point in time, the chipsets for most servers is the same as most desktop PC's out there, (I'm talking about the masses of machines out there), primarily driven by the internet boom. Linux gained mindshare as being a new frontier, and has championed the formalization of Open Source for the last decade, being pushed into new environments, and embraced by exited entrepreneurs as much as by hackers. BSD on the other hand, has simply been put into service in many mission-critical environments I've seen- no fuss, no mascot logos in sight, and often in BIG or old iron. On May 29, 2004, at 2:03 AM, Nigel Clarke wrote: > What will it take to have *BSD in use in corporate environments? Linux > was not successful until companies like Solaris and IBM started to > endorse it. When I say successful, I'm speaking of making it into > corporate environments. Here's the basics of why- with all due respect to a lot of intelligent people, the majority of the corporate world are NOT techies- but rely almost completely on technology. With this, their IT decisions are guided by trust and reputation, as well as clear marketing. The BSD's have survived on technical merit, which says a lot. (Even in the 70's, Ken Thompson was quoted noting something about all the UNIX marketing hype being good for all UNIXes back then). IBM's dependancy/hate relationship with Microsoft is WAY to big to tackle here, but in a nutshell, they have been carrying the Linux battle flag as a way to escape being under Microsoft's thumb- (after their own failed OS). > > One of the other advantages that Linux offers is that it is economical. > That and stable vendor support make it an easy decision for management. There are noteworthy strengths and weaknesses for both the BSD and Linux families, but I'm really interested here in what you speak of when you speak of stable vendor support? I understand that IBM is perceived as a stable choice, but have you seen this undermine any other unix system out there? > > How does BSD compare? How will BSD make it into corporate environments? Short answer- it's already in there, and BSD's tight UNIX ancestors have arguably shaped the core of corporate computing since the beginning... Rocket, .ike From bschonhorst Wed Jun 2 11:33:02 2004 From: bschonhorst (Brad Schonhorst) Date: Wed, 2 Jun 2004 11:33:02 -0400 Subject: [nycbug-talk] Help!!! (server problems...) In-Reply-To: <89570812-B3E7-11D8-8282-000D9368D406@lesmuug.org> References: <54926.68.237.206.112.1085667097.squirrel@mail.sddi.net> <89570812-B3E7-11D8-8282-000D9368D406@lesmuug.org> Message-ID: <230B71CC-B4AA-11D8-A481-000A9573D036@vcsnyc.org> On Jun 1, 2004, at 12:20 PM, Isaac Levy wrote: > Wah! > > On May 27, 2004, at 10:11 AM, G. Rosamond wrote: > >>>> hmm... maybe it wants coffee. >>> >>> No, that I'm sure of! Same client, a year or 2 back, I get a call >>> about a PowerBook not working: turns out it took about half a grande >>> latte in the keyboard. Nice piece of design, that keyboard: it kept >>> the liquid away from the important bits. >> >> Ike has some insight about Dos Equis and PowerBooks. . . >> >> > > OOoooouch.... > > http://ikebook.structuredsystems.net > Thats great! I had to forward your link on to my wife who killed the keyboard on our ibook with champagne... -brad -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2373 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040602/6e2acaf2/attachment.bin From george Wed Jun 2 10:57:33 2004 From: george (G.Rosamond) Date: Wed, 2 Jun 2004 10:57:33 -0400 Subject: [nycbug-talk] Anyone with a contact at MSN? In-Reply-To: <40BD713B.28279.2D134369@localhost> References: <40BD713B.28279.2D134369@localhost> Message-ID: <2D943053-B4A5-11D8-9026-000D9328615E@sddi.net> On Jun 2, 2004, at 6:18 AM, Dan Langille wrote: > On 1 Jun 2004 at 22:57, Josh McCormack wrote: > >>> On May 28, 2004, at 1:45 PM, Dan Langille wrote: >>> >>>> Do you know someone at MSN? >>>> >>>> My laptop was stolen. It logs into MSN Messenger automatically. >>>> Yesterday I was logged out of MSN Messenger on my home desktop. I >>>> suspect the thief powered on the laptop and that's why I was logged >>>> out of MSN Messenger. >> >> >> >> >> Here's an idea: try to chat with 'yourself' as someone who the thief >> would want to meet. Appeal to prurient or greedy desires, present an >> offer they can't refuse, and lay a trap. > > They only came online once. And were gone. > -- > Dan Langille : http://www.langille.org/ > BSDCan - http://www.bsdcan.org/ > Maybe i missed something in this thread somewhere along the way, but did you talk to level i support at msn? did you ask for a manager? or email security at msn.com or whatever their digital security contact info is? g From dan Wed Jun 2 11:39:22 2004 From: dan (Dan Langille) Date: Wed, 02 Jun 2004 11:39:22 -0400 Subject: [nycbug-talk] Anyone with a contact at MSN? In-Reply-To: <2D943053-B4A5-11D8-9026-000D9328615E@sddi.net> References: <40BD713B.28279.2D134369@localhost> Message-ID: <40BDBC6A.27948.2E38F6A0@localhost> On 2 Jun 2004 at 10:57, G.Rosamond wrote: > > On Jun 2, 2004, at 6:18 AM, Dan Langille wrote: > > > On 1 Jun 2004 at 22:57, Josh McCormack wrote: > > > >>> On May 28, 2004, at 1:45 PM, Dan Langille wrote: > >>> > >>>> Do you know someone at MSN? > >>>> > >>>> My laptop was stolen. It logs into MSN Messenger automatically. > >>>> Yesterday I was logged out of MSN Messenger on my home desktop. I > >>>> suspect the thief powered on the laptop and that's why I was logged > >>>> out of MSN Messenger. > >> > >> > >> > >> > >> Here's an idea: try to chat with 'yourself' as someone who the thief > >> would want to meet. Appeal to prurient or greedy desires, present an > >> offer they can't refuse, and lay a trap. > > > > They only came online once. And were gone. > Maybe i missed something in this thread somewhere along the way, but > did you talk to level i support at msn? Level i? I spent about 90 minutes on the phone when it happened. Nobody was able to tell me anything. > did you ask for a manager? Not explicitly, I asked if there was anyone else to talk to. > or email security at msn.com or whatever their digital security contact > info is? What I've heard, from multiple sources, is I can't get anything without police involvement. I've been trying to get them involved.... The police report was filed within 10 minutes of the theft being discovered. This was Thursday May 27. I called yesterday and left a message for the dectective. -- Dan Langille : http://www.langille.org/ BSDCan - http://www.bsdcan.org/ From george Wed Jun 2 11:57:21 2004 From: george (George Georgalis) Date: Wed, 2 Jun 2004 11:57:21 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh (was: ftp client....) In-Reply-To: References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> <20040602133702.GA966@trot.local> Message-ID: <20040602155721.GA2990@trot.local> On Wed, Jun 02, 2004 at 10:47:53AM -0400, Bob Ippolito wrote: >On Jun 2, 2004, at 9:37 AM, George Georgalis wrote: > >>I think Twisted, http://twistedmatrix.com/ is a bit of a stretch. :) >>Thanks for the link anyhow. > >Why do you say it's a stretch? It's probably the only thing out there >that's designed to facilitate the sort of configuration you want. I tend to stick with 'traditional' installations, for a variety of reasons. Trying twistedmatrix would cause a variety of site technical/political issues, besides the extra time to learn it... >>It never occurred to me that I might actually _want_ Apache2 features. >>This looks worth looking into. Thanks. > >Apache 2 is definitely underrated. If you have to run really tightly >integrated modules or really squeeze performance out of a box, Apache >1.3.x really isn't an option. Extra functionality is just icing on the >cake. > >There is at least one WebDAV implementation for Apache 1.3.x, but it >probably hasn't been updated much since the release of Apache 2.. so I >would just bite the bullet and go with Apache 2. Neat. I only know about apache2 because of posts where people have installation issues, need to take a closer look. // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From pete Wed Jun 2 12:13:46 2004 From: pete (Pete Wright) Date: Wed, 02 Jun 2004 12:13:46 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh In-Reply-To: <20040602155721.GA2990@trot.local> References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> <20040602133702.GA966@trot.local> <20040602155721.GA2990@trot.local> Message-ID: <40BDFCBA.9040101@nomadlogic.org> George Georgalis wrote: >On Wed, Jun 02, 2004 at 10:47:53AM -0400, Bob Ippolito wrote: > > >I tend to stick with 'traditional' installations, for a variety >of reasons. Trying twistedmatrix would cause a variety of site >technical/political issues, besides the extra time to learn it... > > > > just a question, why are you shying away from chroot'ing each of these users? you can set up each jail with access only to rsync/scp/sftp etc. and the respective config files. as i found with the proftp jail's, it's not as hard as it seems. it just takes a bit of planning, but once you figure out what each user needs things should be ok. new jails can even be automated with a scripting lang as well. i do know that whith jailed ssh sessions there are issues with running programs like "w" and "ps", altho it doesn't seem like you need interactive logins.... -p From pete Wed Jun 2 12:22:07 2004 From: pete (Pete Wright) Date: Wed, 02 Jun 2004 12:22:07 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh In-Reply-To: <40BDFCBA.9040101@nomadlogic.org> References: <20040524031316.GK18600@trot.local> <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> <20040602133702.GA966@trot.local> <20040602155721.GA2990@trot.local> <40BDFCBA.9040101@nomadlogic.org> Message-ID: <40BDFEAF.7010706@nomadlogic.org> Pete Wright wrote: > George Georgalis wrote: > >> On Wed, Jun 02, 2004 at 10:47:53AM -0400, Bob Ippolito wrote: >> >> >> I tend to stick with 'traditional' installations, for a variety >> of reasons. Trying twistedmatrix would cause a variety of site >> technical/political issues, besides the extra time to learn it... >> >> >> >> > just a question, why are you shying away from chroot'ing each of these > users? you can set up each jail with access only to rsync/scp/sftp > etc. and the respective config files. as i found with the proftp > jail's, it's not as hard as it seems. it just takes a bit of > planning, but once you figure out what each user needs things should > be ok. new jails can even be automated with a scripting lang as > well. i do know that whith jailed ssh sessions there are issues with > running programs like "w" and "ps", altho it doesn't seem like you > need interactive logins.... > > -p sorry don't think it was quite clear here, mixed up jail's and chroot. anyway here is a interesting link that explains what i was trying to state: http://docs.freebsd.org/44doc/papers/jail/jail-4.html#section4 this is the main page: http://docs.freebsd.org/44doc/papers/jail/jail.html -pete > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From george Wed Jun 2 13:51:25 2004 From: george (George Georgalis) Date: Wed, 2 Jun 2004 13:51:25 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh In-Reply-To: <40BDFCBA.9040101@nomadlogic.org> References: <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> <20040602133702.GA966@trot.local> <20040602155721.GA2990@trot.local> <40BDFCBA.9040101@nomadlogic.org> Message-ID: <20040602175125.GD2990@trot.local> On Wed, Jun 02, 2004 at 12:13:46PM -0400, Pete Wright wrote: >George Georgalis wrote: > >>On Wed, Jun 02, 2004 at 10:47:53AM -0400, Bob Ippolito wrote: >> >> >>I tend to stick with 'traditional' installations, for a variety >>of reasons. Trying twistedmatrix would cause a variety of site >>technical/political issues, besides the extra time to learn it... >> >> >> >> >just a question, why are you shying away from chroot'ing each of these >users? you can set up each jail with access only to rsync/scp/sftp etc. >and the respective config files. as i found with the proftp jail's, >it's not as hard as it seems. it just takes a bit of planning, but once >you figure out what each user needs things should be ok. new jails can >even be automated with a scripting lang as well. i do know that whith >jailed ssh sessions there are issues with running programs like "w" and >"ps", altho it doesn't seem like you need interactive logins.... Sounds like a nice way to go. I've only used commercial "chroot hosting solutions" (ensim) and packages that implement them for me, like djbdns. I've been meaning to go through a chroot apache howto but it has gotten bumped for 6+ months. Any links for setting up a chroot like you describe would be welcome, I need to read up on the process. A non-login chroot for each user that allows transfer protocols would fit the bill, if it doesn't require system accounts (they would disrupt some portability that's in place), so I'm back to my original question of services based on a user/auth cdb and checkpassword. BTW - is there a way to give cvs access but no login shell and no pserver? // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From pete Wed Jun 2 14:25:14 2004 From: pete (Pete Wright) Date: Wed, 02 Jun 2004 14:25:14 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh In-Reply-To: <20040602175125.GD2990@trot.local> References: <40B1F651.8040106@nomadlogic.org> <47C58C7F-AD86-11D8-8497-000A95686CD8@redivi.com> <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> <20040602133702.GA966@trot.local> <20040602155721.GA2990@trot.local> <40BDFCBA.9040101@nomadlogic.org> <20040602175125.GD2990@trot.local> Message-ID: <40BE1B8A.10007@nomadlogic.org> George Georgalis wrote: >On Wed, Jun 02, 2004 at 12:13:46PM -0400, Pete Wright wrote: > > >>> >>> >>just a question, why are you shying away from chroot'ing each of these >>users? you can set up each jail with access only to rsync/scp/sftp etc. >>and the respective config files. as i found with the proftp jail's, >>it's not as hard as it seems. it just takes a bit of planning, but once >>you figure out what each user needs things should be ok. new jails can >>even be automated with a scripting lang as well. i do know that whith >>jailed ssh sessions there are issues with running programs like "w" and >>"ps", altho it doesn't seem like you need interactive logins.... >> >> > >Sounds like a nice way to go. I've only used commercial "chroot hosting >solutions" (ensim) and packages that implement them for me, like djbdns. >I've been meaning to go through a chroot apache howto but it has gotten >bumped for 6+ months. Any links for setting up a chroot like you >describe would be welcome, I need to read up on the process. > >A non-login chroot for each user that allows transfer protocols >would fit the bill, if it doesn't require system accounts (they would >disrupt some portability that's in place), so I'm back to my original >question of services based on a user/auth cdb and checkpassword. > > > this is what i accomplished using proftpd-mysql. all user info stored in the DB (username/pass/uid/gid/homedir), and each child ftp daemon is spawned in a jail, so even if some is able to own the ftp daemon it is confinded to the jail. another nice feature of proftpd is what home dirs will be created dynamicly. but i digress. as for other services (rsync...) it might be worth checking out PAM, there may be auth modules out there that have what you are looking for. i know of imap auth-db PAM modules for example, i'm not too sure about rsync/ssh tho. i think the second link i posted is a good starting place for FreeBSD. OpenBSD also makes heavy use of jails. I do not have any direct links right now, only the mans ;) maybe someone else on the list knows of a good howto or something... >BTW - is there a way to give cvs access but no login shell and no >pserver? > > this i don't know, altho i assume it should be pretty trvial. -pete > > > From george Wed Jun 2 15:20:00 2004 From: george (George Georgalis) Date: Wed, 2 Jun 2004 15:20:00 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh In-Reply-To: <40BE1B8A.10007@nomadlogic.org> References: <7421C5C2-AD98-11D8-BE3A-000A9573D036@vcsnyc.org> <64ECBF36-AE32-11D8-ABF7-000D9368D406@lesmuug.org> <20040602002151.GC18853@trot.local> <20040602133702.GA966@trot.local> <20040602155721.GA2990@trot.local> <40BDFCBA.9040101@nomadlogic.org> <20040602175125.GD2990@trot.local> <40BE1B8A.10007@nomadlogic.org> Message-ID: <20040602192000.GE2990@trot.local> On Wed, Jun 02, 2004 at 02:25:14PM -0400, Pete Wright wrote: >George Georgalis wrote: > >this is what i accomplished using proftpd-mysql. Yep, I think that's what I'll use. > i think the second link i posted is a good starting place for >FreeBSD. OpenBSD also makes heavy use of jails. I do not have any >direct links right now, only the mans ;) maybe someone else on the list >knows of a good howto or something... Was reading over that. I normally use linux, it looks like FreeBSD 'jail' and linux 'chroot' commands provide roughly the same functionality, with better networking support with FreeBSD jail. Is there a separate BSD 'chroot' command that provides different functionality than the 'jail' command? >>BTW - is there a way to give cvs access but no login shell and no >>pserver? >> >> >this i don't know, altho i assume it should be pretty trvial. generally the cvs binary operates on the local filesystem CVSROOT, so using cvs remotely via the ssh shell is an easy way to do remote. but with no login shell I doubt running remote cvs commands will be easy. pserver is a cleartext server daemon for cvs access, but seems to get compromised from time to time. // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631 From jromero Wed Jun 2 15:36:21 2004 From: jromero (jromero at romero3000.com) Date: Wed, 02 Jun 2004 15:36:21 -0400 Subject: [nycbug-talk] imap queries Message-ID: <40BE2C35.8030205@romero3000.com> does anyone know approximately how much bandwidth the average imap server query takes up?? how about message downloads?? I realize these are very general questions. Just looking for ballpark figure. From jesse Wed Jun 2 16:45:23 2004 From: jesse (Jesse Callaway) Date: Wed, 02 Jun 2004 16:45:23 -0400 Subject: [nycbug-talk] imap queries In-Reply-To: <40BE2C35.8030205@romero3000.com> References: <40BE2C35.8030205@romero3000.com> Message-ID: <40BE3C63.6020500@theholymountain.com> jromero at romero3000.com wrote: > does anyone know approximately how much bandwidth the average imap > server query takes up?? > how about message downloads?? > I realize these are very general questions. Just looking for ballpark > figure. On a 56k modem it may take up all of the bandwidth. Maybe not. Not much data is transferred in IMAP. So, ok nobody uses those to connect who I know. The next thing to look at would be how many messages pile up between synchs. so reeeal ballpark. About a webpage's worth of bandwidth. [ducking for cover] If you're looking for something which conserves bandwidth then, ironically, POP would be the way to go. From pete Wed Jun 2 17:21:58 2004 From: pete (Pete Wright) Date: Wed, 02 Jun 2004 17:21:58 -0400 Subject: [nycbug-talk] imap queries In-Reply-To: <40BE3C63.6020500@theholymountain.com> References: <40BE2C35.8030205@romero3000.com> <40BE3C63.6020500@theholymountain.com> Message-ID: <40BE44F6.8010903@nomadlogic.org> Jesse Callaway wrote: > jromero at romero3000.com wrote: > >> does anyone know approximately how much bandwidth the average imap >> server query takes up?? >> how about message downloads?? >> I realize these are very general questions. Just looking for ballpark >> figure. > > i don't have a clue, altho i'm sure one could use ethereal/tcpdump to sniff the packets of a IMAP query. > On a 56k modem it may take up all of the bandwidth. Maybe not. Not > much data is transferred in IMAP. So, ok nobody uses those to connect > who I know. > The next thing to look at would be how many messages pile up between > synchs. > > > so reeeal ballpark. About a webpage's worth of bandwidth. [ducking for > cover] > > If you're looking for something which conserves bandwidth then, > ironically, POP would be the way to go. or ssh/mutt or pine ;^) -p > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From bob Wed Jun 2 18:20:36 2004 From: bob (Bob Ippolito) Date: Wed, 2 Jun 2004 18:20:36 -0400 Subject: [nycbug-talk] imap queries In-Reply-To: <40BE2C35.8030205@romero3000.com> References: <40BE2C35.8030205@romero3000.com> Message-ID: <12897D01-B4E3-11D8-8B2E-000A95686CD8@redivi.com> On Jun 2, 2004, at 3:36 PM, jromero at romero3000.com wrote: > does anyone know approximately how much bandwidth the average imap > server query takes up?? > how about message downloads?? > I realize these are very general questions. Just looking for ballpark > figure. I haven't read the RFC lately, but I'm positive that the protocol overhead is totally negligible compared to the size of the messages. Bandwidth is really the wrong measure anyway... Any protocol is going to take as much bandwidth as it has available to it until it sends what it needs to send (given ideal TCP conditions and enough time, yadda yadda yadda), unless it's explicitly throttled. In other words, you're probably asking the wrong question. It really shouldn't matter. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040602/cf5e9b32/attachment.bin From pete Wed Jun 2 21:48:26 2004 From: pete (Pete Wright) Date: Wed, 02 Jun 2004 20:48:26 -0500 Subject: [nycbug-talk] kernels Message-ID: <40BE836A.7020104@nomadlogic.org> boy i wish i was at the bug and not doing a night shift :( here is an interesting link regarding monolithic kernels relating to OpenBSD: http://kerneltrap.org/comment/reply/3239 i pretty much agree with alot of the issues raised, but in my industry i need fully funtional 3D drivers provided by nvidia for linux. yea it sucks that they are not GPL'd, but hey it's better than using NT for Maya.... -pete -- ~~~oO00Oo~~~ Pete Wright pete at nomadlogic.org www.nomadlogic.org/~pete From paul Wed Jun 2 21:36:29 2004 From: paul (Paul Dlug) Date: Wed, 2 Jun 2004 21:36:29 -0400 Subject: [nycbug-talk] FreeBSD 5 In-Reply-To: <41EE526EC2D3C74286415780D3BA9F8702511D0D@ehost011-1.exch011.intermedia.net> References: <41EE526EC2D3C74286415780D3BA9F8702511D0D@ehost011-1.exch011.intermedia.net> Message-ID: <6FEC4656-B4FE-11D8-A348-000A95C8C6BA@aps.org> > Thanks for the feedback everyone. From what I've gleamed, 5 still has > a > ways to go. If anyone has a fairly loaded system under 5, I'd be > interested in hearing more. I'm currently running a heavily loaded tomcat server (java 1.4) on a 5.2.1 SMP box, also running a primary OpenLDAP server on another 5.2.1 box. I mostly chose 5.2.1 because I wanted the ULE scheduler, UFS2 with snapshots and some RAID hardware support that hasn't been backported to 4.x. We were previously running 5.2.1 on our print server and some smaller servers without any problems. At least this way when 5.3 comes out we won't be redoing a box, it should be a smoother upgrade. Also alot of the newer hardware configurations seem to experience fewer problems under 5.x, especially when it comes to ACPI issues. --Paul From elric Wed Jun 2 17:31:45 2004 From: elric (Roland C. Dowdeswell) Date: Wed, 02 Jun 2004 17:31:45 -0400 Subject: [nycbug-talk] virtual users and ftp/scp/rsync-ssh In-Reply-To: Your message of "Wed, 02 Jun 2004 15:20:00 EDT." <20040602192000.GE2990@trot.local> Message-ID: <20040602213145.1EED5174BF@arioch.imrryr.org> On 1086204000 seconds since the Beginning of the UNIX epoch George Georgalis wrote: > >Was reading over that. I normally use linux, it looks like FreeBSD >'jail' and linux 'chroot' commands provide roughly the same >functionality, with better networking support with FreeBSD jail. > >Is there a separate BSD 'chroot' command that provides different >functionality than the 'jail' command? On a system call level, from the NetBSD chroot(2) man page: STANDARDS The chroot() function conforms to X/Open System Interfaces and Headers Issue 5 (``XSH5''), with the restriction that the calling process' work- ing directory must be at or under the new root directory. Otherwise, the working directory is silently set to the new root directory; this is an extension to the standard. chroot() was declared a legacy interface, and subsequently removed in IEEE Std 1003.1-2001 (``POSIX.1''). There is also a chroot(8) which appeared in 4.4BSD (1993?). So, short form, yes the BSDs do have chroot. I think that pretty much all UNIX and UNIX-like OSes have chroot unless you look for quite odd ones. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From mlists Thu Jun 3 02:07:35 2004 From: mlists (mlists at bizintegrators.com) Date: Thu, 3 Jun 2004 02:07:35 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <40BE836A.7020104@nomadlogic.org> References: <40BE836A.7020104@nomadlogic.org> Message-ID: <20040603060735.GL7939@bizintegrators.com> On Wed, Jun 02, 2004 at 08:48:26PM -0500, Pete Wright wrote: > boy i wish i was at the bug and not doing a night shift :( here is an > interesting link regarding monolithic kernels relating to OpenBSD: > > http://kerneltrap.org/comment/reply/3239 > > i pretty much agree with alot of the issues raised, but in my industry i > need fully funtional 3D drivers provided by nvidia for linux. yea it > sucks that they are not GPL'd, but hey it's better than using NT for > Maya.... > They seem to have missed one important post on the list. Here it is, from Kamo Hiroyasu " Chuck, you are misusing the term `monolithic'. A monolithic kernel with loadable modules is still a monolithic kernel because the loaded codes will run on the kernel space. It is far from a micro kernel. That implies: you cannot gain any advantage of mocro kernels from loadable modules. Please consult any textbook on operating systems for detail. Kamo Hiroyasu [Kamo is the family name and Hiroyasu the given name.] " Therefore, Linux kernel is also monolithic. I'm very gratefull for OpenBSD's integrity, meaning things like binary only drivers will never be accepted. -bruno From pete Thu Jun 3 02:13:38 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 02:13:38 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603060735.GL7939@bizintegrators.com> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> Message-ID: <40BEC192.1070303@nomadlogic.org> mlists at bizintegrators.com wrote: >On Wed, Jun 02, 2004 at 08:48:26PM -0500, Pete Wright wrote: > > >>boy i wish i was at the bug and not doing a night shift :( here is an >>interesting link regarding monolithic kernels relating to OpenBSD: >> >>http://kerneltrap.org/comment/reply/3239 >> >>i pretty much agree with alot of the issues raised, but in my industry i >>need fully funtional 3D drivers provided by nvidia for linux. yea it >>sucks that they are not GPL'd, but hey it's better than using NT for >>Maya.... >> >> >> > >They seem to have missed one important post on the list. >Here it is, from Kamo Hiroyasu >" >Chuck, you are misusing the term `monolithic'. A monolithic kernel >with loadable modules is still a monolithic kernel because the loaded >codes will run on the kernel space. It is far from a micro kernel. >That implies: you cannot gain any advantage of mocro kernels from >loadable modules. > >Please consult any textbook on operating systems for detail. > > Kamo Hiroyasu > [Kamo is the family name and Hiroyasu the given name.] > >" > >Therefore, Linux kernel is also monolithic. > > good point, hence the whole tanenbaum/torvalds split.... -p >I'm very gratefull for OpenBSD's integrity, meaning things like binary >only drivers will never be accepted. > >-bruno >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From scottro Thu Jun 3 03:36:15 2004 From: scottro (Scott Robbins) Date: Thu, 3 Jun 2004 03:36:15 -0400 Subject: [nycbug-talk] A bit more on xorg Message-ID: <20040603073615.GA15263@scottro11.homeunix.net> A day or so ago, I asked had anyone been playing with xorg. Since then, I've installed it on a few boxe--more out of boredom than any great political reason, though one gets the general impression that further advances in X will be through xorg rather than XFree. There's a 50 something message thread about it on bsdforums. The procedure is actually pretty straightforward. In the few days it's been in ports, a few errors have been corrected--for instance, the xorg-libraries Makefile put Wraphelp in /distfiles/xorg but looked for it in /distfiles. One of the posters in the thread has been having trouble doing the upgrade in 4.x, but in 5.x, on three test boxes and my main workstation at work, as well as main workstation at home, it went quite smoothly. In a nutshell, one removes XFree installed packages (not without a certain sense of trepidation, especially on my main workstation) :) and wrapper (all needed pkg_delete -f since there are various deps,) installs in recommended order, and everything has, at least for several others and myself, been hunky dory. The wrapper Makefile has to be edited. To save folks a bit of searching, the link to the forums thread is at www.freebsdforums.org/forums/showthread.php?s=&threadid=21890&highlight=xorg (sorry about the long url, had to set columns to 76 to get it in.) Note that the first page of the thread is when it first came out. Within the last few days, most of the problems have been fixed, and after removing all XFree stuff and wrapper one simply follows the instructions at http://bsd-unix.org/xorg.txt The only other caveat is that one should first cvsup ports, then make sure your version of expat is the same as that in /usr/ports/textproc/expat2's Makefile. If not, portupgrade that first, or you'll get a stop error (I'm sorry, I don't remember where, it only happened once on one of the 5 boxes.) Anyway, hope this is of interest to someone--it's 3:30 am and a headache is keeping me up so I feel like hearing myself type. :) -- Scott PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Giles: It's a trick. They get inside my head, make me see things I want. Xander: Then why would they make you see me? Giles: You're right. Let's go. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/1137203f/attachment.bin From sunny-ml Thu Jun 3 09:06:54 2004 From: sunny-ml (Sunny Dubey) Date: Thu, 3 Jun 2004 09:06:54 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603060735.GL7939@bizintegrators.com> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> Message-ID: <200406030906.55298.sunny-ml@opencurve.org> On Thursday 03 June 2004 02:07 am, mlists at bizintegrators.com wrote: > They seem to have missed one important post on the list. > Here it is, from Kamo Hiroyasu > " > Chuck, you are misusing the term `monolithic'. A monolithic kernel > with loadable modules is still a monolithic kernel because the loaded > codes will run on the kernel space. It is far from a micro kernel. > That implies: you cannot gain any advantage of mocro kernels from > loadable modules. > > Please consult any textbook on operating systems for detail. > > Kamo Hiroyasu > [Kamo is the family name and Hiroyasu the given name.] > > " > > Therefore, Linux kernel is also monolithic. > I think that some people are missing the fact that it is possible to get around the GPL requirements of the linux kernel. Essentially what you can do is the following: linux-kernel <---> GPL wrapper <---> binary only module >From what I've seen, the above is usually the case 99% of the time. You download whatever package and compile the module wrapper against the current kernel headers. Additionally as someone who understands the Mandrake Linux installer backwards and forwards [1], I can say that modules become excessively helpful especially when you need to distribute generic kernels, or need a kernel going for the installation process. Essentially you can break hardware support down into two categories, the first being "mandatory" (stuff that is needed for installation, like IDE/SCSI, network cards), and the second "optional" (sound cards, printers, etc). It is the size of the mandatory support that matters greatly because at any given time you have limited amount of space to deal with, yet at the same time the list of "mandatory" stuff keeps growing and growing. With the BSDs, the GENERIC kernel essentially supports the mandatory stuff with various optional parts left out. However with linux distros, we like to ship a kernel with very basic mandatory stuff, and the rest of the mandatory/optional stuff built as modules. This comes to our advantage for various reasons. The first being that people aren't loading what they don't need to be. (Not that there is anything wrong with loading what you don't need, but the less running in kernel space, the better). Secondly (IMO) you are given a chance to load the module with modified arguments as opposed to having to manually type such at the bootloader or having GENERIC use whatever defaults it was compiled with. Lastly, modules are helpful because in the event there is a bug, or just unsupported hardware, most distros will allow you to load your own modules during the installation period (this has saved my ass numerous times). > I'm very gratefull for OpenBSD's integrity, meaning things like binary > only drivers will never be accepted. I don't see how this is true. Sure binary only modules may not be possible, but binary only patches are very much possible. Additionally thanks to the liberal BSD license, this becomes more so possible as opposed to the requirements of the GPL. Sunny Dubey [1] http://opencurve.org/~sunny/mandrake/init-startup From marco Thu Jun 3 09:25:29 2004 From: marco (marco at metm.org) Date: Thu, 3 Jun 2004 09:25:29 -0400 Subject: [nycbug-talk] Ldap -> mac environment Message-ID: <20040603132529.GD24745@metm.org> Hello all, Thanks for a great meeting last night. It was nice getting to know some of you guys. And see more of George's incredible advocacy up close and personal :^) I have a problem I mentioned to some of you, and as there are others on this list who work in mixed unix/mac environments. I thought I would ask. Basically I was confused about mozilla mail's ldap client support for the address book. Basically it sucks. Even though internally mozilla uses ldap/ldif files for the address book when I set up an openldap sldapd server to serve out that same information, I found that when getting the information from an ldap server, you can't get a listing of the addresses, you can only do searches (searching for empty string didn't quite work), and most importantly _you can't update the information on the ldap server_ making my idea pretty much unuseable. Here is a link pretty much confirming what I found. http://lists.freebsd.org/pipermail/freebsd-questions/2004-February/035332.html Before looking into what could be done to make mozilla better, I don't have that much time these days... I was wondering if any of you had experience in this area. I need an ldap client through which the client could easily maintain an contact list from mixed OS9/OSX desktops. I am starting to think a webapp is the only solution, but cutting and pasting seems far less useable than a simple 'Add to AddressBook' click from the email client. I am physically incapable of recommending an entouage/outlook solution. The clients have been on netscape/mozilla for years and are quite happy with the client spam filtering. For some reason towards the end of this email, I feel like I am asking for the impossible. Thanks for any ideas, -- Marco From mlists Thu Jun 3 10:11:01 2004 From: mlists (mlists at bizintegrators.com) Date: Thu, 3 Jun 2004 10:11:01 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <200406030906.55298.sunny-ml@opencurve.org> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> Message-ID: <20040603141101.GN7939@bizintegrators.com> On Thu, Jun 03, 2004 at 09:06:54AM -0400, Sunny Dubey wrote: > On Thursday 03 June 2004 02:07 am, mlists at bizintegrators.com wrote: > > > They seem to have missed one important post on the list. > > Here it is, from Kamo Hiroyasu > > " > > Chuck, you are misusing the term `monolithic'. A monolithic kernel > > with loadable modules is still a monolithic kernel because the loaded > > codes will run on the kernel space. It is far from a micro kernel. > > That implies: you cannot gain any advantage of mocro kernels from > > loadable modules. > > > > Please consult any textbook on operating systems for detail. > > > > Kamo Hiroyasu > > [Kamo is the family name and Hiroyasu the given name.] > > > > " > > > > Therefore, Linux kernel is also monolithic. > > > > I think that some people are missing the fact that it is possible to get > around the GPL requirements of the linux kernel. Essentially what you can > do is the following: > > linux-kernel <---> GPL wrapper <---> binary only module > > From what I've seen, the above is usually the case 99% of the time. You > download whatever package and compile the module wrapper against the > current kernel headers. > > Additionally as someone who understands the Mandrake Linux installer > backwards and forwards [1], I can say that modules become excessively > helpful especially when you need to distribute generic kernels, or need a > kernel going for the installation process. > > Essentially you can break hardware support down into two categories, the > first being "mandatory" (stuff that is needed for installation, like > IDE/SCSI, network cards), and the second "optional" (sound cards, printers, > etc). It is the size of the mandatory support that matters greatly because > at any given time you have limited amount of space to deal with, yet at the > same time the list of "mandatory" stuff keeps growing and growing. > > With the BSDs, the GENERIC kernel essentially supports the mandatory stuff > with various optional parts left out. However with linux distros, we like > to ship a kernel with very basic mandatory stuff, and the rest of the > mandatory/optional stuff built as modules. This comes to our advantage for > various reasons. The first being that people aren't loading what they > don't need to be. (Not that there is anything wrong with loading what you > don't need, but the less running in kernel space, the better). Secondly > (IMO) you are given a chance to load the module with modified arguments as > opposed to having to manually type such at the bootloader or having GENERIC > use whatever defaults it was compiled with. Lastly, modules are helpful > because in the event there is a bug, or just unsupported hardware, most > distros will allow you to load your own modules during the installation > period (this has saved my ass numerous times). Sounds good, someone likes modules, someone doesn't, I only wanted to point out that even with modules, Linux as a kernel is monolithic. > > > I'm very gratefull for OpenBSD's integrity, meaning things like binary > > only drivers will never be accepted. > > I don't see how this is true. > > Sure binary only modules may not be possible, but binary only patches are > very much possible. Additionally thanks to the liberal BSD license, this > becomes more so possible as opposed to the requirements of the GPL. I think binary patches and binary kernel modules are very different. Unless there is a source, or it complies with OpenBSD goals, they will not accept anything kernel or userland related. Even with source, and a bad license, they will not accept it. This is what I meant when I said the above. Binary patches patch already what is in the system. My comment only related to things like binary-only NV drivers, for example. -bruno From pete Thu Jun 3 11:14:05 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 11:14:05 -0400 Subject: [nycbug-talk] A bit more on xorg In-Reply-To: <20040603073615.GA15263@scottro11.homeunix.net> References: <20040603073615.GA15263@scottro11.homeunix.net> Message-ID: <40BF403D.7070501@nomadlogic.org> Scott Robbins wrote: >A day or so ago, I asked had anyone been playing with xorg. Since then, >I've installed it on a few boxe--more out of boredom than any great >political reason, though one gets the general impression that further >advances in X will be through xorg rather than XFree. > >There's a 50 something message thread about it on bsdforums. The >procedure is actually pretty straightforward. In the few days it's been >in ports, a few errors have been corrected--for instance, the >xorg-libraries Makefile put Wraphelp in /distfiles/xorg but looked for >it in /distfiles. > >One of the posters in the thread has been having trouble doing the >upgrade in 4.x, but in 5.x, on three test boxes and my main workstation >at work, as well as main workstation at home, it went quite smoothly. > >In a nutshell, one removes XFree installed packages (not without a >certain sense of trepidation, especially on my main workstation) :) >and wrapper (all needed pkg_delete -f since there are various deps,) >installs in recommended order, and everything has, at least for several >others and myself, been hunky dory. The wrapper Makefile has to be >edited. To save folks a bit of searching, the link to the forums thread >is at > >www.freebsdforums.org/forums/showthread.php?s=&threadid=21890&highlight=xorg > >(sorry about the long url, had to set columns to 76 to get it in.) > >Note that the first page of the thread is when it first came out. >Within the last few days, most of the problems have been fixed, and >after removing all XFree stuff and wrapper one simply follows the >instructions at http://bsd-unix.org/xorg.txt > >The only other caveat is that one should first cvsup ports, then make >sure your version of expat is the same as that in >/usr/ports/textproc/expat2's Makefile. If not, portupgrade that first, >or you'll get a stop error (I'm sorry, I don't remember where, it only >happened once on one of the 5 boxes.) > >Anyway, hope this is of interest to someone--it's 3:30 am and a >headache is keeping me up so I feel like hearing myself type. :) > > > > execellent, do you happen to know the status of GL support with X.org? I assume GL and things of that nature are on different layer than XFree86. Is that true? Also, did your XFree86-4.conf file move over to X.org w/o a hassle? cheers, pete -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From bob Thu Jun 3 11:45:52 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 11:45:52 -0400 Subject: [nycbug-talk] Ldap -> mac environment In-Reply-To: <20040603132529.GD24745@metm.org> References: <20040603132529.GD24745@metm.org> Message-ID: <184C674A-B575-11D8-B453-000A95686CD8@redivi.com> On Jun 3, 2004, at 9:25 AM, marco at metm.org wrote: > Basically I was confused about mozilla mail's ldap client support for > the address book. Basically it sucks. Even though internally mozilla > uses ldap/ldif files for the address book when I set up an openldap > sldapd > server to serve out that same information, I found that when getting > the information from an ldap server, you can't get a listing of the > addresses, you can only do searches (searching for empty string didn't > quite work), and most importantly _you can't update the information on > the ldap server_ making my idea pretty much unuseable. Here is a link > pretty much confirming what I found. I don't have any recent experience with Mozilla Mail, but in my 5 or 6 years of LDAP experience both of the issues you bring up have pretty much always been a problem with just about all LDAP client software. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/703591c0/attachment.bin From bob Thu Jun 3 11:50:41 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 11:50:41 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603141101.GN7939@bizintegrators.com> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> Message-ID: On Jun 3, 2004, at 10:11 AM, mlists at bizintegrators.com wrote: >>> I'm very gratefull for OpenBSD's integrity, meaning things like >>> binary >>> only drivers will never be accepted. >> >> I don't see how this is true. >> >> Sure binary only modules may not be possible, but binary only patches >> are >> very much possible. Additionally thanks to the liberal BSD license, >> this >> becomes more so possible as opposed to the requirements of the GPL. > > I think binary patches and binary kernel modules are very different. > Unless there is a source, or it complies with OpenBSD goals, they will > not accept anything kernel or userland related. Even with source, and a > bad license, they will not accept it. This is what I meant when I said > the above. > Binary patches patch already what is in the system. My comment only > related to things like binary-only NV drivers, for example. I don't get what you're trying to say here. Linux won't accept kernel modules and patches that aren't GPL either, but it just so happens that there are third parties that provide a few binary only drivers. In the case of OpenBSD, you just don't have any interested third parties (that I'm aware of). -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/730202a4/attachment.bin From scottro Thu Jun 3 12:02:32 2004 From: scottro (Scott Robbins) Date: Thu, 3 Jun 2004 12:02:32 -0400 Subject: [nycbug-talk] A bit more on xorg In-Reply-To: <40BF403D.7070501@nomadlogic.org> References: <20040603073615.GA15263@scottro11.homeunix.net> <40BF403D.7070501@nomadlogic.org> Message-ID: <20040603160232.GA1796@nyserve1.starlofashions.com> On Thu, Jun 03, 2004 at 11:14:05AM -0400, Pete Wright wrote: > Scott Robbins wrote: > > >A day or so ago, I asked had anyone been playing with xorg. Since then, > >I've installed it on a few boxe--more out of boredom than any great > >political reason, though one gets the general impression that further > >advances in X will be through xorg rather than XFree. > > > > > >Anyway, hope this is of interest to someone--it's 3:30 am and a > >headache is keeping me up so I feel like hearing myself type. :) > > > > execellent, do you happen to know the status of GL support with X.org? > I assume GL and things of that nature are on different layer than > XFree86. Is that true? Also, did your XFree86-4.conf file move over to > X.org w/o a hassle? On my boxes (don't use KDE or Gnome, so don't know if it's a factor) I have had XF86Config, not Config-4. Xorg simply uses that config file, though I should copy it over to xorgconfig or whatever it's called. (I should probably not copy it till I know.) :) Since posting last night, I thought to myself, ok, let's do this one last box, and have been running into problems. :) Still, 5 out of 6 went without difficulty. I'm afraid I don't know the status of GL support. -- Scott GPG KeyID EB3467D6 ( 1B848 077D 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: I can not stress enough how much I don't have plans. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/9241a351/attachment.bin From marco Thu Jun 3 12:10:43 2004 From: marco (Marco Scoffier) Date: Thu, 3 Jun 2004 12:10:43 -0400 Subject: [nycbug-talk] Ldap -> mac environment In-Reply-To: <184C674A-B575-11D8-B453-000A95686CD8@redivi.com> References: <20040603132529.GD24745@metm.org> <184C674A-B575-11D8-B453-000A95686CD8@redivi.com> Message-ID: <20040603161043.GO24745@metm.org> On Thu, Jun 03, 2004 at 11:45:52AM -0400, Bob Ippolito wrote: > I don't have any recent experience with Mozilla Mail, but in my 5 or 6 > years of LDAP experience both of the issues you bring up have pretty > much always been a problem with just about all LDAP client software. Being a ldap newbie, this was an unfortunate suprise for me. gq seems to work nicely. Not for OS9 though. -- Marco From pete Thu Jun 3 12:36:22 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 12:36:22 -0400 Subject: [nycbug-talk] A bit more on xorg In-Reply-To: <20040603160232.GA1796@nyserve1.starlofashions.com> References: <20040603073615.GA15263@scottro11.homeunix.net> <40BF403D.7070501@nomadlogic.org> <20040603160232.GA1796@nyserve1.starlofashions.com> Message-ID: <40BF5386.2010200@nomadlogic.org> Scott Robbins wrote: > > >On my boxes (don't use KDE or Gnome, so don't know if it's a factor) I >have had XF86Config, not Config-4. Xorg simply uses that config file, >though I should copy it over to xorgconfig or whatever it's called. (I >should probably not copy it till I know.) :) > > > cool, can't tell you how much time i've spent tweaking my XF86Config files ;) >Since posting last night, I thought to myself, ok, let's do this one >last box, and have been running into problems. :) Still, 5 out of 6 >went without difficulty. I'm afraid I don't know the status of GL >support. > > > > yea 5 outta 6 ain't bad at all, i wish i had the same average with XFree865 ;) thanks! -p -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From pete Thu Jun 3 12:41:23 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 12:41:23 -0400 Subject: [nycbug-talk] kernels In-Reply-To: References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> Message-ID: <40BF54B3.3020200@nomadlogic.org> Bob Ippolito wrote: > > On Jun 3, 2004, at 10:11 AM, mlists at bizintegrators.com wrote: > >>>> I'm very gratefull for OpenBSD's integrity, meaning things like binary >>>> only drivers will never be accepted. >>> >>> >>> I don't see how this is true. >>> >>> Sure binary only modules may not be possible, but binary only >>> patches are >>> very much possible. Additionally thanks to the liberal BSD license, >>> this >>> becomes more so possible as opposed to the requirements of the GPL. >> >> >> I think binary patches and binary kernel modules are very different. >> Unless there is a source, or it complies with OpenBSD goals, they will >> not accept anything kernel or userland related. Even with source, and a >> bad license, they will not accept it. This is what I meant when I said >> the above. >> Binary patches patch already what is in the system. My comment only >> related to things like binary-only NV drivers, for example. > > > I don't get what you're trying to say here. Linux won't accept kernel > modules and patches that aren't GPL either, but it just so happens > that there are third parties that provide a few binary only drivers. actually the kernel will accept non-GPL'd lkm's, it will just "taint" the kernel and tell you about that at boot time. the nvidia drivers are not GPL'd for example. > In the case of OpenBSD, you just don't have any interested third > parties (that I'm aware of). > i don't think the OpenBSD folks want anything to do with non-open source drivers for various reasons. in any event it's 6 or one 1/2 a dozen of the other... -p -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From mlists Thu Jun 3 13:06:13 2004 From: mlists (mlists at bizintegrators.com) Date: Thu, 3 Jun 2004 13:06:13 -0400 Subject: [nycbug-talk] kernels In-Reply-To: References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> Message-ID: <20040603170613.GO7939@bizintegrators.com> On Thu, Jun 03, 2004 at 11:50:41AM -0400, Bob Ippolito wrote: > > On Jun 3, 2004, at 10:11 AM, mlists at bizintegrators.com wrote: > > >>>I'm very gratefull for OpenBSD's integrity, meaning things like > >>>binary > >>>only drivers will never be accepted. > >> > >>I don't see how this is true. > >> > >>Sure binary only modules may not be possible, but binary only patches > >>are > >>very much possible. Additionally thanks to the liberal BSD license, > >>this > >>becomes more so possible as opposed to the requirements of the GPL. > > > >I think binary patches and binary kernel modules are very different. > >Unless there is a source, or it complies with OpenBSD goals, they will > >not accept anything kernel or userland related. Even with source, and a > >bad license, they will not accept it. This is what I meant when I said > >the above. > >Binary patches patch already what is in the system. My comment only > >related to things like binary-only NV drivers, for example. > > I don't get what you're trying to say here. Linux won't accept kernel > modules and patches that aren't GPL either, but it just so happens that > there are third parties that provide a few binary only drivers. In the > case of OpenBSD, you just don't have any interested third parties (that > I'm aware of). As far as I know, GPL means you have to release the source, and since there is no source for NVidia, they must not be GPL. I'm guessing, so you might be right. They might be LGPL or whatever, to allow such drivers to link against the kernel. I don't know how it works. I know there is no source for NV module driver from NVidia. I'm trying to say this. If NVidia writes a driver for OpenBSD, and releases it in a binary-only form, they will not accept it. -bruno From bob Thu Jun 3 13:40:33 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 13:40:33 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <40BF54B3.3020200@nomadlogic.org> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> <40BF54B3.3020200@nomadlogic.org> Message-ID: <1D934E6C-B585-11D8-B453-000A95686CD8@redivi.com> On Jun 3, 2004, at 12:41 PM, Pete Wright wrote: > Bob Ippolito wrote: > >> >> On Jun 3, 2004, at 10:11 AM, mlists at bizintegrators.com wrote: >> >>>>> I'm very gratefull for OpenBSD's integrity, meaning things like >>>>> binary >>>>> only drivers will never be accepted. >>>> >>>> >>>> I don't see how this is true. >>>> >>>> Sure binary only modules may not be possible, but binary only >>>> patches are >>>> very much possible. Additionally thanks to the liberal BSD >>>> license, this >>>> becomes more so possible as opposed to the requirements of the GPL. >>> >>> >>> I think binary patches and binary kernel modules are very different. >>> Unless there is a source, or it complies with OpenBSD goals, they >>> will >>> not accept anything kernel or userland related. Even with source, >>> and a >>> bad license, they will not accept it. This is what I meant when I >>> said >>> the above. >>> Binary patches patch already what is in the system. My comment only >>> related to things like binary-only NV drivers, for example. >> >> >> I don't get what you're trying to say here. Linux won't accept >> kernel modules and patches that aren't GPL either, but it just so >> happens that there are third parties that provide a few binary only >> drivers. > > > actually the kernel will accept non-GPL'd lkm's, it will just "taint" > the kernel and tell you about that at boot time. the nvidia drivers > are not GPL'd for example. > >> In the case of OpenBSD, you just don't have any interested third >> parties (that I'm aware of). >> > i don't think the OpenBSD folks want anything to do with non-open > source drivers for various reasons. in any event it's 6 or one 1/2 a > dozen of the other... The Linux kernel and OpenBSD kernels will link with whatever the heck you want them to link to because *you have the source* to the kernel. I still don't get what you're trying to say. Neither Linux nor OpenBSD will allow inappropriately licensed code to become part of the kernel tree proper, but they have no control over whether or not proprietary code that can link to the respective kernel (runtime or otherwise, they could provide a .o file in the case of a static kernel) is allowed to exist. OpenBSD is actually more open, legally, to proprietary code. I could, tomorrow, start my own proprietary binary-only "ClosedBSD" operating system consisting of 99.99% OpenBSD and 0.01% modified code and I wouldn't be infringing on anyone's copyright because the BSD license allows me to do this. I couldn't legally do the same thing with Linux, because then I wouldn't be complying to the terms of the GPL and would be infringing a lot of copyrights. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/7de27403/attachment.bin From sunny-ml Thu Jun 3 14:03:11 2004 From: sunny-ml (Sunny Dubey) Date: Thu, 3 Jun 2004 14:03:11 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <40BF54B3.3020200@nomadlogic.org> References: <40BE836A.7020104@nomadlogic.org> <40BF54B3.3020200@nomadlogic.org> Message-ID: <200406031403.11419.sunny-ml@opencurve.org> On Thursday 03 June 2004 12:41 pm, Pete Wright wrote: > > I don't get what you're trying to say here. Linux won't accept kernel > > modules and patches that aren't GPL either, but it just so happens > > that there are third parties that provide a few binary only drivers. > > actually the kernel will accept non-GPL'd lkm's, it will just "taint" > the kernel and tell you about that at boot time. the nvidia drivers are > not GPL'd for example. I think we are all talking about different things when we speak about "accepting" binary only code. The linux kernel will load binary only modules (and/or its wrapper) and it will complain. However binary only modules will never be accepted into the main linux kernel tree for obvious reasons. (binary only firmware is a different story) > > In the case of OpenBSD, you just don't have any interested third > > parties (that I'm aware of). > > i don't think the OpenBSD folks want anything to do with non-open source > drivers for various reasons. in any event it's 6 or one 1/2 a dozen of > the other... The decision of OpenBSD's liking or disliking of binary only code is not theirs. It is up to the other third party to choose if they want to create such drivers (obviously these drivers will never make it close to the main kernel tree). Sunny Dubey From bob Thu Jun 3 13:52:16 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 13:52:16 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603170613.GO7939@bizintegrators.com> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> <20040603170613.GO7939@bizintegrators.com> Message-ID: On Jun 3, 2004, at 1:06 PM, mlists at bizintegrators.com wrote: > On Thu, Jun 03, 2004 at 11:50:41AM -0400, Bob Ippolito wrote: >> >> On Jun 3, 2004, at 10:11 AM, mlists at bizintegrators.com wrote: >> >>>>> I'm very gratefull for OpenBSD's integrity, meaning things like >>>>> binary >>>>> only drivers will never be accepted. >>>> >>>> I don't see how this is true. >>>> >>>> Sure binary only modules may not be possible, but binary only >>>> patches >>>> are >>>> very much possible. Additionally thanks to the liberal BSD license, >>>> this >>>> becomes more so possible as opposed to the requirements of the GPL. >>> >>> I think binary patches and binary kernel modules are very different. >>> Unless there is a source, or it complies with OpenBSD goals, they >>> will >>> not accept anything kernel or userland related. Even with source, >>> and a >>> bad license, they will not accept it. This is what I meant when I >>> said >>> the above. >>> Binary patches patch already what is in the system. My comment only >>> related to things like binary-only NV drivers, for example. >> >> I don't get what you're trying to say here. Linux won't accept kernel >> modules and patches that aren't GPL either, but it just so happens >> that >> there are third parties that provide a few binary only drivers. In >> the >> case of OpenBSD, you just don't have any interested third parties >> (that >> I'm aware of). > > As far as I know, GPL means you have to release the source, and since > there is no source for NVidia, they must not be GPL. I'm guessing, so > you might be right. They might be LGPL or whatever, to allow such > drivers to link against the kernel. I don't know how it works. I know > there is no source for NV module driver from NVidia. No, the Linux kernel is GPL, but does allow for *runtime* linking of closed code. There was a big dispute over whether or not this was allowed by the GPL, but Linus decreed that vendors should be allowed to do this, so they can with certain limitations. > I'm trying to say this. If NVidia writes a driver for OpenBSD, and > releases it in a binary-only form, they will not accept it. NVidia's drivers aren't "accepted" by Linux either. They are however legally allowed to exist, and perhaps some distributions of Linux include them for the convenience of the users. OpenBSD's license allows you to do more or less whatever you want, including linking in proprietary drivers. The reason they don't exist is just because nobody has written them. If I were to release some distribution of OpenBSD, I would be allowed to include whatever proprietary code I want in whatever form I so choose regardless of how it's linked to other code, because the BSD license is open to such scenarios. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/bb5d4f53/attachment.bin From mlists Thu Jun 3 14:52:25 2004 From: mlists (mlists at bizintegrators.com) Date: Thu, 3 Jun 2004 14:52:25 -0400 Subject: [nycbug-talk] kernels In-Reply-To: References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> <20040603170613.GO7939@bizintegrators.com> Message-ID: <20040603185225.GP7939@bizintegrators.com> On Thu, Jun 03, 2004 at 01:52:16PM -0400, Bob Ippolito wrote: > NVidia's drivers aren't "accepted" by Linux either. They are however > legally allowed to exist, and perhaps some distributions of Linux > include them for the convenience of the users. > > OpenBSD's license allows you to do more or less whatever you want, > including linking in proprietary drivers. The reason they don't exist > is just because nobody has written them. If I were to release some > distribution of OpenBSD, I would be allowed to include whatever > proprietary code I want in whatever form I so choose regardless of how > it's linked to other code, because the BSD license is open to such > scenarios. Yes, but that would be BobBSD. From bob Thu Jun 3 14:56:44 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 14:56:44 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603185225.GP7939@bizintegrators.com> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> <20040603170613.GO7939@bizintegrators.com> <20040603185225.GP7939@bizintegrators.com> Message-ID: On Jun 3, 2004, at 2:52 PM, mlists at bizintegrators.com wrote: > On Thu, Jun 03, 2004 at 01:52:16PM -0400, Bob Ippolito wrote: >> NVidia's drivers aren't "accepted" by Linux either. They are however >> legally allowed to exist, and perhaps some distributions of Linux >> include them for the convenience of the users. >> >> OpenBSD's license allows you to do more or less whatever you want, >> including linking in proprietary drivers. The reason they don't exist >> is just because nobody has written them. If I were to release some >> distribution of OpenBSD, I would be allowed to include whatever >> proprietary code I want in whatever form I so choose regardless of how >> it's linked to other code, because the BSD license is open to such >> scenarios. > > Yes, but that would be BobBSD. Exactly. Linux is just the kernel, and the kernel team definitely does not "accept" anything that is not compatible with their license. It's the distributions (none of which are called just Linux) that choose whether or not to "accept" proprietary kernel modules. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/26d83caf/attachment.bin From mlists Thu Jun 3 15:18:43 2004 From: mlists (mlists at bizintegrators.com) Date: Thu, 3 Jun 2004 15:18:43 -0400 Subject: [nycbug-talk] kernels In-Reply-To: References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> <20040603170613.GO7939@bizintegrators.com> <20040603185225.GP7939@bizintegrators.com> Message-ID: <20040603191843.GQ7939@bizintegrators.com> On Thu, Jun 03, 2004 at 02:56:44PM -0400, Bob Ippolito wrote: > > On Jun 3, 2004, at 2:52 PM, mlists at bizintegrators.com wrote: > > >On Thu, Jun 03, 2004 at 01:52:16PM -0400, Bob Ippolito wrote: > >>NVidia's drivers aren't "accepted" by Linux either. They are however > >>legally allowed to exist, and perhaps some distributions of Linux > >>include them for the convenience of the users. > >> > >>OpenBSD's license allows you to do more or less whatever you want, > >>including linking in proprietary drivers. The reason they don't exist > >>is just because nobody has written them. If I were to release some > >>distribution of OpenBSD, I would be allowed to include whatever > >>proprietary code I want in whatever form I so choose regardless of how > >>it's linked to other code, because the BSD license is open to such > >>scenarios. > > > >Yes, but that would be BobBSD. > > Exactly. Linux is just the kernel, and the kernel team definitely does > not "accept" anything that is not compatible with their license. It's > the distributions (none of which are called just Linux) that choose > whether or not to "accept" proprietary kernel modules. > OK, all I said was that I was happy that this was not included in OpenBSD, the system (on project level, not the kernel. I assumed it would be compared to a Linux distro, not Linux-the-kernel. From pete Thu Jun 3 15:27:02 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 15:27:02 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603191843.GQ7939@bizintegrators.com> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> <20040603170613.GO7939@bizintegrators.com> <20040603185225.GP7939@bizintegrators.com> <20040603191843.GQ7939@bizintegrators.com> Message-ID: <40BF7B86.9040604@nomadlogic.org> mlists at bizintegrators.com wrote: >On Thu, Jun 03, 2004 at 02:56:44PM -0400, Bob Ippolito wrote: > > >>On Jun 3, 2004, at 2:52 PM, mlists at bizintegrators.com wrote: >> >> >> >>>On Thu, Jun 03, 2004 at 01:52:16PM -0400, Bob Ippolito wrote: >>> >>> >>>>NVidia's drivers aren't "accepted" by Linux either. They are however >>>>legally allowed to exist, and perhaps some distributions of Linux >>>>include them for the convenience of the users. >>>> >>>>OpenBSD's license allows you to do more or less whatever you want, >>>>including linking in proprietary drivers. The reason they don't exist >>>>is just because nobody has written them. If I were to release some >>>>distribution of OpenBSD, I would be allowed to include whatever >>>>proprietary code I want in whatever form I so choose regardless of how >>>>it's linked to other code, because the BSD license is open to such >>>>scenarios. >>>> >>>> >>>Yes, but that would be BobBSD. >>> >>> >>Exactly. Linux is just the kernel, and the kernel team definitely does >>not "accept" anything that is not compatible with their license. It's >>the distributions (none of which are called just Linux) that choose >>whether or not to "accept" proprietary kernel modules. >> >> >> > >OK, all I said was that I was happy that this was not included in >OpenBSD, the system (on project level, not the kernel. I assumed it >would be compared to a Linux distro, not Linux-the-kernel. > > > yea this is crazy. this bantering doesn't even relate to the article/thread either :( i was hoping people would more interested in the micro v. monolithic kernel issues, esp. seeing that apple has adopted MACH. sigh. -p >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From elric Thu Jun 3 16:15:37 2004 From: elric (Roland C. Dowdeswell) Date: Thu, 03 Jun 2004 16:15:37 -0400 Subject: [nycbug-talk] kernels In-Reply-To: Your message of "Thu, 03 Jun 2004 15:27:02 EDT." <40BF7B86.9040604@nomadlogic.org> Message-ID: <20040603201537.8781B174C6@arioch.imrryr.org> On 1086290822 seconds since the Beginning of the UNIX epoch Pete Wright wrote: > >yea this is crazy. this bantering doesn't even relate to the >article/thread either :( i was hoping people would more interested in >the micro v. monolithic kernel issues, esp. seeing that apple has >adopted MACH. sigh. Well, the thread pointed to wasn't talking about micro vs. monolithic kernels, it was just talking about LKMs which are substantially less interesting. It did have an assertion that I think is rather suspect, in that it claimed that a fully LKMed system would outperform a non-LKMed implementation. This, I think is a false statement. Using LKMs you can save memory, but it does not speed up execution at all. In fact, it slows execution down. It is done simply for convenience (some definition thereof, sure.) E.g. by not using LKMs, one can have #ifdef's in multiple places in the code that all depend on a single feature being active. As in, if I do not want a packet filter in my kernel, then I do not define options PFIL_HOOKS and the if statement that checks to see if there are any registered packet filters that need to be called is elided from the resulting kernel. This sort of thing makes execution faster. It's a cheap form of global optimisation. If we had C compilers that performed reasonable global optimisation then LKMs would be a bit more of a penalty (but I do not think that we do.) [of course that last bit doesn't apply to OpenBSD because although they offer the functionality I outlined they do not `support' it. NetBSD does support kernels with modified config files.] -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From bob Thu Jun 3 16:43:52 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 16:43:52 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <40BF7B86.9040604@nomadlogic.org> References: <40BE836A.7020104@nomadlogic.org> <20040603060735.GL7939@bizintegrators.com> <200406030906.55298.sunny-ml@opencurve.org> <20040603141101.GN7939@bizintegrators.com> <20040603170613.GO7939@bizintegrators.com> <20040603185225.GP7939@bizintegrators.com> <20040603191843.GQ7939@bizintegrators.com> <40BF7B86.9040604@nomadlogic.org> Message-ID: On Jun 3, 2004, at 3:27 PM, Pete Wright wrote: > yea this is crazy. this bantering doesn't even relate to the > article/thread either :( i was hoping people would more interested in > the micro v. monolithic kernel issues, esp. seeing that apple has > adopted MACH. sigh. Personally I prefer microkernel architectures because they're easier to work with (as a developer). They also offer loads of practical and theoretical advantages. The discussion in the article is really about modular versus static (an implementation detail), not micro versus monolithic (a major architectural decision). The security argument is kind of silly, because if that really was a concern you could add a sysctl that lets you turn module loading off (forever) at runtime. So you boot up, load your modules, and turn module loading off. In practice, nobody really does this (as far as I know) because only root can load kernel modules and root can do whatever he wants anyway, whether or not the kernel is split into 1 or 1000 pieces. The supported configuration argument is also silly. The only difference is that OpenBSD is only configurable at compile time, where others are configurable at runtime. Since it is open source software, the user is still free to alter (or more likely, NOT alter) that configuration in both cases. However, with the development tools we have today, static kernels can offer several obvious slight advantages. - marginally better performance on average - easier to install/upgrade (just one file) - can be easier to debug with tools that don't know what kernel modules are (the addresses of symbols never change) All three of these are minor though. The latter two are solved with better tools (that pretty much already exist), while fixing the first could be lifted with a lot of work by using JIT techniques.. but it would be really hard to implement correctly and the performance improvement is very marginal. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/4a6a95d9/attachment.bin From mikel.king Thu Jun 3 17:25:00 2004 From: mikel.king (Mikel King) Date: Thu, 3 Jun 2004 17:25:00 -0400 Subject: [nycbug-talk] Ldap -> mac environment Message-ID: <20040603212550.6F82DA85FE@virtu.nyphp.org> Marco, I recall a project add on for Mozilla that was to access MySql...I am unfortunately not able to pull up my notes on this right now but I will get back to you later tonite. I also remember that the project might have been convrted to an ADO so the any supported db could be accessed...obviously all of this is mute if you are not upto learning xul...but (I know I'm rambling) the was yet another project to bind php as well as another for python scripting directly into M. I have long held the position that ldap is not the best for contact management. (!flame bait, just MY opinion). marco at metm.org wrote: __________ >[Body not available. Message moved or deleted on server] From elric Thu Jun 3 17:34:10 2004 From: elric (Roland C. Dowdeswell) Date: Thu, 03 Jun 2004 17:34:10 -0400 Subject: [nycbug-talk] kernels In-Reply-To: Your message of "Thu, 03 Jun 2004 16:43:52 EDT." Message-ID: <20040603213410.A3FE0174C7@arioch.imrryr.org> On 1086295432 seconds since the Beginning of the UNIX epoch Bob Ippolito wrote: > >The security argument is kind of silly, because if that really was a >concern you could add a sysctl that lets you turn module loading off >(forever) at runtime. So you boot up, load your modules, and turn >module loading off. In practice, nobody really does this (as far as I >know) because only root can load kernel modules and root can do >whatever he wants anyway, whether or not the kernel is split into 1 or >1000 pieces. There are things that you do not want to allow even root to do without dropping into single user mode on the console. And you have to disable LKM loading in order to get there. E.g. on NetBSD in secure level > 0, root cannot grovel the PCI bus and directly access hardware, write to immutable files, etc. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From bob Thu Jun 3 17:49:47 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 17:49:47 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603213410.A3FE0174C7@arioch.imrryr.org> References: <20040603213410.A3FE0174C7@arioch.imrryr.org> Message-ID: On Jun 3, 2004, at 5:34 PM, Roland C. Dowdeswell wrote: > On 1086295432 seconds since the Beginning of the UNIX epoch > Bob Ippolito wrote: >> > >> The security argument is kind of silly, because if that really was a >> concern you could add a sysctl that lets you turn module loading off >> (forever) at runtime. So you boot up, load your modules, and turn >> module loading off. In practice, nobody really does this (as far as I >> know) because only root can load kernel modules and root can do >> whatever he wants anyway, whether or not the kernel is split into 1 or >> 1000 pieces. > > There are things that you do not want to allow even root to do > without dropping into single user mode on the console. And you > have to disable LKM loading in order to get there. E.g. on NetBSD > in secure level > 0, root cannot grovel the PCI bus and directly > access hardware, write to immutable files, etc. Sure, but that is completely orthogonal to *having* LKM. It's very easy to have a kill-switch sysctl that turns it off until the next reboot. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/30a67e3d/attachment.bin From bob Thu Jun 3 17:52:19 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 17:52:19 -0400 Subject: [nycbug-talk] Ldap -> mac environment In-Reply-To: <20040603212550.6F82DA85FE@virtu.nyphp.org> References: <20040603212550.6F82DA85FE@virtu.nyphp.org> Message-ID: <497E4F35-B5A8-11D8-B453-000A95686CD8@redivi.com> On Jun 3, 2004, at 5:25 PM, Mikel King wrote: > I recall a project add on for Mozilla that was to access MySql...I > am unfortunately not able to pull up my notes on this right now but I > will get back to you later tonite. I also remember that the project > might have been convrted to an ADO so the any supported db could be > accessed...obviously all of this is mute if you are not upto learning > xul...but (I know I'm rambling) the was yet another project to bind > php as well as another for python scripting directly into M. > > I have long held the position that ldap is not the best for contact > management. (!flame bait, just MY opinion). ... and why is some custom SQL stuff that only mozilla understands better? -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/a6179223/attachment.bin From elric Thu Jun 3 18:01:55 2004 From: elric (Roland C. Dowdeswell) Date: Thu, 03 Jun 2004 18:01:55 -0400 Subject: [nycbug-talk] kernels In-Reply-To: Your message of "Thu, 03 Jun 2004 17:49:47 EDT." Message-ID: <20040603220155.B6768174C7@arioch.imrryr.org> On 1086299387 seconds since the Beginning of the UNIX epoch Bob Ippolito wrote: > >On Jun 3, 2004, at 5:34 PM, Roland C. Dowdeswell wrote: > >> On 1086295432 seconds since the Beginning of the UNIX epoch >> Bob Ippolito wrote: >>> >> >>> The security argument is kind of silly, because if that really was a >>> concern you could add a sysctl that lets you turn module loading off >>> (forever) at runtime. So you boot up, load your modules, and turn >>> module loading off. In practice, nobody really does this (as far as I >>> know) because only root can load kernel modules and root can do >>> whatever he wants anyway, whether or not the kernel is split into 1 or >>> 1000 pieces. >> >> There are things that you do not want to allow even root to do >> without dropping into single user mode on the console. And you >> have to disable LKM loading in order to get there. E.g. on NetBSD >> in secure level > 0, root cannot grovel the PCI bus and directly >> access hardware, write to immutable files, etc. > >Sure, but that is completely orthogonal to *having* LKM. It's very >easy to have a kill-switch sysctl that turns it off until the next >reboot. Yes, of course. I was just pointing out that one of your assertions, ``root can do whatever he wants anyway'' is not entirely accurate. I was not arguing that a switch to turn off LKM loading would not solve the issue, in fact that's how NetBSD deals with it. LKMs are not allowed to be loaded or unloaded in securelevel > 0. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From pete Thu Jun 3 18:06:02 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 18:06:02 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603220155.B6768174C7@arioch.imrryr.org> References: <20040603220155.B6768174C7@arioch.imrryr.org> Message-ID: <40BFA0CA.2020607@nomadlogic.org> Roland C. Dowdeswell wrote: >On 1086299387 seconds since the Beginning of the UNIX epoch >Bob Ippolito wrote: > > > > > >>On Jun 3, 2004, at 5:34 PM, Roland C. Dowdeswell wrote: >> >> >> >>>On 1086295432 seconds since the Beginning of the UNIX epoch >>>Bob Ippolito wrote: >>> >>> >>>>The security argument is kind of silly, because if that really was a >>>>concern you could add a sysctl that lets you turn module loading off >>>>(forever) at runtime. So you boot up, load your modules, and turn >>>>module loading off. In practice, nobody really does this (as far as I >>>>know) because only root can load kernel modules and root can do >>>>whatever he wants anyway, whether or not the kernel is split into 1 or >>>>1000 pieces. >>>> >>>> >>>There are things that you do not want to allow even root to do >>>without dropping into single user mode on the console. And you >>>have to disable LKM loading in order to get there. E.g. on NetBSD >>>in secure level > 0, root cannot grovel the PCI bus and directly >>>access hardware, write to immutable files, etc. >>> >>> >>Sure, but that is completely orthogonal to *having* LKM. It's very >>easy to have a kill-switch sysctl that turns it off until the next >>reboot. >> >> > >Yes, of course. I was just pointing out that one of your assertions, >``root can do whatever he wants anyway'' is not entirely accurate. >I was not arguing that a switch to turn off LKM loading would not >solve the issue, in fact that's how NetBSD deals with it. LKMs >are not allowed to be loaded or unloaded in securelevel > 0. > > how does setting the securelevel in NetBSD work? i'm not very familiar with it :( Is this a boot time option, or kernel compiletime option? I'd assume setting security levels ala sysctl would not be the best thing. If someone get's root, then can alter sysctl parms. etc.... -p >-- > Roland Dowdeswell http://www.Imrryr.ORG/~elric/ > > -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From elric Thu Jun 3 18:12:30 2004 From: elric (Roland C. Dowdeswell) Date: Thu, 03 Jun 2004 18:12:30 -0400 Subject: [nycbug-talk] kernels In-Reply-To: Your message of "Thu, 03 Jun 2004 18:06:02 EDT." <40BFA0CA.2020607@nomadlogic.org> Message-ID: <20040603221230.B0228174C7@arioch.imrryr.org> On 1086300362 seconds since the Beginning of the UNIX epoch Pete Wright wrote: > >how does setting the securelevel in NetBSD work? i'm not very familiar >with it :( Is this a boot time option, or kernel compiletime option? >I'd assume setting security levels ala sysctl would not be the best >thing. If someone get's root, then can alter sysctl parms. etc.... It's a raiseonly sysctl. So, you don't get to lower it. The levels are roughly described in NetBSD's init(8) man page. The concept comes from 4.4BSD, IIRC, so it should also be present in {Free,Open}BSD. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From pete Thu Jun 3 19:32:42 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 18:32:42 -0500 Subject: [nycbug-talk] kernels In-Reply-To: <20040603221230.B0228174C7@arioch.imrryr.org> References: <20040603221230.B0228174C7@arioch.imrryr.org> Message-ID: <40BFB51A.3060306@nomadlogic.org> Roland C. Dowdeswell wrote: >On 1086300362 seconds since the Beginning of the UNIX epoch >Pete Wright wrote: > > > > > >>how does setting the securelevel in NetBSD work? i'm not very familiar >>with it :( Is this a boot time option, or kernel compiletime option? >>I'd assume setting security levels ala sysctl would not be the best >>thing. If someone get's root, then can alter sysctl parms. etc.... >> >> > >It's a raiseonly sysctl. So, you don't get to lower it. > >The levels are roughly described in NetBSD's init(8) man page. > >The concept comes from 4.4BSD, IIRC, so it should also be present >in {Free,Open}BSD. > >-- > Roland Dowdeswell http://www.Imrryr.ORG/~elric/ > > thanks! -p -- ~~~oO00Oo~~~ Pete Wright pete at nomadlogic.org www.nomadlogic.org/~pete From bsd Thu Jun 3 18:34:16 2004 From: bsd (Kevin Reiter) Date: Thu, 3 Jun 2004 18:34:16 -0400 Subject: [nycbug-talk] FreeBSD 5.2/Apache/PHP/SquirrelMail Message-ID: <000801c449ba$e86d2bf0$0600a8c0@olympus> All, I just finished adding Apache 1.3.29 + MOD SSL with PHP 4.3.4 and SquirrelMail v1.4.2 . The problem is twofold: 1. PHP pages are being displayed as normal text (code) rather than being interpreted by the browser. 2. After configuring SSL and creating the certificates, I receive the following error when I try to sign the certs by my own CA. Here's the error: The Subject's Distinguished Name is as follows countryName :PRINTABLE:'US' stateOrProvinceName :PRINTABLE:'New Jersey' localityName :PRINTABLE:'Hawthorne' organizationName :PRINTABLE:'Geekis-Kahn.net' commonName :PRINTABLE:'Kevin Reiter' emailAddress :IA5STRING:'kevin at geekis-kahn.net' Certificate is to be certified until Jun 3 20:02:45 2005 GMT (365 days) Sign the certificate? [y/n]:y failed to update database TXT_DB error number 2 CA verifying: server.crt <-> CA cert unable to load certificate 17679:error:0906D06C:PEM routines:PEM_read_bio:no start line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:632:Expecting: TRUSTED CERTIFICATE root at mail# uname -a FreeBSD mail.geekis-kahn.net 5.2-RELEASE FreeBSD 5.2-RELEASE I can provide the .conf files for anyone to look over to see if/where I screwed up. Google results didn't really have anything I could find useful. The weird thing is, I've done this on another server and everything works just fine. I even tried copying the files over to the new server, and I get the same results. Any ideas? -Kev From bob Thu Jun 3 18:41:55 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 18:41:55 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603220155.B6768174C7@arioch.imrryr.org> References: <20040603220155.B6768174C7@arioch.imrryr.org> Message-ID: <3741DABE-B5AF-11D8-B453-000A95686CD8@redivi.com> On Jun 3, 2004, at 6:01 PM, Roland C. Dowdeswell wrote: > On 1086299387 seconds since the Beginning of the UNIX epoch > Bob Ippolito wrote: >> > >> On Jun 3, 2004, at 5:34 PM, Roland C. Dowdeswell wrote: >> >>> On 1086295432 seconds since the Beginning of the UNIX epoch >>> Bob Ippolito wrote: >>>> >>> >>>> The security argument is kind of silly, because if that really was a >>>> concern you could add a sysctl that lets you turn module loading off >>>> (forever) at runtime. So you boot up, load your modules, and turn >>>> module loading off. In practice, nobody really does this (as far >>>> as I >>>> know) because only root can load kernel modules and root can do >>>> whatever he wants anyway, whether or not the kernel is split into 1 >>>> or >>>> 1000 pieces. >>> >>> There are things that you do not want to allow even root to do >>> without dropping into single user mode on the console. And you >>> have to disable LKM loading in order to get there. E.g. on NetBSD >>> in secure level > 0, root cannot grovel the PCI bus and directly >>> access hardware, write to immutable files, etc. >> >> Sure, but that is completely orthogonal to *having* LKM. It's very >> easy to have a kill-switch sysctl that turns it off until the next >> reboot. > > Yes, of course. I was just pointing out that one of your assertions, > ``root can do whatever he wants anyway'' is not entirely accurate. > I was not arguing that a switch to turn off LKM loading would not > solve the issue, in fact that's how NetBSD deals with it. LKMs > are not allowed to be loaded or unloaded in securelevel > 0. Well, I know that root isn't ring 0, but you can do a whole lot of nasty stuff like rewrite the boot loader and reboot, or read/write memory in other proceses, shutdown the machine, wipe the partition table, etc. I'm not familiar enough with the implementation of the *BSDs to know whether or not they try and disable any of these things given an appropriate security setting. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/3b71c604/attachment.bin From sunny-ml Thu Jun 3 19:00:56 2004 From: sunny-ml (Sunny Dubey) Date: Thu, 3 Jun 2004 19:00:56 -0400 Subject: [nycbug-talk] FreeBSD 5.2/Apache/PHP/SquirrelMail In-Reply-To: <000801c449ba$e86d2bf0$0600a8c0@olympus> References: <000801c449ba$e86d2bf0$0600a8c0@olympus> Message-ID: <200406031900.57034.sunny-ml@opencurve.org> On Thursday 03 June 2004 06:34 pm, Kevin Reiter wrote: > All, > > I just finished adding Apache 1.3.29 + MOD SSL with PHP 4.3.4 and > SquirrelMail v1.4.2 . The problem is twofold: > > 1. PHP pages are being displayed as normal text (code) rather than being > interpreted by the browser. you need to add the following to your httpd.conf file: LoadModule php4_module modules/libphp4.so AddType application/x-httpd-php .php (the above assumes php was built as a module, if it was built statically I believe that u can simply omit the first line. (u will need to restart apache) dunno about your second problem Sunny Dubey From jromero Thu Jun 3 19:03:56 2004 From: jromero (Jeronimo Romero) Date: Thu, 03 Jun 2004 19:03:56 -0400 Subject: [nycbug-talk] emacs21 port on freebsd 4.10 release?? Message-ID: <1086303836.69683.1.camel@mail.save-ferris.com> anybody know what happened to the emacs21 port under 4.10 release?? From pete Thu Jun 3 19:09:32 2004 From: pete (Pete Wright) Date: Thu, 03 Jun 2004 19:09:32 -0400 Subject: [nycbug-talk] emacs21 port on freebsd 4.10 release?? In-Reply-To: <1086303836.69683.1.camel@mail.save-ferris.com> References: <1086303836.69683.1.camel@mail.save-ferris.com> Message-ID: <40BFAFAC.1060809@nomadlogic.org> Jeronimo Romero wrote: >anybody know what happened to the emacs21 port under 4.10 release?? > > does it not compile? i have it in my ports tree.... -p >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From elric Thu Jun 3 19:02:12 2004 From: elric (Roland C. Dowdeswell) Date: Thu, 03 Jun 2004 19:02:12 -0400 Subject: [nycbug-talk] kernels In-Reply-To: Your message of "Thu, 03 Jun 2004 18:41:55 EDT." <3741DABE-B5AF-11D8-B453-000A95686CD8@redivi.com> Message-ID: <20040603230212.7CDF8174C7@arioch.imrryr.org> On 1086302515 seconds since the Beginning of the UNIX epoch Bob Ippolito wrote: > >Well, I know that root isn't ring 0, but you can do a whole lot of >nasty stuff like rewrite the boot loader and reboot, or read/write >memory in other proceses, shutdown the machine, wipe the partition >table, etc. I'm not familiar enough with the implementation of the >*BSDs to know whether or not they try and disable any of these things >given an appropriate security setting. They do. In high enough secure level, you cannot write to disks except through the file-system code, and cannot upgrade read-only mounts to read-write mounts, etc., etc. You can still do a reasonable amount of damage, but if the system with some level of care it can be difficult to compromise---that is either by careful use of immutable flags, or by simply mounting most of the file-systems read-only. Of course you can shutdown the machine, but that's not much of a problem. Securelevel 2 is a relatively specialised setup and doesn't make sense for end-user machines. It's mostly useful for servers that need to be highly secure. One of the major problems is that the XF86 people insist that they need to have direct access to the PCI bus and hence you cannot increase the securelevel beyond 0 if you want to run X which is a little unfortunate. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From bob Thu Jun 3 19:24:19 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 19:24:19 -0400 Subject: [nycbug-talk] kernels In-Reply-To: <20040603230212.7CDF8174C7@arioch.imrryr.org> References: <20040603230212.7CDF8174C7@arioch.imrryr.org> Message-ID: <23C6623C-B5B5-11D8-B453-000A95686CD8@redivi.com> On Jun 3, 2004, at 7:02 PM, Roland C. Dowdeswell wrote: > On 1086302515 seconds since the Beginning of the UNIX epoch > Bob Ippolito wrote: >> > >> Well, I know that root isn't ring 0, but you can do a whole lot of >> nasty stuff like rewrite the boot loader and reboot, or read/write >> memory in other proceses, shutdown the machine, wipe the partition >> table, etc. I'm not familiar enough with the implementation of the >> *BSDs to know whether or not they try and disable any of these things >> given an appropriate security setting. > > They do. In high enough secure level, you cannot write to disks > except through the file-system code, and cannot upgrade read-only > mounts to read-write mounts, etc., etc. You can still do a reasonable > amount of damage, but if the system with some level of care it can > be difficult to compromise---that is either by careful use of > immutable flags, or by simply mounting most of the file-systems > read-only. > > Of course you can shutdown the machine, but that's not much of a > problem. Sounds like a lot of work for a little real benefit. Let's imagine for a second that I'm running an email server that I would like to be highly secure. By some hook or crook, an attacker gets uid 0 on my highly secure machine. They decide it would be funny to wipe out all of my mail spools and start sending spam. Everything I wanted that machine to do is now ruined, and I need to wipe the disk and restore from tape or start over. What's really left to protect if userspace is hosed? I'm not sure if I should care whether or not they can talk on the PCI bus. If my application *was* the kernel, maybe I'd care, but a kernel really isn't very useful on its own :) -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/aabe7dc9/attachment.bin From george Thu Jun 3 19:32:52 2004 From: george (G.Rosamond) Date: Thu, 3 Jun 2004 19:32:52 -0400 Subject: [nycbug-talk] Woah. . . Message-ID: <553AF06A-B5B6-11D8-885E-000D9328615E@sddi.net> Okay, so first about the meeting last night. . . Our smallest yet, a little under 20 faces made appearances, but again, it seemed discussion was good and the bar conversations were good. Of course, somewhere around 4 am, my iBook dropped out of my backpack and broke that all important delete key. I'm convinced that drinking and driving mix better than drinking and technology. I also received a couple of important shipments today. First I got a copy of Dru Lavigne's BSD Hacks that I'm going to review for Daemon News and possibly try to get it up on Slashdot. Then, but a few hours later, I received a box of five BSD Hacks from ORA, and one copy of Michael Lucas' Absolute BSD. Mr. Genoverly, figure out how you want to distribute these books, and we'll do an exchange when it's possible. Whoever takes gets the books should also be required to do reviews, for Amazon, B&N, and our site (status?). Also, we collected $113 dollars at the meeting, plus $3 more from a Ron at Tekserve, then an additional $10 from Bob. . .for Dan Langille's laptop replacement. That's a total of $126 for Dan, US Dollars. The check for that amount will go out tomorrow. Dan, I know it's not everything, but it's at least something. g From bsd Thu Jun 3 19:35:04 2004 From: bsd (Kevin Reiter) Date: Thu, 03 Jun 2004 19:35:04 -0400 Subject: [nycbug-talk] FreeBSD 5.2/Apache/PHP/SquirrelMail References: <000801c449ba$e86d2bf0$0600a8c0@olympus> <200406031900.57034.sunny-ml@opencurve.org> Message-ID: <002901c449c3$66080af0$0800a8c0@hephaestus> > you need to add the following to your httpd.conf file: > > LoadModule php4_module modules/libphp4.so > AddType application/x-httpd-php .php That did the trick. Thanks! From elric Thu Jun 3 14:46:38 2004 From: elric (Roland C. Dowdeswell) Date: Thu, 03 Jun 2004 14:46:38 -0400 Subject: [nycbug-talk] kernels In-Reply-To: Your message of "Thu, 03 Jun 2004 13:52:16 EDT." Message-ID: <20040603184638.A38BF174C5@arioch.imrryr.org> On 1086285136 seconds since the Beginning of the UNIX epoch Bob Ippolito wrote: > >> As far as I know, GPL means you have to release the source, and since >> there is no source for NVidia, they must not be GPL. I'm guessing, so >> you might be right. They might be LGPL or whatever, to allow such >> drivers to link against the kernel. I don't know how it works. I know >> there is no source for NV module driver from NVidia. > >No, the Linux kernel is GPL, but does allow for *runtime* linking of >closed code. There was a big dispute over whether or not this was >allowed by the GPL, but Linus decreed that vendors should be allowed to >do this, so they can with certain limitations. Actually, unless Linus demands that all copyrights be assigned to him of all contributed code like the FSF does, he is not in a position to make any such statement. Any contributor to Linux could in principal sue NVidia for violating _his_ GPLed code and Linus would not have anything [legally] to say about it. He might be called as a witness, and perhaps NVidia could make the case that by contributing to Linux under the GPL one has tacitly accepted Linus' interpretation of the GPL (which is not the same as RMS'). But that's not necessarily going to help. Also, no one actually runs linux. People run Red Hat or SuSe or Yellow Cat or whatnot. All of these take the kernel as distributed from Linus and apply tens of MB worth of patches on it before shipping it. So, there is even more confusion about who owns what and who can sue whom about GPL violations. One presumes that the people whose code ends up in these patchballs have not even tacitly agreed with Linus' decrees about what the GPL actually means. Effectively though, the GPL hasn't held up in court yet and so all of this is just a risk as far as companies such as NVidia are concerned. The ``GPL wrappers'' are most likely their way of convincing themselves that they are ameliorating the risk adequately. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From george Thu Jun 3 20:09:50 2004 From: george (G.Rosamond) Date: Thu, 3 Jun 2004 20:09:50 -0400 Subject: [nycbug-talk] collection for Dan Langille Message-ID: <7EF6220C-B5BB-11D8-8139-000D9328615E@sddi.net> Sorry I didn't mention it, but the collection of $126 dollars was for Dan Langille. His laptop and some cards had been stolen. Please contact me off list if you want to contribute. . . g From marco Thu Jun 3 20:19:26 2004 From: marco (Marco Scoffier) Date: Thu, 3 Jun 2004 20:19:26 -0400 Subject: [nycbug-talk] Ldap -> mac environment In-Reply-To: <20040603212545.566FD80F9@mail.metm.org> References: <20040603212545.566FD80F9@mail.metm.org> Message-ID: <20040604001926.GB24745@metm.org> On Thu, Jun 03, 2004 at 05:25:00PM -0400, Mikel King wrote: > Marco, > > I recall a project add on for Mozilla that was to access MySql...I > am unfortunately not able to pull up my notes on this right now but > I will get back to you later tonite. I also remember that the > project might have been convrted to an ADO so the any supported db > could be accessed...obviously all of this is mute if you are not > upto learning xul...but (I know I'm rambling) the was yet another > project to bind php as well as another for python scripting directly > into M. Thanks Mikel, I've been thinking of attacking the xul. As I said I think having a button in the mailclient would be a much more attractive solution than suggesting they cut and paste into a web-app. I am already planning another migration of the FileMakerPro contacts database which was out of sync with the Mozilla addressbook. My plan was to put the address book into ldap (which didn't work like I expected) and then evaluate whether SQL or ldap was a better replacement. I already got the FilemakerPro stuff into a format similar to the Mozilla AddressBook, but the client issues with ldap are worrisome. I am certainly interested in any XUL work in the contacts database area. For lack of time, I have not yet gone on an extensive search through the mozilla extensions. -- Marco From bob Thu Jun 3 20:27:18 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 20:27:18 -0400 Subject: [nycbug-talk] Ldap -> mac environment In-Reply-To: <20040604001926.GB24745@metm.org> References: <20040603212545.566FD80F9@mail.metm.org> <20040604001926.GB24745@metm.org> Message-ID: On Jun 3, 2004, at 8:19 PM, Marco Scoffier wrote: > On Thu, Jun 03, 2004 at 05:25:00PM -0400, Mikel King wrote: >> >> I recall a project add on for Mozilla that was to access MySql...I >> am unfortunately not able to pull up my notes on this right now but >> I will get back to you later tonite. I also remember that the >> project might have been convrted to an ADO so the any supported db >> could be accessed...obviously all of this is mute if you are not >> upto learning xul...but (I know I'm rambling) the was yet another >> project to bind php as well as another for python scripting directly >> into M. > > I've been thinking of attacking the xul. As I said I think having a > button in the mailclient would be a much more attractive solution than > suggesting they cut and paste into a web-app. > > I am already planning another migration of the FileMakerPro contacts > database which was out of sync with the Mozilla addressbook. My plan > was to put the address book into ldap (which didn't work like I > expected) and then evaluate whether SQL or ldap was a better > replacement. I already got the FilemakerPro stuff into a format > similar > to the Mozilla AddressBook, but the client issues with ldap are > worrisome. > > I am certainly interested in any XUL work in the contacts database > area. > For lack of time, I have not yet gone on an extensive search through > the > mozilla extensions. What about writing a little application (a la iSync, but the plugin API for that is not public yet, IIRC) that synchronizes their local Mozilla mail contacts with an LDAP server? You could even do it with a little [insert language of choice] script, if the clients are on OS X, because it ships with OpenLDAP installed (at least in 10.3). -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/449250ae/attachment.bin From dan Thu Jun 3 20:42:49 2004 From: dan (Dan Langille) Date: Thu, 03 Jun 2004 20:42:49 -0400 Subject: [nycbug-talk] collection for Dan Langille In-Reply-To: <7EF6220C-B5BB-11D8-8139-000D9328615E@sddi.net> Message-ID: <40BF8D49.9197.3550FE97@localhost> On 3 Jun 2004 at 20:09, G.Rosamond wrote: > Sorry I didn't mention it, but the collection of $126 dollars was for > Dan Langille. His laptop and some cards had been stolen. Thanks folks. I'm very humbled by that. -- Dan Langille : http://www.langille.org/ BSDCan - http://www.bsdcan.org/ From george Thu Jun 3 20:43:23 2004 From: george (G.Rosamond) Date: Thu, 3 Jun 2004 20:43:23 -0400 Subject: [nycbug-talk] Fwd: Receipt for your Payment Message-ID: <2F0B330F-B5C0-11D8-8139-000D9328615E@sddi.net> This is from last night's collection for Dan Langille, the organizer of BSDCan, the brain behind Freshports and FreeBSDDiary, whose had his laptop and some assorted hardware stolen. Original idea for a collection is courtesy of Ike Levy, who provided a great motivating spiel at last night's NYCBUG meeting. boom. future donations can just directly send to payment at bsdcan.org. Begin forwarded message: > From: service at paypal.com > Date: June 3, 2004 8:40:35 PM EDT > To: payment at sddi.net > Subject: Receipt for your Payment > > Dear Secure Design, > > This email confirms that you sent $126.00 USD to payment at bsdcan.org. > > > ------------------------------ > Payment Details > ------------------------------ > > Amount: $126.00 USD > Transaction ID: 5SL532434X728412E > Subject: Towards a Laptop replacement > Note: > We collected $126 at the June 2nd NYCBUG meeting towards replacing your > stolen laptop and nics. > > More may be coming in. > > g > > > View the details of this transaction online at: > https://www.paypal.com/us/vst/id=5SL532434X728412E > > Thank you for using PayPal! > The PayPal Team > > > Your monthly account statement is available anytime; just log in to > your > account at https://www.paypal.com/us/HISTORY. To correct any errors, > please > contact us through our Help Center at https://www.paypal.com/us/HELP. > > > Please do not reply to this e-mail. Mail sent to this address cannot be > answered. For assistance, log in to your PayPal account and choose the > "Help" link in the header of any page. > > > PayPal Email ID PP118 > > > From dan Thu Jun 3 20:45:20 2004 From: dan (Dan Langille) Date: Thu, 03 Jun 2004 20:45:20 -0400 Subject: [nycbug-talk] Woah. . . In-Reply-To: <553AF06A-B5B6-11D8-885E-000D9328615E@sddi.net> Message-ID: <40BF8DE0.29558.35534DA3@localhost> On 3 Jun 2004 at 19:32, G.Rosamond wrote: > Also, we collected $113 dollars at the meeting, plus $3 more from a Ron > at Tekserve, then an additional $10 from Bob. . .for Dan Langille's > laptop replacement. That's a total of $126 for Dan, US Dollars. The > check for that amount will go out tomorrow. > > Dan, I know it's not everything, but it's at least something. The fact that a collection exists impresses me more than total could. Thank you. -- Dan Langille : http://www.langille.org/ BSDCan - http://www.bsdcan.org/ From marco Thu Jun 3 20:47:10 2004 From: marco (Marco Scoffier) Date: Thu, 3 Jun 2004 20:47:10 -0400 Subject: [nycbug-talk] Ldap -> mac environment In-Reply-To: References: <20040603212545.566FD80F9@mail.metm.org> <20040604001926.GB24745@metm.org> Message-ID: <20040604004709.GC24745@metm.org> On Thu, Jun 03, 2004 at 08:27:18PM -0400, Bob Ippolito wrote: > What about writing a little application (a la iSync, but the plugin API > for that is not public yet, IIRC) that synchronizes their local Mozilla > mail contacts with an LDAP server? You could even do it with a little > [insert language of choice] script, if the clients are on OS X, because > it ships with OpenLDAP installed (at least in 10.3). > I'd thought of that too. The clients are mostly OS9, only 2 out of 20 are OSX boxes. I hope there is a Net::LDAP for MacPerl. Only issue I don't know about is that I have to sync both ways, and I wonder about changing the files out from under Mozilla when the client is open. This is a pretty low budget non-profit client, but I like them and thought figuring this out could be useful for other jobs. But if it becomes a huge amount of work, I won't have time to do it. Adding a useful piece to the Mozilla project seems more worthwhile to me. -- Marco From george Thu Jun 3 20:47:54 2004 From: george (G.Rosamond) Date: Thu, 3 Jun 2004 20:47:54 -0400 Subject: [nycbug-talk] Woah. . . In-Reply-To: <40BF8DE0.29558.35534DA3@localhost> References: <40BF8DE0.29558.35534DA3@localhost> Message-ID: On Jun 3, 2004, at 8:45 PM, Dan Langille wrote: > On 3 Jun 2004 at 19:32, G.Rosamond wrote: > >> Also, we collected $113 dollars at the meeting, plus $3 more from a >> Ron >> at Tekserve, then an additional $10 from Bob. . .for Dan Langille's >> laptop replacement. That's a total of $126 for Dan, US Dollars. The >> check for that amount will go out tomorrow. >> >> Dan, I know it's not everything, but it's at least something. > > The fact that a collection exists impresses me more than total could. > > Thank you. > It was easy to see why people contributed. . . Your organizing of BSDCan is a vital step forward for the BSD Community. g From bsd Thu Jun 3 20:50:28 2004 From: bsd (Kevin Reiter) Date: Thu, 03 Jun 2004 20:50:28 -0400 Subject: [nycbug-talk] Woah. . . References: <40BF8DE0.29558.35534DA3@localhost> Message-ID: <004001c449cd$edffe3b0$0800a8c0@hephaestus> > It was easy to see why people contributed. . . Well, that, and he's a nice guy to boot :) erm.. no pun intended... Cheers, Kevin From george Thu Jun 3 21:08:22 2004 From: george (G.Rosamond) Date: Thu, 3 Jun 2004 21:08:22 -0400 Subject: [nycbug-talk] Dan Langille Collection Message-ID: We're up to $176. payment at bsdcan.org. g From bob Thu Jun 3 21:47:16 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 21:47:16 -0400 Subject: [nycbug-talk] Hacking your iBook: PyObjC tutorial slides available Message-ID: <1BB98402-B5C9-11D8-B453-000A95686CD8@redivi.com> The PyObjC stuff I presented last night is available in slide form here: http://undefined.org/python/passwdviewer_cocoabindings_tutorial.pdf The 'finished project' should be distributed with the PyObjC 1.1 sources in Examples/CocoaBindings/TableModel, and a souped up version with searching (even supports regex) is in the same place and is called TableModelWithSource. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/cfb36e94/attachment.bin From dlavigne6 Thu Jun 3 22:10:11 2004 From: dlavigne6 (Dru) Date: Thu, 3 Jun 2004 22:10:11 -0400 (EDT) Subject: [nycbug-talk] making of BSD hacks In-Reply-To: References: Message-ID: <20040603220640.K672@dru.domain.org> For those who haven't seen it yet, chromatic has a nice article on the making of BSD Hacks: http://www.onlamp.com/pub/a/bsd/2004/06/03/bsdhacks.html Besides the interesting note that the book was created using BSD/vi and Linux/vim, Pseudopod/subversion is an ideal combo for any shared documentation project. Dru From bob Thu Jun 3 23:36:18 2004 From: bob (Bob Ippolito) Date: Thu, 3 Jun 2004 23:36:18 -0400 Subject: [nycbug-talk] PseudoPOD (was: making of BSD hacks) In-Reply-To: <20040603220640.K672@dru.domain.org> References: <20040603220640.K672@dru.domain.org> Message-ID: <56E711AE-B5D8-11D8-B453-000A95686CD8@redivi.com> On Jun 3, 2004, at 10:10 PM, Dru wrote: > > For those who haven't seen it yet, chromatic has a nice article on the > making of BSD Hacks: > > http://www.onlamp.com/pub/a/bsd/2004/06/03/bsdhacks.html > > Besides the interesting note that the book was created using BSD/vi and > Linux/vim, Pseudopod/subversion is an ideal combo for any shared > documentation project. I'll have to take a look at PseudoPOD. Is there a canonical URL for it? I'd like to just look at some documentation and samples, rather than going through the trouble of CPANing it in and such. Without having seen PseudoPOD, my current favorite structural plaintext format that I've used to write documentation, papers and slides is definitely ReStructuredText, part of the docutils project: http://docutils.sourceforge.net/ -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040603/e985303c/attachment.bin From dlavigne6 Fri Jun 4 14:01:35 2004 From: dlavigne6 (Dru) Date: Fri, 4 Jun 2004 14:01:35 -0400 (EDT) Subject: [nycbug-talk] PseudoPOD (was: making of BSD hacks) In-Reply-To: <56E711AE-B5D8-11D8-B453-000A95686CD8@redivi.com> References: <20040603220640.K672@dru.domain.org> <56E711AE-B5D8-11D8-B453-000A95686CD8@redivi.com> Message-ID: <20040604135701.V716@dru.domain.org> On Thu, 3 Jun 2004, Bob Ippolito wrote: > > On Jun 3, 2004, at 10:10 PM, Dru wrote: > >> >> For those who haven't seen it yet, chromatic has a nice article on the >> making of BSD Hacks: >> >> http://www.onlamp.com/pub/a/bsd/2004/06/03/bsdhacks.html >> >> Besides the interesting note that the book was created using BSD/vi and >> Linux/vim, Pseudopod/subversion is an ideal combo for any shared >> documentation project. > > I'll have to take a look at PseudoPOD. Is there a canonical URL for it? I'd > like to just look at some documentation and samples, rather than going > through the trouble of CPANing it in and such. You can find it at Allison Randal's page at CPAN: www.cpan.org/authors/id/A/AR/ARANDAL > Without having seen PseudoPOD, my current favorite structural plaintext > format that I've used to write documentation, papers and slides is definitely > ReStructuredText, part of the docutils project: > http://docutils.sourceforge.net/ Hmmm. That looks pretty straight-forward and not too hard to learn... I enjoyed PseudoPOD because it was so easy to learn. Dru From dan Fri Jun 4 14:27:32 2004 From: dan (Dan Langille) Date: Fri, 04 Jun 2004 14:27:32 -0400 Subject: [nycbug-talk] Dan Langille Collection In-Reply-To: Message-ID: <40C086D4.6586.391FD66A@localhost> On 3 Jun 2004 at 21:08, G.Rosamond wrote: > We're up to $176. > > payment at bsdcan.org. There was also another US$150 donated last night directed via Paypal to me. I'm sure these came as a result of the posts to this list. Details at http://dan.langille.org/archives/000011.html Thank you. -- Dan Langille : http://www.langille.org/ BSDCan - http://www.bsdcan.org/ From pete Fri Jun 4 17:25:01 2004 From: pete (Pete Wright) Date: Fri, 04 Jun 2004 17:25:01 -0400 Subject: [nycbug-talk] Soekris Message-ID: <40C0E8AD.20708@nomadlogic.org> Hey all, I am thinking of purchasing one of these boxes for my home network: http://www.soekris.com/ The model I am thinking of purchasing is the: *net4801-50 * They make an ideal firewall, small and very low power consumption. The price starts at $265, for the board and case. Altho if you purchase more than one there is a discount. For those that were at BSDCan, these were the boxes that Ryan McBride used for the pf demo. If others are interested let me know, and maybe we can get a discount. Cheers, Pete -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From george Fri Jun 4 17:41:56 2004 From: george (G.Rosamond) Date: Fri, 4 Jun 2004 17:41:56 -0400 Subject: [nycbug-talk] Dan Langille Collection In-Reply-To: <40C086D4.6586.391FD66A@localhost> References: <40C086D4.6586.391FD66A@localhost> Message-ID: <0021E297-B670-11D8-8F67-000D9328615E@sddi.net> On Jun 4, 2004, at 2:27 PM, Dan Langille wrote: > On 3 Jun 2004 at 21:08, G.Rosamond wrote: > >> We're up to $176. >> >> payment at bsdcan.org. > > There was also another US$150 donated last night directed via Paypal > to me. I'm sure these came as a result of the posts to this list. > > Details at http://dan.langille.org/archives/000011.html > That's awesome Dan. . .Glad to see it's working. . . For the record, it was Ike Levy who mentioned it to me first several weeks back when it first happened. Credit to the Big I. g From george Fri Jun 4 18:24:34 2004 From: george (G.Rosamond) Date: Fri, 4 Jun 2004 18:24:34 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: <40C0E8AD.20708@nomadlogic.org> References: <40C0E8AD.20708@nomadlogic.org> Message-ID: On Jun 4, 2004, at 5:25 PM, Pete Wright wrote: > Hey all, > I am thinking of purchasing one of these boxes for my home network: > > http://www.soekris.com/ > > The model I am thinking of purchasing is the: > *net4801-50 > * > They make an ideal firewall, small and very low power consumption. > The price starts at $265, for the board and case. Altho if you > purchase more than one there is a discount. For those that were at > BSDCan, these were the boxes that Ryan McBride used for the pf demo. > If others are interested let me know, and maybe we can get a discount. > > I have been meaning to buy one since Michael Lucas' OnLamp article on it a few months back. Haven't made move yet, but plan to in the next month or two. Can't do it yet. . . g From bob Fri Jun 4 18:31:25 2004 From: bob (Bob Ippolito) Date: Fri, 4 Jun 2004 18:31:25 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: References: <40C0E8AD.20708@nomadlogic.org> Message-ID: On Jun 4, 2004, at 6:24 PM, G.Rosamond wrote: > > On Jun 4, 2004, at 5:25 PM, Pete Wright wrote: > >> Hey all, >> I am thinking of purchasing one of these boxes for my home network: >> >> http://www.soekris.com/ >> >> The model I am thinking of purchasing is the: >> *net4801-50 >> * >> They make an ideal firewall, small and very low power consumption. >> The price starts at $265, for the board and case. Altho if you >> purchase more than one there is a discount. For those that were at >> BSDCan, these were the boxes that Ryan McBride used for the pf demo. >> If others are interested let me know, and maybe we can get a >> discount. >> >> > > I have been meaning to buy one since Michael Lucas' OnLamp article on > it a few months back. > > Haven't made move yet, but plan to in the next month or two. Can't do > it yet. . . I am also interested in one of these in-the-nearish-future-but-not-today. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040604/e0262759/attachment.bin From trish Fri Jun 4 19:39:45 2004 From: trish (Trish Lynch) Date: Fri, 4 Jun 2004 19:39:45 -0400 (EDT) Subject: [nycbug-talk] making of BSD hacks In-Reply-To: <20040603220640.K672@dru.domain.org> References: <20040603220640.K672@dru.domain.org> Message-ID: <20040604193902.X21089@ultra.bsdunix.net> On Thu, 3 Jun 2004, Dru wrote: > > For those who haven't seen it yet, chromatic has a nice article on the > making of BSD Hacks: > > http://www.onlamp.com/pub/a/bsd/2004/06/03/bsdhacks.html > > Besides the interesting note that the book was created using BSD/vi and > Linux/vim, Pseudopod/subversion is an ideal combo for any shared documentation > project. > > Dru There are some of us who will never give up our TeX and LaTeX, dammit! -Trish -- Trish Lynch trish at bsdunix.net Ecartis Core Team trish at listmistress.org EFNet IRC Operator/SysAdmin @ irc.dkom.at AilleCat at EFNet Key fingerprint = 781D 2B47 AA4B FC88 B919 0CD6 26B2 1D62 6FC1 FF16 From bob Fri Jun 4 19:51:18 2004 From: bob (Bob Ippolito) Date: Fri, 4 Jun 2004 19:51:18 -0400 Subject: [nycbug-talk] making of BSD hacks In-Reply-To: <20040604193902.X21089@ultra.bsdunix.net> References: <20040603220640.K672@dru.domain.org> <20040604193902.X21089@ultra.bsdunix.net> Message-ID: <12C8AA8D-B682-11D8-BBA0-000A95686CD8@redivi.com> On Jun 4, 2004, at 7:39 PM, Trish Lynch wrote: > On Thu, 3 Jun 2004, Dru wrote: > >> >> For those who haven't seen it yet, chromatic has a nice article on the >> making of BSD Hacks: >> >> http://www.onlamp.com/pub/a/bsd/2004/06/03/bsdhacks.html >> >> Besides the interesting note that the book was created using BSD/vi >> and >> Linux/vim, Pseudopod/subversion is an ideal combo for any shared >> documentation >> project. > > There are some of us who will never give up our TeX and LaTeX, dammit! I used to prefer LaTeX, but these days I only use it as a postprocess for ReST documents.. so I can get nice PDF output from pdftex. The only TeX I write by hand is the "stylesheet" stuff, which doesn't change very often. If I was typing up equations, I'd definitely have to fall back to TeX, though I should be able to do that in unprocessed ReST blocks as-needed. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040604/264db35e/attachment.bin From pete Fri Jun 4 21:29:45 2004 From: pete (pete wright) Date: Fri, 4 Jun 2004 21:29:45 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: References: <40C0E8AD.20708@nomadlogic.org>

Message-ID: On Jun 4, 2004, at 6:31 PM, Bob Ippolito wrote: > > On Jun 4, 2004, at 6:24 PM, G.Rosamond wrote: > >> >> On Jun 4, 2004, at 5:25 PM, Pete Wright wrote: >> >>> Hey all, >>> I am thinking of purchasing one of these boxes for my home >>> network: >>> >>> http://www.soekris.com/ >>> >>> The model I am thinking of purchasing is the: >>> *net4801-50 >>> * >>> They make an ideal firewall, small and very low power consumption. >>> The price starts at $265, for the board and case. Altho if you >>> purchase more than one there is a discount. For those that were at >>> BSDCan, these were the boxes that Ryan McBride used for the pf demo. >>> If others are interested let me know, and maybe we can get a >>> discount. >>> >>> >> >> I have been meaning to buy one since Michael Lucas' OnLamp article on >> it a few months back. >> >> Haven't made move yet, but plan to in the next month or two. Can't >> do it yet. . . > > I am also interested in one of these > in-the-nearish-future-but-not-today. > > -bob > sounds good to me! it wouldn't hurt if i waited ;) -p From george Fri Jun 4 22:55:10 2004 From: george (G.Rosamond) Date: Fri, 4 Jun 2004 22:55:10 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: References: <40C0E8AD.20708@nomadlogic.org>

Message-ID: On Jun 4, 2004, at 9:29 PM, pete wright wrote: >>> I have been meaning to buy one since Michael Lucas' OnLamp article >>> on it a few months back. >>> >>> Haven't made move yet, but plan to in the next month or two. Can't >>> do it yet. . . >> >> I am also interested in one of these >> in-the-nearish-future-but-not-today. >> >> -bob >> > > sounds good to me! it wouldn't hurt if i waited ;) > I'm actually waiting for my mini-itx to return from RMA. . . I had problems with the onboard ethernet, but hopefully it will be resolved. . . once i get that up, i may mount under my car seat with fbsd, wireless nic, etc. or run as a pf box at home. I think like many other people today, i'm busy with work and my 'half' projects which hit brickwalls, then i create new ones. . . g From bob Fri Jun 4 23:03:18 2004 From: bob (Bob Ippolito) Date: Fri, 4 Jun 2004 23:03:18 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: References: <40C0E8AD.20708@nomadlogic.org>

Message-ID: On Jun 4, 2004, at 10:55 PM, G. Rosamond wrote: > > On Jun 4, 2004, at 9:29 PM, pete wright wrote: > >>>> I have been meaning to buy one since Michael Lucas' OnLamp article >>>> on it a few months back. >>>> >>>> Haven't made move yet, but plan to in the next month or two. Can't >>>> do it yet. . . >>> >>> I am also interested in one of these >>> in-the-nearish-future-but-not-today. >> >> sounds good to me! it wouldn't hurt if i waited ;) >> > > I'm actually waiting for my mini-itx to return from RMA. . . > > I had problems with the onboard ethernet, but hopefully it will be > resolved. . . > > once i get that up, i may mount under my car seat with fbsd, wireless > nic, etc. or run as a pf box at home. > > I think like many other people today, i'm busy with work and my 'half' > projects which hit brickwalls, then i create new ones. . . Personally, I've wanted one for 2 years or so.. ever since I saw the ones that the PicoBSD guys were using. I'd like to replace the linux firewall I have at home with OpenBSD, but I'd rather not take my current box down to do that because downtime sucks, and it's a dual CPU box so it would be a shame to install OpenBSD on it. Also, since it has 3 nics, I can use it to balance my SDSL and Cable connections here.. right now I only use the cable for the consoles or (in theory) when the SDSL is down. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040604/04a08748/attachment.bin From elric Fri Jun 4 01:35:00 2004 From: elric (Roland C. Dowdeswell) Date: Fri, 04 Jun 2004 01:35:00 -0400 Subject: [nycbug-talk] kernels In-Reply-To: Your message of "Thu, 03 Jun 2004 19:24:19 EDT." <23C6623C-B5B5-11D8-B453-000A95686CD8@redivi.com> Message-ID: <20040604053501.0681A174CA@arioch.imrryr.org> On 1086305059 seconds since the Beginning of the UNIX epoch Bob Ippolito wrote: > >Sounds like a lot of work for a little real benefit. Let's imagine for >a second that I'm running an email server that I would like to be >highly secure. By some hook or crook, an attacker gets uid 0 on my >highly secure machine. They decide it would be funny to wipe out all >of my mail spools and start sending spam. Everything I wanted that >machine to do is now ruined, and I need to wipe the disk and restore >from tape or start over. What's really left to protect if userspace is >hosed? I'm not sure if I should care whether or not they can talk on >the PCI bus. It depends whether you need real security or not. Wiping out your mail spools and sending spam is not exactly the most exciting attack that people might think of. First off, it is immediately obvious that it is going on. Attacks can be substantially more insidious. If people can access your PCI bus, then they have the complete run of the machine. You might not want to actually trust that machine again for a number of purposes, e.g. they might fiddle with the firmware on an ethernet card that can PXE-boot to ensure that no matter what you do they continue to have access to the machine. Or just play with the BIOS. In a very security sensitive context, you have just completely lost the hardware, or at least have to do a lot of work to ensure that all of the firmware that's lying around has not been modified. Also, consider audit trails. Even in a moderately security sensitive context, you might want to make certain guarantees about being able to discover information about what they did, what time they came in, etc. You can do this by making the log files append-only (as well as sending them to another machine, but of course that one has to be more secure than this one.) And so on. In short, setting up a bit of a TCB is hard work. It isn't possible without secure levels or a logical equivalent---at least something that limits root's access to various things, especially the hardware. There are situations where it makes sense. Perhaps it does not make sense for you, but for some people it does. If anything, it does not go far enough rather than being an appendix. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From george Sat Jun 5 10:51:17 2004 From: george (G.Rosamond) Date: Sat, 5 Jun 2004 10:51:17 -0400 Subject: [nycbug-talk] Hackathon fundraising Message-ID: Theo: Pleasure meeting you at BSDCan. I'm from NYCBUG and if you remember, we had discussed fundraising for the next OpenBSD Hackathon. When are you having the next one? I mentioned raising money for the Hackathon at our last meeting, and we'd like to do something rather than just passing a hat for the event. No idea on how much we could raise, but at least knowing when the next one is would assist us in planning something. thanks george From george Sun Jun 6 13:24:53 2004 From: george (G.Rosamond) Date: Sun, 6 Jun 2004 13:24:53 -0400 Subject: [nycbug-talk] Fwd: no more apache updates Message-ID: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> Begin forwarded message: > From: Henning Brauer > Date: June 6, 2004 9:48:36 AM EDT > To: misc at openbsd.org > Subject: no more apache updates > > The apache we ship with OpenBSD will stay at version 1.3.29. We will > fix bugs, but there won't be any updates any more. 1.3.31 has been > released under their "new" license which is less free than the previous > one, and this is not acceptable. > > You know whom to complain to. > From george Sun Jun 6 13:30:51 2004 From: george (G.Rosamond) Date: Sun, 6 Jun 2004 13:30:51 -0400 Subject: [nycbug-talk] Apple security record Message-ID: <41B1010D-B7DF-11D8-8100-000D9328615E@sddi.net> http://news.com.com/For+Mac+security%2C+communication+is+key/2100 -1002_3-5225115.html?tag=nefd.lede From george Sun Jun 6 13:48:04 2004 From: george (G.Rosamond) Date: Sun, 6 Jun 2004 13:48:04 -0400 Subject: [nycbug-talk] Fwd: Hackathon fundraising Message-ID: Begin forwarded message: > From: Theo de Raadt > Date: June 5, 2004 6:39:00 PM EDT > To: "G. Rosamond" > Cc: pete wright , Hans Zaunere , > NYC Bug List , Isaac Levy , > Wes Sonnenreich > Subject: Re: Hackathon fundraising > >> Pleasure meeting you at BSDCan. > > Yeah. > >> I'm from NYCBUG and if you remember, we had discussed fundraising for >> the next OpenBSD Hackathon. >> >> When are you having the next one? > > It is happening in 2 weeks, in Calgary. It's about 8 days long. > About 50 people showing up, and we've got a room all set up.. it might > be a bit tight, but that works out better. > >> I mentioned raising money for the >> Hackathon at our last meeting, and we'd like to do something rather >> than just passing a hat for the event. >> >> No idea on how much we could raise, but at least knowing when the next >> one is would assist us in planning something. > > here's a piece of the information developers are given: > > june 19 - 26, calgary, airport code YYC > - you fly yourself to calgary, openbsd pays for the rooms > - hacking room booked from noon on 18, to early evening on the 27 > - setup in the afternoon of the 18th > - teardown afternoon/evening of 26 or morning of 27 (as need be) > - hotel rooms are currently booked for the nights of 19-25 > - same hotel as last year > - hyatt regency downtown, center st & 8th ave SW > - 2 people per room, it is a very nice hotel. > - if you want a single room, you pay half > - if anyone is able to pay for their own room, that would be > appreciated since it saves openbsd money > - any additional nights, you pay for yourself. > - if arriving early/leaving late, roomate might be less flexible > - some hotel rooms have dsl; it is not free: your cost if you use it. > - bbq 4-8pm at my house, sunday the 20th. afterwards, you can go > back to hacking, sleep off jetlag, or enjoy the ship (which never > has a lineup on sundays) > - hikes in lake louise area sometime during the week (a day off) > - bring light boots/runners, light rain coat, or stores are nearby > - two choices: difficult (mountain climb), or steep stroll uphill > to a few lakes > > > as i've explained many times, we really strictly make these > 'invitation only, closed otherwise' events, so that the ideas can brew > and people actually sit down and finish them at the hackathon. > > > We'd love more funding. As you can imagine, the hotel bill is putting > a serious crimp on our emergency project savings. Finacially, we > don't yet know how we'll do a hackathon next year... > From joshmccormack Sun Jun 6 23:12:59 2004 From: joshmccormack (Josh McCormack) Date: Sun, 06 Jun 2004 23:12:59 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: <40C0E8AD.20708@nomadlogic.org> References: <40C0E8AD.20708@nomadlogic.org> Message-ID: <40C3DD3B.8050007@travelersdiary.com> Pete Wright wrote: > Hey all, > I am thinking of purchasing one of these boxes for my home network: > > http://www.soekris.com/ > > The model I am thinking of purchasing is the: > *net4801-50 > > Cheers, > Pete > For way too long now I've been planning, researching and talking with lots of people to set up a network security business, focusing at least partially on wireless and the small business market. I'm going to be selling Soekris 4801 boxes with some optional hardware, running OpenBSD, OpenVPN and Snort (as a prevention system, writing to pf). Possibly some other stuff. My goal is to have everything be FOSS and publicly available hardware, and to have the value come from service - I'm not locking anyone into anything propreitary, those who can't afford to work with me or who have the technical expertise can build it and manage it themselves. Target is non-technical SOHO market mainly, but also companies with a respect for OpenBSD etc. but don't want to handle maintenance themselves. Since the business is really about service, and the technically adept are not a target, I can only benefit from being open with people like all of you. So if anyone is interested in working together on how to get all this software to work together, I'd love to share and learn. If you're interested I can also organize bulk purchases of the equipment, so we can try to keep our costs down. Josh McCormack From bob Sun Jun 6 23:34:52 2004 From: bob (Bob Ippolito) Date: Sun, 6 Jun 2004 23:34:52 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: <40C3DD3B.8050007@travelersdiary.com> References: <40C0E8AD.20708@nomadlogic.org> <40C3DD3B.8050007@travelersdiary.com> Message-ID: On Jun 6, 2004, at 11:12 PM, Josh McCormack wrote: > Pete Wright wrote: > >> Hey all, >> I am thinking of purchasing one of these boxes for my home network: >> http://www.soekris.com/ >> The model I am thinking of purchasing is the: >> *net4801-50 > >> Cheers, >> Pete > > For way too long now I've been planning, researching and talking with > lots of people to set up a network security business, focusing at > least partially on wireless and the small business market. > > I'm going to be selling Soekris 4801 boxes with some optional > hardware, running OpenBSD, OpenVPN and Snort (as a prevention system, > writing to pf). Possibly some other stuff. My goal is to have > everything be FOSS and publicly available hardware, and to have the > value come from service - I'm not locking anyone into anything > propreitary, those who can't afford to work with me or who have the > technical expertise can build it and manage it themselves. Target is > non-technical SOHO market mainly, but also companies with a respect > for OpenBSD etc. but don't want to handle maintenance themselves. > > Since the business is really about service, and the technically adept > are not a target, I can only benefit from being open with people like > all of you. So if anyone is interested in working together on how to > get all this software to work together, I'd love to share and learn. > If you're interested I can also organize bulk purchases of the > equipment, so we can try to keep our costs down. Sounds like a good idea. I've been interested in stuff like this (extending FOSS to build consumer grade solutions) for a good while. I'd definitely be interested in the software end of things. It'll be a good idea to have a few developers involved that can fix bugs and submit patches to the software that these devices use, as well as develop new software for these devices. Surely you'll also need to develop some sexy management tools (unless I'm completely missing an existing project that is just that), and there's a lot of work that can be done in the FOSS world as far as autodiscovery and autoconfiguration goes as well. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040606/f46ca542/attachment.bin From mspitze1 Mon Jun 7 00:05:45 2004 From: mspitze1 (Marc Spitzer) Date: Mon, 07 Jun 2004 00:05:45 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: <40C3DD3B.8050007@travelersdiary.com> References: <40C0E8AD.20708@nomadlogic.org> <40C3DD3B.8050007@travelersdiary.com> Message-ID: <20040607000545.23af3afc@bogomips.optonline.net> On Sun, 06 Jun 2004 23:12:59 -0400 Josh McCormack wrote: > > For way too long now I've been planning, researching and talking with > lots of people to set up a network security business, focusing at > least partially on wireless and the small business market. That does look like fun. [details sniped] One thing though you might want to look at netbsd, 2.0 is coming soon. It really is designed for this, embedded systems space, much more so then free or open. And there is a lot of NYC talent for it. marc From pete Mon Jun 7 09:33:39 2004 From: pete (Pete Wright) Date: Mon, 07 Jun 2004 09:33:39 -0400 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> Message-ID: <40C46EB3.3040106@nomadlogic.org> G.Rosamond wrote: > > > Begin forwarded message: > >> From: Henning Brauer >> Date: June 6, 2004 9:48:36 AM EDT >> To: misc at openbsd.org >> Subject: no more apache updates >> >> The apache we ship with OpenBSD will stay at version 1.3.29. We will >> fix bugs, but there won't be any updates any more. 1.3.31 has been >> released under their "new" license which is less free than the previous >> one, and this is not acceptable. >> >> You know whom to complain to. >> > woah. no 2.x? woah. and i thought the debain folks were strict. -p -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From pete Mon Jun 7 12:43:55 2004 From: pete (Pete Wright) Date: Mon, 07 Jun 2004 11:43:55 -0500 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <40C46EB3.3040106@nomadlogic.org> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> Message-ID: <40C49B4B.8030801@nomadlogic.org> Pete Wright wrote: > G.Rosamond wrote: > >> >> >> Begin forwarded message: >> >>> From: Henning Brauer >>> Date: June 6, 2004 9:48:36 AM EDT >>> To: misc at openbsd.org >>> Subject: no more apache updates >>> >>> The apache we ship with OpenBSD will stay at version 1.3.29. We will >>> fix bugs, but there won't be any updates any more. 1.3.31 has been >>> released under their "new" license which is less free than the previous >>> one, and this is not acceptable. >>> >>> You know whom to complain to. >>> >> > > woah. no 2.x? woah. and i thought the debain folks were strict. > > -p > > > hey all, so i just read up on the thread regarding this decision. i am not on the openBSD list currently. maybe someone on the nycbug list can explain in better detail/clarity what the OBSD team finds wrong with the ASF 2.0 license? From my perspective, as a sysadmin, there are some pretty interesting features in httpd 2.x that i was looking forward to. What I gathered from the thread was aside from the license issues, the httpd team was not very receptive in accepting patches from the obsd team. If that's true that's kinda lame :( here is a link to a web-based thread of the discusion: http://www.sigmasoft.com/~openbsd/archive/openbsd-misc/200406/msg00398.html -p -- ~~~oO00Oo~~~ Pete Wright pete at nomadlogic.org www.nomadlogic.org/~pete From george Mon Jun 7 11:54:02 2004 From: george (G.Rosamond) Date: Mon, 7 Jun 2004 11:54:02 -0400 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <40C49B4B.8030801@nomadlogic.org> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> <40C49B4B.8030801@nomadlogic.org> Message-ID: On Jun 7, 2004, at 12:43 PM, Pete Wright wrote: > > hey all, > so i just read up on the thread regarding this decision. i am not > on the openBSD list currently. maybe someone on the nycbug list can > explain in better detail/clarity what the OBSD team finds wrong with > the ASF 2.0 license? From my perspective, as a sysadmin, there are > some pretty interesting features in httpd 2.x that i was looking > forward to. What I gathered from the thread was aside from the > license issues, the httpd team was not very receptive in accepting > patches from the obsd team. If that's true that's kinda lame :( > > here is a link to a web-based thread of the discusion: > http://www.sigmasoft.com/~openbsd/archive/openbsd-misc/200406/ > msg00398.html > This started a few months back. . .I don't remember licensing detail changes, but there's threads and a writeup on the Free Software Foundation site. . . From what I remember, the details of the change was irrelevant. . .it was the idea of change in the first place. I remember Theo writing that once lawyers tell developers 'how to make their software more free', there's a problem. Some people have reacted that OBSD and the FSF went overboard, that this wasn't a big deal. Regardless, it does set a tone for everyone, which I think is right. It's too easy for projects to evolve their licensing due to lawyer input, and ultimately away from the FOSS community. g From pete Mon Jun 7 13:00:33 2004 From: pete (Pete Wright) Date: Mon, 07 Jun 2004 12:00:33 -0500 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> <40C49B4B.8030801@nomadlogic.org> Message-ID: <40C49F31.1060706@nomadlogic.org> G. Rosamond wrote: > > On Jun 7, 2004, at 12:43 PM, Pete Wright wrote: > >> > > >> hey all, >> so i just read up on the thread regarding this decision. i am >> not on the openBSD list currently. maybe someone on the nycbug list >> can explain in better detail/clarity what the OBSD team finds wrong >> with the ASF 2.0 license? From my perspective, as a sysadmin, >> there are some pretty interesting features in httpd 2.x that i was >> looking forward to. What I gathered from the thread was aside from >> the license issues, the httpd team was not very receptive in >> accepting patches from the obsd team. If that's true that's kinda >> lame :( >> >> here is a link to a web-based thread of the discusion: >> http://www.sigmasoft.com/~openbsd/archive/openbsd-misc/200406/ >> msg00398.html >> > > This started a few months back. . .I don't remember licensing detail > changes, but there's threads and a writeup on the Free Software > Foundation site. . . > cool thanks I'll check out the FSF site for that. > From what I remember, the details of the change was irrelevant. . > .it was the idea of change in the first place. > > I remember Theo writing that once lawyers tell developers 'how to > make their software more free', there's a problem. > > Some people have reacted that OBSD and the FSF went overboard, that > this wasn't a big deal. > > Regardless, it does set a tone for everyone, which I think is right. > It's too easy for projects to evolve their licensing due to lawyer > input, and ultimately away from the FOSS community. > well despite these differences at least it is all happening in the open so that the end user community has an idea of what's going on. I'll take an open disgreement over sudden changes in roadmaps that the user has no idea is coming any day. cheers, pete -- ~~~oO00Oo~~~ Pete Wright pete at nomadlogic.org www.nomadlogic.org/~pete From mikel.king Mon Jun 7 15:34:00 2004 From: mikel.king (mikel king) Date: Mon, 07 Jun 2004 15:34:00 -0400 Subject: [nycbug-talk] Soekris In-Reply-To: <40C3DD3B.8050007@travelersdiary.com> References: <40C0E8AD.20708@nomadlogic.org> <40C3DD3B.8050007@travelersdiary.com> Message-ID: <40C4C328.8050401@ocsny.com> Josh McCormack wrote: > > > Since the business is really about service, and the technically adept > are not a target, I can only benefit from being open with people like > all of you. So if anyone is interested in working together on how to > get all this software to work together, I'd love to share and learn. > If you're interested I can also organize bulk purchases of the > equipment, so we can try to keep our costs down. > > Josh McCormack Hey Josh, Let me know how much the cost turns out to be if you get enough to bulk it up. I have an interest in one of these as well. cheers, m! From mikel.king Mon Jun 7 16:31:19 2004 From: mikel.king (mikel king) Date: Mon, 07 Jun 2004 16:31:19 -0400 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <40C49F31.1060706@nomadlogic.org> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> <40C49B4B.8030801@nomadlogic.org> <40C49F31.1060706@nomadlogic.org> Message-ID: <40C4D097.2030805@ocsny.com> Pete Wright wrote: > G. Rosamond wrote: > > [SNIP][SNIP][SNIP] Sounds like my wife when she's clipping coupons...;-) Regardless...of the change it won't stop you from trying it out on your own. Just means that neither Theo nor the rest of the oBSD crew will openly search for security issues et cettera in that peticular port. I have been running apache 2.x for quite a while and well asside from the not so built in webdav support, which b the by it why I gave it a whirl in the first place. Ok that and the threading... it's been great... Cheers, m! PS: with regards to webdav on 2.x it's in there you just have to properly enable, as per 1.3.x From pete Mon Jun 7 17:47:51 2004 From: pete (Pete Wright) Date: Mon, 07 Jun 2004 16:47:51 -0500 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <40C4D097.2030805@ocsny.com> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> <40C49B4B.8030801@nomadlogic.org> <40C49F31.1060706@nomadlogic.org> <40C4D097.2030805@ocsny.com> Message-ID: <40C4E287.2090809@nomadlogic.org> mikel king wrote: > Pete Wright wrote: > >> G. Rosamond wrote: >> >> [SNIP][SNIP][SNIP] > > > Sounds like my wife when she's clipping coupons...;-) > > Regardless...of the change it won't stop you from trying it out on > your own. Just means that neither Theo nor the rest of the oBSD crew > will openly search for security issues et cettera in that peticular port. > yea, unfortunatly i think that's a big plus for most people who deploy apache on oBSD. i did some searching about a bunch of lists regarding the apache 2.x lic. and it seems that the oBSD camp is not the first to balk at adopting it in regard to the new lic. terms. There was an interesting thread on debian-legal regarding this. oh well, i guess i'll just go back to IIS, atleast all the political infighting is hidden from the user base ;^) i mean a webserver is a webserver right? -p > I have been running apache 2.x for quite a while and well asside from > the not so built in webdav support, which b the by it why I gave it a > whirl in the first place. Ok that and the threading... it's been great... > > > Cheers, > m! > > > PS: with regards to webdav on 2.x it's in there you just have to > properly enable, as per 1.3.x -- ~~~oO00Oo~~~ Pete Wright pete at nomadlogic.org www.nomadlogic.org/~pete From bob Mon Jun 7 17:18:01 2004 From: bob (Bob Ippolito) Date: Mon, 7 Jun 2004 17:18:01 -0400 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <40C4E287.2090809@nomadlogic.org> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> <40C49B4B.8030801@nomadlogic.org> <40C49F31.1060706@nomadlogic.org> <40C4D097.2030805@ocsny.com> <40C4E287.2090809@nomadlogic.org> Message-ID: <288CBBCE-B8C8-11D8-89FB-000A95686CD8@redivi.com> On Jun 7, 2004, at 5:47 PM, Pete Wright wrote: > mikel king wrote: > >> Pete Wright wrote: >> >>> G. Rosamond wrote: >>> >>> [SNIP][SNIP][SNIP] >> >> >> Sounds like my wife when she's clipping coupons...;-) >> >> Regardless...of the change it won't stop you from trying it out on >> your own. Just means that neither Theo nor the rest of the oBSD crew >> will openly search for security issues et cettera in that peticular >> port. >> > yea, unfortunatly i think that's a big plus for most people who deploy > apache on oBSD. i did some searching about a bunch of lists regarding > the apache 2.x lic. and it seems that the oBSD camp is not the first > to balk at adopting it in regard to the new lic. terms. There was an > interesting thread on debian-legal regarding this. oh well, > i guess i'll just go back to IIS, atleast all the political infighting > is hidden from the user base ;^) i mean a webserver is a webserver > right? Software licenses give me a headache. The *BSD guys have it right -- MIT and BSD style licenses are really the only way to go. They're the only licenses straightforward enough to where a software developer can actually understand what they're agreeing to, and free enough such that you don't have to think twice before hacking the code or redistributing a binary. The [L]GPL makes me want to puke, and the fringe licenses that are written by lawyers (APSL, MPL, etc.) are just obnoxious. I'm not afraid to use software with a crappy license if the software does what I need it to do. Except for BitKeeper's free license, which is downright evil.. but I won't contribute to software that isn't "free as in I can use it however the fuck I want to" unless it's an absolute necessity. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040607/f5c90fc9/attachment.bin From sunny-ml Mon Jun 7 22:05:15 2004 From: sunny-ml (Sunny Dubey) Date: Mon, 7 Jun 2004 22:05:15 -0400 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <40C49B4B.8030801@nomadlogic.org> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> <40C49B4B.8030801@nomadlogic.org> Message-ID: <200406072205.16460.sunny-ml@opencurve.org> On Monday 07 June 2004 12:43 pm, Pete Wright wrote: > hey all, > so i just read up on the thread regarding this decision. i am not > on the openBSD list currently. maybe someone on the nycbug list can > explain in better detail/clarity what the OBSD team finds wrong with the > ASF 2.0 license? From my perspective, as a sysadmin, there are some > pretty interesting features in httpd 2.x that i was looking forward to. Who actually uses the distros httpd package for real use ? Sunny Dubey From klimenta Tue Jun 8 08:28:28 2004 From: klimenta (Kliment Andreev) Date: Tue, 08 Jun 2004 08:28:28 -0400 Subject: [nycbug-talk] Nearly 2.5 Million Active Sites running FreeBSD Message-ID: <40C5B0EC.2080108@futurebit.com> http://news.netcraft.com/archives/2004/06/07/nearly_25_million_active_sites_running_freebsd.html From pete Tue Jun 8 10:18:18 2004 From: pete (Pete Wright) Date: Tue, 08 Jun 2004 10:18:18 -0400 Subject: [nycbug-talk] Fwd: no more apache updates In-Reply-To: <200406072205.16460.sunny-ml@opencurve.org> References: <6C883B2B-B7DE-11D8-8100-000D9328615E@sddi.net> <40C46EB3.3040106@nomadlogic.org> <40C49B4B.8030801@nomadlogic.org> <200406072205.16460.sunny-ml@opencurve.org> Message-ID: <40C5CAAA.9000500@nomadlogic.org> Sunny Dubey wrote: >On Monday 07 June 2004 12:43 pm, Pete Wright wrote: > > > >>hey all, >> so i just read up on the thread regarding this decision. i am not >>on the openBSD list currently. maybe someone on the nycbug list can >>explain in better detail/clarity what the OBSD team finds wrong with the >>ASF 2.0 license? From my perspective, as a sysadmin, there are some >>pretty interesting features in httpd 2.x that i was looking forward to. >> >> > >Who actually uses the distros httpd package for real use ? > > i'd trust the OpenBSD teams httpd over my own patching etc., from a security stand point. granted tho, if you are running a heavily loaded site you probably will be running an SMP os. -p -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From george Tue Jun 8 18:41:20 2004 From: george (G. Rosamond) Date: Tue, 8 Jun 2004 18:41:20 -0400 Subject: [nycbug-talk] GSEC Message-ID: SANS finally posted my paper for the GSEC cert. Find my name in the list and check it out. . .heavy OBSD tone. . . http://www.giac.org/GSEC.php From marco Tue Jun 8 23:12:40 2004 From: marco (marco at metm.org) Date: Tue, 8 Jun 2004 23:12:40 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server Message-ID: <20040609031240.GA2249@metm.org> I have no idea if anyone is up to this, but I am going to install FreeBSD on a VALinux server which I will use to replace the rag-tag group of linux boxen which make up my home servers. It's a pretty nice machine from the 2200 series -- Mylex DAC960 raid controller, with hotswappable ultra scsi disks -- SMP capable motherboard with one 800Mhz cpu. -- Intel everything else -- I even have a manual I was thinking that this might be a good opportunity to have a bit of an install fest, secure fest. Where those of us who are interested could discuss the issues which come up in a hands on way. Some ideas I had which may show how much of a newbie I am with the BSDs are: Test Vinium vs. the hardware raid controller Kernel tuning. Going over pf. Perhaps some of you have a better idea of some interesting things which could be done. Newest for me is the raid stuff (where I am a complete newbie) and things which have to do directly with the kernel. I've already made it through an install, ports, partitioning and init scripts aren't much of a mystery but when people get together the tips and tricks start to flow, and I am sure there are others who would be curious to attend such an event and ask questions or what not. I have a pretty big loft in Brooklyn which could accommodate a bunch of installs if other people wanted to particpate. I can offer some beers and food depending on how many people show up. I want to do this soon, like this week, so if any of you are up for a night dare I suggest Friday night? or either Sat. or Sun. anytime that would be cool. Anyway it's just an idea, I can host a more carefully planned install/secure fest whether or not we do this thing with the VA box, -- Marco From george Tue Jun 8 23:36:41 2004 From: george (G. Rosamond) Date: Tue, 8 Jun 2004 23:36:41 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <20040609031240.GA2249@metm.org> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of marco at metm.org >Sent: Tuesday, June 08, 2004 11:13 PM >To: talk at lists.nycbug.org >Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server > >I have no idea if anyone is up to this, but I am going to install >FreeBSD on a VALinux server which I will use to replace the rag-tag >group of linux boxen which make up my home servers. > > It's a pretty nice machine from the 2200 series > -- Mylex DAC960 raid controller, with hotswappable ultra scsi disks > -- SMP capable motherboard with one 800Mhz cpu. > -- Intel everything else > -- I even have a manual > >I was thinking that this might be a good opportunity to have a bit >of an install fest, secure fest. Where those of us who are interested >could discuss the issues which come up in a hands on way. Some ideas I >had which may show how much of a newbie I am with the BSDs are: > > Test Vinium vs. the hardware raid controller > Kernel tuning. > Going over pf. > >Perhaps some of you have a better idea of some interesting things which >could be done. Newest for me is the raid stuff (where I am a complete >newbie) and things which have to do directly with the kernel. > >I've already made it through an install, ports, partitioning and init >scripts aren't much of a mystery but when people get together the tips >and tricks start to flow, and I am sure there are others who would be >curious to attend such an event and ask questions or what not. > >I have a pretty big loft in Brooklyn which could accommodate a bunch of >installs if other people wanted to particpate. I can offer some beers >and food depending on how many people show up. > >I want to do this soon, like this week, so if any of you are up for a >night dare I suggest Friday night? or either Sat. or Sun. anytime that >would be cool. > >Anyway it's just an idea, I can host a more carefully planned >install/secure fest whether or not we do this thing with the VA box, > >-- >Marco Marco, i think it's a great idea. . .even if it's last minute. . . i'll give a tentative yes on it. . . where in the republic of bk? g From marco Tue Jun 8 23:50:04 2004 From: marco (Marco Scoffier) Date: Tue, 8 Jun 2004 23:50:04 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: References: <20040609031240.GA2249@metm.org> Message-ID: <20040609035003.GD2249@metm.org> On Tue, Jun 08, 2004 at 11:36:41PM -0400, G. Rosamond wrote: > > Marco, i think it's a great idea. . .even if it's last minute. . . > > i'll give a tentative yes on it. . . > > where in the republic of bk? > Cool, I live 1 block from the Franklin Ave stop on the 'C' train ('A' local) Its ~6 stops from Broadway-Nassau. By car it is super easy. Take either the Brooklyn Bridge or Manhattan to Flatbush. Left on Fulton St. 12-15 lights. Left on Claver Pl. I can send more detailed directions, if/when we close a date. There's a freight elevator in the building if anyone else wants to bring a box to work on. Do we have any other takers? -- Marco From bsd Tue Jun 8 23:57:13 2004 From: bsd (Kevin Reiter) Date: Tue, 08 Jun 2004 23:57:13 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server References: <20040609031240.GA2249@metm.org> <20040609035003.GD2249@metm.org> Message-ID: <000d01c44dd5$d935c8d0$0800a8c0@hephaestus> > There's a freight elevator in the building if anyone else wants to bring > a box to work on. > > Do we have any other takers? Sure, I'm game. I consider myself pretty much a newbie on everything except breaking things ;-) Are there any others from the Jersey side who are going? I can manage enough not to get lost going into Manhattan, but everything else is still pretty much of a mystery to me when it comes to finding my way in NYC... I'd be more than willing to pay for gas if somebody else could drive, and chip in for food (sorry folks, I don't drink or I'd chip in for that as well.) As far as BYOB, do you have spare monitors or do we need to bring our own? -Kevin From marco Wed Jun 9 00:09:16 2004 From: marco (marco at metm.org) Date: Wed, 9 Jun 2004 00:09:16 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <000d01c44dd5$d935c8d0$0800a8c0@hephaestus> References: <20040609031240.GA2249@metm.org> <20040609035003.GD2249@metm.org> <000d01c44dd5$d935c8d0$0800a8c0@hephaestus> Message-ID: <20040609040916.GE2249@metm.org> On Tue, Jun 08, 2004 at 11:57:13PM -0400, Kevin Reiter wrote: > As far as BYOB, do you have spare monitors or do we need to bring our own? That's a good point. It seems that the two dust collectors I have aren't being too responsive. I may only have one spare. I'll double check tommorrow. As for the beer, I didn't mean to be prejudiced, it seemed from the meetings that beer would be a popular offering :) -- Marco From bsd Wed Jun 9 00:18:06 2004 From: bsd (Kevin Reiter) Date: Wed, 09 Jun 2004 00:18:06 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server References: <20040609031240.GA2249@metm.org> <20040609035003.GD2249@metm.org> <000d01c44dd5$d935c8d0$0800a8c0@hephaestus> <20040609040916.GE2249@metm.org> Message-ID: <002701c44dd8$c417b820$0800a8c0@hephaestus> > That's a good point. It seems that the two dust collectors I have > aren't being too responsive. I may only have one spare. > > I'll double check tommorrow. > > As for the beer, I didn't mean to be prejudiced, it seemed from the > meetings that beer would be a popular offering :) I can lug a spare 15" CRT as long as I don't have to walk from Jersey to Bkln with it ;-) Either that or I can bring my laptop with a handy-dandy new drive reserved for FreeBSD (sorry Dan!) As for the beer, I'm by no means a prude - I gave it up years ago, but that doesn't mean I don't enjoy watching others getting shitfaced (just as long as they don't spill it on me :) From george Wed Jun 9 10:14:24 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 10:14:24 -0400 Subject: [nycbug-talk] New DN EZine Message-ID: Hot off the press: http://ezine.daemonnews.org/200406/ From dlavigne6 Wed Jun 9 11:10:53 2004 From: dlavigne6 (Dru) Date: Wed, 9 Jun 2004 11:10:53 -0400 (EDT) Subject: [nycbug-talk] cool script In-Reply-To: References: Message-ID: <20040609110824.G543@dru.domain.org> Here's a link to a writeup regarding a cool script a user sent me: http://www.oreillynet.com/pub/wlg/5025 Testers and comments most welcome. He's looking into seeing it committed to base. I think a lot of users would benefit from not having to install the full ports collection on their systems. Dru From chrisc Wed Jun 9 11:10:39 2004 From: chrisc (Chris Coleman) Date: Wed, 9 Jun 2004 10:10:39 -0500 Subject: [nycbug-talk] New DN EZine In-Reply-To: References: Message-ID: <2AF1B544-BA27-11D8-A7ED-000393A620A4@daemonnews.org> Its a good issue too. Please help us advertise it. -Chris On Jun 9, 2004, at 9:14 AM, G. Rosamond wrote: > Hot off the press: > > http://ezine.daemonnews.org/200406/ > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Chris Coleman Editor in Chief Daemon News http://www.daemonnews.org BSD Mall http://www.bsdmall.com Print Magazine http://magazine.daemonnews.org From dlavigne6 Wed Jun 9 11:18:14 2004 From: dlavigne6 (Dru) Date: Wed, 9 Jun 2004 11:18:14 -0400 (EDT) Subject: [nycbug-talk] Whitepaper: The need for Security Testing (fwd) Message-ID: <20040609111520.M543@dru.domain.org> Nice little intro on the OSSTMM: http://www.infosecwriters.com/texts.php?op=display&id=178 OSSTMM is under the umbrella of www.isecom.org Dru From george Wed Jun 9 12:02:34 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 12:02:34 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <000d01c44dd5$d935c8d0$0800a8c0@hephaestus> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of Kevin Reiter >Sent: Tuesday, June 08, 2004 11:57 PM >To: talk at lists.nycbug.org >Subject: Re: [nycbug-talk] secure fest: BSD on a classic VALinux server > >> There's a freight elevator in the building if anyone else >wants to bring >> a box to work on. >> >> Do we have any other takers? > >Sure, I'm game. I consider myself pretty much a newbie on >everything except >breaking things ;-) > >Are there any others from the Jersey side who are going? I can manage >enough not to get lost going into Manhattan, but everything >else is still >pretty much of a mystery to me when it comes to finding my way >in NYC... >I'd be more than willing to pay for gas if somebody else could >drive, and >chip in for food (sorry folks, I don't drink or I'd chip in for that as >well.) > >As far as BYOB, do you have spare monitors or do we need to >bring our own? > >-Kevin Haven't yet confirmed with my better half about this, but I think I'm set for Friday. Time? Let's make it an official NYCBUG event. . . Anybody else have any funky hardware for this? g From george Wed Jun 9 12:13:21 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 12:13:21 -0400 Subject: [nycbug-talk] New DN EZine In-Reply-To: <2AF1B544-BA27-11D8-A7ED-000393A620A4@daemonnews.org> Message-ID: >-----Original Message----- >From: Chris Coleman [mailto:chrisc at daemonnews.org] >Sent: Wednesday, June 09, 2004 11:11 AM >To: george at sddi.net >Cc: talk at lists.nycbug.org >Subject: Re: [nycbug-talk] New DN EZine > >Its a good issue too. Please help us advertise it. > >-Chris > >On Jun 9, 2004, at 9:14 AM, G. Rosamond wrote: > >> Hot off the press: >> >> http://ezine.daemonnews.org/200406/ >> Someone else can post to Slashdot this time. . . g From marco Wed Jun 9 12:21:06 2004 From: marco (marco at metm.org) Date: Wed, 9 Jun 2004 12:21:06 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: References: <000d01c44dd5$d935c8d0$0800a8c0@hephaestus> Message-ID: <20040609162105.GA1853@metm.org> On Wed, Jun 09, 2004 at 12:02:34PM -0400, G. Rosamond wrote: > Haven't yet confirmed with my better half about this, but I think I'm > set for Friday. I was going to ask what days are better for everyone. > Time? 6:30? 7:00 I'm a bit of a night person so I don't mind. > > Let's make it an official NYCBUG event. . . > > Anybody else have any funky hardware for this? > I hope there is more interest. We can do it another weekend, but I'll certainly have the new server running by then. -- Marco From pete Wed Jun 9 13:19:19 2004 From: pete (Pete Wright) Date: Wed, 09 Jun 2004 13:19:19 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <20040609162105.GA1853@metm.org> References: <000d01c44dd5$d935c8d0$0800a8c0@hephaestus> <20040609162105.GA1853@metm.org> Message-ID: <40C74697.7050300@nomadlogic.org> marco at metm.org wrote: >On Wed, Jun 09, 2004 at 12:02:34PM -0400, G. Rosamond wrote: > > >>Haven't yet confirmed with my better half about this, but I think I'm >>set for Friday. >> >> > >I was going to ask what days are better for everyone. > > > >>Time? >> >> > >6:30? 7:00 I'm a bit of a night person so I don't mind. > > > >>Let's make it an official NYCBUG event. . . >> >>Anybody else have any funky hardware for this? >> >> >> >I hope there is more interest. >We can do it another weekend, but I'll >certainly have the new server running by then. > > > You can count me in as i tenative yes, it really depends on timing. has there been a date/time set for this yet? i have at least one monitor i can bring, and i also have a laptop with no cd or floppy support. might be fun to play with net-booting... -p -- ~~~oO00Oo~~~ Pete Wright email: pete at nomadlogic.org mobile: 917.415.9866 web: www.nomadlogic.org/~pete From bob Wed Jun 9 14:05:50 2004 From: bob (Bob Ippolito) Date: Wed, 9 Jun 2004 14:05:50 -0400 Subject: [nycbug-talk] VoIP service providers Message-ID: I remember a few of you mentioning that you use VoIP PSTN gateway services, but I don't recall which providers were mentioned. It would be cool to compile a list of providers and what the costs are. Here are a few off the top of my head: Packet8 - http://www.packet8.net/ - $19.99/mo unlimited US Vonage - http://www.vonage.com/ - $29.99/mo unlimited US Coloco - http://www.coloco.com/telecom/index.php - (No listed prices, but the divmod guys are reselling this. I could ask them.) iConnectHere - http://iconnecthere.com/ - ~$0.01-$0.035 per minute depending on how much you pay per month Any others worth mentioning? -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040609/771457d2/attachment.bin From george Wed Jun 9 14:17:49 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 14:17:49 -0400 Subject: [nycbug-talk] VoIP service providers In-Reply-To: Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of Bob Ippolito >Sent: Wednesday, June 09, 2004 2:06 PM >To: NYC Bug List >Subject: [nycbug-talk] VoIP service providers > >I remember a few of you mentioning that you use VoIP PSTN gateway >services, but I don't recall which providers were mentioned. It would >be cool to compile a list of providers and what the costs are. Here >are a few off the top of my head: > >Packet8 - http://www.packet8.net/ - $19.99/mo unlimited US >Vonage - http://www.vonage.com/ - $29.99/mo unlimited US >Coloco - http://www.coloco.com/telecom/index.php - (No listed prices, >but the divmod guys are reselling this. I could ask them.) >iConnectHere - http://iconnecthere.com/ - ~$0.01-$0.035 per minute >depending on how much you pay per month > >Any others worth mentioning? > BSDMall will be able to provide number provisioning in the very near term. Plus already sells IP phones. . . http://bsdmall.com/hardware.html Connectivity is priced very nice. . . $25 unlimited local and int'l residential $55 for a business g From bob Wed Jun 9 14:23:38 2004 From: bob (Bob Ippolito) Date: Wed, 9 Jun 2004 14:23:38 -0400 Subject: [nycbug-talk] VoIP service providers In-Reply-To: References: Message-ID: <2079C620-BA42-11D8-A8F3-000A95686CD8@redivi.com> On Jun 9, 2004, at 2:17 PM, G. Rosamond wrote: > > >> -----Original Message----- >> From: talk-bounces at lists.nycbug.org >> [mailto:talk-bounces at lists.nycbug.org] On Behalf Of Bob Ippolito >> Sent: Wednesday, June 09, 2004 2:06 PM >> To: NYC Bug List >> Subject: [nycbug-talk] VoIP service providers >> >> I remember a few of you mentioning that you use VoIP PSTN gateway >> services, but I don't recall which providers were mentioned. It would >> be cool to compile a list of providers and what the costs are. Here >> are a few off the top of my head: >> >> Packet8 - http://www.packet8.net/ - $19.99/mo unlimited US >> Vonage - http://www.vonage.com/ - $29.99/mo unlimited US >> Coloco - http://www.coloco.com/telecom/index.php - (No listed prices, >> but the divmod guys are reselling this. I could ask them.) >> iConnectHere - http://iconnecthere.com/ - ~$0.01-$0.035 per minute >> depending on how much you pay per month >> >> Any others worth mentioning? >> > > BSDMall will be able to provide number provisioning in the very near > term. > > Plus already sells IP phones. . . > > http://bsdmall.com/hardware.html > > Connectivity is priced very nice. . . > > $25 unlimited local and int'l residential > > $55 for a business What's the difference between business and residential services? Is call forwarding provided? Which area codes are provided for? Will BSDMall also be offering pay-as-you-go plans? Why is Packet8 cheaper? ;) -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040609/1bcf58ad/attachment.bin From marco Wed Jun 9 14:55:37 2004 From: marco (marco at metm.org) Date: Wed, 9 Jun 2004 14:55:37 -0400 Subject: [nycbug-talk] VoIP service providers In-Reply-To: <2079C620-BA42-11D8-A8F3-000A95686CD8@redivi.com> References: <2079C620-BA42-11D8-A8F3-000A95686CD8@redivi.com> Message-ID: <20040609185536.GA2777@metm.org> On Wed, Jun 09, 2004 at 02:23:38PM -0400, Bob Ippolito wrote: > >>I remember a few of you mentioning that you use VoIP PSTN gateway > >>services, but I don't recall which providers were mentioned. It would > >>be cool to compile a list of providers and what the costs are. Here > >>are a few off the top of my head: > >> > >>Packet8 - http://www.packet8.net/ - $19.99/mo unlimited US > >>Vonage - http://www.vonage.com/ - $29.99/mo unlimited US > >>Coloco - http://www.coloco.com/telecom/index.php - (No listed prices, > >>but the divmod guys are reselling this. I could ask them.) > >>iConnectHere - http://iconnecthere.com/ - ~$0.01-$0.035 per minute > >>depending on how much you pay per month > >> > >>Any others worth mentioning? > >> voicepulse gives you vo-ip or IAX to PSTN . I found IAX to be more reliable than vo-ip using different softphones and asterisk. And am more interested in the pbx stuff I can do with asterisk. But you mentioned you don't care for asterisk. -- Marco From bob Wed Jun 9 15:07:51 2004 From: bob (Bob Ippolito) Date: Wed, 9 Jun 2004 15:07:51 -0400 Subject: [nycbug-talk] VoIP service providers In-Reply-To: <20040609185536.GA2777@metm.org> References: <2079C620-BA42-11D8-A8F3-000A95686CD8@redivi.com> <20040609185536.GA2777@metm.org> Message-ID: <4DF5737E-BA48-11D8-A8F3-000A95686CD8@redivi.com> On Jun 9, 2004, at 2:55 PM, marco at metm.org wrote: > On Wed, Jun 09, 2004 at 02:23:38PM -0400, Bob Ippolito wrote: >>>> I remember a few of you mentioning that you use VoIP PSTN gateway >>>> services, but I don't recall which providers were mentioned. It >>>> would >>>> be cool to compile a list of providers and what the costs are. Here >>>> are a few off the top of my head: >>>> >>>> Packet8 - http://www.packet8.net/ - $19.99/mo unlimited US >>>> Vonage - http://www.vonage.com/ - $29.99/mo unlimited US >>>> Coloco - http://www.coloco.com/telecom/index.php - (No listed >>>> prices, >>>> but the divmod guys are reselling this. I could ask them.) >>>> iConnectHere - http://iconnecthere.com/ - ~$0.01-$0.035 per minute >>>> depending on how much you pay per month >>>> >>>> Any others worth mentioning? >>>> > voicepulse gives you vo-ip or IAX to PSTN . I found IAX to be more > reliable than vo-ip using different softphones and asterisk. And am > more interested in the pbx stuff I can do with asterisk. > > But you mentioned you don't care for asterisk. I haven't tried using it, but I know some people who are having SERIOUS stability problems with it on linux and one of those T1 cards... In any case, I'm more interested in personal use at the moment, rather than business use. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040609/835e9a25/attachment.bin From george Wed Jun 9 15:19:35 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 15:19:35 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <40C74697.7050300@nomadlogic.org> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of Pete Wright >Sent: Wednesday, June 09, 2004 1:19 PM >To: marco at metm.org >Cc: talk at lists.nycbug.org >Subject: Re: [nycbug-talk] secure fest: BSD on a classic VALinux server > >marco at metm.org wrote: > >>On Wed, Jun 09, 2004 at 12:02:34PM -0400, G. Rosamond wrote: >> >> >>>Haven't yet confirmed with my better half about this, but I think I'm >>>set for Friday. >>> >>> >> >>I was going to ask what days are better for everyone. >> >> >> >>>Time? >>> >>> >> >>6:30? 7:00 I'm a bit of a night person so I don't mind. >> >> >> >>>Let's make it an official NYCBUG event. . . >>> >>>Anybody else have any funky hardware for this? >>> >>> >>> >>I hope there is more interest. >>We can do it another weekend, but I'll >>certainly have the new server running by then. >> >> >> >You can count me in as i tenative yes, it really depends on >timing. has >there been a date/time set for this yet? i have at least one >monitor i >can bring, and i also have a laptop with no cd or floppy >support. might >be fun to play with net-booting... I'll have to bail on this one. . .my schedule is managed elsewhere. . oops. another night would be great for me. . . g From george Wed Jun 9 15:22:12 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 15:22:12 -0400 Subject: [nycbug-talk] FW: Perl 6 and Parrot talk TODAY Wednesday June 9th Message-ID: >-----Original Message----- >From: George Georgalis [mailto:george at galis.org] >Sent: Wednesday, June 09, 2004 3:20 PM >To: G. Rosamond >Subject: Perl 6 and Parrot talk TODAY Wednesday June 9th > > >If you haven't already, please RSVP by 4pm today if you plan to attend. > >Original announcement: > >We are pleased to announce that NYSA will be presenting a talk on Perl >6 and Parrot on June 9th. We intend to have this be the start of a new >discussion series at NYSA and look forward to seeing you there. PLEASE >remember to RSVP, details below. > >MEETING DETAILS from http://www.nysa.org/meetings.html > >DATE > >Wednesday, June 9th, 2004 >6:30 pm to 6:45 pm - Announcements >6:45 pm to 7:45 pm - Main Presentation >7:45 pm to 9:00 pm - Open Floor > >SPEAKER > >Josh Rabinowitz is a 13-year veteran of the software industry who >cut his teeth at NASA Ames Research Center and at CNET.com and other >web companies. He currently is an independent internet consultant >and software developer in New York City, and the publisher of >SkateboardDirectory.com, which aims to be your guide to >skateboard sites >on the Internet. > >TOPIC > >Perl 6 and Parrot > >Perl 6 is more than an incremental upgrade to the Perl 5. It's "the >community's rewrite of perl", and seeks to add deep features and >language changes while retaining backward compatibility with the huge >code base of current perl software. While Perl 6 as a language is still >in the design phase, many decisions are being made, and development is >underway on Parrot, an underlying "virtual machine designed to execute >bytecode for interpreted languages efficiently" that is intended to act >as a platform for Perl 6, as well versions of Scheme, BASIC, Befunge, >and other languages. > >In this talk Josh will cover why the world needs Perl 6, the >over-arching Perl 6 design philosophies, some Perl 6 language features >that are in discussion and how they differ from Perl 5, and >new features >that have no Perl 5 analog. Josh will also discuss Parrot's design, >which is driven by three principles: speed, abstraction, and stability, >and provide an overview of the current status of Perl 6 and Parrot. > >***NEW LOCATION*** > >Sun Microsystems Inc >Forth floor, Room 4140, "Grammercy Park" >101 Park Ave >New York, NY 10178-0001 >RSVP > >Please RSVP by sending an e-mail to rsvp at nysa.org with a subject line >of "AUTO RSVP NYSA firstname lastname". The RSVP list will be given to >building security. If you do not RSVP, you will not be able to attend >this event. Please RSVP now if you plan to attend. > >PUBLIC TRANSPORTATION > >Sun Microsystems, is one block south of Grand Central, on the corner of >Park Ave and 41st St. > > From trish Wed Jun 9 16:17:33 2004 From: trish (Trish Lynch) Date: Wed, 9 Jun 2004 16:17:33 -0400 (EDT) Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <20040609031240.GA2249@metm.org> References: <20040609031240.GA2249@metm.org> Message-ID: <20040609161658.K21089@ultra.bsdunix.net> On Tue, 8 Jun 2004 marco at metm.org wrote: > I have no idea if anyone is up to this, but I am going to install > FreeBSD on a VALinux server which I will use to replace the rag-tag > group of linux boxen which make up my home servers. > > It's a pretty nice machine from the 2200 series > -- Mylex DAC960 raid controller, with hotswappable ultra scsi disks > -- SMP capable motherboard with one 800Mhz cpu. > -- Intel everything else > -- I even have a manual > of course you realize I've put lots of these up at OSDN with FreeBSD on them right? -Trish -- Trish Lynch trish at bsdunix.net Ecartis Core Team trish at listmistress.org EFNet IRC Operator/SysAdmin @ irc.dkom.at AilleCat at EFNet Key fingerprint = 781D 2B47 AA4B FC88 B919 0CD6 26B2 1D62 6FC1 FF16 From george Wed Jun 9 16:24:49 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 16:24:49 -0400 Subject: [nycbug-talk] FW: Short review of Secure Architectures with OpenBSD Message-ID: good stuff. . . disclaimer: haven't read review yet. >-----Original Message----- >From: owner-misc at openbsd.org [mailto:owner-misc at openbsd.org] >On Behalf Of Tim Donahue >Sent: Wednesday, June 09, 2004 3:59 PM >To: misc at openbsd.org >Subject: Short review of Secure Architectures with OpenBSD > >There was a short review of Brandon Palmer and Jose Nazario's book >"Secure Architectures With OpenBSD" in this week's ComputerWorld. For >those interested it can be found at >http://www.computerworld.com/securitytopics/security/story/0,10 >801,93626,00.html > > >Tim Donahue > > From george Wed Jun 9 16:28:45 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 16:28:45 -0400 Subject: [nycbug-talk] FW: Calgary Hackathon Message-ID: again. . >-----Original Message----- >From: owner-misc at openbsd.org [mailto:owner-misc at openbsd.org] >On Behalf Of Theo de Raadt >Sent: Wednesday, June 09, 2004 4:02 PM >To: misc at openbsd.org >Subject: Calgary Hackathon > >As some of you know, the Calgary Hackathon will come up soonish. It's >an invite only event, so don't bother asking for access :) > >I am however asking if anyone in the area has dual-Opteron they can >lend us for the duration. > >(We've got a quad-Opteron that AMD donated, but we want another one :) > > From marco Wed Jun 9 17:03:48 2004 From: marco (Marco Scoffier) Date: Wed, 9 Jun 2004 17:03:48 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <20040609161658.K21089@ultra.bsdunix.net> References: <20040609031240.GA2249@metm.org> <20040609161658.K21089@ultra.bsdunix.net> Message-ID: <20040609210347.GB2777@metm.org> On Wed, Jun 09, 2004 at 04:17:33PM -0400, Trish Lynch wrote: > On Tue, 8 Jun 2004 marco at metm.org wrote: > > > I have no idea if anyone is up to this, but I am going to install > > FreeBSD on a VALinux server which I will use to replace the rag-tag > > group of linux boxen which make up my home servers. > > > > It's a pretty nice machine from the 2200 series > > -- Mylex DAC960 raid controller, with hotswappable ultra scsi disks > > -- SMP capable motherboard with one 800Mhz cpu. > > -- Intel everything else > > -- I even have a manual > > > of course you realize I've put lots of these up at OSDN with FreeBSD on > them right? At the last meeting when George introduced you as next month's speaker, he did mention that you were using BSD at VA. It so happens that this box came into my possesion last weekend, and I thought that it might be with a bit of glee that some BSD'ers would gather around it and work their magic. In the quick research I did, it seems that b/c of the Mylex controller and the SMP board that FreeBSD is the best option. Even if this weekend doesn't pan out I'm sure I'll have some questions, and the invitation to hold a BSDfest holds. -- Marco From marco Wed Jun 9 17:25:57 2004 From: marco (Marco Scoffier) Date: Wed, 9 Jun 2004 17:25:57 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: References: <40C74697.7050300@nomadlogic.org> Message-ID: <20040609212556.GA3845@metm.org> On Wed, Jun 09, 2004 at 03:19:35PM -0400, G. Rosamond wrote: > > another night would be great for me. . . > Would a day on the weekend be better for everyone? -- Marco From bsd Wed Jun 9 17:43:24 2004 From: bsd (Kevin Reiter) Date: Wed, 09 Jun 2004 17:43:24 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server References: <40C74697.7050300@nomadlogic.org> <20040609212556.GA3845@metm.org> Message-ID: <001701c44e6a$cac34030$f700a8c0@hephaestus> > Would a day on the weekend be better for everyone? Saturday-ish would be OK fer me. I've got a hot date with a fishin' pole Saturday nite, but that can be postponed if needed. Sunday is out. -Kevin From george Wed Jun 9 20:40:20 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 20:40:20 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <20040609212556.GA3845@metm.org> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of Marco Scoffier >Sent: Wednesday, June 09, 2004 5:26 PM >To: talk at lists.nycbug.org >Subject: Re: [nycbug-talk] secure fest: BSD on a classic VALinux server > >On Wed, Jun 09, 2004 at 03:19:35PM -0400, G. Rosamond wrote: >> >> another night would be great for me. . . >> >Would a day on the weekend be better for everyone? Another adjustment. . .I *can* make it now. . . oops. g From george Wed Jun 9 21:22:03 2004 From: george (G. Rosamond) Date: Wed, 9 Jun 2004 21:22:03 -0400 Subject: [nycbug-talk] flier for Dru's BSD Hacks book . . . Message-ID: ORA sent me a flier today for Dru's book. . . it's at http://www.nycbug.org/down/bsd_hacks_flier.pdf. it's a great resource to get around. . .and the book is brilliant. Finally, there's a book aimed almost completely just at sysadmins, but it also has much useful stuff for developers and end-users. i'm doing the review for Daemon News and Slashdot. . .just built a test FBSD 5.2.1 box to use just for the book. I have a few copies that Michael will distribute around. . .but i want to encourage those who receive it to use it productively. . .do a review for somewhere. . OSNews, whatever. . . g From marco Thu Jun 10 01:01:45 2004 From: marco ('Marco Scoffier') Date: Thu, 10 Jun 2004 01:01:45 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: References: <20040609212556.GA3845@metm.org> Message-ID: <20040610050145.GE3845@metm.org> On Wed, Jun 09, 2004 at 08:40:20PM -0400, G. Rosamond wrote: > >-----Original Message----- > >From: talk-bounces at lists.nycbug.org > >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of Marco Scoffier > >Sent: Wednesday, June 09, 2004 5:26 PM > >To: talk at lists.nycbug.org > >Subject: Re: [nycbug-talk] secure fest: BSD on a classic VALinux server > > > >On Wed, Jun 09, 2004 at 03:19:35PM -0400, G. Rosamond wrote: > >> > >> another night would be great for me. . . > >> > >Would a day on the weekend be better for everyone? > > Another adjustment. . .I *can* make it now. . . > On? On?? On??? Off? ... And we're on! :) I'm guessing we are still talking about Friday night? -- Marco From bsd Thu Jun 10 01:35:04 2004 From: bsd (Kevin Reiter) Date: Thu, 10 Jun 2004 01:35:04 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server References: <20040609212556.GA3845@metm.org> <20040610050145.GE3845@metm.org> Message-ID: <001301c44eac$aed65500$f700a8c0@hephaestus> Is there anyone from Jersey going? If not, can someone please provide some directions from over here (keeping in mind I don't know WTF I'm going)? FYI, I can bring a spare CRT for the evening, in case anyone needs one. -Kevin From george Thu Jun 10 08:48:33 2004 From: george (G. Rosamond) Date: Thu, 10 Jun 2004 08:48:33 -0400 Subject: [nycbug-talk] secure fest: BSD on a classic VALinux server In-Reply-To: <20040610050145.GE3845@metm.org> Message-ID: >On? On?? On??? > > Off? ... > >And we're on! :) > >I'm guessing we are still talking about Friday night? > >-- >Marco Don't make it based on me.. .but yes, i'm on again. That's if *it's* still on. g From marco Thu Jun 10 09:50:32 2004 From: marco ('Marco Scoffier') Date: Thu, 10 Jun 2004 09:50:32 -0400 Subject: [nycbug-talk] Friday night Directions In-Reply-To: References: <20040610050145.GE3845@metm.org> Message-ID: <20040610135032.GC8390@metm.org> On Thu, Jun 10, 2004 at 08:48:33AM -0400, G. Rosamond wrote: > Don't make it based on me.. .but yes, i'm on again. > > That's if *it's* still on. George, Didn't mean to make it or not based on you. But as much as I imagine you would like help delegating this... you are the heart of nycbug ;) Rather than ping-pong things around, I'm going to say, I'll be home tommorrow night with beers and some plan for getting food. Installing or tweaking FreeBSD on my recently acquired VALinux server. Anyone who wants to drop by is welcome to do so, and welcome to bring a box for an install or just chill. I have DSL. 1 4 port router. 1 extra monitor. 1-2 powerstrips. Some extra ethernet cables. Large table and large loft. Ample parking on the street (this is Brooklyn unless there is a large party at the club down the street, you should be able to park on my street, otherwise pretty close by) You should probably bring your own power-cords. Bring your install disks though we can burn more if need be. And if you can a monitor (sorry) My address: 35 Claver Pl. Buzzer no. 8 Brooklyn NY 11238 718 638 7726 (don't hesitate to call if you are lost) Directions: By train. Take the 'C' train to Franklin Ave. Head of train. Only one exit from station. Take left out of station (along Fulton back towards downtown Brooklyn). First right Claver Pl. (There is a laundry place with big purple taj-mahal-like spires). 3rd building on right. no.35 Big red door well lit. Buzzer #8 or give me a call to come down 718 638 7726. By Car from Manhattan: Take either the Manhattan or Brooklyn Bridge to Flatbush Ave. (if you are a brooklyn newbie take the manhattan it dumps you straight into Flatbush). Take a left on Fulton. (about 4-5 lights you just passed an Applebees on your left and Juniors Diner on the right). You turn in front of a Popeyes (yes you are entering the land of numerous fried chicken places). Stay straight on Fulton for 10-12 lights. You will cross Classon Ave. and take the next left. Claver Pl. no light. no stop. small street. Black awning 'Futa Fabrics' marks left corner of intersection. 3rd building on right. no.35 , Big red door well lit. Buzzer #8 or give me a call to come down 718 638 7726. By car from Verrezano: Is more complicated. I haven't done it in a while. Best is that you aim at Prospect Park. Come up the east side. And you can turn off onto Classon. which can lead you to Fulton. Take a right. 1st left is Claver. Ask me about this if you want to do it, but I'll have to look at a map. By Car or bike from Williamsburg or from BQE: I would take Wythe Ave or the Wythe Ave exit of the BQE (one south of Williamsburg Bridge). Go south on Wythe. Wythe turns into Franklin. When you reach Fulton, make a right (there is an overpass for the subway station). First right is Claver Pl. 3rd building on right. no.35 , Big red door well lit. Buzzer #8 or give me a call to come down 718 638 7726. -- Marco From george Thu Jun 10 10:01:23 2004 From: george (G. Rosamond) Date: Thu, 10 Jun 2004 10:01:23 -0400 Subject: [nycbug-talk] Friday night Directions In-Reply-To: <20040610135032.GC8390@metm.org> Message-ID: >George, > >Didn't mean to make it or not based on you. >But as much as I imagine you would like help delegating this... >you are the heart of nycbug ;) it's all you marco. . .all you. . .i'm just a bystander on this. >Rather than ping-pong things around, I'm going to say, I'll be home >tommorrow night with beers and some plan for getting food. Installing >or tweaking FreeBSD on my recently acquired VALinux server. Anyone who >wants to drop by is welcome to do so, and welcome to bring a box for an >install or just chill. Anything else needed? Who else is on? g From bsd Thu Jun 10 11:59:43 2004 From: bsd (Kevin Reiter) Date: Thu, 10 Jun 2004 11:59:43 -0400 Subject: [nycbug-talk] Friday night Directions References: Message-ID: <001101c44f03$f248ccd0$f700a8c0@hephaestus> > Anything else needed? Who else is on? I'm still game. If anyone else from Jersey is going, I have room for 1. I plan on bringing the following, in case anyone is short on equipment: patch cables 8-port switch power cables power strip 1 extra monitor -Kevin From rwbutcher Thu Jun 10 12:01:54 2004 From: rwbutcher (Bob Butcher) Date: Thu, 10 Jun 2004 09:01:54 -0700 (PDT) Subject: [nycbug-talk] Friday night Directions In-Reply-To: Message-ID: <20040610160154.65883.qmail@web60608.mail.yahoo.com> > >George, > > > >Didn't mean to make it or not based on you. > >But as much as I imagine you would like help > delegating this... > >you are the heart of nycbug ;) > > it's all you marco. . .all you. . .i'm just a > bystander on this. > > >Rather than ping-pong things around, I'm going to > say, I'll be home > >tommorrow night with beers and some plan for > getting food. Installing > >or tweaking FreeBSD on my recently acquired VALinux > server. Anyone who > >wants to drop by is welcome to do so, and welcome > to bring a box for an > >install or just chill. > > Anything else needed? Who else is on? > > g > > _______________________________________________ Hi Marco, You may remember me as one of your students from a Unix class you taught for another organization. I think I'll try to come but I don't see being able to make it much before 8 pm. I have a Dell poweredge 1300 that has bsd 5.1 installed. I could use some help with configuring the /etc/X11/XF86Config-4 file. Since I installed the OS I have purchased a sound card which needs to be installed. all the best, Bob Butcher __________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ From bob Thu Jun 10 12:05:37 2004 From: bob (Bob Ippolito) Date: Thu, 10 Jun 2004 12:05:37 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <40C705E9.30480.5280AE09@localhost> References: <40C705E9.30480.5280AE09@localhost> Message-ID: <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> I don't think I'm going to be able to make USENIX this year, but one thing I've heard about that particularly interests me is that the whole CAcert crew is going to be there. CAcert is the "Community-Oriented and Driven Certificate Authority". Basically, they're trying to do what Thawte, Verisign, etc. does, but offer the services for free. They offer email, server, and most recently code signing certificates. The 'problem' with CAcert (other than the fact that operating systems don't yet trust its root cert by default), is that in order to be fully authorized (get 2 year certs, name on email cert, etc.) you need to be verified by an existing member with assurer (or better) status. Unfortunately, there aren't ANY assurers in the NYC area! Since these are the board members, anyone certified by them is immediately granted assurer status. So, for those of you going, it would be awesome if you signed up for CAcert and got yourself assured, and we could have a little "key-signing party" at the end of the next nycbug meeting. If three nycbug members become assured by board members, then that is enough to assign >100 points to new people, who can then assure each other, so that nycbug'er (who wants it) should be able to end up with full assurer status (assuming there's about 6 people who are interested, possibly less if I do the math). -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040610/39e542cf/attachment.bin From marco Thu Jun 10 12:16:41 2004 From: marco (marco at metm.org) Date: Thu, 10 Jun 2004 12:16:41 -0400 Subject: [nycbug-talk] Friday night Directions In-Reply-To: <20040610160154.65883.qmail@web60608.mail.yahoo.com> References: <20040610160154.65883.qmail@web60608.mail.yahoo.com> Message-ID: <20040610161640.GH8390@metm.org> On Thu, Jun 10, 2004 at 09:01:54AM -0700, Bob Butcher wrote: > Hi Marco, > You may remember me as one of your students from a > Unix class you taught for another organization. > I think I'll try to come but I don't see being able > to make it much before 8 pm. I have a Dell poweredge > 1300 that has bsd 5.1 installed. I could use some help > with configuring the /etc/X11/XF86Config-4 file. Since > I installed the OS I have purchased a sound card which > needs to be installed. Sure Bob, Would be glad to see you again. I plan on going late. -- Marco From bob Thu Jun 10 14:39:28 2004 From: bob (Bob Ippolito) Date: Thu, 10 Jun 2004 14:39:28 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> Message-ID: <819CCA3C-BB0D-11D8-A61E-000A95686CD8@redivi.com> On Jun 10, 2004, at 12:05 PM, Bob Ippolito wrote: > I don't think I'm going to be able to make USENIX this year, but one > thing I've heard about that particularly interests me is that the > whole CAcert crew is going to be there. CAcert is the > "Community-Oriented and Driven Certificate Authority". Basically, > they're trying to do what Thawte, Verisign, etc. does, but offer the > services for free. They offer email, server, and most recently code > signing certificates. > > The 'problem' with CAcert (other than the fact that operating systems > don't yet trust its root cert by default), is that in order to be > fully authorized (get 2 year certs, name on email cert, etc.) you need > to be verified by an existing member with assurer (or better) status. > Unfortunately, there aren't ANY assurers in the NYC area! Since these > are the board members, anyone certified by them is immediately granted > assurer status. So, for those of you going, it would be awesome if > you signed up for CAcert and got yourself assured, and we could have a > little "key-signing party" at the end of the next nycbug meeting. If > three nycbug members become assured by board members, then that is > enough to assign >100 points to new people, who can then assure each > other, so that nycbug'er (who wants it) should be able to end up with > full assurer status (assuming there's about 6 people who are > interested, possibly less if I do the math). Looks like I won't even be able to make the next meeting.. I just made plans to go to WWDC (on a complimentary ticket, no less), so I will be out of town from the 28th-2nd (give or take). I still think that whoever is going should look into this, so that I can get authorized in August :) -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040610/9b004d88/attachment.bin From george Thu Jun 10 19:19:52 2004 From: george (G. Rosamond) Date: Thu, 10 Jun 2004 19:19:52 -0400 Subject: [nycbug-talk] August Meeting Message-ID: We have a confirmed speaker for August 4th NYCBUG. . . Simon Lok spoke for NYLUG many years ago, and ripped apart the CW of network security. His firm has a number of creative OpenBSD solutions. His meeting will be focused on Soekris hardware with OpenBSD and pf. . .And maybe some CARP action. He's also a doctoral student at Columbia. I can't tell everyone how much of a great speaker he was. . .I kept his info around on file since I knew sooner or later we'd have a BSD User Group in NYC. We're still waiting on Michael Lucas' details on his visit to NYC, but it looks like it will be in the fall. g From mikel.king Fri Jun 11 00:02:04 2004 From: mikel.king (mikel king) Date: Fri, 11 Jun 2004 00:02:04 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <819CCA3C-BB0D-11D8-A61E-000A95686CD8@redivi.com> References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> <819CCA3C-BB0D-11D8-A61E-000A95686CD8@redivi.com> Message-ID: <40C92EBC.2030607@ocsny.com> Bob Ippolito wrote: > > On Jun 10, 2004, at 12:05 PM, Bob Ippolito wrote: > >> I don't think I'm going to be able to make USENIX this year, but one >> thing I've heard about that particularly interests me is that the >> whole CAcert crew is going to be there. CAcert is the >> "Community-Oriented and Driven Certificate Authority". Basically, >> they're trying to do what Thawte, Verisign, etc. does, but offer the >> services for free. They offer email, server, and most recently code >> signing certificates. >> >> The 'problem' with CAcert (other than the fact that operating systems >> don't yet trust its root cert by default), is that in order to be >> fully authorized (get 2 year certs, name on email cert, etc.) you >> need to be verified by an existing member with assurer (or better) >> status. Unfortunately, there aren't ANY assurers in the NYC area! >> Since these are the board members, anyone certified by them is >> immediately granted assurer status. So, for those of you going, it >> would be awesome if you signed up for CAcert and got yourself >> assured, and we could have a little "key-signing party" at the end of >> the next nycbug meeting. If three nycbug members become assured by >> board members, then that is enough to assign >100 points to new >> people, who can then assure each other, so that nycbug'er (who wants >> it) should be able to end up with full assurer status (assuming >> there's about 6 people who are interested, possibly less if I do the >> math). > > > Looks like I won't even be able to make the next meeting.. I just made > plans to go to WWDC (on a complimentary ticket, no less), so I will be > out of town from the 28th-2nd (give or take). I still think that > whoever is going should look into this, so that I can get authorized > in August :) > > -bob > >------------------------------------------------------------------------ > >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > Bob, Thanks for the heads up on this. There are just too many great projects out there that it's har sometimes to be aware of all of them. Well in any event I took the liberty of registering with cacert and then investigating the assurance program. I then contacted them to find out what we are supposed to do and this is the email theat I received; mikel king wrote: > I've read your documentation about becoming an assurer, and I am a bit > unclear about the procedure for the problem of not having any assurers > in my area. Truth be told that's the main reason why I would be > interested in doing this, as I work in the NYC Metro area and know of > hundreds of people who would need this. If some one would contact me > and explain what would need to be done I'd be very appreciative. Would you be able to get a group of people together? Basically we're trying to cover as many people as possible and if you could get enough people together, I have some time after the conference before I fly back to Australia and I'd be even willing to suffer a bus trip to accommodate a large enough group... -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers "In the confrontation between the stream and the rock, the stream always wins; not through strength, but through persistence." I assured Duane that I could garantee atleast 20 people and possibly upwards of 70. Cause if this dude is willing to stop in to check us out I think it'd be worth the special meeting...So who's game? From bob Fri Jun 11 00:40:59 2004 From: bob (Bob Ippolito) Date: Fri, 11 Jun 2004 00:40:59 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <40C92EBC.2030607@ocsny.com> References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> <819CCA3C-BB0D-11D8-A61E-000A95686CD8@redivi.com> <40C92EBC.2030607@ocsny.com> Message-ID: <8916CF59-BB61-11D8-A61E-000A95686CD8@redivi.com> On Jun 11, 2004, at 12:02 AM, mikel king wrote: > Bob Ippolito wrote: > >> >> On Jun 10, 2004, at 12:05 PM, Bob Ippolito wrote: >> >>> I don't think I'm going to be able to make USENIX this year, but one >>> thing I've heard about that particularly interests me is that the >>> whole CAcert crew is going to be there. CAcert is the >>> "Community-Oriented and Driven Certificate Authority". Basically, >>> they're trying to do what Thawte, Verisign, etc. does, but offer the >>> services for free. They offer email, server, and most recently code >>> signing certificates. > > Thanks for the heads up on this. There are just too many great > projects out there that it's har sometimes to be aware of all of them. > Well in any event I took the liberty of registering with cacert and > then investigating the assurance program. I then contacted them to > find out what we are supposed to do and this is the email theat I > received; > > mikel king wrote: > >> I've read your documentation about becoming an assurer, and I am a >> bit unclear about the procedure for the problem of not having any >> assurers in my area. Truth be told that's the main reason why I would >> be interested in doing this, as I work in the NYC Metro area and know >> of hundreds of people who would need this. If some one would contact >> me and explain what would need to be done I'd be very appreciative. > > > Would you be able to get a group of people together? > > Basically we're trying to cover as many people as possible and if you > could get enough people together, I have some time after the > conference before I fly back to Australia and I'd be even willing to > suffer a bus trip to accommodate a large enough group... > > I assured Duane that I could garantee atleast 20 people and possibly > upwards of 70. Cause if this dude is willing to stop in to check us > out I think it'd be worth the special meeting...So who's game? I am most definitely game, however I will be at SF for WWDC from the 27th-4th. Which means I miss USENIX and the next nycbug meeting. If we could schedule something afterwards (i.e. take over some drinking establishment) it would be awesome. I bet if we invited the NYLUG'ers or NYPHP (?) or whatever, we could have one ugly assurance/key signing orgy on our hands. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040611/bce5b469/attachment.bin From john Fri Jun 11 04:15:32 2004 From: john (John Bacall) Date: Fri, 11 Jun 2004 04:15:32 -0400 Subject: [nycbug-talk] flier for Dru's BSD Hacks book . . . In-Reply-To: References: Message-ID: <20040611081532.GD1365@dancer> * G. Rosamond [20040609 21:22]: > Finally, there's a book aimed almost completely just at sysadmins, but > it also has much useful stuff for developers and end-users. > > i'm doing the review for Daemon News and Slashdot. . .just built a test > FBSD 5.2.1 box to use just for the book. You wanker! That's my idea from two weeks or more. 8) Seriously, I read the pdf and thought, Man, this book is so nice. Thought about that one person ~2 months ago who asked on updating ports from source and cvs solutions yet miniscule onboard storage requirement. I'll take one of those books, Mike. This one beckons me. John From john Fri Jun 11 04:17:06 2004 From: john (John Bacall) Date: Fri, 11 Jun 2004 04:17:06 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: References: Message-ID: <20040611081706.GE1365@dancer> * G. Rosamond [20040610 19:19]: > Simon Lok spoke for NYLUG many years ago, and ripped apart the CW of > network security. His firm has a number of creative OpenBSD solutions. > His meeting will be focused on Soekris hardware with OpenBSD and pf. . > .And maybe some CARP action. He's also a doctoral student at Columbia. Ahhh sh_t, I'm there. John From mikel.king Fri Jun 11 11:04:49 2004 From: mikel.king (mikel king) Date: Fri, 11 Jun 2004 11:04:49 -0400 Subject: [nycbug-talk] CAcert.org Message-ID: <40C9CA11.4030801@ocsny.com> Greetings all, I have been corresponding with Duane from cacert who will be in Boston for USENIX. He is going to be able to arrange transport down for the July 4th weekend. Unfortunately h has a very limited schedule, as he must return to Boston to catch his flight back to AU. I've offered for him to crash at my place on the 4th and then hope the rail into work with my Monday morning. Do a bunch of certs then head later that afternoon back to Boston so he ca make his flight back home. So how many people from this list and the nylug and nyphp would be willing to stop by my office, or even a diner and have an breakfast cert-athon? The goal is to get at least 20 people all together. Please cross post this out to all of the NY and Northern NJ , and even Southern CT mailing lists you know. Those who complete this step will become local assurers for CAcert. Cheers, m! From george Fri Jun 11 11:07:40 2004 From: george (G. Rosamond) Date: Fri, 11 Jun 2004 11:07:40 -0400 Subject: [nycbug-talk] CAcert.org In-Reply-To: <40C9CA11.4030801@ocsny.com> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of mikel king >Sent: Friday, June 11, 2004 11:05 AM >To: NYC Bug List >Subject: [nycbug-talk] CAcert.org > >Greetings all, > > I have been corresponding with Duane from cacert who will be in >Boston for USENIX. He is going to be able to arrange transport >down for >the July 4th weekend. Unfortunately h has a very limited >schedule, as he >must return to Boston to catch his flight back to AU. I've >offered for >him to crash at my place on the 4th and then hope the rail into work >with my Monday morning. Do a bunch of certs then head later that >afternoon back to Boston so he ca make his flight back home. > > So how many people from this list and the nylug and nyphp would be >willing to stop by my office, or even a diner and have an breakfast >cert-athon? > > The goal is to get at least 20 people all together. Please cross >post this out to all of the NY and Northern NJ , and even Southern CT >mailing lists you know. Those who complete this step will >become local >assurers for CAcert. > > >Cheers, >m! Great MK. . . I'll be at USENIX, as you guys know, so maybe he could stop by the BSDMall table. . .Monday through Wednesday. .. g From george Fri Jun 11 11:51:53 2004 From: george (G. Rosamond) Date: Fri, 11 Jun 2004 11:51:53 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: <20040611081706.GE1365@dancer> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of John Bacall >Sent: Friday, June 11, 2004 4:17 AM >To: talk at lists.nycbug.org >Subject: Re: [nycbug-talk] August Meeting > >* G. Rosamond [20040610 19:19]: >> Simon Lok spoke for NYLUG many years ago, and ripped apart the CW of >> network security. His firm has a number of creative OpenBSD >solutions. >> His meeting will be focused on Soekris hardware with OpenBSD >and pf. . >> .And maybe some CARP action. He's also a doctoral student >at Columbia. > >Ahhh sh_t, I'm there. > > John Do you remember his security meeting? Maybe you could add to my plug. . . g From george Fri Jun 11 11:51:53 2004 From: george (G. Rosamond) Date: Fri, 11 Jun 2004 11:51:53 -0400 Subject: [nycbug-talk] flier for Dru's BSD Hacks book . . . In-Reply-To: <20040611081532.GD1365@dancer> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of John Bacall >Sent: Friday, June 11, 2004 4:16 AM >To: talk at lists.nycbug.org >Subject: Re: [nycbug-talk] flier for Dru's BSD Hacks book . . . > >* G. Rosamond [20040609 21:22]: >> Finally, there's a book aimed almost completely just at >sysadmins, but >> it also has much useful stuff for developers and end-users. >> >> i'm doing the review for Daemon News and Slashdot. . .just >built a test >> FBSD 5.2.1 box to use just for the book. > >You wanker! That's my idea from two weeks or more. 8) > >Seriously, I read the pdf and thought, Man, this book is so nice. >Thought about that one person ~2 months ago who asked on updating ports >from source and cvs solutions yet miniscule onboard storage >requirement. > >I'll take one of those books, Mike. This one beckons me. > > John Glad to see you're as excited as I am about this book John. . . You're gonna do a review. . .right? g From chrisc Fri Jun 11 12:07:14 2004 From: chrisc (Chris Coleman) Date: Fri, 11 Jun 2004 11:07:14 -0500 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> Message-ID: <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> Ok, I have my cert from CAcert. Now who is going to write me an quick explanation of how to install it on Mail.app in my ibook? (An article is in order on setting this up on BSD and ibooks.) -Chris On Jun 10, 2004, at 11:05 AM, Bob Ippolito wrote: > I don't think I'm going to be able to make USENIX this year, but one > thing I've heard about that particularly interests me is that the > whole CAcert crew is going to be there. CAcert is the > "Community-Oriented and Driven Certificate Authority". Basically, > they're trying to do what Thawte, Verisign, etc. does, but offer the > services for free. They offer email, server, and most recently code > signing certificates. > > The 'problem' with CAcert (other than the fact that operating systems > don't yet trust its root cert by default), is that in order to be > fully authorized (get 2 year certs, name on email cert, etc.) you need > to be verified by an existing member with assurer (or better) status. > Unfortunately, there aren't ANY assurers in the NYC area! Since these > are the board members, anyone certified by them is immediately granted > assurer status. So, for those of you going, it would be awesome if > you signed up for CAcert and got yourself assured, and we could have a > little "key-signing party" at the end of the next nycbug meeting. If > three nycbug members become assured by board members, then that is > enough to assign >100 points to new people, who can then assure each > other, so that nycbug'er (who wants it) should be able to end up with > full assurer status (assuming there's about 6 people who are > interested, possibly less if I do the math). > > -bob > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Chris Coleman Editor in Chief Daemon News http://www.daemonnews.org BSD Mall http://www.bsdmall.com Print Magazine http://magazine.daemonnews.org From george Fri Jun 11 12:10:46 2004 From: george (G. Rosamond) Date: Fri, 11 Jun 2004 12:10:46 -0400 Subject: [nycbug-talk] Future Events Message-ID: As many of you know. . .I keep the future events section of the site as current as possible. It's a good idea to take a look at the page on a semi-regular basis. Hans, Trish. . .if you have any changes on your meetings, please convey to me. g From dan Fri Jun 11 12:24:00 2004 From: dan (Dan Langille) Date: Fri, 11 Jun 2004 12:24:00 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> References: <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> Message-ID: <40C9A460.21469.5CBBDE6D@localhost> On 11 Jun 2004 at 11:07, Chris Coleman wrote: > Ok, I have my cert from CAcert. Now who is going to write me an quick > explanation of how to install it on Mail.app in my ibook? > > (An article is in order on setting this up on BSD and ibooks.) I just enrolled too. -- Dan Langille : http://www.langille.org/ BSDCan - http://www.bsdcan.org/ From bob Fri Jun 11 12:26:53 2004 From: bob (Bob Ippolito) Date: Fri, 11 Jun 2004 12:26:53 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> Message-ID: <263F69EE-BBC4-11D8-8071-000A95686CD8@redivi.com> Use http://www.joar.com/certificates/ shows you how to do it with Thawte certs.. it should be the same, beyond the web page stuff. -bob On Jun 11, 2004, at 12:07 PM, Chris Coleman wrote: > Ok, I have my cert from CAcert. Now who is going to write me an quick > explanation of how to install it on Mail.app in my ibook? > > (An article is in order on setting this up on BSD and ibooks.) > > On Jun 10, 2004, at 11:05 AM, Bob Ippolito wrote: > >> I don't think I'm going to be able to make USENIX this year, but one >> thing I've heard about that particularly interests me is that the >> whole CAcert crew is going to be there. CAcert is the >> "Community-Oriented and Driven Certificate Authority". Basically, >> they're trying to do what Thawte, Verisign, etc. does, but offer the >> services for free. They offer email, server, and most recently code >> signing certificates. >> >> The 'problem' with CAcert (other than the fact that operating systems >> don't yet trust its root cert by default), is that in order to be >> fully authorized (get 2 year certs, name on email cert, etc.) you >> need to be verified by an existing member with assurer (or better) >> status. Unfortunately, there aren't ANY assurers in the NYC area! >> Since these are the board members, anyone certified by them is >> immediately granted assurer status. So, for those of you going, it >> would be awesome if you signed up for CAcert and got yourself >> assured, and we could have a little "key-signing party" at the end of >> the next nycbug meeting. If three nycbug members become assured by >> board members, then that is enough to assign >100 points to new >> people, who can then assure each other, so that nycbug'er (who wants >> it) should be able to end up with full assurer status (assuming >> there's about 6 people who are interested, possibly less if I do the >> math). -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040611/3713d729/attachment.bin From mikel.king Fri Jun 11 12:29:12 2004 From: mikel.king (mikel king) Date: Fri, 11 Jun 2004 12:29:12 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> Message-ID: <40C9DDD8.6070205@ocsny.com> Chris Coleman wrote: > Ok, I have my cert from CAcert. Now who is going to write me an quick > explanation of how to install it on Mail.app in my ibook? > > (An article is in order on setting this up on BSD and ibooks.) > > -Chris > > On Jun 10, 2004, at 11:05 AM, Bob Ippolito wrote: > >> I don't think I'm going to be able to make USENIX this year, but one >> thing I've heard about that particularly interests me is that the >> whole CAcert crew is going to be there. CAcert is the >> "Community-Oriented and Driven Certificate Authority". Basically, >> they're trying to do what Thawte, Verisign, etc. does, but offer the >> services for free. They offer email, server, and most recently code >> signing certificates. >> >> The 'problem' with CAcert (other than the fact that operating systems >> don't yet trust its root cert by default), is that in order to be >> fully authorized (get 2 year certs, name on email cert, etc.) you >> need to be verified by an existing member with assurer (or better) >> status. Unfortunately, there aren't ANY assurers in the NYC area! >> Since these are the board members, anyone certified by them is >> immediately granted assurer status. So, for those of you going, it >> would be awesome if you signed up for CAcert and got yourself >> assured, and we could have a little "key-signing party" at the end of >> the next nycbug meeting. If three nycbug members become assured by >> board members, then that is enough to assign >100 points to new >> people, who can then assure each other, so that nycbug'er (who wants >> it) should be able to end up with full assurer status (assuming >> there's about 6 people who are interested, possibly less if I do the >> math). >> >> -bob >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk >> > Chris Coleman Editor in Chief > Daemon News http://www.daemonnews.org > BSD Mall http://www.bsdmall.com > Print Magazine http://magazine.daemonnews.org > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk I don't have an iBook, so will a g3 w/ 10.2 do? From george Fri Jun 11 12:36:56 2004 From: george (G. Rosamond) Date: Fri, 11 Jun 2004 12:36:56 -0400 Subject: [nycbug-talk] CACert Message-ID: I'm in too. .. but my ibook is in the shop, and i'm on my w2k box. . . blah. g From bob Fri Jun 11 12:39:46 2004 From: bob (Bob Ippolito) Date: Fri, 11 Jun 2004 12:39:46 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: <40C9DDD8.6070205@ocsny.com> References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> <40C9DDD8.6070205@ocsny.com> Message-ID: On Jun 11, 2004, at 12:29 PM, mikel king wrote: > Chris Coleman wrote: > >> Ok, I have my cert from CAcert. Now who is going to write me an >> quick explanation of how to install it on Mail.app in my ibook? >> >> (An article is in order on setting this up on BSD and ibooks.) >> >> On Jun 10, 2004, at 11:05 AM, Bob Ippolito wrote: >> >>> I don't think I'm going to be able to make USENIX this year, but one >>> thing I've heard about that particularly interests me is that the >>> whole CAcert crew is going to be there. CAcert is the >>> "Community-Oriented and Driven Certificate Authority". Basically, >>> they're trying to do what Thawte, Verisign, etc. does, but offer the >>> services for free. They offer email, server, and most recently code >>> signing certificates. >>> >>> The 'problem' with CAcert (other than the fact that operating >>> systems don't yet trust its root cert by default), is that in order >>> to be fully authorized (get 2 year certs, name on email cert, etc.) >>> you need to be verified by an existing member with assurer (or >>> better) status. Unfortunately, there aren't ANY assurers in the NYC >>> area! Since these are the board members, anyone certified by them >>> is immediately granted assurer status. So, for those of you going, >>> it would be awesome if you signed up for CAcert and got yourself >>> assured, and we could have a little "key-signing party" at the end >>> of the next nycbug meeting. If three nycbug members become assured >>> by board members, then that is enough to assign >100 points to new >>> people, who can then assure each other, so that nycbug'er (who wants >>> it) should be able to end up with full assurer status (assuming >>> there's about 6 people who are interested, possibly less if I do the >>> math). > > I don't have an iBook, so will a g3 w/ 10.2 do? I'm pretty that the Mail.app that ships with 10.2 DOES NOT support digital signatures. Upgrade! 10.3 is much better. -bob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2357 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20040611/31d1e8ca/attachment.bin From mikel.king Fri Jun 11 13:07:16 2004 From: mikel.king (mikel king) Date: Fri, 11 Jun 2004 13:07:16 -0400 Subject: [nycbug-talk] USENIX + CACert In-Reply-To: References: <40C705E9.30480.5280AE09@localhost> <0356DF82-BAF8-11D8-A61E-000A95686CD8@redivi.com> <6749C612-BBC1-11D8-8C02-000393A620A4@daemonnews.org> <40C9DDD8.6070205@ocsny.com> Message-ID: <40C9E6C4.2090601@ocsny.com> Bob Ippolito wrote: > > On Jun 11, 2004, at 12:29 PM, mikel king wrote: > >> Chris Coleman wrote: >> >>> Ok, I have my cert from CAcert. Now who is going to write me an >>> quick explanation of how to install it on Mail.app in my ibook? >>> >>> (An article is in order on setting this up on BSD and ibooks.) >>> >>> On Jun 10, 2004, at 11:05 AM, Bob Ippolito wrote: >>> >>>> I don't think I'm going to be able to make USENIX this year, but >>>> one thing I've heard about that particularly interests me is that >>>> the whole CAcert crew is going to be there. CAcert is the >>>> "Community-Oriented and Driven Certificate Authority". Basically, >>>> they're trying to do what Thawte, Verisign, etc. does, but offer >>>> the services for free. They offer email, server, and most recently >>>> code signing certificates. >>>> >>>> The 'problem' with CAcert (other than the fact that operating >>>> systems don't yet trust its root cert by default), is that in order >>>> to be fully authorized (get 2 year certs, name on email cert, etc.) >>>> you need to be verified by an existing member with assurer (or >>>> better) status. Unfortunately, there aren't ANY assurers in the >>>> NYC area! Since these are the board members, anyone certified by >>>> them is immediately granted assurer status. So, for those of you >>>> going, it would be awesome if you signed up for CAcert and got >>>> yourself assured, and we could have a little "key-signing party" at >>>> the end of the next nycbug meeting. If three nycbug members become >>>> assured by board members, then that is enough to assign >100 points >>>> to new people, who can then assure each other, so that nycbug'er >>>> (who wants it) should be able to end up with full assurer status >>>> (assuming there's about 6 people who are interested, possibly less >>>> if I do the math). >>> >> >> I don't have an iBook, so will a g3 w/ 10.2 do? > > > I'm pretty that the Mail.app that ships with 10.2 DOES NOT support > digital signatures. > > Upgrade! 10.3 is much better. > > -bob I upgraded to mozilla instead...;-) This way I can divert more of my funds to my research on beer. From mikel.king Fri Jun 11 13:14:34 2004 From: mikel.king (mikel king) Date: Fri, 11 Jun 2004 13:14:34 -0400 Subject: [nycbug-talk] CACert In-Reply-To: References: Message-ID: <40C9E87A.8070007@ocsny.com> G. Rosamond wrote: >I'm in too. .. > >but my ibook is in the shop, and i'm on my w2k box. . . > >blah. > >g > >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk > > Awe that's ok we wont hold it against you...;-D From trish Fri Jun 11 15:18:05 2004 From: trish (Trish Lynch) Date: Fri, 11 Jun 2004 15:18:05 -0400 (EDT) Subject: [nycbug-talk] Future Events In-Reply-To: References: Message-ID: <20040611151645.D21089@ultra.bsdunix.net> On Fri, 11 Jun 2004, G. Rosamond wrote: > As many of you know. . .I keep the future events section of the site as > current as possible. > > It's a good idea to take a look at the page on a semi-regular basis. > > Hans, Trish. . .if you have any changes on your meetings, please convey > to me. > > g > No, I have no chenges, just a heads up. Due to some personal stuff, that may be out of my control, I may need to reschedule for a later time, BUT as of now, its not effecting this, so theres no need to change this right now. Just figured I'd give a heads up so you might have a "backup" just in case. -Trish -- Trish Lynch trish at bsdunix.net Ecartis Core Team trish at listmistress.org EFNet IRC Operator/SysAdmin @ irc.dkom.at AilleCat at EFNet Key fingerprint = 781D 2B47 AA4B FC88 B919 0CD6 26B2 1D62 6FC1 FF16 From john Sat Jun 12 01:08:34 2004 From: john ('John Bacall') Date: Sat, 12 Jun 2004 01:08:34 -0400 Subject: [nycbug-talk] flier for Dru's BSD Hacks book . . . In-Reply-To: References: <20040611081532.GD1365@dancer> Message-ID: <20040612050834.GA702@dancer> * G. Rosamond [20040611 11:51]: > Glad to see you're as excited as I am about this book John. . . > > You're gonna do a review. . .right? That's a given, Gee. John From sunny-ml Sat Jun 12 09:18:57 2004 From: sunny-ml (Sunny Dubey) Date: Sat, 12 Jun 2004 09:18:57 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: References: Message-ID: <200406120918.57596.sunny-ml@opencurve.org> On Friday 11 June 2004 11:51 am, G. Rosamond wrote: > > Do you remember his security meeting? It was a great meeting. There is a video of the entire meeting at: http://opencurve.org/~sunny/nylug/simon_lok-nylug37.mpeg.bz2 The movie was composed by taking all the broken up clips from nylug.org and putting them together. From sunny-ml Sat Jun 12 09:26:35 2004 From: sunny-ml (Sunny Dubey) Date: Sat, 12 Jun 2004 09:26:35 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: <200406120918.57596.sunny-ml@opencurve.org> References: <200406120918.57596.sunny-ml@opencurve.org> Message-ID: <200406120926.35382.sunny-ml@opencurve.org> On Saturday 12 June 2004 09:18 am, Sunny Dubey wrote: > The movie was composed by taking all the broken up clips from nylug.org > and putting them together. the movie is also 100MB, and the quality isn't that great Sunny Dubey From john Sat Jun 12 01:17:02 2004 From: john ('John Bacall') Date: Sat, 12 Jun 2004 01:17:02 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: References: <20040611081706.GE1365@dancer> Message-ID: <20040612051702.GB702@dancer> * G. Rosamond [20040611 11:51]: > Do you remember his security meeting? Didn't go that one, looking at the past meetings section a while back I thought: wtf, Theodore T'so spoke in '99; man, I suck. > Maybe you could add to my plug. . . I'll do a little research; spread the meeting word as well, to the legion; and get some insights from Jim/Eric. At the least I'll spread the word. John From jesse Sat Jun 12 12:12:41 2004 From: jesse (Jesse Callaway) Date: Sat, 12 Jun 2004 12:12:41 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: References: Message-ID: <54B066B4-BC8B-11D8-9780-000A95BD8054@theholymountain.com> On Jun 10, 2004, at 7:19 PM, G. Rosamond wrote: > We have a confirmed speaker for August 4th NYCBUG. . . I'll be sure to arrive on time. Still can't get over that I was too late for Isaac's talk. Really missed out... From george Sat Jun 12 12:14:44 2004 From: george (G. Rosamond) Date: Sat, 12 Jun 2004 12:14:44 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: <54B066B4-BC8B-11D8-9780-000A95BD8054@theholymountain.com> Message-ID: >-----Original Message----- >From: Jesse Callaway [mailto:jesse at theholymountain.com] >Sent: Saturday, June 12, 2004 12:13 PM >To: NYC List; G.Rosamond >Subject: Re: [nycbug-talk] August Meeting > > >On Jun 10, 2004, at 7:19 PM, G. Rosamond wrote: > >> We have a confirmed speaker for August 4th NYCBUG. . . > >I'll be sure to arrive on time. Still can't get over that I was too >late for Isaac's talk. Really missed out... > Big I. . .how about the video. .? We should get these meetings digitized and online. .. g From marco Sat Jun 12 17:26:03 2004 From: marco (marco at metm.org) Date: Sat, 12 Jun 2004 17:26:03 -0400 Subject: [nycbug-talk] Installfest Message-ID: <20040612212603.GB407@metm.org> Thanks to George and Ike for stopping by last night. I certainly got my money's worth in tech talk and tips. I've been doing the solitary consultant thing for a while, so it was good bouncing ideas off those two, while we were going through the installs. I'd be up to hosting another such event later in the summer if there is interest. I like the hands-on experience of going through problems in a small group. Hardware report: The Mylex Raid controller seems flaky to me. It lost the raid configuration, and I had to do a little unplug cable, clear config dance to get the volume back. When we got the install down on the raid5 volume, we couldn't boot off of it. We ended up ripping out the controller and plugging the 3 SCSI disks into the adaptec controller on the Mobo. Got a default install on the first scsi disk. I'm playing around with getting a Vinum volume (or plex) on the other two. If that works I'll try to put all three disks into a Vinum volume, by booting off a spare ide drive. But my newness to BSD slows me down at times ;) (I couldn't find how to put the Mylex controller into JBOD mode to try vinum through that controller) -- Marco From bsd Sat Jun 12 13:26:57 2004 From: bsd (Kevin Reiter) Date: Sat, 12 Jun 2004 13:26:57 -0400 Subject: [nycbug-talk] August Meeting References: Message-ID: <004301c450a2$7b90fcc0$f700a8c0@hephaestus> > Big I. . .how about the video. .? We should get these meetings > digitized and online. .. I can convert the existing ones to a DivX .avi if any wants me to... -Kevin From george Sat Jun 12 23:11:33 2004 From: george (G. Rosamond) Date: Sat, 12 Jun 2004 23:11:33 -0400 Subject: [nycbug-talk] Installfest In-Reply-To: <20040612212603.GB407@metm.org> Message-ID: >-----Original Message----- >From: talk-bounces at lists.nycbug.org >[mailto:talk-bounces at lists.nycbug.org] On Behalf Of marco at metm.org >Sent: Saturday, June 12, 2004 5:26 PM >To: talk at lists.nycbug.org >Subject: [nycbug-talk] Installfest > >Thanks to George and Ike for stopping by last night. > >I certainly got my money's worth in tech talk and tips. > >I've been doing the solitary consultant thing for a while, so it was >good bouncing ideas off those two, while we were going through the >installs. > >I'd be up to hosting another such event later in the summer if there is >interest. I like the hands-on experience of going through problems >in a small group. > >Hardware report: > >The Mylex Raid controller seems flaky to me. It lost the raid >configuration, and I had to do a little unplug cable, clear >config dance >to get the volume back. When we got the install down on the raid5 >volume, we couldn't boot off of it. > >We ended up ripping out the controller and plugging the 3 SCSI disks >into the adaptec controller on the Mobo. Got a default install on the >first scsi disk. I'm playing around with getting a Vinum volume (or >plex) on the other two. If that works I'll try to put all three disks >into a Vinum volume, by booting off a spare ide drive. But my newness >to BSD slows me down at times ;) > >(I couldn't find how to put the Mylex controller into JBOD mode to try >vinum through that controller) Let's schedule an actual date, say in July on a Saturday. . .a little more advanced planning could help attendence. it's a great location, a block and a half from the c train, 20 minutes from manhattan. nice loft, sdsl in the place. . . How about Friday night, July 9th, the Friday after the July NYCBUG meeting? I'd be willing to do it at my place also. . . We could do some tutorials, and bring your hardware if you want to do an install. Thoughts? Thanks again Marco, and thanks again to your better half for the dinner, which was unexpected and very much appreciated. . . g From john Sat Jun 12 12:38:12 2004 From: john (John Bacall) Date: Sat, 12 Jun 2004 12:38:12 -0400 Subject: [nycbug-talk] CAcert.org In-Reply-To: <40C9CA11.4030801@ocsny.com> References: <40C9CA11.4030801@ocsny.com> Message-ID: <20040612163811.GB393@dancer> * mikel king [20040611 11:04]: > The goal is to get at least 20 people all together. Please cross > post this out to all of the NY and Northern NJ , and even Southern CT > mailing lists you know. Those who complete this step will become local > assurers for CAcert. Posted to nylug-talk. Keep us apprised of the final details. John From jonathan.michael.stewart Sun Jun 13 11:08:18 2004 From: jonathan.michael.stewart (Jonathan) Date: Sun, 13 Jun 2004 11:08:18 -0400 Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release does work) Message-ID: <40CC6DE2.8070807@us.army.mil> Wold anyone be willing to help me get a -current kernel to boot on my computer? As the subject says 5.2.1-release boots fine but any recent (within a month +) -current fails to boot successfully. I can test any patches etc. the machine is just sitting right now while I try to get it to work. I don't have a null modem cable and really don't want to pay Radioshack prices for one but I will if I need to. I'm located on FT Drum if anyone is willing to help in person and lives nearby or knows someone nearby who may help. I'd really like to get FreeBSD -current running because I want to stick with 5.x and 5.2.1 release has several known security issues. I will probably switch to -stable when it becomes 5-stable. Thanks for reading this, Jonathan From dan Sun Jun 13 11:21:41 2004 From: dan (Dan Langille) Date: Sun, 13 Jun 2004 11:21:41 -0400 Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release does work) In-Reply-To: <40CC6DE2.8070807@us.army.mil> Message-ID: <40CC38C5.28407.66CFB620@localhost> On 13 Jun 2004 at 11:08, Jonathan wrote: > Wold anyone be willing to help me get a -current kernel to boot on my > computer? As the subject says 5.2.1-release boots fine but any recent > (within a month +) -current fails to boot successfully. I can test any > patches etc. the machine is just sitting right now while I try to get it > to work. I don't have a null modem cable and really don't want to pay > Radioshack prices for one but I will if I need to. I'm located on FT > Drum if anyone is willing to help in person and lives nearby or knows > someone nearby who may help. I'd really like to get FreeBSD -current > running because I want to stick with 5.x and 5.2.1 release has several > known security issues. I will probably switch to -stable when it > becomes 5-stable. Have you tried patching instead of upgrading? -- Dan Langille : http://www.langille.org/ BSDCan - http://www.bsdcan.org/ From jonathan.michael.stewart Sun Jun 13 11:44:16 2004 From: jonathan.michael.stewart (Jonathan) Date: Sun, 13 Jun 2004 11:44:16 -0400 Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release does work) In-Reply-To: <40CC38C5.28407.66CFB620@localhost> References: <40CC38C5.28407.66CFB620@localhost> Message-ID: <40CC7650.5070403@us.army.mil> Dan Langille wrote: > On 13 Jun 2004 at 11:08, Jonathan wrote: > > >>Wold anyone be willing to help me get a -current kernel to boot on my >>computer? As the subject says 5.2.1-release boots fine but any recent >>(within a month +) -current fails to boot successfully. I can test any >>patches etc. the machine is just sitting right now while I try to get it >>to work. I don't have a null modem cable and really don't want to pay >>Radioshack prices for one but I will if I need to. I'm located on FT >>Drum if anyone is willing to help in person and lives nearby or knows >>someone nearby who may help. I'd really like to get FreeBSD -current >>running because I want to stick with 5.x and 5.2.1 release has several >>known security issues. I will probably switch to -stable when it >>becomes 5-stable. > > > Have you tried patching instead of upgrading? Well, I suppose I could do that but I like doing things the hard way ;) that is definitely an option though. I would like to help work out whatever bugs are causing the problems if feasible. I'm not a great coder especially in C and C++ but I do want to contribute to the project. I guess you could say I'm volunteering to be an "alpha" tester. Jonathan From pete Sun Jun 13 13:56:53 2004 From: pete (pete wright) Date: Sun, 13 Jun 2004 13:56:53 -0400 Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release does work) In-Reply-To: <40CC7650.5070403@us.army.mil> References: <40CC38C5.28407.66CFB620@localhost> <40CC7650.5070403@us.army.mil> Message-ID: <0DAFF9D0-BD63-11D8-BDFF-000393BC62B8@nomadlogic.org> On Jun 13, 2004, at 11:44 AM, Jonathan wrote: > Dan Langille wrote: > >> On 13 Jun 2004 at 11:08, Jonathan wrote: >>> Wold anyone be willing to help me get a -current kernel to boot on >>> my computer? As the subject says 5.2.1-release boots fine but any >>> recent (within a month +) -current fails to boot successfully. I >>> can test any patches etc. the machine is just sitting right now >>> while I try to get it to work. I don't have a null modem cable and >>> really don't want to pay Radioshack prices for one but I will if I >>> need to. I'm located on FT Drum if anyone is willing to help in >>> person and lives nearby or knows someone nearby who may help. I'd >>> really like to get FreeBSD -current running because I want to stick >>> with 5.x and 5.2.1 release has several known security issues. I >>> will probably switch to -stable when it becomes 5-stable. i'm game to help you out but i think the folks on the list would need a bit more info your setup, like hardware specs etc. also if you could post the output of a "dmesg." also, are you trying to boot off GENERIC or is this a custom kernel? If custom, try booting off GENERIC. finally, i would post the "uname" of the release that boots fine. -p From pete Sun Jun 13 14:03:51 2004 From: pete (pete wright) Date: Sun, 13 Jun 2004 14:03:51 -0400 Subject: [nycbug-talk] August Meeting In-Reply-To: <004301c450a2$7b90fcc0$f700a8c0@hephaestus> References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus> Message-ID: <06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org> On Jun 12, 2004, at 1:26 PM, Kevin Reiter wrote: >> Big I. . .how about the video. .? We should get these meetings >> digitized and online. .. > > I can convert the existing ones to a DivX .avi if any wants me to... > heh, this raises a very interesting situation. how to encode these movies. from my experience i've had major issues with DivX. Yes they say it's cross platform, but it seems lately the codecs have been a little flakey. for example i had a windows user encode a DivX .avi that would not play on any non-windows platform. most likely the user used an odd codec, but it was still a pain in the a**. at click3x we usually post movies as quicktimes (yea lame non mac/win32 support) or mpeg2's. do other folks have any ideas on how we should post video...maybe real format (lame but it is cross platform). -p > -Kevin > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From pete Sun Jun 13 14:08:05 2004 From: pete (pete wright) Date: Sun, 13 Jun 2004 14:08:05 -0400 Subject: [nycbug-talk] Installfest In-Reply-To: References: Message-ID: <9E1E2AB4-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org> On Jun 12, 2004, at 11:11 PM, G. Rosamond wrote: > > Let's schedule an actual date, say in July on a Saturday. . .a little > more advanced planning could help attendence. > > it's a great location, a block and a half from the c train, 20 minutes > from manhattan. > > nice loft, sdsl in the place. . . > > How about Friday night, July 9th, the Friday after the July NYCBUG > meeting? > > I'd be willing to do it at my place also. . . > > We could do some tutorials, and bring your hardware if you want to do > an > install. > > Thoughts? > sorry i missed it folks :( i'd really be into attending another install fest tho...i was actually thinking about this the other day. on bedford ave. in williamsburg there is this pretty big internet cafe that never has any people in it. maybe we could hook up with them, maybe it'll bring some business in for them too....if there is any interest i'll swing by and see what they think. -p From jonathan.michael.stewart Sun Jun 13 14:21:12 2004 From: jonathan.michael.stewart (Jonathan) Date: Sun, 13 Jun 2004 14:21:12 -0400 Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release does work) In-Reply-To: <0DAFF9D0-BD63-11D8-BDFF-000393BC62B8@nomadlogic.org> References: <40CC38C5.28407.66CFB620@localhost> <40CC7650.5070403@us.army.mil> <0DAFF9D0-BD63-11D8-BDFF-000393BC62B8@nomadlogic.org> Message-ID: <40CC9B18.5020807@us.army.mil> pete wright wrote: > > On Jun 13, 2004, at 11:44 AM, Jonathan wrote: > >> Dan Langille wrote: >> >>> On 13 Jun 2004 at 11:08, Jonathan wrote: >>> >>>> Wold anyone be willing to help me get a -current kernel to boot on >>>> my computer? As the subject says 5.2.1-release boots fine but any >>>> recent (within a month +) -current fails to boot successfully. I >>>> can test any patches etc. the machine is just sitting right now >>>> while I try to get it to work. I don't have a null modem cable and >>>> really don't want to pay Radioshack prices for one but I will if I >>>> need to. I'm located on FT Drum if anyone is willing to help in >>>> person and lives nearby or knows someone nearby who may help. I'd >>>> really like to get FreeBSD -current running because I want to stick >>>> with 5.x and 5.2.1 release has several known security issues. I >>>> will probably switch to -stable when it becomes 5-stable. > > > i'm game to help you out but i think the folks on the list would need a > bit more info your setup, like hardware specs etc. also if you could > post the output of a "dmesg." also, are you trying to boot off GENERIC > or is this a custom kernel? If custom, try booting off GENERIC. > finally, i would post the "uname" of the release that boots fine. > > -p > Booting GENERIC 5.2.1 and trying GENERIC -current The computer is a Pentium I 233MHz with 128MB RAM (My desktop has problems too but the 233 computer will be dedicated to FreeBSD so I want to get it working first). I have a site I can post anything on to avoid large on-list messages as well if that would be better for this list. I will post a transcription of the error messages and a boot -v later but I'm in the middle of a 12 hour buildworld/buildkernel (trying -current dated 5 May 2004 to see if that works). Uname: FreeBSD server.kc8onw.net 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 23 20:45:55 GMT 2004 root at wv1u.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC i386 dmesg: Copyright (c) 1992-2004 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.2.1-RELEASE #0: Mon Feb 23 20:45:55 GMT 2004 root at wv1u.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC Preloaded elf kernel "/boot/5.2.1-release/kernel" at 0xc09e3000. Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Pentium/P55C (233.86-MHz 586-class CPU) Origin = "GenuineIntel" Id = 0x543 Stepping = 3 Features=0x8001bf real memory = 134217728 (128 MB) avail memory = 120758272 (115 MB) Intel Pentium detected, installing workaround for F00F bug npx0: [FAST] npx0:

on motherboard
npx0: INT 16 interface
pcibios: BIOS version 2.10
pcib0: at pcibus 0 on motherboard
pci0: on pcib0
isab0: at device 7.0 on pci0
isa0: on isab0
atapci0: port 0xffa0-0xffaf at device 
7.1 on pci0
ata0: at 0x1f0 irq 14 on atapci0
ata0: [MPSAFE]
ata1: at 0x170 irq 15 on atapci0
ata1: [MPSAFE]
uhci0: port 0xd000-0xd01f irq 
10 at device 7.2 on pci0
usb0: on uhci0
usb0: USB revision 1.0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
piix0: port 0x5f00-0x5f0f at device 7.3 on pci0
Timecounter "PIIX" frequency 3579545 Hz quality 0
pci0: at device 8.0 (no driver attached)
dc0: port 0xd800-0xd8ff mem 
0xffeef800-0xffeefbff irq 11 at device 9.0 on pci0
dc0: Ethernet address: 00:04:5a:50:27:e0
miibus0: on dc0
ukphy0: on miibus0
ukphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
orm0: at iomem 0xc0000-0xc7fff on isa0
pmtimer0 on isa0
atkbdc0: at port 0x64,0x60 on isa0
atkbd0: flags 0x1 irq 1 on atkbdc0
kbd0 at atkbd0
fdc0: at port 
0x3f7,0x3f0-0x3f5 irq 6 drq 2 on isa0
fdc0: FIFO enabled, 8 bytes threshold
ppc0: at port 0x378-0x37f irq 7 on isa0
ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
ppbus0: on ppc0
plip0: on ppbus0
lpt0: on ppbus0
lpt0: Interrupt-driven port
ppi0: on ppbus0
sc0: at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
sio1 at port 0x2f8-0x2ff irq 3 on isa0
sio1: type 16550A
vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
unknown: can't assign resources (port)
unknown: can't assign resources (port)
unknown: can't assign resources (port)
unknown: can't assign resources (port)
unknown: can't assign resources (port)
unknown: can't assign resources (port)
Timecounter "TSC" frequency 233864612 Hz quality 800
Timecounters tick every 10.000 msec
GEOM: create disk ad0 dp=0xc2045160
ad0: 19569MB [39761/16/63] at ata0-master UDMA33
acd0: CDROM at ata0-slave PIO4
ata1-slave: FAILURE - ATA_IDENTIFY no interrupt
ata1-slave: FAILURE - ATA_IDENTIFY no interrupt
ata1-master: FAILURE - ATA_IDENTIFY no interrupt
ata1-master: FAILURE - ATA_IDENTIFY no interrupt
Mounting root from ufs:/dev/ad0s2a




From george  Sun Jun 13 14:24:30 2004
From: george (G. Rosamond)
Date: Sun, 13 Jun 2004 14:24:30 -0400
Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1
	releasedoes work)
In-Reply-To: <40CC9B18.5020807@us.army.mil>
Message-ID: >-----Original Message-----
>From: talk-bounces at lists.nycbug.org 
>[mailto:talk-bounces at lists.nycbug.org] On Behalf Of Jonathan
>Sent: Sunday, June 13, 2004 2:21 PM
>To: pete wright
>Cc: talk at lists.nycbug.org
>Subject: Re: [nycbug-talk] Help getting FreeBSD current to 
>boot (5.2.1 releasedoes work)
>
>pete wright wrote:
>
>> 
>> On Jun 13, 2004, at 11:44 AM, Jonathan wrote:
>> 
>>> Dan Langille wrote:
>>>
>>>> On 13 Jun 2004 at 11:08, Jonathan wrote:
>>>>
>>>>> Wold anyone be willing to help me get a -current kernel 
>to boot on 
>>>>> my computer?  As the subject says 5.2.1-release boots 
>fine but any 
>>>>> recent (within a month +) -current fails to boot successfully.  I 
>>>>> can test any patches etc. the machine is just sitting right now 
>>>>> while I try to get it to work.  I don't have a null modem 
>cable and 
>>>>> really don't want to pay Radioshack prices for one but I 
>will if I 
>>>>> need to.  I'm located on FT Drum if anyone is willing to help in 
>>>>> person and lives nearby or knows someone nearby who may 
>help.  I'd 
>>>>> really like to get FreeBSD -current running because I 
>want to stick 
>>>>> with 5.x and 5.2.1 release has several known security issues.  I 
>>>>> will probably switch to -stable when it becomes 5-stable.
>> 
>> 
>> i'm game to help you out but i think the folks on the list 
>would need a 
>> bit more info your setup, like hardware specs etc.  also if 
>you could 
>> post the output of a "dmesg."  also, are you trying to boot 
>off GENERIC 
>> or is this a custom kernel?  If custom, try booting off GENERIC.  
>> finally, i would post the "uname" of the release that boots fine.
>> 
>> -p
>> 
>
>Booting GENERIC 5.2.1 and trying GENERIC -current
>
>The computer is a Pentium I 233MHz with 128MB RAM (My desktop has 
>problems too but the 233 computer will be dedicated to FreeBSD 
>so I want 
>to get it working first).  I have a site I can post anything 
>on to avoid 
>large on-list messages as well if that would be better for 
>this list.  I 
>will post a transcription of the error messages and a boot -v 
>later but 
>I'm in the middle of a 12 hour buildworld/buildkernel (trying -current 
>dated 5 May 2004 to see if that works). I actually think this list doesn't get *enough* long dmesgs.

g




From pete  Sun Jun 13 14:27:41 2004
From: pete (pete wright)
Date: Sun, 13 Jun 2004 14:27:41 -0400
Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release
	does work)
In-Reply-To: <40CC9B18.5020807@us.army.mil>
References: <40CC38C5.28407.66CFB620@localhost> <40CC7650.5070403@us.army.mil>
	<0DAFF9D0-BD63-11D8-BDFF-000393BC62B8@nomadlogic.org>
	<40CC9B18.5020807@us.army.mil>
Message-ID: <5AF277E4-BD67-11D8-BDFF-000393BC62B8@nomadlogic.org>


On Jun 13, 2004, at 2:21 PM, Jonathan wrote:

> pete wright wrote:
>
>> On Jun 13, 2004, at 11:44 AM, Jonathan wrote:
>>> Dan Langille wrote:
>>>
>>>> On 13 Jun 2004 at 11:08, Jonathan wrote:
>>>>
>>>>> Wold anyone be willing to help me get a -current kernel to boot on 
>>>>> my computer?  As the subject says 5.2.1-release boots fine but any 
>>>>> recent (within a month +) -current fails to boot successfully.  I 
>>>>> can test any patches etc. the machine is just sitting right now 
>>>>> while I try to get it to work.  I don't have a null modem cable 
>>>>> and really don't want to pay Radioshack prices for one but I will 
>>>>> if I need to.  I'm located on FT Drum if anyone is willing to help 
>>>>> in person and lives nearby or knows someone nearby who may help.  
>>>>> I'd really like to get FreeBSD -current running because I want to 
>>>>> stick with 5.x and 5.2.1 release has several known security 
>>>>> issues.  I will probably switch to -stable when it becomes 
>>>>> 5-stable.
>> i'm game to help you out but i think the folks on the list would need 
>> a bit more info your setup, like hardware specs etc.  also if you 
>> could post the output of a "dmesg."  also, are you trying to boot off 
>> GENERIC or is this a custom kernel?  If custom, try booting off 
>> GENERIC.  finally, i would post the "uname" of the release that boots 
>> fine.
>> -p
>
> Booting GENERIC 5.2.1 and trying GENERIC -current
>
> The computer is a Pentium I 233MHz with 128MB RAM (My desktop has 
> problems too but the 233 computer will be dedicated to FreeBSD so I 
> want to get it working first).  I have a site I can post anything on 
> to avoid large on-list messages as well if that would be better for 
> this list.  I will post a transcription of the error messages and a 
> boot -v later but I'm in the middle of a 12 hour 
> buildworld/buildkernel (trying -current dated 5 May 2004 to see if 
> that works).
>

thanks for the info, also when you boot with newer builds where does 
the boot process hang?  I noticed some error messages relating to an 
ATA disk, altho i am not sure those are just diagnostics or what yet.

-p




From jonathan.michael.stewart  Sun Jun 13 15:06:39 2004
From: jonathan.michael.stewart (Jonathan)
Date: Sun, 13 Jun 2004 15:06:39 -0400
Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release
	does work)
In-Reply-To: <5AF277E4-BD67-11D8-BDFF-000393BC62B8@nomadlogic.org>
References: <40CC38C5.28407.66CFB620@localhost> <40CC7650.5070403@us.army.mil>
	<0DAFF9D0-BD63-11D8-BDFF-000393BC62B8@nomadlogic.org>
	<40CC9B18.5020807@us.army.mil>
	<5AF277E4-BD67-11D8-BDFF-000393BC62B8@nomadlogic.org>
Message-ID: <40CCA5BF.1050401@us.army.mil>

pete wright wrote:

> 
> On Jun 13, 2004, at 2:21 PM, Jonathan wrote:
> 
>> pete wright wrote:
>> 
>>> On Jun 13, 2004, at 11:44 AM, Jonathan wrote:
>>> 
>>>> Dan Langille wrote:
>>>> 
>>>>> On 13 Jun 2004 at 11:08, Jonathan wrote:
>>>>> 
>>>>>> Wold anyone be willing to help me get a -current kernel to 
>>>>>> boot on my computer?  As the subject says 5.2.1-release 
>>>>>> boots fine but any recent (within a month +) -current fails
>>>>>>  to boot successfully.  I can test any patches etc. the 
>>>>>> machine is just sitting right now while I try to get it to 
>>>>>> work.  I don't have a null modem cable and really don't 
>>>>>> want to pay Radioshack prices for one but I will if I need 
>>>>>> to.  I'm located on FT Drum if anyone is willing to help in
>>>>>>  person and lives nearby or knows someone nearby who may 
>>>>>> help. I'd really like to get FreeBSD -current running 
>>>>>> because I want to stick with 5.x and 5.2.1 release has 
>>>>>> several known security issues.  I will probably switch to 
>>>>>> -stable when it becomes 5-stable.
>>> 
>>> i'm game to help you out but i think the folks on the list would 
>>> need a bit more info your setup, like hardware specs etc.  also 
>>> if you could post the output of a "dmesg."  also, are you trying 
>>> to boot off GENERIC or is this a custom kernel?  If custom, try 
>>> booting off GENERIC.  finally, i would post the "uname" of the 
>>> release that boots fine. -p
>> 
>> Booting GENERIC 5.2.1 and trying GENERIC -current
>> 
>> The computer is a Pentium I 233MHz with 128MB RAM (My desktop has 
>> problems too but the 233 computer will be dedicated to FreeBSD so I
>>  want to get it working first).  I have a site I can post anything 
>> on to avoid large on-list messages as well if that would be better 
>> for this list.  I will post a transcription of the error messages 
>> and a boot -v later but I'm in the middle of a 12 hour 
>> buildworld/buildkernel (trying -current dated 5 May 2004 to see if 
>> that works).
>> 
> thanks for the info, also when you boot with newer builds where does 
> the boot process hang?  I noticed some error messages relating to an 
> ATA disk, altho i am not sure those are just diagnostics or what yet.
> 
The ATA messages may have something to do with the fact I have a pair of
hard drives on an IDE cable but not powered, just guessing there.  I can
actually make it into single user mode but as soon as I try ANY command, 
valid or otherwise, sh crashes.  It crashes on its own going into 
multiuser mode.  How hard would it be to do a buildworld for a Pentium 
233 on my Athlon XP desktop?  I should just need to NFS mount /usr/obj 
and /usr/src to do the installkernel and installworld correct?  Also my 
messages seem to not be properly wrapped when I send them but they look 
fine while composing are they OK (Using Thunderbird 0.6)?

Thanks,
Jonathan



From pete  Sun Jun 13 15:27:13 2004
From: pete (pete wright)
Date: Sun, 13 Jun 2004 15:27:13 -0400
Subject: [nycbug-talk] Help getting FreeBSD current to boot (5.2.1 release
	does work)
In-Reply-To: <40CCA5BF.1050401@us.army.mil>
References: <40CC38C5.28407.66CFB620@localhost> <40CC7650.5070403@us.army.mil>
	<0DAFF9D0-BD63-11D8-BDFF-000393BC62B8@nomadlogic.org>
	<40CC9B18.5020807@us.army.mil>
	<5AF277E4-BD67-11D8-BDFF-000393BC62B8@nomadlogic.org>
	<40CCA5BF.1050401@us.army.mil>
Message-ID: On Jun 13, 2004, at 3:06 PM, Jonathan wrote:

> pete wright wrote:
>
>> On Jun 13, 2004, at 2:21 PM, Jonathan wrote:
>>> pete wright wrote:
>>>> On Jun 13, 2004, at 11:44 AM, Jonathan wrote:
>>>>> Dan Langille wrote:
>>>>>> On 13 Jun 2004 at 11:08, Jonathan wrote:
>>>>>>> Wold anyone be willing to help me get a -current kernel to boot  
>>>>>>> on my computer?  As the subject says 5.2.1-release boots fine  
>>>>>>> but any recent (within a month +) -current fails
>>>>>>>  to boot successfully.  I can test any patches etc. the machine  
>>>>>>> is just sitting right now while I try to get it to work.  I  
>>>>>>> don't have a null modem cable and really don't want to pay  
>>>>>>> Radioshack prices for one but I will if I need to.  I'm located  
>>>>>>> on FT Drum if anyone is willing to help in
>>>>>>>  person and lives nearby or knows someone nearby who may help.  
>>>>>>> I'd really like to get FreeBSD -current running because I want  
>>>>>>> to stick with 5.x and 5.2.1 release has several known security  
>>>>>>> issues.  I will probably switch to -stable when it becomes  
>>>>>>> 5-stable.
>>>> i'm game to help you out but i think the folks on the list would  
>>>> need a bit more info your setup, like hardware specs etc.  also if  
>>>> you could post the output of a "dmesg."  also, are you trying to  
>>>> boot off GENERIC or is this a custom kernel?  If custom, try  
>>>> booting off GENERIC.  finally, i would post the "uname" of the  
>>>> release that boots fine. -p
>>> Booting GENERIC 5.2.1 and trying GENERIC -current
>>> The computer is a Pentium I 233MHz with 128MB RAM (My desktop has  
>>> problems too but the 233 computer will be dedicated to FreeBSD so I
>>>  want to get it working first).  I have a site I can post anything  
>>> on to avoid large on-list messages as well if that would be better  
>>> for this list.  I will post a transcription of the error messages  
>>> and a boot -v later but I'm in the middle of a 12 hour  
>>> buildworld/buildkernel (trying -current dated 5 May 2004 to see if  
>>> that works).
>> thanks for the info, also when you boot with newer builds where does  
>> the boot process hang?  I noticed some error messages relating to an  
>> ATA disk, altho i am not sure those are just diagnostics or what yet.
> The ATA messages may have something to do with the fact I have a pair  
> of
> hard drives on an IDE cable but not powered, just guessing there.  I  
> can
> actually make it into single user mode but as soon as I try ANY  
> command, valid or otherwise, sh crashes.

stupid question, does this happen when you try csh instead of sh?  also  
when sh crashes what happens, hard lockup core dump etc.?

>   It crashes on its own going into multiuser mode.  How hard would it  
> be to do a buildworld for a Pentium 233 on my Athlon XP desktop?  I  
> should just need to NFS mount /usr/obj and /usr/src to do the  
> installkernel and installworld correct?


it is possible to do that, altho i have not done it.  if you search the  
FreeBSD mailing list archives, or search on google.com/bsd there are  
walkthroughs on this topic.  sorry no links :(  generally it seems you  
are on the correct path tho...

> Also my messages seem to not be properly wrapped when I send them but  
> they look fine while composing are they OK (Using Thunderbird 0.6)?

the messages look good to me, altho i'm using "mail" on my OSX box.   
thanks for mentioning that i just checked my setting and realized that  
mail defaults to RTF message composing...lame.

you may want to check out the FreeBSD current list from the past couple  
months if you have not done so already.  there is a *ton* of  
development going on on the 5.x branch and if you do not see anyone  
else reporting these problems it may be worth a shot posting a detailed  
report to the list.  altho granted given the info so far i really don't  
know what is happening on your box.

if you do go this route i'd suggest reading this link first.
http://www.freebsd.org/doc/en_US.ISO8859-1/articles/problem-reports/ 
article.html




From bob  Sun Jun 13 16:17:20 2004
From: bob (Bob Ippolito)
Date: Sun, 13 Jun 2004 16:17:20 -0400
Subject: [nycbug-talk] August Meeting
In-Reply-To: <06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org>
References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus>
	<06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org>
Message-ID: On Jun 13, 2004, at 2:03 PM, pete wright wrote:

>
> On Jun 12, 2004, at 1:26 PM, Kevin Reiter wrote:
>
>>> Big I. . .how about the video. .?  We should get these meetings
>>> digitized and online. ..
>>
>> I can convert the existing ones to a DivX .avi if any wants me to...
>>
>
> heh, this raises a very interesting situation.  how to encode these 
> movies.  from my experience i've had major issues with DivX.  Yes they 
> say it's cross platform, but it seems lately the codecs have been a 
> little flakey.  for example i had a windows user encode a DivX .avi 
> that would not play on any non-windows platform.  most likely the user 
> used an odd codec, but it was still a pain in the a**.  at click3x we 
> usually post movies as quicktimes (yea lame non mac/win32 support) or 
> mpeg2's.  do other folks have any ideas on how we should post 
> video...maybe real format (lame but it is cross platform).

VLC should probably play QuickTime on Linux.. I haven't personally 
tried this, but they support AAC and presumably MPEG-4 which uses the 
same atom-based format that QuickTime does.

-bob

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2357 bytes
Desc: not available
Url : http://lists.nycbug.org/pipermail/talk/attachments/20040613/419a76f5/attachment.bin 


From pete  Sun Jun 13 16:26:14 2004
From: pete (pete wright)
Date: Sun, 13 Jun 2004 16:26:14 -0400
Subject: [nycbug-talk] August Meeting
In-Reply-To: References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus>
	<06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org> Message-ID: On Jun 13, 2004, at 4:17 PM, Bob Ippolito wrote:

>
> On Jun 13, 2004, at 2:03 PM, pete wright wrote:
>
>>
>> On Jun 12, 2004, at 1:26 PM, Kevin Reiter wrote:
>>
>>>> Big I. . .how about the video. .?  We should get these meetings
>>>> digitized and online. ..
>>>
>>> I can convert the existing ones to a DivX .avi if any wants me to...
>>>
>>
>> heh, this raises a very interesting situation.  how to encode these 
>> movies.  from my experience i've had major issues with DivX.  Yes 
>> they say it's cross platform, but it seems lately the codecs have 
>> been a little flakey.  for example i had a windows user encode a DivX 
>> .avi that would not play on any non-windows platform.  most likely 
>> the user used an odd codec, but it was still a pain in the a**.  at 
>> click3x we usually post movies as quicktimes (yea lame non mac/win32 
>> support) or mpeg2's.  do other folks have any ideas on how we should 
>> post video...maybe real format (lame but it is cross platform).
>
> VLC should probably play QuickTime on Linux.. I haven't personally 
> tried this, but they support AAC and presumably MPEG-4 which uses the 
> same atom-based format that QuickTime does.

i'm not sure what VLC is :(  we usually use mpeg2 encoding to go 
between IRIX/Linux/NT/OSx.  works good, compression not so good tho :(

-p

>
> -bob
>




From bob  Sun Jun 13 16:28:17 2004
From: bob (Bob Ippolito)
Date: Sun, 13 Jun 2004 16:28:17 -0400
Subject: [nycbug-talk] August Meeting
In-Reply-To: References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus>
	<06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org> Message-ID: <33F3BFC0-BD78-11D8-BEB2-000A95686CD8@redivi.com>


On Jun 13, 2004, at 4:26 PM, pete wright wrote:

>
> On Jun 13, 2004, at 4:17 PM, Bob Ippolito wrote:
>
>>
>> On Jun 13, 2004, at 2:03 PM, pete wright wrote:
>>
>>>
>>> On Jun 12, 2004, at 1:26 PM, Kevin Reiter wrote:
>>>
>>>>> Big I. . .how about the video. .?  We should get these meetings
>>>>> digitized and online. ..
>>>>
>>>> I can convert the existing ones to a DivX .avi if any wants me to...
>>>>
>>>
>>> heh, this raises a very interesting situation.  how to encode these 
>>> movies.  from my experience i've had major issues with DivX.  Yes 
>>> they say it's cross platform, but it seems lately the codecs have 
>>> been a little flakey.  for example i had a windows user encode a 
>>> DivX .avi that would not play on any non-windows platform.  most 
>>> likely the user used an odd codec, but it was still a pain in the 
>>> a**.  at click3x we usually post movies as quicktimes (yea lame non 
>>> mac/win32 support) or mpeg2's.  do other folks have any ideas on how 
>>> we should post video...maybe real format (lame but it is cross 
>>> platform).
>>
>> VLC should probably play QuickTime on Linux.. I haven't personally 
>> tried this, but they support AAC and presumably MPEG-4 which uses the 
>> same atom-based format that QuickTime does.
>
> i'm not sure what VLC is :(  we usually use mpeg2 encoding to go 
> between IRIX/Linux/NT/OSx.  works good, compression not so good tho :(

Google is your friend.

http://www.videolan.org/vlc/

-bob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2357 bytes
Desc: not available
Url : http://lists.nycbug.org/pipermail/talk/attachments/20040613/3f126489/attachment.bin 


From pete  Sun Jun 13 17:38:24 2004
From: pete (pete wright)
Date: Sun, 13 Jun 2004 17:38:24 -0400
Subject: [nycbug-talk] August Meeting
In-Reply-To: <33F3BFC0-BD78-11D8-BEB2-000A95686CD8@redivi.com>
References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus>
	<06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org> <33F3BFC0-BD78-11D8-BEB2-000A95686CD8@redivi.com>
Message-ID: On Jun 13, 2004, at 4:28 PM, Bob Ippolito wrote:

>
> On Jun 13, 2004, at 4:26 PM, pete wright wrote:
>
>>
>> On Jun 13, 2004, at 4:17 PM, Bob Ippolito wrote:
>>
>>>
>>> On Jun 13, 2004, at 2:03 PM, pete wright wrote:
>>>
>>>>
>>>> On Jun 12, 2004, at 1:26 PM, Kevin Reiter wrote:
>>>>
>>>>>> Big I. . .how about the video. .?  We should get these meetings
>>>>>> digitized and online. ..
>>>>>
>>>>> I can convert the existing ones to a DivX .avi if any wants me 
>>>>> to...
>>>>>
>>>>
>>>> heh, this raises a very interesting situation.  how to encode these 
>>>> movies.  from my experience i've had major issues with DivX.  Yes 
>>>> they say it's cross platform, but it seems lately the codecs have 
>>>> been a little flakey.  for example i had a windows user encode a 
>>>> DivX .avi that would not play on any non-windows platform.  most 
>>>> likely the user used an odd codec, but it was still a pain in the 
>>>> a**.  at click3x we usually post movies as quicktimes (yea lame non 
>>>> mac/win32 support) or mpeg2's.  do other folks have any ideas on 
>>>> how we should post video...maybe real format (lame but it is cross 
>>>> platform).
>>>
>>> VLC should probably play QuickTime on Linux.. I haven't personally 
>>> tried this, but they support AAC and presumably MPEG-4 which uses 
>>> the same atom-based format that QuickTime does.
>>
>> i'm not sure what VLC is :(  we usually use mpeg2 encoding to go 
>> between IRIX/Linux/NT/OSx.  works good, compression not so good tho 
>> :(
>
> Google is your friend.
>
> http://www.videolan.org/vlc/

ah yes the Video Lan Client forgot about that.  didn't think about 
that.  cheers!

-p

>
> -bob




From john  Mon Jun 14 00:56:14 2004
From: john (John Bacall)
Date: Mon, 14 Jun 2004 00:56:14 -0400
Subject: [nycbug-talk] [john@unixen.org: [nylug-talk] NY Linux Users Grp. 16
	June Meeting: Mikey Sklar on Electric Clothing:
	circuit/microcontroller/hardware design, programming]
Message-ID: <20040614045613.GA380@dancer>

Since this is harware heavy and Mikey's toolchain is ported to osx, *bsd
I thought you might find it interesting.

   John

----- Forwarded message from John Bacall -----

Sender: nylug-talk-bounces at nylug.org
From: John Bacall Reply-To: NYLUG discussion list Subject: [nylug-talk] NY Linux Users Grp. 16 June Meeting: Mikey Sklar on
	Electric Clothing: circuit/microcontroller/hardware design,
	programming
Date: Fri, 11 Jun 2004 13:30:00 -0400 (EDT)
To: NYLUG-Talk Delivered-To: nylug-talk at nylug.org

June 16th, 2004
Wednesday
6:30PM-8:00PM
IBM Headquarters Building
590 Madison Avenue at 57th Street
12th Floor, home to the IBM Linux Center of Competency

** RSVP Instructions **
    Unless you have already rsvp'ed for a prior meeting, everyone
    should RSVP to attend. http://rsvp.nylug.org
    Check in with photo ID at the lobby for badge and room number.


                     Mikey Sklar (Electric Clothing)
                                  -on-
 Electric Clothing: circuit/microcontroller/hardware design, programming

   
   Mikey Sklar, an electric-clothing hobbiest, will speak about
   several wearable outfits he has developed over the last year. All
   source code, schematics, and circuit board layouts were developed
   using open source software (ported to *BSD, OS X). All software and
   hardware designs are free and can be used by anyone else. Materials
   used consist of computer fans, LEDs, El Wire (electroluminescence
   wire, flexible neon), Flat El, PIC microcontrollers, homebrew PCBs,
   velcro and conductive thread.

   In the last half decade, teaching the `physical aspect' of
   computing to students with non engineering backgrounds has been on
   the rise in American universities. MIT's Media Labs, NYU's ITP
   program, and Washington State University have classes where
   students learn about bridging the everyday analog world to the
   digital world. Sensors and inexpensive microcontrollers provide the
   roadbed we need to traverse from clumsy desktops to new discreet
   embedded devices. Devices often capable of performing the likes of
   20 million operations a second for just a few dollars.

   Not surprisingly, open source software (filling a need) hands a
   bounty of development tools to the electric clothing
   do-it-yourselfer. With which novice Unix-savvy microcontroller
   enthusiasts can easily download and install many different programs
   for their hardware development. Specifically, an open source
   operating system such as Linux can run microcontroller software
   including assemblers, compilers, simulators, and rom burners.
   Fairly sophisticated schematic design, and circuit board layout
   programs exist in which all of the source code is available, and
   well supported via mail lists. Your refrain for this meeting: You
   sew, you conquer.

  For More Information Visit:

     * Mikey Sklar's Site. Detailed information on Mikey's projects,
       tool chain, and others doing this sort of work can be found
       here.
        http://www.electric-clothing.com/
     * ``All of the development software I use is Open Source. Most of
       it was written primarily for Linux, but quickly got ported to
       other BSDs and MAC OS/X.''
        http://www.electric-clothing.com/tools/index.html
     * Design and Fabrication of Textile-Based Computing
        http://www.research.ibm.com/journal/sj/393/part3/post.html

  About Mikey Sklar:

   Mikey has been using Linux for nearly ten years, is a professional
   Unix sysadmin for the last eight of those years. Working life
   includes, AT&T Wireless, Hughes Space & Com, and Morgan Stanley. He
   specializes in remote system management hardware and firmware
   solutions for Linux. His interest in wearable electronics is a full
   time hobby. The ultimate goal, to decrease the electric clothings'
   weight while increasing the functionality of the consumer
   electronics which hang from his belt.

Free Stuff!
    Swag of undetermined value and quantity may be distributed on a
    first-come, first-served basis. Arrive early for the best selection.

Keysignings
    GPG cryptography. Immediately after the presentation and continuing
    at Stammtisch we will be gathering for a keysigning. For those who
    already have keys, please remember to bring paper printouts of your
    40-character key fingerprint, as per the instructions in our howto
    docs. If you haven't created a key yet, and for keysigning details,
    our howto docs are a must read. http://www.nylug.org/keys

Stammtisch
    After the meeting ... Join us around 8:30pm or so at TGI Friday's,
    located at 677 Lexington Avenue and 56th Street, second floor.
    Northeast corner.

Please see our home page at http://www.nylug.org for the HTMLized
version of this announcement, our archives, and a lot of other good
stuff.

Monthly Reminder!
    Please read the NYLUG-Talk Posting Guidelines at:
    http://www.nylug.org/mlistguide/

________________________________________________________________________
June 2004 - The New York Linux Users Group, NYLUG.org
_______________________________________________
The nylug-talk mailing list is at nylug-talk at nylug.org
To subscribe or unsubscribe: http://www.nylug.org/mailman/listinfo/nylug-talk

----- End forwarded message -----



From bsd  Mon Jun 14 09:16:44 2004
From: bsd (Kevin Reiter)
Date: Mon, 14 Jun 2004 09:16:44 -0400
Subject: [nycbug-talk] FreeBSD Article
Message-ID: <002201c45211$d8642560$f700a8c0@hephaestus>

Just in case there are some people who don't read Slashdot, I just saw this
on FreeBSD:

http://www.internetnews.com/dev-news/article.php/3367381

Cheers,
Kevin





From sunny-ml  Mon Jun 14 09:45:32 2004
From: sunny-ml (Sunny Dubey)
Date: Mon, 14 Jun 2004 09:45:32 -0400
Subject: [nycbug-talk] August Meeting
In-Reply-To: <06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org>
References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus>
	<06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org>
Message-ID: <200406140945.33186.sunny-ml@opencurve.org>

On Sunday 13 June 2004 02:03 pm, pete wright wrote:
> On Jun 12, 2004, at 1:26 PM, Kevin Reiter wrote:
> >> Big I. . .how about the video. .?  We should get these meetings
> >> digitized and online. ..
> >
> > I can convert the existing ones to a DivX .avi if any wants me to...
>
> heh, this raises a very interesting situation.  how to encode these
> movies.  from my experience i've had major issues with DivX.  Yes they
> say it's cross platform, but it seems lately the codecs have been a
> little flakey.  for example i had a windows user encode a DivX .avi
> that would not play on any non-windows platform.  most likely the user
> used an odd codec, but it was still a pain in the a**.  at click3x we
> usually post movies as quicktimes (yea lame non mac/win32 support) or
> mpeg2's.  do other folks have any ideas on how we should post
> video...maybe real format (lame but it is cross platform).

I suggest Xvid+Ogg/Vorbis (aka, the .ogm extension), both are great open 
source technologies, great compression schemes, and even the warez kiddies 
love the above combination, heh

Sunny Dubey



From pete  Mon Jun 14 09:47:12 2004
From: pete (Pete Wright)
Date: Mon, 14 Jun 2004 09:47:12 -0400
Subject: [nycbug-talk] Linux kernel crashing
Message-ID: <40CDAC60.9000705@nomadlogic.org>

hi all,
    so apparently there is a nasty bug in the gnu/linux kernel that will 
crash pretty much most current kernels.  it requires a simple C program 
to do it.  here is the link:

http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html

blah blah blah, this is a BSD list shut up pete.  but then i read this bit:

This code only works on x86 Linux machines. This code does not compile 
(makes no executable) on sparc64 sun4u TI UltraSparc II (BlackBird). 
This doesn't affect NetBSD Stable.

what does NetBSD stable have to do with this whole issue?  typo i hope?

-p


-- 
~~~oO00Oo~~~
Pete Wright
email:  pete at nomadlogic.org
mobile: 917.415.9866
web:    www.nomadlogic.org/~pete




From pete  Mon Jun 14 09:49:39 2004
From: pete (Pete Wright)
Date: Mon, 14 Jun 2004 09:49:39 -0400
Subject: [nycbug-talk] August Meeting
In-Reply-To: <200406140945.33186.sunny-ml@opencurve.org>
References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus>	<06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org>
	<200406140945.33186.sunny-ml@opencurve.org>
Message-ID: <40CDACF3.6000900@nomadlogic.org>

Sunny Dubey wrote:

>On Sunday 13 June 2004 02:03 pm, pete wright wrote:
>  
>
>>On Jun 12, 2004, at 1:26 PM, Kevin Reiter wrote:
>>    
>>
>>>>Big I. . .how about the video. .?  We should get these meetings
>>>>digitized and online. ..
>>>>        
>>>>
>>>I can convert the existing ones to a DivX .avi if any wants me to...
>>>      
>>>
>>heh, this raises a very interesting situation.  how to encode these
>>movies.  from my experience i've had major issues with DivX.  Yes they
>>say it's cross platform, but it seems lately the codecs have been a
>>little flakey.  for example i had a windows user encode a DivX .avi
>>that would not play on any non-windows platform.  most likely the user
>>used an odd codec, but it was still a pain in the a**.  at click3x we
>>usually post movies as quicktimes (yea lame non mac/win32 support) or
>>mpeg2's.  do other folks have any ideas on how we should post
>>video...maybe real format (lame but it is cross platform).
>>    
>>
>
>I suggest Xvid+Ogg/Vorbis (aka, the .ogm extension), both are great open 
>source technologies, great compression schemes, and even the warez kiddies 
>love the above combination, heh
>  
>

cool i'll have to add that to my bag of tricks.  is this what you all 
use at nylug?

-p

>Sunny Dubey
>_______________________________________________
>talk mailing list
>talk at lists.nycbug.org
>http://lists.nycbug.org/mailman/listinfo/talk
>  
>


-- 
~~~oO00Oo~~~
Pete Wright
email:  pete at nomadlogic.org
mobile: 917.415.9866
web:    www.nomadlogic.org/~pete




From anthony  Mon Jun 14 09:56:54 2004
From: anthony (Anthony Sofia)
Date: Mon, 14 Jun 2004 08:56:54 -0500
Subject: [nycbug-talk] Linux kernel crashing
In-Reply-To: <40CDAC60.9000705@nomadlogic.org>
References: <40CDAC60.9000705@nomadlogic.org>
Message-ID: <20040614135654.GA59952@dryhump.net>

On Mon, Jun 14, 2004 at 09:47:12AM -0400, Pete Wright said:
>This code only works on x86 Linux machines. This code does not compile 
>(makes no executable) on sparc64 sun4u TI UltraSparc II (BlackBird). 
>This doesn't affect NetBSD Stable.
>

You didn't paste the best line:

If your system is a production server with 1000 on line users then do not test
this code on that box. 

What a world..

Anthony Sofia (anthony at dryhump.net)
--
I'll take care of those murderous trolls.



From marco  Mon Jun 14 09:57:57 2004
From: marco (marco at metm.org)
Date: Mon, 14 Jun 2004 09:57:57 -0400
Subject: [nycbug-talk] August Meeting
In-Reply-To: <200406140945.33186.sunny-ml@opencurve.org>
References: <004301c450a2$7b90fcc0$f700a8c0@hephaestus>
	<06AF1F00-BD64-11D8-BDFF-000393BC62B8@nomadlogic.org>
	<200406140945.33186.sunny-ml@opencurve.org>
Message-ID: <20040614135757.GH407@metm.org>

On Mon, Jun 14, 2004 at 09:45:32AM -0400, Sunny Dubey wrote:
> 
> I suggest Xvid+Ogg/Vorbis (aka, the .ogm extension), both are great open 
> source technologies, great compression schemes, and even the warez kiddies 
> love the above combination, heh

I agree with Sunny,

Use superior open source technology people will follow. These codecs are
available for all platforms (though may require a download) but we're
talking about people who want to see a Bsd talk.  I would prefer ogg
compression, but AAC is also possible, and would give us access to more
installations (one less codec to download).

BTW I used VLC on OSX to playback a video file for an installation that
had to run off an IBook, because Apple decided to cripple Quicktime and
remove the full screen playback function... bastards...

-- 
Marco



From pete  Mon Jun 14 10:01:48 2004
From: pete (Pete Wright)
Date: Mon, 14 Jun 2004 10:01:48 -0400
Subject: [nycbug-talk] Linux kernel crashing
In-Reply-To: <20040614135654.GA59952@dryhump.net>
References: <40CDAC60.9000705@nomadlogic.org>
	<20040614135654.GA59952@dryhump.net>
Message-ID: <40CDAFCC.8020901@nomadlogic.org>

Anthony Sofia wrote:

>On Mon, Jun 14, 2004 at 09:47:12AM -0400, Pete Wright said:
>  
>
>>This code only works on x86 Linux machines. This code does not compile 
>>(makes no executable) on sparc64 sun4u TI UltraSparc II (BlackBird). 
>>This doesn't affect NetBSD Stable.
>>
>>    
>>
>
>You didn't paste the best line:
>
>If your system is a production server with 1000 on line users then do not test
>this code on that box. 
>  
>
maybe it should have read:

"If you system is a production server with 1000 on line users you are 
probably not running linux"
;^) sorry i couldn't help myself...

-p

-- 
~~~oO00Oo~~~
Pete Wright
email:  pete at nomadlogic.org
mobile: 917.415.9866
web:    www.nomadlogic.org/~pete




From chrisc  Mon Jun 14 10:17:56 2004
From: chrisc (Chris Coleman)
Date: Mon, 14 Jun 2004 09:17:56 -0500
Subject: [nycbug-talk] FreeBSD Article
In-Reply-To: <002201c45211$d8642560$f700a8c0@hephaestus>
References: <002201c45211$d8642560$f700a8c0@hephaestus>
Message-ID: On Jun 14, 2004, at 8:16 AM, Kevin Reiter wrote:

> Just in case there are some people who don't read Slashdot, I just saw 
> this
> on FreeBSD:
>
> http://www.internetnews.com/dev-news/article.php/3367381
>
Slowpokes. :-)  BSDNews.com picked it up on Friday.

Chris Coleman			Editor in Chief
Daemon News			http://www.daemonnews.org
BSD Mall				http://www.bsdmall.com
Print Magazine			http://magazine.daemonnews.org




From mikel.king  Mon Jun 14 10:37:29 2004
From: mikel.king (mikel king)
Date: Mon, 14 Jun 2004 10:37:29 -0400
Subject: [nycbug-talk] Re: [CAcert.org] Road trip update
In-Reply-To: <20040613160714.7366.qmail@flexo.sydneywireless.com>
References: <20040613160714.7366.qmail@flexo.sydneywireless.com>
Message-ID: <40CDB829.2050205@ocsny.com>

support at cacert.org wrote:

>Hi Mikel,
>
>This is a quick update to let you know of a small change of plans.
>
>Due to a lot of requests we will be extending the number of cities
>we will be going to, but due to not being able to change flights we
>only have a limited opportunity to get everything in.
>
>We will be traveling by car to Portsmouth, NH on the 3rd of July,
>and NYC on the 5th of July. If you are in either areas let and would
>like to meet up and/or be assured let us know. We're even happy to go
>out of the way a bit to try and get to as many as possible assured!
>
>Cheers,
>
>Duane Groth, President >Adam Butler, PR/Marketing >
>CAcert Inc. - www.CAcert.org 
>Your Community-Oriented and Driven Certificate Authority
>  
>
Thanks again Duane,

    How about first thing Monday morning on the 5th that way you'll be 
able to maximize your time in the city, and drink more bee..uh..er I 
mean take more photos...;-)

    You'll have to let me know if you need a place to crash.


cheers,
mikel



From george  Mon Jun 14 10:54:53 2004
From: george (G. Rosamond)
Date: Mon, 14 Jun 2004 10:54:53 -0400
Subject: [nycbug-talk] FreeBSD Article
In-Reply-To: