From pete Tue Feb 1 20:37:54 2005 From: pete (Pete Wright) Date: Tue, 1 Feb 2005 20:37:54 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050127201609.GC52385@finn.nomadlogic.org> References: <20050127201609.GC52385@finn.nomadlogic.org> Message-ID: <20050202013754.GA12994@finn.nomadlogic.org> On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > hey has anyone been following this on the list: > > (from my nightly portaudit) > Affected package: perl-5.8.5 > Type of problem: perl -- File::Path insecure file/directory permissions. > Reference: > > (now i won't tell you which box this on..sorry ;) > i've checked the reference URL and didn't find any more info, > and it does not seem that the port's tree has been updated > to fix this yet (atleast it wasn't a little while ago). any > ideas? > going to follow up on this one, it appears that as of today (02.01.05) there has been a new perl5.8 port released the version up to 5.8.6. I would read /usr/ports/UPDATING before upgrading this, but everyone already does that ;), because you will most likely have to upgrade pretty much everything that depends on perl as well. fortunatly there is a nice script in UPDATING to assist with this. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From scottro Tue Feb 1 20:53:54 2005 From: scottro (Scott Robbins) Date: Tue, 1 Feb 2005 20:53:54 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202013754.GA12994@finn.nomadlogic.org> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> Message-ID: <20050202015354.GA42550@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > hey has anyone been following this on the list: > > > > (from my nightly portaudit) > > Affected package: perl-5.8.5 > > Type of problem: perl -- File::Path insecure file/directory permissions. > > Reference: > > > > (now i won't tell you which box this on..sorry ;) > > i've checked the reference URL and didn't find any more info, > > and it does not seem that the port's tree has been updated > > to fix this yet (atleast it wasn't a little while ago). any > > ideas? > > > > > going to follow up on this one, it appears that as of today (02.01.05) > there has been a new perl5.8 port released the version up to 5.8.6. Yes, and still showing a vulnerability, so you'd have to use - - -DDISABLE_VULNERABILITIES Wow, I have a lot of ports depending on perl. - - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: She must be right. We must have some kind of amnesia. Buffy: I don't know what that is, but I'm certain I don't have it. I bathe quite often. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADFk+lTVdes0Z9YRAh6xAJ4poMOM3Zrjg8jvQE6JE2sfJSq6LwCfbOwq 5h5+MeBiqgOgEU7G54LONKs= =QpPm - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADKy+lTVdes0Z9YRAvPcAKCz8LVg85VgtIPkEsGbVPCcwHkVvACgmcg+ x/a7KTT9n78F/GHeTZE4i3E= =0LzC -----END PGP SIGNATURE----- From pete Tue Feb 1 20:58:26 2005 From: pete (Pete Wright) Date: Tue, 1 Feb 2005 20:58:26 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202015354.GA42550@mail.scottro.net> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> <20050202015354.GA42550@mail.scottro.net> Message-ID: <20050202015826.GB12994@finn.nomadlogic.org> On Tue, Feb 01, 2005 at 08:53:54PM -0500, Scott Robbins wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > > hey has anyone been following this on the list: > > > > > > (from my nightly portaudit) > > > Affected package: perl-5.8.5 > > > Type of problem: perl -- File::Path insecure file/directory permissions. > > > Reference: > > > > > > (now i won't tell you which box this on..sorry ;) > > > i've checked the reference URL and didn't find any more info, > > > and it does not seem that the port's tree has been updated > > > to fix this yet (atleast it wasn't a little while ago). any > > > ideas? > > > > > > > > > > going to follow up on this one, it appears that as of today (02.01.05) > > there has been a new perl5.8 port released the version up to 5.8.6. > > > Yes, and still showing a vulnerability, so you'd have to use > - - -DDISABLE_VULNERABILITIES > > Wow, I have a lot of ports depending on perl. > grrr...that's kinda upsetting. does anyone know if this is an issue that is being worked on seriously with the perl devs, what little info i've gotten from the bug report it sounds like a pretty serious issue. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From scottro Tue Feb 1 21:56:03 2005 From: scottro (Scott Robbins) Date: Tue, 1 Feb 2005 21:56:03 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202013754.GA12994@finn.nomadlogic.org> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> Message-ID: <20050202025603.GA48577@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > hey has anyone been following this on the list: > > > > (from my nightly portaudit) > > Affected package: perl-5.8.5 > > Type of problem: perl -- File::Path insecure file/directory permissions. > > Reference: > > > > (now i won't tell you which box this on..sorry ;) > > i've checked the reference URL and didn't find any more info, > > and it does not seem that the port's tree has been updated > > to fix this yet (atleast it wasn't a little while ago). any > > ideas? > > > > > going to follow up on this one, it appears that as of today (02.01.05) > there has been a new perl5.8 port released the version up to 5.8.6. Yes, and still showing a vulnerability, so you'd have to use - - -DDISABLE_VULNERABILITIES Pete and everyone else, very sorry, I was in error. A portupgrade failed and wasn't perl, thought I saw it properly on the screen, but it was another package dependent upon perl. Doing portaudit -Fa after the new port was installed does not give me a perl vulnerability. Again, my apologies. - - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: She must be right. We must have some kind of amnesia. Buffy: I don't know what that is, but I'm certain I don't have it. I bathe quite often. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADFk+lTVdes0Z9YRAh6xAJ4poMOM3Zrjg8jvQE6JE2sfJSq6LwCfbOwq 5h5+MeBiqgOgEU7G54LONKs= =QpPm - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADKy+lTVdes0Z9YRAvPcAKCz8LVg85VgtIPkEsGbVPCcwHkVvACgmcg+ x/a7KTT9n78F/GHeTZE4i3E= =0LzC -----END PGP SIGNATURE----- From pete Tue Feb 1 21:58:16 2005 From: pete (Pete Wright) Date: Tue, 1 Feb 2005 21:58:16 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202025603.GA48577@mail.scottro.net> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> <20050202025603.GA48577@mail.scottro.net> Message-ID: <20050202025816.GC12994@finn.nomadlogic.org> On Tue, Feb 01, 2005 at 09:56:03PM -0500, Scott Robbins wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > > hey has anyone been following this on the list: > > > > > > (from my nightly portaudit) > > > Affected package: perl-5.8.5 > > > Type of problem: perl -- File::Path insecure file/directory permissions. > > > Reference: > > > > > > (now i won't tell you which box this on..sorry ;) > > > i've checked the reference URL and didn't find any more info, > > > and it does not seem that the port's tree has been updated > > > to fix this yet (atleast it wasn't a little while ago). any > > > ideas? > > > > > > > > > > going to follow up on this one, it appears that as of today (02.01.05) > > there has been a new perl5.8 port released the version up to 5.8.6. > > > Yes, and still showing a vulnerability, so you'd have to use > - - -DDISABLE_VULNERABILITIES > > Pete and everyone else, very sorry, I was in error. A portupgrade > failed and wasn't perl, thought I saw it properly on the screen, but it > was another package dependent upon perl. > > Doing portaudit -Fa after the new port was installed does not give me a > perl vulnerability. > > Again, my apologies. ah execellent. no worries tho scott! -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Wed Feb 2 15:23:36 2005 From: george (george at rob.us.to) Date: Wed, 2 Feb 2005 15:23:36 -0500 (EST) Subject: [nycbug-talk] Asian Open Source camp Message-ID: <200502022023.j12KNaIi003214@localhost.localdomain> An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050202/b9fdfc0f/attachment.html From lists Wed Feb 2 15:27:30 2005 From: lists (michael) Date: Wed, 2 Feb 2005 15:27:30 -0500 Subject: [nycbug-talk] Windows most reliable Message-ID: <20050202152730.0d1e4c78@delinux.abwatley.com> Most Reliable Hosting Providers during January Hosting Ranking by Failed Requests and Connection time, January 1st - 31st 2005 Datapipe, which was the most reliable hosting provider for the second half of 2004, got the new year off to a strong start with a faultless performance in January, with no failed requests from any of our measurement points. It was the first flawless month for a hosting provider since last March, when German hoster Komplex had zero failures. Datapipe's web site is powered by Windows Server 2003. This month's top 10 includes four sites running on Linux, two on Windows Server 2003, two on FreeBSD, one on Solaris 9, and one site (Interland) on Windows 2000. Read the whole article at netcraft: http://tinyurl.com/4grzk -- --- From jesse Wed Feb 2 16:03:40 2005 From: jesse (Jesse Callaway) Date: Wed, 2 Feb 2005 16:03:40 -0500 Subject: [nycbug-talk] Windows most reliable In-Reply-To: <20050202152730.0d1e4c78@delinux.abwatley.com> References: <20050202152730.0d1e4c78@delinux.abwatley.com> Message-ID: <20050202210340.GD97697@mail.theholymountain.com> On Wed, Feb 02, 2005 at 03:27:30PM -0500, michael wrote: > Most Reliable Hosting Providers during January Hosting > > Ranking by Failed Requests and Connection time, > January 1st - 31st 2005 > > Datapipe, which was the most reliable hosting provider for the second > half of 2004, got the new year off to a strong start with a faultless > performance in January, with no failed requests from any of our > measurement points. It was the first flawless month for a hosting > provider since last March, when German hoster Komplex had zero failures. > > Datapipe's web site is powered by Windows Server 2003. This month's top > 10 includes four sites running on Linux, two on Windows Server 2003, two > on FreeBSD, one on Solaris 9, and one site (Interland) on Windows 2000. > > Read the whole article at netcraft: http://tinyurl.com/4grzk You're just fanning the flames. This doesn't say WIndows is the most reliable OS. Anyway, looking at the Datapipe website it looks like all of the bells and whistles didn't help the web developers one bit. These are the least capable ASP pages I have ever seen. Let alone the fact that they don't render properly. But that's expected of a hosting provider... they don't want to outsource talent for their corporate website because of all the smart people who work there (an obviosly feel they have better things to do). -jesse From nikolai.fetissov Wed Feb 2 22:50:32 2005 From: nikolai.fetissov (Nikolai N. Fetissov) Date: Wed, 02 Feb 2005 22:50:32 -0500 Subject: [nycbug-talk] February meeting audio Message-ID: <42019F88.7030101@peachisland.com> George, folks, get the mp3 of Jan's presentation at http://www.peachisland.com/nycbug/ Cheers, -- nick From pete Wed Feb 2 23:10:05 2005 From: pete (Pete Wright) Date: Wed, 2 Feb 2005 23:10:05 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <42019F88.7030101@peachisland.com> References: <42019F88.7030101@peachisland.com> Message-ID: <20050203041005.GA24100@finn.nomadlogic.org> On Wed, Feb 02, 2005 at 10:50:32PM -0500, Nikolai N. Fetissov wrote: > George, folks, > get the mp3 of Jan's presentation at http://www.peachisland.com/nycbug/ > Cheers, nick you are a lifesaver! cheers, pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From dcasey Thu Feb 3 10:03:08 2005 From: dcasey (Dan Casey) Date: Thu, 3 Feb 2005 10:03:08 -0500 Subject: [nycbug-talk] apache: securing each virtural host Message-ID: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> I have posted this question on alt.apache.configuration and several forums as well.. Nobody seems to have an answer as to how this is done. I have an account on a webserver that is using ensim cp. There server does what I am trying to achieve. I know how to chroot apache, that's no problem. What I would like to do is lock each virtualhost to be able to see its own files only. The system that I have the account on was able to achieve this using up about 20Mb per virtualhost. Example of why I am trying to achieve this. Say I have my web files in folders such as /usr/local/virtual/some-domain.com/www I would need to set the ServerRoot to /usr/local/virtual/ The VirtualHost DocumentRoot's would be set to /usr/local/virtual/some-domain.com/www and so. A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi this script looks like so #!/usr/local/bin/perl print "Content-Type: text/html\n\n"; print `ls -la /'; the contents on there screen would be the output of ls -la /usr/local/virtual/ thus listing all the domains available on the server. I need to set this up so that that same script would return the output of ls -la /usr/local/virtual/some-domain.com/ which would appear something like this: /etc /dev /usr ... -Thanks Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050203/0fcd9664/attachment.html From jesse Thu Feb 3 10:39:19 2005 From: jesse (Jesse Callaway) Date: Thu, 3 Feb 2005 10:39:19 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> Message-ID: <20050203153919.GA3455@mail.theholymountain.com> I'm pretty sure that Ensim only runs on Windows and RedHat. From tillman Thu Feb 3 11:12:18 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 10:12:18 -0600 Subject: [nycbug-talk] Blog entry on FreeBSD and Postgres Message-ID: <20050203161218.GO98574@seekingfire.com> Howdy folks, A local OpenBSD developer passed this link around the IRC channel I hang out in. I thought the folks here might be interested too. http://tabo.aurealsys.com/index.php?p=68 -T -- "There is a time in the life of every problem when it is big enough to see, yet small enough to solve." -- Mike Leavitt From mspitzer Thu Feb 3 11:20:04 2005 From: mspitzer (Marc Spitzer) Date: Thu, 3 Feb 2005 11:20:04 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> Message-ID: <8c50a3c305020308202c953e00@mail.gmail.com> On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > I have posted this question on alt.apache.configuration and several forums > as well.. Nobody seems to have an answer as to how this is done. I have an > account on a webserver that is using ensim cp. There server does what I am > trying to achieve. > > > I know how to chroot apache, that's no problem. > What I would like to do is lock each virtualhost to be able to see its own > files only. The system that I have the account on was able to achieve this > using up about 20Mb per virtualhost. > > > Example of why I am trying to achieve this. > Say I have my web files in folders such as > /usr/local/virtual/some-domain.com/www > > I would need to set the ServerRoot to /usr/local/virtual/ > The VirtualHost DocumentRoot's would be set to > /usr/local/virtual/some-domain.com/www and so. > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > this script looks like so > #!/usr/local/bin/perl > print "Content-Type: text/html\n\n"; > print `ls -la /'; > > the contents on there screen would be the output of > ls -la /usr/local/virtual/ > thus listing all the domains available on the server. > > I need to set this up so that that same script would return the output of > ls -la /usr/local/virtual/some-domain.com/ > which would appear something like this: > /etc > /dev > /usr > ... I think you are confusing your terms, from what I see you do not want a virtual host. What you want is a jail, on freebsd, or a xen virtual machine, on netbsd 2. You do not want a virtual host, that would only contain the web server stuff(docroot, cgi's, etc.). Now if you do want virtual server, not virtual hosts, what OS are you planning on doing this on? marc From dcasey Thu Feb 3 14:41:48 2005 From: dcasey (Dan Casey) Date: Thu, 3 Feb 2005 11:41:48 -0800 Subject: [nycbug-talk] apache: securing each virtural host References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <8c50a3c305020308202c953e00@mail.gmail.com> Message-ID: <000d01c50a28$66b00b30$0301a8c0@thomas> FreeBSD 5.3 Well, VirtualHost reffering to the apache config. I want a jail-like setup. But not for apache as a whole. Apache will have several websites (NameBased VirtualHosts). Each User (1 perl website) will be able to there files only, in what will appear to them as a server or filesystem. Now if it where just one site, a regular jail would be fine. But I want to keep each site seperate. I don't seem to understand how to achieve this with running a seperate jail for each site. Each jail would then need to run its own httpd.conf, and start its own httpd servers. By default apache opens 5 servers. say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) I cannot imagine that this is the only way to achieve this affect. Thanks ----- Original Message ----- From: "Marc Spitzer" To: "nycbug" Sent: Thursday, February 03, 2005 8:20 AM Subject: Re: [nycbug-talk] apache: securing each virtural host > On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > > > I have posted this question on alt.apache.configuration and several forums > > as well.. Nobody seems to have an answer as to how this is done. I have an > > account on a webserver that is using ensim cp. There server does what I am > > trying to achieve. > > > > > > I know how to chroot apache, that's no problem. > > What I would like to do is lock each virtualhost to be able to see its own > > files only. The system that I have the account on was able to achieve this > > using up about 20Mb per virtualhost. > > > > > > Example of why I am trying to achieve this. > > Say I have my web files in folders such as > > /usr/local/virtual/some-domain.com/www > > > > I would need to set the ServerRoot to /usr/local/virtual/ > > The VirtualHost DocumentRoot's would be set to > > /usr/local/virtual/some-domain.com/www and so. > > > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > > this script looks like so > > #!/usr/local/bin/perl > > print "Content-Type: text/html\n\n"; > > print `ls -la /'; > > > > the contents on there screen would be the output of > > ls -la /usr/local/virtual/ > > thus listing all the domains available on the server. > > > > I need to set this up so that that same script would return the output of > > ls -la /usr/local/virtual/some-domain.com/ > > which would appear something like this: > > /etc > > /dev > > /usr > > ... > > I think you are confusing your terms, from what I see you do not want > a virtual host. What you want is a jail, on freebsd, or a xen virtual > machine, on netbsd 2. You do not want a virtual host, that would only > contain the web server stuff(docroot, cgi's, etc.). > > Now if you do want virtual server, not virtual hosts, what OS are you > planning on doing this on? > > marc > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 From mspitzer Thu Feb 3 12:04:28 2005 From: mspitzer (Marc Spitzer) Date: Thu, 3 Feb 2005 12:04:28 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <000d01c50a28$66b00b30$0301a8c0@thomas> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <8c50a3c305020308202c953e00@mail.gmail.com> <000d01c50a28$66b00b30$0301a8c0@thomas> Message-ID: <8c50a3c305020309043c7201c6@mail.gmail.com> On Thu, 3 Feb 2005 11:41:48 -0800, Dan Casey wrote: > FreeBSD 5.3 > > Well, VirtualHost reffering to the apache config. > > I want a jail-like setup. But not for apache as a whole. > Apache will have several websites (NameBased VirtualHosts). > Each User (1 perl website) will be able to there files only, in what will > appear to them as a server or filesystem. How are you granting users access to their files, ftp, webdav...? for ftp there are many ftp servers that lock you into your "home dir" only, perhaps you can do the same thing with webdav. > > Now if it where just one site, a regular jail would be fine. But I want to > keep each site seperate. Virtual hosts work fine for that. > > I don't seem to understand how to achieve this with running a seperate jail > for each site. each server is in its own separate world so the users can not get access to other users stuff. > Each jail would then need to run its own httpd.conf, and start its own httpd > servers. yes > > By default apache opens 5 servers. > say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) not that bad on descent hardware > > I cannot imagine that this is the only way to achieve this affect. > It depends what/how much you want to isolate you users. if you want them to each think they have a dedicated server, they can ssh in and edit stuff, install binaries then you need a jail for each of them. If you can just give them each a separate docroot and limit there access to ftp then you do not need a jail. >From what you want the 'ls -la /' cgi to do you need a jail, ls is not something you can control from apache so you must do it from the os. If this is necessary then size your hardware accordingly. marc ps top posting is bad please stop doing it here. > Thanks > > > ----- Original Message ----- > From: "Marc Spitzer" > To: "nycbug" > Sent: Thursday, February 03, 2005 8:20 AM > Subject: Re: [nycbug-talk] apache: securing each virtural host > > > On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > > > > > I have posted this question on alt.apache.configuration and several > forums > > > as well.. Nobody seems to have an answer as to how this is done. I have > an > > > account on a webserver that is using ensim cp. There server does what I > am > > > trying to achieve. > > > > > > > > > I know how to chroot apache, that's no problem. > > > What I would like to do is lock each virtualhost to be able to see its > own > > > files only. The system that I have the account on was able to achieve > this > > > using up about 20Mb per virtualhost. > > > > > > > > > Example of why I am trying to achieve this. > > > Say I have my web files in folders such as > > > /usr/local/virtual/some-domain.com/www > > > > > > I would need to set the ServerRoot to /usr/local/virtual/ > > > The VirtualHost DocumentRoot's would be set to > > > /usr/local/virtual/some-domain.com/www and so. > > > > > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > > > this script looks like so > > > #!/usr/local/bin/perl > > > print "Content-Type: text/html\n\n"; > > > print `ls -la /'; > > > > > > the contents on there screen would be the output of > > > ls -la /usr/local/virtual/ > > > thus listing all the domains available on the server. > > > > > > I need to set this up so that that same script would return the output > of > > > ls -la /usr/local/virtual/some-domain.com/ > > > which would appear something like this: > > > /etc > > > /dev > > > /usr > > > ... > > > > I think you are confusing your terms, from what I see you do not want > > a virtual host. What you want is a jail, on freebsd, or a xen virtual > > machine, on netbsd 2. You do not want a virtual host, that would only > > contain the web server stuff(docroot, cgi's, etc.). > > > > Now if you do want virtual server, not virtual hosts, what OS are you > > planning on doing this on? > > > > marc > > _______________________________________________ > > % NYC*BUG talk mailing list > > http://lists.nycbug.org/mailman/listinfo/talk > > %Be sure to check out our Jobs and NYCBUG-announce lists > > %We meet the first Wednesday of the month > > > > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 > > From bob Thu Feb 3 12:06:44 2005 From: bob (Bob Ippolito) Date: Thu, 3 Feb 2005 12:06:44 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <000d01c50a28$66b00b30$0301a8c0@thomas> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <8c50a3c305020308202c953e00@mail.gmail.com> <000d01c50a28$66b00b30$0301a8c0@thomas> Message-ID: <1f80ac59fe483c6182f1c6f7c5d03548@redivi.com> On Feb 3, 2005, at 14:41, Dan Casey wrote: > ----- Original Message ----- > From: "Marc Spitzer" > To: "nycbug" > Sent: Thursday, February 03, 2005 8:20 AM > Subject: Re: [nycbug-talk] apache: securing each virtural host > > >> On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey >> wrote: >>> >>> I have posted this question on alt.apache.configuration and several > forums >>> as well.. Nobody seems to have an answer as to how this is done. I >>> have > an >>> account on a webserver that is using ensim cp. There server does >>> what I > am >>> trying to achieve. >>> >>> >>> I know how to chroot apache, that's no problem. >>> What I would like to do is lock each virtualhost to be able to see >>> its > own >>> files only. The system that I have the account on was able to achieve > this >>> using up about 20Mb per virtualhost. >>> >>> >>> Example of why I am trying to achieve this. >>> Say I have my web files in folders such as >>> /usr/local/virtual/some-domain.com/www >>> >>> I would need to set the ServerRoot to /usr/local/virtual/ >>> The VirtualHost DocumentRoot's would be set to >>> /usr/local/virtual/some-domain.com/www and so. >>> >>> A user executes a script in his browser. >>> some-domain.com/cgi-bin/ls.cgi >>> this script looks like so >>> #!/usr/local/bin/perl >>> print "Content-Type: text/html\n\n"; >>> print `ls -la /'; >>> >>> the contents on there screen would be the output of >>> ls -la /usr/local/virtual/ >>> thus listing all the domains available on the server. >>> >>> I need to set this up so that that same script would return the >>> output > of >>> ls -la /usr/local/virtual/some-domain.com/ >>> which would appear something like this: >>> /etc >>> /dev >>> /usr >>> ... >> >> I think you are confusing your terms, from what I see you do not want >> a virtual host. What you want is a jail, on freebsd, or a xen virtual >> machine, on netbsd 2. You do not want a virtual host, that would only >> contain the web server stuff(docroot, cgi's, etc.). >> >> Now if you do want virtual server, not virtual hosts, what OS are you >> planning on doing this on? >> > FreeBSD 5.3 > > Well, VirtualHost reffering to the apache config. > > I want a jail-like setup. But not for apache as a whole. > Apache will have several websites (NameBased VirtualHosts). > Each User (1 perl website) will be able to there files only, in what > will > appear to them as a server or filesystem. > > Now if it where just one site, a regular jail would be fine. But I > want to > keep each site seperate. > > > I don't seem to understand how to achieve this with running a seperate > jail > for each site. > Each jail would then need to run its own httpd.conf, and start its own > httpd > servers. > > By default apache opens 5 servers. > say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) > > I cannot imagine that this is the only way to achieve this affect. You're asking for two mutually exclusive things, a single Apache process can't live in 50 different jails at the same time. There is probably a way to chroot before running a CGI, but that doesn't help you isolate anything in-process like mod_php. To do that, you actually do need to run an apache per user. -bob From dcasey Thu Feb 3 15:50:44 2005 From: dcasey (Dan Casey) Date: Thu, 3 Feb 2005 12:50:44 -0800 Subject: [nycbug-talk] apache: securing each virtural host References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net><8c50a3c305020308202c953e00@mail.gmail.com><000d01c50a28$66b00b30$0301a8c0@thomas> <8c50a3c305020309043c7201c6@mail.gmail.com> Message-ID: <002e01c50a32$07c2d9e0$0301a8c0@thomas> ----- Original Message ----- From: "Marc Spitzer" To: "nycbug" Sent: Thursday, February 03, 2005 9:04 AM Subject: Re: [nycbug-talk] apache: securing each virtural host > On Thu, 3 Feb 2005 11:41:48 -0800, Dan Casey wrote: > > FreeBSD 5.3 > > > > Well, VirtualHost reffering to the apache config. > > > > I want a jail-like setup. But not for apache as a whole. > > Apache will have several websites (NameBased VirtualHosts). > > Each User (1 perl website) will be able to there files only, in what will > > appear to them as a server or filesystem. > > How are you granting users access to their files, ftp, webdav...? > for ftp there are many ftp servers that lock you into your "home dir" > only, perhaps you can do the same thing with webdav. > > > > Now if it where just one site, a regular jail would be fine. But I want to > > keep each site seperate. > > Virtual hosts work fine for that. > > > > > I don't seem to understand how to achieve this with running a seperate jail > > for each site. > > each server is in its own separate world so the users can not get > access to other users stuff. > > > Each jail would then need to run its own httpd.conf, and start its own httpd > > servers. > > yes > > > > > By default apache opens 5 servers. > > say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) > > not that bad on descent hardware > > > > > I cannot imagine that this is the only way to achieve this affect. > > > > It depends what/how much you want to isolate you users. if you want > them to each think they have a dedicated server, they can ssh in and > edit stuff, install binaries then you need a jail for each of them. > If you can just give them each a separate docroot and limit there > access to ftp then you do not need a jail. > > >From what you want the 'ls -la /' cgi to do you need a jail, ls is not > something you can control from apache so you must do it from the os. > If this is necessary then size your hardware accordingly. > > marc > > ps top posting is bad please stop doing it here. > > > Thanks > > > > > > ----- Original Message ----- > > From: "Marc Spitzer" > > To: "nycbug" > > Sent: Thursday, February 03, 2005 8:20 AM > > Subject: Re: [nycbug-talk] apache: securing each virtural host > > > > > On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > > > > > > > I have posted this question on alt.apache.configuration and several > > forums > > > > as well.. Nobody seems to have an answer as to how this is done. I have > > an > > > > account on a webserver that is using ensim cp. There server does what I > > am > > > > trying to achieve. > > > > > > > > > > > > I know how to chroot apache, that's no problem. > > > > What I would like to do is lock each virtualhost to be able to see its > > own > > > > files only. The system that I have the account on was able to achieve > > this > > > > using up about 20Mb per virtualhost. > > > > > > > > > > > > Example of why I am trying to achieve this. > > > > Say I have my web files in folders such as > > > > /usr/local/virtual/some-domain.com/www > > > > > > > > I would need to set the ServerRoot to /usr/local/virtual/ > > > > The VirtualHost DocumentRoot's would be set to > > > > /usr/local/virtual/some-domain.com/www and so. > > > > > > > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > > > > this script looks like so > > > > #!/usr/local/bin/perl > > > > print "Content-Type: text/html\n\n"; > > > > print `ls -la /'; > > > > > > > > the contents on there screen would be the output of > > > > ls -la /usr/local/virtual/ > > > > thus listing all the domains available on the server. > > > > > > > > I need to set this up so that that same script would return the output > > of > > > > ls -la /usr/local/virtual/some-domain.com/ > > > > which would appear something like this: > > > > /etc > > > > /dev > > > > /usr > > > > ... > > > > > > I think you are confusing your terms, from what I see you do not want > > > a virtual host. What you want is a jail, on freebsd, or a xen virtual > > > machine, on netbsd 2. You do not want a virtual host, that would only > > > contain the web server stuff(docroot, cgi's, etc.). > > > > > > Now if you do want virtual server, not virtual hosts, what OS are you > > > planning on doing this on? > > > > > > marc > > > _______________________________________________ > > > % NYC*BUG talk mailing list > > > http://lists.nycbug.org/mailman/listinfo/talk > > > %Be sure to check out our Jobs and NYCBUG-announce lists > > > %We meet the first Wednesday of the month > > > > > > > > > > -- > > No virus found in this outgoing message. > > Checked by AVG Anti-Virus. > > Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 > > > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > Sorry bout the top-posting. Users have access to there files via ftp. Im running pure-ftp which dosn't allow them to leave there homedir. ssh i have a unique setup, but thats another story. VirtualHost keeps everything separtate, yes. What I meant was to not allow users to run scripts that can access anything below there virtualhost's DocumentRoot, thus allowing them to see anything in the ServerRoot which is convieniently one directory below there DocumentRoot.. (that was a mouthfull) Ideally I would just set it up the virtualhost like so ServerRoot /usr/local/virtual/some-domain.com/ DocumentRoot /usr/local/virtual/some-domain.com/www/ but then apache says ServerRoot cannot occur within section ..I think im sadly coming to think that I really do need to run a seperate jail with its own apache server running in it. i can see this becoming an absolute mess to manage.. i wouldn't want to even think about upgrading a kernel... well, if that is the way it needs to be done, then that is what needs to be done... I guess i have a lot of script writing ahead of me.. :) yippie. -Thank you much. -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 From pete Thu Feb 3 13:33:17 2005 From: pete (pete wright) Date: Thu, 3 Feb 2005 10:33:17 -0800 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <002e01c50a32$07c2d9e0$0301a8c0@thomas> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net><8c50a3c305020308202c953e00@mail.gmail.com><000d01c50a28$66b00b30$0301a8c0@thomas> <8c50a3c305020309043c7201c6@mail.gmail.com> <002e01c50a32$07c2d9e0$0301a8c0@thomas> Message-ID: <7a0861b82a7ada56357c40456c6203e2@nomadlogic.org> > Sorry bout the top-posting. > heh....np > > ..I think im sadly coming to think that I really do need to run a > seperate > jail with its own apache server running in it. > i can see this becoming an absolute mess to manage.. > i wouldn't want to even think about upgrading a kernel... > fortunately you don't have to worry about upgrading the kernel/world too much if you are tracking -STABLE, and frankly I don't think you'd want to be messing with building world/kernel's on production boxen anyway.... personally I think that running a jail for each account will be less of an administrative issue in the long run. sure there might be some more upfront coding involved to get things setup, but you have isolated each user which makes things easier to monitor and administrate. let's say you have 20 users now, and in a year you have 60 users on that same box and things are getting slow. if each user has their own jail it's just a simple matter of tar'ing their $HOME...moving it to the new host and untar'ing the site. you've actually built a pretty scalable system from the get go. and that's not even taking into account the added security of such a system.... i've actually started kicking this same concept around for managing application server farms, but that's another issue all together ;) -p ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From george Thu Feb 3 13:46:22 2005 From: george (G. Rosamond) Date: Thu, 3 Feb 2005 13:46:22 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <20050203041005.GA24100@finn.nomadlogic.org> References: <42019F88.7030101@peachisland.com> <20050203041005.GA24100@finn.nomadlogic.org> Message-ID: <98cef05c256f62c5f3e4af7d2edf2613@sddi.net> On Feb 2, 2005, at 11:10 PM, Pete Wright wrote: > On Wed, Feb 02, 2005 at 10:50:32PM -0500, Nikolai N. Fetissov wrote: >> George, folks, >> get the mp3 of Jan's presentation at >> http://www.peachisland.com/nycbug/ >> Cheers, > > > nick you are a lifesaver! > And you couldn't get a flight for the meeting? Were you born on Sunday or something? BTW, I do think the slides are self-explanatory more than most. Jan didn't just do a presentation, he actually provided a great piece of documentation for the community as a whole. g From jesse Thu Feb 3 14:35:12 2005 From: jesse (Jesse Callaway) Date: Thu, 3 Feb 2005 14:35:12 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <20050203153919.GA3455@mail.theholymountain.com> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <20050203153919.GA3455@mail.theholymountain.com> Message-ID: <20050203193512.GA4207@mail.theholymountain.com> On Thu, Feb 03, 2005 at 10:39:19AM -0500, Jesse Callaway wrote: > I'm pretty sure that Ensim only runs on Windows and RedHat. > _______________________________________________ If I don't manage to interject something "wacky" before my proper coffee I don't feel my day is as exciting. -jesse From jonathan Thu Feb 3 15:21:48 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 15:21:48 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge Message-ID: <420287DC.5060808@kc8onw.net> I keep getting the following messages in my daily security run and clearly they have something to do with network looping but I don't know what causes them or how to look into them further. I did try but Google turned up nothing at all :P server.kc8onw.net kernel log messages: >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) Thanks, Jonathan From ike Thu Feb 3 15:29:42 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 15:29:42 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <420287DC.5060808@kc8onw.net> References: <420287DC.5060808@kc8onw.net> Message-ID: On Feb 3, 2005, at 3:21 PM, Jonathan wrote: > I keep getting the following messages in my daily security run and > clearly they have something to do with network looping but I don't > know what causes them or how to look into them further. I did try but > Google turned up nothing at all :P > > server.kc8onw.net kernel log messages: > > >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) Woah. Creepy. Wish I had a clue on this one- very interesting. What OS are you running here? What devices are tap0 and rl0? Rocket- .ike From jonathan Thu Feb 3 15:43:24 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 15:43:24 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: References: <420287DC.5060808@kc8onw.net> Message-ID: <42028CEC.4030309@kc8onw.net> Isaac Levy wrote: > On Feb 3, 2005, at 3:21 PM, Jonathan wrote: > >> I keep getting the following messages in my daily security run and >> clearly they have something to do with network looping but I don't >> know what causes them or how to look into them further. I did try but >> Google turned up nothing at all :P >> >> server.kc8onw.net kernel log messages: >> >> >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) > > > Woah. Creepy. Wish I had a clue on this one- very interesting. > > What OS are you running here? What devices are tap0 and rl0? > rl0 is the NAT'ed local network interface, dc0 is just an extra card right now, tap0 is (from the man page) The tap interface is a software loopback mechanism that can be loosely described as the network interface analog of the pty(4), that is, tap does for network interfaces what the pty driver does for terminals In this case tap0 is being used by openvpn (http://openvpn.net/) to transparently bridge two networks at the MAC layer so rl0 and tap0 are bridged. My main reason for this is to play games that rely on UDP broadcasts, that and just to learn more stuff :) uname -a: FreeBSD server.kc8onw.net 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Sun Nov 14 19:38:43 EST 2004 root at server.kc8onw.net:/usr/obj/usr/src/sys/GENERIC i386 ifconfig: dc0: flags=108802 mtu 1500 options=8 ether 00:04:5a:50:27:e0 media: Ethernet autoselect (none) status: no carrier rl0: flags=8943 mtu 1500 options=8 inet 10.70.2.2 netmask 0xffffff00 broadcast 10.70.2.255 inet6 fe80::200:21ff:fefa:30cd%rl0 prefixlen 64 scopeid 0x2 ether 00:00:21:fa:30:cd media: Ethernet autoselect (100baseTX ) status: active plip0: flags=108810 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 tap0: flags=8943 mtu 1500 inet6 fe80::2bd:6fff:fed3:2b00%tap0 prefixlen 64 scopeid 0x5 ether 00:bd:6f:d3:2b:00 Opened by PID 51395 I really don't know what other information to give at this point Jonathan From dlavigne6 Thu Feb 3 15:58:36 2005 From: dlavigne6 (Dru) Date: Thu, 3 Feb 2005 15:58:36 -0500 (EST) Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <420287DC.5060808@kc8onw.net> References: <420287DC.5060808@kc8onw.net> Message-ID: <20050203155239.D681@dru.domain.org> On Thu, 3 Feb 2005, Jonathan wrote: > I keep getting the following messages in my daily security run and clearly > they have something to do with network looping but I don't know what causes > them or how to look into them further. I did try but Google turned up > nothing at all :P > > server.kc8onw.net kernel log messages: > >>> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) Someone with network socket programming experience could explain exactly what's happening, but I suspect it has something to do with: man tap /error And, even if you can't read source code, you still might find something useful by checking out the comments in the source: locate tap.c grep "*/" /usr/src/sys/net/if_tap.c HTH, Dru From jonathan Thu Feb 3 16:08:13 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 16:08:13 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <20050203155239.D681@dru.domain.org> References: <420287DC.5060808@kc8onw.net> <20050203155239.D681@dru.domain.org> Message-ID: <420292BD.80305@kc8onw.net> Dru wrote: > > > On Thu, 3 Feb 2005, Jonathan wrote: > >> I keep getting the following messages in my daily security run and >> clearly they have something to do with network looping but I don't >> know what causes them or how to look into them further. I did try but >> Google turned up nothing at all :P >> >> server.kc8onw.net kernel log messages: >> >>>> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) > > > > > Someone with network socket programming experience could explain exactly > what's happening, but I suspect it has something to do with: > > man tap > /error > > And, even if you can't read source code, you still might find something > useful by checking out the comments in the source: > > locate tap.c > grep "*/" /usr/src/sys/net/if_tap.c > I didn't think to check the source file before, although I did skim the man page before my first mail at least :) I didn't see anything useful in the man page or source code and I don't think the problem is tap specific. I think its more of a general network issue possibly something to do with the fact that bridge(4) does not support 802.1d but I really don't know :P I put more configuration information in my reply to Isaac Levy's post. Thanks, Jonathan From tillman Thu Feb 3 16:12:31 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 15:12:31 -0600 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <420287DC.5060808@kc8onw.net> References: <420287DC.5060808@kc8onw.net> Message-ID: <20050203211231.GD62491@seekingfire.com> On Thu, Feb 03, 2005 at 03:21:48PM -0500, Jonathan wrote: > I keep getting the following messages in my daily security run and > clearly they have something to do with network looping but I don't know > what causes them or how to look into them further. I did try but Google > turned up nothing at all :P > > server.kc8onw.net kernel log messages: > > >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) Just out of curiousity, do the errors go away if you use tun devices instead of tap devices in your OpenVPN config? My thinking is as follows: Tap devices are a "raw" transport. You generally only need them if you want to carry non-IP traffic (IPX comes to mind). Tun devices are "IP" devices, so we can eliminate an entire layer of the stack by using them (as well as making OpenVPN more efficient -- less overhead per packet means more data per data). -T -- Page 5: It is impossible to learn everything about Unix. Concentrate on what you need and what you think you will enjoy. - Harley Hahn, _The Unix Companion_ From jonathan Thu Feb 3 16:15:23 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 16:15:23 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <20050203211231.GD62491@seekingfire.com> References: <420287DC.5060808@kc8onw.net> <20050203211231.GD62491@seekingfire.com> Message-ID: <4202946B.3090405@kc8onw.net> Tillman Hodgson wrote: > On Thu, Feb 03, 2005 at 03:21:48PM -0500, Jonathan wrote: > >>I keep getting the following messages in my daily security run and >>clearly they have something to do with network looping but I don't know >>what causes them or how to look into them further. I did try but Google >>turned up nothing at all :P >> >>server.kc8onw.net kernel log messages: >> >> >>>>-- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) > > > Just out of curiousity, do the errors go away if you use tun devices > instead of tap devices in your OpenVPN config? > > My thinking is as follows: Tap devices are a "raw" transport. You > generally only need them if you want to carry non-IP traffic (IPX comes > to mind). Tun devices are "IP" devices, so we can eliminate an entire > layer of the stack by using them (as well as making OpenVPN more > efficient -- less overhead per packet means more data per data). > > -T > I don't really know, if it comes down to that I may try it but the reason for using tap in the first place was for things like IPX and games that depend on UDP broadcasts :P Thanks, Jonathan From george Thu Feb 3 16:25:36 2005 From: george (G. Rosamond) Date: Thu, 3 Feb 2005 16:25:36 -0500 Subject: [nycbug-talk] shmoocon Message-ID: <82b2619998c8c07e739ea9bc9712019e@sddi.net> I think we're mature enough to have multiple threads. . . or at least brief announcements. If you are going to Shmoocon this weekend in DC, email me OFFLIST. At this point, the conference will be a significant percentage of NYCBUG-related people. . . g From tillman Thu Feb 3 16:29:39 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 15:29:39 -0600 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <4202946B.3090405@kc8onw.net> References: <420287DC.5060808@kc8onw.net> <20050203211231.GD62491@seekingfire.com> <4202946B.3090405@kc8onw.net> Message-ID: <20050203212939.GE62491@seekingfire.com> On Thu, Feb 03, 2005 at 04:15:23PM -0500, Jonathan wrote: > I don't really know, if it comes down to that I may try it but the > reason for using tap in the first place was for things like IPX and > games that depend on UDP broadcasts :P Oh ... tun definitely won't work for you then ;-) -T -- Answers are a perilous grip on the universe. They can appear sensible yet explain nothing. - The Zensunni Whip From pete Thu Feb 3 16:36:09 2005 From: pete (pete wright) Date: Thu, 3 Feb 2005 13:36:09 -0800 Subject: [nycbug-talk] February meeting audio In-Reply-To: <98cef05c256f62c5f3e4af7d2edf2613@sddi.net> References: <42019F88.7030101@peachisland.com> <20050203041005.GA24100@finn.nomadlogic.org> <98cef05c256f62c5f3e4af7d2edf2613@sddi.net> Message-ID: On Feb 3, 2005, at 10:46 AM, G. Rosamond wrote: > > On Feb 2, 2005, at 11:10 PM, Pete Wright wrote: > >> On Wed, Feb 02, 2005 at 10:50:32PM -0500, Nikolai N. Fetissov wrote: >>> George, folks, >>> get the mp3 of Jan's presentation at >>> http://www.peachisland.com/nycbug/ >>> Cheers, >> >> >> nick you are a lifesaver! >> > > And you couldn't get a flight for the meeting? > dude, it's like cold there or something...and besides that jet that crashed in jersey yesterday was supposed to pick me up so that kinda threw a spanner in my plans. > Were you born on Sunday or something? > no i was born in jersey ;p > BTW, I do think the slides are self-explanatory more than most. Jan > didn't just do a presentation, he actually provided a great piece of > documentation for the community as a whole. > yea really upset i missed it esp. after the conversation mark and i had re. pkgsrc.... -p ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From ike Thu Feb 3 16:40:19 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 16:40:19 -0500 Subject: [nycbug-talk] shmoocon In-Reply-To: <82b2619998c8c07e739ea9bc9712019e@sddi.net> References: <82b2619998c8c07e739ea9bc9712019e@sddi.net> Message-ID: <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> On Feb 3, 2005, at 4:25 PM, G. Rosamond wrote: > At this point, the conference will be a significant percentage of > NYCBUG-related people. . . Muahahahahaha.... Rocket- .ike From george Thu Feb 3 16:41:52 2005 From: george (G. Rosamond) Date: Thu, 3 Feb 2005 16:41:52 -0500 Subject: [nycbug-talk] shmoocon In-Reply-To: <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> References: <82b2619998c8c07e739ea9bc9712019e@sddi.net> <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> Message-ID: On Feb 3, 2005, at 4:40 PM, Isaac Levy wrote: > On Feb 3, 2005, at 4:25 PM, G. Rosamond wrote: > >> At this point, the conference will be a significant percentage of >> NYCBUG-related people. . . > > Muahahahahaha.... > Yeah, we could have called for a BoF, but I think we could just take over an entire session. From ike Thu Feb 3 16:46:31 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 16:46:31 -0500 Subject: [nycbug-talk] shmoocon In-Reply-To: References: <82b2619998c8c07e739ea9bc9712019e@sddi.net> <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> Message-ID: On Feb 3, 2005, at 4:41 PM, G. Rosamond wrote: > Yeah, we could have called for a BoF, but I think we could just take > over an entire session. > > Makes me wish we had t-shirts and hats and big-bling nyc*bug rings and gold neclace schwag... :) NY Represent' w00t! Rocket- .ike From ike Thu Feb 3 17:50:14 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 17:50:14 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <42019F88.7030101@peachisland.com> References: <42019F88.7030101@peachisland.com> Message-ID: <061be368bfa524677ad492f1c387bd3a@lesmuug.org> Nick, On Feb 2, 2005, at 10:50 PM, Nikolai N. Fetissov wrote: > George, folks, > get the mp3 of Jan's presentation at http://www.peachisland.com/nycbug/ > Cheers, > -- > nick Totally badass. Thank you! -- Q. for you- how did you record it? From your laptop? I'm curious because I may try to help out at PyCon to coordinate folks recording every session on their laptops... Do you use some open source stuff for recording? I mean, I know how I'd record stuff on my mac, using one of a billion little shareware apps even- but not sure about other platforms... Any comments/urls would be most appreciated! Rocket- .ike From lists Thu Feb 3 19:34:34 2005 From: lists (michael) Date: Thu, 3 Feb 2005 19:34:34 -0500 Subject: [nycbug-talk] Fw: Newsletter from O'Reilly Message-ID: <20050203193434.7236c46a@delinux.abwatley.com> Begin forwarded message: Date: Thu, 03 Feb 2005 15:19:56 -0800 Subject: Newsletter from O'Reilly UG Program, Feb 3 ================================================================ O'Reilly News for User Group Members February 3, 2005 ================================================================ ---------------------------------------------------------------- Book News ---------------------------------------------------------------- -AppleScript: The Missing Manual -Creating Photomontages with Photoshop: A Designer's Notebook -Internet Annoyances -Google Hacking for Penetration Testers -Home Networking Annoyances -Linux Server Security, 2nd Edition -Buffer Overflow Attacks -Configuring NetScreen Firewalls ---------------------------------------------------------------- Upcoming Events ---------------------------------------------------------------- -Hadley Stern ("iPod & iTunes Hacks"), Boston Macintosh User Group, Boston, MA--February 9 -Tim O'Reilly, EclipseCon, Burlingame, CA--February 28-March 3 -O'Reilly at PhotoShop World, Las Vegas, NV--March 9 ---------------------------------------------------------------- Conference News ---------------------------------------------------------------- -OSCON Call For Proposals Now Open -Register for the 2005 O'Reilly Emerging Technology Conference, San Diego, CA--March 14-17 -Registration Is Open for the 2005 MySQL Users Conference, Santa Clara, CA--April 18-21 ---------------------------------------------------------------- News ---------------------------------------------------------------- -Hacking Google -Get Your Hands Dirty! -"Make" subscriptions now available -Don't Miss O'Reilly at LinuxWorld, Boston, MA--February 15-17 -Programming eBay Web Services with PHP 5 and Services_Ebay -Freevo: Freedom For Your TV -Michael Stutz On Using Linux For Everyday Activities -Top Ten AppleScript Tips -Output Like a Pro with iPhoto 5 -Fix Hot Spot Annoyances -Working with Roaming User Profiles -IRC Text to Speech with Java -Internals of Java Class Loading -Build Your Own PVR (for Free) with HackTV -Featured Photographer--Ofer Halevi: The Art of Juxtaposition -Learning Lab: Save 40% on Web Programming Certificate Courses -A-Z Web Site Indexes Explained ================================================ Book News ================================================ Did you know you can request a free book to review for your group? Ask your group leader for more information. For book review writing tips and suggestions, go to: http://ug.oreilly.com/bookreviews.html Don't forget, you can receive 20% off any O'Reilly, No Starch, Paraglyph, Pragmatic Bookshelf, SitePoint, or Syngress book you purchase directly from O'Reilly. Just use code DSUG when ordering online or by phone 800-998-9938. http://www.oreilly.com/ ***Free ground shipping is available for online orders of at least $29.95 that go to a single U.S. address. This offer applies to U.S. delivery addresses in the 50 states and Puerto Rico. For more details, go to: http://www.oreilly.com/news/freeshipping_0703.html ---------------------------------------------------------------- New Releases ---------------------------------------------------------------- ***AppleScript: The Missing Manual Publisher: O'Reilly ISBN: 0596008503 Macintosh's ultimate scripting tool, AppleScript, has one major shortcoming: it comes without a manual. This Missing Manual fills the void. While its hands-on approach, with dozens of scripting examples, certainly keeps novices from feeling intimidated, this book is also suited for professionals from system administrators to musicians, ensuring that anyone can learn how to control Mac applications in timesaving and innovative ways. http://www.oreilly.com/catalog/applescripttmm/index.html Chapter 5, "Controlling Files," is available online: http://www.oreilly.com/catalog/applescripttmm/chapter/index.html ***Creating Photomontages with Photoshop: A Designer's Notebook Publisher: O'Reilly ISBN: 0596008589 This collection of groundbreaking digital creations by well-known French artists is a visual smorgasbord for digital imaging professionals, graphic artists, photographers, and anyone involved in the creation of digital images and animations. But it's more than a full-color feast for the eyes: reflecting the very best of French graphic design, it guides Photoshop users through all aspects of the photomontage creation process, from initial concept through step-by-step execution. http://www.oreilly.com/catalog/photoshopadn/ ***Internet Annoyances Publisher: O'Reilly ISBN: 0596007353 Recognizing the universal nature of the Net, "Internet Annoyances" strives to make using the internet as stress-free as possible for everyone. This insightful guide effectively addresses and presents solutions for the many glitches that still complicate the internet experience. You'll learn how to thwart would-be hackers, ensure greater security while surfing, eliminate pop-up ads, maximize online services, conduct effective searches, and much more. Chapter 8, "Searching Annoyances," is available online: http://www.oreilly.com/catalog/internetannoy/chapter/index.html ***Google Hacking for Penetration Testers Publisher: Syngress ISBN: 1931836361 "Google Hacking for Penetration Testers" explores the explosive growth of a technique known as "Google Hacking." This simple tool can be bent by hackers and those with malicious intent to find hidden information, break into sites, and access supposedly secure information. Borrowing the techniques pioneered by malicious "Google hackers," this book aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage. http://www.oreilly.com/catalog/1931836361/index.html ***Home Networking Annoyances Publisher: O'Reilly ISBN: 0596008082 Need a cure for the headaches associated with running a home network? This book tackles all the common annoyances your network dishes up, whether it's wired or wireless, Mac or PC. With a friendly, off-the-cuff approach, this book guides you safely through common home networking glitches, including file sharing, printing, security, and more. Take a stand against annoyances now: this book is your ticket to serenity. http://www.oreilly.com/catalog/homenetannoy/ Chapter 4, "File-Sharing Annoyances," is available online: http://www.oreilly.com/catalog/homenetannoy/chapter/index.html ***Linux Server Security, 2nd Edition Publisher: O'Reilly ISBN: 0596006705 "Linux Server Security, 2nd Edition" expertly conveys to administrators and developers the tricks of the trade that can help them avoid serious security breaches. The book covers both background theory and practical, step-by-step instructions for protecting a server that runs Linux. Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Stay one step ahead of potential adversaries. http://www.oreilly.com/catalog/linuxss2/ Chapter 12, "System Log Management and Monitoring," is available online: http://www.oreilly.com/catalog/linuxss2/chapter/index.html ***Buffer Overflow Attacks Publisher: Syngress ISBN: 1932266674 The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." Currently, over half of these vulnerabilities are exploitable by buffer overflow attacks, which allow an attacker to run arbitrary code on a victim's machine. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks. It provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective, and on defending against these attacks for the software developer. http://www.oreilly.com/catalog/1932266674/ ***Configuring NetScreen Firewalls Publisher: Syngress ISBN: 1932266399 "Configuring NetScreen Firewalls" delivers an in-depth look at the NetScreen firewall product line. It covers all of the aspects of the NetScreen product line from the SOHO devices to the Enterprise NetScreen firewalls. Advanced troubleshooting techniques and the NetScreen Security Manager are also covered. http://www.oreilly.com/catalog/1932266399/index.html ================================================ Upcoming Events ================================================ ***For more events, please see: http://events.oreilly.com/ ***Hadley Stern ("iPod & iTunes Hacks"), Boston Macintosh User Group, Boston, MA--February 9 Come join this O'Reilly author to find out all the cool things that you can do with your iPod! Boston Macintosh User Group MIT Building E51 Room 315 Cambridge, MA http://www.bmac.org/meetings.html ***Tim O'Reilly, EclipseCon, Burlingame, CA--February 28-March 3 Tim is a keynote speaker at this event. http://www.eclipsecon.org/2005/index.htm ***O'Reilly at PhotoShop World, Las Vegas, NV--March 9 Come by and say hi and check out our latest Digital Media books at our booth (#220). Mandalay Bay Resort, Las Vegas, NV http://www.photoshopworld.com/ ================================================ Conference News ================================================ ***OSCON Call For Proposals Now Open Circle August 1-5 on your calendar and join us at the O'Reilly Open Source Convention in beautiful Portland, Oregon. OSCON 2005 will be at the Oregon Convention Center, where we'll have tutorials, sessions, parties, BOFs, and a huge exhibit hall. http://conferences.oreillynet.com/os2005/ The call for participation is open, and you're invited to submit a proposal to lead tutorials and sessions. Visit the submissions page for all the details on tracks and proposal guidelines. Proposals are due no later than February 13, 2005. http://conferences.oreillynet.com/cs/os2005/create/e_sess ***2005 O'Reilly Emerging Technology Conference, San Diego, CA--March 14-17 This year's conference theme is "Remix," which infuses ETech's roll-up-your-sleeves tutorials, to-the-point plenary presentations, and real world focused breakout sessions. Come to ETech and discover how applications and hardware are being deconstructed and recombined in unexpected ways. Learn how users and customers are influencing new interfaces, devices, business models, and services. For all the scoop on tutorials, featured speakers, and conference events, check out: http://conferences.oreillynet.com/etech/ Hurry up before it sells out! User Group members use code DSUG when you register, and receive 20% off the registration price. To register for the conference, go to: http://conferences.oreillynet.com/cs/et2005/create/ord_et05 ***Register for the 2005 MySQL Users Conference, Santa Clara, CA--April 18-21 The MySQL Users Conference, co-presented by O'Reilly Media and MySQL AB, brings together experts, users, and industry leaders with unique MySQL insights, offering attendees a detailed look into new features in MySQL 5.0, sessions and workshops designed to teach best practices, and exposure to new open source technologies. For more information, go to: http://www.mysqluc.com/ User Group members who register before Febuary 28, 2005 get a double discount. Use code DSUG when you register, and receive 20% off the early registration price. To register for the conference, go to: http://conferences.oreillynet.com/cs/mysqluc2005/create/ord_mysql05 ================================================ News From O'Reilly & Beyond ================================================ --------------------- General News --------------------- ***Hacking Google With access to more than three million documents in over 30 languages, Google is a researcher's dream. But like any invaluable tool, knowing the insider tricks of the trade is a must to save time and needless effort. Tara Calishain and Rael Dornfest, authors of "Google Hacks, 2nd Edition," have set out to educate the masses to the ins and outs of Google. In today's excerpt, they offer the inside scoop on scattersearching, cartography, Google on the go, Gmail-lite, and AdSense. With over 150 million Google searches conducted every day, why be just a number? http://www.oreillynet.com/pub/a/network/excerpt/ggl_hcks/index.html ***Get Your Hands Dirty! Hackers of all stripes refuse to just take what they???re given. They???re driven to remake it, and getting there is more than half the fun. Here at O'Reilly, we've got the information you need to hack, remix, and master technology at home and at work. In this letter for our Winter 2005 Catalog, Tim O'Reilly talks about how we're celebrating the hacker impulse. http://tim.oreilly.com/articles/dirtyhands_0105.html You'll find all of Tim's collected writings and speeches at: http://tim.oreilly.com/ ***"Make" subscriptions now available The annual subscription price for four issues is $34.95. When you subscribe with this link, you'll get a free issue--the first one plus four more for $34.95. So subscribe for yourself or friends with this great offer for charter subscribers: five volumes for the cost of four. Subscribe at: https://www.pubservice.com/MK/Subnew.aspx?PC=MK&PK=M5ZUGLA --------------------- Open Source --------------------- ***Don't Miss O'Reilly at LinuxWorld, Boston, MA--Feb 15-17 Stop by our booth (#509) to check out our latest Linux and open source titles and listen to our authors including Jonathan Corbet ("Linux Device Drivers, 3rd Ed."), Kyle D. Dent ("Postfix: The Definitive Guide"), Jay Beale ("Snort 2.1 Intrusion Detection, 2nd Ed."), Sam Hiser and Tom Adelstein ("Exploring the JDS Linux Desktop"), and Adam Trachtenberg ("PHP Cookbook"). We will have daily demonstrations on our new magazine "Make" and SafariU (http://academic.oreilly.com/safariu-more.csp). Here is our schedule of events: http://www.oreilly.com/examples/oreilly/ug/linuxworld_speaker_sched.pdf ***Programming eBay Web Services with PHP 5 and Services_Ebay PHP 5 added several new features to the language, yet laundry lists and high-level overviews don't really show what they are or why you might use them. Fortunately, Adam Trachtenberg writes for us. Here's how to use the new features of PHP 5 for writing web services clients. http://www.onlamp.com/pub/a/php/2005/01/27/ebay_webservices.html ***Freevo: Freedom For Your TV PVRs may be the next big thing in home entertainment, but relying on a closed box leaves you few options for customization. The Freevo project is building a platform for developing television-aware applications, whether recording, timeshifting, or general-purpose mayhem. Howard Wen explains the Freevo project and interviews its developers. http://www.linuxdevcenter.com/pub/a/linux/2005/01/27/freevo.html ***Michael Stutz On Using Linux For Everyday Activities Michael Stutz, author of "The Linux Cookbook, 2nd Edition" (No Starch) discusses what inspired him to write this book, when he first started using Linux, and other world views in this LinuxWorld interview. http://www.linuxworld.com/story/47810.htm?DE=1 --------------------- Mac --------------------- ***Top Ten AppleScript Tips AppleScript lets you control Microsoft Word, Adobe Photoshop, FileMaker Pro, and hundreds of other Mac programs with just a few lines of code. But if you think of AppleScript as just a nerdy workflow-automation tool, you're missing out on a lot of power. Truth is, AppleScript has lots of hidden tricks and timesavers built in--and they all come for free with your Mac. Adam Goldstein, author of "AppleScript: The Missing Manual," has hand selected ten of the most useful tips for making AppleScript work for you. http://www.macdevcenter.com/pub/a/mac/2005/02/01/applscrpt_mm.html ***Output Like a Pro with iPhoto 5 Earlier, Derrick Story discussed how iPhoto 5's RAW capability lets you input like a pro. But some of its new output features are quite sophisticated. Here Derrick takes a look at how to create sophisticated slideshows and QuickTime downloads using only iPhoto 5. http://www.macdevcenter.com/pub/a/mac/2005/02/01/iphoto.html --------------------- Windows/.NET --------------------- ***Fix Hot Spot Annoyances Using a Wi-Fi hot spot is a great way to stay connected when you're away from home or the office. But beware: you may be vulnerable to snoopers; you may be unable to send email; and your connection may flake out. Preston Gralla, author of "Internet Annoyances," fixes all your hot spot woes. http://www.windowsdevcenter.com/pub/a/windows/2005/02/01/hot_spot.html ***Working with Roaming User Profiles If you have a highly mobile local user base and are constantly fielding concerns about personalized settings and desktop customizations that don't seem to travel with your users, then roaming user profiles may make your life a lot easier. In this article, Jonathan Hassell, author of "Learning Windows Server 2003," explains how roaming user profiles can save you time and energy. http://www.windowsdevcenter.com/pub/a/windows/2005/02/01/rmng_usr.html --------------------- Java --------------------- ***IRC Text to Speech with Java Paul Mutton creates a multi-platform IRC bot that uses the FreeTTS Java speech synthesizer library to convert IRC messages into audible speech. Why would you want to use an IRC text-to-speech system? By reading out messages as they arrive, you can keep working, diverting your attention to IRC only when necessary. Paul is the author of "IRC Hacks." http://www.onjava.com/pub/a/onjava/2004/09/08/IRCinJava.html ***Internals of Java Class Loading When are two classes not the same? When they're loaded by different class loaders. This is just one of many curious side effects of Java's class-loading system. Binildas Christudas shows how different class loaders relate to one another and how (and why) to build your own custom class loader. http://www.onjava.com/pub/a/onjava/2005/01/26/classloading.html --------------------- Digital Media --------------------- ***Build Your Own PVR (for Free) with HackTV HackTV is a developer app for Mac OS X that you can download for free. It enables you to watch TV (or any video source) on your Mac. Better yet, it enables you to download that content to your hard drive. Erica Sadun shows you the ins and outs of HackTV. http://digitalmedia.oreilly.com/2005/01/26/hacktv.html ***Featured Photographer--Ofer Halevi: The Art of Juxtaposition Whether it's a man standing beside a mannequin in Amsterdam, or a poster of Rabin staring up at a passerby in Israel, Ofer Halevi has an eye for recording the juxtaposition of people and their inanimate environment. In this portfolio you can experience Ofer's passion for detail, interaction, and patterns. http://digitalmedia.oreilly.com/2005/01/12/featured.html --------------------- Web --------------------- ***Learning Lab: Save 40% on Web Programming Certificate Courses This six-course series from the O'Reilly Learning Lab teaches you the skills needed for web programming, web administration, and website development. You'll learn HTML, JavaScript, XML, SQL, Perl, and Unix. Upon completion of the series, students receive a Certificate of Professional Development from the University of Illinois Office of Continuing Education. Sign up by February 22nd, and save 40% on all Web Programming Certificate courses. http://www.oreilly.com/redirector.csp?link=UAWeb&type=news ***A-Z Web Site Indexes Explained A-Z Indexes are a far more accurate than search engines for searching the content of a web site or intranet. For the value they can bring to a site, A-Z indexes are worth the additional cost, but, if you decide to add an index to your site, it's important to find the right person to do the job. http://www.sitepoint.com/article/a-z-indexes ================================================ >From Your Peers =============================================== Don't forget to check out the O'Reilly UG wiki to see what user groups across the globe are up to: http://wiki.oreillynet.com/usergroups/index.cgi -- --- From dan Thu Feb 3 19:46:48 2005 From: dan (Dan Langille) Date: Thu, 03 Feb 2005 19:46:48 -0500 Subject: [nycbug-talk] tape drive woes Message-ID: <42027FA8.10947.578EF61A@localhost> I was given a DDS-4 tape drive at BSDCan last May. Last night, it started acting up. The following gives the following: mt -f /dev/sa0 status => http://www.langille.org/tmp/ach-dumps.txt It's not the card (I hooked up a SCSI disk and newfs'd it, just fine). It's not the cable (I tried another one, but not a new one). So now I'm looking at buying another DAT. AIT and DLT media is too expensive for my needs. So I'm looking at buying a Seagate DDS-4 Scorpion STD2401LW for CAD$650 (+taxes). Anyone got one and can tell stories about it? Please note: This is not the thread for saying tape is crap, DAT is crap, use HDD, use DLT, etc... Unless of course, you're prepared to give me the hardware and the media. Then I'm prepared to listen. :) -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Thu Feb 3 20:08:04 2005 From: george (george at rob.us.to) Date: Thu, 3 Feb 2005 20:08:04 -0500 (EST) Subject: [nycbug-talk] more open source stuff Message-ID: <200502040108.j14184WT029342@localhost.localdomain> An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050203/541bca77/attachment.html From matt Thu Feb 3 22:26:43 2005 From: matt (Matthew Terenzio) Date: Thu, 3 Feb 2005 22:26:43 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname Message-ID: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> I know this seems like an Apache question, but I have my first FreeBSD box going and I think it's related to the way I installed it. BTW, I love the easy to use Ports install process. Installed Apache Couldn't start it. In the error log: [alert] mod_unique_id: unable to gethostbyname(".WorkGroup") I commented out mod_unique_id and Apache works, but what is .WorkGroup? Sounds Windowsish, but is it some deafult? I didn't name the host that unless it was inadvertent. I'll mention the machine is running DHCP on a wifi home network. Not sure why I think that's relevant. From pete Thu Feb 3 22:32:29 2005 From: pete (Pete Wright) Date: Thu, 3 Feb 2005 22:32:29 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname In-Reply-To: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> References: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> Message-ID: <20050204033229.GA34680@finn.nomadlogic.org> On Thu, Feb 03, 2005 at 10:26:43PM -0500, Matthew Terenzio wrote: > I know this seems like an Apache question, but I have my first FreeBSD > box going and I think it's related to the way I installed it. > sweet welcome to the cult...err..ahh family :) > BTW, I love the easy to use Ports install process. > Installed Apache > Couldn't start it. > > In the error log: > > [alert] mod_unique_id: unable to gethostbyname(".WorkGroup") > > I commented out mod_unique_id and Apache works, but what is .WorkGroup? > Sounds Windowsish, but is it some deafult? sounds like you should probably set your hostname, this can be done easily via /stand/sysinstall..or if you want to do it the "proper" way you can edit /etc/rc.conf and set: hostname="freebsdrox" or something ;) > > I didn't name the host that unless it was inadvertent. > I'll mention the machine is running DHCP on a wifi home network. Not > sure why I think that's relevant. > as a general rule on *BSD related lists it is generally a good idea to post the following info if you haven't the foggiest what a problem may be: uname -ar, dmesg and any special modifications you have done on your install. usually a uname -ar is a good enough for config questions, if you are getting odd error messages a dmesg is generally a good idea. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From tillman Thu Feb 3 23:11:27 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 22:11:27 -0600 Subject: [nycbug-talk] tape drive woes In-Reply-To: <42027FA8.10947.578EF61A@localhost> References: <42027FA8.10947.578EF61A@localhost> Message-ID: <20050204041127.GG62491@seekingfire.com> On Thu, Feb 03, 2005 at 07:46:48PM -0500, Dan Langille wrote: > I was given a DDS-4 tape drive at BSDCan last May. Last night, it > started acting up. > > The following gives the following: > > mt -f /dev/sa0 status => http://www.langille.org/tmp/ach-dumps.txt I get that (SCSI bus resets) with my DDS-1 and -2 drives as well and I've seen it with DDS-3 drives. > It's not the card (I hooked up a SCSI disk and newfs'd it, just > fine). It's not the cable (I tried another one, but not a new one). Right. In my case, different cards and cables didn't help. A new tape (as in brand new) helped, sometimes, for a short time. I suspect that the drive needs cleaning. DDS drives need cleaning like a baby needs changing. I typically run a cleaner tape through after 2 tape runs now and I *still* encounter those errors, though at a significantly reduced rate. Putting the drive on it's on SCSI controller helps, because when it /does/ happen it doesn't freak out all the other devices on the bus. The traditional wisdom with bus resets is that it's due to exceeding the SCSI specifications in some manner: poor termination, too-long cable, that sort of thing. I've have luck with a DEC StorageWorks JBOD tower that used to bus reset like a mad banshee simply by telling the controller to run it at a slower rate -- a more robust SCSI bus results from the "easier" specifications. Since this particular SCSI controller only "auto-detects" SCSI settings and won't allow me override them in it's "BIOS", I wrote a /etc/rc.d script that manually forces the devices down one speed notch just before fsck kicks in (which would cause bus resets like crazy). The basic idea is this: camcontrol negotiate da0 -R10 -q -a I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, moves me from 40MB/s to 20MB/s. That's more than fast enough for the drives I have in the JBOD (which aren't ever accessed simultaneously with the use I've put them to) and all top out at about 12MB/s anyway). It's worth a try, especially considering that DDS-4 doesn't write fast enough to need the full 40MB/s of Ultrawide SCSI. > So I'm looking at buying a Seagate DDS-4 Scorpion STD2401LW > for CAD$650 (+taxes). > > Anyone got one and can tell stories about it? No, but I also had no idea that they'd gotten so cheap. *Damn*, that's tempting :-) > Please note: This is not the thread for saying tape is crap, DAT is > crap, use HDD, use DLT, etc... Unless of course, you're prepared to > give me the hardware and the media. Then I'm prepared to listen. :) And if anyone is handing out tape hardware, I'm willing to cover the cost of shipping if it's to help out freshports.org. -T -- Fsck, either way I'm screwed. -- petro Now *that* is the Sysadmin's motto. -- Peter da Silva From pete Fri Feb 4 04:49:15 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 04:49:15 -0500 Subject: [nycbug-talk] httpsd Message-ID: <20050204094915.GA11959@finn.nomadlogic.org> seems like apache is a popular topic lately... so i've recently moved a mail server running: postfix+courier-imap+http-ssl+squirellmail+debian to 5.3-RELEASE. the migration was pretty painless and i'm trucking away and having a blast...altho one thing that has been bothering me is the performance of squirellmail I'm noticing long load times for pages that were quite quick one the debian install (for example loading my inbox is taking several seconds to load while it much quicker before the migration). the network is the same, and reqular imap connections are as quick as can be...so i'm thinking that it might be an issue with the apache/php install. so what do the folks do here to tune php/httpsd installs. while we discuss amoungst ourselves i'll see if i can hack up a little benchmark script. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From dan Fri Feb 4 06:42:24 2005 From: dan (Dan Langille) Date: Fri, 04 Feb 2005 06:42:24 -0500 Subject: [nycbug-talk] tape drive woes In-Reply-To: <20050204041127.GG62491@seekingfire.com> References: <42027FA8.10947.578EF61A@localhost> Message-ID: <42031950.28074.59E72D6F@localhost> On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > On Thu, Feb 03, 2005 at 07:46:48PM -0500, Dan Langille wrote: > > I was given a DDS-4 tape drive at BSDCan last May. Last night, it > > started acting up. > > > > The following gives the following: > > > > mt -f /dev/sa0 status => http://www.langille.org/tmp/ach-dumps.txt > > I get that (SCSI bus resets) with my DDS-1 and -2 drives as well and > I've seen it with DDS-3 drives. > > > It's not the card (I hooked up a SCSI disk and newfs'd it, just > > fine). It's not the cable (I tried another one, but not a new one). > > Right. In my case, different cards and cables didn't help. A new tape > (as in brand new) helped, sometimes, for a short time. > > I suspect that the drive needs cleaning. DDS drives need cleaning like a > baby needs changing. I typically run a cleaner tape through after 2 tape > runs now and I *still* encounter those errors, though at a significantly > reduced rate. I clean frequently. > Putting the drive on it's on SCSI controller helps, because when it > /does/ happen it doesn't freak out all the other devices on the bus. It has it's own card. > The traditional wisdom with bus resets is that it's due to exceeding the > SCSI specifications in some manner: poor termination, too-long cable, > that sort of thing. I've have luck with a DEC StorageWorks JBOD tower > that used to bus reset like a mad banshee simply by telling the > controller to run it at a slower rate -- a more robust SCSI bus results > from the "easier" specifications. Since this particular SCSI controller > only "auto-detects" SCSI settings and won't allow me override them in > it's "BIOS", I wrote a /etc/rc.d script that manually forces the devices > down one speed notch just before fsck kicks in (which would cause bus > resets like crazy). The basic idea is this: > > camcontrol negotiate da0 -R10 -q -a > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, > moves me from 40MB/s to 20MB/s. That's more than fast enough for the > drives I have in the JBOD (which aren't ever accessed simultaneously > with the use I've put them to) and all top out at about 12MB/s anyway). OK, I will consider that. Thanks. > It's worth a try, especially considering that DDS-4 doesn't write fast > enough to need the full 40MB/s of Ultrawide SCSI. > > > So I'm looking at buying a Seagate DDS-4 Scorpion STD2401LW > > for CAD$650 (+taxes). > > > > Anyone got one and can tell stories about it? > > No, but I also had no idea that they'd gotten so cheap. *Damn*, that's > tempting :-) > > > Please note: This is not the thread for saying tape is crap, DAT is > > crap, use HDD, use DLT, etc... Unless of course, you're prepared to > > give me the hardware and the media. Then I'm prepared to listen. :) > > And if anyone is handing out tape hardware, I'm willing to cover the > cost of shipping if it's to help out freshports.org. ;) -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From nikolai.fetissov Fri Feb 4 08:51:39 2005 From: nikolai.fetissov (Nikolai N. Fetissov) Date: Fri, 04 Feb 2005 08:51:39 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <061be368bfa524677ad492f1c387bd3a@lesmuug.org> References: <42019F88.7030101@peachisland.com> <061be368bfa524677ad492f1c387bd3a@lesmuug.org> Message-ID: <42037DEB.7060804@peachisland.com> I have Olympus digital voice recorder, usb. Recording produces .dss audio files - very space efficient, but proprietary - I have to use their windows software to convert .dss into .wav. After that it's lame (lame.sourceforge.net). -- nick > -- > Q. for you- how did you record it? From your laptop? I'm curious > because I may try to help out at PyCon to coordinate folks recording > every session on their laptops... > > Do you use some open source stuff for recording? I mean, I know how I'd > record stuff on my mac, using one of a billion little shareware apps > even- but not sure about other platforms... > > Any comments/urls would be most appreciated! > > Rocket- > .ike > > From dan Fri Feb 4 11:19:37 2005 From: dan (Dan Langille) Date: Fri, 04 Feb 2005 11:19:37 -0500 Subject: [nycbug-talk] tape drive woes In-Reply-To: <20050204041127.GG62491@seekingfire.com> References: <42027FA8.10947.578EF61A@localhost> Message-ID: <42035A49.28494.5AE4FC98@localhost> On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > The traditional wisdom with bus resets is that it's due to exceeding > the SCSI specifications in some manner: poor termination, too-long > cable, that sort of thing. I've have luck with a DEC StorageWorks JBOD > tower that used to bus reset like a mad banshee simply by telling the > controller to run it at a slower rate -- a more robust SCSI bus > results from the "easier" specifications. Since this particular SCSI > controller only "auto-detects" SCSI settings and won't allow me > override them in it's "BIOS", I wrote a /etc/rc.d script that manually > forces the devices down one speed notch just before fsck kicks in > (which would cause bus resets like crazy). The basic idea is this: > > camcontrol negotiate da0 -R10 -q -a > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, > moves me from 40MB/s to 20MB/s. That's more than fast enough for the > drives I have in the JBOD (which aren't ever accessed simultaneously > with the use I've put them to) and all top out at about 12MB/s > anyway). I've not tried that yet. Last night, I tried a DDS-2 tape. I was able to back up. But I still think something is wrong. It's a DDS-4 drive, and I was unable to do a backup on a DDS-4 tape. While it was labelling the tape, a bit of tape would be fed through, then the unit would "click" three times, rewind, and read the tape again, click three times, repeat... several times. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From tillman Fri Feb 4 12:06:20 2005 From: tillman (Tillman Hodgson) Date: Fri, 4 Feb 2005 11:06:20 -0600 Subject: [nycbug-talk] tape drive woes In-Reply-To: <42035A49.28494.5AE4FC98@localhost> References: <42027FA8.10947.578EF61A@localhost> <42035A49.28494.5AE4FC98@localhost> Message-ID: <20050204170620.GL62491@seekingfire.com> On Fri, Feb 04, 2005 at 11:19:37AM -0500, Dan Langille wrote: > On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > > > > camcontrol negotiate da0 -R10 -q -a > > > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, > > moves me from 40MB/s to 20MB/s. That's more than fast enough for the > > drives I have in the JBOD (which aren't ever accessed simultaneously > > with the use I've put them to) and all top out at about 12MB/s > > anyway). > > I've not tried that yet. Last night, I tried a DDS-2 tape. I was > able to back up. But I still think something is wrong. It's a DDS-4 > drive, and I was unable to do a backup on a DDS-4 tape. > > While it was labelling the tape, a bit of tape would be fed through, > then the unit would "click" three times, rewind, and read the tape > again, click three times, repeat... several times. That sounds more like a mechanism problem. Is this a fresh tape? If not, does retensioning it cause the same clicking? -T -- "Belief gets in the way of learning." -- Robert Heinlein From dan Fri Feb 4 13:32:14 2005 From: dan (Dan Langille) Date: Fri, 04 Feb 2005 13:32:14 -0500 Subject: [nycbug-talk] tape drive woes In-Reply-To: <20050204170620.GL62491@seekingfire.com> References: <42035A49.28494.5AE4FC98@localhost> Message-ID: <4203795E.4199.5B5E64DB@localhost> On 4 Feb 2005 at 11:06, Tillman Hodgson wrote: > On Fri, Feb 04, 2005 at 11:19:37AM -0500, Dan Langille wrote: > > On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > > > > > > camcontrol negotiate da0 -R10 -q -a > > > > > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits > > > wide, moves me from 40MB/s to 20MB/s. That's more than fast enough > > > for the drives I have in the JBOD (which aren't ever accessed > > > simultaneously with the use I've put them to) and all top out at > > > about 12MB/s anyway). > > > > I've not tried that yet. Last night, I tried a DDS-2 tape. I was > > able to back up. But I still think something is wrong. It's a > > DDS-4 drive, and I was unable to do a backup on a DDS-4 tape. > > > > While it was labelling the tape, a bit of tape would be fed through, > > then the unit would "click" three times, rewind, and read the tape > > again, click three times, repeat... several times. > > That sounds more like a mechanism problem. Is this a fresh tape? If > not, does retensioning it cause the same clicking? The DDS-2 was brand new, fresh out the wrapper. I'll try the retensioning tonight. For those wondering: mt -f /dev/sa0 retension -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Fri Feb 4 14:25:10 2005 From: george (G. Rosamond) Date: Fri, 4 Feb 2005 14:25:10 -0500 Subject: [nycbug-talk] greetings from Shmoocon . . . part 01 Message-ID: We made it. . . After driving back and forth across all bridges between VA and DC, we finally made it to Shmoocon. We are sharing wireless of my iBook, although someone with OBSD is having problems with the Apple computer naming conventions. . . sounds like a reason to contribute to the doc project. We will forward a picture from the car when Ike gets back from the laundry. You'll all be hearing more from us. . . Bob, Bruno, Ike, George From pete Fri Feb 4 14:36:44 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 14:36:44 -0500 Subject: [nycbug-talk] greetings from Shmoocon . . . part 01 In-Reply-To: References: Message-ID: <20050204193644.GB14420@finn.nomadlogic.org> On Fri, Feb 04, 2005 at 02:25:10PM -0500, G. Rosamond wrote: > We made it. . . > > After driving back and forth across all bridges between VA and DC, we > finally made it to Shmoocon. > > We are sharing wireless of my iBook, although someone with OBSD is > having problems with the Apple computer naming conventions. . . sounds > like a reason to contribute to the doc project. > > We will forward a picture from the car when Ike gets back from the > laundry. > > You'll all be hearing more from us. . . sounds great already...you all just got there and ike already has to do his laundry :) -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Fri Feb 4 17:02:46 2005 From: george (G. Rosamond) Date: Fri, 4 Feb 2005 17:02:46 -0500 Subject: [nycbug-talk] greetings from Shmoocon . . . part 02 Message-ID: <853d7e5cf26c8588164d9b4e7aaeeef2@sddi.net> Open session is happening now. . . For those around in the DC area, we are meeting in the hotel lobby at 7 pm or so. The intro talk did some funny Linux-bashing about 'a bunch of code glued together'. When asked, over a third of the 400 or so attendees raised their hands when asked if they used BSD. Looks like it's going to be a fun weekend. g From pete Fri Feb 4 18:28:04 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 18:28:04 -0500 Subject: [nycbug-talk] mysql lisc. question Message-ID: <20050204232804.GA15563@finn.nomadlogic.org> interesting thread on questions at freebsd.org and thought someone here may have a better answ. that the impending flame fest there ;) http://tinyurl.com/45dr4 (interesting bit towards end..) basicly the question is does one have to pay lisc. fees to mysql AB if they utlize the clustering features of mysql? -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From mspitzer Fri Feb 4 18:49:48 2005 From: mspitzer (Marc Spitzer) Date: Fri, 4 Feb 2005 18:49:48 -0500 Subject: [nycbug-talk] mysql lisc. question In-Reply-To: <20050204232804.GA15563@finn.nomadlogic.org> References: <20050204232804.GA15563@finn.nomadlogic.org> Message-ID: <8c50a3c3050204154972a56a7a@mail.gmail.com> On Fri, 4 Feb 2005 18:28:04 -0500, Pete Wright wrote: > interesting thread on questions at freebsd.org and thought someone > here may have a better answ. that the impending flame fest there ;) > > http://tinyurl.com/45dr4 > (interesting bit towards end..) > > basicly the question is does one have to pay lisc. fees to mysql AB > if they utlize the clustering features of mysql? Iff the licence states that all code must be gpled to dodge the fees then gpl said software but only make it available, in binary or source form, to authorized internal users. basically you are only releasing things internally. That is the gpl, now if mysql is adding other clauses such that you must make it publicly available then that is a different matter. Also remember when the client libs went from lgpl, which they swore would always be lgpl, to gpl. With behavior like that who is to say what they will decide to do if they smell a buck. You may be in compliance with the free license until they change it and then you owe them some money. Look at postgres 8.0 looks very nice. marc ps mysql has lots of nice people working for them, some are even on this list. But there management is not trustworthy IMO. marc > > -p > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From pete Fri Feb 4 19:00:45 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 19:00:45 -0500 Subject: [nycbug-talk] mysql lisc. question In-Reply-To: <8c50a3c3050204154972a56a7a@mail.gmail.com> References: <20050204232804.GA15563@finn.nomadlogic.org> <8c50a3c3050204154972a56a7a@mail.gmail.com> Message-ID: <20050205000045.GA15754@finn.nomadlogic.org> On Fri, Feb 04, 2005 at 06:49:48PM -0500, Marc Spitzer wrote: > > Iff the licence states that all code must be gpled to dodge the fees > then gpl said software but only make it available, in binary or source > form, to authorized internal users. basically you are only releasing > things internally. That is the gpl, now if mysql is adding other > clauses such that you must make it publicly available then that is a > different matter. Also remember when the client libs went from lgpl, > which they swore would always be lgpl, to gpl. With behavior like > that who is to say what they will decide to do if they smell a buck. > You may be in compliance with the free license until they change it > and then you owe them some money. Look at postgres 8.0 looks very > nice. > unfortunatly it looks like a couple recent emails havn't hit the archive yet i'll quote them here... "The MySql Rep. explained to me that by installing the database on more that one computer, even if it is for you own use, it is considered a distributed piece of software and should be licenced." Yet according to another poster this is stated on MySQL AB's site: "Free use for those who never copy, modify or distribute. As long as you never distribute the MySQL Software in any way, you are free to use it for powering your application, irrespective of whether your application is under GPL license or not." > marc > > ps mysql has lots of nice people working for them, some are even on > this list. But there management is not trustworthy IMO. hey i like mysql personally...i'm just a bit confused by the legaleese.. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From matt Fri Feb 4 19:15:11 2005 From: matt (Matthew Terenzio) Date: Fri, 4 Feb 2005 19:15:11 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname In-Reply-To: <7f8e0ed848f615fcbc2d2c49c91d5f4e@jobsforge.com> References: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> <20050204033229.GA34680@finn.nomadlogic.org> <7f8e0ed848f615fcbc2d2c49c91d5f4e@jobsforge.com> Message-ID: <716fbb84d1cc0376e7b9b0879c5835b4@jobsforge.com> On Feb 3, 2005, at 10:55 PM, Matthew Terenzio wrote: > > On Feb 3, 2005, at 10:32 PM, Pete Wright wrote: > >> sounds like you should probably set your hostname > > Wow, that was tough. > I can't believe I couldn't find it on Google. > Good Night. > > \ For future readers of this thread: [alert] mod_unique_id: unable to gethostbyname("hostname") was the error in /var/log/httpd-error.log Turns out I not only needed to set my hostname, but add it to /etc/hosts as chronicled in this thread as well http://lists.freebsd.org/pipermail/freebsd-questions/2003-June/ 009996.html Apache is running, next I move to Postgresql and PHP. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 765 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050204/e662a8c1/attachment.bin From jesse Fri Feb 4 20:35:17 2005 From: jesse (Jesse Callaway) Date: Fri, 4 Feb 2005 20:35:17 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname In-Reply-To: <716fbb84d1cc0376e7b9b0879c5835b4@jobsforge.com> References: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> <20050204033229.GA34680@finn.nomadlogic.org> <7f8e0ed848f615fcbc2d2c49c91d5f4e@jobsforge.com> <716fbb84d1cc0376e7b9b0879c5835b4@jobsforge.com> Message-ID: <20050205013517.GC10143@mail.theholymountain.com> On Fri, Feb 04, 2005 at 07:15:11PM -0500, Matthew Terenzio wrote: > > On Feb 3, 2005, at 10:55 PM, Matthew Terenzio wrote: > > > > > > On Feb 3, 2005, at 10:32 PM, Pete Wright wrote: > > > > > > > sounds like you should probably set your hostname > > > > > > > Wow, that was tough. > > I can't believe I couldn't find it on Google. > > Good Night. > > > > \ > > > For future readers of this thread: > > [alert] mod_unique_id: unable to gethostbyname("hostname") > > was the error in /var/log/httpd-error.log > > Turns out I not only needed to set my hostname, but add it to > /etc/hosts > as chronicled in this thread as well > > > http://lists.freebsd.org/pipermail/freebsd-questions/2003-June/009996.html > > > Apache is running, next I move to Postgresql and PHP. > yeah, almost every *nix I've ever seen needs this touch, AS WELL AS the explicit hostname variable setting mechanism. Ie, by hostname(8) or whatever. Not fun back in the dialup days. I'm all for only using the hosts file if it exists. Normal operation otherwise. I think we're well past the days of trying to keep a local text file of all of the hostnames we'll encounter. It seems only convienient for hacks involving clustering and/or NAT. -jesse From matt Sat Feb 5 00:43:39 2005 From: matt (Matthew Terenzio) Date: Sat, 5 Feb 2005 00:43:39 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question Message-ID: Begin forwarded message: > From: Matthew Terenzio > Date: February 5, 2005 12:41:52 AM EST > To: NYPHP Talk > Subject: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question > Reply-To: NYPHP Talk > > > On Feb 4, 2005, at 7:00 PM, Pete Wright wrote: > >> "The MySql Rep. explained to me that by installing the database on >> more >> that one computer, even if it is for you own use, it is considered a >> distributed piece of software and should be licenced." > > I'm no license expert. But I plan to be one in the coming months/years. > > But this seems like a point of contention between different OS > licenses that might become divisive for certain causes. > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1203 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050205/466a8165/attachment.bin From matt Sat Feb 5 00:45:12 2005 From: matt (Matthew Terenzio) Date: Sat, 5 Feb 2005 00:45:12 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question Message-ID: <68b957be3cfbc1e9c9ba3cde4cbafdd6@jobsforge.com> Begin forwarded message: > From: Matthew Terenzio > Date: February 5, 2005 12:41:52 AM EST > To: NYPHP Talk > Subject: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question > Reply-To: NYPHP Talk > > > On Feb 4, 2005, at 7:00 PM, Pete Wright wrote: > >> "The MySql Rep. explained to me that by installing the database on >> more >> that one computer, even if it is for you own use, it is considered a >> distributed piece of software and should be licenced." > > I'm no license expert. But I plan to be one in the coming months/years. > > But this seems like a point of contention between different OS > licenses that might become divisive for certain causes. > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1203 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050205/962417dd/attachment.bin From pete Sat Feb 5 00:58:57 2005 From: pete (Pete Wright) Date: Sat, 5 Feb 2005 00:58:57 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: References: Message-ID: <20050205055856.GA32521@finn.nomadlogic.org> On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: > > > > > > I'm no license expert. But I plan to be one in the coming > > months/years. > > > > But this seems like a point of contention between different OS > > licenses that might become divisive for certain causes. yea i totally agree, on one hand i can imagine that MySQL AB has to please the GPL camp and on the other they have to make money for a product that they are devloping. From my perspective it looks like using a BSD or MIT style liscense may work out better for them...but that obviously would not work for historical reasons. in the end tho, despite this apparent miscommunication, it seems like MySQL may be doing a good thing by allowing the use of the clustering tech. freely for people who do not re-distribute thier product...altho i'm not sure why one would limit it to only GPL apps and not all OSL certified lisc. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bob Sat Feb 5 08:56:30 2005 From: bob (Bob Ippolito) Date: Sat, 5 Feb 2005 08:56:30 -0500 Subject: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <20050205055856.GA32521@finn.nomadlogic.org> References: <20050205055856.GA32521@finn.nomadlogic.org> Message-ID: On Feb 5, 2005, at 12:58 AM, Pete Wright wrote: > On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: >> >> >>> >>> I'm no license expert. But I plan to be one in the coming >>> months/years. >>> >>> But this seems like a point of contention between different OS >>> licenses that might become divisive for certain causes. > > > yea i totally agree, on one hand i can imagine that MySQL AB has to > please the GPL camp and on the other they have to make money for a > product that they are devloping. From my perspective it looks like > using a BSD or MIT style liscense may work out better for them...but > that obviously would not work for historical reasons. MySQL wants people to buy their proprietary licenses. If they gave away BSD/MIT licenses for MySQL, presumably they wouldn't be able to sell it nearly as well because there would no longer be a legal need to do so. -bob From mspitzer Sat Feb 5 09:28:07 2005 From: mspitzer (Marc Spitzer) Date: Sat, 5 Feb 2005 09:28:07 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <20050205055856.GA32521@finn.nomadlogic.org> References: <20050205055856.GA32521@finn.nomadlogic.org> Message-ID: <8c50a3c305020506282a3d95dc@mail.gmail.com> On Sat, 5 Feb 2005 00:58:57 -0500, Pete Wright wrote: > On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: > > > > > > > > > > I'm no license expert. But I plan to be one in the coming > > > months/years. > > > > > > But this seems like a point of contention between different OS > > > licenses that might become divisive for certain causes. > > yea i totally agree, on one hand i can imagine that MySQL AB has to > please the GPL camp and on the other they have to make money for a > product that they are devloping. From my perspective it looks like > using a BSD or MIT style liscense may work out better for them...but > that obviously would not work for historical reasons. BSD/MIT would be worse than useless to them. You are looking at this form a tech POV and this is a business question. The dual license with the gpl gives them a stick to beat up the user base with for money. Think about it you have a business that uses mysql and get a letter from them about licencing compliance that says under the terms of the licence you currently have you need to make all your code down loadable on the web as an open source project, unless you give us money for a different license. BSD/MIT do not allow you to have such a club and GPL does. > > in the end tho, despite this apparent miscommunication, it seems like > MySQL may be doing a good thing by allowing the use of the clustering > tech. freely for people who do not re-distribute thier product...altho > i'm not sure why one would limit it to only GPL apps and not all OSL > certified lisc. Because GPL is designed to strip the developer/corporation of there property rights. And many of the OSL licences do not do this, to my knowledge none do it to the degree that the GPL does. marc > > -p > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From jpb Sat Feb 5 07:32:08 2005 From: jpb (Jim Brown) Date: Sat, 5 Feb 2005 12:32:08 +0000 Subject: [nycbug-talk] httpsd In-Reply-To: <20050204094915.GA11959@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> Message-ID: <20050205123208.GA16758@sixshooter.v6.thrupoint.net> * Pete Wright [2005-02-04 04:51]: > seems like apache is a popular topic lately... > so i've recently moved a mail server running: > > postfix+courier-imap+http-ssl+squirellmail+debian > > to 5.3-RELEASE. > > the migration was pretty painless and i'm trucking > away and having a blast...altho one thing that has > been bothering me is the performance of squirellmail > I'm noticing long load times for pages that were > quite quick one the debian install (for example loading > my inbox is taking several seconds to load while it > much quicker before the migration). the network > is the same, and reqular imap connections are as > quick as can be...so i'm thinking that it might > be an issue with the apache/php install. > > so what do the folks do here to tune php/httpsd > installs. while we discuss amoungst ourselves > i'll see if i can hack up a little benchmark script. > > -p > > Anytime I see long load or access times, I immediately suspect some DNS problem. Some things to check: - hosts file, bind search order (in /etc/host.conf on FreeBSD. Other BSDs differ.) - ::1 localhost before 127.0.0.1 in hosts file. - domainname or search statements in /etc/resolv.conf - your IP is reverse resolvable (check with dig -x) If you run DNS locally, check your named.conf and local zone files. Check for lame delegations up or down the tree. Restart the nameserver. Check if your resolver routines are attempting to resolve DNS AAAA records before AA records. The AAAA records will time out, unless your DNS server supports IPv6 and you actually have a AAAA record. Of course, you problem may have nothing to do with DNS, in which case you can ignore all of the above :-) Best Regards, Jim B. From pete Sat Feb 5 14:56:31 2005 From: pete (Pete Wright) Date: Sat, 5 Feb 2005 14:56:31 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050205123208.GA16758@sixshooter.v6.thrupoint.net> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> Message-ID: <20050205195631.GA41413@finn.nomadlogic.org> On Sat, Feb 05, 2005 at 12:32:08PM +0000, Jim Brown wrote: > * Pete Wright [2005-02-04 04:51]: > > seems like apache is a popular topic lately... > > so i've recently moved a mail server running: > > > > postfix+courier-imap+http-ssl+squirellmail+debian > > > > to 5.3-RELEASE. > > > > the migration was pretty painless and i'm trucking > > away and having a blast...altho one thing that has > > been bothering me is the performance of squirellmail > > I'm noticing long load times for pages that were > > quite quick one the debian install (for example loading > > my inbox is taking several seconds to load while it > > much quicker before the migration). the network > > is the same, and reqular imap connections are as > > quick as can be...so i'm thinking that it might > > be an issue with the apache/php install. > > > > so what do the folks do here to tune php/httpsd > > installs. while we discuss amoungst ourselves > > i'll see if i can hack up a little benchmark script. > > > > -p > > > > > > > Anytime I see long load or access times, I immediately > suspect some DNS problem. > it's not a DNS issue, no other network issues are slow, and httpd runs fine...loading even heavier pages. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Sat Feb 5 15:07:03 2005 From: pete (Pete Wright) Date: Sat, 5 Feb 2005 15:07:03 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <8c50a3c305020506282a3d95dc@mail.gmail.com> References: <20050205055856.GA32521@finn.nomadlogic.org> <8c50a3c305020506282a3d95dc@mail.gmail.com> Message-ID: <20050205200703.GB41413@finn.nomadlogic.org> On Sat, Feb 05, 2005 at 09:28:07AM -0500, Marc Spitzer wrote: > On Sat, 5 Feb 2005 00:58:57 -0500, Pete Wright wrote: > > On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: > > > > > > > > > > > > > > I'm no license expert. But I plan to be one in the coming > > > > months/years. > > > > > > > > But this seems like a point of contention between different OS > > > > licenses that might become divisive for certain causes. > > > > yea i totally agree, on one hand i can imagine that MySQL AB has to > > please the GPL camp and on the other they have to make money for a > > product that they are devloping. From my perspective it looks like > > using a BSD or MIT style liscense may work out better for them...but > > that obviously would not work for historical reasons. > > BSD/MIT would be worse than useless to them. You are looking at this > form a tech POV and this is a business question. The dual license > with the gpl gives them a stick to beat up the user base with for > money. Think about it you have a business that uses mysql and get a > letter from them about licencing compliance that says under the terms > of the licence you currently have you need to make all your code down > loadable on the web as an open source project, unless you give us > money for a different license. BSD/MIT do not allow you to have such > a club and GPL does. > i see both you and bob's point here...i was thinking (perhaps incorrectly) that by using a BSD style lisc. they would not be forced to redistribute code they did not want to. thus allowing them to build new features into thier product w/o having to release those changes back to the public: i.e. they could intergrate the cluster technology into the mysql codebase w/o having to worry about giving that IP away. anyway i'm confused, and don't really want to beat this topic...maybe if i catch you guy's later in IRC i can make better sense out of the situation. -p ~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From mspitzer Sat Feb 5 15:33:23 2005 From: mspitzer (Marc Spitzer) Date: Sat, 5 Feb 2005 15:33:23 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <20050205200703.GB41413@finn.nomadlogic.org> References: <20050205055856.GA32521@finn.nomadlogic.org> <8c50a3c305020506282a3d95dc@mail.gmail.com> <20050205200703.GB41413@finn.nomadlogic.org> Message-ID: <8c50a3c3050205123370365388@mail.gmail.com> On Sat, 5 Feb 2005 15:07:03 -0500, Pete Wright wrote: > > i see both you and bob's point here...i was thinking (perhaps incorrectly) > that by using a BSD style lisc. they would not be forced to redistribute > code they did not want to. thus allowing them to build new features into > thier product w/o having to release those changes back to the public: i.e. > they could intergrate the cluster technology into the mysql codebase w/o > having to worry about giving that IP away. anyway i'm confused, and don't > really want to beat this topic...maybe if i catch you guy's later > in IRC i can make better sense out of the situation. > As the copy right owners there is absolutely nothing preventing them from not releasing anything they write for mysql, you only get hit wit the viral clause in derived works not original works. If they were required to release their code they could not sell a commercial licenced version as that would violate the gpl. And they have given there IP away, they do not do anything new after all, where they make there money is in giving you the option of not being forced to give your IP away, according to the terms of their free licence, by upgrading to a commercial licence. Or you could just move to postgres and not deal with all this crap. Hell even Computer Associates has a better free licence then mysql and you get informix as the database. marc From matt Sat Feb 5 18:04:50 2005 From: matt (Matthew Terenzio) Date: Sat, 5 Feb 2005 18:04:50 -0500 Subject: [nycbug-talk] failed port install Message-ID: Is there an easy way to back out of a port install gone bad. During a PHP install I was prompted for a few parameters and accidentally chose Apache 2 instead of 1.3 make deinstall doesn't work because the installation didn't happen and running make install again fails, and I don't get prompted again. Or reconfigure --with-apxs I didn't see any mention of this in The Handbook -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 510 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050205/d03ece13/attachment.bin From scottro Sat Feb 5 18:09:53 2005 From: scottro (Scott) Date: Sat, 5 Feb 2005 18:09:53 -0500 Subject: [nycbug-talk] failed port install In-Reply-To: References: Message-ID: <20050205230953.GB89225@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, Feb 05, 2005 at 06:04:50PM -0500, Matthew Terenzio wrote: > Is there an easy way to back out of a port install gone bad. > > During a PHP install I was prompted for a few parameters and > accidentally chose Apache 2 instead of 1.3 > > make deinstall doesn't work because the installation didn't happen > > and running make install again fails, and I don't get prompted again. > > Or reconfigure --with-apxs > > I didn't see any mention of this in The Handbook Which php, /lang/php4? If so, then just do make config (in the port directory) and it should give you the option to use Apache2. HTH. - - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Buffy: You're a vampire. Oh, I'm sorry. Was that an offensive term? Should I say undead American? - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCBVIW+lTVdes0Z9YRAmbgAJ4tsHDMA5kdztjgsRzRYuzmZMCDtwCgsU3x UvBcEA/ONh7dKJnMUt1X3Kk= =hFlM - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCBVJB+lTVdes0Z9YRAjGRAKCm/0ZuYmfrtdoYE/xmqX9FE4VkNgCeOMhl x4/RFQ80o2o45dmJ2Qv/l0w= =APZg -----END PGP SIGNATURE----- From mspitzer Sat Feb 5 18:43:55 2005 From: mspitzer (Marc Spitzer) Date: Sat, 5 Feb 2005 18:43:55 -0500 Subject: [nycbug-talk] failed port install In-Reply-To: References: Message-ID: <8c50a3c305020515437b19bc4f@mail.gmail.com> On Sat, 5 Feb 2005 18:04:50 -0500, Matthew Terenzio wrote: > Is there an easy way to back out of a port install gone bad. > > During a PHP install I was prompted for a few parameters and > accidentally chose Apache 2 instead of 1.3 > first you have portupgrade installed right? If not please install it. > make deinstall doesn't work because the installation didn't happen > and running make install again fails, and I don't get prompted again. > Or reconfigure --with-apxs try doing a make clean or make distclean(I think), there is a very nice man page also on ports. if worse come to worse you can delete /var/pkg/db/, /usr/X11R6/ and /usr/local/ and start from scrach. If you have upgraded perl and setup a link into the base system then you will need to fix that before the clean up. Before you do that though it might be wise to try a make deinstall on every package that showed up on the make clean, in the reverse order that they showed up and then try again. To figure out how to take good notes 'man script'. Also please be aware that some packages you may try to delete have other things that depend on them. marc > > I didn't see any mention of this in The Handbook I am sure that it says some where, pay attention to what you are doing and don't screw it up. But I could be wrong, actually I hope I am. marc From george Sun Feb 6 10:17:47 2005 From: george (G. Rosamond) Date: Sun, 6 Feb 2005 10:17:47 -0500 Subject: [nycbug-talk] A stat. . . . Message-ID: <95d1e382dd998565cec12f849b62d432@sddi.net> From our www site stats. . . Top 30 of 70 Total Countries # Hits Files KBytes Country 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet (arpa) From jpb Sun Feb 6 06:06:55 2005 From: jpb (Jim Brown) Date: Sun, 6 Feb 2005 11:06:55 +0000 Subject: [nycbug-talk] failed port install In-Reply-To: References: Message-ID: <20050206110655.GA25208@sixshooter.v6.thrupoint.net> * Matthew Terenzio [2005-02-05 18:04]: > Is there an easy way to back out of a port install gone bad. > > During a PHP install I was prompted for a few parameters and > accidentally chose Apache 2 instead of 1.3 > > make deinstall doesn't work because the installation didn't happen > > and running make install again fails, and I don't get prompted again. > > Or reconfigure --with-apxs > > I didn't see any mention of this in The Handbook > Yeah, this is usually ugly. The problem is that ports load and install other ports- which is usually what you want. In this case, you want to find the dependencies and trim only what you don't want. Here's what I've done- If you've completed the install and the port has been registered, run pkg_info -L pkgname This shows a list of all files related to the package. Next, run pkg_info -r pkgname This shows a list of other packages required by this package. If you still suspect that you're not getting everything, or you want to super-cautious, go to the work directory for the top level product (PHP in your case), and remove the .build_done and .install_done files. Then cd up to the main port directory, and start a script session. Rerun the make and make install. When all is done, exit from the script session, and your typescript file will have a record of all actions performed during the make install. Armed with all this information delete just the files you think apply to apache2. Or, delete it all, and start over. Good luck! Best Regards, Jim B. From jesse Sun Feb 6 15:22:32 2005 From: jesse (Jesse Callaway) Date: Sun, 6 Feb 2005 15:22:32 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <95d1e382dd998565cec12f849b62d432@sddi.net> References: <95d1e382dd998565cec12f849b62d432@sddi.net> Message-ID: <20050206202232.GB22475@mail.theholymountain.com> On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: > > From our www site stats. . . > > Top 30 of 70 Total Countries > # Hits Files KBytes Country > 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet > (arpa) Who has these addresses, where are they now? Does this mean Xerox, and Bell Labs, etc? DOD? -jesse From pete Sun Feb 6 15:50:59 2005 From: pete (Pete Wright) Date: Sun, 6 Feb 2005 15:50:59 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <20050206202232.GB22475@mail.theholymountain.com> References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> Message-ID: <20050206205059.GH41413@finn.nomadlogic.org> On Sun, Feb 06, 2005 at 03:22:32PM -0500, Jesse Callaway wrote: > On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: > > > > From our www site stats. . . > > > > Top 30 of 70 Total Countries > > # Hits Files KBytes Country > > 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet > > (arpa) > > > Who has these addresses, where are they now? Does this mean Xerox, and Bell Labs, etc? DOD? opps that was me. i was messing around on the W.O.P.R. looking for a nice game of tic-tak-to and got bored ;p -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From lists Sun Feb 6 16:08:02 2005 From: lists (lists at genoverly.net) Date: Sun, 6 Feb 2005 22:08:02 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_A_stat=2E_=2E__=2E_=2E?= Message-ID: <0MKyxe-1CxtfO3gce-0006LK@mrelay.perfora.net> > opps that was me. i was messing around on the W.O.P.R. looking for a nice game of tic-tak-to > and got bored ;p > > -pete > can you change my grades next time you are in there? From pete Sun Feb 6 16:34:45 2005 From: pete (Pete Wright) Date: Sun, 6 Feb 2005 16:34:45 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <0MKyxe-1CxtfO3gce-0006LK@mrelay.perfora.net> References: <0MKyxe-1CxtfO3gce-0006LK@mrelay.perfora.net> Message-ID: <20050206213445.GI41413@finn.nomadlogic.org> On Sun, Feb 06, 2005 at 10:08:02PM +0100, lists at genoverly.net wrote: > > > opps that was me. i was messing around on the W.O.P.R. looking for a nice game of tic-tak-to > > and got bored ;p > > > > -pete > > > > can you change my grades next time you are in there? i already did, and booked a flight to paris for the whole bug. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From chsnyder Sun Feb 6 18:43:12 2005 From: chsnyder (csnyder) Date: Sun, 6 Feb 2005 18:43:12 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050205195631.GA41413@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> Message-ID: On Sat, 5 Feb 2005 14:56:31 -0500, Pete Wright wrote: > On Sat, Feb 05, 2005 at 12:32:08PM +0000, Jim Brown wrote: > > * Pete Wright [2005-02-04 04:51]: > > > seems like apache is a popular topic lately... > > > so i've recently moved a mail server running: > > > > > > postfix+courier-imap+http-ssl+squirellmail+debian > > > > > > to 5.3-RELEASE. > > > > > > the migration was pretty painless and i'm trucking > > > away and having a blast...altho one thing that has > > > been bothering me is the performance of squirellmail > > > I'm noticing long load times for pages that were > > > quite quick one the debian install (for example loading > > > my inbox is taking several seconds to load while it > > > much quicker before the migration). the network > > > is the same, and reqular imap connections are as > > > quick as can be...so i'm thinking that it might > > > be an issue with the apache/php install. > > > > > > so what do the folks do here to tune php/httpsd > > > installs. while we discuss amoungst ourselves > > > i'll see if i can hack up a little benchmark script. > > > > > > -p > > > > > > > > > > > > Anytime I see long load or access times, I immediately > > suspect some DNS problem. > > > > it's not a DNS issue, no other network issues are slow, and > httpd runs fine...loading even heavier pages. > > -p > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > It's a longshot but worth a try -- could this be an entropy-gathering problem? Is Squirrelmail or PHP looking to /dev/random for some reason? -- Chris Snyder http://chxo.com/ From george Sun Feb 6 22:14:07 2005 From: george (G. Rosamond) Date: Sun, 6 Feb 2005 22:14:07 -0500 Subject: [nycbug-talk] Shmoocon device. . . Message-ID: <57730877c1bececf73921e7ee178ea19@sddi.net> Here's one device that I'm ordering *now*. . . Found out about it from someone at Shmoocon. Detects all wireless networks, whether or not they broadcast their SSID, details encryption method, signal strength. . . pretty useful, particularly in Manhattan for those who wander between clients. https://www.canarywireless.com/shop/shopdisplayproducts.asp? id=1&cat=Wi%2DFi+Detectors George From lists Mon Feb 7 09:38:59 2005 From: lists (michael) Date: Mon, 7 Feb 2005 09:38:59 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <57730877c1bececf73921e7ee178ea19@sddi.net> References: <57730877c1bececf73921e7ee178ea19@sddi.net> Message-ID: <20050207093859.4100881f@delinux.abwatley.com> On Sun, 6 Feb 2005 22:14:07 -0500 "G. Rosamond" wrote: > https://www.canarywireless.com/shop/shopdisplayproducts.asp? > id=1&cat=Wi%2DFi+Detectors See if you can get volume discount. I'm in. -- --- From george Mon Feb 7 09:49:18 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 09:49:18 -0500 Subject: [nycbug-talk] Tor. . . Message-ID: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> This is a project that is in the FreeBSD ports. . . security/tor. . . From pkg-descr: Tor: an anonymizing overlay network for TCP Tor is a connection-based low-latency anonymous communication system which addresses many flaws in the original onion routing design. Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. Remember that this is development code -- DON'T RELY ON THE CURRENT TOR NETWORK FOR ANONYMITY! WWW: http://tor.eff.org/ - rik The developers spoke at Shmoocon. . . seems like an awesome project. . . George From george Mon Feb 7 09:51:01 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 09:51:01 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207093859.4100881f@delinux.abwatley.com> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> Message-ID: On Feb 7, 2005, at 9:38 AM, michael wrote: > On Sun, 6 Feb 2005 22:14:07 -0500 > "G. Rosamond" wrote: > > >> https://www.canarywireless.com/shop/shopdisplayproducts.asp? >> id=1&cat=Wi%2DFi+Detectors > > See if you can get volume discount. I'm in. > First, the device is on backorder. . . second, I doubt we're ordering enough, as I think the minimum is 25. . . And already ordered mine. . . should be in either later in the month or early March. . . beware! George From marco Mon Feb 7 09:51:55 2005 From: marco (marco at metm.org) Date: Mon, 7 Feb 2005 09:51:55 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207093859.4100881f@delinux.abwatley.com> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> Message-ID: <20050207145155.GR17083@metm.org> On Sun, 6 Feb 2005 22:14:07 -0500 "G. Rosamond" wrote: > > https://www.canarywireless.com/shop/shopdisplayproducts.asp? > id=1&cat=Wi%2DFi+Detectors > Can you sum up what this device can do that kismet/mac can't ? -- Marco From george Mon Feb 7 09:53:29 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 09:53:29 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207145155.GR17083@metm.org> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> Message-ID: On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: > On Sun, 6 Feb 2005 22:14:07 -0500 "G. Rosamond" > wrote: >> >> https://www.canarywireless.com/shop/shopdisplayproducts.asp? >> id=1&cat=Wi%2DFi+Detectors >> > Can you sum up what this device can do that kismet/mac can't ? > Fit in your hand. It's the size of the standard Verizon caller ID boxes. . . but a little thinner. George From jschauma Mon Feb 7 10:01:52 2005 From: jschauma (Jan Schaumann) Date: Mon, 7 Feb 2005 10:01:52 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> Message-ID: <20050207150152.GG19653@netmeister.org> "G. Rosamond" wrote: > This is a project that is in the FreeBSD ports. . . security/tor. . . > WWW: http://tor.eff.org/ You may remember this pacakge from my talks last week, too. (That is, _if_ you paid attention ;-) I first saw Tor at the Usenix Security Symposium last Summer, where the developers presented it. (After the presentation, tor was in pkgsrc. :) It recently moved to the EFF site, since EFF became a sponsor of tor. -Jan -- DON'T PANIC! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050207/838350fd/attachment.bin From george Mon Feb 7 10:10:07 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 10:10:07 -0500 Subject: [nycbug-talk] BSDCan Message-ID: BSDCan is only a few months away. . . It would be great to have some color brochures at our new few meetings until the conference. There's a brochure link here: http://www.bsdcan.org/2005/help.php We should also have the brochure online, if it isn't already. . . From those who attended last year, anyone interested in being the central conduit for information on it. It would be nice to have someone who knows who's going from NYC, assistance with transportation, etc. EMail me offline if interested.. . George From dan Mon Feb 7 10:30:11 2005 From: dan (Dan Langille) Date: Mon, 07 Feb 2005 10:30:11 -0500 Subject: [nycbug-talk] BSDCan In-Reply-To: Message-ID: <42074333.17099.6A2ACC27@localhost> On 7 Feb 2005 at 10:10, G. Rosamond wrote: > BSDCan is only a few months away. . . > > > It would be great to have some color brochures at our new few meetings > until the conference. There's a brochure link here: > http://www.bsdcan.org/2005/help.php The list of papers will be ready by the 19th. I'll look at upgrading the brochure by then. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From gb.nycbug.org Mon Feb 7 10:36:46 2005 From: gb.nycbug.org (George Bourozikas) Date: Mon, 7 Feb 2005 10:36:46 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207150152.GG19653@netmeister.org> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <20050207150152.GG19653@netmeister.org> Message-ID: <200502071036.46771.gb.nycbug.org@olivesandhoney.com> I've been using Tor+Privoxy for a couple of weeks (on a linux system, but it's more or less OS-agnostic) and I've been loving it. Great idea and pretty fast for what it does, too! --george From george Mon Feb 7 10:52:41 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 10:52:41 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207150152.GG19653@netmeister.org> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <20050207150152.GG19653@netmeister.org> Message-ID: <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> On Feb 7, 2005, at 10:01 AM, Jan Schaumann wrote: > "G. Rosamond" wrote: >> This is a project that is in the FreeBSD ports. . . security/tor. . . > >> WWW: http://tor.eff.org/ > > You may remember this pacakge from my talks last week, too. (That is, > _if_ you paid attention ;-) I only had 4 calls from clients during your meeting. . . blah. But yes, it was your example pkg, I do remember that. . . > > I first saw Tor at the Usenix Security Symposium last Summer, where the > developers presented it. (After the presentation, tor was in pkgsrc. > :) Nice. . . > > It recently moved to the EFF site, since EFF became a sponsor of tor. > Previously funded by the US Navy. . . what irony. . . I have one of the developer's emails. They are located in Boston. . . maybe we could get them for a meeting at some point. . . George From marco Mon Feb 7 10:54:02 2005 From: marco (Marco Scoffier) Date: Mon, 7 Feb 2005 10:54:02 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> Message-ID: <20050207155401.GT17083@metm.org> On Mon, Feb 07, 2005 at 09:53:29AM -0500, G. Rosamond wrote: > >On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: >>Can you sum up what this device can do that kismet/mac can't ? >> >Fit in your hand. > >It's the size of the standard Verizon caller ID boxes. . . but a little >thinner. > Ok. Sorry for being an idiot, but if I want to connect my laptop to a wireless net, I can run kismet to find networks, presumably my laptop will already be in my bag ... why do I want another heavier than software device ? >George From bob Mon Feb 7 11:04:11 2005 From: bob (Bob Ippolito) Date: Mon, 7 Feb 2005 11:04:11 -0500 Subject: [nycbug-talk] Homegraph URL spoofing exploit for browsers Message-ID: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> http://www.shmoo.com/idn/ http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html Browsers that support IDN (unicode domain names) are easily susceptible to spoofing attacks because there are many code points that look the same. Their specific example uses а (CYRILLIC SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER A) in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL LETTER A}ypal.com' and have a browser-trusted cert for it. -bob From bob Mon Feb 7 11:09:50 2005 From: bob (Bob Ippolito) Date: Mon, 7 Feb 2005 11:09:50 -0500 Subject: [nycbug-talk] Homeograph URL spoofing exploit for browsers In-Reply-To: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> References: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> Message-ID: <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> On Feb 7, 2005, at 11:04, Bob Ippolito wrote: > http://www.shmoo.com/idn/ > http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html > > Browsers that support IDN (unicode domain names) are easily > susceptible to spoofing attacks because there are many code points > that look the same. Their specific example uses а (CYRILLIC > SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER A) > in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL LETTER > A}ypal.com' and have a browser-trusted cert for it. (that title was supposed to be homeograph -- my typing skills have apparently left me) -bob From tux Mon Feb 7 11:05:22 2005 From: tux (Kevin Reiter) Date: Mon, 7 Feb 2005 11:05:22 -0500 Subject: [nycbug-talk] Tor. . . References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net><20050207150152.GG19653@netmeister.org> <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> Message-ID: <000301c50d30$46f882d0$6400a8c0@olympus> : I have one of the developer's emails. They are located in Boston. . . : maybe we could get them for a meeting at some point. . . I spoke to both of them about that during dinner on Saturday, and they seemed interested. I'll be contacting them later in the week to discuss a few things, and I'll extend the official invite to them if nobody has any objections.. -Kev From lists Mon Feb 7 11:23:36 2005 From: lists (michael) Date: Mon, 7 Feb 2005 11:23:36 -0500 Subject: [nycbug-talk] BSDCan In-Reply-To: <42074333.17099.6A2ACC27@localhost> References: <42074333.17099.6A2ACC27@localhost> Message-ID: <20050207112336.77f4d2c3@delinux.abwatley.com> On Mon, 07 Feb 2005 10:30:11 -0500 "Dan Langille" wrote: > The list of papers will be ready by the 19th. I'll look at upgrading > the brochure by then. ..and I'll do NYCBUG.org shortly after that.. -- --- From tillman Mon Feb 7 12:09:02 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:09:02 -0600 Subject: [nycbug-talk] Tor. . . In-Reply-To: <200502071036.46771.gb.nycbug.org@olivesandhoney.com> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <20050207150152.GG19653@netmeister.org> <200502071036.46771.gb.nycbug.org@olivesandhoney.com> Message-ID: <20050207170902.GC9678@seekingfire.com> On Mon, Feb 07, 2005 at 10:36:46AM -0500, George Bourozikas wrote: > I've been using Tor+Privoxy for a couple of weeks (on a linux system, but > it's more or less OS-agnostic) and I've been loving it. Great idea and > pretty fast for what it does, too! I've been using it on FreeBSD -current (on i386) for a while now too, and it does indeed rock :-) One annoyance is that the config file format changed. When I portugprade'd it it make no mention of that via pkg-message, so I had a dead proxy for a few days until I noticed it (I only use tor sporadically, the slowness is enough to make me prefer a direct connection most of the time). It was hilarious the first time I surfed to Google with Tor -- the code that detects country of original based on IP address (from Akamai, I suspect) assumed I was in Germany and presented Google to me in German. Good fun :-) -T -- Page 2: Unix today is nothing less than a worldwide culture, comprising many tools, ideas and customs. - Harley Hahn, _The Unix Companion_ From tillman Mon Feb 7 12:18:06 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:18:06 -0600 Subject: [nycbug-talk] BSDCan In-Reply-To: <20050207112336.77f4d2c3@delinux.abwatley.com> References: <42074333.17099.6A2ACC27@localhost> <20050207112336.77f4d2c3@delinux.abwatley.com> Message-ID: <20050207171806.GD9678@seekingfire.com> On Mon, Feb 07, 2005 at 11:23:36AM -0500, michael wrote: > On Mon, 07 Feb 2005 10:30:11 -0500 > "Dan Langille" wrote: > > > The list of papers will be ready by the 19th. I'll look at upgrading > > the brochure by then. > > ..and I'll do NYCBUG.org shortly after that.. I spoke with the webmaster of www.losurs.org, the local open source group in Regina (with 574 members at last count) and he'll get something promoting BSDCan up soon. I'll also add the brochure and promote it from my personal domain which gets about 2000 unique visitors a month, mostly referrals from search engines for folks looking for Unixy and open source stuff. -T -- Enlightenment is: do what you want, eat what there is Jack Kerouac From bruno Mon Feb 7 12:41:15 2005 From: bruno (bruno) Date: Mon, 7 Feb 2005 12:41:15 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <20050206202232.GB22475@mail.theholymountain.com> References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> Message-ID: <20050207174115.GA10460@loftmail.com> On Sun, Feb 06, 2005 at 03:22:32PM -0500, Jesse Callaway wrote: > On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: > > > > From our www site stats. . . > > > > Top 30 of 70 Total Countries > > # Hits Files KBytes Country > > 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet > > (arpa) > > > Who has these addresses, where are they now? Does this mean Xerox, > and Bell Labs, etc? DOD? These domains are used only for Internet infrastructure. From gb.nycbug.org Mon Feb 7 12:24:28 2005 From: gb.nycbug.org (George Bourozikas) Date: Mon, 7 Feb 2005 12:24:28 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207170902.GC9678@seekingfire.com> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <200502071036.46771.gb.nycbug.org@olivesandhoney.com> <20050207170902.GC9678@seekingfire.com> Message-ID: <200502071224.28637.gb.nycbug.org@olivesandhoney.com> On Monday 07 February 2005 12:09, Tillman Hodgson wrote: [...] > It was hilarious the first time I surfed to Google with Tor -- the code > that detects country of original based on IP address (from Akamai, I > suspect) assumed I was in Germany and presented Google to me in German. > Good fun :-) > > -T That can be funnier than you think. When I first went to google it sent me to google.gr, which had me wondering (briefly) how it figured out that I am greek... --george From george Mon Feb 7 12:24:45 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 12:24:45 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <20050207174115.GA10460@loftmail.com> References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> <20050207174115.GA10460@loftmail.com> Message-ID: On Feb 7, 2005, at 12:41 PM, bruno wrote: > On Sun, Feb 06, 2005 at 03:22:32PM -0500, Jesse Callaway wrote: >> On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: >>> >>> From our www site stats. . . >>> >>> Top 30 of 70 Total Countries >>> # Hits Files KBytes Country >>> 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet >>> (arpa) >> >> >> Who has these addresses, where are they now? Does this mean Xerox, >> and Bell Labs, etc? DOD? > > These domains are used only for Internet infrastructure. > Okay, okay. . . I'll now burst the bubble.. . Hans says that they are for nonresolvable addresses.. . Although there is already an entry for that. . . Maybe it's tor users. . . g From tillman Mon Feb 7 12:29:40 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:29:40 -0600 Subject: [nycbug-talk] A stat. . . . In-Reply-To: References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> <20050207174115.GA10460@loftmail.com> Message-ID: <20050207172940.GE9678@seekingfire.com> On Mon, Feb 07, 2005 at 12:24:45PM -0500, G. Rosamond wrote: > Hans says that they are for nonresolvable addresses.. . > > Although there is already an entry for that. . . > > Maybe it's tor users. . . Tor users should appear as real, pubically-visible, IP addresses. Just not the IPs one might normally expect ;-) I put a page up at http://www.seekingfire.com/projects/tor/ that tells me what IP I'm comign from. I use it to test the Tor stuff before venturing out into the "wild". Other folks are welcome to use it when testing Tor stuff as well. -T -- "The truth of a proposition has nothing to do with its credibility. And vice versa." -- Robert Heinlein From alex Mon Feb 7 12:20:40 2005 From: alex (alex at pilosoft.com) Date: Mon, 7 Feb 2005 12:20:40 -0500 (EST) Subject: [nycbug-talk] A stat. . . . In-Reply-To: Message-ID: On Mon, 7 Feb 2005, G. Rosamond wrote: > Okay, okay. . . I'll now burst the bubble.. . > > Hans says that they are for nonresolvable addresses.. . > > Although there is already an entry for that. . . > > Maybe it's tor users. . . No. Its for stupid people who misconfigure their PTR zone and are missing the dot after the PTR record. Correct: (assuming you are in 10.1.2 zone) 99 PTR host99.example.com. Incorrect: 99 PTR host99.example.com The latter will result in the following PTR record: host99.example.com.2.1.10.in-addr.arpa. Hence, .arpa TLD. (think about it and you'll understand why) -alex From bruno Mon Feb 7 12:49:07 2005 From: bruno (bruno) Date: Mon, 7 Feb 2005 12:49:07 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207155401.GT17083@metm.org> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> <20050207155401.GT17083@metm.org> Message-ID: <20050207174907.GB10460@loftmail.com> On Mon, Feb 07, 2005 at 10:54:02AM -0500, Marco Scoffier wrote: > On Mon, Feb 07, 2005 at 09:53:29AM -0500, G. Rosamond wrote: > > > >On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: > >>Can you sum up what this device can do that kismet/mac can't ? > >> > >Fit in your hand. > > > >It's the size of the standard Verizon caller ID boxes. . . but a little > >thinner. > > > > Ok. Sorry for being an idiot, but if I want to connect my laptop to a > wireless net, I can run kismet to find networks, presumably my laptop > will already be in my bag ... > > why do I want another heavier than software device ? Sometimes it is harder to find an open AP. It might take a number of blocks, or minutes, until there is one available (open and signal is strong enough). In cases like this, it is easier to walk around with a little hand held device than an open laptop. It is also less suspicious (just in case), and saves laptop battery. It depends on your needs, if you don't need to read email or do things many times a day using wireless, then it probably makes less sense to get one. From tillman Mon Feb 7 12:30:19 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:30:19 -0600 Subject: [nycbug-talk] Tor. . . In-Reply-To: <200502071224.28637.gb.nycbug.org@olivesandhoney.com> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <200502071036.46771.gb.nycbug.org@olivesandhoney.com> <20050207170902.GC9678@seekingfire.com> <200502071224.28637.gb.nycbug.org@olivesandhoney.com> Message-ID: <20050207173019.GF9678@seekingfire.com> On Mon, Feb 07, 2005 at 12:24:28PM -0500, George Bourozikas wrote: > On Monday 07 February 2005 12:09, Tillman Hodgson wrote: > [...] > > It was hilarious the first time I surfed to Google with Tor -- the code > > that detects country of original based on IP address (from Akamai, I > > suspect) assumed I was in Germany and presented Google to me in German. > > Good fun :-) > > That can be funnier than you think. When I first went to google it sent me > to google.gr, which had me wondering (briefly) how it figured out that I > am greek... Google knows All. Time for a tinfoil hat, they're on to us! ;-) -T -- I discovered the secret of the sea in meditation upon the dewdrop. Kahlil Gibran From jesse Mon Feb 7 12:33:19 2005 From: jesse (Jesse Callaway) Date: Mon, 7 Feb 2005 12:33:19 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <000301c50d30$46f882d0$6400a8c0@olympus> References: <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> <000301c50d30$46f882d0$6400a8c0@olympus> Message-ID: <20050207173319.GA27973@mail.theholymountain.com> On Mon, Feb 07, 2005 at 11:05:22AM -0500, Kevin Reiter wrote: > : I have one of the developer's emails. They are located in Boston. . . > : maybe we could get them for a meeting at some point. . . > > I spoke to both of them about that during dinner on Saturday, and they seemed > interested. I'll be contacting them later in the week to discuss a few things, > and I'll extend the official invite to them if nobody has any objections.. > > -Kev That would be excellent. See what they say about this summer. A hands on lab would be great. I'm keeping track of who, what, where, when for events. In fact if anyone has any good ideas for a meeting (lecture or otherwise)please send a note to talk. Who knows, worst case situation they could coach us on baseball. -jesse From pete Mon Feb 7 13:14:11 2005 From: pete (Pete Wright) Date: Mon, 7 Feb 2005 13:14:11 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> Message-ID: <20050207181411.GK41413@finn.nomadlogic.org> On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: > On Sat, 5 Feb 2005 14:56:31 -0500, Pete Wright wrote: > > It's a longshot but worth a try -- could this be an entropy-gathering problem? > Is Squirrelmail or PHP looking to /dev/random for some reason? i changed it to /dev/urandom in the httpsd config file, no noticable improvement. i then read through the php.ini file, and increased this value: output_buffering = 8192 (defaulted to 4096) notied some improvements in loading pages....but it was still slow. then did what i should have done fromt he get go, ran top while loading pages and noticed that impad was maxing out while my INBOX was being loaded. i think this may have to due with my *very* cluttered INBOX. i'll post more info when i have it.... -p > > > -- > Chris Snyder > http://chxo.com/ -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bschonhorst Mon Feb 7 13:43:48 2005 From: bschonhorst (Brad Schonhorst) Date: Mon, 7 Feb 2005 13:43:48 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207174907.GB10460@loftmail.com> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> <20050207155401.GT17083@metm.org> <20050207174907.GB10460@loftmail.com> Message-ID: <8c7625be29a57754c9e8395adb80f970@vcsnyc.org> >> 53:29AM -0500, G. Rosamond wrote: >>> >>> On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: >>>> Can you sum up what this device can do that kismet/mac can't ? >>>> >>> Fit in your hand. >>> >>> It's the size of the standard Verizon caller ID boxes. . . but a >>> little >>> thinner. >>> >> >> Ok. Sorry for being an idiot, but if I want to connect my laptop to a >> wireless net, I can run kismet to find networks, presumably my laptop >> will already be in my bag ... >> >> why do I want another heavier than software device ? > > Sometimes it is harder to find an open AP. It might take a number of > blocks, or minutes, until there is one available (open and signal is > strong enough). In cases like this, it is easier to walk around with a > little hand held device than an open laptop. It is also less suspicious > (just in case), and saves laptop battery. It depends on your needs, if > you don't need to read email or do things many times a day using > wireless, then it probably makes less sense to get one. > I could see myself carrying this when I don't have my laptop or don't actually need a connection. So I'm walking to work, checking out possible locations to sit with a cup of coffee and check email later in the day...WarWalking Also, this would make setting up a wireless network much easier. i hate running around our school with my powerbook in one hand and a tool box in the other. -brad From spork Mon Feb 7 14:04:15 2005 From: spork (Charles Sprickman) Date: Mon, 7 Feb 2005 14:04:15 -0500 (EST) Subject: [nycbug-talk] httpsd In-Reply-To: <20050207181411.GK41413@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> Message-ID: On Mon, 7 Feb 2005, Pete Wright wrote: > notied some improvements in loading pages....but it was still slow. > then did what i should have done fromt he get go, ran top while loading > pages and noticed that impad was maxing out while my INBOX was being > loaded. i think this may have to due with my *very* cluttered INBOX. > i'll post more info when i have it.... Some other quick notes once you get to the root of the problem... Only load up the php extensions you need; you'll save memory which may save you from swap and speed things up. A squirrelmail-only install I run has the following in extensions.ini: extension=gettext.so extension=pcre.so extension=session.so extension=mysql.so extension=zlib.so extension=sockets.so extension=imap.so extension=mhash.so And again, if this apache process is mainly doing squirrelmail you'll get a HUGE boost in zippiness with one of the php accelerators. Zend costs money, but http://www.php-accelerator.co.uk is free and has been working great for me. Very noticeable improvement in squirrelmail with the accel loaded... Charles > > -p > >> >> >> -- >> Chris Snyder >> http://chxo.com/ > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From mspitzer Mon Feb 7 14:09:11 2005 From: mspitzer (Marc Spitzer) Date: Mon, 7 Feb 2005 14:09:11 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050207181411.GK41413@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> Message-ID: <8c50a3c305020711097811bdc4@mail.gmail.com> On Mon, 7 Feb 2005 13:14:11 -0500, Pete Wright wrote: > On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: > notied some improvements in loading pages....but it was still slow. then did > what i should have done fromt he get go, ran top while loading pages and noticed > that impad was maxing out while my INBOX was being loaded. i think this may have > to due with my *very* cluttered INBOX. i'll post more info when i have it.... If you are using a mbox(aka 1 big file) for your local inbox you will have problems, I speak from experience here. The problem is that you need to load and parse your inbox and due to the way UFS works if you change anything, other than an append on the end, you will need to write the new file then delete the old(from imapd POV) and this can use 2x the space of the inbox and be very slow. look into maildir or some other format if you have lots of mail and want imapd to be happy. marc From george Mon Feb 7 13:47:39 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 13:47:39 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207173319.GA27973@mail.theholymountain.com> References: <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> <000301c50d30$46f882d0$6400a8c0@olympus> <20050207173319.GA27973@mail.theholymountain.com> Message-ID: On Feb 7, 2005, at 12:33 PM, Jesse Callaway wrote: > On Mon, Feb 07, 2005 at 11:05:22AM -0500, Kevin Reiter wrote: >> : I have one of the developer's emails. They are located in Boston. >> . . >> : maybe we could get them for a meeting at some point. . . >> >> I spoke to both of them about that during dinner on Saturday, and >> they seemed >> interested. I'll be contacting them later in the week to discuss a >> few things, >> and I'll extend the official invite to them if nobody has any >> objections.. >> >> -Kev > > That would be excellent. See what they say about this summer. A hands > on lab would be great. I'm keeping track of who, what, where, when for > events. In fact if anyone has any good ideas for a meeting (lecture or > otherwise)please send a note to talk. > Who knows, worst case situation they could coach us on baseball. > > -jesse Yes, Jesse's the go-to guy for meeting speakers and topics. I think a tor meeting would be great to get multiple sponsors for. . . It's a great service and tool, from what I picked up, and it's certainly worth advocating for in NYC. If it's been funded by the US Navy and EFF, that does say something. . . (not that I'm sure what ) George From george Mon Feb 7 13:45:39 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 13:45:39 -0500 Subject: [nycbug-talk] Homeograph URL spoofing exploit for browsers In-Reply-To: <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> References: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> Message-ID: On Feb 7, 2005, at 11:09 AM, Bob Ippolito wrote: > On Feb 7, 2005, at 11:04, Bob Ippolito wrote: > >> http://www.shmoo.com/idn/ >> http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html >> >> Browsers that support IDN (unicode domain names) are easily >> susceptible to spoofing attacks because there are many code points >> that look the same. Their specific example uses а (CYRILLIC >> SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER >> A) in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL >> LETTER A}ypal.com' and have a browser-trusted cert for it. > > (that title was supposed to be homeograph -- my typing skills have > apparently left me) > This made a security list I found out about this weekend. . . a lot cleaner than Bugtraq. It's at www.secunia.com. Highly recommended. Anyone else have any feedback on the Secunia list? I find Bugtraq frustrating sometimes for the side comments and banter. George From steve Mon Feb 7 15:17:27 2005 From: steve (steve) Date: Mon, 07 Feb 2005 15:17:27 -0500 Subject: [nycbug-talk] backup from bsd Message-ID: <4207CCD7.2050504@n2sw.com> Hi all, One of my jobs is using Veritas to do all their backups, the issue i have is that veritas does not play nicely with fbsd, they only client they have (that i found) didnt compile properly, and i can not rely on it, that it will backup as required. So does anybody know of a way i can backup multiple servers to a windows box, (say run a bacula server on windows (is it possible?)) and from there veritas will take it to tape. Directly from bsd servers to tape is not an option ( i did try) the ones in command dont want it. thanx Steve Rieger From dan Mon Feb 7 15:23:09 2005 From: dan (Dan Langille) Date: Mon, 07 Feb 2005 15:23:09 -0500 Subject: [nycbug-talk] backup from bsd In-Reply-To: <4207CCD7.2050504@n2sw.com> Message-ID: <420787DD.4069.6B351374@localhost> On 7 Feb 2005 at 15:17, steve wrote: > One of my jobs is using Veritas to do all their backups, the issue i > have is that veritas does not play nicely with fbsd, they only client > they have (that i found) didnt compile properly, and i can not rely on > it, that it will backup as required. So does anybody know of a way i > can backup multiple servers to a windows box, (say run a bacula server > on windows (is it possible?)) and from there veritas will take it to > tape. Directly from bsd servers to tape is not an option ( i did try) > the ones in command dont want it. The Bacula server does not run on Windows (but the bacula client does). Failing that, have bacula run on a BSD box, and backup to a shared mount point on a windows box. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From rick Mon Feb 7 15:35:39 2005 From: rick (Rick Aliwalas) Date: Mon, 7 Feb 2005 15:35:39 -0500 (EST) Subject: [nycbug-talk] backup from bsd In-Reply-To: <4207CCD7.2050504@n2sw.com> References: <4207CCD7.2050504@n2sw.com> Message-ID: On Mon, 7 Feb 2005, steve wrote: > One of my jobs is using Veritas to do all their backups, the issue i have is > that veritas does not play nicely with fbsd, they only client they have (that > i found) didnt compile properly, and i can not rely on it, that it will > backup as required. So does anybody know of a way i can backup multiple > servers to a windows box, (say run a bacula server on windows (is it > possible?)) and from there veritas will take it to tape. Directly from bsd > servers to tape is not an option ( i did try) the ones in command dont want > it. You could use DUMP(8) to remotely back up the BSD machines to a file on a machine already getting backed by w/ Veritas. You could even wrapper w/ ssh. Run this on a unix box that has lots of disk and already gets dumped by Veritas: ssh -n BSDBOX /sbin/dump 0auf - / | dd of=/BIGFS/root.dmp ssh -n BSDBOX /sbin/dump 0auf - /usr | dd of=/BIGFS/usr.dmp ... Of course if you don't have a unix server that gets backed up by Veritas, then it's time to break out the cheese grater and start shaving your head. i.e. write the dump file to the local disk and move the thing to a windoze machine w/ samba or ftp... -rick From pete Mon Feb 7 16:00:24 2005 From: pete (Pete Wright) Date: Mon, 7 Feb 2005 16:00:24 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> Message-ID: <20050207210024.GA63972@finn.nomadlogic.org> On Mon, Feb 07, 2005 at 02:04:15PM -0500, Charles Sprickman wrote: > On Mon, 7 Feb 2005, Pete Wright wrote: > > >notied some improvements in loading pages....but it was still slow. > >then did what i should have done fromt he get go, ran top while loading > >pages and noticed that impad was maxing out while my INBOX was being > >loaded. i think this may have to due with my *very* cluttered INBOX. > >i'll post more info when i have it.... > > Some other quick notes once you get to the root of the problem... > > Only load up the php extensions you need; you'll save memory which may > save you from swap and speed things up. A squirrelmail-only install I run > has the following in extensions.ini: > > extension=gettext.so > extension=pcre.so > extension=session.so > extension=mysql.so > extension=zlib.so > extension=sockets.so > extension=imap.so > extension=mhash.so > > And again, if this apache process is mainly doing squirrelmail you'll get > a HUGE boost in zippiness with one of the php accelerators. Zend costs > money, but http://www.php-accelerator.co.uk is free and has been working > great for me. Very noticeable improvement in squirrelmail with the accel > loaded... > > Charles awesome thanks charles, i'll give that a try. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Mon Feb 7 16:01:34 2005 From: pete (Pete Wright) Date: Mon, 7 Feb 2005 16:01:34 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <8c50a3c305020711097811bdc4@mail.gmail.com> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> Message-ID: <20050207210134.GB63972@finn.nomadlogic.org> On Mon, Feb 07, 2005 at 02:09:11PM -0500, Marc Spitzer wrote: > On Mon, 7 Feb 2005 13:14:11 -0500, Pete Wright wrote: > > On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: > > notied some improvements in loading pages....but it was still slow. then did > > what i should have done fromt he get go, ran top while loading pages and noticed > > that impad was maxing out while my INBOX was being loaded. i think this may have > > to due with my *very* cluttered INBOX. i'll post more info when i have it.... > > If you are using a mbox(aka 1 big file) for your local inbox you will > have problems, I speak from experience here. The problem is that you > need to load and parse your inbox and due to the way UFS works if you > change anything, other than an append on the end, you will need to > write the new file then delete the old(from imapd POV) and this can > use 2x the space of the inbox and be very slow. look into maildir or > some other format if you have lots of mail and want imapd to be happy. fortunately I'm using Maildir, i made that decision a while ago...around the time i migrated away from POP. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From jonathan Mon Feb 7 17:33:27 2005 From: jonathan (Jonathan) Date: Mon, 07 Feb 2005 17:33:27 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050207210134.GB63972@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> <20050207210134.GB63972@finn.nomadlogic.org> Message-ID: <4207ECB7.5010808@kc8onw.net> Pete Wright wrote: > On Mon, Feb 07, 2005 at 02:09:11PM -0500, Marc Spitzer wrote: > >>On Mon, 7 Feb 2005 13:14:11 -0500, Pete Wright wrote: >> >>>On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: >>>notied some improvements in loading pages....but it was still slow. then did >>>what i should have done fromt he get go, ran top while loading pages and noticed >>>that impad was maxing out while my INBOX was being loaded. i think this may have >>>to due with my *very* cluttered INBOX. i'll post more info when i have it.... >> >>If you are using a mbox(aka 1 big file) for your local inbox you will >>have problems, I speak from experience here. The problem is that you >>need to load and parse your inbox and due to the way UFS works if you >>change anything, other than an append on the end, you will need to >>write the new file then delete the old(from imapd POV) and this can >>use 2x the space of the inbox and be very slow. look into maildir or >>some other format if you have lots of mail and want imapd to be happy. > > > fortunately I'm using Maildir, i made that decision a while ago...around > the time i migrated away from POP. > > -p > Just a "Me Too" but I have the same problem. Courier-IMAP will max out for about 10-15 seconds before Squirrelmail even gets the data to start creating the page. This is with a Maildir folder with 11000+ messages in it. My 300 message inbox only takes about 3-4 seconds total. The numbers may be somewhat off as it's been a while since I've actually used my webmail but they should be fairly close. I do have threading enabled which I know increases the workload but even before I enabled threading it was not much faster :P If someone would like a shell account to test things I may be able to provide one, or just tell me what to do on IM. Hope I can help, Jonathan From bob Mon Feb 7 17:56:42 2005 From: bob (Bob Ippolito) Date: Mon, 7 Feb 2005 17:56:42 -0500 Subject: [nycbug-talk] Homeograph URL spoofing exploit for browsers In-Reply-To: References: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> Message-ID: <8a0c90488f8f7b1786cbb6c0edf373b7@redivi.com> On Feb 7, 2005, at 13:45, G. Rosamond wrote: > > On Feb 7, 2005, at 11:09 AM, Bob Ippolito wrote: > >> On Feb 7, 2005, at 11:04, Bob Ippolito wrote: >> >>> http://www.shmoo.com/idn/ >>> http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html >>> >>> Browsers that support IDN (unicode domain names) are easily >>> susceptible to spoofing attacks because there are many code points >>> that look the same. Their specific example uses а (CYRILLIC >>> SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER >>> A) in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL >>> LETTER A}ypal.com' and have a browser-trusted cert for it. >> >> (that title was supposed to be homeograph -- my typing skills have >> apparently left me) >> > > This made a security list I found out about this weekend. . . a lot > cleaner than Bugtraq. It's at www.secunia.com. > > Highly recommended. > > Anyone else have any feedback on the Secunia list? > > I find Bugtraq frustrating sometimes for the side comments and banter. Well, I just heard about it today.. I coded up a Safari defense and did a blog entry about it and the development process: http://bob.pythonmac.org/archives/2005/02/07/idn-spoofing-defense-for- safari/ -bob From mspitzer Mon Feb 7 18:38:55 2005 From: mspitzer (Marc Spitzer) Date: Mon, 7 Feb 2005 18:38:55 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <4207ECB7.5010808@kc8onw.net> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> <20050207210134.GB63972@finn.nomadlogic.org> <4207ECB7.5010808@kc8onw.net> Message-ID: <8c50a3c305020715382a43d580@mail.gmail.com> On Mon, 07 Feb 2005 17:33:27 -0500, Jonathan wrote: > Just a "Me Too" but I have the same problem. Courier-IMAP will max out > for about 10-15 seconds before Squirrelmail even gets the data to start > creating the page. This is with a Maildir folder with 11000+ messages > in it. My 300 message inbox only takes about 3-4 seconds total. The > numbers may be somewhat off as it's been a while since I've actually > used my webmail but they should be fairly close. I do have threading > enabled which I know increases the workload but even before I enabled > threading it was not much faster :P If someone would like a shell > account to test things I may be able to provide one, or just tell me > what to do on IM. > > Hope I can help, > Jonathan here is a thought, if it is not turned on rebuild your kernel with DIRHASH(sp?) turned on. I think it is turned on by default. What it does is store files in a hash instead of a linked list . And this can speed up file access quite a bit for fat directories. marc From jonathan Mon Feb 7 19:58:38 2005 From: jonathan (Jonathan) Date: Mon, 07 Feb 2005 19:58:38 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <8c50a3c305020715382a43d580@mail.gmail.com> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> <20050207210134.GB63972@finn.nomadlogic.org> <4207ECB7.5010808@kc8onw.net> <8c50a3c305020715382a43d580@mail.gmail.com> Message-ID: <42080EBE.1020003@kc8onw.net> Marc Spitzer wrote: > On Mon, 07 Feb 2005 17:33:27 -0500, Jonathan wrote: > > >>Just a "Me Too" but I have the same problem. Courier-IMAP will max out >>for about 10-15 seconds before Squirrelmail even gets the data to start >>creating the page. This is with a Maildir folder with 11000+ messages >>in it. My 300 message inbox only takes about 3-4 seconds total. The >>numbers may be somewhat off as it's been a while since I've actually >>used my webmail but they should be fairly close. I do have threading >>enabled which I know increases the workload but even before I enabled >>threading it was not much faster :P If someone would like a shell >>account to test things I may be able to provide one, or just tell me >>what to do on IM. >> >>Hope I can help, >>Jonathan > > > here is a thought, if it is not turned on rebuild your kernel with > DIRHASH(sp?) turned on. I think it is turned on by default. What > it does is store files in a hash instead of a linked list . And this > can speed up file access quite a bit for fat directories. > > marc DIRHASH is enable by default now so no help there :P server% grep -i dirhash /usr/src/sys/i386/conf/GENERIC options UFS_DIRHASH # Improve performance on big directories Thanks for the suggestion though, Jonathan From lists Mon Feb 7 20:14:01 2005 From: lists (lists at genoverly.net) Date: Tue, 8 Feb 2005 02:14:01 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_A_stat=2E_=2E__=2E_=2E?= Message-ID: <0MKz1m-1CyJz00U4R-0006pf@mrelay.perfora.net> On Mon, 7 Feb 2005 11:29:40 -0600 Tillman Hodgson wrote: > I put a page up at http://www.seekingfire.com/projects/tor/ that tells > me what IP I'm comign from. I use it to test the Tor stuff before > venturing out into the "wild". Other folks are welcome to use it when > testing Tor stuff as well. > > -T Very cool. We did something similar in the footer on NYCBUG.org, but it is kinda quiet. Michael From tillman Tue Feb 8 09:19:47 2005 From: tillman (Tillman Hodgson) Date: Tue, 8 Feb 2005 08:19:47 -0600 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <0MKz1m-1CyJz00U4R-0006pf@mrelay.perfora.net> References: <0MKz1m-1CyJz00U4R-0006pf@mrelay.perfora.net> Message-ID: <20050208141947.GM9678@seekingfire.com> On Tue, Feb 08, 2005 at 02:14:01AM +0100, lists at genoverly.net wrote: > > On Mon, 7 Feb 2005 11:29:40 -0600 > Tillman Hodgson wrote: > > > I put a page up at http://www.seekingfire.com/projects/tor/ that tells > > me what IP I'm comign from. I use it to test the Tor stuff before > > venturing out into the "wild". Other folks are welcome to use it when > > testing Tor stuff as well. > > Very cool. We did something similar in the footer on NYCBUG.org, but it > is kinda quiet. Oh, hey, I didn't notice that. Nice. I suppose that next I'll have to look into changing my agent string. -T -- "Money is truthful. If a man speaks of his honor, make him pay cash." -- Robert Heinlein From lists Tue Feb 8 17:21:50 2005 From: lists (michael) Date: Tue, 8 Feb 2005 17:21:50 -0500 Subject: [nycbug-talk] benchmark OS perf Message-ID: <20050208172150.1fd288eb@delinux.abwatley.com> I know this is just chum in the water for you sharks.. but still an interesting article. http://software.newsforge.com/software/04/12/27/1238216.shtml?tid=72&tid=29 Using MySQL to benchmark OS performance The following operating systems were used for the comparison testing: * FreeBSD 4.11 * FreeBSD 5.3 * NetBSD 2.0 * Linux 2.6 * Linux 2.4 * Solaris 10 x86 (build 69) * OpenBSD 3.6 Conclusion: After having performed all of the tests and compiled the results, there were quite a few surprises that I think will challenge a few tightly-held assumptions in regards to which operating systems are fast and which aren't. In the next article, I'll present the results for all six operating systems. -- --- From alex Tue Feb 8 17:25:56 2005 From: alex (alex at pilosoft.com) Date: Tue, 8 Feb 2005 17:25:56 -0500 (EST) Subject: [nycbug-talk] benchmark OS perf In-Reply-To: <20050208172150.1fd288eb@delinux.abwatley.com> Message-ID: On Tue, 8 Feb 2005, michael wrote: > I know this is just chum in the water for you sharks.. but still an > interesting article. Just another test made by a clueless person. One doesn't test performance of an OS by compiling and running a certain package. You get "how well does mysql run on this OS" (article body says that, article header does not). Author has no idea what 'cold cache' and 'hot cache' is. Nowhere he says whether he rebooted *just before* running the benchmark itself. Since he doesn't say that, the results are useless - you can't compare benchmarks with hot cache with cold cache. From lists Tue Feb 8 17:58:09 2005 From: lists (Hans Zaunere) Date: Tue, 8 Feb 2005 17:58:09 -0500 Subject: [nycbug-talk] benchmark OS perf In-Reply-To: Message-ID: <20050208225816.D09ADA862F@virtu.nyphp.org> > > I know this is just chum in the water for you sharks.. but still an > > interesting article. > Just another test made by a clueless person. > > One doesn't test performance of an OS by compiling and running a certain > package. You get "how well does mysql run on this OS" (article body says > that, article header does not). Agreed - the article's heading is a bit superfluous. > Author has no idea what 'cold cache' and 'hot cache' is. Nowhere he says > whether he rebooted *just before* running the benchmark itself. Since he > doesn't say that, the results are useless - you can't compare benchmarks > with hot cache with cold cache. True, and it's a little bogus that we have to wait for the actual results. Seems like it'll generate more ad revenue for newsforge, though. That said, PeterZ is good stuff, and I'll bet he guided this guy well. This article does raise a major point, though, and that's threading under FreeBSD, and the BSD's in general. Speaking specifically to FreeBSD, it's hard to get it be a creditable OS for databases when all you can say is "well, pick a thread library; most should work about the same" After talking with a FreeBSD core developer, they are working on this for 5.3. And, in fact, the thread project itself uses MySQL to test their thread library (not the the whole OS) for performance, leaks, etc. So, the future is bright... H From okan Wed Feb 9 09:42:35 2005 From: okan (Okan Demirmen) Date: Wed, 9 Feb 2005 09:42:35 -0500 Subject: [nycbug-talk] benchmark OS perf In-Reply-To: <20050208172150.1fd288eb@delinux.abwatley.com> References: <20050208172150.1fd288eb@delinux.abwatley.com> Message-ID: <20050209144235.GA33011@yinaska.pair.com> On Tue 2005.02.08 at 17:21 -0500, michael wrote: > http://software.newsforge.com/software/04/12/27/1238216.shtml?tid=72&tid=29 I will refrain from commenting too much on this, to stay professional here. However, (I shouldn't).... -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From okan Wed Feb 9 10:15:54 2005 From: okan (Okan Demirmen) Date: Wed, 9 Feb 2005 10:15:54 -0500 Subject: [nycbug-talk] benchmark OS perf In-Reply-To: <20050208172150.1fd288eb@delinux.abwatley.com> References: <20050208172150.1fd288eb@delinux.abwatley.com> Message-ID: <20050209151554.GA42148@yinaska.pair.com> On Tue 2005.02.08 at 17:21 -0500, michael wrote: > In the next article, I'll present the results for all > six operating systems. http://software.newsforge.com/software/04/12/27/1243207.shtml?tid=72&tid=29 results -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From megan.restuccia Wed Feb 9 12:49:44 2005 From: megan.restuccia (Megan Restuccia) Date: Wed, 9 Feb 2005 12:49:44 -0500 Subject: [nycbug-talk] [Fwd: Know Anyone?] Message-ID: <20050209174944.JREV15978.out012.verizon.net@outgoing.verizon.net> This is a recruiter, but I have known hime for about 5 years and has helped place several friends - good guy. Anyone interested? Let me know. Megan > I wanted to touch base because we just received a new job for a Solaris > Systems Administration consultant (6 months) with a financial company > in Parsippany NJ. If you know anyone feel free to pass my contact > information on to them. > > Tony > From swygue Wed Feb 9 15:27:47 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 15:27:47 -0500 Subject: [nycbug-talk] pkg_add Message-ID: How do I change pkg_add temp directory? I tried this, # env PKG_TMDIR=/"directory I want". This did not help, I read the manpage and it mention something about template, I do not know what to do. Thanks -- I need a job.. --------------------------------------- From rick Wed Feb 9 15:37:40 2005 From: rick (Rick Aliwalas) Date: Wed, 9 Feb 2005 15:37:40 -0500 (EST) Subject: [nycbug-talk] pkg_add In-Reply-To: References: Message-ID: On Wed, 9 Feb 2005, swygue wrote: > How do I change pkg_add temp directory? I tried this, # env > PKG_TMDIR=/"directory I want". This did not help, I read the manpage > and it mention something about template, I do not know what to do. What O/S? What shell? Your syntax ain't right for bourne/korn/bash : # env PKG_TMDIR=/"directory I want" you may want to try # PKG_TMDIR="/directory I want" and verify w/ # echo $PKG_TMDIR -rick > I need a job.. From jpb Wed Feb 9 10:41:15 2005 From: jpb (Jim Brown) Date: Wed, 9 Feb 2005 15:41:15 +0000 Subject: [nycbug-talk] pkg_add In-Reply-To: References: Message-ID: <20050209154115.GA32521@sixshooter.v6.thrupoint.net> * swygue [2005-02-09 15:28]: > How do I change pkg_add temp directory? I tried this, # env > PKG_TMDIR=/"directory I want". This did not help, I read the manpage > and it mention something about template, I do not know what to do. Looks like you are using a /bin/sh shell or derivative. Try: PKG_TMPDIR=/foo_dir export PKG_TMPDIR pkg_add foo_pkg.tgz Directory /foo_dir must have adequate space, or it won't be used. Best Regards, Jim B. From ike Wed Feb 9 15:55:06 2005 From: ike (Isaac Levy) Date: Wed, 9 Feb 2005 15:55:06 -0500 Subject: [nycbug-talk] Fun PPC news Message-ID: <1ce2b70b715d883d963982e51a5d8364@lesmuug.org> Hi All, This one made me think 'wow, this insanely cool, when will I have one in my hands'! ArsTechnica article, diving into a new PPC multi-core IBM/Sony/Toshiba Cell Processor: (yummy) http://tinyurl.com/6ft3o -or- http://arstechnica.com/articles/paedia/cpu/cell-1.ars Official IBM Press Release sphiel: http://tinyurl.com/5y2kh -or- http://www-1.ibm.com/press/PressServletForm.wss? MenuChoice=pressreleases&TemplateName=ShowPressReleaseTemplate&SelectStr ing=t1.docunid=7502&TableName=DataheadApplicationClass&SESSIONKEY=any&Wi ndowTitle=Press+Release&STATUS=publish Rocket- .ike From mspitzer Wed Feb 9 16:04:25 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 16:04:25 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: <20050209154115.GA32521@sixshooter.v6.thrupoint.net> References: <20050209154115.GA32521@sixshooter.v6.thrupoint.net> Message-ID: <8c50a3c305020913043f374405@mail.gmail.com> If this is netbsd then "man pkg_add", here are the key bits; PKG_TMPDIR Staging directory for installing packages, defaults to /var/tmp. Set to directory with lots of free disk if you run out of space when installing a binary package. now before that in the options/switches section; -t template Use template as the input to mktemp(3) when creating a ``staging area.'' By default, this is the string /var/tmp/instmp.XXXXXX, but it may be necessary to override it in the situation where space in your /var/tmp directory is limited. Be sure to leave some number of `X' characters for mktemp(3) to fill in with a unique ID. You can get a performance boost by setting the staging area template to reside on the same disk partition as target directo- ries for package file installation; often this is /usr. freebsd 5.3 is similar in content, reading the fine manual is useful. marc From pete Wed Feb 9 16:08:45 2005 From: pete (Pete Wright) Date: Wed, 9 Feb 2005 16:08:45 -0500 Subject: [nycbug-talk] Fun PPC news In-Reply-To: <1ce2b70b715d883d963982e51a5d8364@lesmuug.org> References: <1ce2b70b715d883d963982e51a5d8364@lesmuug.org> Message-ID: <20050209210845.GA76608@finn.nomadlogic.org> On Wed, Feb 09, 2005 at 03:55:06PM -0500, Isaac Levy wrote: > Hi All, > > This one made me think 'wow, this insanely cool, when will I have one > in my hands'! yea i saw that, looks pretty awesome. too bad sony doesn't give me any discounts on playstations or anything fun like that... -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From swygue Wed Feb 9 17:00:02 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 17:00:02 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD Message-ID: Has anyone installed and run Vmware succesfully, there seems to be a problem with 001.vmware.sh. Here is the output: $ ./001.vmware.sh start [: -eq: unexpected operator I checked various mailing, the problem is mention but no fix. One person suggest that line 26 is null and maybe this as something to do with it. Anyone with vmware3-3.2.1.2242_10,1 running and can verify this for me. Thanks Snip // l24:vmware=`vmware_config vmware.fullpath` 25:vmware_libdir=`vmware_config libdir` 26:networking= 27:dev_vmnet1=/dev/vmnet1 28:vmnet1_minor=0x00800001 <------- -- I need a job, really! --------------------------------------- From pete Wed Feb 9 17:43:13 2005 From: pete (Pete Wright) Date: Wed, 9 Feb 2005 17:43:13 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD In-Reply-To: References: Message-ID: <20050209224313.GA77004@finn.nomadlogic.org> On Wed, Feb 09, 2005 at 05:00:02PM -0500, swygue wrote: > Has anyone installed and run Vmware succesfully, there seems to be a > problem with 001.vmware.sh. Here is the output: > > $ ./001.vmware.sh start > [: -eq: unexpected operator > looks like a bug in the shell script 001.vmware.sh...i would read through that code and look for where the -eq operator is being misused. maybe if the script is not too long i would post the script here...or email a link to where we can take a look at it. > I checked various mailing, the problem is mention but no fix. One > person suggest that line 26 is null and maybe this as something to do > with it. Anyone with vmware3-3.2.1.2242_10,1 running and can verify > this for me. > i have had it working on 4.x > > Snip // > l24:vmware=`vmware_config vmware.fullpath` > 25:vmware_libdir=`vmware_config libdir` > 26:networking= > 27:dev_vmnet1=/dev/vmnet1 > 28:vmnet1_minor=0x00800001 > > <------- > where is the from...the startup script? -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From swygue Wed Feb 9 20:32:46 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 20:32:46 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: <20050209224709.3FA24A87B6@virtu.nyphp.org> References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: > ---------- Forwarded message ---------- > From: Marc Spitzer > To: talk at lists.nycbug.org > Date: Wed, 9 Feb 2005 16:04:25 -0500 > Subject: Re: [nycbug-talk] pkg_add > If this is netbsd then "man pkg_add", here are the key bits; > > PKG_TMPDIR Staging directory for installing packages, defaults to > /var/tmp. Set to directory with lots of free disk if you run > out of space when installing a binary package. > > now before that in the options/switches section; > > -t template > Use template as the input to mktemp(3) when creating a ``staging > area.'' By default, this is the string /var/tmp/instmp.XXXXXX, > but it may be necessary to override it in the situation where > space in your /var/tmp directory is limited. Be sure to leave > some number of `X' characters for mktemp(3) to fill in with a > unique ID. > > You can get a performance boost by setting the staging area > template to reside on the same disk partition as target directo- > ries for package file installation; often this is /usr. > > freebsd 5.3 is similar in content, reading the fine manual is useful. > > marc I read the manual, but don't understand what I should do. From mspitzer Wed Feb 9 20:35:04 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 20:35:04 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: <8c50a3c3050209173534bd2d0e@mail.gmail.com> On Wed, 9 Feb 2005 20:32:46 -0500, swygue wrote: > > ---------- Forwarded message ---------- > > From: Marc Spitzer > > To: talk at lists.nycbug.org > > Date: Wed, 9 Feb 2005 16:04:25 -0500 > > Subject: Re: [nycbug-talk] pkg_add > > If this is netbsd then "man pkg_add", here are the key bits; > > > > PKG_TMPDIR Staging directory for installing packages, defaults to > > /var/tmp. Set to directory with lots of free disk if you run > > out of space when installing a binary package. > > > > now before that in the options/switches section; > > > > -t template > > Use template as the input to mktemp(3) when creating a ``staging > > area.'' By default, this is the string /var/tmp/instmp.XXXXXX, > > but it may be necessary to override it in the situation where > > space in your /var/tmp directory is limited. Be sure to leave > > some number of `X' characters for mktemp(3) to fill in with a > > unique ID. > > > > You can get a performance boost by setting the staging area > > template to reside on the same disk partition as target directo- > > ries for package file installation; often this is /usr. > > > > freebsd 5.3 is similar in content, reading the fine manual is useful. > > > > marc > > I read the manual, but don't understand what I should do. > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From swygue Wed Feb 9 20:46:59 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 20:46:59 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD In-Reply-To: <20050209224709.3FA24A87B6@virtu.nyphp.org> References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: > > Has anyone installed and run Vmware succesfully, there seems to be a > > problem with 001.vmware.sh. Here is the output: > > > > $ ./001.vmware.sh start > > [: -eq: unexpected operator > > > > looks like a bug in the shell script 001.vmware.sh...i would read through > that code and look for where the -eq operator is being misused. maybe if > the script is not too long i would post the script here...or email a link > to where we can take a look at it. You can see it here: http://www.beldance.com/kenny/ The script is from vmware3 installation, it is located in /usr/local/etc/rc.d/. From mspitzer Wed Feb 9 20:58:02 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 20:58:02 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: <8c50a3c305020917584b821c90@mail.gmail.com> > > PKG_TMPDIR Staging directory for installing packages, defaults to > > /var/tmp. Set to directory with lots of free disk if you run > > out of space when installing a binary package. > > > > now before that in the options/switches section; > > > > -t template > > Use template as the input to mktemp(3) when creating a ``staging > > area.'' By default, this is the string /var/tmp/instmp.XXXXXX, > > but it may be necessary to override it in the situation where > > space in your /var/tmp directory is limited. Be sure to leave > > some number of `X' characters for mktemp(3) to fill in with a > > unique ID. > > > > You can get a performance boost by setting the staging area > > template to reside on the same disk partition as target directo- > > ries for package file installation; often this is /usr. > > > > freebsd 5.3 is similar in content, reading the fine manual is useful. > > > > marc > > I read the manual, but don't understand what I should do. did you read the man page for mktemp(3) ? it explains what is going on fo temp file/directory creation. What you need to do is set the env var to a string that represents a directory followed by a filename followed by a dot followed by a bunch of 'X's to say put random stuff here. marc From mspitzer Wed Feb 9 21:08:42 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 21:08:42 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD In-Reply-To: References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: <8c50a3c3050209180852abd56c@mail.gmail.com> On Wed, 9 Feb 2005 20:46:59 -0500, swygue wrote: > > > Has anyone installed and run Vmware succesfully, there seems to be a > > > problem with 001.vmware.sh. Here is the output: > > > > > > $ ./001.vmware.sh start > > > [: -eq: unexpected operator > > > > > > > looks like a bug in the shell script 001.vmware.sh...i would read through > > that code and look for where the -eq operator is being misused. maybe if > > the script is not too long i would post the script here...or email a link > > to where we can take a look at it. > > You can see it here: > http://www.beldance.com/kenny/ I looked at it and there is definatly a bug in the script, now my question to you is why/what is the bug and how could you fix it. It would be a good idea to write a short 5-10 line script that has the same behavior. Then post it on to the list and then we can point out how you did it wrong until you do it correctly. Then you will have learned something instead of punting. get your fishing pole and go to work. marc > > The script is from vmware3 installation, it is located in > /usr/local/etc/rc.d/. > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From pete Thu Feb 10 15:35:43 2005 From: pete (Pete Wright) Date: Thu, 10 Feb 2005 15:35:43 -0500 Subject: [nycbug-talk] BSDCAN BUG BOF Message-ID: <20050210203543.GA24609@finn.nomadlogic.org> so what do you all think about having a UserGroup BOF during BSDCAN...unless one is already planned in which case i'm already there ;) -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From mikel.king Thu Feb 10 22:15:00 2005 From: mikel.king (mikel king) Date: Thu, 10 Feb 2005 22:15:00 -0500 Subject: [nycbug-talk] interesting article.... Message-ID: <420C2334.2040607@ocsny.com> http://software.newsforge.com/software/04/12/27/1238216.shtml?tid=72&tid=29 -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org http://www.MySql.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. +------------------------------------------+ From swygue Fri Feb 11 11:37:48 2005 From: swygue (swygue) Date: Fri, 11 Feb 2005 11:37:48 -0500 Subject: [nycbug-talk] Streaming, Webcasting Hosting Provider Message-ID: Anyone know of dedicated server hosting providers in NYC that can withstand the bandwidth of Streaming music and Webcasting ? Or Anyone using a dedicated server hosting provider that they would recommend ? Does not matter where they are located. Oh, yeah! I prefer BSD. -- swygue how to become a guru ? --------------------------------------- From pete Fri Feb 11 13:35:58 2005 From: pete (pete wright) Date: Fri, 11 Feb 2005 10:35:58 -0800 Subject: [nycbug-talk] Streaming, Webcasting Hosting Provider In-Reply-To: References: Message-ID: <76507b1892527b3c320c72845160dee7@nomadlogic.org> On Feb 11, 2005, at 8:37 AM, swygue wrote: > Anyone know of dedicated server hosting providers in NYC that can > withstand the bandwidth of Streaming music and Webcasting ? > are ya interested in co-lo or having them provide the gear? also how much bandwidth are you predicting you will use? personally i'd co-locate, especially if you are concerned about traffic...if you are expecting alot of traffic it may be worth looking at internap or one of the larger facilities in the city (i'm sure we all have opinions on which ones we prefer in nyc ;) -p ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From george Fri Feb 11 19:05:21 2005 From: george (G. Rosamond) Date: Fri, 11 Feb 2005 19:05:21 -0500 Subject: [nycbug-talk] a funny site. . . Message-ID: <831813ce40c4428ddfb9d5bdd983e656@sddi.net> from a link off Slashdot. . . this might be the funniest site I've ever seen. . . make sure you scroll down. http://objective.jesussave.us/propaganda.html From marco Fri Feb 11 20:01:59 2005 From: marco (marco at metm.org) Date: Fri, 11 Feb 2005 20:01:59 -0500 Subject: [nycbug-talk] a funny site. . . In-Reply-To: <831813ce40c4428ddfb9d5bdd983e656@sddi.net> References: <831813ce40c4428ddfb9d5bdd983e656@sddi.net> Message-ID: <20050212010159.GE16230@metm.org> On Fri, Feb 11, 2005 at 07:05:21PM -0500, G. Rosamond wrote: >from a link off Slashdot. . . this might be the funniest site I've ever >seen. . . make sure you scroll down. > >http://objective.jesussave.us/propaganda.html Sounds so much like a hoax that it is hard to believe it is real... -- Marco From dlavigne6 Sun Feb 13 17:44:46 2005 From: dlavigne6 (Dru) Date: Sun, 13 Feb 2005 17:44:46 -0500 (EST) Subject: [nycbug-talk] mac os termcap question Message-ID: <20050213174321.O571@dru.domain.org> Any of the Mac OS X users know the solution for this one: "Also one thing that would make my life a modicum eaiser, the default setting odd OS X terminal is xterm-color. When i try to run screen on some system (donno about ours) it whines about no termcap entry. Could you possibly check to see if this is configged right?" TIA, Dru From bob Sun Feb 13 18:32:29 2005 From: bob (Bob Ippolito) Date: Sun, 13 Feb 2005 18:32:29 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <20050213174321.O571@dru.domain.org> References: <20050213174321.O571@dru.domain.org> Message-ID: <5d815dbecc65aea6509b265be848557b@redivi.com> On Feb 13, 2005, at 17:44, Dru wrote: > Any of the Mac OS X users know the solution for this one: > > "Also one thing that would make my life a modicum eaiser, the default > setting odd OS X terminal is xterm-color. When i try to run screen on > some system (donno about ours) it whines about no termcap entry. Could > you possibly > check to see if this is configged right?" > In Terminal, go to Preferences. Click on the Declare terminal type ($TERM) pop-up menu to change to vt100 (or whatever). -bob From steve.rieger Mon Feb 14 10:06:58 2005 From: steve.rieger (steve rieger) Date: Mon, 14 Feb 2005 10:06:58 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <5d815dbecc65aea6509b265be848557b@redivi.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> Message-ID: <4210BE92.30200@tbwachiat.com> if you keep it on xterm-colour you also might have vi issues, (although this does not afect vim) as stated change it to vt100 works for me no problem Bob Ippolito wrote: > > On Feb 13, 2005, at 17:44, Dru wrote: > >> Any of the Mac OS X users know the solution for this one: >> >> "Also one thing that would make my life a modicum eaiser, the default >> setting odd OS X terminal is xterm-color. When i try to run screen on >> some system (donno about ours) it whines about no termcap entry. Could >> you possibly >> check to see if this is configged right?" >> > > In Terminal, go to Preferences. Click on the Declare terminal type > ($TERM) pop-up menu to change to vt100 (or whatever). > > -bob > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > > -- -- Steve Rieger TBWA/Chiat/Day 212-804-1131 (office) 646-335-8915 (cell) From bob Mon Feb 14 10:33:50 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 10:33:50 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <4210BE92.30200@tbwachiat.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> Message-ID: On Feb 14, 2005, at 10:06 AM, steve rieger wrote: > Bob Ippolito wrote: >> On Feb 13, 2005, at 17:44, Dru wrote: >>> Any of the Mac OS X users know the solution for this one: >>> >>> "Also one thing that would make my life a modicum eaiser, the >>> default setting odd OS X terminal is xterm-color. When i try to run >>> screen on some system (donno about ours) it whines about no termcap >>> entry. Could you possibly >>> check to see if this is configged right?" >>> >> In Terminal, go to Preferences. Click on the Declare terminal type >> ($TERM) pop-up menu to change to vt100 (or whatever). > > if you keep it on xterm-colour you also might have vi issues, > (although this does not afect vim) > > as stated change it to vt100 works for me no problem It's a trade-off, of course. ls -G won't be colored if you are using vt100. -bob From steve.rieger Mon Feb 14 10:39:01 2005 From: steve.rieger (steve rieger) Date: Mon, 14 Feb 2005 10:39:01 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> Message-ID: <4210C615.8060206@tbwachiat.com> an assuming that we are using a black background with green text, most colours will make it harder to see Bob Ippolito wrote: > On Feb 14, 2005, at 10:06 AM, steve rieger wrote: > >> Bob Ippolito wrote: >> >>> In Terminal, go to Preferences. Click on the Declare terminal type >>> ($TERM) pop-up menu to change to vt100 (or whatever). >> >> >> if you keep it on xterm-colour you also might have vi issues, >> (although this does not afect vim) >> >> as stated change it to vt100 works for me no problem > > > It's a trade-off, of course. ls -G won't be colored if you are using > vt100. > > -bob > > > > -- -- Steve Rieger TBWA/Chiat/Day 212-804-1131 (office) 646-335-8915 (cell) From steve.rieger Mon Feb 14 10:54:13 2005 From: steve.rieger (steve rieger) Date: Mon, 14 Feb 2005 10:54:13 -0500 Subject: [nycbug-talk] /etc/hosts Message-ID: <4210C9A5.7090900@tbwachiat.com> hi all, is there a difference between these two and if so can you elaborate cat /etc/hosts 192.10.20.25 yoyo.mama.com yoyo cat /etc/hosts 192.10.20.25 yoyo yoyo.mama.com -- -- Steve Rieger TBWA/Chiat/Day 212-804-1131 (office) 646-335-8915 (cell) From bob Mon Feb 14 10:59:33 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 10:59:33 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <4210C615.8060206@tbwachiat.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> Message-ID: <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> On Feb 14, 2005, at 10:39 AM, steve rieger wrote: > Bob Ippolito wrote: >> On Feb 14, 2005, at 10:06 AM, steve rieger wrote: >>> Bob Ippolito wrote: >>> >>>> In Terminal, go to Preferences. Click on the Declare terminal type >>>> ($TERM) pop-up menu to change to vt100 (or whatever). >>> >>> >>> if you keep it on xterm-colour you also might have vi issues, >>> (although this does not afect vim) >>> >>> as stated change it to vt100 works for me no problem >> It's a trade-off, of course. ls -G won't be colored if you are using >> vt100. > > an assuming that we are using a black background with green text, most > colours will make it harder to see Uh, I guess, but not using colors makes it harder to distinguish between types of files. I use gray on black. -bob From jpb Mon Feb 14 06:03:27 2005 From: jpb (Jim Brown) Date: Mon, 14 Feb 2005 11:03:27 +0000 Subject: [nycbug-talk] /etc/hosts In-Reply-To: <4210C9A5.7090900@tbwachiat.com> References: <4210C9A5.7090900@tbwachiat.com> Message-ID: <20050214110327.GA42005@sixshooter.v6.thrupoint.net> * steve rieger [2005-02-14 10:54]: > hi all, > > > is there a difference between these two and if so can you elaborate > > > > > cat /etc/hosts > 192.10.20.25 yoyo.mama.com yoyo > > > > cat /etc/hosts > 192.10.20.25 yoyo yoyo.mama.com > -- > -- The fully qualified domain name should come first. Aliases come after that. The first entry is correct. Best Regards, Jim B. From mspitzer Mon Feb 14 11:23:56 2005 From: mspitzer (Marc Spitzer) Date: Mon, 14 Feb 2005 11:23:56 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> Message-ID: <8c50a3c305021408232f87a9e1@mail.gmail.com> On Mon, 14 Feb 2005 10:59:33 -0500, Bob Ippolito wrote: > > On Feb 14, 2005, at 10:39 AM, steve rieger wrote: > > > Bob Ippolito wrote: > >> On Feb 14, 2005, at 10:06 AM, steve rieger wrote: > >>> Bob Ippolito wrote: > >>> > >>>> In Terminal, go to Preferences. Click on the Declare terminal type > >>>> ($TERM) pop-up menu to change to vt100 (or whatever). > >>> > >>> > >>> if you keep it on xterm-colour you also might have vi issues, > >>> (although this does not afect vim) > >>> > >>> as stated change it to vt100 works for me no problem > >> It's a trade-off, of course. ls -G won't be colored if you are using > >> vt100. > > > > an assuming that we are using a black background with green text, most > > colours will make it harder to see > > Uh, I guess, but not using colors makes it harder to distinguish > between types of files. I use gray on black. personally I hate color coding, why bother when you have 'ls -F' anyway and it is portable anywhere. marc > > -bob > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From bob Mon Feb 14 12:15:57 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 12:15:57 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <8c50a3c305021408232f87a9e1@mail.gmail.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> Message-ID: On Feb 14, 2005, at 11:23 AM, Marc Spitzer wrote: > On Mon, 14 Feb 2005 10:59:33 -0500, Bob Ippolito > wrote: >> >> On Feb 14, 2005, at 10:39 AM, steve rieger wrote: >> >>> Bob Ippolito wrote: >>>> On Feb 14, 2005, at 10:06 AM, steve rieger wrote: >>>>> Bob Ippolito wrote: >>>>> >>>>>> In Terminal, go to Preferences. Click on the Declare terminal type >>>>>> ($TERM) pop-up menu to change to vt100 (or whatever). >>>>> >>>>> >>>>> if you keep it on xterm-colour you also might have vi issues, >>>>> (although this does not afect vim) >>>>> >>>>> as stated change it to vt100 works for me no problem >>>> It's a trade-off, of course. ls -G won't be colored if you are >>>> using >>>> vt100. >>> >>> an assuming that we are using a black background with green text, >>> most >>> colours will make it harder to see >> >> Uh, I guess, but not using colors makes it harder to distinguish >> between types of files. I use gray on black. > > personally I hate color coding, why bother when you have 'ls -F' > anyway and it is portable anywhere. For the same reason most (sane) software developers use syntax highlighting. You either like it or you don't, but it provides a "low-bandwidth" way to categorize tokens and can measurably enhance productivity. I personally use "/bin/ls -G -F -h" on Mac OS X as my alias for ls. Colored ls -G output also provides more information than ls -F alone. It distinguishes a+w directories, for example. Fortunately I don't use any platforms that have issues with colored terminals, though on some platforms like Linux I use a slightly different alias to accomplish the same thing. -bob From mspitzer Mon Feb 14 13:00:45 2005 From: mspitzer (Marc Spitzer) Date: Mon, 14 Feb 2005 13:00:45 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> Message-ID: <8c50a3c3050214100053b8c447@mail.gmail.com> On Mon, 14 Feb 2005 12:15:57 -0500, Bob Ippolito wrote: > > On Feb 14, 2005, at 11:23 AM, Marc Spitzer wrote: > > > personally I hate color coding, why bother when you have 'ls -F' > > anyway and it is portable anywhere. > > For the same reason most (sane) software developers use syntax > highlighting. You either like it or you don't, but it provides a > "low-bandwidth" way to categorize tokens and can measurably enhance > productivity. I do use it for coding and have learned not to trust it as much as I did, weird thing in emacs where the code was right but the regex got confused. > > I personally use "/bin/ls -G -F -h" on Mac OS X as my alias for ls. > Colored ls -G output also provides more information than ls -F alone. > It distinguishes a+w directories, for example. Fortunately I don't use > any platforms that have issues with colored terminals, though on some > platforms like Linux I use a slightly different alias to accomplish the > same thing. each to his own and your eyes must be better then mine. some of the colors that have come up when I have played with color coding just did not read well against a given background, yellow letters on white or dark blue on black for example. another thing that I just do not like about it is that the same color can mean different things, a directory here a socket there etc. and when working on a strange box I do not want help breaking things. marc From bob Mon Feb 14 13:07:24 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 13:07:24 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <8c50a3c3050214100053b8c447@mail.gmail.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> <8c50a3c3050214100053b8c447@mail.gmail.com> Message-ID: <1cc8be1fb1a95faeb8633741f65b7e79@redivi.com> On Feb 14, 2005, at 1:00 PM, Marc Spitzer wrote: > On Mon, 14 Feb 2005 12:15:57 -0500, Bob Ippolito > wrote: >> >> On Feb 14, 2005, at 11:23 AM, Marc Spitzer wrote: >> >>> personally I hate color coding, why bother when you have 'ls -F' >>> anyway and it is portable anywhere. >> >> For the same reason most (sane) software developers use syntax >> highlighting. You either like it or you don't, but it provides a >> "low-bandwidth" way to categorize tokens and can measurably enhance >> productivity. > > I do use it for coding and have learned not to trust it as much as > I did, weird thing in emacs where the code was right but the regex > got confused. The correctness of syntax highlighting is definitely inversely proportional to the complexity of the syntax it is highlighting :) Let me guess, Perl? -bob From mikel.king Mon Feb 14 13:32:59 2005 From: mikel.king (Mikel King) Date: Mon, 14 Feb 2005 13:32:59 -0500 Subject: [nycbug-talk] goBSD Message-ID: <4210EEDB.5070401@ocsny.com> Stumbled across this article... http://www.grabageek.net/modules/news/article.php?storyid=127 The goals of GoBSD are: # Manage stable DragonFly releases We want to free DragonFly developers from the burden of worrying about release scheduling and stabilization so they can focus only on continuing development. We feel that the efforts of the core developers will be best spent when focused on the enhancement of the system, resulting in faster development and quicker adoption of new techniques. We also believe that users of all types can benefit from the use of DragonFly, so we are working to make releases that are thoroughly tested and easy to use. more info @ http://gobsd.com/ -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ -------------- next part -------------- A non-text attachment was scrubbed... Name: mikel.king.vcf Type: text/x-vcard Size: 353 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050214/adc8c11a/attachment.vcf From mspitzer Mon Feb 14 13:44:33 2005 From: mspitzer (Marc Spitzer) Date: Mon, 14 Feb 2005 13:44:33 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <1cc8be1fb1a95faeb8633741f65b7e79@redivi.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> <8c50a3c3050214100053b8c447@mail.gmail.com> <1cc8be1fb1a95faeb8633741f65b7e79@redivi.com> Message-ID: <8c50a3c3050214104466ed2cce@mail.gmail.com> On Mon, 14 Feb 2005 13:07:24 -0500, Bob Ippolito wrote: > > The correctness of syntax highlighting is definitely inversely > proportional to the complexity of the syntax it is highlighting :) Let > me guess, Perl? it was tcl and it was not even code. very complex string that confused/overloaded the "this is a string" regex. and then my editor was on lsd, lots of colors and no connection to reality. marc From pete Mon Feb 14 15:17:45 2005 From: pete (Pete Wright) Date: Mon, 14 Feb 2005 15:17:45 -0500 Subject: [nycbug-talk] SCALE 05 Review Message-ID: <20050214201745.GA70232@finn.nomadlogic.org> hey all, i've written up a piece about SCALE 05 that went down this weekend. check it out here: www.nomadlogic.org/~pete/scale.html -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Mon Feb 14 15:27:25 2005 From: george (G. Rosamond) Date: Mon, 14 Feb 2005 15:27:25 -0500 Subject: [nycbug-talk] SCALE 05 Review In-Reply-To: <20050214201745.GA70232@finn.nomadlogic.org> References: <20050214201745.GA70232@finn.nomadlogic.org> Message-ID: <980c0cdb62c849f6292291c46e0221ab@sddi.net> On Feb 14, 2005, at 3:17 PM, Pete Wright wrote: > hey all, i've written up a piece about SCALE 05 > that went down this weekend. check it out here: > > www.nomadlogic.org/~pete/scale.html > Nice Pete. . . it's a great piece that gives a good sense of the event. . . It's even better that he still says he's in NYCBUG. . . George From pete Mon Feb 14 16:11:52 2005 From: pete (pete wright) Date: Mon, 14 Feb 2005 13:11:52 -0800 Subject: [nycbug-talk] SCALE 05 Review In-Reply-To: <980c0cdb62c849f6292291c46e0221ab@sddi.net> References: <20050214201745.GA70232@finn.nomadlogic.org> <980c0cdb62c849f6292291c46e0221ab@sddi.net> Message-ID: On Feb 14, 2005, at 12:27 PM, G. Rosamond wrote: > > On Feb 14, 2005, at 3:17 PM, Pete Wright wrote: > >> hey all, i've written up a piece about SCALE 05 >> that went down this weekend. check it out here: >> >> www.nomadlogic.org/~pete/scale.html >> > > Nice Pete. . . it's a great piece that gives a good sense of the > event. . . > thanks...i hope to have some pics up soon. there was another guy there taking pictures so i'll keep you all posted. > It's even better that he still says he's in NYCBUG. . . > well shoot, at the least it's easier to type nycbug than bsdusersofsocal ;) quick question to the list, i've been unable to send any emails to bsdnews.org (*not* chris's bsdnews.com site) to try to get this posted. does anyone know who is behind the site all emails to them are bouncing. -pete > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From pete Mon Feb 14 16:14:56 2005 From: pete (pete wright) Date: Mon, 14 Feb 2005 13:14:56 -0800 Subject: [nycbug-talk] Fwd: Great experiences at the Southern California Linux Expo (SCALE) Message-ID: <17e940449ad6d5a1ed807f776f79e365@nomadlogic.org> sorry for the re-post those who are on netbsd-advocacy but kevin is a great guy and thought this may be of interest as well... -p Begin forwarded message: > From: Kevin Lahey > Date: February 14, 2005 1:10:51 PM PST > To: netbsd-advocacy at netbsd.org > Subject: Great experiences at the Southern California Linux Expo > (SCALE) > > Executive summary: > > I had a great time working the NetBSD booth at the Southern California > Linux Expo (SCALE). We spent two full days evangelizing NetBSD, > checking out the other exhibits, and meeting new people. > > The whole story: > > I only comparatively recently moved to the Los Angeles area, so I was > amazed and delighted at the size of the open source community out here. > The exhibition itself had something like 30 or 40 booths, including > vendors like IBM and Novell, and open source projects including > flightgear.org (a really cool flight simulator), FreeBSD, the FSF, > Gnome, and the Wikipedia folks. I don't think I saw as many open > source > projects at the nation Linux shows I've done! For more info: > > http://www.socallinuxexpo.org/ > > The all-volunteer group that put on SCALE was completely professional > and totally organized. The booths were beautifully laid out, with > power > and networking (and wireless networking). All I had to do was show up > and set up. My thanks to Gareth Greenaway (who was my point of > contact) > and all the rest of the folks from SCALE who made this fun and easy. > > Our booth worked out great. Jan Schaumann rush-mailed me a whole box > full of NetBSD t-shirts and flyers, which got me started on the right > foot. I brought down my NetBSD-running Thinkpad as an example of > recent > hardware, and a Cobalt Raq2 and Qube to show off a little > retro-computing action. > > I was proud of my Qube, but then fellow developer John Klos showed up > with the real big guns -- a VAXstation that kept pulling in our fellow > old-timers, an SGI Indy, and an Amiga. He also brought out a 32-inch > HD > TV/monitor that attracted lots of folks to the booth, and allowed us to > show that our desktop looked pretty much just like any other UNIX (a > big > deal from some of the folks there who were new to open-source OSes). > > John may have missed his calling as a brilliant marketing guy -- > Sunday, > he brought out a bowl of candy and his awesome G3-based Tonka truck (an > old iMac motherboard wedged into a Tonka dumptruck) which which had > plenty of folks stopping by the booth. > > The *BSD community of Los Angeles was really helpful, no matter > which of the several BSD varients they usually use. I was blown > away by the generosity of Pete Wright and Michael Dickerson, who came > out Saturday and talked up NetBSD all day! > > I had a great time, and was delighted to find so many open-minded and > enthusiastic fellow open source folks. Any number of folks seemed > interested in learning one more system, and figuring out the BSD thing. > They wanted to know where they could slide it into their all-Linux > organizations, what we were planning for the future, and where they > could get more info. > > Our fellow exhibitors were just as friendly. The FreeBSD guys spent > plenty of time hanging out with us, as did Linux folks from all over. > The Linux Astronomy (http://www.linuxastronomy.org) folks were > particularly fun and helpful. > > If you get a chance to do a similar booth elsewhere, I whole-heartedly > encourage you to go for it! > > [Sorry for making this so long, but I wanted to make sure I thanked > everybody, and, heck, it was fun and exciting and I'm still pumped up > about it!] > > Kevin > kml at patheticgeek.net > ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From branto Mon Feb 14 16:22:18 2005 From: branto (Brant I. Stevens) Date: Mon, 14 Feb 2005 16:22:18 -0500 Subject: [nycbug-talk] Error compiling Ethereal 0.10.9 on Mac OSX 10.3.8/Fink In-Reply-To: Message-ID: I figure I'd try asking you guys, since there seems to be a lot of Mac development expertise here... Any help with the below is much appreciated. I thought it was a library issue with a default compilation of Ethereal, but I ran make clean, then reset my ./configure options to point everything into one directory for libraries, but still no dice. (my bad on the subject down below... It is supposed to be Mac OSX 10.3.8... Duh...) -Brant ------ Forwarded Message From: "Brant I. Stevens" Date: Sun, 13 Feb 2005 22:18:19 -0500 To: Subject: Error compiling Ethereal 0.10.9 on Mac OSX 10.3.9/Fink Hi all... I am experiencing a problem with compiling ethereal... I have 0.10.6 installed on this box, but am trying to install the newer version, and get the error below. Also shown are my ./configure options. Any help offered is appreciated. branto-g4-01-branto-com:~/download/ethereal-0.10.9 branto$ ./configure --prefix=/sw --enable-threads --enable-randpkt --enable-ipv6 --with-ssl=/sw --with-pcre=/sw ld: warning multiple definitions of symbol _compute_timestamp_diff util.o definition of _compute_timestamp_diff in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _compute_timestamp_diff ld: warning multiple definitions of symbol _create_tempfile util.o definition of _create_tempfile in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _create_tempfile ld: warning multiple definitions of symbol _get_args_as_string util.o definition of _get_args_as_string in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _get_args_as_string ld: warning multiple definitions of symbol _get_conn_cfilter util.o definition of _get_conn_cfilter in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _get_conn_cfilter ld: warning multiple definitions of symbol _locale_charset /sw/lib/libiconv.dylib(localcharset.o) definition of _locale_charset /sw/lib/libintl.dylib(localcharset.lo) definition of _locale_charset ld: Undefined symbols: _proto_registrar_dump_values _range_convert_str _range_empty _value_is_in_range _convert_string_case _convert_string_to_hex _get_addr_name _range_convert_range _range_copy _ranges_are_equal _dcerpc_add_conv_to_bind_table _dcerpc_get_transport_salt _dcerpc_hooks_init_protos _T_h323_message_body_vals make[2]: *** [ethereal] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 branto-g4-01-branto-com:~/download/ethereal-0.10.9 branto$ ------ End of Forwarded Message From pete Mon Feb 14 16:57:31 2005 From: pete (Pete Wright) Date: Mon, 14 Feb 2005 13:57:31 -0800 (PST) Subject: [nycbug-talk] Error compiling Ethereal 0.10.9 on Mac OSX 10.3.8/Fink In-Reply-To: References: Message-ID: <14693.160.33.20.11.1108418251.squirrel@160.33.20.11> > I figure I'd try asking you guys, since there seems to be a lot of Mac > development expertise here... Any help with the below is much > appreciated. while there are definatly are alot of mac people on this list it looks like the problem you are running into is with fink. you may get more millage pinging their list to see what they have to say. there is also this group: http://lesmuug.org/ they may be able to help you as well.... -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bob Mon Feb 14 17:16:59 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 17:16:59 -0500 Subject: [nycbug-talk] Error compiling Ethereal 0.10.9 on Mac OSX 10.3.8/Fink In-Reply-To: References: Message-ID: <587771f302149dfd0ad14be01e88c926@redivi.com> On Feb 14, 2005, at 4:22 PM, Brant I. Stevens wrote: > I figure I'd try asking you guys, since there seems to be a lot of Mac > development expertise here... Any help with the below is much > appreciated. > > I thought it was a library issue with a default compilation of > Ethereal, but > I ran make clean, then reset my ./configure options to point > everything into > one directory for libraries, but still no dice. > > (my bad on the subject down below... It is supposed to be Mac OSX > 10.3.8... > Duh...) Use darwinports : % sudo /opt/local/bin/port install ethereal +adns +ipv6 +net-snmp +pcre (go make some coffee) % open-x11 /opt/local/bin/ethereal (presumably that works - I'm still making coffee) -bob From bob Tue Feb 15 00:20:04 2005 From: bob (Bob Ippolito) Date: Tue, 15 Feb 2005 00:20:04 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit Message-ID: <080a028cd0c0a6f73659a097734181d6@redivi.com> As a follow-up to the Shmoo IDN exploit, Mozilla is going to set IDN to false by default (as of Firefox 1.0.1, and Mozilla 1.8 beta): http://weblogs.mozillazine.org/gerv/archives/007556.html One of the authors of the IDN standard brings to attention that although it is the registrars responsibility to handle this issue, there are more elegant solutions than just turning it off: http://lookit.proper.com/archives/000302.html The Unicode Consortium also has an early draft of their technical report on this and related issues: http://unicode.org/reports/tr36/ So far, it does not seem like anyone has implemented a "nice" version of IDN awareness, though I might take a whack at it later this week if I find the time. The hardest part is just designing the UI, looking up the block that a particular code point resides in is pretty trivial actually, though you would have to parse the relevant section of the UCD . -bob From elric Tue Feb 15 00:29:20 2005 From: elric (Roland Dowdeswell) Date: Tue, 15 Feb 2005 00:29:20 -0500 Subject: [nycbug-talk] /etc/hosts In-Reply-To: Your message of "Mon, 14 Feb 2005 10:54:13 EST." <4210C9A5.7090900@tbwachiat.com> Message-ID: <20050215052920.B77613701F@arioch.imrryr.org> On 1108396453 seconds since the Beginning of the UNIX epoch steve rieger wrote: > >hi all, > > >is there a difference between these two and if so can you elaborate > >cat /etc/hosts >192.10.20.25 yoyo.mama.com yoyo > >cat /etc/hosts >192.10.20.25 yoyo yoyo.mama.com Yes. getnameinfo()/gethostbyaddr() will return the first name that appears. So, in general, you put the FQDN first unless you are in an environment where you need name resolution to return non-FQDNs. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From chsnyder Tue Feb 15 10:18:54 2005 From: chsnyder (csnyder) Date: Tue, 15 Feb 2005 10:18:54 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: <080a028cd0c0a6f73659a097734181d6@redivi.com> References: <080a028cd0c0a6f73659a097734181d6@redivi.com> Message-ID: It totally sucks that Mozilla would turn IDN off rather than implement the logic to detect if multiple codepages were being used in the same url. What about Mozilla users in the rest of the world? Download an XPI with annoying warnings about how "dangerous" it is to use my native characterset is not really acceptable. >From the IDN in Applications RFC http://www.apps.ietf.org/rfc/rfc3490.html#sec-10 (page 20) To help prevent confusion between characters that are visually similar, it is suggested that implementations provide visual indications where a domain name contains multiple scripts. Such mechanisms can also be used to show when a name contains a mixture of simplified and traditional Chinese characters, or to distinguish zero and one from O and l. DNS zone adminstrators may impose restrictions (subject to the limitations in section 2) that try to minimize homographs. It's something they should have been doing all along, which gives Opera no excuse either. From spork Tue Feb 15 14:49:23 2005 From: spork (Charles Sprickman) Date: Tue, 15 Feb 2005 14:49:23 -0500 (EST) Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: References: <080a028cd0c0a6f73659a097734181d6@redivi.com> Message-ID: For our OS-X using friends, I'll point this out: http://haoli.dnsalias.com/ I've been using Saft with Safari for quite a while to get a ton of extra "little features". Last update added an IDN "fix"... Charles On Tue, 15 Feb 2005, csnyder wrote: > It totally sucks that Mozilla would turn IDN off rather than implement > the logic to detect if multiple codepages were being used in the same > url. > > What about Mozilla users in the rest of the world? Download an XPI > with annoying warnings about how "dangerous" it is to use my native > characterset is not really acceptable. > >> From the IDN in Applications RFC > http://www.apps.ietf.org/rfc/rfc3490.html#sec-10 (page 20) > To help prevent confusion between characters that are visually > similar, it is suggested that implementations provide visual > indications where a domain name contains multiple scripts. Such > mechanisms can also be used to show when a name contains a mixture of > simplified and traditional Chinese characters, or to distinguish zero > and one from O and l. DNS zone adminstrators may impose restrictions > (subject to the limitations in section 2) that try to minimize > homographs. > > It's something they should have been doing all along, which gives > Opera no excuse either. > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From bob Tue Feb 15 15:03:30 2005 From: bob (Bob Ippolito) Date: Tue, 15 Feb 2005 15:03:30 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: References: <080a028cd0c0a6f73659a097734181d6@redivi.com> Message-ID: <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> On Feb 15, 2005, at 14:49, Charles Sprickman wrote: > On Tue, 15 Feb 2005, csnyder wrote: > >> It totally sucks that Mozilla would turn IDN off rather than implement >> the logic to detect if multiple codepages were being used in the same >> url. >> >> What about Mozilla users in the rest of the world? Download an XPI >> with annoying warnings about how "dangerous" it is to use my native >> characterset is not really acceptable. >> >>> From the IDN in Applications RFC >> http://www.apps.ietf.org/rfc/rfc3490.html#sec-10 (page 20) >> To help prevent confusion between characters that are visually >> similar, it is suggested that implementations provide visual >> indications where a domain name contains multiple scripts. Such >> mechanisms can also be used to show when a name contains a mixture of >> simplified and traditional Chinese characters, or to distinguish zero >> and one from O and l. DNS zone adminstrators may impose restrictions >> (subject to the limitations in section 2) that try to minimize >> homographs. >> >> It's something they should have been doing all along, which gives >> Opera no excuse either. > For our OS-X using friends, I'll point this out: > > http://haoli.dnsalias.com/ > > I've been using Saft with Safari for quite a while to get a ton of > extra "little features". Last update added an IDN "fix"... The kind of IDN spoofing defense that IDNSnitch and Saft implement is only very marginally better than just denying all IDN hosts. It's very anglocentric and distrusts every IDN host, regardless of whether it contains mixed scripts or any known homographs. So far, I don't believe that anyone has implemented the recommended approach -- certainly not for Safari, anyway. -bob From spork Tue Feb 15 16:04:21 2005 From: spork (Charles Sprickman) Date: Tue, 15 Feb 2005 16:04:21 -0500 (EST) Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> References: <080a028cd0c0a6f73659a097734181d6@redivi.com> <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> Message-ID: On Tue, 15 Feb 2005, Bob Ippolito wrote: > The kind of IDN spoofing defense that IDNSnitch and Saft implement is > only very marginally better than just denying all IDN hosts. It's very > anglocentric and distrusts every IDN host, regardless of whether it > contains mixed scripts or any known homographs. Surprising since the author comes from a place where they use "funny symbols" when they type. :) > So far, I don't believe that anyone has implemented the recommended > approach -- certainly not for Safari, anyway. That's understandable considering Saft is just an "add on" and not a different browser built around WebKit. I'm sure that an update will follow from Apple in the next few weeks. I haven't seen anything in my ADC account yet, but I'm watching... Charles > -bob > > From bob Tue Feb 15 16:24:32 2005 From: bob (Bob Ippolito) Date: Tue, 15 Feb 2005 16:24:32 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: References: <080a028cd0c0a6f73659a097734181d6@redivi.com> <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> Message-ID: <2a133cd36120ceb669f53aed61a55a3f@redivi.com> On Feb 15, 2005, at 16:04, Charles Sprickman wrote: > On Tue, 15 Feb 2005, Bob Ippolito wrote: > >> The kind of IDN spoofing defense that IDNSnitch and Saft implement is >> only very marginally better than just denying all IDN hosts. It's >> very anglocentric and distrusts every IDN host, regardless of whether >> it contains mixed scripts or any known homographs. > > Surprising since the author comes from a place where they use "funny > symbols" when they type. :) Yeah but not many. He lives in Stockholm, not Beijing :) >> So far, I don't believe that anyone has implemented the recommended >> approach -- certainly not for Safari, anyway. > > That's understandable considering Saft is just an "add on" and not a > different browser built around WebKit. I'm sure that an update will > follow from Apple in the next few weeks. I haven't seen anything in > my ADC account yet, but I'm watching... That's no excuse, the amount of black magic integration involved in doing "nice" IDN spoof detection and doing an ugly hack like this is precisely the same. The difference is probably about two hours worth of work (but not Safari hacking, just extra IDN-related code on top of the hook he is already using). Adding a graphical notice in the URL bar rather than using a pop-up would probably be another two hours, not because it's hard, but because *that* would require some more Safari hacking. I would expect that it's worth his time since he's selling this thing. -bob From george Tue Feb 15 23:09:31 2005 From: george (G. Rosamond) Date: Tue, 15 Feb 2005 23:09:31 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . Message-ID: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> I was dead set on a ThinkPad, but after playing with a client's Sharp MM10, I may change that. For those who don't know them, check out www.sharpusa.com, but make sure your browser identifies as IE. They are two pounds, have 10.4" displays, and are sweet. . . with the extra battery, they get 9 hours of uptime. . . Googling shows some references to people running a BSD on them, but does anyone on Talk have any experience, things I should know, etc. . . George From pete Tue Feb 15 23:18:42 2005 From: pete (Pete Wright) Date: Tue, 15 Feb 2005 23:18:42 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216041842.GA85097@finn.nomadlogic.org> On Tue, Feb 15, 2005 at 11:09:31PM -0500, G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. > > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. > > They are two pounds, have 10.4" displays, and are sweet. . . with the > extra battery, they get 9 hours of uptime. . . > > Googling shows some references to people running a BSD on them, but > does anyone on Talk have any experience, things I should know, etc. . . ok i'll bite, i'm an huge fan of the thinkpads. i have an X31 (which seems pretty similar to the MM10). it does look pretty good, but a couple things that differ i think are worth noting. first off, i'm a huge fan of the thinkpad "nipple" for the mouse. i've always had problems with the track- pads on laptops, my palm always seems to move the mouse...which will end up moving the focus on my window in xwindows. the "nipple" is not in the way and the thinkpad's have a real three button mice as well. secondly the X31 comes with builtin Gig-e via the "em" device. seems to work quite well with 4.x. lastly it's got a 1.4ghz chip on it, that will scale down to 550mhz when running on batteries. i get about 5 hours of battery life on it (unless i'm using my pcmcia wifi card then i loose about an hour or so). so performance is not too bad on the sucker either. i don't know the price of the sharps, and granted you do pay a premium with the thinkpad but IMO it's worth it. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bruno Tue Feb 15 23:48:16 2005 From: bruno (bruno) Date: Tue, 15 Feb 2005 23:48:16 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216044816.GB23791@loftmail.com> On Tue, Feb 15, 2005 at 11:09:31PM -0500, G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. > > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. > > They are two pounds, have 10.4" displays, and are sweet. . . with the > extra battery, they get 9 hours of uptime. . . > > Googling shows some references to people running a BSD on them, but > does anyone on Talk have any experience, things I should know, etc. . . If you're into those, a friend of mine has a small fujitsu, sounds about the same, small, 8 hours with a minibay battery, very pretty, small but nice display. He is not running a UNIX flavor, but I hear BSDs do run on them. Don't remember the model, I'm sure you'll find them on fujitsu site. From mspitzer Tue Feb 15 23:59:59 2005 From: mspitzer (Marc Spitzer) Date: Tue, 15 Feb 2005 23:59:59 -0500 Subject: [nycbug-talk] Fwd: UNIGROUP 17-FEB-2005 (Thurs): ZOPE - Open Source Web Development Framework In-Reply-To: <200502152037.j1FKbgt2000862@progplus.com> References: <200502152037.j1FKbgt2000862@progplus.com> Message-ID: <8c50a3c3050215205940845246@mail.gmail.com> If you want to hear a talk about zope marc ---------- Forwarded message ---------- From: Unigroup_of_NY Date: Tue, 15 Feb 2005 15:37:42 -0500 (EST) Subject: UNIGROUP 17-FEB-2005 (Thurs): ZOPE - Open Source Web Development Framework To: mspitzer at gmail.com Unigroup's February 2005 meeting is THIS Thursday... ===================================================================== UNIGROUP OF NEW YORK - UNIX USERS GROUP - FEBRUARY 2005 ANNOUNCEMENTS ===================================================================== ----------------------------------------------------- 1. UNIGROUP'S FEBRUARY 2005 GENERAL MEETING ANNOUNCEMENT ----------------------------------------------------- When: THURSDAY, February 17th, 2005 (3rd Thursday) Where: Alliance for Downtown NY Conference Facility Downtown Center 104 Washington Street South West Corner of Wall Street Area Downtown, New York City ** Please RSVP (not mandatory) ** Time: 6:15 PM - 6:25 PM Registration 6:25 PM - 6:45 PM Ask the Wizard, Questions, Answers and Current Events 6:45 PM - 7:00 PM Unigroup Business and Announcements 7:00 PM - 9:30 PM Main Presentation ----------------------------------------------- Topic: ZOPE - An Open Source Web Development Framework ----------------------------------------------- Speakers: Rob Page, CEO and President, Zope Corporation INTRODUCTIONS: -------------- Please keep an eye out for a series of _MONTHLY_ meetings which we have confirmed for February, March and April 2005. The meeting schedule is posted below (all on the 3rd Thursday). We are finally holding our meeting on Web Development and Zope! This meeting was supposed to be a followup our meeting on Python (March 2003), but it wound up being delayed for various reasons and due to various events (including things like the Solaris 10 launch). During this time, our friends at Zope Corporation have been patient, and they have been waiting for the chance to present Zope to Unigroup. We do appreciate their support! I've called Zope a "Web Development Framework", but from what I've read, it may be much more than this (see below). Major corporations are using Zope to build web sites and bring content to market. One such example is Computer Associates... see their press release about CA and Zope Corp: http://www3.ca.com/Press/PressRelease.asp?CID=59297 Also note that we expect to have CA present to Unigroup, later in the year, and they were also invited to participate in this week's Zope meeting. ------------------------------------------------------------------- SPECIAL INSTRUCTIONS: --------------------- To REGISTER for this event, please RSVP by using the Unigroup Registration Page: http://www.unigroup.org/unigroup-rsvp.html This will allow us to automate the registration process. (Registration will also add you to our mailing list.) Please continue to check the Unigroup web site and meeting page, for any last minute updates concerning this meeting. If you registered for this meeting, please check your email for any last minute announcements as the meeting approaches. Please try to RSVP as soon as possible. Note: RSVP is not mandatory for this location, but it does help us to properly plan the meeting (food, drinks, handouts, seating, etc.). ------------------------------------------------------------------- OUTLINE OF THE MAIN PRESENTATION: --------------------------------- This month's meeting will be a presentation on ZOPE: - What is Zope? - Who uses the platform? - What is possible with the platform? - The Zope Community and Activities (e.g., Sprints) - Platform Futures The Zope Software System: ------------------------- (Extracted from http://www.zope.com/Corporate/CompanyProfile.html) Zope is a unique software system: a high-performance application server, a web server, and a content management system. It is a complete, self-contained solution, that includes a robust, scalable object database, web services architecture, and powerful programming capabilities. It is designed for customization and extensibility. Its components integrate tightly with a wide range of leading web server and database systems. Zope promotes rapid creation and deployment of complex applications, totally manageable through a web interface. All of this, and complete open source access, are provided without cost. There are no licensing or runtime fees for the software. What Is Zope? ------------- (Extracted from http://www.zope.org/WhatIsZope) Zope is an open source web application server primarily written in the Python programming language. It features a transactional object database which can store not only content and custom data, but also dynamic HTML templates, scripts, a search engine, and relational database (RDBMS) connections and code. It features a strong through-the-web development model, allowing you to update your web site from anywhere in the world. To allow for this, Zope also features a tightly integrated security model. Built around the concept of "safe delegation of control", Zope's security architecture also allows you to turn control over parts of a web site to other organizations or individuals. The transactional model applies not only to Zope's object database, but to many relational database connectors as well, allowing for strong data integrity. This transaction model happens automatically, ensuring that all data is successfully stored in connected data sources by the time a response is returned to a web browser or other client. There are numerous products (plug-in Zope components) available for download to extend the basic set of site building tools. These products include new content objects; relational database and other external data source connectors; advanced content management tools; and full applications for e-commerce, content and document management, or bug and issue tracking. Zope includes its own HTTP, FTP, WebDAV, and XML-RPC serving capabilities, but can also be used with the Apache or other web servers. ------------------------------------------------------------------- Web Resources: -------------- Zope Corporation http://www.zope.com Zope Open Source Community http://www.zope.com/Services/Community.html Zope Community http://www.zope.org Zope Developer Community http://dev.zope.org Zope Powered Sites http://www.zope.org/Resources/ZopePowered ------------------------------------------------------------------- Speaker Biography: ------------------ (Extracted from http://www.zope.com/Corporate/Management/Page.html) Rob Page, Chief Executive Officer & President, Zope Corporation: Rob Page provides leadership and vision, directing corporate operations, professional services, product development and sales. He is involved in all aspects of company strategy, client services and quality assurance. Prior to co-founding Zope Corporation in 1995, he co-founded Connecting Minds, a consultancy firm. He also served for nine years in the Marine Corps and Marine Corps Reserve as a data systems officer. Rob earned his B.S. in Aerospace Engineering from the University of Florida. Company Biography: ------------------ (Extracted from http://www.zope.com/Corporate/CompanyProfile.html) Zope Corporation uses Zope Software to create high-end custom solutions with unparalleled time to market. The company generates revenue by offering Zope-based products, content management solutions through consulting services, support and training. Building on the open source model, customers are freed of vendor dependence because they have the source code of their product / custom solution. ------------------------------------------------------------------- Giveaways: ---------- O'Reilly has been kind enough to provide us with some of their books, which we will continue to raffle off as giveaways at our meetings. Addison-Wesley Professional/Prentice Hall PTR has been kind enough to provide us with some of their books, which we will continue to raffle off as giveaways at our meetings. Unigroup would like to thank both companies for the support provided by their User Group programs. Note: The chances tend to be about 1 in 5, that any attendee of our meeting will walk away with a fairly valuable giveaway (ie. most books are valued between $30 and $60)! ------------------------------------------------------------------- Fee Schedule: Yearly Membership (includes all meetings): $ 50.00 Non-Member Single Meeting: $ 20.00 Student Yearly Membership: $ 20.00 Non-Member Student Single Meeting (with ID): $ 5.00 Payment Methods: Cash, Check, American Express. ------------------------------------------------------------------- Complimentary Food and Refreshments will be served. This includes sandwiches such as Turkey, Chicken, Tuna and Grilled Vegetables, as well as Assorted Salads (Cole Slaw, Potato, Tossed, Caesar, Pasta), Cookies/Brownies, Bottled Water and Assorted Beverages. ------------------------------------------------------------------- Directions: Alliance for Downtown NY Conference Facility Downtown Center 104 Washington Street Wall Street Area Downtown, New York City This building is located on the West side of the street, the second building north of Rector Street. Cross Streets: Between Rector (South) and Carlisle (North) Streets. Enter the lobby, and tell the guard at the desk that you are heading for Unigroup. You will be directed to the meeting room. Our meeting location is in the Lower West Corner of Downtown, North of the Battery Tunnel, South of the Downtown Hotel, East of West Street, and West of Greenwich Street. Walking West on Rector Street from Broadway, you pass Church, Greenwich then Washington Streets. There are multiple blocks of parking lots right there, between Washington and Greenwich Streets, starting at the Battery Tunnel and extending North for a number of blocks. Nearest mass transit stations, in order, are the '1/9' (Rector Street), 'R/W' (Rector Street) and the '4/5' (Wall Street). ----- Please mark this meeting on your calendar and join us! Please tell your friends about Unigroup! ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------- 2. UPCOMING MEETINGS ----------------- We have a series of meetings in the works: - 17-FEB-2005 : Zope / Web Page Development Rob Page / Zope Corporation - 17-MAR-2005 : Solaris 10 Part 2 Field Trip to Sun Microsystems - 21-APR-2005 : AFS and OpenAFS Jeff Altman / Secure Endpoints - IPsec - Samba - Field Trip to HP - Invited - Field Trip to CA - Invited - Unix 35th Birthday Celebration - DNS - Unix Clusters and Clustered Databases - Linux Clustering Part 3: Beowulf version 2 - Building a Firewall using FreeBSD and Linux - High Performance Internet Servers / Web Acceleration - Unix Office Tools: Word Processors, Spreadsheets, Accounting Packages. - PKI - GNU Development Environments - iSCSI, Serial ATA, and other new peripheral technologies Please let us know about any other meeting topics that you may be interested in. Potential speakers on Unix related technology topics should contact the Unigroup board at uniboard at unigroup.org. ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ I hope to see you all at our next meeting! -Rob Weiner Unigroup Executive Director unilist at unigroup.org http://www.unigroup.org From dan Wed Feb 16 06:57:57 2005 From: dan (Dan Langille) Date: Wed, 16 Feb 2005 06:57:57 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <4212EEF5.24609.26AFEE4@localhost> On 15 Feb 2005 at 23:09, G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. I'd say, still go for the ThinkPad. Will Andrews just bought a T41P (? I think that's the one) and he pleased with it. > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. > > They are two pounds, have 10.4" displays, and are sweet. . . with the > extra battery, they get 9 hours of uptime. . . > > Googling shows some references to people running a BSD on them, but > does anyone on Talk have any experience, things I should know, etc. . . When you go to test drive the laptop, take a FreeSBIE CD with you. Boot off it. Look around. Things look OK? If so, you're ahead of the game. If it does not boot, proceed with caution. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From lists Wed Feb 16 09:01:48 2005 From: lists (Hans Zaunere) Date: Wed, 16 Feb 2005 09:01:48 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216140231.32F7CA85F3@virtu.nyphp.org> > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. Come on, don't be crazy... > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. Oh, and you're still considering a Sharp? H From george Wed Feb 16 09:31:19 2005 From: george (George Georgalis) Date: Wed, 16 Feb 2005 09:31:19 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216143119.GK16801@sta.local> On Tue, Feb 15, 2005 at 11:09:31PM -0500, G Rosamond wrote: >I was dead set on a ThinkPad, but after playing with a client's Sharp >MM10, I may change that. > >For those who don't know them, check out www.sharpusa.com, but make >sure your browser identifies as IE. I had a slick sharp graphing calculator once. It was neat, but always felt constrained on what I could do with it, only what they intended, nothing flexible. Then it quite unexpectantly broke. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From tux Wed Feb 16 11:15:17 2005 From: tux (Kevin Reiter) Date: Wed, 16 Feb 2005 11:15:17 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <42137195.5070409@penguinnetwerx.net> G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. Go here, Grasshopper: http://gerda.univie.ac.at/freebsd-laptops/ Updated often and loads of good info that's model-specific. I used it to get X working on my Dell C640 on 4.10. > For those who don't know them, check out www.sharpusa.com, but make sure > your browser identifies as IE. If it doesn't work with anything other than IE, why would you waste your time/energy on it? I would guess (notice I didn't say "assume"? :) that if they can't be bothered to make their website W3C compliant, they didn't spend any development dollars in making sure they have hardware that plays nice with anything other than M$... ..just me .02 . From george Thu Feb 17 21:11:19 2005 From: george (G. Rosamond) Date: Thu, 17 Feb 2005 21:11:19 -0500 Subject: [nycbug-talk] OnLamp from Dru. . . Message-ID: Seems like one of our list members is being too modest in publicizing her ware . . . http://www.onlamp.com/pub/a/bsd/2005/02/17/FreeBSD_Basics.html It's a deli.cio.us piece. . . g From george Thu Feb 17 21:46:00 2005 From: george (G. Rosamond) Date: Thu, 17 Feb 2005 21:46:00 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . Message-ID: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> There's a great security document and tool available for a number of OSs, including FreeBSD, at www.cisecurity.org I'm going through the doc right now, which documents the tool's procedures. . . some looks pretty basic (disabling anonymous ftp) but some is very interesting (making sure no dot files are world writeable). Highly recommended. I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a less-than-mission-critical server tomorrow . . . George From mspitzer Thu Feb 17 22:18:28 2005 From: mspitzer (Marc Spitzer) Date: Thu, 17 Feb 2005 22:18:28 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> References: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: <8c50a3c305021719186e4c55e8@mail.gmail.com> On Thu, 17 Feb 2005 21:46:00 -0500, G. Rosamond wrote: > There's a great security document and tool available for a number of > OSs, including FreeBSD, at www.cisecurity.org Did not know the freebsd one was out. The router one is cool, used it at work around 2000, very useful tool for a large plant. marc From jesse Fri Feb 18 08:14:15 2005 From: jesse (Jesse Callaway) Date: Fri, 18 Feb 2005 08:14:15 -0500 Subject: [nycbug-talk] what the? Message-ID: <20050218131415.GE48925@mail.theholymountain.com> I guess I do know where all of that church money goes now... They need to hire crack spammers! iptables... yuck. iptables? hmm... This is just TOO weird. http://newyork.craigslist.org/mnh/cpg/60151192.html -jesse From steve Fri Feb 18 08:37:14 2005 From: steve (steverieger) Date: Fri, 18 Feb 2005 08:37:14 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: To be honest with you I have this exact issue with the fbsd folks (the developers not the users) On my other os, I always mount /usr as read only, and all my sql and apache stuff goes elswhere, but the default fbsd setup puts the apache rootdir in /usr/local/www and sometimes the /var slice is a bit small to handle all my databases. But for any decent sys admin I recommend to always mount /usr as ro,nosuid,logging My .02C On 2/17/05 9:46 PM, "G. Rosamond" wrote: > There's a great security document and tool available for a number of > OSs, including FreeBSD, at www.cisecurity.org > > I'm going through the doc right now, which documents the tool's > procedures. . . some looks pretty basic (disabling anonymous ftp) but > some is very interesting (making sure no dot files are world > writeable). > > Highly recommended. > > I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a > less-than-mission-critical server tomorrow . . . > > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From chsnyder Fri Feb 18 09:01:43 2005 From: chsnyder (csnyder) Date: Fri, 18 Feb 2005 09:01:43 -0500 Subject: [nycbug-talk] what the? In-Reply-To: <20050218131415.GE48925@mail.theholymountain.com> References: <20050218131415.GE48925@mail.theholymountain.com> Message-ID: On Fri, 18 Feb 2005 08:14:15 -0500, Jesse Callaway wrote: > I guess I do know where all of that church money goes now... They need to hire crack spammers! iptables... yuck. iptables? hmm... This is just TOO weird. > > http://newyork.craigslist.org/mnh/cpg/60151192.html > Spamming to promote family values, I love it! Great find. From jhlists Fri Feb 18 09:45:06 2005 From: jhlists (jh) Date: Fri, 18 Feb 2005 09:45:06 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <42137195.5070409@penguinnetwerx.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> <42137195.5070409@penguinnetwerx.net> Message-ID: <4215FF72.8060902@hirschman.net> Kevin Reiter wrote: > > I would guess (notice I didn't say "assume"? :) that > if they can't be bothered to make their website W3C compliant, they > didn't spend any development dollars in making sure they have hardware > that plays nice with anything other than M$... > > ..just me .02 . > Since it is typically two different groups inside of a huge company responsible for marketing the computer and designing the computer, I'd say that this is generally a poor conclusion. That being said, as a former Sharp notebook owner: beware. I found their support to be miserable even for Windows - they didn't bother to post new drivers from the Japan site on the USA site. I think that the USA sub of the company is really geared to marketing and selling black box items; I found Sony to be much the same way (just not as bad). My $.02 jh From tux Fri Feb 18 10:48:20 2005 From: tux (Kevin Reiter) Date: Fri, 18 Feb 2005 10:48:20 -0500 Subject: [nycbug-talk] OnLamp from Dru. . . In-Reply-To: References: Message-ID: <42160E44.20304@penguinnetwerx.net> G. Rosamond wrote: > Seems like one of our list members is being too modest in publicizing > her ware . . . > > http://www.onlamp.com/pub/a/bsd/2005/02/17/FreeBSD_Basics.html ..and if you follow the link for "thefish" screenshots, you'll see that you can enable Isaac to do something for you, but it doesn't say what.. man ike returns nothing, so it looks like he's a little behind on the documentation :) (Top-left Qt box) From okan Fri Feb 18 11:17:43 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 11:17:43 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <20050216041842.GA85097@finn.nomadlogic.org> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> <20050216041842.GA85097@finn.nomadlogic.org> Message-ID: <20050218161743.GA21934@yinaska.pair.com> On Tue 2005.02.15 at 23:18 -0500, Pete Wright wrote: > On Tue, Feb 15, 2005 at 11:09:31PM -0500, G. Rosamond wrote: > > I was dead set on a ThinkPad, but after playing with a client's Sharp > > MM10, I may change that. > > > > For those who don't know them, check out www.sharpusa.com, but make > > sure your browser identifies as IE. > > > > They are two pounds, have 10.4" displays, and are sweet. . . with the > > extra battery, they get 9 hours of uptime. . . > > > > Googling shows some references to people running a BSD on them, but > > does anyone on Talk have any experience, things I should know, etc. . . > > ok i'll bite, i'm an huge fan of the thinkpads. i have an X31 (which seems > pretty similar to the MM10). it does look pretty good, but a couple things > that differ i think are worth noting. first off, i'm a huge fan of the > thinkpad "nipple" for the mouse. i've always had problems with the track- > pads on laptops, my palm always seems to move the mouse...which will end up > moving the focus on my window in xwindows. the "nipple" is not in the way > and the thinkpad's have a real three button mice as well. > > secondly the X31 comes with builtin Gig-e via the "em" device. seems to > work quite well with 4.x. lastly it's got a 1.4ghz chip on it, that will > scale down to 550mhz when running on batteries. i get about 5 hours of > battery life on it (unless i'm using my pcmcia wifi card then i loose about > an hour or so). so performance is not too bad on the sucker either. > > i don't know the price of the sharps, and granted you do pay a premium with > the thinkpad but IMO it's worth it. i'm with pete on this. as much as the premium may be for a thinkpad, i will always go for one. it is not a branding thing at all, more of a feature set - though that is hard to enumerate. i'd love to see ibm (or whoever the new vendor is) to start offering mobil amd64 ;) okan > -p > > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From okan Fri Feb 18 11:27:23 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 11:27:23 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: References: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: <20050218162723.GB21934@yinaska.pair.com> On Fri 2005.02.18 at 08:37 -0500, steverieger wrote: > To be honest with you > > I have this exact issue with the fbsd folks (the developers not the users) > > On my other os, I always mount /usr as read only, and all my sql and apache > stuff goes elswhere, but the default fbsd setup puts the apache rootdir in > /usr/local/www and sometimes the /var slice is a bit small to handle all my > databases. i'm not too familiar with where stuff goes in freebsd, but i like data in /var - including www and mysql and pgsql...etc. but each data dir gets its own slice if it is important to me. > But for any decent sys admin I recommend to always mount /usr as > ro,nosuid,logging i've heard that statement many times before, but what exactly does that give you? mounting /usr as nosuid? - what do you break? read-only /usr for what reason? whoever gets root can easily do a re-mount. not flaming, but curious to hear additional reasons that i've heard before behind this ;) cheers > > My .02C > > > > > On 2/17/05 9:46 PM, "G. Rosamond" wrote: > > > There's a great security document and tool available for a number of > > OSs, including FreeBSD, at www.cisecurity.org > > > > I'm going through the doc right now, which documents the tool's > > procedures. . . some looks pretty basic (disabling anonymous ftp) but > > some is very interesting (making sure no dot files are world > > writeable). > > > > Highly recommended. > > > > I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a > > less-than-mission-critical server tomorrow . . . > > > > George > > > > _______________________________________________ > > % NYC*BUG talk mailing list > > http://lists.nycbug.org/mailman/listinfo/talk > > %Be sure to check out our Jobs and NYCBUG-announce lists > > %We meet the first Wednesday of the month > > > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From jesse Fri Feb 18 11:47:54 2005 From: jesse (Jesse Callaway) Date: Fri, 18 Feb 2005 11:47:54 -0500 Subject: [nycbug-talk] Re: wondering where Richte is at? In-Reply-To: <0445708ef11380246cb1078d644f5fa3@lesmuug.org> References: <0445708ef11380246cb1078d644f5fa3@lesmuug.org> Message-ID: <20050218164754.GB885@mail.theholymountain.com> On Fri, Feb 18, 2005 at 10:56:23AM -0500, Isaac Levy wrote: > Hi BER, > > So I was just thinking about a conversation we had a while back about > Dennis Richte, and asking him if he would do a nycbug meeting. I had a > few questions for you about this idea- > > 1) Where is Dennis Richte? You'd said he was around the northeast here? > > 2) What do you think is the best way to approach him? Should we just > email him out of the blue? > > 3) Do you have any suggestions for starting points for topics, seeing > as the possibilities are quite broad? (i.e. what do you think he has > that's really special to share with little unix youngin's like me?) > > Rocket- > .ike > mmmm.... I'm getting tingly all over thinking about megaloencephalic rodentia. From steve Fri Feb 18 11:57:32 2005 From: steve (steverieger) Date: Fri, 18 Feb 2005 11:57:32 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: <20050218162723.GB21934@yinaska.pair.com> Message-ID: My /etc/vfstab looks like this (just one entry /path/to/dev /mnt/point ufs 2 yes logging,ro,noatime,nosuid,forcedirectio noatime is self explanatory forcedirectio, means that all the large files on my web server that get sent out have a direct io instead of being buffered via the kernel. This is for my apache slice On 2/18/05 11:27 AM, "Okan Demirmen" wrote: > On Fri 2005.02.18 at 08:37 -0500, steverieger wrote: >> To be honest with you >> >> I have this exact issue with the fbsd folks (the developers not the users) >> >> On my other os, I always mount /usr as read only, and all my sql and apache >> stuff goes elswhere, but the default fbsd setup puts the apache rootdir in >> /usr/local/www and sometimes the /var slice is a bit small to handle all my >> databases. > > i'm not too familiar with where stuff goes in freebsd, but i like data > in /var - including www and mysql and pgsql...etc. but each data dir > gets its own slice if it is important to me. > >> But for any decent sys admin I recommend to always mount /usr as >> ro,nosuid,logging > > i've heard that statement many times before, but what exactly does > that give you? mounting /usr as nosuid? - what do you break? read-only > /usr for what reason? whoever gets root can easily do a re-mount. > not flaming, but curious to hear additional reasons that i've heard > before behind this ;) > > cheers > >> >> My .02C >> >> >> >> >> On 2/17/05 9:46 PM, "G. Rosamond" wrote: >> >>> There's a great security document and tool available for a number of >>> OSs, including FreeBSD, at www.cisecurity.org >>> >>> I'm going through the doc right now, which documents the tool's >>> procedures. . . some looks pretty basic (disabling anonymous ftp) but >>> some is very interesting (making sure no dot files are world >>> writeable). >>> >>> Highly recommended. >>> >>> I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a >>> less-than-mission-critical server tomorrow . . . >>> >>> George >>> >>> _______________________________________________ >>> % NYC*BUG talk mailing list >>> http://lists.nycbug.org/mailman/listinfo/talk >>> %Be sure to check out our Jobs and NYCBUG-announce lists >>> %We meet the first Wednesday of the month >>> >> >> >> _______________________________________________ >> % NYC*BUG talk mailing list >> http://lists.nycbug.org/mailman/listinfo/talk >> %Be sure to check out our Jobs and NYCBUG-announce lists >> %We meet the first Wednesday of the month From jonathan Fri Feb 18 12:00:59 2005 From: jonathan (Jonathan) Date: Fri, 18 Feb 2005 12:00:59 -0500 Subject: [nycbug-talk] Wine and Starcraft ( and games in general) Message-ID: <42161F4B.20108@kc8onw.net> Has anyone here had experience getting games to run under wine? I installed starcraft fine but the no cd cracks I have found don't work and it does not seem to realize I have the CD mounted :P I don't have sound yet either but I have not messed with that at all yet. Any help is *greatly* appreciated, Jonathan Error Message: Starcraft is unable to read a required file. Your Starcraft CD may not be in the CDROM drive... ~/.wine/dosdevices > ll total 0 lrwxr-xr-x 1 jonathan jonathan 10 Feb 18 10:26 c: -> ../drive_c lrwxr-xr-x 1 jonathan jonathan 11 Feb 18 11:44 d: -> /mnt/cdrom/ lrwxr-xr-x 1 jonathan jonathan 8 Feb 18 10:33 d:: -> /dev/md0 lrwxr-xr-x 1 jonathan jonathan 1 Feb 18 10:26 z: -> / > ll /mnt/cdrom total 592758 -r-xr-xr-x 1 root wheel 40 Jan 8 1998 autorun.inf dr-xr-xr-x 1 root wheel 2048 Dec 20 1999 directx5 dr-xr-xr-x 1 root wheel 2048 Dec 20 1999 help -r-xr-xr-x 1 root wheel 606857006 Mar 11 1999 install.exe dr-xr-xr-x 1 root wheel 2048 Dec 20 1999 isp -r-xr-xr-x 1 root wheel 1078 Jan 14 1998 sc.ico -r-xr-xr-x 1 root wheel 25088 Jan 14 1998 setup.exe -r-xr-xr-x 1 root wheel 95232 Jan 20 1998 smackw32.dll ~/.wine/config [Drive D] "Path" = "/mnt/cdrom" "Type" = "cdrom" "Label" = "CD-Rom" "Filesystem" = "win95" ; make sure that device is correct and has proper permissions ! "Device" = "/dev/md0" > cd ~/.wine/drive_c/Program\ Files/Starcraft/ > wine StarCraft.exe fixme:file:get_default_drive_device auto detection of DOS devices not supported on this platform fixme:cdrom:CDROM_GetInterfaceInfo not implemented for BSD Converted drive type to new entry HKLM\Software\Wine\Drives "C:" = L"hd" Converted drive type to new entry HKLM\Software\Wine\Drives "D:" = L"cdrom" Converted drive type to new entry HKLM\Software\Wine\Drives "E:" = L"hd" Converted drive type to new entry HKLM\Software\Wine\Drives "F:" = L"network" Converted drive type to new entry HKLM\Software\Wine\Drives "Z:" = L"hd" fixme:ntdll:NtQueryVolumeInformationFile device info not properly supported on this platform err:heap:HEAP_CreateSystemHeap system heap base address 0x80000000 not available Please use the registry key HKEY_CURRENT_CONFIG\Software\Fonts\LogPixels to set the screen resolution and remove the "Resolution" entry in the config file From okan Fri Feb 18 12:07:05 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 12:07:05 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: References: <20050218162723.GB21934@yinaska.pair.com> Message-ID: <20050218170705.GA40099@yinaska.pair.com> On Fri 2005.02.18 at 11:57 -0500, steverieger wrote: > My /etc/vfstab looks like this (just one entry > > /path/to/dev /mnt/point ufs 2 yes logging,ro,noatime,nosuid,forcedirectio > noatime is self explanatory > forcedirectio, means that all the large files on my web server that get sent > out have a direct io instead of being buffered via the kernel. > > This is for my apache slice ok, for the www slice, makes sense. (not to nit-pick, but why logging/noatime if ro? unless freebsd's ufs2 logging/noatime is doing something i don't know about. i was more looking for reasons behind mounting /usr ro, but no big deal. i've had this arguement both ways in past lives, hence my curiousity. thanks > On 2/18/05 11:27 AM, "Okan Demirmen" wrote: > > > On Fri 2005.02.18 at 08:37 -0500, steverieger wrote: > >> To be honest with you > >> > >> I have this exact issue with the fbsd folks (the developers not the users) > >> > >> On my other os, I always mount /usr as read only, and all my sql and apache > >> stuff goes elswhere, but the default fbsd setup puts the apache rootdir in > >> /usr/local/www and sometimes the /var slice is a bit small to handle all my > >> databases. > > > > i'm not too familiar with where stuff goes in freebsd, but i like data > > in /var - including www and mysql and pgsql...etc. but each data dir > > gets its own slice if it is important to me. > > > >> But for any decent sys admin I recommend to always mount /usr as > >> ro,nosuid,logging > > > > i've heard that statement many times before, but what exactly does > > that give you? mounting /usr as nosuid? - what do you break? read-only > > /usr for what reason? whoever gets root can easily do a re-mount. > > not flaming, but curious to hear additional reasons that i've heard > > before behind this ;) > > > > cheers > > > >> > >> My .02C > >> > >> > >> > >> > >> On 2/17/05 9:46 PM, "G. Rosamond" wrote: > >> > >>> There's a great security document and tool available for a number of > >>> OSs, including FreeBSD, at www.cisecurity.org > >>> > >>> I'm going through the doc right now, which documents the tool's > >>> procedures. . . some looks pretty basic (disabling anonymous ftp) but > >>> some is very interesting (making sure no dot files are world > >>> writeable). > >>> > >>> Highly recommended. > >>> > >>> I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a > >>> less-than-mission-critical server tomorrow . . . > >>> > >>> George > >>> > >>> _______________________________________________ > >>> % NYC*BUG talk mailing list > >>> http://lists.nycbug.org/mailman/listinfo/talk > >>> %Be sure to check out our Jobs and NYCBUG-announce lists > >>> %We meet the first Wednesday of the month > >>> > >> > >> > >> _______________________________________________ > >> % NYC*BUG talk mailing list > >> http://lists.nycbug.org/mailman/listinfo/talk > >> %Be sure to check out our Jobs and NYCBUG-announce lists > >> %We meet the first Wednesday of the month > > -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From dlavigne6 Fri Feb 18 12:28:15 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 12:28:15 -0500 (EST) Subject: [nycbug-talk] Re: wondering where Richte is at? In-Reply-To: <20050218164754.GB885@mail.theholymountain.com> References: <0445708ef11380246cb1078d644f5fa3@lesmuug.org> <20050218164754.GB885@mail.theholymountain.com> Message-ID: <20050218122657.E553@dru.domain.org> On Fri, 18 Feb 2005, Jesse Callaway wrote: > On Fri, Feb 18, 2005 at 10:56:23AM -0500, Isaac Levy wrote: >> Hi BER, >> >> So I was just thinking about a conversation we had a while back about >> Dennis Richte, and asking him if he would do a nycbug meeting. I had a >> few questions for you about this idea- >> >> 1) Where is Dennis Richte? You'd said he was around the northeast here? >> >> 2) What do you think is the best way to approach him? Should we just >> email him out of the blue? >> >> 3) Do you have any suggestions for starting points for topics, seeing >> as the possibilities are quite broad? (i.e. what do you think he has >> that's really special to share with little unix youngin's like me?) >> >> Rocket- >> .ike >> > > mmmm.... I'm getting tingly all over thinking about megaloencephalic rodentia. One of my favourite bookmarks is Dennis' homepage (with contact info): http://cm.bell-labs.com/who/dmr/index.html If you guys get Dennis, I'm definitely coming down! Dru From dlavigne6 Fri Feb 18 12:31:27 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 12:31:27 -0500 (EST) Subject: [nycbug-talk] why /var? In-Reply-To: References: Message-ID: <20050218122904.W553@dru.domain.org> Out of pure innocent curiosity, why do you prefer /var? I don't see the logic as I never thought of a website as "variable" data but I'm interested in hearing someone else's point of view. Dru From tillman Fri Feb 18 12:28:38 2005 From: tillman (Tillman Hodgson) Date: Fri, 18 Feb 2005 11:28:38 -0600 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: References: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: <20050218172838.GE92490@seekingfire.com> On Fri, Feb 18, 2005 at 08:37:14AM -0500, steverieger wrote: > To be honest with you > > I have this exact issue with the fbsd folks (the developers not the users) > > On my other os, I always mount /usr as read only, and all my sql and apache > stuff goes elswhere, but the default fbsd setup puts the apache rootdir in > /usr/local/www and sometimes the /var slice is a bit small to handle all my > databases. > > But for any decent sys admin I recommend to always mount /usr as > ro,nosuid,logging I usually do mount /usr with restricted rights on boxes where the ability to upgrade quickly isn't a concern (the security tradeoff for thsi practice). But I also have /usr/local as a seperate partition (as well as /usr/ports, /usr/obj and /usr/src -- those are usually remote filesystems in my case anyway). -T -- There should be a science of discontent. People need hard times and oppression to develop psychic muscles. - from "Collected Sayings of Muad'Dib" by the Princess Irulan From daggerquill Fri Feb 18 13:42:12 2005 From: daggerquill (Jay) Date: Fri, 18 Feb 2005 13:42:12 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218122904.W553@dru.domain.org> References: <20050218122904.W553@dru.domain.org> Message-ID: <4ce365ec050218104253ee27cf@mail.gmail.com> On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru wrote: > > Out of pure innocent curiosity, why do you prefer /var? I don't see the > logic as I never thought of a website as "variable" data but I'm > interested in hearing someone else's point of view. > > Dru I can't speak for anyone else, but I can tell you why I like /var. It all depends on how you define 'variable'. From a system standpoint, websites are fairly variable. Unlike the executables in /bin, /sbin, and /usr/*, web content is intended to change. Maybe not everday, but often. In an ideal world, executables are completely static; if they didn't have bugs, we'd never touch them. Also, if you have any kind of user-generated web data--bbs, bloggs, file submission pages--web data is extrememly variable. The best answer, though, is that /var is where system daemons put their data. Most partition labels don't accurately reflect use anymore, anyway. We don't let many users store publically accessible executables in /usr/bin or /usr/local/bin, even though that's what they're there for. Close to half of anything in most most variations on the bin theme is likely to not even be binary, but executables in some interpreted or compiled and interpreted language like perl, python, or java. And if we're going to be really serious about truth in advertising on filesystems, the mail spool should almost certainly go in /tmp, and the only honest label for the rest would be to make one big /etc partition and leave it at that. But these things have a long and not always rational history, and /var is where daemon's put their data, and /usr isn't where users put their data. And it makes sense to put the webroot with the mail spool and the database directories so that you can harden /usr and enforce a serious look, but don't touch policy on that partition. This is probably a theological issue, though. best, --jay From okan Fri Feb 18 14:17:02 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 14:17:02 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: <20050218191702.GA71889@yinaska.pair.com> On Fri 2005.02.18 at 13:42 -0500, Jay wrote: > On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru wrote: > > > > Out of pure innocent curiosity, why do you prefer /var? I don't see the > > logic as I never thought of a website as "variable" data but I'm > > interested in hearing someone else's point of view. > > > > Dru > > I can't speak for anyone else, but I can tell you why I like /var. It > all depends on how you define 'variable'. From a system standpoint, > websites are fairly variable. Unlike the executables in /bin, /sbin, > and /usr/*, web content is intended to change. Maybe not everday, but > often. In an ideal world, executables are completely static; if they > didn't have bugs, we'd never touch them. Also, if you have any kind > of user-generated web data--bbs, bloggs, file submission pages--web > data is extrememly variable. > > The best answer, though, is that /var is where system daemons put > their data. Most partition labels don't accurately reflect use > anymore, anyway. We don't let many users store publically accessible > executables in /usr/bin or /usr/local/bin, even though that's what > they're there for. Close to half of anything in most most variations > on the bin theme is likely to not even be binary, but executables in > some interpreted or compiled and interpreted language like perl, > python, or java. And if we're going to be really serious about truth > in advertising on filesystems, the mail spool should almost certainly > go in /tmp, and the only honest label for the rest would be to make > one big /etc partition and leave it at that. > > But these things have a long and not always rational history, and /var > is where daemon's put their data, and /usr isn't where users put their > data. And it makes sense to put the webroot with the mail spool and > the database directories so that you can harden /usr and enforce a > serious look, but don't touch policy on that partition. as you didn't intend to speak for anyone else, you did mostly for me ;) i agree with what you have stated. one can take /var, and its depths (/var/mysql /var/www /var/named /var/spool /var/mail .... one slice or many) and ship them somewhere else, without arch/os concerns(mostly). /usr contains utils and applications (minus the stuff on /) - one note here, i don't quite agree with freebsd's location for /usr/local/etc - creates one more place to keep track of - i know i'll hear about this futher in this thread ;) > This is probably a theological issue, though. yes, most certainly. okan > best, > > --jay > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From bschonhorst Fri Feb 18 14:57:48 2005 From: bschonhorst (Brad Schonhorst) Date: Fri, 18 Feb 2005 14:57:48 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218191702.GA71889@yinaska.pair.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <20050218191702.GA71889@yinaska.pair.com> Message-ID: <6048e8467a07f24c7316728eda290394@vcsnyc.org> On Feb 18, 2005, at 2:17 PM, Okan Demirmen wrote: > On Fri 2005.02.18 at 13:42 -0500, Jay wrote: >> On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru >> wrote: >>> >>> Out of pure innocent curiosity, why do you prefer /var? I don't see >>> the >>> logic as I never thought of a website as "variable" data but I'm >>> interested in hearing someone else's point of view. >>> >>> Dru >> >> I can't speak for anyone else, but I can tell you why I like /var. It >> all depends on how you define 'variable'. From a system standpoint, >> websites are fairly variable. Unlike the executables in /bin, /sbin, >> and /usr/*, web content is intended to change. Maybe not everday, but >> often. In an ideal world, executables are completely static; if they >> didn't have bugs, we'd never touch them. Also, if you have any kind >> of user-generated web data--bbs, bloggs, file submission pages--web >> data is extrememly variable. >> >> The best answer, though, is that /var is where system daemons put >> their data. Most partition labels don't accurately reflect use >> anymore, anyway. We don't let many users store publically accessible >> executables in /usr/bin or /usr/local/bin, even though that's what >> they're there for. Close to half of anything in most most variations >> on the bin theme is likely to not even be binary, but executables in >> some interpreted or compiled and interpreted language like perl, >> python, or java. And if we're going to be really serious about truth >> in advertising on filesystems, the mail spool should almost certainly >> go in /tmp, and the only honest label for the rest would be to make >> one big /etc partition and leave it at that. >> >> But these things have a long and not always rational history, and /var >> is where daemon's put their data, and /usr isn't where users put their >> data. And it makes sense to put the webroot with the mail spool and >> the database directories so that you can harden /usr and enforce a >> serious look, but don't touch policy on that partition. > > as you didn't intend to speak for anyone else, you did mostly for me ;) I second that but the more I think about it, the issue probably has more to do with what you are used to or work on regularly. Sometimes I wonder why there isn't a /log though. > i agree with what you have stated. one can take /var, and its depths > (/var/mysql /var/www /var/named /var/spool /var/mail .... one slice > or many) and ship them somewhere else, without arch/os > concerns(mostly). > /usr contains utils and applications (minus the stuff on /) - one > note here, i don't quite agree with freebsd's location for > /usr/local/etc - creates one more place to keep track of - i know > i'll hear about this futher in this thread ;) > That always bothered me too, I guess I understand the idea of putting sys config files in /etc and any additional software configs in /user/local/etc but because I work on many OS's, I always find myself first searching /etc, taking a moment to scratch my head and then remembering /usr/local/etc. Gotta say, it seems that 2 places for config files violates the KISS rule... -Brad From chsnyder Fri Feb 18 15:10:18 2005 From: chsnyder (csnyder) Date: Fri, 18 Feb 2005 15:10:18 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218122904.W553@dru.domain.org> References: <20050218122904.W553@dru.domain.org> Message-ID: On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru wrote: > > Out of pure innocent curiosity, why do you prefer /var? I don't see the > logic as I never thought of a website as "variable" data but I'm > interested in hearing someone else's point of view. > > Dru I think using /var for a website implies that there is only one website on the host. I was suprised to see this when I first started using FreeBSD, but I accept it now as "one of those things." It's better than /usr/local/apache/htdocs for sure. For virtual hosting setups, or situations where multiple users need to access the same site, I always put them in the /home tree as /home/ From dan Fri Feb 18 15:51:15 2005 From: dan (Dan Langille) Date: Fri, 18 Feb 2005 15:51:15 -0500 Subject: [nycbug-talk] BSDCan - program publicity Message-ID: <42160EF3.2004.E9FFA02@localhost> Gidday folks, The BSDCan program will be announced soon. I'm looking for help in distributing and organizing publicity for this announcement. I will be sending the schedule out the BSDCan announce mailing list firs and updating the BSDCan website. Then I'll hit bsdnews.com. What I'd like is volunteers to post references to those stories on other websites. If you have a suggestion, let us know what website you'll hit. If you don't want to post the announcement, just suggest a website, and perhaps we'll get others to post instead. A few weeks later, another announcement will be sent. This will include the schedule and the opening of registration. This represents a second waves of posts to websites. It'd be nice if people could rally again for the second hit. Thanks. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From pete Fri Feb 18 15:52:00 2005 From: pete (Pete Wright) Date: Fri, 18 Feb 2005 15:52:00 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <20050218205200.GA17998@finn.nomadlogic.org> On Fri, Feb 18, 2005 at 03:51:15PM -0500, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. > > A few weeks later, another announcement will be sent. This will > include the schedule and the opening of registration. This represents > a second waves of posts to websites. It'd be nice if people could > rally again for the second hit. > count me in for posting to the so. cal. bsd users lists. i'll also hit the general la unix user groups as well. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From dlavigne6 Fri Feb 18 16:18:03 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 16:18:03 -0500 (EST) Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <20050218161741.D553@dru.domain.org> On Fri, 18 Feb 2005, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. I'll definitely write up an O'Reilly blog... Dru From dlavigne6 Fri Feb 18 16:19:57 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 16:19:57 -0500 (EST) Subject: [nycbug-talk] why /var? In-Reply-To: <20050218191702.GA71889@yinaska.pair.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <20050218191702.GA71889@yinaska.pair.com> Message-ID: <20050218161909.Q553@dru.domain.org> Thanks, all :-) I knew I could count on nycbug for a thorough explanation without an ensueing flame war... Dru From pete Fri Feb 18 16:08:42 2005 From: pete (Pete Wright) Date: Fri, 18 Feb 2005 16:08:42 -0500 Subject: [nycbug-talk] sysinstall substitue Message-ID: <20050218210842.GC17998@finn.nomadlogic.org> hey all, i've been playing with doing install's via serial console on a sun box i got here. i'd have to say after installing solaris, net free and open bsd via console that netbsd probably has the best installer followed by open's. i know there is a long running debate on the freebsd lists re. sysinstall and how it needs to be "fixed". what i found during with installing freebsd via console on the sparc is that the menu's are pretty much useless...while netbsd's installer not only worked without a hitch, clearly labeled short-cut keys were also available. given a menu like this: a) start install b) some other option c) another option you can either use the arrow keys to highlight a option or just press a,b or c. i know this is possible with sysinstall...but could not get it to work properlly on my sun box. btw this is just one feature of the net install system...i've found many other features that sysinstall is lacking. so...does anyone have an opinion on the possibility of porting the netbsd installer over to free. honestly i don't even know what lang. net's installer is written in... -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From steve.rieger Fri Feb 18 16:23:31 2005 From: steve.rieger (Steve Rieger) Date: Fri, 18 Feb 2005 16:23:31 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218161909.Q553@dru.domain.org> Message-ID: Some folks prefer many separate slices for different directories, and some folks only have / /usr /tmp /var and swap, I have many including /usr/local/nbin where I put all user binaries/scripts that need to be accessed by all, /usr/local/cbin for cron binaries/scripts I also divide /var/log and /var/spool, but then again I spend about two days setting up a new server, In the past (when doing a new mail server) I also formatted the hd with 4bytes instead of the usual, I also take into consideration where I will out what slice on the physical drive depending what it will do. The options are endless, just go with what you are comfortable, but once in a while try something new. On 2/18/05 4:19 PM, "Dru" wrote: > > Thanks, all :-) I knew I could count on nycbug for a thorough explanation > without an ensueing flame war... > > Dru > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > -- Steve Rieger Ext; 1131 Cell 646-335-8915 DC 173*101254*4 From george Fri Feb 18 16:24:06 2005 From: george (G. Rosamond) Date: Fri, 18 Feb 2005 16:24:06 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: On Feb 18, 2005, at 3:51 PM, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. > > A few weeks later, another announcement will be sent. This will > include the schedule and the opening of registration. This represents > a second waves of posts to websites. It'd be nice if people could > rally again for the second hit. > > Thanks. > Me, on the other hand, is going to keep it a secret, since we don't want too big a BSDCan. . . I mean, it did get difficult finding an outdoor table in Ottawa already.. . I'll do DN. I assume Marco will hit NYCBUG's announce. . . I've already created the text for the next announce email. g From bob Fri Feb 18 16:31:21 2005 From: bob (Bob Ippolito) Date: Fri, 18 Feb 2005 16:31:21 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: On Feb 18, 2005, at 1:42 PM, Jay wrote: > On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru > wrote: >> >> Out of pure innocent curiosity, why do you prefer /var? I don't see >> the >> logic as I never thought of a website as "variable" data but I'm >> interested in hearing someone else's point of view. > > The best answer, though, is that /var is where system daemons put > their data. Most partition labels don't accurately reflect use > anymore, anyway. We don't let many users store publically accessible > executables in /usr/bin or /usr/local/bin, even though that's what > they're there for. Close to half of anything in most most variations > on the bin theme is likely to not even be binary, but executables in > some interpreted or compiled and interpreted language like perl, > python, or java. And if we're going to be really serious about truth > in advertising on filesystems, the mail spool should almost certainly > go in /tmp, and the only honest label for the rest would be to make > one big /etc partition and leave it at that. "bin" really means "executable". As for the mail spool, the idea is that it's supposed to be persistent until it's ready to go out. You should be able to wipe /tmp on reboot (if not more often) without any adverse effects, that wouldn't be true if the mail spool was there. Just because it's volatile doesn't mean it's temporary.. -bob From pete Fri Feb 18 16:30:59 2005 From: pete (Pete Wright) Date: Fri, 18 Feb 2005 16:30:59 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218161909.Q553@dru.domain.org> Message-ID: <20050218213059.GA18338@finn.nomadlogic.org> On Fri, Feb 18, 2005 at 04:23:31PM -0500, Steve Rieger wrote: > Some folks prefer many separate slices for different directories, and some > folks only have / /usr /tmp /var and swap, I have many including > /usr/local/nbin where I put all user binaries/scripts that need to be > accessed by all, /usr/local/cbin for cron binaries/scripts I also divide > /var/log and /var/spool, but then again I spend about two days setting up a > new server, > > In the past (when doing a new mail server) I also formatted the hd with > 4bytes instead of the usual, I also take into consideration where I will out > what slice on the physical drive depending what it will do. > > > The options are endless, just go with what you are comfortable, but once in > a while try something new. well that's really the beauty of the unix filesystem eh? -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From okan Fri Feb 18 16:51:25 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 16:51:25 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <20050218215125.GA10099@yinaska.pair.com> On Fri 2005.02.18 at 15:51 -0500, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. > > A few weeks later, another announcement will be sent. This will > include the schedule and the opening of registration. This represents > a second waves of posts to websites. It'd be nice if people could > rally again for the second hit. i'll hit up undeadly.org > Thanks. > -- > Dan Langille : http://www.langille.org/ > BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From daggerquill Fri Feb 18 17:13:16 2005 From: daggerquill (Jay) Date: Fri, 18 Feb 2005 17:13:16 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: <4ce365ec05021814134d779a4@mail.gmail.com> On Fri, 18 Feb 2005 16:31:21 -0500, Bob Ippolito wrote: > "bin" really means "executable". > > As for the mail spool, the idea is that it's supposed to be persistent > until it's ready to go out. You should be able to wipe /tmp on reboot > (if not more often) without any adverse effects, that wouldn't be true > if the mail spool was there. Just because it's volatile doesn't mean > it's temporary.. > That's exactly the point. "bin" doesn't mean executable, per se; it's short for "binary". It's used to mean "executable" because "binary" and "executable" were interchangeable. Your program had to be a compiled binary to run. In many cases that's still true, but it's becoming less true by the day, particularly on things like large web servers: think how much code in cgi-bin is likely to be perl or python scripts. The name, however, has stuck around, and will continue to stick around because it's what people are used to. /exec would me more descriptive, though, or OS X's "/Applications", or even Windows "C:\Program Files". I'm not adovcating a change; I'm just pointing out that you can't trust the partition labels to adequately describe the content. I'm not advocating moving the mail spool to /tmp, either. Clearly that would be disasterous. but if we're talking about truth in advertising, spools aren't "variable" data like logs, or databases, or /var/run files that serve to save, record, or report particular system, data, or harware states. Spools are a place to temporarily store data until confirmation is recieved that they've been handled appropriately. "Persistent unil [I'm done with it]" sounds like a temp file to me. A potentially long-lived temp fiels, but still a temp file. Again, I'm not objecting to the naming scheme, just saying that we need to take the labels with a grain of salt (or two). --jay From bob Fri Feb 18 17:36:13 2005 From: bob (Bob Ippolito) Date: Fri, 18 Feb 2005 17:36:13 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec05021814134d779a4@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> Message-ID: <8078167320d59657837c5ebe9c24f634@redivi.com> On Feb 18, 2005, at 5:13 PM, Jay wrote: > On Fri, 18 Feb 2005 16:31:21 -0500, Bob Ippolito > wrote: > >> "bin" really means "executable". >> >> As for the mail spool, the idea is that it's supposed to be persistent >> until it's ready to go out. You should be able to wipe /tmp on reboot >> (if not more often) without any adverse effects, that wouldn't be true >> if the mail spool was there. Just because it's volatile doesn't mean >> it's temporary.. > > That's exactly the point. "bin" doesn't mean executable, per se; it's > short for "binary". It's used to mean "executable" because "binary" > and "executable" were interchangeable. Your program had to be a > compiled binary to run. In many cases that's still true, but it's > becoming less true by the day, particularly on things like large web > servers: think how much code in cgi-bin is likely to be perl or python > scripts. The name, however, has stuck around, and will continue to > stick around because it's what people are used to. /exec would me > more descriptive, though, or OS X's "/Applications", or even Windows > "C:\Program Files". I'm not adovcating a change; I'm just pointing > out that you can't trust the partition labels to adequately describe > the content. Well, shared libraries and the kernel also clearly fit the original meaning of "bin" (as you describe it). The intention has always been executable.. I wouldn't be surprised if bin was chosen because it was easy to type, most UNIX terms are pretty optimal on a QWERTY keyboard. Perhaps it's just finger memory, but I find "bin" a lot easier to type than "exe" or "exec". The big difference between UNIX naming and NeXT / Windows naming schemes is that in the these worlds you keep your application and everything (static) having to do with that application in *one* place. On NeXT based systems /Applications is very different than /usr/bin. Effectively, each application bundle is its own "/usr/local" tree. You find names like "Resources" instead of "share", "Frameworks" instead of "lib", and (i.e. "MacOS") instead of "bin". It's basically turtles all the way down in the NeXT case; Frameworks are also equivalent to a subset of the "/usr/local" tree. The root of the framework is "lib", "Headers" is "include" and "Resources" is "share". Windows is mostly similar to this (applications+static resources have their own tree), except that there is no standard schema for how that tree should look, and a lot of Windows applications misbehave and toss some stuff into the Windows equivalent of "/usr/lib". You really don't see that on NeXT or Mac OS X, unless the developer is really naive or lazy. > I'm not advocating moving the mail spool to /tmp, either. Clearly > that would be disasterous. but if we're talking about truth in > advertising, spools aren't "variable" data like logs, or databases, or > /var/run files that serve to save, record, or report particular > system, data, or harware states. Spools are a place to temporarily > store data until confirmation is recieved that they've been handled > appropriately. "Persistent unil [I'm done with it]" sounds like a > temp file to me. A potentially long-lived temp fiels, but still a > temp file. Temporary files are intended to go away as soon as the controlling process does or sooner. Clearly, a mail spool is a database. Just because its usage pattern tries to ensure that the database shouldn't contain many items at a given time doesn't make the database itself temporary. > Again, I'm not objecting to the naming scheme, just saying that we > need to take the labels with a grain of salt (or two). Likewise -- maybe we should upgrade that grain to a dash? :) -bob From john Fri Feb 18 17:53:55 2005 From: john (John Bacall) Date: Fri, 18 Feb 2005 17:53:55 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <200502181746.16917.john@unixen.org> On Friday 18 February 2005 04:24 pm, G. Rosamond wrote: > > What I'd like is volunteers to post references to those stories on > > other websites. If you have a suggestion, let us know what website > > you'll hit. > I'll do DN. I can do undeadly, as well as nylug-announce. If you can make it easy on folks, branch all such `to disseminate' posts off 1 (one) thread, one level off the root post, please: Subject: junk `> Re: junk `> `> `> disseminate `> disseminate `> Re: junk `> `> `> disseminate John From george Fri Feb 18 18:25:07 2005 From: george (G. Rosamond) Date: Fri, 18 Feb 2005 18:25:07 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <200502181746.16917.john@unixen.org> References: <42160EF3.2004.E9FFA02@localhost> <200502181746.16917.john@unixen.org> Message-ID: On Feb 18, 2005, at 5:53 PM, John Bacall wrote: > On Friday 18 February 2005 04:24 pm, G. Rosamond wrote: >>> What I'd like is volunteers to post references to those stories on >>> other websites. If you have a suggestion, let us know what website >>> you'll hit. > >> I'll do DN. > > I can do undeadly, as well as nylug-announce. If you can make it easy > on > folks, branch all such `to disseminate' posts off 1 (one) thread, one > level off the root post, please: > > Subject: junk > `> Re: junk > `> > `> > `> disseminate > `> disseminate > `> Re: junk > `> > `> > `> disseminate > John-John. . . You're confusing me. What are you talking about? g From john Fri Feb 18 19:46:20 2005 From: john (John Bacall) Date: Fri, 18 Feb 2005 19:46:20 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: References: <42160EF3.2004.E9FFA02@localhost> <200502181746.16917.john@unixen.org> Message-ID: <200502181939.28365.john@unixen.org> Dan mentioned he will pass on 'more' details that need advertising as they become available. As I 'have' some spare time presently am more than happy to help. Usually I am a regular with volunteering for such duty, but it gets 'challenging' chasing down such ensuing details, buried off 'various' threads. John-John From george Fri Feb 18 20:29:37 2005 From: george (George Georgalis) Date: Fri, 18 Feb 2005 20:29:37 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <8078167320d59657837c5ebe9c24f634@redivi.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> Message-ID: <20050219012937.GA2419@xeon> On Fri, Feb 18, 2005 at 05:36:13PM -0500, Bob Ippolito wrote: > >On Feb 18, 2005, at 5:13 PM, Jay wrote: > >>Again, I'm not objecting to the naming scheme, just saying that we >>need to take the labels with a grain of salt (or two). > >Likewise -- maybe we should upgrade that grain to a dash? :) > Just some to throw in the mix, I don't put scripts in /usr/local/bin I put them in /usr/local/script and add that to the host's PATH when I create it. That way if I ever backup or reinstall, I don't bring all those local binaries (which I'll want to recompile on the new host). As a rule of thumb, I don't make directories with plural names. Sometimes plural is appropriate, but at the end of the path, the file is singular. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From jesse Sat Feb 19 04:57:54 2005 From: jesse (Jesse Callaway) Date: Sat, 19 Feb 2005 04:57:54 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219012937.GA2419@xeon> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> Message-ID: <20050219095754.GA6280@mail.theholymountain.com> On Fri, Feb 18, 2005 at 08:29:37PM -0500, George Georgalis wrote: > On Fri, Feb 18, 2005 at 05:36:13PM -0500, Bob Ippolito wrote: > > > >On Feb 18, 2005, at 5:13 PM, Jay wrote: > > > >>Again, I'm not objecting to the naming scheme, just saying that we > >>need to take the labels with a grain of salt (or two). > > > >Likewise -- maybe we should upgrade that grain to a dash? :) > > > > Just some to throw in the mix, I don't put scripts in /usr/local/bin I > put them in /usr/local/script and add that to the host's PATH when I > create it. That way if I ever backup or reinstall, I don't bring all > those local binaries (which I'll want to recompile on the new host). > > As a rule of thumb, I don't make directories with plural names. Sometimes > plural is appropriate, but at the end of the path, the file is singular. > > // George > Wow, plural? What's the deal with that? No 'media' folders? -jesse From george Sat Feb 19 10:38:58 2005 From: george (George Georgalis) Date: Sat, 19 Feb 2005 10:38:58 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219095754.GA6280@mail.theholymountain.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> <20050219095754.GA6280@mail.theholymountain.com> Message-ID: <20050219153858.GA2798@xeon> On Sat, Feb 19, 2005 at 04:57:54AM -0500, Jesse Callaway wrote: >On Fri, Feb 18, 2005 at 08:29:37PM -0500, George Georgalis wrote: >> On Fri, Feb 18, 2005 at 05:36:13PM -0500, Bob Ippolito wrote: >> > >> >On Feb 18, 2005, at 5:13 PM, Jay wrote: >> > >> >>Again, I'm not objecting to the naming scheme, just saying that we >> >>need to take the labels with a grain of salt (or two). >> > >> >Likewise -- maybe we should upgrade that grain to a dash? :) >> > >> >> Just some to throw in the mix, I don't put scripts in /usr/local/bin I >> put them in /usr/local/script and add that to the host's PATH when I >> create it. That way if I ever backup or reinstall, I don't bring all >> those local binaries (which I'll want to recompile on the new host). >> >> As a rule of thumb, I don't make directories with plural names. Sometimes >> plural is appropriate, but at the end of the path, the file is singular. >> >> // George >> > >Wow, plural? What's the deal with that? No 'media' folders? No 'medias' no 'hosts' no 'domains' folder - just the singular form. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From marco Sat Feb 19 10:45:15 2005 From: marco (marco at metm.org) Date: Sat, 19 Feb 2005 10:45:15 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219153858.GA2798@xeon> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> <20050219095754.GA6280@mail.theholymountain.com> <20050219153858.GA2798@xeon> Message-ID: <20050219154514.GI5654@metm.org> On Sat, Feb 19, 2005 at 10:38:58AM -0500, George Georgalis wrote: >>> As a rule of thumb, I don't make directories with plural names. Sometimes >>> plural is appropriate, but at the end of the path, the file is singular. >> >On Sat, Feb 19, 2005 at 04:57:54AM -0500, Jesse Callaway wrote: >>Wow, plural? What's the deal with that? No 'media' folders? > >No 'medias' no 'hosts' no 'domains' folder - just the singular form. > Former database programmer huh? -- Marco From george Sat Feb 19 15:22:03 2005 From: george (George Georgalis) Date: Sat, 19 Feb 2005 15:22:03 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219154514.GI5654@metm.org> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> <20050219095754.GA6280@mail.theholymountain.com> <20050219153858.GA2798@xeon> <20050219154514.GI5654@metm.org> Message-ID: <20050219202203.GC2798@xeon> On Sat, Feb 19, 2005 at 10:45:15AM -0500, marco at metm.org wrote: >On Sat, Feb 19, 2005 at 10:38:58AM -0500, George Georgalis wrote: >>>> As a rule of thumb, I don't make directories with plural names. Sometimes >>>> plural is appropriate, but at the end of the path, the file is singular. >>> >>On Sat, Feb 19, 2005 at 04:57:54AM -0500, Jesse Callaway wrote: >>>Wow, plural? What's the deal with that? No 'media' folders? >> >>No 'medias' no 'hosts' no 'domains' folder - just the singular form. >> >Former database programmer huh? nah, I just think proper names (and naming sustem) are very important. depending on context, directories could be plural eg "./distfiles" so I vacillated a while and finally decided, damn it, even if I sometimes refer to "./distfiles", "./distfile/*" implies plural and is less typing. (I'm putting in /usr/local/distfile, with the implied functionality, on Linux systems now, and making it nfs where possible, vs typical linux /usr/local/src containing tarballs and extracted source... not going off the deep end, changing BSD.) I'm not quite up to Jesse's security model, one file per spindle. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From ike Sat Feb 19 20:53:53 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 20:53:53 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: Hi All, On Feb 18, 2005, at 1:42 PM, Jay wrote: > This is probably a theological issue, though. Heh. I've spent a lot of time studying userland hierarchies on various systems in the last year, and from what I've found historically, this has indeed always been a theological issue . Every notable variation I've seen simply has various tradeoffs, but what I've found interesting, is that things fundamentally haven't changed in 35+ years for most systems. The lexical logic is the same- and on most systems, pretty easy to figure out- (i.e. I've seen veteran BSD heads not even flinch jumping into /Users/ on OSX- [though perhaps grumble about the upper-case U]). Especially after Bob posted the Next/Cocoa logic, what I wanted to contribute to this thread is: man 7 hier A bunch of folks here likely already know about this man page, but for those who don't, any good unix should explain it's reasoning for it's userland layout. With that, I'll post a few man pages in this thread from various boxen running close to me,, but the FreeBSD man page site has man hier for all the BSD's, and a LOT of other platforms, here: http://www.freebsd.org/cgi/man.cgi? query=hier&apropos=0&sektion=0&manpath=FreeBSD+5.3- RELEASE+and+Ports&format=html -- If you have a platform that's not there, I'd love to see the hier man page posted in this thread- If you want to make a text file of a man page, it's annoying to pipe to file because of the reverse-line-feeds when printed on screen, here's the commands I used to make the files I'm posting to this thread (replace 'SomeUnixFilename.txt' with whatever filename you want to): uname -a >> SomeUnixFilename.txt && man hier | col -bx >> SomeUnixFilename.txt Rocket- .ike From ike Sat Feb 19 20:57:51 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 20:57:51 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: For the record in this thread, Darwin 6 and 7(current) have the same man page, both are below, -- Darwin codd 6.6 Darwin Kernel Version 6.6: Sun Jul 6 05:12:51 PDT 2003; root:tmp/xnu-6.6.2-4-root.obj/RELEASE_PPC Power Macintosh powerpc HIER(7) System Miscellaneous Information Manual HIER(7) NAME hier - layout of filesystems DESCRIPTION A sketch of the filesystem hierarchy. / root directory of the filesystem /bin/ user utilities fundamental to both single-user and multi- user environments /dev/ block and character device files fd/ file descriptor files; see fd(4) /etc/ system configuration files and scripts /mach_kernel kernel executable (the operating system loaded into memory at boot time). /sbin/ system programs and administration utilities fundamental to both single-user and multi-user environments /tmp/ temporary files /usr/ contains the majority of user utilities and applications bin/ common utilities, programming tools, and applica- tions include/ standard C include files arpa/ C include files for Internet service protocols hfs/ C include files for HFS machine/ machine specific C include files net/ misc network C include files netinet/ C include files for Internet standard protocols; see inet(4) nfs/ C include files for NFS (Network File System) objc/ C include files for Objective-C protocols/ C include files for Berkeley service protocols sys/ system C include files (kernel data structures) ufs/ C include files for UFS lib/ archive libraries libexec/ system daemons & system utilities (executed by other programs) local/ executables, libraries, etc. not included by the basic operating system sbin/ system daemons & system utilities (executed by users) share/ architecture-independent data files calendar/ a variety of pre-fab calendar files; see calendar(1) dict/ word lists; see look(1) web2 words from Webster's 2nd International words common words man/ manual pages misc/ misc system-wide ascii text files mk/ templates for make; see make(1) skel/ example . (dot) files for new accounts tabset/ tab description files for a variety of terminals; used in the termcap file; see termcap(5) zoneinfo/ timezone configuration information; see tzfile(5) /var/ multi-purpose log, temporary, transient, and spool files at/ timed command scheduling files; see at(1) backups/ misc. backup files db/ misc. automatically generated system-specific database files log/ misc. system log files wtmp login/logout log; see wtmp(5) mail/ user mailbox files run/ system information files describing various info about system since it was booted utmp database of current users; see utmp(5) rwho/ rwho data files; see rwhod(8), rwho(1), and ruptime(1) spool/ misc. printer and mail system spooling directo- ries mqueue/ undelivered mail queue; see sendmail(8) tmp/ temporary files that are kept between system reboots SEE ALSO ls(1), apropos(1), whatis(1), whereis(1), finger(1), which(1), find(1), grep(1), fsck(8) HISTORY A hier manual page appeared in Version 7 AT&T UNIX. BSD June 5, 1993 BSD -- Darwin ikebook.local 7.8.0 Darwin Kernel Version 7.8.0: Wed Dec 22 14:26:17 PST 2004; root:xnu/xnu-517.11.1.obj~1/RELEASE_PPC Power Macintosh powerpc HIER(7) BSD Miscellaneous Information Manual HIER(7) NAME hier - layout of filesystems DESCRIPTION A sketch of the filesystem hierarchy. / root directory of the filesystem /bin/ user utilities fundamental to both single-user and multi- user environments /dev/ block and character device files fd/ file descriptor files; see fd(4) /etc/ system configuration files and scripts /mach_kernel kernel executable (the operating system loaded into memory at boot time). /sbin/ system programs and administration utilities fundamental to both single-user and multi-user environments /tmp/ temporary files /usr/ contains the majority of user utilities and applications bin/ common utilities, programming tools, and applica- tions include/ standard C include files arpa/ C include files for Internet service protocols hfs/ C include files for HFS machine/ machine specific C include files net/ misc network C include files netinet/ C include files for Internet standard protocols; see inet(4) nfs/ C include files for NFS (Network File System) objc/ C include files for Objective-C protocols/ C include files for Berkeley service protocols sys/ system C include files (kernel data structures) ufs/ C include files for UFS lib/ archive libraries libexec/ system daemons & system utilities (executed by other programs) local/ executables, libraries, etc. not included by the basic operating system sbin/ system daemons & system utilities (executed by users) share/ architecture-independent data files calendar/ a variety of pre-fab calendar files; see calendar(1) dict/ word lists; see look(1) web2 words from Webster's 2nd International words common words man/ manual pages misc/ misc system-wide ascii text files mk/ templates for make; see make(1) skel/ example . (dot) files for new accounts tabset/ tab description files for a variety of terminals; used in the termcap file; see termcap(5) zoneinfo/ timezone configuration information; see tzfile(5) /var/ multi-purpose log, temporary, transient, and spool files at/ timed command scheduling files; see at(1) backups/ misc. backup files db/ misc. automatically generated system-specific database files log/ misc. system log files wtmp login/logout log; see wtmp(5) mail/ user mailbox files run/ system information files describing various info about system since it was booted utmp database of current users; see utmp(5) rwho/ rwho data files; see rwhod(8), rwho(1), and ruptime(1) spool/ misc. printer and mail system spooling directo- ries mqueue/ undelivered mail queue; see sendmail(8) tmp/ temporary files that are kept between system reboots SEE ALSO ls(1), apropos(1), whatis(1), whereis(1), finger(1), which(1), find(1), grep(1), fsck(8) HISTORY A hier manual page appeared in Version 7 AT&T UNIX. BSD June 5, 1993 BSD From ike Sat Feb 19 21:11:07 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 21:11:07 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: <6fd7e4eb49c503ae49221376a5890a5d@lesmuug.org> For the record on this thread, a straight FreeBSD system, -- FreeBSD orangedragon 4.10-RELEASE FreeBSD 4.10-RELEASE #0: Tue May 25 22:47:12 GMT 2004 root at perseus.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 HIER(7) FreeBSD Miscellaneous Information Manual HIER(7) NAME hier -- layout of filesystems DESCRIPTION A sketch of the filesystem hierarchy. / root directory of the filesystem /bin/ user utilities fundamental to both single-user and multi-user environments /boot/ programs and configuration files used during operating system bootstrap defaults/ default bootstrapping configuration files; see loader.conf(5) /dev/ block and character device files MAKEDEV script for creating device files; see MAKEDEV(8) fd/ file descriptor files; see fd(4) /etc/ system configuration files and scripts defaults/ default system configuration files; see rc(8) gnats/ gnats configuration files; see send-pr(1) isdn/ isdn4bsd configuration files; see isdnd(8) kerberosIV/ configuration files for kerberos version IV; see kerberos(1) localtime local timezone information; see ctime(3) mail/ Sendmail control files mtree/ mtree configuration files; see mtree(8) namedb/ named configuration files; see named(8) periodic/ scripts that are run daily, weekly, and monthly, via cron(8); see periodic(8) ppp/ ppp configuration files; see ppp(8) ssl/ OpenSSL configuration files uucp/ uucp configuration files; see uucp(1) /kernel pure kernel executable (the operating system loaded into memory at boot time). /modules/ loadable kernel modules; see kldstat(8) /mnt/ empty directory commonly used by system administrators as a tem- porary mount point /proc/ process file system; see procfs(5), mount_procfs(8) /root/ root's HOME directory /sbin/ system programs and administration utilities fundamental to both single-user and multi-user environments /stand/ programs used in a standalone environment /tmp/ temporary files that are not guaranteed to persist across system reboots /usr/ contains the majority of user utilities and applications bin/ common utilities, programming tools, and applications games/ useful and semi-frivolous programs include/ standard C include files arpa/ C include files for Internet service pro- tocols cam/ C include files for the Common Access Methods Layer scsi/ The SCSI device on top of CAM dev/ C include files for programming various FreeBSD devices ppbus/ The parallel port bus; see ppbus(4) usb/ The USB subsystem fs/ smbfs/ SMB/CIFS filesystem g++/ GNU C++ include files std/ GNU C++ libstdc++ include files isc/ ISC utility library libisc include files isofs/ cd9660/ iso9660 filesystem kerberosIV/ C include files for kerberos authentica- tion package; see kerberos(1) libmilter/ C include files for libmilter, the send- mail mail filter API machine/ machine-specific C include files msdosfs/ MS-DOS file system net/ misc network C include files netatalk/ Appletalk protocol netatm/ ATM include files; see atm(8) netinet/ C include files for Internet standard protocols; see inet(4) netinet6/ C include files for Internet protocol version 6; see inet6(4) netipx/ IPX/SPX protocol stacks netkey/ kernel key-management service netnatm/ NATM include files; see natm(4) netns/ Xerox NS protocols netsmb/ SMB/CIFS requester nfs/ C include files for NFS (Network File System) objc/ Objective C include files openssl/ OpenSSL (Cryptography/SSL toolkit) head- ers pccard/ PC-CARD controllers posix4/ POSIX real-time extensions includes; see p1003_1b(9) protocols/ C include files for Berkeley service pro- tocols readline/ get a line from a user, with editing; see readline(3) rpc/ remote procedure calls; see rpc(3) rpcsvc/ definition of RPC service structures; see rpc(3) security/ PAM; see pam(8) ss/ MIT SIPB `subsystem' library, part of Kerberos IV. sys/ system C include files (kernel data structures) ufs/ C include files for UFS (The U-word File System) ffs/ Fast filesystem mfs/ memory file system; see mount_mfs(8) ufs/ UFS filesystem vm/ virtual memory; see vmstat(8) lib/ archive libraries aout/ a.out archive libraries compat/ shared libraries for compatibility aout/ a.out backward compatibility libraries libdata/ misc. utility data files doscmd/ files used by doscmd (drivers, fonts, etc.); see doscmd(1) fonts/ fonts used by doscmd gcc/ ??? ldscripts/ linker scripts; see ld(1) lint/ various prebuilt lint libraries; see lint(1) msdosfs/ Character set conversion tables perl/ 5.00503/ contains Perl modules for Perl version 5.00503; see perl(1) stallion/ holds the download firmware images libexec/ system daemons & system utilities (executed by other programs) aout/ utilities to manipulate a.out executables elf/ utilities to manipulate ELF executables lpr/ utilities and filters for LP print system; see lpr(1) sendmail/ the sendmail binary; see mailwrapper(8) and sendmail(8) sm.bin/ restricted shell for sendmail; see smrsh(8) uucp/ uucp utilities; see uucp(1) local/ local executables, libraries, etc. Also used as the default destination for the FreeBSD ports framework. Within local/, the general layout sketched out by hier(7) for /usr should be used. Exceptions are the man directory (directly under local/ rather than under local/share/), ports documentation (in share/doc//), and /usr/local/etc (mimics /etc). obj/ architecture-specific target tree produced by building the /usr/src tree ports/ The FreeBSD ports collection (optional). sbin/ system daemons & system utilities (executed by users) share/ architecture-independent files calendar/ a variety of pre-fab calendar files; see calendar(1) dict/ word lists; see look(1) web2 words from Webster's 2nd Inter- national words common words papers/ reference databases; see refer(1) doc/ miscellaneous documentation; source for most of the printed BSD manuals (available from the USENIX association) FAQ/ Frequently Asked Questions IPv6/ implementation notes for IPv6 bind/ documents pertaining to BIND (the Berkeley Internet Name Domain) es/ Spanish translations of docu- ments in /usr/share/doc handbook/ FreeBSD Handbook ja/ Japanese translations of docu- ments in /usr/share/doc ncurses/ HTML documents pertaining to ncurses; see ncurses(3X) ntp/ HTML documents pertaining to the Network Time Protocol papers/ UNIX Papers psd/ UNIX Programmer's Supplementary Documents ru/ Russian translations of docu- ments in /usr/share/doc smm/ UNIX System Manager's Manual tutorials/ FreeBSD tutorials usd/ UNIX User's Supplementary Docu- ments zh/ Chinese translations of docu- ments in /usr/share/doc examples/ various examples for users and programmers games/ ASCII text files used by various games groff_font/ device description file for device name info/ GNU Info hypertext system isdn/ ISDN libg++/ libg++'s genclass prototype/template class files locale/ localization files; see setlocale(3) man/ manual pages me/ macros for use with the me macro package; see me(7) misc/ misc system-wide ASCII text files fonts/ ??? pcvtfonts/ pcvt fonts; see pcvt(4) termcap terminal characteristics data- base; see termcap(5) mk/ templates for make; see make(1) nls/ national language support files; see mklocale(1) pcvt/ pcvt documentation and etc examples; see pcvt(4) perl/ perl library files; see perl(1) sendmail/ sendmail configuration files; see sendmail(8) skel/ example . (dot) files for new accounts syscons/ files used by syscons; see syscons(4) fonts/ console fonts; see vidcontrol(1) and vidfont(1) keymaps/ console keyboard maps; see kbdcontrol(1) and kbdmap(1) scrnmaps/ console screen maps tabset/ tab description files for a variety of ter- minals; used in the termcap file; see termcap(5) tmac/ text processing macros; see nroff(1) and troff(1) vi/ localization support and utilities for vi(1) zoneinfo/ timezone configuration information; see tzfile(5) src/ BSD, third-party, and/or local source files bin/ source code for files in /bin contrib/ source code for contributed software crypto/ source code for contributed cryptography software etc/ source code for files in /etc games/ source code for files in /usr/games gnu/ Utilities covered by the GNU General Pub- lic License include/ source code for files in /usr/include kerberosIV/ source code for kerberos version IV lib/ source code for files in /usr/lib libexec/ source code for files in /usr/libexec release/ files required to produce a FreeBSD release sbin/ source code for files in /sbin secure/ build directory for files in /usr/src/crypto share/ source for files in /usr/share sys/ kernel source code tools/ tools used for maintenance and testing of FreeBSD usr.bin/ source code for files in /usr/bin usr.sbin/ source code for files in /usr/sbin X11R6/ X11R6 distribution executables, libraries, etc (optional). bin/ X11R6 binaries (servers, utilities, local packages/ports). etc/ X11R6 configuration files and scripts. include/ X11R6 include files. lib/ X11R6 libraries. man/ X11R6 manual pages. share/ architecture-independent files. /var/ multi-purpose log, temporary, transient, and spool files account/ system accounting files acct execution accounting file; see acct(5) at/ timed command scheduling files; see at(1) jobs/ directory containing job files spool/ directory containing output spool files backups/ misc. backup files crash/ default directory to store kernel crash dumps; see crash(8) and savecore(8) cron/ files used by cron; see cron(8) tabs/ crontab files; see crontab(5) db/ misc. automatically generated system-specific data- base files empty/ empty directory used by sshd(8) for privilege separa- tion; see sshd(8) games/ misc. game status and score files heimdal/ kerberos server databases; see kdc(8) log/ misc. system log files wtmp login/logout log; see wtmp(5) mail/ user mailbox files msgs/ system messages database; see msgs(1) preserve/ temporary home of files preserved after an accidental death of an editor; see ex(1) quotas/ filesystem quota information files run/ system information files describing various info about system since it was booted ppp/ writable by the ``network'' group for command connection sockets; see ppp(8) utmp database of current users; see utmp(5) rwho/ rwho data files; see rwhod(8), rwho(1), and ruptime(1) spool/ misc. printer and mail system spooling directories clientmqueue/ undelivered submission mail queue; see sendmail(8) ftp/ commonly ~ftp; the anonymous ftp root directory mqueue/ undelivered mail queue; see sendmail(8) output/ line printer spooling directories uucp/ uucp spool directory uucppublic/ commonly ~uucp; public uucp temporary directory tmp/ temporary files that are kept between system reboots vi.recover/ the directory where recovery files are stored yp/ the NIS maps NOTES This manual page documents the default FreeBSD filesystem layout, but the actual hierarchy on a given system is defined at the system administra- tor's discretion. A well-maintained installation will include a cus- tomized version of this document. SEE ALSO apropos(1), find(1), finger(1), grep(1), ls(1), whatis(1), whereis(1), which(1), fsck(8) HISTORY A hier manual page appeared in Version 7 AT&T UNIX. FreeBSD 4.11 June 5, 1993 FreeBSD 4.11 From ike Sat Feb 19 21:13:09 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 21:13:09 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: For the record on this thread, a client's RedHat system, -- Linux huck 2.4.21-4.ELsmp #1 SMP Fri Oct 3 17:52:56 EDT 2003 i686 i686 i386 GNU/Linux HIER(7) Linux Programmer???s Manual HIER(7) NAME hier - Description of the file system hierarchy DESCRIPTION A typical Linux system has, among others, the following directories: / This is the root directory. This is where the whole tree starts. /bin This directory contains executable programs which are needed in single user mode and to bring the system up or repair it. /boot Contains static files for the boot loader. This directory only holds the files which are needed during the boot process. The map installer and configuration files should go to /sbin and /etc. /dev Special or device files, which refer to physical devices. See mknod(1). /dos If both MS-DOS and Linux are run on one computer, this is a typ- ical place to mount a DOS file system. /etc Contains configuration files which are local to the machine. Some larger software packages, like X11, can have their own sub- directories below /etc. Site-wide configuration files may be placed here or in /usr/etc. Nevertheless, programs should always look for these files in /etc and you may have links for these files to /usr/etc. /etc/opt Host-specific configuration files for add-on applications installed in /opt. /etc/sgml This directory contains the configuration files for SGML and XML (optional). /etc/skel When a new user account is created, files from this directory are usually copied into the user???s home directory. /etc/X11 Configuration files for the X11 window system (optional). /home On machines with home directories for users, these are usually beneath this directory, directly or not. The structure of this directory depends on local administration decisions. /lib This directory should hold those shared libraries that are nec- essary to boot the system and to run the commands in the root filesystem. /mnt This directory contains mount points for temporarily mounted filesystems /opt This directory should contain add-on packages that contain static files. /proc This is a mount point for the proc filesystem, which provides information about running processes and the kernel. This pseudo-file system is described in more detail in proc(5). /root This directory is usually the home directory for the root user (optional). /sbin Like /bin, this directory holds commands needed to boot the sys- tem, but which are usually not executed by normal users. /tmp This directory contains temporary files which may be deleted with no notice, such as by a regular job or at system boot up. /usr This directory is usually mounted from a separate partition. It should hold only sharable, read-only data, so that it can be mounted by various machines running Linux. /usr/X11R6 The X-Window system, version 11 release 6 (optional). /usr/X11R6/bin Binaries which belong to the X-Windows system; often, there is a symbolic link from the more traditional /usr/bin/X11 to here. /usr/X11R6/lib Data files associated with the X-Windows system. /usr/X11R6/lib/X11 These contain miscellaneous files needed to run X; Often, there is a symbolic link from /usr/lib/X11 to this directory. /usr/X11R6/include/X11 Contains include files needed for compiling programs using the X11 window system. Often, there is a symbolic link from /usr/include/X11 to this directory. /usr/bin This is the primary directory for executable programs. Most programs executed by normal users which are not needed for boot- ing or for repairing the system and which are not installed locally should be placed in this directory. /usr/bin/X11 is the traditional place to look for X11 executables; on Linux, it usually is a symbolic link to /usr/X11R6/bin. /usr/dict Replaced by /usr/share/dict. /usr/doc Replaced by /usr/share/doc. /usr/etc Site-wide configuration files to be shared between several machines may be stored in this directory. However, commands should always reference those files using the /etc directory. Links from files in /etc should point to the appropriate files in /usr/etc. /usr/games Binaries for games and educational programs (optional). /usr/include Include files for the C compiler. /usr/include/X11 Include files for the C compiler and the X-Windows system. This is usually a symbolic link to /usr/X11R6/include/X11. /usr/include/asm Include files which declare some assembler functions. This used to be a symbolic link to /usr/src/linux/include/asm. /usr/include/linux This contains information which may change from system release to system release and used to be a symbolic link to /usr/src/linux/include/linux to get at operating system specific information. (Note that one should have include files there that work cor- rectly with the current libc and in user space. However, Linux kernel source is not designed to be used with user programs and does not know anything about the libc you are using. It is very likely that things will break if you let /usr/include/asm and /usr/include/linux point at a random kernel tree. Debian systems don???t do this and use headers from a known good kernel version, provided in the libc*-dev package.) /usr/include/g++ Include files to use with the GNU C++ compiler. /usr/lib Object libraries, including dynamic libraries, plus some exe- cutables which usually are not invoked directly. More compli- cated programs may have whole subdirectories there. /usr/lib/X11 The usual place for data files associated with X programs, and configuration files for the X system itself. On Linux, it usu- ally is a symbolic link to /usr/X11R6/lib/X11. /usr/lib/gcc-lib contains executables and include files for the GNU C compiler, gcc(1). /usr/lib/groff Files for the GNU groff document formatting system. /usr/lib/uucp Files for uucp(1). /usr/local This is where programs which are local to the site typically go. /usr/local/bin Binaries for programs local to the site. /usr/local/doc Local documentation. /usr/local/etc Configuration files associated with locally installed programs. /usr/local/games Binaries for locally installed games. /usr/local/lib Files associated with locally installed programs. /usr/local/include Header files for the local C compiler. /usr/local/info Info pages associated with locally installed programs. /usr/local/man Man pages associated with locally installed programs. /usr/local/sbin Locally installed programs for system administration. /usr/local/share Local application data that can be shared among different archi- tectures of the same OS. /usr/local/src Source code for locally installed software. /usr/man Replaced by /usr/share/man. /usr/sbin This directory contains program binaries for system administra- tion which are not essential for the boot process, for mounting /usr, or for system repair. /usr/share This directory contains subdirectories with specific application data, that can be shared among different architectures of the same OS. Often one finds stuff here that used to live in /usr/doc or /usr/lib or /usr/man. /usr/share/dict Contains the word lists used by spell checkers. /usr/share/doc Documentation about installed programs. /usr/share/games Static data files for games in /usr/games. /usr/share/info Info pages go here. /usr/share/locale Locale information goes here. /usr/share/man Manpages go here in subdirectories according to the man page sections. /usr/share/man//man[1-9] These directories contain manual pages for the specific locale in source code form. Systems which use a unique language and code set for all manual pages may omit the substring. /usr/share/misc Miscellaneous data that can be shared among different architec- tures of the same OS. /usr/share/nls The message catalogs for native language support go here. /usr/share/sgml Files for SGML and XML. /usr/share/terminfo The datebase for terminfo. /usr/share/tmac Troff macros that are not distributed with groff. /usr/share/zoneinfo Files for timezone information. /usr/src Source files for different parts of the system, included with some packages for reference purposes. Don???t work here with your own projects, as files below /usr should be read-only except when installing software. /usr/src/linux This was the traditional place for the kernel source. Some dis- tributions put here the source for the default kernel they ship. You should probably use another directory when building your own kernel. /usr/tmp Obsolete. This should be a link to /var/tmp. This link is present only for compatibility reasons and shouldn???t be used. /var This directory contains files which may change in size, such as spool and log files. /var/adm This directory is superseded by /var/log and should be a sym- bolic link to /var/log. /var/backups Reserved for historical reasons. /var/cache Data cached for programs. /var/catman/cat[1-9] or /var/cache/man/cat[1-9] These directories contain preformatted manual pages according to their man page section. (The use of preformatted manual pages is deprecated.) /var/cron Reserved for historical reasons. /var/lib Variable state information for programs. /var/local Variable data for /usr/local. /var/lock Lock files are placed in this directory. The naming convention for device lock files is LCK.. where is the device???s name in the filesystem. The format used is that of HDU UUCP lock files, i.e. lock files contain a PID as a 10-byte ASCII decimal number, followed by a newline character. /var/log Miscellaneous log files. /var/opt Variable data for /opt. /var/mail Users??? mailboxes. Replaces /var/spool/mail. /var/msgs Reserved for historical reasons. /var/preserve Reserved for historical reasons. /var/run Run-time variable files, like files holding process identifiers (PIDs) and logged user information (utmp). Files in this direc- tory are usually cleared when the system boots. /var/spool Spooled (or queued) files for various programs. /var/spool/at Spooled jobs for at(1). /var/spool/cron Spooled jobs for cron(1). /var/spool/lpd Spooled files for printing. /var/spool/mail Replaced by /var/mail. /var/spool/mqueue Queued outgoing mail. /var/spool/news Spool directory for news. /var/spool/rwho Spooled files for rwhod(8). /var/spool/smail Spooled files for the smail(1) mail delivery program. /var/spool/uucp Spooled files for uucp(1). /var/tmp Like /tmp, this directory holds temporary files stored for an unspecified duration. /var/yp Database files for NIS. CONFORMS TO The Filesystem Hierarchy Standard, Version 2.2 BUGS This list is not exhaustive; different systems may be configured dif- ferently. SEE ALSO find(1), ln(1), mount(1), proc(5), The Filesystem Hierarchy Standard Linux 2001-09-07 HIER(7) From lists Tue Feb 22 05:46:01 2005 From: lists (lists at genoverly.net) Date: Tue, 22 Feb 2005 11:46:01 +0100 Subject: [nycbug-talk] Hackathon & T-shirts Message-ID: <0MKz1m-1D3XaF1VEF-0006fd@mrelay.perfora.net> Hello NYCBUG Subscribers, For the past few years, OpenBSD programmers have come together from far and wide for a Hackathon. The Hackathon is an important event in the OpenBSD calendar. The core developers get together for a planned week of hardcore improvements / discussions on OpenBSD. The idea is to get everyone in the same room so that they work themselves into a coding frenzy. It is also a chance for people who work together all year on the project to actually *get* together. NYCBUG would like help sponsor the event. To that end we will be taking collections for the next few weeks. We will be including the take from the donations made at the Holiday party. Also, we have a SPECIAL SURPRISE for generous donations. If you give $50 or more, you will recieve a brand new, freshly baked, first edition... NYCBUG T-SHIRT!! That's right. You could wear a 100% cotton, white BeefyT, emblazoned with the black and red NYCBUG logo. And as a super-special-bonus these T's have art on the back that only a BSD user would love: a hand crafted dmesg!! Please contact us about making your donation. From george Tue Feb 22 11:40:31 2005 From: george (George Georgalis) Date: Tue, 22 Feb 2005 11:40:31 -0500 Subject: [nycbug-talk] using css for printed materals Message-ID: <20050222164031.GA2898@ixeon.local> Goal, develop documentation model that will easily port to SGML. Requirements, standard technical report type formatting, outline type formatting, with lots of tables. Sounds like standard html (table header, and column identifiers on top of each table). But there is a catch, the documents will be printed and on each printed page should appear the table header and column labels. Is there a css (media=print) tag that will put Table header and col identifiers on each page, like below? Any templates for this? // George ----------------------page break---------------------------- 1.2.3 section 1.2.3.4 section Some text.... +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | | |yack yack |bb | | | | | | | | | | | | +-------+--------------------------------------+----+----+ ----------------------page break---------------------------- +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | | |yack yack |bb | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ 1.2.3 section 1.2.3.5 section Some text.... +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | | |yack yack |bb | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ ----------------------page break---------------------------- +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | +-------+--------------------------------------+----+----+ Some text.... -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From daggerquill Tue Feb 22 12:05:43 2005 From: daggerquill (Jay) Date: Tue, 22 Feb 2005 12:05:43 -0500 Subject: [nycbug-talk] using css for printed materals In-Reply-To: <20050222164031.GA2898@ixeon.local> References: <20050222164031.GA2898@ixeon.local> Message-ID: <4ce365ec05022209055293cada@mail.gmail.com> On Tue, 22 Feb 2005 11:40:31 -0500, George Georgalis wrote: > Goal, develop documentation model that will easily port to SGML. > Requirements, standard technical report type formatting, outline type > formatting, with lots of tables. > > Sounds like standard html (table header, and column identifiers on top > of each table). But there is a catch, the documents will be printed > and on each printed page should appear the table header and column > labels. Is there a css (media=print) tag that will put Table header and > col identifiers on each page, like below? Any templates for this? > > // George > George, There are a couple of ways to do this. It's tough in the browser, because that depends so heavily on the user's set-up: lett/a4 conversion, fonts, margins, etc. My preference would be html2latex, which is a perl module to do exactly what its name implies. you can get it from cpan if you don't already have it. Take a look at the docs at html2latex.sourceforge.net. If it doesn't automatically produce the output you're looking for, you can postprocess the LaTeX source before sending it to the printer. If the idea is for visitors to the website to be able to print themselves, run pdflatex on the file and let them download the pdf. HTH, --jay From mspitzer Tue Feb 22 12:26:02 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 12:26:02 -0500 Subject: [nycbug-talk] using css for printed materals In-Reply-To: <20050222164031.GA2898@ixeon.local> References: <20050222164031.GA2898@ixeon.local> Message-ID: <8c50a3c305022209265cc2282d@mail.gmail.com> On Tue, 22 Feb 2005 11:40:31 -0500, George Georgalis wrote: > Goal, develop documentation model that will easily port to SGML. > Requirements, standard technical report type formatting, outline type > formatting, with lots of tables. Why not use sgml as the master format and then derive html/pdf/ps/etc from it? > > Sounds like standard html (table header, and column identifiers on top > of each table). But there is a catch, the documents will be printed > and on each printed page should appear the table header and column > labels. Is there a css (media=print) tag that will put Table header and > col identifiers on each page, like below? Any templates for this? Look at CSS 2.0, I think it has page formating directives in it. marc > > // George > > ----------------------page break---------------------------- > > 1.2.3 section > 1.2.3.4 section > > Some text.... > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > | | | | | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > 1.2.3 section > 1.2.3.5 section > > Some text.... > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > +-------+--------------------------------------+----+----+ > > Some text.... > > -- > George Georgalis, systems architect, administrator Linux BSD IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From joshmccormack Tue Feb 22 13:04:01 2005 From: joshmccormack (joshmccormack at travelersdiary.com) Date: Tue, 22 Feb 2005 19:04:01 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_using_css_for_printed_materals?= Message-ID: <0MKyxe-1D3eOB01ps-0002eb@mrelay.perfora.net> You can specify a print stylesheet, and you could have content only visible for when it prints. I think what you're asking is if you can control the printing of column headers, so they print on every new page. Hmm... that's a tougher one. I don't think there's an easy way. I think you're entering into the hack/kindof works area. Here's some good info on Print CSS stuff. Josh George Georgalis wrote on 02/22/2005, 05:40:31 PM: > Goal, develop documentation model that will easily port to SGML. > Requirements, standard technical report type formatting, outline type > formatting, with lots of tables. > > Sounds like standard html (table header, and column identifiers on top > of each table). But there is a catch, the documents will be printed > and on each printed page should appear the table header and column > labels. Is there a css (media=print) tag that will put Table header and > col identifiers on each page, like below? Any templates for this? > > // George > > > ----------------------page break---------------------------- > > 1.2.3 section > 1.2.3.4 section > > Some text.... > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > | | | | | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > 1.2.3 section > 1.2.3.5 section > > Some text.... > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > +-------+--------------------------------------+----+----+ > > Some text.... > > > > -- > George Georgalis, systems architect, administrator Linux BSD IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month From george Tue Feb 22 13:15:22 2005 From: george (George Georgalis) Date: Tue, 22 Feb 2005 13:15:22 -0500 Subject: [nycbug-talk] using css for printed materals In-Reply-To: <0MKyxe-1D3eOB01ps-0002eb@mrelay.perfora.net> References: <0MKyxe-1D3eOB01ps-0002eb@mrelay.perfora.net> Message-ID: <20050222181522.GB3116@ixeon.local> On Tue, Feb 22, 2005 at 07:04:01PM +0100, joshmccormack at travelersdiary.com wrote: > >You can specify a print stylesheet, and you could have content only >visible for when it prints. > >I think what you're asking is if you can control the printing of column >headers, so they print on every new page. Hmm... that's a tougher one. >I don't think there's an easy way. I think you're entering into the >hack/kindof works area. > >Here's some good info on Print CSS stuff. > >Josh Yeah. Figured it would be tough, but was hoping there was something standard to put table header on top of each page for printed media. (Sounds simple enough). Not going with sgml right now because I need to get the doc out asap and I'm not up to speed with sgml. (this might be tough there too) So for now I'm sticking with html and forsaking the per page table headers. But I have another problem. After several sublists my tables are significantly indented (
          ). I don't want to break out of the ordered lists, the table belongs nested, but is there a way to make the table the full width of the document? // George PS was a link for printed CSS info missing? -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From tillman Tue Feb 22 15:44:11 2005 From: tillman (Tillman Hodgson) Date: Tue, 22 Feb 2005 14:44:11 -0600 Subject: [nycbug-talk] The serial cable jungle Message-ID: <20050222204411.GG92490@seekingfire.com> Howdy folks, I'm trying to find some information on how to pin those little RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as opposed to Sun box) to my Digi PortServer II. Google ain't showin' me no luv. A few things that I know for sure: * A Cisco-style console cable doesn't work -- anyone know how *these* puppies are wired? * 10-pin RJ-45? wtf? Digi and their altpin scheme is evil * Digi part number 76000697 looks like what I need, except it's a bazillion Canadian dollars (well, it's more than making my own adapters using generic stuff I can pick up at the electronics supply store) * The PDF "Digi Terminal Server Cable Guide" only lists DB25 examples. Does anyone know of a reasonably accurate DB25->DB9 pin mapping guide? Thanks all, -T -- "If 'everybody knows' such-and-such, then it ain't so, by at least ten thousand to one." -- Robert Heinlein From mspitzer Tue Feb 22 16:04:06 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 16:04:06 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: <8c50a3c305022213042d5bd046@mail.gmail.com> On Tue, 22 Feb 2005 14:44:11 -0600, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as > opposed to Sun box) to my Digi PortServer II. Try a straight through ethernet cable, its what I use for pc <-> sun console cables marc > > Google ain't showin' me no luv. > > A few things that I know for sure: > > * A Cisco-style console cable doesn't work -- anyone know how *these* > puppies are wired? > * 10-pin RJ-45? wtf? Digi and their altpin scheme is evil > * Digi part number 76000697 looks like what I need, except it's a > bazillion Canadian dollars (well, it's more than making my own > adapters using generic stuff I can pick up at the electronics supply > store) > * The PDF "Digi Terminal Server Cable Guide" only lists DB25 examples. > Does anyone know of a reasonably accurate DB25->DB9 pin mapping guide? > > Thanks all, > > -T > > -- > "If 'everybody knows' such-and-such, then it ain't so, by at least ten > thousand to one." > -- Robert Heinlein > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From aron Tue Feb 22 16:10:16 2005 From: aron (Aron Roberts) Date: Tue, 22 Feb 2005 16:10:16 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: On Feb 22, 2005, at 3:44 PM, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server > (as > opposed to Sun box) to my Digi PortServer II. > You may be looking for this: http://yost.com/Computers/RJ45-serial/ From aron Tue Feb 22 16:11:32 2005 From: aron (Aron Roberts) Date: Tue, 22 Feb 2005 16:11:32 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: <55bf6ae8568a6917d9aa58ebcd36a5ef@slam.cc> On Feb 22, 2005, at 3:44 PM, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server > (as > opposed to Sun box) to my Digi PortServer II. > then again, you might not :) From joshmccormack Tue Feb 22 16:18:01 2005 From: joshmccormack (joshmccormack at travelersdiary.com) Date: Tue, 22 Feb 2005 22:18:01 +0100 Subject: =?iso-8859-1?Q?Re:_Re:_[nycbug-talk]_using_css_for_printed_materals?= Message-ID: <0MKz5u-1D3hRq3FOf-0006jf@mrelay.perfora.net> Doh, yes there was supposed to be a link: http://www.codestyle.org/css/media/FAQ.shtml Josh George Georgalis wrote on 02/22/2005, 07:15:22 PM: > On Tue, Feb 22, 2005 at 07:04:01PM +0100, joshmccormack at travelersdiary.com wrote: > > > >You can specify a print stylesheet, and you could have content only > >visible for when it prints. > > > >I think what you're asking is if you can control the printing of column > >headers, so they print on every new page. Hmm... that's a tougher one. > >I don't think there's an easy way. I think you're entering into the > >hack/kindof works area. > > > >Here's some good info on Print CSS stuff. > > > >Josh > > Yeah. Figured it would be tough, but was hoping there was something > standard to put table header on top of each page for printed > media. (Sounds simple enough). > > Not going with sgml right now because I need to get the doc out asap and > I'm not up to speed with sgml. (this might be tough there too) > > So for now I'm sticking with html and forsaking the per page table > headers. But I have another problem. After several sublists my tables > are significantly indented (). > > I don't want to break out of the ordered lists, the table belongs > nested, but is there a way to make the table the full width of the > document? > > // George > > PS was a link for printed CSS info missing? > > > -- > George Georgalis, systems architect, administrator Linux BSD IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month From tillman Tue Feb 22 16:28:48 2005 From: tillman (Tillman Hodgson) Date: Tue, 22 Feb 2005 15:28:48 -0600 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <8c50a3c305022213042d5bd046@mail.gmail.com> References: <20050222204411.GG92490@seekingfire.com> <8c50a3c305022213042d5bd046@mail.gmail.com> Message-ID: <20050222212848.GH92490@seekingfire.com> On Tue, Feb 22, 2005 at 04:04:06PM -0500, Marc Spitzer wrote: > On Tue, 22 Feb 2005 14:44:11 -0600, Tillman Hodgson > wrote: > > Howdy folks, > > > > I'm trying to find some information on how to pin those little > > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as > > opposed to Sun box) to my Digi PortServer II. > > Try a straight through ethernet cable, its what I use for pc <-> sun > console cables That's what I use too. The Digi is a little different though ... lemme see if I can find a picture. Ah: http://yost.com/Computers/RJ45-serial/ Hmmm. I wonder if that's actually exactly what I was looking for :-) -T -- "The mind is not a vessel to be filled but a fire to be kindled." -- Plutarch (45 - 125 A.D. Greek Writer & Lecturer) From jesse Tue Feb 22 17:23:16 2005 From: jesse (Jesse Callaway) Date: Tue, 22 Feb 2005 17:23:16 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: <20050222222316.GA5421@mail.theholymountain.com> On Tue, Feb 22, 2005 at 02:44:11PM -0600, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as > opposed to Sun box) to my Digi PortServer II. > > Google ain't showin' me no luv. > > A few things that I know for sure: > > * A Cisco-style console cable doesn't work -- anyone know how *these* > puppies are wired? > * 10-pin RJ-45? wtf? Digi and their altpin scheme is evil > * Digi part number 76000697 looks like what I need, except it's a > bazillion Canadian dollars (well, it's more than making my own > adapters using generic stuff I can pick up at the electronics supply > store) > * The PDF "Digi Terminal Server Cable Guide" only lists DB25 examples. > Does anyone know of a reasonably accurate DB25->DB9 pin mapping guide? > > Thanks all, > > -T I checked the Digi website and they are pointing you to resellers which offer $25USD for a 10 pack. That's cheaper than building them yourself. I've priced this project out before, and it's cheaper. Materials will cost you about the same. And then you have to build them. Bust out the multimeter. Rebuild a couple of them... by now you've lost a little money. But I admit it is fun. http://www.digi.com/products/consolemanagement/digicm.jsp I don't think the fact that it's a CM model instead of a PortServerII will be of any signifigance. But of course you can check with the sales person on the phone. -jesse From okan Tue Feb 22 23:01:20 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:01:20 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) Message-ID: <20050223040120.GA85458@yinaska.pair.com> so in my quest to have a paperless office, i'm struggling with one big thing: faxing/emailing back forms sent or downloaded in pdf form. thought i'd hit up this knowledgable list to see if anyone has any bright ideas ;) obivously the faxing thing is not an issue (faxmodem+hylafax), nor the emailing part;) the part about filling out forms that come across the wire as pdf. i'm aware that adobe can edit certain "fillable" pdf forms, but the majority of stuff out there is not of that type - besides, i'm not going to bye adobe to fill this gap ;) are there any ideas out there? is coverting the pdf to an image, then editing that image a valid, and sane, idea? ideas? or maybe a hit on the head with a good cluestick that has the magic google search keywords ;) thanks. -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From george Tue Feb 22 23:06:54 2005 From: george (G. Rosamond) Date: Tue, 22 Feb 2005 23:06:54 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. 'Paperless office'? You're so 1991. . . > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) Buy a Mac and buy the full version of Acrobat. . . Would love to hear some insight on this. . . George From mspitzer Tue Feb 22 23:15:26 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 23:15:26 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <8c50a3c305022220152f72c3f@mail.gmail.com> On Tue, 22 Feb 2005 23:01:20 -0500, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) Emacs? only half in jest. A regular pdf is just a text file after all. Also check out the linux emulation stuff, adobie supports linux(I think anyway) so perhaps you could get it running and use the linux versions edit features. marc From j Tue Feb 22 23:15:31 2005 From: j (Freeman, Joshua) Date: Tue, 22 Feb 2005 23:15:31 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) Message-ID: <319FD9EAB7A43E43895ACA5AA1F81E05F88981@xmail.nybg.org> One possibility is to use some kind of OCR app. to convert the PDF to an editable file... unfortunately though, I don't think you can go from 'pdf' to OCR... I think the OCR apps. want you to actually have a paper version that you scan first, thus converting the paper document to an image, either a .tif or .pdf or .jpg.... You've asked an interesting and challenging question! j. Joshua S. Freeman Director, Information Technology, NYBG v: 718 817 8937 m: 347 392 2560 jfreeman at nybg dot org -----Original Message----- From: talk-bounces at lists.nycbug.org on behalf of G. Rosamond Sent: Tue 2/22/2005 11:06 PM To: Okan Demirmen Cc: talk at lists.nycbug.org Subject: Re: [nycbug-talk] editting pdf's... (dot dot dot) On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. 'Paperless office'? You're so 1991. . . > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) Buy a Mac and buy the full version of Acrobat. . . Would love to hear some insight on this. . . George _______________________________________________ % NYC*BUG talk mailing list http://lists.nycbug.org/mailman/listinfo/talk %Be sure to check out our Jobs and NYCBUG-announce lists %We meet the first Wednesday of the month -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050222/a1718107/attachment.html From dan Tue Feb 22 23:19:27 2005 From: dan (Dan Langille) Date: Tue, 22 Feb 2005 23:19:27 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> Message-ID: <421BBDFF.1779.DBE3F@localhost> On 18 Feb 2005 at 15:51, Dan Langille wrote: > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. OK! now is the time. Thanks. http://www.bsdcan.org/2005/presentations.php nycbug-announce has already been hit (thanks). cheers -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From okan Tue Feb 22 23:23:48 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:23:48 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <8c50a3c305022220152f72c3f@mail.gmail.com> References: <20050223040120.GA85458@yinaska.pair.com> <8c50a3c305022220152f72c3f@mail.gmail.com> Message-ID: <20050223042348.GB88478@yinaska.pair.com> On Tue 2005.02.22 at 23:15 -0500, Marc Spitzer wrote: > On Tue, 22 Feb 2005 23:01:20 -0500, Okan Demirmen wrote: > > so in my quest to have a paperless office, i'm struggling with one > > big thing: faxing/emailing back forms sent or downloaded in pdf > > form. > > > > thought i'd hit up this knowledgable list to see if anyone has any > > bright ideas ;) > > > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > > the emailing part;) the part about filling out forms that come > > across the wire as pdf. i'm aware that adobe can edit certain > > "fillable" pdf forms, but the majority of stuff out there is not > > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > > > are there any ideas out there? is coverting the pdf to an image, > > then editing that image a valid, and sane, idea? ideas? or maybe a > > hit on the head with a good cluestick that has the magic google > > search keywords ;) > > Emacs? only half in jest. A regular pdf is just a text file after all. hah ;) > Also check out the linux emulation stuff, adobie supports linux(I > think anyway) so perhaps you could get it running and use the linux > versions edit features. so i'd do the emulation thing, but now i have to go out and buy this adobie thingy, which possibly could be more $$, legally, than a silly hardware fax machine, and most probably could not edit ~80% of the pdf's out there. someone correct me if i'm wrong, but a pdf has to have "fill-in" attributes before even adobe can edit it, which happens during the creation phase - maybe. thanks though okan > marc > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From okan Tue Feb 22 23:26:13 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:26:13 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <319FD9EAB7A43E43895ACA5AA1F81E05F88981@xmail.nybg.org> References: <319FD9EAB7A43E43895ACA5AA1F81E05F88981@xmail.nybg.org> Message-ID: <20050223042613.GC88478@yinaska.pair.com> On Tue 2005.02.22 at 23:15 -0500, Freeman, Joshua wrote: > One possibility is to use some kind of OCR app. to convert the PDF to an editable file... unfortunately though, I don't think you can go from 'pdf' to OCR... I think the OCR apps. want you to actually have a paper version that you scan first, thus converting the paper document to an image, either a .tif or .pdf or .jpg.... that's interesting....wondering one can fool some OCR out there to take a file as input rather than an image from a scanner... > You've asked an interesting and challenging question! we'll see how this all plays out... ;) thanks > j. > > Joshua S. Freeman > Director, Information Technology, NYBG > v: 718 817 8937 m: 347 392 2560 > jfreeman at nybg dot org > > > > -----Original Message----- > From: talk-bounces at lists.nycbug.org on behalf of G. Rosamond > Sent: Tue 2/22/2005 11:06 PM > To: Okan Demirmen > Cc: talk at lists.nycbug.org > Subject: Re: [nycbug-talk] editting pdf's... (dot dot dot) > > > On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > > > so in my quest to have a paperless office, i'm struggling with one > > big thing: faxing/emailing back forms sent or downloaded in pdf > > form. > > 'Paperless office'? You're so 1991. . . > > > > > thought i'd hit up this knowledgable list to see if anyone has any > > bright ideas ;) > > > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > > the emailing part;) the part about filling out forms that come > > across the wire as pdf. i'm aware that adobe can edit certain > > "fillable" pdf forms, but the majority of stuff out there is not > > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > > > are there any ideas out there? is coverting the pdf to an image, > > then editing that image a valid, and sane, idea? ideas? or maybe a > > hit on the head with a good cluestick that has the magic google > > search keywords ;) > > Buy a Mac and buy the full version of Acrobat. . . > > Would love to hear some insight on this. . . > > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > > -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From mspitzer Tue Feb 22 23:32:38 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 23:32:38 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223042348.GB88478@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> <8c50a3c305022220152f72c3f@mail.gmail.com> <20050223042348.GB88478@yinaska.pair.com> Message-ID: <8c50a3c305022220322c09c5e4@mail.gmail.com> On Tue, 22 Feb 2005 23:23:48 -0500, Okan Demirmen wrote: > > so i'd do the emulation thing, but now i have to go out and buy > this adobie thingy, which possibly could be more $$, legally, than > a silly hardware fax machine, and most probably could not edit ~80% > of the pdf's out there. someone correct me if i'm wrong, but a pdf > has to have "fill-in" attributes before even adobe can edit it, which > happens during the creation phase - maybe. If they created the form correctly you do not need to buy the full version to fill it in the free version works fine, well it did for me on reader V7 on windows, when I filled out some forms for work. And remember there is always emacs /2 marc > > thanks though > > okan > > > marc > > _______________________________________________ > > % NYC*BUG talk mailing list > > http://lists.nycbug.org/mailman/listinfo/talk > > %Be sure to check out our Jobs and NYCBUG-announce lists > > %We meet the first Wednesday of the month > > -- > Okan Demirmen > PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 > PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From george Tue Feb 22 23:34:02 2005 From: george (G. Rosamond) Date: Tue, 22 Feb 2005 23:34:02 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <421BBDFF.1779.DBE3F@localhost> References: <421BBDFF.1779.DBE3F@localhost> Message-ID: <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: > On 18 Feb 2005 at 15:51, Dan Langille wrote: > >> The BSDCan program will be announced soon. I'm looking for help in >> distributing and organizing publicity for this announcement. > > OK! now is the time. Thanks. > > http://www.bsdcan.org/2005/presentations.php > > nycbug-announce has already been hit (thanks). > And I also hit Daemon News. . . although it hasn't posted yet. Undeadly.org, Usenet, the various project mailing lists. . . Come on all, lots to do. Volunteers get to pay Canadian dollars for the conference. George From okan Tue Feb 22 23:41:49 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:41:49 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> References: <421BBDFF.1779.DBE3F@localhost> <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> Message-ID: <20050223044149.GE88478@yinaska.pair.com> On Tue 2005.02.22 at 23:34 -0500, G. Rosamond wrote: > > On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: > > >On 18 Feb 2005 at 15:51, Dan Langille wrote: > > > >>The BSDCan program will be announced soon. I'm looking for help in > >>distributing and organizing publicity for this announcement. > > > >OK! now is the time. Thanks. > > > >http://www.bsdcan.org/2005/presentations.php > > > >nycbug-announce has already been hit (thanks). > > > > And I also hit Daemon News. . . although it hasn't posted yet. > > Undeadly.org, Usenet, the various project mailing lists. . . Come on > all, lots to do. undeadly and openbsd list hit. just saw it go over nysa list > Volunteers get to pay Canadian dollars for the conference. > > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From george Wed Feb 23 00:00:55 2005 From: george (G. Rosamond) Date: Wed, 23 Feb 2005 00:00:55 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <20050223044149.GE88478@yinaska.pair.com> References: <421BBDFF.1779.DBE3F@localhost> <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> <20050223044149.GE88478@yinaska.pair.com> Message-ID: <6010e7d7d69a2fc131948bac41bb9d2a@sddi.net> On Feb 22, 2005, at 11:41 PM, Okan Demirmen wrote: > On Tue 2005.02.22 at 23:34 -0500, G. Rosamond wrote: >> >> On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: >> >>> On 18 Feb 2005 at 15:51, Dan Langille wrote: >>> >>>> The BSDCan program will be announced soon. I'm looking for help in >>>> distributing and organizing publicity for this announcement. >>> >>> OK! now is the time. Thanks. >>> >>> http://www.bsdcan.org/2005/presentations.php >>> >>> nycbug-announce has already been hit (thanks). >>> >> >> And I also hit Daemon News. . . although it hasn't posted yet. >> >> Undeadly.org, Usenet, the various project mailing lists. . . Come on >> all, lots to do. > > undeadly and openbsd list hit. just saw it go over nysa list > I see that. . . and I just hit Slashdot . . . but don't worry about your server Dan, no one goes there anymore, it's too crowded. George (yes, that was a Yogi Berra quote) From pete Wed Feb 23 00:06:07 2005 From: pete (Pete Wright) Date: Wed, 23 Feb 2005 00:06:07 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <20050223050607.GA73615@finn.nomadlogic.org> On Tue, Feb 22, 2005 at 11:01:20PM -0500, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) > > thanks. my connection is a bit spotty right now, so this'll be quick. it may be worth checking out converting the pdf to .ps then using gs to convert that to ascii. i have some scripts that'll do this, altho i'm sure you can figure something out. if you want more info lemme know and i'll email again from a better connection at home. HTH -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Wed Feb 23 00:10:28 2005 From: pete (Pete Wright) Date: Wed, 23 Feb 2005 00:10:28 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <6010e7d7d69a2fc131948bac41bb9d2a@sddi.net> References: <421BBDFF.1779.DBE3F@localhost> <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> <20050223044149.GE88478@yinaska.pair.com> <6010e7d7d69a2fc131948bac41bb9d2a@sddi.net> Message-ID: <20050223051028.GC73615@finn.nomadlogic.org> On Wed, Feb 23, 2005 at 12:00:55AM -0500, G. Rosamond wrote: > > On Feb 22, 2005, at 11:41 PM, Okan Demirmen wrote: > > >On Tue 2005.02.22 at 23:34 -0500, G. Rosamond wrote: > >> > >>On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: > >> > >>>On 18 Feb 2005 at 15:51, Dan Langille wrote: > >>> > >>>>The BSDCan program will be announced soon. I'm looking for help in > >>>>distributing and organizing publicity for this announcement. > >>> > >>>OK! now is the time. Thanks. > >>> > >>>http://www.bsdcan.org/2005/presentations.php > >>> > >>>nycbug-announce has already been hit (thanks). > >>> > >> > >>And I also hit Daemon News. . . although it hasn't posted yet. > >> > >>Undeadly.org, Usenet, the various project mailing lists. . . Come on > >>all, lots to do. > > > >undeadly and openbsd list hit. just saw it go over nysa list > > > > I see that. . . and I just hit Slashdot . . . but don't worry about > your server Dan, no one goes there anymore, it's too crowded. > > George > > (yes, that was a Yogi Berra quote) wow didn't know Yogi was a /.'er. Prolly a linux gnuser too ;p i hit bsdofsocal.org's list. altho it's pretty dead. hopefully some people are sub'd to it. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Wed Feb 23 11:51:40 2005 From: george (George Georgalis) Date: Wed, 23 Feb 2005 11:51:40 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <20050223165140.GA14659@ixeon.local> On Tue, Feb 22, 2005 at 11:01:20PM -0500, Okan Demirmen wrote: > >are there any ideas out there? is coverting the pdf to an image, >then editing that image a valid, and sane, idea? ideas? or maybe a >hit on the head with a good cluestick that has the magic google >search keywords ;) I've not had to do this, but my first thought is opening it with gimp and paint over... second thought is print it, fill it out and fax back, but that wouldn't be paperless. Actually in the spirit of paperless office, I refuse fax communications, "I don't have a fax machine" because, anyway you slice it, it is everything we don't like about paper, only low-res. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From ike Wed Feb 23 12:14:47 2005 From: ike (Isaac Levy) Date: Wed, 23 Feb 2005 12:14:47 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223165140.GA14659@ixeon.local> References: <20050223040120.GA85458@yinaska.pair.com> <20050223165140.GA14659@ixeon.local> Message-ID: <6640880aa56472ca2d921c3017c42e11@lesmuug.org> Hi Okan, George, All, - my quickie .02?, On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) /me winces: I've worked with these PDF forms systems since their baby days, (98'?), and in the end, it's the same deal as Word docs. The PDF specification is open, but all the form stuff, is extra stuff that Adobe has layered in on top- muddy territory, I don't think it's all open spec stuff that Adobe does. Regardless, the only apps that actually work with these things are adobe acrobat apps- plain and simple. I've had PDF's that came to me which I opened with Preview.app on my mac, (where pdf is built into the core display engines), only to find that Preview wasn't displaying filled-in form text. Had to open with Acrobat Reader, really annoying. So in the end, we have 3 real choices: 1) Give in and run Adobe apps somewhere/somehow 2) Be hardcore about what formats people send you stuff (.txt !) 3) Write something or get involved with an open project that addresses your needs, (none of which seem very comprehensive or solid at the time of this writing) -- That stated, my solution in the office is to just stay away from all of it- I've become somewhat of a pain with file formats (No word files, RTF only- or Plain Text), usually annoying to some HR depts and biz. folks, but it's just how I roll. Usually the work we're doing is more important than mucking about with documents, and in the end, even if they complain, folks *can* read .txt files everywhere. Another solution I've been slowly moving towards, is more web use- areas for my clients to upload files, and for me to post contracts, etc... in HTML. Since I build things like intranets all the time, I've been noodling my own intranet type app for a long time- but never really finished off the job cleanly, (though it's amazing how far a web app with decent access control can go...) On Feb 23, 2005, at 11:51 AM, George Georgalis wrote: > Actually in the spirit of paperless office, I refuse fax > communications, > "I don't have a fax machine" because, anyway you slice it, it is > everything we don't like about paper, only low-res. > > // George I kindof agree with GG here- I try to minimize faxing alltogether, using the local kinkos or copy shop for the 1 or 2 times annually that I need to send/recieve faxes. As another sidenote, I've done the efax things, years ago, and well, I personally found it really quite annoying in the end- none of the software/services/etc are ever very complete- after all these years. Usually I find I need to fax signed docs, which in most contexts I want to fedex anyhow... OK, a bit more than .02?, but whatever... Hope DC's treating you well and your office at least has a good view of the Potomac or some monument or somesuch. Rocket- .ike From george Wed Feb 23 15:15:08 2005 From: george (G. Rosamond) Date: Wed, 23 Feb 2005 15:15:08 -0500 Subject: [nycbug-talk] BSDCan announce on Slashdot: rejected Message-ID: 2005-02-23 04:59:34 BSDCan 2005 Presentation Listing Released (BSD,Announcements) (rejected) Nice. . . should have mentioned Debian ham radios using DES powered by sun spots. . . I'll try again in another way later on. . . George From daggerquill Wed Feb 23 10:46:17 2005 From: daggerquill (Jay) Date: Wed, 23 Feb 2005 10:46:17 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <4ce365ec05022307462f61e697@mail.gmail.com> On Tue, 22 Feb 2005 23:01:20 -0500, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) > > thanks. > Find a wordprocessor that will import the pdf as a graphical format. Open Office won't, but I don't know about the other options. Otherwise, turn it into EPS or some other format that your word processor will work with and use it as a background image. Then you can draw text boxes where you want them, or just use the space bar and carriage returns to get in the right ballpark. If done this a couple of times. You'll lose a lot of resolution with the graphic conversions, but it was a fax to begin with, right? HTH, --jay savage From dlavigne6 Thu Feb 24 10:11:39 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 10:11:39 -0500 (EST) Subject: [nycbug-talk] savelogs Message-ID: <20050224100827.Q587@dru.domain.org> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from the command line whether I'm in the tcsh or the sh shell. However, as soon as I script it (Bourne shell script, simply has the same command I run at the command line), it runs TWICE, resulting in an empty log file. I'm losing hair on this one. Any suggestions? Dru From dan Thu Feb 24 10:09:51 2005 From: dan (Dan Langille) Date: Thu, 24 Feb 2005 10:09:51 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224100827.Q587@dru.domain.org> Message-ID: <421DA7EF.3890.7878966@localhost> On 24 Feb 2005 at 10:11, Dru wrote: > Anyone have any idea what I'm missing here? I'm using > sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress > logs. Works beautifully from the command line whether I'm in the tcsh > or the sh shell. What does that give you that newsyslog doesn't? Command line interface? -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From dlavigne6 Thu Feb 24 10:30:21 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 10:30:21 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <421DA7EF.3890.7878966@localhost> References: <421DA7EF.3890.7878966@localhost> Message-ID: <20050224102832.N587@dru.domain.org> On Thu, 24 Feb 2005, Dan Langille wrote: > On 24 Feb 2005 at 10:11, Dru wrote: > >> Anyone have any idea what I'm missing here? I'm using >> sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress >> logs. Works beautifully from the command line whether I'm in the tcsh >> or the sh shell. > > What does that give you that newsyslog doesn't? Command line > interface? More control over how the logs are renamed. For example, I can save messages.2005-02-24.gz to /someother/path. Dru From bschonhorst Thu Feb 24 10:26:47 2005 From: bschonhorst (Brad Schonhorst) Date: Thu, 24 Feb 2005 10:26:47 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224100827.Q587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> Message-ID: <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> > Anyone have any idea what I'm missing here? I'm using > sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress > logs. Works beautifully from the command line whether I'm in the tcsh > or the sh shell. > > However, as soon as I script it (Bourne shell script, simply has the > same command I run at the command line), it runs TWICE, resulting in > an empty log file. > > Hey Dru- When you say script it, do you mean script it and run it from cron or are you just testing the script right now? From dlavigne6 Thu Feb 24 10:45:06 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 10:45:06 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> Message-ID: <20050224104257.L587@dru.domain.org> On Thu, 24 Feb 2005, Brad Schonhorst wrote: >> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on >> a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from >> the command line whether I'm in the tcsh or the sh shell. >> >> However, as soon as I script it (Bourne shell script, simply has the same >> command I run at the command line), it runs TWICE, resulting in an empty >> log file. >> >> > > Hey Dru- > > When you say script it, do you mean script it and run it from cron or are you > just testing the script right now? Testing the script. It's real simple (simply the commands I run at the command line:) #!/bin/sh cd /var/log /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog Dru From mspitzer Thu Feb 24 11:56:28 2005 From: mspitzer (Marc Spitzer) Date: Thu, 24 Feb 2005 11:56:28 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224100827.Q587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> Message-ID: <8c50a3c305022408566537cb32@mail.gmail.com> On Thu, 24 Feb 2005 10:11:39 -0500 (EST), Dru wrote: > > Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on > a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from > the command line whether I'm in the tcsh or the sh shell. > > However, as soon as I script it (Bourne shell script, simply has the same > command I run at the command line), it runs TWICE, resulting in an empty > log file. > > I'm losing hair on this one. Any suggestions? what does the cron log say, /var/log/cron on my 5.3 system. I do not have savelogs installed so is it a script or compiled program? It may me as simple as a path issue, when it happens to me it usually is. good luck, marc From dlavigne6 Thu Feb 24 12:43:21 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 12:43:21 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <8c50a3c305022408566537cb32@mail.gmail.com> References: <20050224100827.Q587@dru.domain.org> <8c50a3c305022408566537cb32@mail.gmail.com> Message-ID: <20050224124312.U587@dru.domain.org> On Thu, 24 Feb 2005, Marc Spitzer wrote: > On Thu, 24 Feb 2005 10:11:39 -0500 (EST), Dru wrote: >> >> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on >> a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from >> the command line whether I'm in the tcsh or the sh shell. >> >> However, as soon as I script it (Bourne shell script, simply has the same >> command I run at the command line), it runs TWICE, resulting in an empty >> log file. >> >> I'm losing hair on this one. Any suggestions? > > what does the cron log say, /var/log/cron on my 5.3 system. I do > not have savelogs installed so is it a script or compiled program? > It may me as simple as a path issue, when it happens to me it > usually is. It is a perl script. Dru From george Thu Feb 24 14:32:35 2005 From: george (George Georgalis) Date: Thu, 24 Feb 2005 14:32:35 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224104257.L587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> Message-ID: <20050224193235.GD15866@ixeon.local> On Thu, Feb 24, 2005 at 10:45:06AM -0500, Dru wrote: > >#!/bin/sh >cd /var/log >/usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages >/usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog > from the never heard of it, never tried it peanut gallery; do you get double instances when invoked like this? #!/bin/sh cd /var/log /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages or #!/bin/sh cd /var/log /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages maillog just an un biased guess. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From jpb Thu Feb 24 09:52:16 2005 From: jpb (Jim Brown) Date: Thu, 24 Feb 2005 14:52:16 +0000 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224104257.L587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> Message-ID: <20050224145216.GA6802@sixshooter.v6.thrupoint.net> * Dru [2005-02-24 10:38]: > > > On Thu, 24 Feb 2005, Brad Schonhorst wrote: > > >>Anyone have any idea what I'm missing here? I'm using sysutils/savelogs > >>on a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully > >>from the command line whether I'm in the tcsh or the sh shell. > >> > >>However, as soon as I script it (Bourne shell script, simply has the same > >>command I run at the command line), it runs TWICE, resulting in an empty > >>log file. > Testing the script. It's real simple (simply the commands I run at the > command line:) > > #!/bin/sh > cd /var/log > /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages > /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog > Um, you are running two separate instances in your script, back to back. How about a sleep between them? Maybe you are running into a race problem when the other script starts... Just a thought. Jim B. From dlavigne6 Thu Feb 24 15:06:54 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 15:06:54 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <20050224145216.GA6802@sixshooter.v6.thrupoint.net> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> <20050224145216.GA6802@sixshooter.v6.thrupoint.net> Message-ID: <20050224150604.T587@dru.domain.org> On Thu, 24 Feb 2005, Jim Brown wrote: > * Dru [2005-02-24 10:38]: >> >> >> On Thu, 24 Feb 2005, Brad Schonhorst wrote: >> >>>> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs >>>> on a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully >>>> from the command line whether I'm in the tcsh or the sh shell. >>>> >>>> However, as soon as I script it (Bourne shell script, simply has the same >>>> command I run at the command line), it runs TWICE, resulting in an empty >>>> log file. > > > >> Testing the script. It's real simple (simply the commands I run at the >> command line:) >> >> #!/bin/sh >> cd /var/log >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog >> > > > Um, you are running two separate instances in your script, back to back. > How about a sleep between them? Maybe you are running into a race problem > when the other script starts... >From the slap myself in the head dept., I think George and Jim have spotted the same thing... I'll try again tonight and let you guys know... Dru From dlavigne6 Thu Feb 24 21:05:57 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 21:05:57 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <20050224193235.GD15866@ixeon.local> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> <20050224193235.GD15866@ixeon.local> Message-ID: <20050224210031.P587@dru.domain.org> On Thu, 24 Feb 2005, George Georgalis wrote: > On Thu, Feb 24, 2005 at 10:45:06AM -0500, Dru wrote: >> >> #!/bin/sh >> cd /var/log >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog >> > > from the never heard of it, never tried it peanut gallery; do you get double instances when invoked like this? Sweet, easy to configure program--quite customizable. No BSD-style documentation, though ;-) Contrary to the docs, this is the proper way to run it from a script/cron: /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf i.e. don't specify logs to rotate from the command line (as they're specified in the config file) Dru From EInker Fri Feb 25 11:56:03 2005 From: EInker (Inker, Evan) Date: Fri, 25 Feb 2005 16:56:03 -0000 Subject: [nycbug-talk] First Look At Solaris 10 Message-ID: <386AEEE1B7BAC34CB4DDF394C2349278D6EB39@w2cs-nyk02.gam.com> First Look At Solaris 10 Last update: 02-25-2005 Sun Microsystems has recently released Solaris 10. It is currently free, as in beer, and most of it is promised to be released under an OSI approved license in the second quarter of 2005. Most everyone reading this probably knows all of that. The release and subsequent open sourcing of Solaris 10 has caused quite an uproar in the Open Source community and the IT industry as a whole. Linux advocates have been fighting Solaris advocates on forums across the Internet. The zealotry and misrepresentation from both sides has been really quite impressive. However, I am a BSD user. I am not on either side and will do my best to allow neither zealotry nor misrepresentation into this review. Please continue reading after you have stopped laughing. All political issues aside, Solaris 10 is a very impressive OS. It has some features no other operating system can claim and some that are not necessarily new, but have been implemented in an excellent way. This is not to say it is perfect. There are definitely things I dislike and areas that seem quite unpolished. One of those aforementioned unpolished areas is the installation routine. It can be assumed that Solaris will not be installed by a novice. Even so, the Solaris install is painful and brings with it memories of Windows 2000 installs of old. This is not because its difficult, it is not. The installation is simply unwieldy. My main complaints are the following: * You must partition, install a small base system and reboot to finish the install. I expect an OS to be installable without a reboot. * For the first section of the install there is a web browser in the background, but for unknown reasons there is no browser in the second section. * You have to switch CD's during the install, which is fine, but you can't just switch and walk away. You have to wait for it to read the CD and display another screen and then press next. There is probably a reason for this, but I just find it annoying. Issues like these make the installation routine seem unfinished and just don't fit with the overall quality of the OS. Upon booting Solaris for the first time, you are greeted by dtlogin. This is the default graphical login manager for Solaris and plainly has CDE roots. At this point, there is a drop-down menu in which you can choose to go back to a console login or choose which wm/dm to enter, both CDE and JDS3 are options. I am sure CDE has many great features and I know that some people love it. However, I am not one of them. JDS3 on the other hand is a nicely polished GNOME desktop. The theme and general feel is much improved over Sun's earlier versions. Nothing is very remarkable about JDS3, except network browsing. I have never seen any GNOME desktop do as well with windows and NIX network browsing. There are things I dislike about JDS. As a media player, Sun has chosen the "Java Media Player." This program has no redeeming factors. XMMS or Rhythmbox would be much better choices. They also tapped Mozilla to be the web browser, not Firefox. With FF gaining more and more attention, this choice makes very little sense to me. However, those are my only complaints about JDS3 and they are small ones. Nobody is considering Solaris 10 because of JDS3 or its installation routine. They are looking at it because of new features like DTrace, Zones and the new Service Management Framework. Indeed, it has been quite awhile since we have seen a release of any OS with as many large features as Solaris 10. DTrace One of the main new features in Solaris 10 is DTrace, a dynamic instrumentation system. DTrace consists of a scripting language, named D (not to be confused with the fledgling D Programming Language), and loadable kernel modules named "providers." When called upon, these "providers" track and report system information. DTrace has several features that separate it from other similar systems: * It is dynamic. DTrace has no effect on system performance when not in use. Only those providers that are needed by a particular command are loaded and used. This means if you want to collect data on the scheduler, DTrace will not be collecting data on the IO system as well. This greatly improves performance over those systems that collect a huge amount of unneeded data. * It can instrument both the kernel-level and user-level. * It is safe. DTrace will not allow you to damage the system through its use. Some may find the idea of anything being "totally safe" rather amusing. However, this appears to be true. Time will tell if it holds up, but for the moment I have no evidence to the contrary. * It is adaptable. DTrace really is more a scripting language then it is a tool like truss or top. This has its downside and upside. The disadvantage is that it is not a small thing to learn. Most will probably never use DTrace directly, but instead use programs written in D. There are already some of these and there will eventually be many more. The advantage to this is that its not limited like top or truss. Supposedly the test of a well-designed program is that people use it for things the author never thought of. DTrace passes this test with flying colors. DTrace will inevitably be compared to similar systems. These include The Linux Trace Toolkit (LTT) and Dprobes. These systems may grow into something equivalent to DTrace, but at the moment they are not even close. LTT is not dynamic and has only around 45 points of instrumentation to avoid a large performance penalty. Comparing that to Dtrace: # DTrace -l | wc -l 36110 Dprobes is much more advanced, but has problems as well. It is dynamic, but lacks some of the advanced features of the D language and is not safe. You can definitely bring down a machine with a badly written Dprobes script. It also supposedly performs poorly on multiple CPUs. One interesting DTrace script I found is seeksize.d. This script tracks the offset value of seek requests to the discs, per process. I have never been able to see this information before and it is really quite interesting, although somewhat shocking. The script was written by Brendan Gregg, who has produced many DTrace scripts that review system information from shell use to socket statistics. [ http://users.tpg.com.au/adsln4yb/dtrace.html] Zones If you have used FreeBSD Jails, Solaris Zones are going to sound very familiar. They are based on the same basic concept. Both can be considered somewhat like a heavy-duty chroot. Each Zone or Jail is a virtual OS, complete with IP address, separate configuration and even a separate package DB (zones can also share a DB). Now, this may seem like exactly what UserModeLinux or Xen do, but it isn't. The difference is that all the Zones/Jails share one kernel. In Xen or UML, the sub-machines are full OS's, kernel and all. They run on vm-like layer over the actual kernel. The advantage to this is security; it is very difficult to break out of a virtual server setup in this way. The disadvantage is speed; running all these different kernels has a large performance hit. This is why FreeBSD Jails were thought of in the first place and Sun has gone that direction with Zones. It is theoretically possible to break out of a Jail or Zone. In fact, there have been security vulnerabilities in the past that allow processes to do just that. It is of course up to the System Administrator to balance these issues. Personally, I would rather be able to run a large number of Jails/Zones and take the minimal security risk. Service Management Framework SMF (The Service Management Framework) is Solaris 10's replacement for the aged sysV init. I have mixed feelings about SMF. It is definitely a step forward, but it adds a level of complexity that was not there before. The idea behind it is fairly simple and SMF can be logically split into several parts: * Startups scripts. These are very like the normal scripts you see in every UNIX implementation * XML manifests. This is where things get different. Every service has an XML file that holds information about the service. What other services does it depend on? What services does it not depend on, but are recommended? All these relationships and more are stored in the manifests. * svcs. The svcs command is one of the main interfaces to SMF. It can tell you what services are started, which are stopped and even what services failed to start and why. For example, if service A depends on service B and you have stopped service B, svcs might tell you that service A has failed because service B is stopped. * svcadm. This is the administrative tool for SMF. You can add, delete, stop and start services here. * init. The init systems works a bit differently on Solaris 10 because of all this. If a service fails to start or crashes, it will be restarted. Also, if you stop a service that another service depends on, that service will also be stopped. Likewise, if you start a service that depends on several others, they will all be started. Also, the dependency system allows init to start multiple services in parallel. My concern about SMF is that its not as transparent as a system like rc.d on NetBSD/FreeBSD or even the old sysV init. It is still fairly easy to understand, but there is a level of "magic" that wasn't there before. Maybe my concerns are baseless? I don't know. It will be interesting to watch how users react to the new system. Along with new features, there have been improvements made to the general OS, many having to do with speed. Solaris has been given the nickname "Slowlaris" in the past. With Solaris 10, Sun has worked hard to make that name no longer applicable. One of the areas where Solaris needed improvement was the network stack. I have no experience with it personally, but apparently the old version was not a great performer, especially on multiple CPUs. Sun has decided to fix this Old-Testament style. Solaris 10 features an entirely new stack named FireEngine. Built to improve performance and prepare for future networking technology (faster Ethernet), FireEngine includes some very interesting threading technology that should reduce resource contention. [3] Another improvement to Solaris is the X86 support. Solaris has supported this architecture before, but both speed and stability were sorely lacking. This has changed with Solaris 10. All the machines I installed Solaris 10 on were X86 and, besides the obvious sparse driver support, it worked very well. With Sun committing to the AMD Opteron (an X86-like platform), the opening of Solaris and the energy Sun has appeared to expend on making X86 a "tier 1" platform, it can be safely assumed that support for this architecture isn't going to be disappearing. The experience of actually using Solaris 10 as a day-to-day OS is rather interesting. I installed and used 3 versions of Solaris 10, two betas and the final. I tested them on my laptop, but mostly used them on my desktop machine. The features of Solaris 10 make it sound like the long lost brother of sliced bread and, to some extent, I found this to be correct. Solaris 10 can do things no other OS can and its very fast. However, there are some significant hurdles to using Solaris when you come from Linux or BSD. It is very different. This cannot be repeated enough. If you have ever made the switch from Linux to BSD or the other way, you know how little differences can really make it difficult. In Solaris, the differences are not little. The first time I booted Solaris, I was a bit worried. It was quite a slow boot. I had to use this thing while reviewing it and as I watched the login prompt finally appear, I was starting to wonder if I was going to need a book while Mozilla started. They have fixed this in the final release, but I needn't have worried at the time either. The Solaris boot may have been slow, but thats the only element of the system were that word applied. I have yet to see a set of benchmarks that everyone likes and I don't have any skill in that area to begin with. Therefore, I won't be attempting to give the good reader numbers on Solaris 10's speed. Suffice to say that you cannot use the OS as a desktop without noticing it. Mozilla starts fast, GNOME is snappy and and I had at least 5 things compiling while listening to music with no skipping. This does not mean all users will find Solaris 10 the gift from god it is sometimes portrayed as. There are many differences when coming from other NIX. Some are very minor and some are very not. These differences range from the purely personally unsettling to build breaking, linker error making monsters from hell. The first difference you will notice is that the default shell is the Bourne shell. Not bash, but the POSIX Bourne shell. Coming from BSD, this wasn't so shocking. The total lack of a /root directory was rather shocking, but even that could be understood fairly readily. What I kept coming up against though, was how many places things were installed. The BSD tools are installed in /usr/ucb, the GNU tools in /usr/sfw, Solaris development tools in /usr/ccs, /usr/X11 contains Xorg and /usr/X contains openwin. These are just examples, there are many more. I am not saying this is a bad thing, but balancing your PATH that much takes getting used to. Something else you may notice, is an almost total lack of audio drivers. While I am willing to forgive Solaris for not having a lot of drivers for X86 because of its youth, the total lack of support in this area is too glaring to not mention. The Open Sound System supports Solaris and works very well, but this must be addressed at some point. X86 Solaris users should not be forced to go to 4Front to get audio support. While I am on the subject of drivers, I should mention that hardware support on X86 is not great. I am convinced this will improve, but for the moment I would only use Solaris 10 on very common hardware. As for laptops, its not ready yet. The version of Solaris released to the public does not include wireless support. However, I gather from the Sun blogs that an internal build now does include wireless drivers, so this should not be a permanent problem. A developer will notice other differences with Solaris. While some Open Source software will choke on BSD or even some Linux distributions, a large number will blow a fuse on Solaris. Some just require little tweaks to get working, while others require trench warfare. Both NetBSD's pkgsrc and the Blastwave ( www.blastwave.org) software distribution help to make this tolerable. With the coming OpenSolaris, I expect this to improve as they attract more developers. Speaking of developers, there are many goodies hidden in Solaris 10 that may lure them over. Obviously, DTrace has the potential to greatly help developers, but there are other utilities that are also very useful. One thing I found while looking for a Solaris alternative to valgrind was mdb and libumem. Mdb is the Solaris Modular Debugger and is exactly what it sounds like. Libumem is a user-land slab allocator[4] introduced in Solaris 9. What is interesting is that these two tools work together. [5] This is how it works. The developer compiles his/her code like normal, but instead of executing it with a debugger s/he sets some environment variables: UMEM_DEBUG=default UMEM_LOGGING=transaction LD_PRELOAD=libumem.so.1 then executes the code. The developer tests it out like normal, but then opens up another terminal, uses gcore to to get a core dump of the program and uses MDB to examine the core dump. MDB will then let you find memory leaks, browse stacks, find corrupt buffers and even double frees. More info about libumem and MDB is available here: http://access1.sun.com/techarticles/libumem.html There are many little tools like this hidden all over Solaris. The pTools are another prime example of this. These are a set of utilities that extract information from the /proc file system. Among other things, these tools include: * prstat: a replacement for top * pldd: prints the dynamic libs linked into running processes (including those added with dlopen) * pwdx: prints the cwd of the given process * pstop: stops the given process * prun: the reverse of pstop There is also the Solaris Management Console, a "toolbox" of administration utilities such as user management, patch management and performance monitoring. There are too many of these little utilities and small features hidden throughout the system to mention or simply find. In conclusion... Solaris 10 is a rather amazing OS. I learn quickly, but I was hard pressed to even tap the surface of Solaris. It is very fast, has new features that are revolutionary and old features that are not very well known, but deserve to be. Its hardware support could, and I think will, be improved, some software will be difficult to compile and it can be difficult to use at times when coming from other NIX. However, any relatively knowledgeable user should give it a shot. You may be impressed. Sources: 1. http://www.sun.com/bigadmin/content/dtrace/dtrace_usenix.pdf 2. http://www.opersys.com/LTT/documentation.html 3. http://www.sun.com/bigadmin/xperts/sessions/11_fireengine/ 4. http://srl.cs.jhu.edu/courses/600.418/SlabAllocator.pdf 5. http://access1.sun.com/techarticles/libumem.html Notes: Certain sites really helped in writing this. In no particular order these were: BigAdmin: www.bigadmin.com The Blog of Ben Rockwood: www.cuddletech.com/blog/index.php PlanetSolaris: www.planetsolaris.org BlastWave: www.blastwave.org Written by Narayan Newton - Mad Penguin(tm) Systems Administrator Sun, Sun Microsystems and Solaris are Registered Trademarks of Sun Microsystems, Inc. Linux is a Registered Trademark of Linus Torvalds. Regards, Evan M. Inker **************************************************************************** This message contains confidential information and is intended only for the individual or entity named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as an invitation or offer to buy or sell any securities or related financial instruments. GAM operates in many jurisdictions and is regulated or licensed in those jurisdictions as required. **************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050225/9e4b85c5/attachment.html From ike Fri Feb 25 12:04:58 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 12:04:58 -0500 Subject: [nycbug-talk] First Look At Solaris 10 In-Reply-To: <386AEEE1B7BAC34CB4DDF394C2349278D6EB39@w2cs-nyk02.gam.com> References: <386AEEE1B7BAC34CB4DDF394C2349278D6EB39@w2cs-nyk02.gam.com> Message-ID: <9d47b53bd071ee240af7220b4c95f656@lesmuug.org> Hi Evan, On Feb 25, 2005, at 11:56 AM, Inker, Evan wrote: > First Look At Solaris 10 > > Last update:? 02-25-2005 > Sun Microsystems has recently released Solaris 10 [snip-big press release type message] I can't speak for the whole list, but I'm not entirely sure why you posted a long solaris press release to the nyc*bug talk list? I mean it's a loose conversational list, open to a wide gammut of topics and tech, but this feels like white noise spam in my inbox here- (if I wanted this kind of thing I'd sign up to a Solaris list?) I'm not meaning to start any flames, but is there some specific interesting reason you posted this to nyc*bug? Best, .ike From ike Fri Feb 25 12:17:56 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 12:17:56 -0500 Subject: [nycbug-talk] First Look At Solaris 10 In-Reply-To: <386AEEE1B7BAC34CB4DDF394C2349278D6EB3B@w2cs-nyk02.gam.com> References: <386AEEE1B7BAC34CB4DDF394C2349278D6EB3B@w2cs-nyk02.gam.com> Message-ID: Hi Evan, On Feb 25, 2005, at 12:06 PM, Inker, Evan wrote: > Apologies it was meant to go to a different email address No problem- not too much damage done, there's a lot of folks on this list who use/like Solaris- so (*shrug*) somebody may find it of interest. :) Rocket- .ike From steve Fri Feb 25 12:35:51 2005 From: steve (steverieger) Date: Fri, 25 Feb 2005 12:35:51 -0500 Subject: [nycbug-talk] First Look At Solaris 10 In-Reply-To: Message-ID: I did speak to the gentleman that posted this, and he said that it was meant for a different list. A few points I would like to make, (as a solaris admin) Solaris does not require more than one disk, yes it does require a reboot upon install, as does fbsd. Zfs is a totally separate os, meaning I can compile things in zone1 (say apache) and serve pages from there, and I can compile mysql in zone2, and these two will never know of each other, they think that they are separate servers. If anybody has questions regarding solaris feel free to contact me off list. Thanx On 2/25/05 12:17 PM, "Isaac Levy" wrote: > Hi Evan, > > On Feb 25, 2005, at 12:06 PM, Inker, Evan wrote: > >> Apologies it was meant to go to a different email address > > > No problem- not too much damage done, there's a lot of folks on this > list who use/like Solaris- so (*shrug*) somebody may find it of > interest. :) > > Rocket- > .ike > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From steve.rieger Fri Feb 25 12:36:36 2005 From: steve.rieger (Steve Rieger) Date: Fri, 25 Feb 2005 12:36:36 -0500 Subject: [nycbug-talk] Mail stress test Message-ID: Does anybody on the list know of a decent script I can run to stress test my smtp, pp, and imap servers, -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From ike Fri Feb 25 12:45:58 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 12:45:58 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: Message-ID: <15cbdc75c18096955f3fb8b038972ce7@lesmuug.org> Wordup Steve, On Feb 25, 2005, at 12:36 PM, Steve Rieger wrote: > Does anybody on the list know of a decent script I can run to stress > test my > smtp, pp, and imap servers, I don't know of any scripts offhand, but I'm curious as to what kind of testing you want to do? i.e. there's loads of testing fun that can be done, especially if you have access to servers in different places, geographically... I'd love to start a thread here about tactics based on what your doing- I've found I never really get a true grasp of load until a given server is online and has connections coming to it from all over the net, different routes, disperate latency, etc... entropy impossible to truly reproduce in any lab... What kinds of stress are you trying to put the boxes through? Rocket- .ike From steve.rieger Fri Feb 25 12:58:47 2005 From: steve.rieger (Steve Rieger) Date: Fri, 25 Feb 2005 12:58:47 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <15cbdc75c18096955f3fb8b038972ce7@lesmuug.org> Message-ID: Am trying to see what my servers can hold in the following areas Max concurrent connections for pop Max concurrent connections for smtp Max concurrent connections for imap I will be running these tests on postfix, ms exchange, and sun messaging server. I don't quite trust the numbers that the vendors gave me On 2/25/05 12:45 PM, "Isaac Levy" wrote: > Wordup Steve, > > On Feb 25, 2005, at 12:36 PM, Steve Rieger wrote: > >> Does anybody on the list know of a decent script I can run to stress >> test my >> smtp, pp, and imap servers, > > I don't know of any scripts offhand, but I'm curious as to what kind of > testing you want to do? i.e. there's loads of testing fun that can be > done, especially if you have access to servers in different places, > geographically... I'd love to start a thread here about tactics based > on what your doing- > > I've found I never really get a true grasp of load until a given server > is online and has connections coming to it from all over the net, > different routes, disperate latency, etc... entropy impossible to truly > reproduce in any lab... > > What kinds of stress are you trying to put the boxes through? > > Rocket- > .ike > > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From ike Fri Feb 25 13:23:50 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 13:23:50 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: Message-ID: Wordup Steve, On Feb 25, 2005, at 12:58 PM, Steve Rieger wrote: > Am trying to see what my servers can hold in the following areas > > Max concurrent connections for pop > > Max concurrent connections for smtp > > Max concurrent connections for imap Well, not sure if this is what you want, but here's what I'd do- From any other servers you have access to, (offsite is best?), I'd whip up a shell script to do the following: 1) connect to the servers manually using telnet 2) initiate MANY connections in some automated fashon -- For the record on list, I googled up these notes on connecting to the mail servers: Direct connection through IMAP and POP: http://tinyurl.com/6elh9 -or- http://mailservices-oldsysadmin.web.cern.ch/mailservices-oldsysadmin/ sysadmin/Operations/telnet_connection.htm -- So I'd just write some scripts that connect manually to accounts, and run them in big batches from remote machines- Sorry I'm don't have a complete solution, but I hope this is at least a helpful start- Rocket- .ike > > I will be running these tests on postfix, ms exchange, and sun > messaging > server. > > > I don't quite trust the numbers that the vendors gave me > > From pete Fri Feb 25 13:20:05 2005 From: pete (Pete Wright) Date: Fri, 25 Feb 2005 13:20:05 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: Message-ID: <20050225182005.GA6040@finn.nomadlogic.org> On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: > Does anybody on the list know of a decent script I can run to stress test my > smtp, pp, and imap servers, > hey steve, sorry i don't know any off the top of my head, altho i do know that there are ample perl modules that offer this functionality (smtp, pop and imap). the problem may be tho that you will end up stressing the client running the script before you end up stressing the server. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bob Fri Feb 25 13:36:45 2005 From: bob (Bob Ippolito) Date: Fri, 25 Feb 2005 13:36:45 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <20050225182005.GA6040@finn.nomadlogic.org> References: <20050225182005.GA6040@finn.nomadlogic.org> Message-ID: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> On Feb 25, 2005, at 1:20 PM, Pete Wright wrote: > On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: >> Does anybody on the list know of a decent script I can run to stress >> test my >> smtp, pp, and imap servers, >> > > hey steve, > sorry i don't know any off the top of my head, altho > i do know that there are ample perl modules that offer this > functionality (smtp, pop and imap). the problem may be tho > that you will end up stressing the client running the script > before you end up stressing the server. The number of TCP connections that it'll accept is likely to be much, much, much, much higher than the number of active connections it can deal with. Unless the application is written particularly poorly, you'll hit kernel limitations (but maybe just a soft one, like the per-process descriptor limit) before the application will notice. Ideally you really need a benchmark that actually attempts to do something with the server, like all of the http benchmarks do. Though, i can't say I know of anything for other protocols. -bob From steve.rieger Fri Feb 25 13:51:11 2005 From: steve.rieger (Steve Rieger) Date: Fri, 25 Feb 2005 13:51:11 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> Message-ID: Ok so nobody knows, and it might not even be possible to max out the concurrent connections for those protocols. So I will take a step back and ask do you know of a way I can create 100 concurrent connections for each of those protocols, on these servers. Thanx On 2/25/05 1:36 PM, "Bob Ippolito" wrote: > > On Feb 25, 2005, at 1:20 PM, Pete Wright wrote: > >> On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: >>> Does anybody on the list know of a decent script I can run to stress >>> test my >>> smtp, pp, and imap servers, >>> >> >> hey steve, >> sorry i don't know any off the top of my head, altho >> i do know that there are ample perl modules that offer this >> functionality (smtp, pop and imap). the problem may be tho >> that you will end up stressing the client running the script >> before you end up stressing the server. > > The number of TCP connections that it'll accept is likely to be much, > much, much, much higher than the number of active connections it can > deal with. Unless the application is written particularly poorly, > you'll hit kernel limitations (but maybe just a soft one, like the > per-process descriptor limit) before the application will notice. > > Ideally you really need a benchmark that actually attempts to do > something with the server, like all of the http benchmarks do. Though, > i can't say I know of anything for other protocols. > > -bob > > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From lists Fri Feb 25 13:58:21 2005 From: lists (Hans Zaunere) Date: Fri, 25 Feb 2005 13:58:21 -0500 Subject: [nycbug-talk] MySQL Talk in Boston/MIT Message-ID: <20050225185823.C85E9A8633@virtu.nyphp.org> For those who might be in the Boston area, I'll be giving an in-depth technical overview of MySQL at the Boston ACM chapter on March 19th. http://www.gbcacm.org/website/ --- Hans Zaunere, Sales Engineer MySQL, Inc. www.mysql.com Office: +1 212.213.1131 President, Founder New York PHP http://www.nyphp.org AMP Technology Supporting Apache, MySQL and PHP From ryanseu Fri Feb 25 14:47:59 2005 From: ryanseu (Ryan Seu) Date: Fri, 25 Feb 2005 14:47:59 -0500 Subject: [nycbug-talk] help with freeBSD Message-ID: <96b52a6005022511476c2d9459@mail.gmail.com> Hi everyone. I'm a noob to freeBSD but I'm definitely trying to working on it and get the kinks out. I have a basic tech question that might belong more on the X.org list but I thought I'd throw it out here first I just installed freeBSD 5.3 on my work station (Dell Dimension 3000) that has i865G intel chipset. I managed to get X started but I'm having problem adjusting the video mode. It keeps going back to the default 640X480 mode. I checked the log file and the only thing that I can see that seems relavent is this: (II) I810(0): Monitor0: Using default hsync range of 31.00-80.00 kHz (II) I810(0): Monitor0: Using default vrefresh range of 56.00-75.00 Hz (II) I810(0): Not using mode "1280x1024" (no mode of this name) (II) I810(0): Increasing the scanline pitch to allow tiling mode (640 -> 1024). (--) I810(0): Virtual size is 640x480 (pitch 1024) (**) I810(0): Built-in mode "640x480" (II) I810(0): Attempting to use 73Hz refresh for mode "640x480" (41) and it goes on The device and screen section of my configuration file is as follows: Section "Device" Identifier "Card0" Driver "i810" ChipSet "865G" Card "i810 865G" EndSection Section "Screen" Identifier "Screeno" Device "Card0" Monitor "Minotor0" DefaultDepth 16 Subsection "Display" Viewport 0 0 Depth 16 Modes "1280x1024" EndSubSection EndSection Any suggestions? Ryan From lists Fri Feb 25 15:16:01 2005 From: lists (lists at genoverly.net) Date: Fri, 25 Feb 2005 21:16:01 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_help_with_freeBSD?= Message-ID: <0MKz1m-1D4luT2pQr-0003sh@mrelay.perfora.net> On Fri, 25 Feb 2005 14:47:59 -0500 Ryan Seu wrote: > I just installed freeBSD 5.3 on my work station (Dell Dimension 3000) > that has i865G intel chipset. I managed to get X started but I'm > having problem adjusting the video mode. It keeps going back to the > default 640X480 mode. Not sure but this might help... "Why can I only get 648x480 on this Dell GX270?" http://nycbug.org/index.php?NAV=Library&SUBM=27 Michael From unixenigma Fri Feb 25 15:43:43 2005 From: unixenigma (G T) Date: Fri, 25 Feb 2005 12:43:43 -0800 (PST) Subject: [nycbug-talk] help with freeBSD In-Reply-To: <96b52a6005022511476c2d9459@mail.gmail.com> Message-ID: <20050225204343.7796.qmail@web53908.mail.yahoo.com> --- Ryan Seu wrote: > Hi everyone. I'm a noob to freeBSD but I'm > definitely trying to > working on it and get the kinks out. I have a basic > tech question that > might belong more on the X.org list but I thought > I'd throw it out > here first > > I just installed freeBSD 5.3 on my work station > (Dell Dimension 3000) > that has i865G intel chipset. I managed to get X > started but I'm > having problem adjusting the video mode. It keeps > going back to the > default 640X480 mode. I checked the log file and the > only thing that I > can see that seems relavent is this: > > (II) I810(0): Monitor0: Using default hsync range of > 31.00-80.00 kHz > (II) I810(0): Monitor0: Using default vrefresh range > of 56.00-75.00 Hz > (II) I810(0): Not using mode "1280x1024" (no mode of > this name) > (II) I810(0): Increasing the scanline pitch to allow > tiling mode (640 -> 1024). > (--) I810(0): Virtual size is 640x480 (pitch 1024) > (**) I810(0): Built-in mode "640x480" > (II) I810(0): Attempting to use 73Hz refresh for > mode "640x480" (41) > > and it goes on > > The device and screen section of my configuration > file is as follows: > > Section "Device" > Identifier "Card0" > Driver "i810" > ChipSet "865G" > Card "i810 865G" > EndSection > > Section "Screen" > Identifier "Screeno" > Device "Card0" > Monitor "Minotor0" > DefaultDepth 16 > Subsection "Display" > Viewport 0 0 > Depth 16 > Modes "1280x1024" > EndSubSection > EndSection > > Any suggestions? > > Ryan > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce > lists > %We meet the first Wednesday of the month > probably this high mode is not supported by this driver/card/monitor try using something else and double check the driver - sometimes using default one helps. Not sure but I thought modes cane be setup like: "800X600 1024X768 1280X1024" in any case I would not advice to use highest. Try lower ones first. Play with deapth as well. It did cause some problems some time ago too. Later on I'll check my confs... (if still your problem's not resolved) GT __________________________________ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 From pete Fri Feb 25 15:41:22 2005 From: pete (Pete Wright) Date: Fri, 25 Feb 2005 15:41:22 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> Message-ID: <20050225204122.GB6040@finn.nomadlogic.org> On Fri, Feb 25, 2005 at 01:51:11PM -0500, Steve Rieger wrote: > Ok so nobody knows, and it might not even be possible to max out the > concurrent connections for those protocols. > > So I will take a step back and ask do you know of a way I can create 100 > concurrent connections for each of those protocols, on these servers. > this still may be possible with the perl modules (i assume there are modules for other langs as well). for example, the Net::IMAP module from CPAN pretty much give you all the functionality of an imap client. so you could setup on the server a test account with messages in it and have to script connect, get a listing of messages etc. i believe the same is true for Net::POP etc. so i guess i'm suggesting that by using libraries like this you should be able to script something up. i'm sure one of the python or php guru's here know of similar way's to do this. now will this give you a good measure of how each server will handle a live load...i dunno. -p > > > Thanx > > > > > On 2/25/05 1:36 PM, "Bob Ippolito" wrote: > > > > > On Feb 25, 2005, at 1:20 PM, Pete Wright wrote: > > > >> On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: > >>> Does anybody on the list know of a decent script I can run to stress > >>> test my > >>> smtp, pp, and imap servers, > >>> > >> > >> hey steve, > >> sorry i don't know any off the top of my head, altho > >> i do know that there are ample perl modules that offer this > >> functionality (smtp, pop and imap). the problem may be tho > >> that you will end up stressing the client running the script > >> before you end up stressing the server. > > > > The number of TCP connections that it'll accept is likely to be much, > > much, much, much higher than the number of active connections it can > > deal with. Unless the application is written particularly poorly, > > you'll hit kernel limitations (but maybe just a soft one, like the > > per-process descriptor limit) before the application will notice. > > > > Ideally you really need a benchmark that actually attempts to do > > something with the server, like all of the http benchmarks do. Though, > > i can't say I know of anything for other protocols. > > > > -bob > > > > > > > > -- > Steve Rieger > Office 212-804-1131 > Cell 646-335-8915 > DC 173*101254*4 > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From marco Fri Feb 25 15:54:00 2005 From: marco (marco at metm.org) Date: Fri, 25 Feb 2005 15:54:00 -0500 Subject: [nycbug-talk] help with freeBSD In-Reply-To: <96b52a6005022511476c2d9459@mail.gmail.com> References: <96b52a6005022511476c2d9459@mail.gmail.com> Message-ID: <20050225205400.GP6257@metm.org> On Fri, Feb 25, 2005 at 02:47:59PM -0500, Ryan Seu wrote: >Hi everyone. I'm a noob to freeBSD but I'm definitely trying to >working on it and get the kinks out. I have a basic tech question that >might belong more on the X.org list but I thought I'd throw it out >here first > here is a thread with someone who seems to have a very similar problem to you (same chipset, freebsd): http://lists.freebsd.org/pipermail/freebsd-questions/2004-November/066044.html there seems to be a video ram setting in the bios which cannot be overwritten. you have to go into the bios and change it from 1M to 128M or whatever you have. HTH, -- Marco From bob Fri Feb 25 16:00:00 2005 From: bob (Bob Ippolito) Date: Fri, 25 Feb 2005 16:00:00 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <20050225204122.GB6040@finn.nomadlogic.org> References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> <20050225204122.GB6040@finn.nomadlogic.org> Message-ID: On Feb 25, 2005, at 3:41 PM, Pete Wright wrote: > On Fri, Feb 25, 2005 at 01:51:11PM -0500, Steve Rieger wrote: >> Ok so nobody knows, and it might not even be possible to max out the >> concurrent connections for those protocols. >> >> So I will take a step back and ask do you know of a way I can create >> 100 >> concurrent connections for each of those protocols, on these servers. >> > > this still may be possible with the perl modules (i assume there > are modules for other langs as well). for example, the Net::IMAP > module from CPAN pretty much give you all the functionality of an > imap client. so you could setup on the server a test account with > messages in it and have to script connect, get a listing of messages > etc. i believe the same is true for Net::POP etc. so i guess i'm > suggesting that by using libraries like this you should be able to > script something up. i'm sure one of the python or php guru's here > know of similar way's to do this. Python ships with imaplib, poplib, and smtplib, which are all perfectly capable clients that could be used to develop a benchmarking tool. -bob From chsnyder Fri Feb 25 16:18:51 2005 From: chsnyder (csnyder) Date: Fri, 25 Feb 2005 16:18:51 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> Message-ID: On Fri, 25 Feb 2005 13:51:11 -0500, Steve Rieger wrote: > Ok so nobody knows, and it might not even be possible to max out the > concurrent connections for those protocols. > > So I will take a step back and ask do you know of a way I can create 100 > concurrent connections for each of those protocols, on these servers. > > Thanx > Use your favorite web scripting language (PHP, Perl) to make the connection and perform some pseudo-realistic task. Then you can use Apache's ab tool to generate many concurrent and repeating executions of the script over some length of time. Spread the love out to a few cheap shared hosting sites around the net and watch your server deal with the load. Of course there must be a more elegant way to do it, the above merely reflects the web applications sandbox I like to play in. -- Chris Snyder http://chxo.com/ From ike Fri Feb 25 16:32:45 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 16:32:45 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <20050225204122.GB6040@finn.nomadlogic.org> References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> <20050225204122.GB6040@finn.nomadlogic.org> Message-ID: <282407430504b7484d73e4babe7b0cd4@lesmuug.org> On Feb 25, 2005, at 3:41 PM, Pete Wright wrote: > so i guess i'm > suggesting that by using libraries like this you should be able to > script something up. Pete and Bob are totally spot on here, but to my knowledge, (and after some googling on the issue for my own purposes) it's just not that easy to *really* pull off in a shell script- I just looked up forking in the bash shell for example, and controlling forking from shell scripts seems unusably confusing to me. I'd personally choose Python, but I'd think there's common libs to do the tasks in any language- The task still seems to be: 1) program to fork off a controllable number of concurrent child processes 2) and have the child processes establish connections to the mail server What languages are you comfortable hacking about with? Is this worth doing as a nyc*bug quickie hackathon? Everyone whip something up in a given language that does the above tasks? Perhaps the app would be called from a shell like so: Usage: TestTheServer servername.com 100 imap Where, servername.com is the server your hitting, 100 is an integer representing how many child processes to simultaneously start, and 'imap' is the protocol- (could build in a few very basic connection protocols?) hrm... would be fun to write... Rocket- .ike From ryanseu Sun Feb 27 14:33:55 2005 From: ryanseu (Ryan Seu) Date: Sun, 27 Feb 2005 14:33:55 -0500 Subject: [nycbug-talk] help with freeBSD In-Reply-To: <20050225205400.GP6257@metm.org> References: <96b52a6005022511476c2d9459@mail.gmail.com> <20050225205400.GP6257@metm.org> Message-ID: <96b52a6005022711336011cf85@mail.gmail.com> Thanks guys. It turned out the issue was the same as the one listed on the thread. Just had to change the BIOS memory to 8mb. Ryan On Fri, 25 Feb 2005 15:54:00 -0500, marco at metm.org wrote: > On Fri, Feb 25, 2005 at 02:47:59PM -0500, Ryan Seu wrote: > >Hi everyone. I'm a noob to freeBSD but I'm definitely trying to > >working on it and get the kinks out. I have a basic tech question that > >might belong more on the X.org list but I thought I'd throw it out > >here first > > > here is a thread with someone who seems to have a very similar problem > to you (same chipset, freebsd): > > http://lists.freebsd.org/pipermail/freebsd-questions/2004-November/066044.html > > there seems to be a video ram setting in the bios which cannot be > overwritten. you have to go into the bios and change it from 1M to 128M > or whatever you have. > > HTH, > > -- > Marco > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > -- Ryan Seu 15-50 216th Street Bayside, NY 11360 From lists Sun Feb 27 18:26:01 2005 From: lists (lists at genoverly.net) Date: Mon, 28 Feb 2005 00:26:01 +0100 Subject: [nycbug-talk] encrypted drive space Message-ID: <0MKz1m-1D5XpS24Q0-0007Hw@mrelay.perfora.net> It was almost exactly a year ago that Roland Dowdeswell introduced NYCBUG to his cryptographic device driver (cgd). To mark the anniversary, I have published the notes I took while I recently created an encrypted device for my laptop. http://nycbug.org/index.php?NAV=Library&SUBM=88 Let me know what you think. Michael From ike Mon Feb 28 12:17:52 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 12:17:52 -0500 Subject: [nycbug-talk] dealing with drift Message-ID: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Hi All, I was just wanting to post on some of the post-meeting conversations I've repeatedly over-heard about managing time-drift across clusters of machines- (you know who you people are...) How do folks like to do this? Special tools beyond rockin' timed? Anyone know any good urls on the topic (either practical or acidemic)? Rocket- .ike -- P.S. below, (since I'm talking about time), ikepoch script (for Hans?) -- #!/usr/bin/env python ################################################ # iketime ################################################ # # Therefore, if one subtracts their birth-date # expressed in epoch, from the current time in epoch, # one arrives at personal epoch- or, the total number # of seconds one has been alive. # # The epoch, is the point where the time starts. # On January 1st of that year, at 0 hours, the # ``time since the epoch'' is zero. For Unix, # the epoch is 1970. # ################################################ # # I, Isaac Levy was born August 10, 1976, 4:11AM MST. # This is GMT+7, therefore making my birth date 11:11 GMT. # # or, expressed using time.gmtime(), # # (1976, 8, 10, 11, 11, 00, 1, tm_yday, 0) # # Special thanks to chopin (jer at zetaweb.com) for finding # a bug in my comments which were confusing. from calendar import timegm from time import time birthday = (1976, 8, 10, 11, 11, 0, 1, 223, 0) print time() - float(timegm(birthday)) """ The above time returned is the number of seconds which I have been alive. Modify the 'birthday' value to get your personal epoch. """ From george Mon Feb 28 12:33:27 2005 From: george (George Georgalis) Date: Mon, 28 Feb 2005 12:33:27 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Message-ID: <20050228173327.GA20548@ixeon.local> On Mon, Feb 28, 2005 at 12:17:52PM -0500, Isaac Levy wrote: >Hi All, > >I was just wanting to post on some of the post-meeting conversations >I've repeatedly over-heard about managing time-drift across clusters of >machines- (you know who you people are...) > >How do folks like to do this? Special tools beyond rockin' timed? >Anyone know any good urls on the topic (either practical or acidemic)? Am I missing something here? Isn't the obvious answer, for a cluster, to configure the headnode (whether is connected to internet and synced or not) to answer ntp queries from nodes, and configure the nodes ntp time server to use their headnode? /usr/ports/net/ntp // George >P.S. below, (since I'm talking about time), ikepoch script (for Hans?) interesting, now I can calculate my own poch time! -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From dan Mon Feb 28 12:43:28 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 12:43:28 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228173327.GA20548@ixeon.local> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Message-ID: <422311F0.27976.1CAD9D10@localhost> On 28 Feb 2005 at 12:33, George Georgalis wrote: > On Mon, Feb 28, 2005 at 12:17:52PM -0500, Isaac Levy wrote: > >Hi All, > > > >I was just wanting to post on some of the post-meeting conversations > >I've repeatedly over-heard about managing time-drift across clusters of > >machines- (you know who you people are...) > > > >How do folks like to do this? Special tools beyond rockin' timed? > >Anyone know any good urls on the topic (either practical or acidemic)? > > Am I missing something here? Isn't the obvious answer, for a cluster, to > configure the headnode (whether is connected to internet and synced or > not) to answer ntp queries from nodes, and configure the nodes ntp time > server to use their headnode? /usr/ports/net/ntp > > // George > > >P.S. below, (since I'm talking about time), ikepoch script (for Hans?) > > interesting, now I can calculate my own poch time! Sounds like much the same way I manage my home network. My gateway acts as time master, and all other machines on my network sync with it. In turn, the gateway syncs with an external source. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From jpb Mon Feb 28 13:04:13 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 13:04:13 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228173327.GA20548@ixeon.local> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> Message-ID: <20050228180413.GA15008@sixshooter.v6.thrupoint.net> * George Georgalis [2005-02-28 12:33]: > On Mon, Feb 28, 2005 at 12:17:52PM -0500, Isaac Levy wrote: > >Hi All, > > > >I was just wanting to post on some of the post-meeting conversations > >I've repeatedly over-heard about managing time-drift across clusters of > >machines- (you know who you people are...) > > > >How do folks like to do this? Special tools beyond rockin' timed? > >Anyone know any good urls on the topic (either practical or acidemic)? > > Am I missing something here? Isn't the obvious answer, for a cluster, to > configure the headnode (whether is connected to internet and synced or > not) to answer ntp queries from nodes, and configure the nodes ntp time > server to use their headnode? /usr/ports/net/ntp I would add diversity here. Having only one time master is a SPoF. Diverse routing is helpful as well. Just finished a similar exercise, though just for a collection (not a cluster) of machines. NTP on all BSDs but the OpenBSD box. OpenNTP on that. I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, it's not easy to verify that you are, in fact, synched with another NTP master. Also- one other nit: OpenNTP comes preconfigured to synch to a pool of servers from ntp.org. Why, I don't know. Simplicity maybe- but how am I supposed to verify *those* servers? Best Regards, Jim B. From ike Mon Feb 28 13:09:22 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:09:22 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228173327.GA20548@ixeon.local> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> Message-ID: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> Thanks yall', On Feb 28, 2005, at 12:33 PM, George Georgalis wrote: >> Hi All, >> >> I was just wanting to post on some of the post-meeting conversations >> I've repeatedly over-heard about managing time-drift across clusters >> of >> machines- (you know who you people are...) >> >> How do folks like to do this? Special tools beyond rockin' timed? >> Anyone know any good urls on the topic (either practical or acidemic)? > > Am I missing something here? Isn't the obvious answer, for a cluster, > to > configure the headnode (whether is connected to internet and synced or > not) to answer ntp queries from nodes, and configure the nodes ntp time > server to use their headnode? /usr/ports/net/ntp On Feb 28, 2005, at 12:43 PM, Dan Langille wrote: > Sounds like much the same way I manage my home network. My gateway > acts as time master, and all other machines on my network sync with > it. In turn, the gateway syncs with an external source. Cool. My question then changes to this: Are there any tricks to maintain redundancy with ntp servers? i.e. is there a builtin/traditional way to configure things so that *all* machines can act as ntp servers in the event that the ntp box goes el' muerte? Rocket- .ike From dan Mon Feb 28 13:16:04 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 13:16:04 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> References: <20050228173327.GA20548@ixeon.local> Message-ID: <42231994.3496.1CCB7523@localhost> On 28 Feb 2005 at 13:09, Isaac Levy wrote: > Are there any tricks to maintain redundancy with ntp servers? i.e. is > there a builtin/traditional way to configure things so that *all* > machines can act as ntp servers in the event that the ntp box goes el' > muerte? Configure NetSaint or other monitoring tool to monitor your primary ntp service. When it goes down, you'll be told. If you're concerned about the ntp server (versus ntp service) going down, you're getting into another arena, and it sounds like CARP to me (i.e. multiple servers, same IP address, etc). If your ntp service can't sync with an outside server for a day or so, you shouldn't get much drift. Your cluster will all be at the same time, because the server is still up. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From ike Mon Feb 28 13:20:05 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:20:05 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228180413.GA15008@sixshooter.v6.thrupoint.net> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <20050228180413.GA15008@sixshooter.v6.thrupoint.net> Message-ID: <63e4e5e924aa5cc80f735368d35b2153@lesmuug.org> On Feb 28, 2005, at 1:09 PM, Isaac Levy wrote: > Cool. My question then changes to this: ... redundancy... Doh, just as I hit send, Jim's message pretty much answered my question :) On Feb 28, 2005, at 1:04 PM, Jim Brown wrote: > I would add diversity here. Having only one time master is a SPoF. > Diverse routing is helpful as well. Configuring the master/slave relationships is the stuff I'm going to dig into here- gonna' rock the man pages for ntpd from here. If there's a builtin way to setup a failover master/slave configuration, that's hot- but if not, I'd assume it can just be scripted in some simple/sane manner. (thinking out loud, I'm imaging scripts to swap out config files and restart ntp based on responses etc...). Further digging just showed me that a lib. written by a trusted source exists for my favorite language, Python: http://www.egenix.com/files/python/mxDateTime.html > > Just finished a similar exercise, though just for a collection > (not a cluster) of machines. > > NTP on all BSDs but the OpenBSD box. OpenNTP on that. > > I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, > it's not easy to verify that you are, in fact, synched with another > NTP master. > > Also- one other nit: OpenNTP comes preconfigured to synch to > a pool of servers from ntp.org. Why, I don't know. Simplicity > maybe- but how am I supposed to verify *those* servers? Hrm. I love time problems- this question sounds like it leads to more of an ontological issue than a technical one :) Rocket- .ike From jpb Mon Feb 28 13:25:07 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 13:25:07 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> Message-ID: <20050228182507.GB15008@sixshooter.v6.thrupoint.net> * Isaac Levy [2005-02-28 13:09]: > Thanks yall', > > On Feb 28, 2005, at 12:33 PM, George Georgalis wrote: > > >>Hi All, > >> > >>I was just wanting to post on some of the post-meeting conversations > >>I've repeatedly over-heard about managing time-drift across clusters > >>of > >>machines- (you know who you people are...) > >> > >>How do folks like to do this? Special tools beyond rockin' timed? > >>Anyone know any good urls on the topic (either practical or acidemic)? > > > >Am I missing something here? Isn't the obvious answer, for a cluster, > >to > >configure the headnode (whether is connected to internet and synced or > >not) to answer ntp queries from nodes, and configure the nodes ntp time > >server to use their headnode? /usr/ports/net/ntp > > On Feb 28, 2005, at 12:43 PM, Dan Langille wrote: > > >Sounds like much the same way I manage my home network. My gateway > >acts as time master, and all other machines on my network sync with > >it. In turn, the gateway syncs with an external source. > > > Cool. My question then changes to this: > > Are there any tricks to maintain redundancy with ntp servers? i.e. is > there a builtin/traditional way to configure things so that *all* > machines can act as ntp servers in the event that the ntp box goes el' > muerte? Simple suggestion: Pick 4 or more servers from the list at http://ntp.isc.org/bin/view/Servers/StratumOneTimeServers (Use any 'OpenAccess' server listed. If the server indicates that the maintainer would like to hear from you- send a courtesy email. See the 'Rules Of Engagement' at http://ntp.isc.org/bin/view/Servers/RulesOfEngagement ) One one machine, put two servers from the above list in the /etc/ntp.conf file. server one.someserver.com server two.someserver.com On another machine, put the other two servers from the above list in /etc/ntp.conf. server three.someserver.com server four.someserver.com I actually use a pool of eight NTP stratum 1 servers, and have four entries on each of my servers. I also add a driftfile statement. See ntp.conf(5) for details. There are many options in ntp.conf, most of which you will never use. For the truly paranoid, use authentication. Hope this helps, Jim B. From ike Mon Feb 28 13:25:16 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:25:16 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <42231994.3496.1CCB7523@localhost> References: <20050228173327.GA20548@ixeon.local> <42231994.3496.1CCB7523@localhost> Message-ID: <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> Thanks Dan, On Feb 28, 2005, at 1:16 PM, Dan Langille wrote: > If your ntp service can't sync with an outside server for a day or > so, you shouldn't get much drift. Your cluster will all be at the > same time, because the server is still up. In all practicality, very true. The situation where I'm trying to implement this is a bit strange though; where boxes that go down could be physically taken offline for perhaps weeks at a time- or never return to the cluster, so I'd like to try to make it as brainless as possible- (but in the end, brainless moves can require extreme brainwork/time when they fail :) - /me teetering on the fence all over... Rocket- .ike From ike Mon Feb 28 13:26:57 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:26:57 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228182507.GB15008@sixshooter.v6.thrupoint.net> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> <20050228182507.GB15008@sixshooter.v6.thrupoint.net> Message-ID: On Feb 28, 2005, at 1:25 PM, Jim Brown wrote: > Hope this helps, > Jim B. Heck yeah! Thanks Jim, and everybody on this thread. Learned a lot very quickly here. Rocket- .ike From dan Mon Feb 28 13:35:07 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 13:35:07 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> References: <42231994.3496.1CCB7523@localhost> Message-ID: <42231E0B.15189.1CDCE7E0@localhost> On 28 Feb 2005 at 13:25, Isaac Levy wrote: > In all practicality, very true. > The situation where I'm trying to implement this is a bit strange > though; where boxes that go down could be physically taken offline for > perhaps weeks at a time- or never return to the cluster, so I'd like to > try to make it as brainless as possible- (but in the end, brainless > moves can require extreme brainwork/time when they fail :) - /me > teetering on the fence all over... CARP comes to mind. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From jpb Mon Feb 28 13:38:32 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 13:38:32 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> References: <20050228173327.GA20548@ixeon.local> <42231994.3496.1CCB7523@localhost> <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> Message-ID: <20050228183832.GC15008@sixshooter.v6.thrupoint.net> * Isaac Levy [2005-02-28 13:25]: > Thanks Dan, > > On Feb 28, 2005, at 1:16 PM, Dan Langille wrote: > > >If your ntp service can't sync with an outside server for a day or > >so, you shouldn't get much drift. Your cluster will all be at the > >same time, because the server is still up. > > In all practicality, very true. > The situation where I'm trying to implement this is a bit strange > though; where boxes that go down could be physically taken offline for > perhaps weeks at a time- or never return to the cluster, so I'd like to > try to make it as brainless as possible- (but in the end, brainless > moves can require extreme brainwork/time when they fail :) - /me > teetering on the fence all over... You can run ntpd -q (or ntpdate) to perform a one-time clock jump before your run ntpd. ntpd will not sync up if you are more than 1000 seconds off the reference server. ntpd -q (or ntpdate) gives you a chance to jump close to the reference server in one jump. ntpd will then sync up with a reference server. In my understanding, ntpd does not set the BIOS time. It normally sets the OS time. Always use UTC as the time source and set your timezone accordingly. Best Regards, Jim B. From ike Mon Feb 28 13:53:37 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:53:37 -0500 Subject: [nycbug-talk] CARP on FreeBSD [list thread fork] Message-ID: <83c50e2389853c34d44e49f4f6153e7a@lesmuug.org> Hi all, Thought I'd fork this from the ntp thread in case it got noisy, On Feb 28, 2005, at 1:35 PM, Dan Langille wrote: > On 28 Feb 2005 at 13:25, Isaac Levy wrote: >> ... boxes that go down could be physically taken offline for >> perhaps weeks at a time- or never return to the cluster, so I'd like >> to >> try to make it as brainless as possible- > > CARP comes to mind. *sigh* For these systems in particular, where I'm doing a lot of jailing, FreeBSD 4.x is de-facto production standard for me, for some time to come... with that, I've got some longing reservations about diving down the CARP path right now... Dan: I know Carp is living a healthy life in FreeBSD 5.x, but do you know anything I don't know, (or that google is witholding from me), about CARP on FreeBSD 4.x? So far, this is the only relevant stuff I found on the issue: http://lists.freebsd.org/pipermail/freebsd-pf/2004-September/000300.html (Pyun YongHyeon, who ported CARP to FreeBSD 5.x, speaking on why he doesn't care to port to FreeBSD 4.x... And with a tear welling up in my eye, I can see his logic.) -- Anyone have any good thoughts on this, or should just accept this and plan to keep CARP fun relegated to ike-playland for the next year or so? Rocket- .ike From dan Mon Feb 28 14:06:42 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 14:06:42 -0500 Subject: [nycbug-talk] Re: CARP on FreeBSD [list thread fork] In-Reply-To: <83c50e2389853c34d44e49f4f6153e7a@lesmuug.org> Message-ID: <42232572.21183.1CF9D2A5@localhost> On 28 Feb 2005 at 13:53, Isaac Levy wrote: > Dan: I know Carp is living a healthy life in FreeBSD 5.x, but do you > know anything I don't know, (or that google is witholding from me), > about CARP on FreeBSD 4.x? All I know about CARP I learned at BSDCan. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From ike Mon Feb 28 14:17:55 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 14:17:55 -0500 Subject: [nycbug-talk] Re: CARP on FreeBSD [list thread fork] In-Reply-To: <42232572.21183.1CF9D2A5@localhost> References: <42232572.21183.1CF9D2A5@localhost> Message-ID: <3237f3d46948311db8a115ed2be26ef0@lesmuug.org> On Feb 28, 2005, at 2:06 PM, Dan Langille wrote: > On 28 Feb 2005 at 13:53, Isaac Levy wrote: > >> Dan: I know Carp is living a healthy life in FreeBSD 5.x, but do you >> know anything I don't know, (or that google is witholding from me), >> about CARP on FreeBSD 4.x? > > All I know about CARP I learned at BSDCan. Digit- yeah, same here, thx for the heads up though. I've toyed with it some in the studio here with ad-hock parts boxen (and as many nics as I could conjure out of the shoebox), but it's still relegated to weekend hacking and fun, since I've chosen (happily) to limit myself to FreeBSD, for doing jailing in production life... /me slides CARP onto the backburner for a slow simmer here... Rocket- .ike From o_sleep Mon Feb 28 15:03:40 2005 From: o_sleep (Bjorn Nelson) Date: Mon, 28 Feb 2005 15:03:40 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228180413.GA15008@sixshooter.v6.thrupoint.net> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <20050228180413.GA15008@sixshooter.v6.thrupoint.net> Message-ID: Hello Jim, > I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, > it's not easy to verify that you are, in fact, synched with another > NTP master. ntpq -p checks the peer status and if ntp is working you should have a refid other then 0.0.0.0 for that peer. Also you can go into the ntpq interactive utility: type: ntpq then type: associations conf should say "yes." -Bjorn From jpb Mon Feb 28 15:35:47 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 15:35:47 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <20050228180413.GA15008@sixshooter.v6.thrupoint.net> Message-ID: <20050228203547.GA15409@sixshooter.v6.thrupoint.net> * Bjorn Nelson [2005-02-28 15:03]: > Hello Jim, > > >I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, > >it's not easy to verify that you are, in fact, synched with another > >NTP master. > > ntpq -p > checks the peer status and if ntp is working you should have a refid > other then 0.0.0.0 for that peer. > > Also you can go into the ntpq interactive utility: > type: ntpq > then type: associations > > conf should say "yes." > > -Bjorn > Thanks! I'll check that out. Best Regards, Jim B. From jpb Mon Feb 28 21:05:37 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 21:05:37 -0500 Subject: [nycbug-talk] Seeking tape backup unit Message-ID: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> Hello all- I'm seeking to purchase a tape backup unit, used or new, probably SCSI. Something fairly recent is better, but this is going in a standard Dell OptiPlex P4 box running FreeBSD 5.3. I'll probably use bacula for backup. 10G minimum capacity. Does not have to have an autochanger, but if you have one, let's talk. I'm in the NYC metro area, but I'll pay for shipping if it's too far to drive. Thanks, Jim B. From dan Mon Feb 28 21:19:25 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 21:19:25 -0500 Subject: [nycbug-talk] Seeking tape backup unit In-Reply-To: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> Message-ID: <42238ADD.1685.1E85FC6E@localhost> On 28 Feb 2005 at 21:05, Jim Brown wrote: > I'm seeking to purchase a tape backup unit, used or new, > probably SCSI. Something fairly recent is better, but this > is going in a standard Dell OptiPlex P4 box running FreeBSD 5.3. > I'll probably use bacula for backup. 10G minimum capacity. Does > not have to have an autochanger, but if you have one, let's talk. > > I'm in the NYC metro area, but I'll pay for shipping if > it's too far to drive. How much do you need to put on a tape daily? 4GB? 10GB? 35GB? -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From jpb Mon Feb 28 22:08:05 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 22:08:05 -0500 Subject: [nycbug-talk] Seeking tape backup unit In-Reply-To: <42238ADD.1685.1E85FC6E@localhost> References: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> <42238ADD.1685.1E85FC6E@localhost> Message-ID: <20050301030805.GB15845@sixshooter.v6.thrupoint.net> * Dan Langille [2005-02-28 21:19]: > On 28 Feb 2005 at 21:05, Jim Brown wrote: > > > I'm seeking to purchase a tape backup unit, used or new, > > probably SCSI. Something fairly recent is better, but this > > is going in a standard Dell OptiPlex P4 box running FreeBSD 5.3. > > I'll probably use bacula for backup. 10G minimum capacity. Does > > not have to have an autochanger, but if you have one, let's talk. > > > > I'm in the NYC metro area, but I'll pay for shipping if > > it's too far to drive. > > How much do you need to put on a tape daily? 4GB? 10GB? 35GB? 10GB min Jim B. From alex Mon Feb 28 12:09:35 2005 From: alex (alex at pilosoft.com) Date: Mon, 28 Feb 2005 12:09:35 -0500 (EST) Subject: [nycbug-talk] dealing with drift In-Reply-To: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Message-ID: On Mon, 28 Feb 2005, Isaac Levy wrote: > I was just wanting to post on some of the post-meeting conversations > I've repeatedly over-heard about managing time-drift across clusters of > machines- (you know who you people are...) > > How do folks like to do this? Special tools beyond rockin' timed? > Anyone know any good urls on the topic (either practical or acidemic)? It is called ntpd. -alex From alex Mon Feb 28 13:13:09 2005 From: alex (alex at pilosoft.com) Date: Mon, 28 Feb 2005 13:13:09 -0500 (EST) Subject: [nycbug-talk] dealing with drift In-Reply-To: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> Message-ID: On Mon, 28 Feb 2005, Isaac Levy wrote: > Are there any tricks to maintain redundancy with ntp servers? i.e. is > there a builtin/traditional way to configure things so that *all* > machines can act as ntp servers in the event that the ntp box goes el' > muerte? Yes, it is called 'ntpd'. -alex From pete Tue Feb 1 20:37:54 2005 From: pete (Pete Wright) Date: Tue, 1 Feb 2005 20:37:54 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050127201609.GC52385@finn.nomadlogic.org> References: <20050127201609.GC52385@finn.nomadlogic.org> Message-ID: <20050202013754.GA12994@finn.nomadlogic.org> On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > hey has anyone been following this on the list: > > (from my nightly portaudit) > Affected package: perl-5.8.5 > Type of problem: perl -- File::Path insecure file/directory permissions. > Reference: > > (now i won't tell you which box this on..sorry ;) > i've checked the reference URL and didn't find any more info, > and it does not seem that the port's tree has been updated > to fix this yet (atleast it wasn't a little while ago). any > ideas? > going to follow up on this one, it appears that as of today (02.01.05) there has been a new perl5.8 port released the version up to 5.8.6. I would read /usr/ports/UPDATING before upgrading this, but everyone already does that ;), because you will most likely have to upgrade pretty much everything that depends on perl as well. fortunatly there is a nice script in UPDATING to assist with this. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From scottro Tue Feb 1 20:53:54 2005 From: scottro (Scott Robbins) Date: Tue, 1 Feb 2005 20:53:54 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202013754.GA12994@finn.nomadlogic.org> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> Message-ID: <20050202015354.GA42550@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > hey has anyone been following this on the list: > > > > (from my nightly portaudit) > > Affected package: perl-5.8.5 > > Type of problem: perl -- File::Path insecure file/directory permissions. > > Reference: > > > > (now i won't tell you which box this on..sorry ;) > > i've checked the reference URL and didn't find any more info, > > and it does not seem that the port's tree has been updated > > to fix this yet (atleast it wasn't a little while ago). any > > ideas? > > > > > going to follow up on this one, it appears that as of today (02.01.05) > there has been a new perl5.8 port released the version up to 5.8.6. Yes, and still showing a vulnerability, so you'd have to use - - -DDISABLE_VULNERABILITIES Wow, I have a lot of ports depending on perl. - - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: She must be right. We must have some kind of amnesia. Buffy: I don't know what that is, but I'm certain I don't have it. I bathe quite often. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADFk+lTVdes0Z9YRAh6xAJ4poMOM3Zrjg8jvQE6JE2sfJSq6LwCfbOwq 5h5+MeBiqgOgEU7G54LONKs= =QpPm - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADKy+lTVdes0Z9YRAvPcAKCz8LVg85VgtIPkEsGbVPCcwHkVvACgmcg+ x/a7KTT9n78F/GHeTZE4i3E= =0LzC -----END PGP SIGNATURE----- From pete Tue Feb 1 20:58:26 2005 From: pete (Pete Wright) Date: Tue, 1 Feb 2005 20:58:26 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202015354.GA42550@mail.scottro.net> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> <20050202015354.GA42550@mail.scottro.net> Message-ID: <20050202015826.GB12994@finn.nomadlogic.org> On Tue, Feb 01, 2005 at 08:53:54PM -0500, Scott Robbins wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > > hey has anyone been following this on the list: > > > > > > (from my nightly portaudit) > > > Affected package: perl-5.8.5 > > > Type of problem: perl -- File::Path insecure file/directory permissions. > > > Reference: > > > > > > (now i won't tell you which box this on..sorry ;) > > > i've checked the reference URL and didn't find any more info, > > > and it does not seem that the port's tree has been updated > > > to fix this yet (atleast it wasn't a little while ago). any > > > ideas? > > > > > > > > > > going to follow up on this one, it appears that as of today (02.01.05) > > there has been a new perl5.8 port released the version up to 5.8.6. > > > Yes, and still showing a vulnerability, so you'd have to use > - - -DDISABLE_VULNERABILITIES > > Wow, I have a lot of ports depending on perl. > grrr...that's kinda upsetting. does anyone know if this is an issue that is being worked on seriously with the perl devs, what little info i've gotten from the bug report it sounds like a pretty serious issue. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From scottro Tue Feb 1 21:56:03 2005 From: scottro (Scott Robbins) Date: Tue, 1 Feb 2005 21:56:03 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202013754.GA12994@finn.nomadlogic.org> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> Message-ID: <20050202025603.GA48577@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > hey has anyone been following this on the list: > > > > (from my nightly portaudit) > > Affected package: perl-5.8.5 > > Type of problem: perl -- File::Path insecure file/directory permissions. > > Reference: > > > > (now i won't tell you which box this on..sorry ;) > > i've checked the reference URL and didn't find any more info, > > and it does not seem that the port's tree has been updated > > to fix this yet (atleast it wasn't a little while ago). any > > ideas? > > > > > going to follow up on this one, it appears that as of today (02.01.05) > there has been a new perl5.8 port released the version up to 5.8.6. Yes, and still showing a vulnerability, so you'd have to use - - -DDISABLE_VULNERABILITIES Pete and everyone else, very sorry, I was in error. A portupgrade failed and wasn't perl, thought I saw it properly on the screen, but it was another package dependent upon perl. Doing portaudit -Fa after the new port was installed does not give me a perl vulnerability. Again, my apologies. - - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: She must be right. We must have some kind of amnesia. Buffy: I don't know what that is, but I'm certain I don't have it. I bathe quite often. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADFk+lTVdes0Z9YRAh6xAJ4poMOM3Zrjg8jvQE6JE2sfJSq6LwCfbOwq 5h5+MeBiqgOgEU7G54LONKs= =QpPm - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCADKy+lTVdes0Z9YRAvPcAKCz8LVg85VgtIPkEsGbVPCcwHkVvACgmcg+ x/a7KTT9n78F/GHeTZE4i3E= =0LzC -----END PGP SIGNATURE----- From pete Tue Feb 1 21:58:16 2005 From: pete (Pete Wright) Date: Tue, 1 Feb 2005 21:58:16 -0500 Subject: [nycbug-talk] insecure perl port? In-Reply-To: <20050202025603.GA48577@mail.scottro.net> References: <20050127201609.GC52385@finn.nomadlogic.org> <20050202013754.GA12994@finn.nomadlogic.org> <20050202025603.GA48577@mail.scottro.net> Message-ID: <20050202025816.GC12994@finn.nomadlogic.org> On Tue, Feb 01, 2005 at 09:56:03PM -0500, Scott Robbins wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, Feb 01, 2005 at 08:37:54PM -0500, Pete Wright wrote: > > On Thu, Jan 27, 2005 at 03:16:09PM -0500, Pete Wright wrote: > > > hey has anyone been following this on the list: > > > > > > (from my nightly portaudit) > > > Affected package: perl-5.8.5 > > > Type of problem: perl -- File::Path insecure file/directory permissions. > > > Reference: > > > > > > (now i won't tell you which box this on..sorry ;) > > > i've checked the reference URL and didn't find any more info, > > > and it does not seem that the port's tree has been updated > > > to fix this yet (atleast it wasn't a little while ago). any > > > ideas? > > > > > > > > > > going to follow up on this one, it appears that as of today (02.01.05) > > there has been a new perl5.8 port released the version up to 5.8.6. > > > Yes, and still showing a vulnerability, so you'd have to use > - - -DDISABLE_VULNERABILITIES > > Pete and everyone else, very sorry, I was in error. A portupgrade > failed and wasn't perl, thought I saw it properly on the screen, but it > was another package dependent upon perl. > > Doing portaudit -Fa after the new port was installed does not give me a > perl vulnerability. > > Again, my apologies. ah execellent. no worries tho scott! -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Wed Feb 2 15:23:36 2005 From: george (george at rob.us.to) Date: Wed, 2 Feb 2005 15:23:36 -0500 (EST) Subject: [nycbug-talk] Asian Open Source camp Message-ID: <200502022023.j12KNaIi003214@localhost.localdomain> An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050202/b9fdfc0f/attachment.html From lists Wed Feb 2 15:27:30 2005 From: lists (michael) Date: Wed, 2 Feb 2005 15:27:30 -0500 Subject: [nycbug-talk] Windows most reliable Message-ID: <20050202152730.0d1e4c78@delinux.abwatley.com> Most Reliable Hosting Providers during January Hosting Ranking by Failed Requests and Connection time, January 1st - 31st 2005 Datapipe, which was the most reliable hosting provider for the second half of 2004, got the new year off to a strong start with a faultless performance in January, with no failed requests from any of our measurement points. It was the first flawless month for a hosting provider since last March, when German hoster Komplex had zero failures. Datapipe's web site is powered by Windows Server 2003. This month's top 10 includes four sites running on Linux, two on Windows Server 2003, two on FreeBSD, one on Solaris 9, and one site (Interland) on Windows 2000. Read the whole article at netcraft: http://tinyurl.com/4grzk -- --- From jesse Wed Feb 2 16:03:40 2005 From: jesse (Jesse Callaway) Date: Wed, 2 Feb 2005 16:03:40 -0500 Subject: [nycbug-talk] Windows most reliable In-Reply-To: <20050202152730.0d1e4c78@delinux.abwatley.com> References: <20050202152730.0d1e4c78@delinux.abwatley.com> Message-ID: <20050202210340.GD97697@mail.theholymountain.com> On Wed, Feb 02, 2005 at 03:27:30PM -0500, michael wrote: > Most Reliable Hosting Providers during January Hosting > > Ranking by Failed Requests and Connection time, > January 1st - 31st 2005 > > Datapipe, which was the most reliable hosting provider for the second > half of 2004, got the new year off to a strong start with a faultless > performance in January, with no failed requests from any of our > measurement points. It was the first flawless month for a hosting > provider since last March, when German hoster Komplex had zero failures. > > Datapipe's web site is powered by Windows Server 2003. This month's top > 10 includes four sites running on Linux, two on Windows Server 2003, two > on FreeBSD, one on Solaris 9, and one site (Interland) on Windows 2000. > > Read the whole article at netcraft: http://tinyurl.com/4grzk You're just fanning the flames. This doesn't say WIndows is the most reliable OS. Anyway, looking at the Datapipe website it looks like all of the bells and whistles didn't help the web developers one bit. These are the least capable ASP pages I have ever seen. Let alone the fact that they don't render properly. But that's expected of a hosting provider... they don't want to outsource talent for their corporate website because of all the smart people who work there (an obviosly feel they have better things to do). -jesse From nikolai.fetissov Wed Feb 2 22:50:32 2005 From: nikolai.fetissov (Nikolai N. Fetissov) Date: Wed, 02 Feb 2005 22:50:32 -0500 Subject: [nycbug-talk] February meeting audio Message-ID: <42019F88.7030101@peachisland.com> George, folks, get the mp3 of Jan's presentation at http://www.peachisland.com/nycbug/ Cheers, -- nick From pete Wed Feb 2 23:10:05 2005 From: pete (Pete Wright) Date: Wed, 2 Feb 2005 23:10:05 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <42019F88.7030101@peachisland.com> References: <42019F88.7030101@peachisland.com> Message-ID: <20050203041005.GA24100@finn.nomadlogic.org> On Wed, Feb 02, 2005 at 10:50:32PM -0500, Nikolai N. Fetissov wrote: > George, folks, > get the mp3 of Jan's presentation at http://www.peachisland.com/nycbug/ > Cheers, nick you are a lifesaver! cheers, pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From dcasey Thu Feb 3 10:03:08 2005 From: dcasey (Dan Casey) Date: Thu, 3 Feb 2005 10:03:08 -0500 Subject: [nycbug-talk] apache: securing each virtural host Message-ID: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> I have posted this question on alt.apache.configuration and several forums as well.. Nobody seems to have an answer as to how this is done. I have an account on a webserver that is using ensim cp. There server does what I am trying to achieve. I know how to chroot apache, that's no problem. What I would like to do is lock each virtualhost to be able to see its own files only. The system that I have the account on was able to achieve this using up about 20Mb per virtualhost. Example of why I am trying to achieve this. Say I have my web files in folders such as /usr/local/virtual/some-domain.com/www I would need to set the ServerRoot to /usr/local/virtual/ The VirtualHost DocumentRoot's would be set to /usr/local/virtual/some-domain.com/www and so. A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi this script looks like so #!/usr/local/bin/perl print "Content-Type: text/html\n\n"; print `ls -la /'; the contents on there screen would be the output of ls -la /usr/local/virtual/ thus listing all the domains available on the server. I need to set this up so that that same script would return the output of ls -la /usr/local/virtual/some-domain.com/ which would appear something like this: /etc /dev /usr ... -Thanks Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050203/0fcd9664/attachment.html From jesse Thu Feb 3 10:39:19 2005 From: jesse (Jesse Callaway) Date: Thu, 3 Feb 2005 10:39:19 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> Message-ID: <20050203153919.GA3455@mail.theholymountain.com> I'm pretty sure that Ensim only runs on Windows and RedHat. From tillman Thu Feb 3 11:12:18 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 10:12:18 -0600 Subject: [nycbug-talk] Blog entry on FreeBSD and Postgres Message-ID: <20050203161218.GO98574@seekingfire.com> Howdy folks, A local OpenBSD developer passed this link around the IRC channel I hang out in. I thought the folks here might be interested too. http://tabo.aurealsys.com/index.php?p=68 -T -- "There is a time in the life of every problem when it is big enough to see, yet small enough to solve." -- Mike Leavitt From mspitzer Thu Feb 3 11:20:04 2005 From: mspitzer (Marc Spitzer) Date: Thu, 3 Feb 2005 11:20:04 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> Message-ID: <8c50a3c305020308202c953e00@mail.gmail.com> On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > I have posted this question on alt.apache.configuration and several forums > as well.. Nobody seems to have an answer as to how this is done. I have an > account on a webserver that is using ensim cp. There server does what I am > trying to achieve. > > > I know how to chroot apache, that's no problem. > What I would like to do is lock each virtualhost to be able to see its own > files only. The system that I have the account on was able to achieve this > using up about 20Mb per virtualhost. > > > Example of why I am trying to achieve this. > Say I have my web files in folders such as > /usr/local/virtual/some-domain.com/www > > I would need to set the ServerRoot to /usr/local/virtual/ > The VirtualHost DocumentRoot's would be set to > /usr/local/virtual/some-domain.com/www and so. > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > this script looks like so > #!/usr/local/bin/perl > print "Content-Type: text/html\n\n"; > print `ls -la /'; > > the contents on there screen would be the output of > ls -la /usr/local/virtual/ > thus listing all the domains available on the server. > > I need to set this up so that that same script would return the output of > ls -la /usr/local/virtual/some-domain.com/ > which would appear something like this: > /etc > /dev > /usr > ... I think you are confusing your terms, from what I see you do not want a virtual host. What you want is a jail, on freebsd, or a xen virtual machine, on netbsd 2. You do not want a virtual host, that would only contain the web server stuff(docroot, cgi's, etc.). Now if you do want virtual server, not virtual hosts, what OS are you planning on doing this on? marc From dcasey Thu Feb 3 14:41:48 2005 From: dcasey (Dan Casey) Date: Thu, 3 Feb 2005 11:41:48 -0800 Subject: [nycbug-talk] apache: securing each virtural host References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <8c50a3c305020308202c953e00@mail.gmail.com> Message-ID: <000d01c50a28$66b00b30$0301a8c0@thomas> FreeBSD 5.3 Well, VirtualHost reffering to the apache config. I want a jail-like setup. But not for apache as a whole. Apache will have several websites (NameBased VirtualHosts). Each User (1 perl website) will be able to there files only, in what will appear to them as a server or filesystem. Now if it where just one site, a regular jail would be fine. But I want to keep each site seperate. I don't seem to understand how to achieve this with running a seperate jail for each site. Each jail would then need to run its own httpd.conf, and start its own httpd servers. By default apache opens 5 servers. say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) I cannot imagine that this is the only way to achieve this affect. Thanks ----- Original Message ----- From: "Marc Spitzer" To: "nycbug" Sent: Thursday, February 03, 2005 8:20 AM Subject: Re: [nycbug-talk] apache: securing each virtural host > On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > > > I have posted this question on alt.apache.configuration and several forums > > as well.. Nobody seems to have an answer as to how this is done. I have an > > account on a webserver that is using ensim cp. There server does what I am > > trying to achieve. > > > > > > I know how to chroot apache, that's no problem. > > What I would like to do is lock each virtualhost to be able to see its own > > files only. The system that I have the account on was able to achieve this > > using up about 20Mb per virtualhost. > > > > > > Example of why I am trying to achieve this. > > Say I have my web files in folders such as > > /usr/local/virtual/some-domain.com/www > > > > I would need to set the ServerRoot to /usr/local/virtual/ > > The VirtualHost DocumentRoot's would be set to > > /usr/local/virtual/some-domain.com/www and so. > > > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > > this script looks like so > > #!/usr/local/bin/perl > > print "Content-Type: text/html\n\n"; > > print `ls -la /'; > > > > the contents on there screen would be the output of > > ls -la /usr/local/virtual/ > > thus listing all the domains available on the server. > > > > I need to set this up so that that same script would return the output of > > ls -la /usr/local/virtual/some-domain.com/ > > which would appear something like this: > > /etc > > /dev > > /usr > > ... > > I think you are confusing your terms, from what I see you do not want > a virtual host. What you want is a jail, on freebsd, or a xen virtual > machine, on netbsd 2. You do not want a virtual host, that would only > contain the web server stuff(docroot, cgi's, etc.). > > Now if you do want virtual server, not virtual hosts, what OS are you > planning on doing this on? > > marc > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 From mspitzer Thu Feb 3 12:04:28 2005 From: mspitzer (Marc Spitzer) Date: Thu, 3 Feb 2005 12:04:28 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <000d01c50a28$66b00b30$0301a8c0@thomas> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <8c50a3c305020308202c953e00@mail.gmail.com> <000d01c50a28$66b00b30$0301a8c0@thomas> Message-ID: <8c50a3c305020309043c7201c6@mail.gmail.com> On Thu, 3 Feb 2005 11:41:48 -0800, Dan Casey wrote: > FreeBSD 5.3 > > Well, VirtualHost reffering to the apache config. > > I want a jail-like setup. But not for apache as a whole. > Apache will have several websites (NameBased VirtualHosts). > Each User (1 perl website) will be able to there files only, in what will > appear to them as a server or filesystem. How are you granting users access to their files, ftp, webdav...? for ftp there are many ftp servers that lock you into your "home dir" only, perhaps you can do the same thing with webdav. > > Now if it where just one site, a regular jail would be fine. But I want to > keep each site seperate. Virtual hosts work fine for that. > > I don't seem to understand how to achieve this with running a seperate jail > for each site. each server is in its own separate world so the users can not get access to other users stuff. > Each jail would then need to run its own httpd.conf, and start its own httpd > servers. yes > > By default apache opens 5 servers. > say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) not that bad on descent hardware > > I cannot imagine that this is the only way to achieve this affect. > It depends what/how much you want to isolate you users. if you want them to each think they have a dedicated server, they can ssh in and edit stuff, install binaries then you need a jail for each of them. If you can just give them each a separate docroot and limit there access to ftp then you do not need a jail. >From what you want the 'ls -la /' cgi to do you need a jail, ls is not something you can control from apache so you must do it from the os. If this is necessary then size your hardware accordingly. marc ps top posting is bad please stop doing it here. > Thanks > > > ----- Original Message ----- > From: "Marc Spitzer" > To: "nycbug" > Sent: Thursday, February 03, 2005 8:20 AM > Subject: Re: [nycbug-talk] apache: securing each virtural host > > > On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > > > > > I have posted this question on alt.apache.configuration and several > forums > > > as well.. Nobody seems to have an answer as to how this is done. I have > an > > > account on a webserver that is using ensim cp. There server does what I > am > > > trying to achieve. > > > > > > > > > I know how to chroot apache, that's no problem. > > > What I would like to do is lock each virtualhost to be able to see its > own > > > files only. The system that I have the account on was able to achieve > this > > > using up about 20Mb per virtualhost. > > > > > > > > > Example of why I am trying to achieve this. > > > Say I have my web files in folders such as > > > /usr/local/virtual/some-domain.com/www > > > > > > I would need to set the ServerRoot to /usr/local/virtual/ > > > The VirtualHost DocumentRoot's would be set to > > > /usr/local/virtual/some-domain.com/www and so. > > > > > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > > > this script looks like so > > > #!/usr/local/bin/perl > > > print "Content-Type: text/html\n\n"; > > > print `ls -la /'; > > > > > > the contents on there screen would be the output of > > > ls -la /usr/local/virtual/ > > > thus listing all the domains available on the server. > > > > > > I need to set this up so that that same script would return the output > of > > > ls -la /usr/local/virtual/some-domain.com/ > > > which would appear something like this: > > > /etc > > > /dev > > > /usr > > > ... > > > > I think you are confusing your terms, from what I see you do not want > > a virtual host. What you want is a jail, on freebsd, or a xen virtual > > machine, on netbsd 2. You do not want a virtual host, that would only > > contain the web server stuff(docroot, cgi's, etc.). > > > > Now if you do want virtual server, not virtual hosts, what OS are you > > planning on doing this on? > > > > marc > > _______________________________________________ > > % NYC*BUG talk mailing list > > http://lists.nycbug.org/mailman/listinfo/talk > > %Be sure to check out our Jobs and NYCBUG-announce lists > > %We meet the first Wednesday of the month > > > > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 > > From bob Thu Feb 3 12:06:44 2005 From: bob (Bob Ippolito) Date: Thu, 3 Feb 2005 12:06:44 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <000d01c50a28$66b00b30$0301a8c0@thomas> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <8c50a3c305020308202c953e00@mail.gmail.com> <000d01c50a28$66b00b30$0301a8c0@thomas> Message-ID: <1f80ac59fe483c6182f1c6f7c5d03548@redivi.com> On Feb 3, 2005, at 14:41, Dan Casey wrote: > ----- Original Message ----- > From: "Marc Spitzer" > To: "nycbug" > Sent: Thursday, February 03, 2005 8:20 AM > Subject: Re: [nycbug-talk] apache: securing each virtural host > > >> On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey >> wrote: >>> >>> I have posted this question on alt.apache.configuration and several > forums >>> as well.. Nobody seems to have an answer as to how this is done. I >>> have > an >>> account on a webserver that is using ensim cp. There server does >>> what I > am >>> trying to achieve. >>> >>> >>> I know how to chroot apache, that's no problem. >>> What I would like to do is lock each virtualhost to be able to see >>> its > own >>> files only. The system that I have the account on was able to achieve > this >>> using up about 20Mb per virtualhost. >>> >>> >>> Example of why I am trying to achieve this. >>> Say I have my web files in folders such as >>> /usr/local/virtual/some-domain.com/www >>> >>> I would need to set the ServerRoot to /usr/local/virtual/ >>> The VirtualHost DocumentRoot's would be set to >>> /usr/local/virtual/some-domain.com/www and so. >>> >>> A user executes a script in his browser. >>> some-domain.com/cgi-bin/ls.cgi >>> this script looks like so >>> #!/usr/local/bin/perl >>> print "Content-Type: text/html\n\n"; >>> print `ls -la /'; >>> >>> the contents on there screen would be the output of >>> ls -la /usr/local/virtual/ >>> thus listing all the domains available on the server. >>> >>> I need to set this up so that that same script would return the >>> output > of >>> ls -la /usr/local/virtual/some-domain.com/ >>> which would appear something like this: >>> /etc >>> /dev >>> /usr >>> ... >> >> I think you are confusing your terms, from what I see you do not want >> a virtual host. What you want is a jail, on freebsd, or a xen virtual >> machine, on netbsd 2. You do not want a virtual host, that would only >> contain the web server stuff(docroot, cgi's, etc.). >> >> Now if you do want virtual server, not virtual hosts, what OS are you >> planning on doing this on? >> > FreeBSD 5.3 > > Well, VirtualHost reffering to the apache config. > > I want a jail-like setup. But not for apache as a whole. > Apache will have several websites (NameBased VirtualHosts). > Each User (1 perl website) will be able to there files only, in what > will > appear to them as a server or filesystem. > > Now if it where just one site, a regular jail would be fine. But I > want to > keep each site seperate. > > > I don't seem to understand how to achieve this with running a seperate > jail > for each site. > Each jail would then need to run its own httpd.conf, and start its own > httpd > servers. > > By default apache opens 5 servers. > say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) > > I cannot imagine that this is the only way to achieve this affect. You're asking for two mutually exclusive things, a single Apache process can't live in 50 different jails at the same time. There is probably a way to chroot before running a CGI, but that doesn't help you isolate anything in-process like mod_php. To do that, you actually do need to run an apache per user. -bob From dcasey Thu Feb 3 15:50:44 2005 From: dcasey (Dan Casey) Date: Thu, 3 Feb 2005 12:50:44 -0800 Subject: [nycbug-talk] apache: securing each virtural host References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net><8c50a3c305020308202c953e00@mail.gmail.com><000d01c50a28$66b00b30$0301a8c0@thomas> <8c50a3c305020309043c7201c6@mail.gmail.com> Message-ID: <002e01c50a32$07c2d9e0$0301a8c0@thomas> ----- Original Message ----- From: "Marc Spitzer" To: "nycbug" Sent: Thursday, February 03, 2005 9:04 AM Subject: Re: [nycbug-talk] apache: securing each virtural host > On Thu, 3 Feb 2005 11:41:48 -0800, Dan Casey wrote: > > FreeBSD 5.3 > > > > Well, VirtualHost reffering to the apache config. > > > > I want a jail-like setup. But not for apache as a whole. > > Apache will have several websites (NameBased VirtualHosts). > > Each User (1 perl website) will be able to there files only, in what will > > appear to them as a server or filesystem. > > How are you granting users access to their files, ftp, webdav...? > for ftp there are many ftp servers that lock you into your "home dir" > only, perhaps you can do the same thing with webdav. > > > > Now if it where just one site, a regular jail would be fine. But I want to > > keep each site seperate. > > Virtual hosts work fine for that. > > > > > I don't seem to understand how to achieve this with running a seperate jail > > for each site. > > each server is in its own separate world so the users can not get > access to other users stuff. > > > Each jail would then need to run its own httpd.conf, and start its own httpd > > servers. > > yes > > > > > By default apache opens 5 servers. > > say 50 websites / 50 jails * 5 servers = .... not an ideal situation :) > > not that bad on descent hardware > > > > > I cannot imagine that this is the only way to achieve this affect. > > > > It depends what/how much you want to isolate you users. if you want > them to each think they have a dedicated server, they can ssh in and > edit stuff, install binaries then you need a jail for each of them. > If you can just give them each a separate docroot and limit there > access to ftp then you do not need a jail. > > >From what you want the 'ls -la /' cgi to do you need a jail, ls is not > something you can control from apache so you must do it from the os. > If this is necessary then size your hardware accordingly. > > marc > > ps top posting is bad please stop doing it here. > > > Thanks > > > > > > ----- Original Message ----- > > From: "Marc Spitzer" > > To: "nycbug" > > Sent: Thursday, February 03, 2005 8:20 AM > > Subject: Re: [nycbug-talk] apache: securing each virtural host > > > > > On Thu, 3 Feb 2005 10:03:08 -0500, Dan Casey wrote: > > > > > > > > I have posted this question on alt.apache.configuration and several > > forums > > > > as well.. Nobody seems to have an answer as to how this is done. I have > > an > > > > account on a webserver that is using ensim cp. There server does what I > > am > > > > trying to achieve. > > > > > > > > > > > > I know how to chroot apache, that's no problem. > > > > What I would like to do is lock each virtualhost to be able to see its > > own > > > > files only. The system that I have the account on was able to achieve > > this > > > > using up about 20Mb per virtualhost. > > > > > > > > > > > > Example of why I am trying to achieve this. > > > > Say I have my web files in folders such as > > > > /usr/local/virtual/some-domain.com/www > > > > > > > > I would need to set the ServerRoot to /usr/local/virtual/ > > > > The VirtualHost DocumentRoot's would be set to > > > > /usr/local/virtual/some-domain.com/www and so. > > > > > > > > A user executes a script in his browser. some-domain.com/cgi-bin/ls.cgi > > > > this script looks like so > > > > #!/usr/local/bin/perl > > > > print "Content-Type: text/html\n\n"; > > > > print `ls -la /'; > > > > > > > > the contents on there screen would be the output of > > > > ls -la /usr/local/virtual/ > > > > thus listing all the domains available on the server. > > > > > > > > I need to set this up so that that same script would return the output > > of > > > > ls -la /usr/local/virtual/some-domain.com/ > > > > which would appear something like this: > > > > /etc > > > > /dev > > > > /usr > > > > ... > > > > > > I think you are confusing your terms, from what I see you do not want > > > a virtual host. What you want is a jail, on freebsd, or a xen virtual > > > machine, on netbsd 2. You do not want a virtual host, that would only > > > contain the web server stuff(docroot, cgi's, etc.). > > > > > > Now if you do want virtual server, not virtual hosts, what OS are you > > > planning on doing this on? > > > > > > marc > > > _______________________________________________ > > > % NYC*BUG talk mailing list > > > http://lists.nycbug.org/mailman/listinfo/talk > > > %Be sure to check out our Jobs and NYCBUG-announce lists > > > %We meet the first Wednesday of the month > > > > > > > > > > -- > > No virus found in this outgoing message. > > Checked by AVG Anti-Virus. > > Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 > > > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > Sorry bout the top-posting. Users have access to there files via ftp. Im running pure-ftp which dosn't allow them to leave there homedir. ssh i have a unique setup, but thats another story. VirtualHost keeps everything separtate, yes. What I meant was to not allow users to run scripts that can access anything below there virtualhost's DocumentRoot, thus allowing them to see anything in the ServerRoot which is convieniently one directory below there DocumentRoot.. (that was a mouthfull) Ideally I would just set it up the virtualhost like so ServerRoot /usr/local/virtual/some-domain.com/ DocumentRoot /usr/local/virtual/some-domain.com/www/ but then apache says ServerRoot cannot occur within section ..I think im sadly coming to think that I really do need to run a seperate jail with its own apache server running in it. i can see this becoming an absolute mess to manage.. i wouldn't want to even think about upgrading a kernel... well, if that is the way it needs to be done, then that is what needs to be done... I guess i have a lot of script writing ahead of me.. :) yippie. -Thank you much. -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.4 - Release Date: 2/1/2005 From pete Thu Feb 3 13:33:17 2005 From: pete (pete wright) Date: Thu, 3 Feb 2005 10:33:17 -0800 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <002e01c50a32$07c2d9e0$0301a8c0@thomas> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net><8c50a3c305020308202c953e00@mail.gmail.com><000d01c50a28$66b00b30$0301a8c0@thomas> <8c50a3c305020309043c7201c6@mail.gmail.com> <002e01c50a32$07c2d9e0$0301a8c0@thomas> Message-ID: <7a0861b82a7ada56357c40456c6203e2@nomadlogic.org> > Sorry bout the top-posting. > heh....np > > ..I think im sadly coming to think that I really do need to run a > seperate > jail with its own apache server running in it. > i can see this becoming an absolute mess to manage.. > i wouldn't want to even think about upgrading a kernel... > fortunately you don't have to worry about upgrading the kernel/world too much if you are tracking -STABLE, and frankly I don't think you'd want to be messing with building world/kernel's on production boxen anyway.... personally I think that running a jail for each account will be less of an administrative issue in the long run. sure there might be some more upfront coding involved to get things setup, but you have isolated each user which makes things easier to monitor and administrate. let's say you have 20 users now, and in a year you have 60 users on that same box and things are getting slow. if each user has their own jail it's just a simple matter of tar'ing their $HOME...moving it to the new host and untar'ing the site. you've actually built a pretty scalable system from the get go. and that's not even taking into account the added security of such a system.... i've actually started kicking this same concept around for managing application server farms, but that's another issue all together ;) -p ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From george Thu Feb 3 13:46:22 2005 From: george (G. Rosamond) Date: Thu, 3 Feb 2005 13:46:22 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <20050203041005.GA24100@finn.nomadlogic.org> References: <42019F88.7030101@peachisland.com> <20050203041005.GA24100@finn.nomadlogic.org> Message-ID: <98cef05c256f62c5f3e4af7d2edf2613@sddi.net> On Feb 2, 2005, at 11:10 PM, Pete Wright wrote: > On Wed, Feb 02, 2005 at 10:50:32PM -0500, Nikolai N. Fetissov wrote: >> George, folks, >> get the mp3 of Jan's presentation at >> http://www.peachisland.com/nycbug/ >> Cheers, > > > nick you are a lifesaver! > And you couldn't get a flight for the meeting? Were you born on Sunday or something? BTW, I do think the slides are self-explanatory more than most. Jan didn't just do a presentation, he actually provided a great piece of documentation for the community as a whole. g From jesse Thu Feb 3 14:35:12 2005 From: jesse (Jesse Callaway) Date: Thu, 3 Feb 2005 14:35:12 -0500 Subject: [nycbug-talk] apache: securing each virtural host In-Reply-To: <20050203153919.GA3455@mail.theholymountain.com> References: <020601c50a01$79d3dce0$4703a8c0@bestweb.net> <20050203153919.GA3455@mail.theholymountain.com> Message-ID: <20050203193512.GA4207@mail.theholymountain.com> On Thu, Feb 03, 2005 at 10:39:19AM -0500, Jesse Callaway wrote: > I'm pretty sure that Ensim only runs on Windows and RedHat. > _______________________________________________ If I don't manage to interject something "wacky" before my proper coffee I don't feel my day is as exciting. -jesse From jonathan Thu Feb 3 15:21:48 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 15:21:48 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge Message-ID: <420287DC.5060808@kc8onw.net> I keep getting the following messages in my daily security run and clearly they have something to do with network looping but I don't know what causes them or how to look into them further. I did try but Google turned up nothing at all :P server.kc8onw.net kernel log messages: >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) Thanks, Jonathan From ike Thu Feb 3 15:29:42 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 15:29:42 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <420287DC.5060808@kc8onw.net> References: <420287DC.5060808@kc8onw.net> Message-ID: On Feb 3, 2005, at 3:21 PM, Jonathan wrote: > I keep getting the following messages in my daily security run and > clearly they have something to do with network looping but I don't > know what causes them or how to look into them further. I did try but > Google turned up nothing at all :P > > server.kc8onw.net kernel log messages: > > >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) Woah. Creepy. Wish I had a clue on this one- very interesting. What OS are you running here? What devices are tap0 and rl0? Rocket- .ike From jonathan Thu Feb 3 15:43:24 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 15:43:24 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: References: <420287DC.5060808@kc8onw.net> Message-ID: <42028CEC.4030309@kc8onw.net> Isaac Levy wrote: > On Feb 3, 2005, at 3:21 PM, Jonathan wrote: > >> I keep getting the following messages in my daily security run and >> clearly they have something to do with network looping but I don't >> know what causes them or how to look into them further. I did try but >> Google turned up nothing at all :P >> >> server.kc8onw.net kernel log messages: >> >> >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) >> >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) >> >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) > > > Woah. Creepy. Wish I had a clue on this one- very interesting. > > What OS are you running here? What devices are tap0 and rl0? > rl0 is the NAT'ed local network interface, dc0 is just an extra card right now, tap0 is (from the man page) The tap interface is a software loopback mechanism that can be loosely described as the network interface analog of the pty(4), that is, tap does for network interfaces what the pty driver does for terminals In this case tap0 is being used by openvpn (http://openvpn.net/) to transparently bridge two networks at the MAC layer so rl0 and tap0 are bridged. My main reason for this is to play games that rely on UDP broadcasts, that and just to learn more stuff :) uname -a: FreeBSD server.kc8onw.net 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Sun Nov 14 19:38:43 EST 2004 root at server.kc8onw.net:/usr/obj/usr/src/sys/GENERIC i386 ifconfig: dc0: flags=108802 mtu 1500 options=8 ether 00:04:5a:50:27:e0 media: Ethernet autoselect (none) status: no carrier rl0: flags=8943 mtu 1500 options=8 inet 10.70.2.2 netmask 0xffffff00 broadcast 10.70.2.255 inet6 fe80::200:21ff:fefa:30cd%rl0 prefixlen 64 scopeid 0x2 ether 00:00:21:fa:30:cd media: Ethernet autoselect (100baseTX ) status: active plip0: flags=108810 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 tap0: flags=8943 mtu 1500 inet6 fe80::2bd:6fff:fed3:2b00%tap0 prefixlen 64 scopeid 0x5 ether 00:bd:6f:d3:2b:00 Opened by PID 51395 I really don't know what other information to give at this point Jonathan From dlavigne6 Thu Feb 3 15:58:36 2005 From: dlavigne6 (Dru) Date: Thu, 3 Feb 2005 15:58:36 -0500 (EST) Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <420287DC.5060808@kc8onw.net> References: <420287DC.5060808@kc8onw.net> Message-ID: <20050203155239.D681@dru.domain.org> On Thu, 3 Feb 2005, Jonathan wrote: > I keep getting the following messages in my daily security run and clearly > they have something to do with network looping but I don't know what causes > them or how to look into them further. I did try but Google turned up > nothing at all :P > > server.kc8onw.net kernel log messages: > >>> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) Someone with network socket programming experience could explain exactly what's happening, but I suspect it has something to do with: man tap /error And, even if you can't read source code, you still might find something useful by checking out the comments in the source: locate tap.c grep "*/" /usr/src/sys/net/if_tap.c HTH, Dru From jonathan Thu Feb 3 16:08:13 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 16:08:13 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <20050203155239.D681@dru.domain.org> References: <420287DC.5060808@kc8onw.net> <20050203155239.D681@dru.domain.org> Message-ID: <420292BD.80305@kc8onw.net> Dru wrote: > > > On Thu, 3 Feb 2005, Jonathan wrote: > >> I keep getting the following messages in my daily security run and >> clearly they have something to do with network looping but I don't >> know what causes them or how to look into them further. I did try but >> Google turned up nothing at all :P >> >> server.kc8onw.net kernel log messages: >> >>>> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) > > > > > Someone with network socket programming experience could explain exactly > what's happening, but I suspect it has something to do with: > > man tap > /error > > And, even if you can't read source code, you still might find something > useful by checking out the comments in the source: > > locate tap.c > grep "*/" /usr/src/sys/net/if_tap.c > I didn't think to check the source file before, although I did skim the man page before my first mail at least :) I didn't see anything useful in the man page or source code and I don't think the problem is tap specific. I think its more of a general network issue possibly something to do with the fact that bridge(4) does not support 802.1d but I really don't know :P I put more configuration information in my reply to Isaac Levy's post. Thanks, Jonathan From tillman Thu Feb 3 16:12:31 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 15:12:31 -0600 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <420287DC.5060808@kc8onw.net> References: <420287DC.5060808@kc8onw.net> Message-ID: <20050203211231.GD62491@seekingfire.com> On Thu, Feb 03, 2005 at 03:21:48PM -0500, Jonathan wrote: > I keep getting the following messages in my daily security run and > clearly they have something to do with network looping but I don't know > what causes them or how to look into them further. I did try but Google > turned up nothing at all :P > > server.kc8onw.net kernel log messages: > > >> -- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) > >> -- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) > >> -- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) Just out of curiousity, do the errors go away if you use tun devices instead of tap devices in your OpenVPN config? My thinking is as follows: Tap devices are a "raw" transport. You generally only need them if you want to carry non-IP traffic (IPX comes to mind). Tun devices are "IP" devices, so we can eliminate an entire layer of the stack by using them (as well as making OpenVPN more efficient -- less overhead per packet means more data per data). -T -- Page 5: It is impossible to learn everything about Unix. Concentrate on what you need and what you think you will enjoy. - Harley Hahn, _The Unix Companion_ From jonathan Thu Feb 3 16:15:23 2005 From: jonathan (Jonathan) Date: Thu, 03 Feb 2005 16:15:23 -0500 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <20050203211231.GD62491@seekingfire.com> References: <420287DC.5060808@kc8onw.net> <20050203211231.GD62491@seekingfire.com> Message-ID: <4202946B.3090405@kc8onw.net> Tillman Hodgson wrote: > On Thu, Feb 03, 2005 at 03:21:48PM -0500, Jonathan wrote: > >>I keep getting the following messages in my daily security run and >>clearly they have something to do with network looping but I don't know >>what causes them or how to look into them further. I did try but Google >>turned up nothing at all :P >> >>server.kc8onw.net kernel log messages: >> >> >>>>-- loop (0) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (1) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (2) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (3) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (4) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (5) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (6) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (7) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (8) 00.40.05.49.45.12 to rl0 from tap0 (active) >>>>-- loop (9) 00.40.05.49.45.12 to tap0 from rl0 (active) >>>>-- loop (10) 00.40.05.49.45.12 to rl0 from tap0 (active) > > > Just out of curiousity, do the errors go away if you use tun devices > instead of tap devices in your OpenVPN config? > > My thinking is as follows: Tap devices are a "raw" transport. You > generally only need them if you want to carry non-IP traffic (IPX comes > to mind). Tun devices are "IP" devices, so we can eliminate an entire > layer of the stack by using them (as well as making OpenVPN more > efficient -- less overhead per packet means more data per data). > > -T > I don't really know, if it comes down to that I may try it but the reason for using tap in the first place was for things like IPX and games that depend on UDP broadcasts :P Thanks, Jonathan From george Thu Feb 3 16:25:36 2005 From: george (G. Rosamond) Date: Thu, 3 Feb 2005 16:25:36 -0500 Subject: [nycbug-talk] shmoocon Message-ID: <82b2619998c8c07e739ea9bc9712019e@sddi.net> I think we're mature enough to have multiple threads. . . or at least brief announcements. If you are going to Shmoocon this weekend in DC, email me OFFLIST. At this point, the conference will be a significant percentage of NYCBUG-related people. . . g From tillman Thu Feb 3 16:29:39 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 15:29:39 -0600 Subject: [nycbug-talk] Odd log messages with OpenVPN bridge In-Reply-To: <4202946B.3090405@kc8onw.net> References: <420287DC.5060808@kc8onw.net> <20050203211231.GD62491@seekingfire.com> <4202946B.3090405@kc8onw.net> Message-ID: <20050203212939.GE62491@seekingfire.com> On Thu, Feb 03, 2005 at 04:15:23PM -0500, Jonathan wrote: > I don't really know, if it comes down to that I may try it but the > reason for using tap in the first place was for things like IPX and > games that depend on UDP broadcasts :P Oh ... tun definitely won't work for you then ;-) -T -- Answers are a perilous grip on the universe. They can appear sensible yet explain nothing. - The Zensunni Whip From pete Thu Feb 3 16:36:09 2005 From: pete (pete wright) Date: Thu, 3 Feb 2005 13:36:09 -0800 Subject: [nycbug-talk] February meeting audio In-Reply-To: <98cef05c256f62c5f3e4af7d2edf2613@sddi.net> References: <42019F88.7030101@peachisland.com> <20050203041005.GA24100@finn.nomadlogic.org> <98cef05c256f62c5f3e4af7d2edf2613@sddi.net> Message-ID: On Feb 3, 2005, at 10:46 AM, G. Rosamond wrote: > > On Feb 2, 2005, at 11:10 PM, Pete Wright wrote: > >> On Wed, Feb 02, 2005 at 10:50:32PM -0500, Nikolai N. Fetissov wrote: >>> George, folks, >>> get the mp3 of Jan's presentation at >>> http://www.peachisland.com/nycbug/ >>> Cheers, >> >> >> nick you are a lifesaver! >> > > And you couldn't get a flight for the meeting? > dude, it's like cold there or something...and besides that jet that crashed in jersey yesterday was supposed to pick me up so that kinda threw a spanner in my plans. > Were you born on Sunday or something? > no i was born in jersey ;p > BTW, I do think the slides are self-explanatory more than most. Jan > didn't just do a presentation, he actually provided a great piece of > documentation for the community as a whole. > yea really upset i missed it esp. after the conversation mark and i had re. pkgsrc.... -p ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From ike Thu Feb 3 16:40:19 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 16:40:19 -0500 Subject: [nycbug-talk] shmoocon In-Reply-To: <82b2619998c8c07e739ea9bc9712019e@sddi.net> References: <82b2619998c8c07e739ea9bc9712019e@sddi.net> Message-ID: <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> On Feb 3, 2005, at 4:25 PM, G. Rosamond wrote: > At this point, the conference will be a significant percentage of > NYCBUG-related people. . . Muahahahahaha.... Rocket- .ike From george Thu Feb 3 16:41:52 2005 From: george (G. Rosamond) Date: Thu, 3 Feb 2005 16:41:52 -0500 Subject: [nycbug-talk] shmoocon In-Reply-To: <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> References: <82b2619998c8c07e739ea9bc9712019e@sddi.net> <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> Message-ID: On Feb 3, 2005, at 4:40 PM, Isaac Levy wrote: > On Feb 3, 2005, at 4:25 PM, G. Rosamond wrote: > >> At this point, the conference will be a significant percentage of >> NYCBUG-related people. . . > > Muahahahahaha.... > Yeah, we could have called for a BoF, but I think we could just take over an entire session. From ike Thu Feb 3 16:46:31 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 16:46:31 -0500 Subject: [nycbug-talk] shmoocon In-Reply-To: References: <82b2619998c8c07e739ea9bc9712019e@sddi.net> <96d3395647a9e53fce081a8ed5c7f2b6@lesmuug.org> Message-ID: On Feb 3, 2005, at 4:41 PM, G. Rosamond wrote: > Yeah, we could have called for a BoF, but I think we could just take > over an entire session. > > Makes me wish we had t-shirts and hats and big-bling nyc*bug rings and gold neclace schwag... :) NY Represent' w00t! Rocket- .ike From ike Thu Feb 3 17:50:14 2005 From: ike (Isaac Levy) Date: Thu, 3 Feb 2005 17:50:14 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <42019F88.7030101@peachisland.com> References: <42019F88.7030101@peachisland.com> Message-ID: <061be368bfa524677ad492f1c387bd3a@lesmuug.org> Nick, On Feb 2, 2005, at 10:50 PM, Nikolai N. Fetissov wrote: > George, folks, > get the mp3 of Jan's presentation at http://www.peachisland.com/nycbug/ > Cheers, > -- > nick Totally badass. Thank you! -- Q. for you- how did you record it? From your laptop? I'm curious because I may try to help out at PyCon to coordinate folks recording every session on their laptops... Do you use some open source stuff for recording? I mean, I know how I'd record stuff on my mac, using one of a billion little shareware apps even- but not sure about other platforms... Any comments/urls would be most appreciated! Rocket- .ike From lists Thu Feb 3 19:34:34 2005 From: lists (michael) Date: Thu, 3 Feb 2005 19:34:34 -0500 Subject: [nycbug-talk] Fw: Newsletter from O'Reilly Message-ID: <20050203193434.7236c46a@delinux.abwatley.com> Begin forwarded message: Date: Thu, 03 Feb 2005 15:19:56 -0800 Subject: Newsletter from O'Reilly UG Program, Feb 3 ================================================================ O'Reilly News for User Group Members February 3, 2005 ================================================================ ---------------------------------------------------------------- Book News ---------------------------------------------------------------- -AppleScript: The Missing Manual -Creating Photomontages with Photoshop: A Designer's Notebook -Internet Annoyances -Google Hacking for Penetration Testers -Home Networking Annoyances -Linux Server Security, 2nd Edition -Buffer Overflow Attacks -Configuring NetScreen Firewalls ---------------------------------------------------------------- Upcoming Events ---------------------------------------------------------------- -Hadley Stern ("iPod & iTunes Hacks"), Boston Macintosh User Group, Boston, MA--February 9 -Tim O'Reilly, EclipseCon, Burlingame, CA--February 28-March 3 -O'Reilly at PhotoShop World, Las Vegas, NV--March 9 ---------------------------------------------------------------- Conference News ---------------------------------------------------------------- -OSCON Call For Proposals Now Open -Register for the 2005 O'Reilly Emerging Technology Conference, San Diego, CA--March 14-17 -Registration Is Open for the 2005 MySQL Users Conference, Santa Clara, CA--April 18-21 ---------------------------------------------------------------- News ---------------------------------------------------------------- -Hacking Google -Get Your Hands Dirty! -"Make" subscriptions now available -Don't Miss O'Reilly at LinuxWorld, Boston, MA--February 15-17 -Programming eBay Web Services with PHP 5 and Services_Ebay -Freevo: Freedom For Your TV -Michael Stutz On Using Linux For Everyday Activities -Top Ten AppleScript Tips -Output Like a Pro with iPhoto 5 -Fix Hot Spot Annoyances -Working with Roaming User Profiles -IRC Text to Speech with Java -Internals of Java Class Loading -Build Your Own PVR (for Free) with HackTV -Featured Photographer--Ofer Halevi: The Art of Juxtaposition -Learning Lab: Save 40% on Web Programming Certificate Courses -A-Z Web Site Indexes Explained ================================================ Book News ================================================ Did you know you can request a free book to review for your group? Ask your group leader for more information. For book review writing tips and suggestions, go to: http://ug.oreilly.com/bookreviews.html Don't forget, you can receive 20% off any O'Reilly, No Starch, Paraglyph, Pragmatic Bookshelf, SitePoint, or Syngress book you purchase directly from O'Reilly. Just use code DSUG when ordering online or by phone 800-998-9938. http://www.oreilly.com/ ***Free ground shipping is available for online orders of at least $29.95 that go to a single U.S. address. This offer applies to U.S. delivery addresses in the 50 states and Puerto Rico. For more details, go to: http://www.oreilly.com/news/freeshipping_0703.html ---------------------------------------------------------------- New Releases ---------------------------------------------------------------- ***AppleScript: The Missing Manual Publisher: O'Reilly ISBN: 0596008503 Macintosh's ultimate scripting tool, AppleScript, has one major shortcoming: it comes without a manual. This Missing Manual fills the void. While its hands-on approach, with dozens of scripting examples, certainly keeps novices from feeling intimidated, this book is also suited for professionals from system administrators to musicians, ensuring that anyone can learn how to control Mac applications in timesaving and innovative ways. http://www.oreilly.com/catalog/applescripttmm/index.html Chapter 5, "Controlling Files," is available online: http://www.oreilly.com/catalog/applescripttmm/chapter/index.html ***Creating Photomontages with Photoshop: A Designer's Notebook Publisher: O'Reilly ISBN: 0596008589 This collection of groundbreaking digital creations by well-known French artists is a visual smorgasbord for digital imaging professionals, graphic artists, photographers, and anyone involved in the creation of digital images and animations. But it's more than a full-color feast for the eyes: reflecting the very best of French graphic design, it guides Photoshop users through all aspects of the photomontage creation process, from initial concept through step-by-step execution. http://www.oreilly.com/catalog/photoshopadn/ ***Internet Annoyances Publisher: O'Reilly ISBN: 0596007353 Recognizing the universal nature of the Net, "Internet Annoyances" strives to make using the internet as stress-free as possible for everyone. This insightful guide effectively addresses and presents solutions for the many glitches that still complicate the internet experience. You'll learn how to thwart would-be hackers, ensure greater security while surfing, eliminate pop-up ads, maximize online services, conduct effective searches, and much more. Chapter 8, "Searching Annoyances," is available online: http://www.oreilly.com/catalog/internetannoy/chapter/index.html ***Google Hacking for Penetration Testers Publisher: Syngress ISBN: 1931836361 "Google Hacking for Penetration Testers" explores the explosive growth of a technique known as "Google Hacking." This simple tool can be bent by hackers and those with malicious intent to find hidden information, break into sites, and access supposedly secure information. Borrowing the techniques pioneered by malicious "Google hackers," this book aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage. http://www.oreilly.com/catalog/1931836361/index.html ***Home Networking Annoyances Publisher: O'Reilly ISBN: 0596008082 Need a cure for the headaches associated with running a home network? This book tackles all the common annoyances your network dishes up, whether it's wired or wireless, Mac or PC. With a friendly, off-the-cuff approach, this book guides you safely through common home networking glitches, including file sharing, printing, security, and more. Take a stand against annoyances now: this book is your ticket to serenity. http://www.oreilly.com/catalog/homenetannoy/ Chapter 4, "File-Sharing Annoyances," is available online: http://www.oreilly.com/catalog/homenetannoy/chapter/index.html ***Linux Server Security, 2nd Edition Publisher: O'Reilly ISBN: 0596006705 "Linux Server Security, 2nd Edition" expertly conveys to administrators and developers the tricks of the trade that can help them avoid serious security breaches. The book covers both background theory and practical, step-by-step instructions for protecting a server that runs Linux. Geared toward Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Stay one step ahead of potential adversaries. http://www.oreilly.com/catalog/linuxss2/ Chapter 12, "System Log Management and Monitoring," is available online: http://www.oreilly.com/catalog/linuxss2/chapter/index.html ***Buffer Overflow Attacks Publisher: Syngress ISBN: 1932266674 The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." Currently, over half of these vulnerabilities are exploitable by buffer overflow attacks, which allow an attacker to run arbitrary code on a victim's machine. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks. It provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective, and on defending against these attacks for the software developer. http://www.oreilly.com/catalog/1932266674/ ***Configuring NetScreen Firewalls Publisher: Syngress ISBN: 1932266399 "Configuring NetScreen Firewalls" delivers an in-depth look at the NetScreen firewall product line. It covers all of the aspects of the NetScreen product line from the SOHO devices to the Enterprise NetScreen firewalls. Advanced troubleshooting techniques and the NetScreen Security Manager are also covered. http://www.oreilly.com/catalog/1932266399/index.html ================================================ Upcoming Events ================================================ ***For more events, please see: http://events.oreilly.com/ ***Hadley Stern ("iPod & iTunes Hacks"), Boston Macintosh User Group, Boston, MA--February 9 Come join this O'Reilly author to find out all the cool things that you can do with your iPod! Boston Macintosh User Group MIT Building E51 Room 315 Cambridge, MA http://www.bmac.org/meetings.html ***Tim O'Reilly, EclipseCon, Burlingame, CA--February 28-March 3 Tim is a keynote speaker at this event. http://www.eclipsecon.org/2005/index.htm ***O'Reilly at PhotoShop World, Las Vegas, NV--March 9 Come by and say hi and check out our latest Digital Media books at our booth (#220). Mandalay Bay Resort, Las Vegas, NV http://www.photoshopworld.com/ ================================================ Conference News ================================================ ***OSCON Call For Proposals Now Open Circle August 1-5 on your calendar and join us at the O'Reilly Open Source Convention in beautiful Portland, Oregon. OSCON 2005 will be at the Oregon Convention Center, where we'll have tutorials, sessions, parties, BOFs, and a huge exhibit hall. http://conferences.oreillynet.com/os2005/ The call for participation is open, and you're invited to submit a proposal to lead tutorials and sessions. Visit the submissions page for all the details on tracks and proposal guidelines. Proposals are due no later than February 13, 2005. http://conferences.oreillynet.com/cs/os2005/create/e_sess ***2005 O'Reilly Emerging Technology Conference, San Diego, CA--March 14-17 This year's conference theme is "Remix," which infuses ETech's roll-up-your-sleeves tutorials, to-the-point plenary presentations, and real world focused breakout sessions. Come to ETech and discover how applications and hardware are being deconstructed and recombined in unexpected ways. Learn how users and customers are influencing new interfaces, devices, business models, and services. For all the scoop on tutorials, featured speakers, and conference events, check out: http://conferences.oreillynet.com/etech/ Hurry up before it sells out! User Group members use code DSUG when you register, and receive 20% off the registration price. To register for the conference, go to: http://conferences.oreillynet.com/cs/et2005/create/ord_et05 ***Register for the 2005 MySQL Users Conference, Santa Clara, CA--April 18-21 The MySQL Users Conference, co-presented by O'Reilly Media and MySQL AB, brings together experts, users, and industry leaders with unique MySQL insights, offering attendees a detailed look into new features in MySQL 5.0, sessions and workshops designed to teach best practices, and exposure to new open source technologies. For more information, go to: http://www.mysqluc.com/ User Group members who register before Febuary 28, 2005 get a double discount. Use code DSUG when you register, and receive 20% off the early registration price. To register for the conference, go to: http://conferences.oreillynet.com/cs/mysqluc2005/create/ord_mysql05 ================================================ News From O'Reilly & Beyond ================================================ --------------------- General News --------------------- ***Hacking Google With access to more than three million documents in over 30 languages, Google is a researcher's dream. But like any invaluable tool, knowing the insider tricks of the trade is a must to save time and needless effort. Tara Calishain and Rael Dornfest, authors of "Google Hacks, 2nd Edition," have set out to educate the masses to the ins and outs of Google. In today's excerpt, they offer the inside scoop on scattersearching, cartography, Google on the go, Gmail-lite, and AdSense. With over 150 million Google searches conducted every day, why be just a number? http://www.oreillynet.com/pub/a/network/excerpt/ggl_hcks/index.html ***Get Your Hands Dirty! Hackers of all stripes refuse to just take what they???re given. They???re driven to remake it, and getting there is more than half the fun. Here at O'Reilly, we've got the information you need to hack, remix, and master technology at home and at work. In this letter for our Winter 2005 Catalog, Tim O'Reilly talks about how we're celebrating the hacker impulse. http://tim.oreilly.com/articles/dirtyhands_0105.html You'll find all of Tim's collected writings and speeches at: http://tim.oreilly.com/ ***"Make" subscriptions now available The annual subscription price for four issues is $34.95. When you subscribe with this link, you'll get a free issue--the first one plus four more for $34.95. So subscribe for yourself or friends with this great offer for charter subscribers: five volumes for the cost of four. Subscribe at: https://www.pubservice.com/MK/Subnew.aspx?PC=MK&PK=M5ZUGLA --------------------- Open Source --------------------- ***Don't Miss O'Reilly at LinuxWorld, Boston, MA--Feb 15-17 Stop by our booth (#509) to check out our latest Linux and open source titles and listen to our authors including Jonathan Corbet ("Linux Device Drivers, 3rd Ed."), Kyle D. Dent ("Postfix: The Definitive Guide"), Jay Beale ("Snort 2.1 Intrusion Detection, 2nd Ed."), Sam Hiser and Tom Adelstein ("Exploring the JDS Linux Desktop"), and Adam Trachtenberg ("PHP Cookbook"). We will have daily demonstrations on our new magazine "Make" and SafariU (http://academic.oreilly.com/safariu-more.csp). Here is our schedule of events: http://www.oreilly.com/examples/oreilly/ug/linuxworld_speaker_sched.pdf ***Programming eBay Web Services with PHP 5 and Services_Ebay PHP 5 added several new features to the language, yet laundry lists and high-level overviews don't really show what they are or why you might use them. Fortunately, Adam Trachtenberg writes for us. Here's how to use the new features of PHP 5 for writing web services clients. http://www.onlamp.com/pub/a/php/2005/01/27/ebay_webservices.html ***Freevo: Freedom For Your TV PVRs may be the next big thing in home entertainment, but relying on a closed box leaves you few options for customization. The Freevo project is building a platform for developing television-aware applications, whether recording, timeshifting, or general-purpose mayhem. Howard Wen explains the Freevo project and interviews its developers. http://www.linuxdevcenter.com/pub/a/linux/2005/01/27/freevo.html ***Michael Stutz On Using Linux For Everyday Activities Michael Stutz, author of "The Linux Cookbook, 2nd Edition" (No Starch) discusses what inspired him to write this book, when he first started using Linux, and other world views in this LinuxWorld interview. http://www.linuxworld.com/story/47810.htm?DE=1 --------------------- Mac --------------------- ***Top Ten AppleScript Tips AppleScript lets you control Microsoft Word, Adobe Photoshop, FileMaker Pro, and hundreds of other Mac programs with just a few lines of code. But if you think of AppleScript as just a nerdy workflow-automation tool, you're missing out on a lot of power. Truth is, AppleScript has lots of hidden tricks and timesavers built in--and they all come for free with your Mac. Adam Goldstein, author of "AppleScript: The Missing Manual," has hand selected ten of the most useful tips for making AppleScript work for you. http://www.macdevcenter.com/pub/a/mac/2005/02/01/applscrpt_mm.html ***Output Like a Pro with iPhoto 5 Earlier, Derrick Story discussed how iPhoto 5's RAW capability lets you input like a pro. But some of its new output features are quite sophisticated. Here Derrick takes a look at how to create sophisticated slideshows and QuickTime downloads using only iPhoto 5. http://www.macdevcenter.com/pub/a/mac/2005/02/01/iphoto.html --------------------- Windows/.NET --------------------- ***Fix Hot Spot Annoyances Using a Wi-Fi hot spot is a great way to stay connected when you're away from home or the office. But beware: you may be vulnerable to snoopers; you may be unable to send email; and your connection may flake out. Preston Gralla, author of "Internet Annoyances," fixes all your hot spot woes. http://www.windowsdevcenter.com/pub/a/windows/2005/02/01/hot_spot.html ***Working with Roaming User Profiles If you have a highly mobile local user base and are constantly fielding concerns about personalized settings and desktop customizations that don't seem to travel with your users, then roaming user profiles may make your life a lot easier. In this article, Jonathan Hassell, author of "Learning Windows Server 2003," explains how roaming user profiles can save you time and energy. http://www.windowsdevcenter.com/pub/a/windows/2005/02/01/rmng_usr.html --------------------- Java --------------------- ***IRC Text to Speech with Java Paul Mutton creates a multi-platform IRC bot that uses the FreeTTS Java speech synthesizer library to convert IRC messages into audible speech. Why would you want to use an IRC text-to-speech system? By reading out messages as they arrive, you can keep working, diverting your attention to IRC only when necessary. Paul is the author of "IRC Hacks." http://www.onjava.com/pub/a/onjava/2004/09/08/IRCinJava.html ***Internals of Java Class Loading When are two classes not the same? When they're loaded by different class loaders. This is just one of many curious side effects of Java's class-loading system. Binildas Christudas shows how different class loaders relate to one another and how (and why) to build your own custom class loader. http://www.onjava.com/pub/a/onjava/2005/01/26/classloading.html --------------------- Digital Media --------------------- ***Build Your Own PVR (for Free) with HackTV HackTV is a developer app for Mac OS X that you can download for free. It enables you to watch TV (or any video source) on your Mac. Better yet, it enables you to download that content to your hard drive. Erica Sadun shows you the ins and outs of HackTV. http://digitalmedia.oreilly.com/2005/01/26/hacktv.html ***Featured Photographer--Ofer Halevi: The Art of Juxtaposition Whether it's a man standing beside a mannequin in Amsterdam, or a poster of Rabin staring up at a passerby in Israel, Ofer Halevi has an eye for recording the juxtaposition of people and their inanimate environment. In this portfolio you can experience Ofer's passion for detail, interaction, and patterns. http://digitalmedia.oreilly.com/2005/01/12/featured.html --------------------- Web --------------------- ***Learning Lab: Save 40% on Web Programming Certificate Courses This six-course series from the O'Reilly Learning Lab teaches you the skills needed for web programming, web administration, and website development. You'll learn HTML, JavaScript, XML, SQL, Perl, and Unix. Upon completion of the series, students receive a Certificate of Professional Development from the University of Illinois Office of Continuing Education. Sign up by February 22nd, and save 40% on all Web Programming Certificate courses. http://www.oreilly.com/redirector.csp?link=UAWeb&type=news ***A-Z Web Site Indexes Explained A-Z Indexes are a far more accurate than search engines for searching the content of a web site or intranet. For the value they can bring to a site, A-Z indexes are worth the additional cost, but, if you decide to add an index to your site, it's important to find the right person to do the job. http://www.sitepoint.com/article/a-z-indexes ================================================ >From Your Peers =============================================== Don't forget to check out the O'Reilly UG wiki to see what user groups across the globe are up to: http://wiki.oreillynet.com/usergroups/index.cgi -- --- From dan Thu Feb 3 19:46:48 2005 From: dan (Dan Langille) Date: Thu, 03 Feb 2005 19:46:48 -0500 Subject: [nycbug-talk] tape drive woes Message-ID: <42027FA8.10947.578EF61A@localhost> I was given a DDS-4 tape drive at BSDCan last May. Last night, it started acting up. The following gives the following: mt -f /dev/sa0 status => http://www.langille.org/tmp/ach-dumps.txt It's not the card (I hooked up a SCSI disk and newfs'd it, just fine). It's not the cable (I tried another one, but not a new one). So now I'm looking at buying another DAT. AIT and DLT media is too expensive for my needs. So I'm looking at buying a Seagate DDS-4 Scorpion STD2401LW for CAD$650 (+taxes). Anyone got one and can tell stories about it? Please note: This is not the thread for saying tape is crap, DAT is crap, use HDD, use DLT, etc... Unless of course, you're prepared to give me the hardware and the media. Then I'm prepared to listen. :) -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Thu Feb 3 20:08:04 2005 From: george (george at rob.us.to) Date: Thu, 3 Feb 2005 20:08:04 -0500 (EST) Subject: [nycbug-talk] more open source stuff Message-ID: <200502040108.j14184WT029342@localhost.localdomain> An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050203/541bca77/attachment.html From matt Thu Feb 3 22:26:43 2005 From: matt (Matthew Terenzio) Date: Thu, 3 Feb 2005 22:26:43 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname Message-ID: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> I know this seems like an Apache question, but I have my first FreeBSD box going and I think it's related to the way I installed it. BTW, I love the easy to use Ports install process. Installed Apache Couldn't start it. In the error log: [alert] mod_unique_id: unable to gethostbyname(".WorkGroup") I commented out mod_unique_id and Apache works, but what is .WorkGroup? Sounds Windowsish, but is it some deafult? I didn't name the host that unless it was inadvertent. I'll mention the machine is running DHCP on a wifi home network. Not sure why I think that's relevant. From pete Thu Feb 3 22:32:29 2005 From: pete (Pete Wright) Date: Thu, 3 Feb 2005 22:32:29 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname In-Reply-To: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> References: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> Message-ID: <20050204033229.GA34680@finn.nomadlogic.org> On Thu, Feb 03, 2005 at 10:26:43PM -0500, Matthew Terenzio wrote: > I know this seems like an Apache question, but I have my first FreeBSD > box going and I think it's related to the way I installed it. > sweet welcome to the cult...err..ahh family :) > BTW, I love the easy to use Ports install process. > Installed Apache > Couldn't start it. > > In the error log: > > [alert] mod_unique_id: unable to gethostbyname(".WorkGroup") > > I commented out mod_unique_id and Apache works, but what is .WorkGroup? > Sounds Windowsish, but is it some deafult? sounds like you should probably set your hostname, this can be done easily via /stand/sysinstall..or if you want to do it the "proper" way you can edit /etc/rc.conf and set: hostname="freebsdrox" or something ;) > > I didn't name the host that unless it was inadvertent. > I'll mention the machine is running DHCP on a wifi home network. Not > sure why I think that's relevant. > as a general rule on *BSD related lists it is generally a good idea to post the following info if you haven't the foggiest what a problem may be: uname -ar, dmesg and any special modifications you have done on your install. usually a uname -ar is a good enough for config questions, if you are getting odd error messages a dmesg is generally a good idea. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From tillman Thu Feb 3 23:11:27 2005 From: tillman (Tillman Hodgson) Date: Thu, 3 Feb 2005 22:11:27 -0600 Subject: [nycbug-talk] tape drive woes In-Reply-To: <42027FA8.10947.578EF61A@localhost> References: <42027FA8.10947.578EF61A@localhost> Message-ID: <20050204041127.GG62491@seekingfire.com> On Thu, Feb 03, 2005 at 07:46:48PM -0500, Dan Langille wrote: > I was given a DDS-4 tape drive at BSDCan last May. Last night, it > started acting up. > > The following gives the following: > > mt -f /dev/sa0 status => http://www.langille.org/tmp/ach-dumps.txt I get that (SCSI bus resets) with my DDS-1 and -2 drives as well and I've seen it with DDS-3 drives. > It's not the card (I hooked up a SCSI disk and newfs'd it, just > fine). It's not the cable (I tried another one, but not a new one). Right. In my case, different cards and cables didn't help. A new tape (as in brand new) helped, sometimes, for a short time. I suspect that the drive needs cleaning. DDS drives need cleaning like a baby needs changing. I typically run a cleaner tape through after 2 tape runs now and I *still* encounter those errors, though at a significantly reduced rate. Putting the drive on it's on SCSI controller helps, because when it /does/ happen it doesn't freak out all the other devices on the bus. The traditional wisdom with bus resets is that it's due to exceeding the SCSI specifications in some manner: poor termination, too-long cable, that sort of thing. I've have luck with a DEC StorageWorks JBOD tower that used to bus reset like a mad banshee simply by telling the controller to run it at a slower rate -- a more robust SCSI bus results from the "easier" specifications. Since this particular SCSI controller only "auto-detects" SCSI settings and won't allow me override them in it's "BIOS", I wrote a /etc/rc.d script that manually forces the devices down one speed notch just before fsck kicks in (which would cause bus resets like crazy). The basic idea is this: camcontrol negotiate da0 -R10 -q -a I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, moves me from 40MB/s to 20MB/s. That's more than fast enough for the drives I have in the JBOD (which aren't ever accessed simultaneously with the use I've put them to) and all top out at about 12MB/s anyway). It's worth a try, especially considering that DDS-4 doesn't write fast enough to need the full 40MB/s of Ultrawide SCSI. > So I'm looking at buying a Seagate DDS-4 Scorpion STD2401LW > for CAD$650 (+taxes). > > Anyone got one and can tell stories about it? No, but I also had no idea that they'd gotten so cheap. *Damn*, that's tempting :-) > Please note: This is not the thread for saying tape is crap, DAT is > crap, use HDD, use DLT, etc... Unless of course, you're prepared to > give me the hardware and the media. Then I'm prepared to listen. :) And if anyone is handing out tape hardware, I'm willing to cover the cost of shipping if it's to help out freshports.org. -T -- Fsck, either way I'm screwed. -- petro Now *that* is the Sysadmin's motto. -- Peter da Silva From pete Fri Feb 4 04:49:15 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 04:49:15 -0500 Subject: [nycbug-talk] httpsd Message-ID: <20050204094915.GA11959@finn.nomadlogic.org> seems like apache is a popular topic lately... so i've recently moved a mail server running: postfix+courier-imap+http-ssl+squirellmail+debian to 5.3-RELEASE. the migration was pretty painless and i'm trucking away and having a blast...altho one thing that has been bothering me is the performance of squirellmail I'm noticing long load times for pages that were quite quick one the debian install (for example loading my inbox is taking several seconds to load while it much quicker before the migration). the network is the same, and reqular imap connections are as quick as can be...so i'm thinking that it might be an issue with the apache/php install. so what do the folks do here to tune php/httpsd installs. while we discuss amoungst ourselves i'll see if i can hack up a little benchmark script. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From dan Fri Feb 4 06:42:24 2005 From: dan (Dan Langille) Date: Fri, 04 Feb 2005 06:42:24 -0500 Subject: [nycbug-talk] tape drive woes In-Reply-To: <20050204041127.GG62491@seekingfire.com> References: <42027FA8.10947.578EF61A@localhost> Message-ID: <42031950.28074.59E72D6F@localhost> On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > On Thu, Feb 03, 2005 at 07:46:48PM -0500, Dan Langille wrote: > > I was given a DDS-4 tape drive at BSDCan last May. Last night, it > > started acting up. > > > > The following gives the following: > > > > mt -f /dev/sa0 status => http://www.langille.org/tmp/ach-dumps.txt > > I get that (SCSI bus resets) with my DDS-1 and -2 drives as well and > I've seen it with DDS-3 drives. > > > It's not the card (I hooked up a SCSI disk and newfs'd it, just > > fine). It's not the cable (I tried another one, but not a new one). > > Right. In my case, different cards and cables didn't help. A new tape > (as in brand new) helped, sometimes, for a short time. > > I suspect that the drive needs cleaning. DDS drives need cleaning like a > baby needs changing. I typically run a cleaner tape through after 2 tape > runs now and I *still* encounter those errors, though at a significantly > reduced rate. I clean frequently. > Putting the drive on it's on SCSI controller helps, because when it > /does/ happen it doesn't freak out all the other devices on the bus. It has it's own card. > The traditional wisdom with bus resets is that it's due to exceeding the > SCSI specifications in some manner: poor termination, too-long cable, > that sort of thing. I've have luck with a DEC StorageWorks JBOD tower > that used to bus reset like a mad banshee simply by telling the > controller to run it at a slower rate -- a more robust SCSI bus results > from the "easier" specifications. Since this particular SCSI controller > only "auto-detects" SCSI settings and won't allow me override them in > it's "BIOS", I wrote a /etc/rc.d script that manually forces the devices > down one speed notch just before fsck kicks in (which would cause bus > resets like crazy). The basic idea is this: > > camcontrol negotiate da0 -R10 -q -a > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, > moves me from 40MB/s to 20MB/s. That's more than fast enough for the > drives I have in the JBOD (which aren't ever accessed simultaneously > with the use I've put them to) and all top out at about 12MB/s anyway). OK, I will consider that. Thanks. > It's worth a try, especially considering that DDS-4 doesn't write fast > enough to need the full 40MB/s of Ultrawide SCSI. > > > So I'm looking at buying a Seagate DDS-4 Scorpion STD2401LW > > for CAD$650 (+taxes). > > > > Anyone got one and can tell stories about it? > > No, but I also had no idea that they'd gotten so cheap. *Damn*, that's > tempting :-) > > > Please note: This is not the thread for saying tape is crap, DAT is > > crap, use HDD, use DLT, etc... Unless of course, you're prepared to > > give me the hardware and the media. Then I'm prepared to listen. :) > > And if anyone is handing out tape hardware, I'm willing to cover the > cost of shipping if it's to help out freshports.org. ;) -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From nikolai.fetissov Fri Feb 4 08:51:39 2005 From: nikolai.fetissov (Nikolai N. Fetissov) Date: Fri, 04 Feb 2005 08:51:39 -0500 Subject: [nycbug-talk] February meeting audio In-Reply-To: <061be368bfa524677ad492f1c387bd3a@lesmuug.org> References: <42019F88.7030101@peachisland.com> <061be368bfa524677ad492f1c387bd3a@lesmuug.org> Message-ID: <42037DEB.7060804@peachisland.com> I have Olympus digital voice recorder, usb. Recording produces .dss audio files - very space efficient, but proprietary - I have to use their windows software to convert .dss into .wav. After that it's lame (lame.sourceforge.net). -- nick > -- > Q. for you- how did you record it? From your laptop? I'm curious > because I may try to help out at PyCon to coordinate folks recording > every session on their laptops... > > Do you use some open source stuff for recording? I mean, I know how I'd > record stuff on my mac, using one of a billion little shareware apps > even- but not sure about other platforms... > > Any comments/urls would be most appreciated! > > Rocket- > .ike > > From dan Fri Feb 4 11:19:37 2005 From: dan (Dan Langille) Date: Fri, 04 Feb 2005 11:19:37 -0500 Subject: [nycbug-talk] tape drive woes In-Reply-To: <20050204041127.GG62491@seekingfire.com> References: <42027FA8.10947.578EF61A@localhost> Message-ID: <42035A49.28494.5AE4FC98@localhost> On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > The traditional wisdom with bus resets is that it's due to exceeding > the SCSI specifications in some manner: poor termination, too-long > cable, that sort of thing. I've have luck with a DEC StorageWorks JBOD > tower that used to bus reset like a mad banshee simply by telling the > controller to run it at a slower rate -- a more robust SCSI bus > results from the "easier" specifications. Since this particular SCSI > controller only "auto-detects" SCSI settings and won't allow me > override them in it's "BIOS", I wrote a /etc/rc.d script that manually > forces the devices down one speed notch just before fsck kicks in > (which would cause bus resets like crazy). The basic idea is this: > > camcontrol negotiate da0 -R10 -q -a > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, > moves me from 40MB/s to 20MB/s. That's more than fast enough for the > drives I have in the JBOD (which aren't ever accessed simultaneously > with the use I've put them to) and all top out at about 12MB/s > anyway). I've not tried that yet. Last night, I tried a DDS-2 tape. I was able to back up. But I still think something is wrong. It's a DDS-4 drive, and I was unable to do a backup on a DDS-4 tape. While it was labelling the tape, a bit of tape would be fed through, then the unit would "click" three times, rewind, and read the tape again, click three times, repeat... several times. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From tillman Fri Feb 4 12:06:20 2005 From: tillman (Tillman Hodgson) Date: Fri, 4 Feb 2005 11:06:20 -0600 Subject: [nycbug-talk] tape drive woes In-Reply-To: <42035A49.28494.5AE4FC98@localhost> References: <42027FA8.10947.578EF61A@localhost> <42035A49.28494.5AE4FC98@localhost> Message-ID: <20050204170620.GL62491@seekingfire.com> On Fri, Feb 04, 2005 at 11:19:37AM -0500, Dan Langille wrote: > On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > > > > camcontrol negotiate da0 -R10 -q -a > > > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits wide, > > moves me from 40MB/s to 20MB/s. That's more than fast enough for the > > drives I have in the JBOD (which aren't ever accessed simultaneously > > with the use I've put them to) and all top out at about 12MB/s > > anyway). > > I've not tried that yet. Last night, I tried a DDS-2 tape. I was > able to back up. But I still think something is wrong. It's a DDS-4 > drive, and I was unable to do a backup on a DDS-4 tape. > > While it was labelling the tape, a bit of tape would be fed through, > then the unit would "click" three times, rewind, and read the tape > again, click three times, repeat... several times. That sounds more like a mechanism problem. Is this a fresh tape? If not, does retensioning it cause the same clicking? -T -- "Belief gets in the way of learning." -- Robert Heinlein From dan Fri Feb 4 13:32:14 2005 From: dan (Dan Langille) Date: Fri, 04 Feb 2005 13:32:14 -0500 Subject: [nycbug-talk] tape drive woes In-Reply-To: <20050204170620.GL62491@seekingfire.com> References: <42035A49.28494.5AE4FC98@localhost> Message-ID: <4203795E.4199.5B5E64DB@localhost> On 4 Feb 2005 at 11:06, Tillman Hodgson wrote: > On Fri, Feb 04, 2005 at 11:19:37AM -0500, Dan Langille wrote: > > On 3 Feb 2005 at 22:11, Tillman Hodgson wrote: > > > > > > camcontrol negotiate da0 -R10 -q -a > > > > > > I'm simply moving the bus from 20MHz to 10MHz which, at 16 bits > > > wide, moves me from 40MB/s to 20MB/s. That's more than fast enough > > > for the drives I have in the JBOD (which aren't ever accessed > > > simultaneously with the use I've put them to) and all top out at > > > about 12MB/s anyway). > > > > I've not tried that yet. Last night, I tried a DDS-2 tape. I was > > able to back up. But I still think something is wrong. It's a > > DDS-4 drive, and I was unable to do a backup on a DDS-4 tape. > > > > While it was labelling the tape, a bit of tape would be fed through, > > then the unit would "click" three times, rewind, and read the tape > > again, click three times, repeat... several times. > > That sounds more like a mechanism problem. Is this a fresh tape? If > not, does retensioning it cause the same clicking? The DDS-2 was brand new, fresh out the wrapper. I'll try the retensioning tonight. For those wondering: mt -f /dev/sa0 retension -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From george Fri Feb 4 14:25:10 2005 From: george (G. Rosamond) Date: Fri, 4 Feb 2005 14:25:10 -0500 Subject: [nycbug-talk] greetings from Shmoocon . . . part 01 Message-ID: We made it. . . After driving back and forth across all bridges between VA and DC, we finally made it to Shmoocon. We are sharing wireless of my iBook, although someone with OBSD is having problems with the Apple computer naming conventions. . . sounds like a reason to contribute to the doc project. We will forward a picture from the car when Ike gets back from the laundry. You'll all be hearing more from us. . . Bob, Bruno, Ike, George From pete Fri Feb 4 14:36:44 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 14:36:44 -0500 Subject: [nycbug-talk] greetings from Shmoocon . . . part 01 In-Reply-To: References: Message-ID: <20050204193644.GB14420@finn.nomadlogic.org> On Fri, Feb 04, 2005 at 02:25:10PM -0500, G. Rosamond wrote: > We made it. . . > > After driving back and forth across all bridges between VA and DC, we > finally made it to Shmoocon. > > We are sharing wireless of my iBook, although someone with OBSD is > having problems with the Apple computer naming conventions. . . sounds > like a reason to contribute to the doc project. > > We will forward a picture from the car when Ike gets back from the > laundry. > > You'll all be hearing more from us. . . sounds great already...you all just got there and ike already has to do his laundry :) -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Fri Feb 4 17:02:46 2005 From: george (G. Rosamond) Date: Fri, 4 Feb 2005 17:02:46 -0500 Subject: [nycbug-talk] greetings from Shmoocon . . . part 02 Message-ID: <853d7e5cf26c8588164d9b4e7aaeeef2@sddi.net> Open session is happening now. . . For those around in the DC area, we are meeting in the hotel lobby at 7 pm or so. The intro talk did some funny Linux-bashing about 'a bunch of code glued together'. When asked, over a third of the 400 or so attendees raised their hands when asked if they used BSD. Looks like it's going to be a fun weekend. g From pete Fri Feb 4 18:28:04 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 18:28:04 -0500 Subject: [nycbug-talk] mysql lisc. question Message-ID: <20050204232804.GA15563@finn.nomadlogic.org> interesting thread on questions at freebsd.org and thought someone here may have a better answ. that the impending flame fest there ;) http://tinyurl.com/45dr4 (interesting bit towards end..) basicly the question is does one have to pay lisc. fees to mysql AB if they utlize the clustering features of mysql? -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From mspitzer Fri Feb 4 18:49:48 2005 From: mspitzer (Marc Spitzer) Date: Fri, 4 Feb 2005 18:49:48 -0500 Subject: [nycbug-talk] mysql lisc. question In-Reply-To: <20050204232804.GA15563@finn.nomadlogic.org> References: <20050204232804.GA15563@finn.nomadlogic.org> Message-ID: <8c50a3c3050204154972a56a7a@mail.gmail.com> On Fri, 4 Feb 2005 18:28:04 -0500, Pete Wright wrote: > interesting thread on questions at freebsd.org and thought someone > here may have a better answ. that the impending flame fest there ;) > > http://tinyurl.com/45dr4 > (interesting bit towards end..) > > basicly the question is does one have to pay lisc. fees to mysql AB > if they utlize the clustering features of mysql? Iff the licence states that all code must be gpled to dodge the fees then gpl said software but only make it available, in binary or source form, to authorized internal users. basically you are only releasing things internally. That is the gpl, now if mysql is adding other clauses such that you must make it publicly available then that is a different matter. Also remember when the client libs went from lgpl, which they swore would always be lgpl, to gpl. With behavior like that who is to say what they will decide to do if they smell a buck. You may be in compliance with the free license until they change it and then you owe them some money. Look at postgres 8.0 looks very nice. marc ps mysql has lots of nice people working for them, some are even on this list. But there management is not trustworthy IMO. marc > > -p > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From pete Fri Feb 4 19:00:45 2005 From: pete (Pete Wright) Date: Fri, 4 Feb 2005 19:00:45 -0500 Subject: [nycbug-talk] mysql lisc. question In-Reply-To: <8c50a3c3050204154972a56a7a@mail.gmail.com> References: <20050204232804.GA15563@finn.nomadlogic.org> <8c50a3c3050204154972a56a7a@mail.gmail.com> Message-ID: <20050205000045.GA15754@finn.nomadlogic.org> On Fri, Feb 04, 2005 at 06:49:48PM -0500, Marc Spitzer wrote: > > Iff the licence states that all code must be gpled to dodge the fees > then gpl said software but only make it available, in binary or source > form, to authorized internal users. basically you are only releasing > things internally. That is the gpl, now if mysql is adding other > clauses such that you must make it publicly available then that is a > different matter. Also remember when the client libs went from lgpl, > which they swore would always be lgpl, to gpl. With behavior like > that who is to say what they will decide to do if they smell a buck. > You may be in compliance with the free license until they change it > and then you owe them some money. Look at postgres 8.0 looks very > nice. > unfortunatly it looks like a couple recent emails havn't hit the archive yet i'll quote them here... "The MySql Rep. explained to me that by installing the database on more that one computer, even if it is for you own use, it is considered a distributed piece of software and should be licenced." Yet according to another poster this is stated on MySQL AB's site: "Free use for those who never copy, modify or distribute. As long as you never distribute the MySQL Software in any way, you are free to use it for powering your application, irrespective of whether your application is under GPL license or not." > marc > > ps mysql has lots of nice people working for them, some are even on > this list. But there management is not trustworthy IMO. hey i like mysql personally...i'm just a bit confused by the legaleese.. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From matt Fri Feb 4 19:15:11 2005 From: matt (Matthew Terenzio) Date: Fri, 4 Feb 2005 19:15:11 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname In-Reply-To: <7f8e0ed848f615fcbc2d2c49c91d5f4e@jobsforge.com> References: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> <20050204033229.GA34680@finn.nomadlogic.org> <7f8e0ed848f615fcbc2d2c49c91d5f4e@jobsforge.com> Message-ID: <716fbb84d1cc0376e7b9b0879c5835b4@jobsforge.com> On Feb 3, 2005, at 10:55 PM, Matthew Terenzio wrote: > > On Feb 3, 2005, at 10:32 PM, Pete Wright wrote: > >> sounds like you should probably set your hostname > > Wow, that was tough. > I can't believe I couldn't find it on Google. > Good Night. > > \ For future readers of this thread: [alert] mod_unique_id: unable to gethostbyname("hostname") was the error in /var/log/httpd-error.log Turns out I not only needed to set my hostname, but add it to /etc/hosts as chronicled in this thread as well http://lists.freebsd.org/pipermail/freebsd-questions/2003-June/ 009996.html Apache is running, next I move to Postgresql and PHP. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 765 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050204/e662a8c1/attachment.bin From jesse Fri Feb 4 20:35:17 2005 From: jesse (Jesse Callaway) Date: Fri, 4 Feb 2005 20:35:17 -0500 Subject: [nycbug-talk] .WorkGroup, Apache and FreeBSD Hostname In-Reply-To: <716fbb84d1cc0376e7b9b0879c5835b4@jobsforge.com> References: <0067e9290417cdcd1f21e25caf08f443@jobsforge.com> <20050204033229.GA34680@finn.nomadlogic.org> <7f8e0ed848f615fcbc2d2c49c91d5f4e@jobsforge.com> <716fbb84d1cc0376e7b9b0879c5835b4@jobsforge.com> Message-ID: <20050205013517.GC10143@mail.theholymountain.com> On Fri, Feb 04, 2005 at 07:15:11PM -0500, Matthew Terenzio wrote: > > On Feb 3, 2005, at 10:55 PM, Matthew Terenzio wrote: > > > > > > On Feb 3, 2005, at 10:32 PM, Pete Wright wrote: > > > > > > > sounds like you should probably set your hostname > > > > > > > Wow, that was tough. > > I can't believe I couldn't find it on Google. > > Good Night. > > > > \ > > > For future readers of this thread: > > [alert] mod_unique_id: unable to gethostbyname("hostname") > > was the error in /var/log/httpd-error.log > > Turns out I not only needed to set my hostname, but add it to > /etc/hosts > as chronicled in this thread as well > > > http://lists.freebsd.org/pipermail/freebsd-questions/2003-June/009996.html > > > Apache is running, next I move to Postgresql and PHP. > yeah, almost every *nix I've ever seen needs this touch, AS WELL AS the explicit hostname variable setting mechanism. Ie, by hostname(8) or whatever. Not fun back in the dialup days. I'm all for only using the hosts file if it exists. Normal operation otherwise. I think we're well past the days of trying to keep a local text file of all of the hostnames we'll encounter. It seems only convienient for hacks involving clustering and/or NAT. -jesse From matt Sat Feb 5 00:43:39 2005 From: matt (Matthew Terenzio) Date: Sat, 5 Feb 2005 00:43:39 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question Message-ID: Begin forwarded message: > From: Matthew Terenzio > Date: February 5, 2005 12:41:52 AM EST > To: NYPHP Talk > Subject: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question > Reply-To: NYPHP Talk > > > On Feb 4, 2005, at 7:00 PM, Pete Wright wrote: > >> "The MySql Rep. explained to me that by installing the database on >> more >> that one computer, even if it is for you own use, it is considered a >> distributed piece of software and should be licenced." > > I'm no license expert. But I plan to be one in the coming months/years. > > But this seems like a point of contention between different OS > licenses that might become divisive for certain causes. > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1203 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050205/466a8165/attachment.bin From matt Sat Feb 5 00:45:12 2005 From: matt (Matthew Terenzio) Date: Sat, 5 Feb 2005 00:45:12 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question Message-ID: <68b957be3cfbc1e9c9ba3cde4cbafdd6@jobsforge.com> Begin forwarded message: > From: Matthew Terenzio > Date: February 5, 2005 12:41:52 AM EST > To: NYPHP Talk > Subject: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question > Reply-To: NYPHP Talk > > > On Feb 4, 2005, at 7:00 PM, Pete Wright wrote: > >> "The MySql Rep. explained to me that by installing the database on >> more >> that one computer, even if it is for you own use, it is considered a >> distributed piece of software and should be licenced." > > I'm no license expert. But I plan to be one in the coming months/years. > > But this seems like a point of contention between different OS > licenses that might become divisive for certain causes. > > _______________________________________________ > New York PHP Talk > Supporting AMP Technology (Apache/MySQL/PHP) > http://lists.nyphp.org/mailman/listinfo/talk > http://www.nyphp.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 1203 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050205/962417dd/attachment.bin From pete Sat Feb 5 00:58:57 2005 From: pete (Pete Wright) Date: Sat, 5 Feb 2005 00:58:57 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: References: Message-ID: <20050205055856.GA32521@finn.nomadlogic.org> On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: > > > > > > I'm no license expert. But I plan to be one in the coming > > months/years. > > > > But this seems like a point of contention between different OS > > licenses that might become divisive for certain causes. yea i totally agree, on one hand i can imagine that MySQL AB has to please the GPL camp and on the other they have to make money for a product that they are devloping. From my perspective it looks like using a BSD or MIT style liscense may work out better for them...but that obviously would not work for historical reasons. in the end tho, despite this apparent miscommunication, it seems like MySQL may be doing a good thing by allowing the use of the clustering tech. freely for people who do not re-distribute thier product...altho i'm not sure why one would limit it to only GPL apps and not all OSL certified lisc. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bob Sat Feb 5 08:56:30 2005 From: bob (Bob Ippolito) Date: Sat, 5 Feb 2005 08:56:30 -0500 Subject: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <20050205055856.GA32521@finn.nomadlogic.org> References: <20050205055856.GA32521@finn.nomadlogic.org> Message-ID: On Feb 5, 2005, at 12:58 AM, Pete Wright wrote: > On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: >> >> >>> >>> I'm no license expert. But I plan to be one in the coming >>> months/years. >>> >>> But this seems like a point of contention between different OS >>> licenses that might become divisive for certain causes. > > > yea i totally agree, on one hand i can imagine that MySQL AB has to > please the GPL camp and on the other they have to make money for a > product that they are devloping. From my perspective it looks like > using a BSD or MIT style liscense may work out better for them...but > that obviously would not work for historical reasons. MySQL wants people to buy their proprietary licenses. If they gave away BSD/MIT licenses for MySQL, presumably they wouldn't be able to sell it nearly as well because there would no longer be a legal need to do so. -bob From mspitzer Sat Feb 5 09:28:07 2005 From: mspitzer (Marc Spitzer) Date: Sat, 5 Feb 2005 09:28:07 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <20050205055856.GA32521@finn.nomadlogic.org> References: <20050205055856.GA32521@finn.nomadlogic.org> Message-ID: <8c50a3c305020506282a3d95dc@mail.gmail.com> On Sat, 5 Feb 2005 00:58:57 -0500, Pete Wright wrote: > On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: > > > > > > > > > > I'm no license expert. But I plan to be one in the coming > > > months/years. > > > > > > But this seems like a point of contention between different OS > > > licenses that might become divisive for certain causes. > > yea i totally agree, on one hand i can imagine that MySQL AB has to > please the GPL camp and on the other they have to make money for a > product that they are devloping. From my perspective it looks like > using a BSD or MIT style liscense may work out better for them...but > that obviously would not work for historical reasons. BSD/MIT would be worse than useless to them. You are looking at this form a tech POV and this is a business question. The dual license with the gpl gives them a stick to beat up the user base with for money. Think about it you have a business that uses mysql and get a letter from them about licencing compliance that says under the terms of the licence you currently have you need to make all your code down loadable on the web as an open source project, unless you give us money for a different license. BSD/MIT do not allow you to have such a club and GPL does. > > in the end tho, despite this apparent miscommunication, it seems like > MySQL may be doing a good thing by allowing the use of the clustering > tech. freely for people who do not re-distribute thier product...altho > i'm not sure why one would limit it to only GPL apps and not all OSL > certified lisc. Because GPL is designed to strip the developer/corporation of there property rights. And many of the OSL licences do not do this, to my knowledge none do it to the degree that the GPL does. marc > > -p > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From jpb Sat Feb 5 07:32:08 2005 From: jpb (Jim Brown) Date: Sat, 5 Feb 2005 12:32:08 +0000 Subject: [nycbug-talk] httpsd In-Reply-To: <20050204094915.GA11959@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> Message-ID: <20050205123208.GA16758@sixshooter.v6.thrupoint.net> * Pete Wright [2005-02-04 04:51]: > seems like apache is a popular topic lately... > so i've recently moved a mail server running: > > postfix+courier-imap+http-ssl+squirellmail+debian > > to 5.3-RELEASE. > > the migration was pretty painless and i'm trucking > away and having a blast...altho one thing that has > been bothering me is the performance of squirellmail > I'm noticing long load times for pages that were > quite quick one the debian install (for example loading > my inbox is taking several seconds to load while it > much quicker before the migration). the network > is the same, and reqular imap connections are as > quick as can be...so i'm thinking that it might > be an issue with the apache/php install. > > so what do the folks do here to tune php/httpsd > installs. while we discuss amoungst ourselves > i'll see if i can hack up a little benchmark script. > > -p > > Anytime I see long load or access times, I immediately suspect some DNS problem. Some things to check: - hosts file, bind search order (in /etc/host.conf on FreeBSD. Other BSDs differ.) - ::1 localhost before 127.0.0.1 in hosts file. - domainname or search statements in /etc/resolv.conf - your IP is reverse resolvable (check with dig -x) If you run DNS locally, check your named.conf and local zone files. Check for lame delegations up or down the tree. Restart the nameserver. Check if your resolver routines are attempting to resolve DNS AAAA records before AA records. The AAAA records will time out, unless your DNS server supports IPv6 and you actually have a AAAA record. Of course, you problem may have nothing to do with DNS, in which case you can ignore all of the above :-) Best Regards, Jim B. From pete Sat Feb 5 14:56:31 2005 From: pete (Pete Wright) Date: Sat, 5 Feb 2005 14:56:31 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050205123208.GA16758@sixshooter.v6.thrupoint.net> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> Message-ID: <20050205195631.GA41413@finn.nomadlogic.org> On Sat, Feb 05, 2005 at 12:32:08PM +0000, Jim Brown wrote: > * Pete Wright [2005-02-04 04:51]: > > seems like apache is a popular topic lately... > > so i've recently moved a mail server running: > > > > postfix+courier-imap+http-ssl+squirellmail+debian > > > > to 5.3-RELEASE. > > > > the migration was pretty painless and i'm trucking > > away and having a blast...altho one thing that has > > been bothering me is the performance of squirellmail > > I'm noticing long load times for pages that were > > quite quick one the debian install (for example loading > > my inbox is taking several seconds to load while it > > much quicker before the migration). the network > > is the same, and reqular imap connections are as > > quick as can be...so i'm thinking that it might > > be an issue with the apache/php install. > > > > so what do the folks do here to tune php/httpsd > > installs. while we discuss amoungst ourselves > > i'll see if i can hack up a little benchmark script. > > > > -p > > > > > > > Anytime I see long load or access times, I immediately > suspect some DNS problem. > it's not a DNS issue, no other network issues are slow, and httpd runs fine...loading even heavier pages. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Sat Feb 5 15:07:03 2005 From: pete (Pete Wright) Date: Sat, 5 Feb 2005 15:07:03 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <8c50a3c305020506282a3d95dc@mail.gmail.com> References: <20050205055856.GA32521@finn.nomadlogic.org> <8c50a3c305020506282a3d95dc@mail.gmail.com> Message-ID: <20050205200703.GB41413@finn.nomadlogic.org> On Sat, Feb 05, 2005 at 09:28:07AM -0500, Marc Spitzer wrote: > On Sat, 5 Feb 2005 00:58:57 -0500, Pete Wright wrote: > > On Sat, Feb 05, 2005 at 12:43:39AM -0500, Matthew Terenzio wrote: > > > > > > > > > > > > > > I'm no license expert. But I plan to be one in the coming > > > > months/years. > > > > > > > > But this seems like a point of contention between different OS > > > > licenses that might become divisive for certain causes. > > > > yea i totally agree, on one hand i can imagine that MySQL AB has to > > please the GPL camp and on the other they have to make money for a > > product that they are devloping. From my perspective it looks like > > using a BSD or MIT style liscense may work out better for them...but > > that obviously would not work for historical reasons. > > BSD/MIT would be worse than useless to them. You are looking at this > form a tech POV and this is a business question. The dual license > with the gpl gives them a stick to beat up the user base with for > money. Think about it you have a business that uses mysql and get a > letter from them about licencing compliance that says under the terms > of the licence you currently have you need to make all your code down > loadable on the web as an open source project, unless you give us > money for a different license. BSD/MIT do not allow you to have such > a club and GPL does. > i see both you and bob's point here...i was thinking (perhaps incorrectly) that by using a BSD style lisc. they would not be forced to redistribute code they did not want to. thus allowing them to build new features into thier product w/o having to release those changes back to the public: i.e. they could intergrate the cluster technology into the mysql codebase w/o having to worry about giving that IP away. anyway i'm confused, and don't really want to beat this topic...maybe if i catch you guy's later in IRC i can make better sense out of the situation. -p ~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From mspitzer Sat Feb 5 15:33:23 2005 From: mspitzer (Marc Spitzer) Date: Sat, 5 Feb 2005 15:33:23 -0500 Subject: Fwd: [nyphp-talk] Re: [nycbug-talk] mysql lisc. question In-Reply-To: <20050205200703.GB41413@finn.nomadlogic.org> References: <20050205055856.GA32521@finn.nomadlogic.org> <8c50a3c305020506282a3d95dc@mail.gmail.com> <20050205200703.GB41413@finn.nomadlogic.org> Message-ID: <8c50a3c3050205123370365388@mail.gmail.com> On Sat, 5 Feb 2005 15:07:03 -0500, Pete Wright wrote: > > i see both you and bob's point here...i was thinking (perhaps incorrectly) > that by using a BSD style lisc. they would not be forced to redistribute > code they did not want to. thus allowing them to build new features into > thier product w/o having to release those changes back to the public: i.e. > they could intergrate the cluster technology into the mysql codebase w/o > having to worry about giving that IP away. anyway i'm confused, and don't > really want to beat this topic...maybe if i catch you guy's later > in IRC i can make better sense out of the situation. > As the copy right owners there is absolutely nothing preventing them from not releasing anything they write for mysql, you only get hit wit the viral clause in derived works not original works. If they were required to release their code they could not sell a commercial licenced version as that would violate the gpl. And they have given there IP away, they do not do anything new after all, where they make there money is in giving you the option of not being forced to give your IP away, according to the terms of their free licence, by upgrading to a commercial licence. Or you could just move to postgres and not deal with all this crap. Hell even Computer Associates has a better free licence then mysql and you get informix as the database. marc From matt Sat Feb 5 18:04:50 2005 From: matt (Matthew Terenzio) Date: Sat, 5 Feb 2005 18:04:50 -0500 Subject: [nycbug-talk] failed port install Message-ID: Is there an easy way to back out of a port install gone bad. During a PHP install I was prompted for a few parameters and accidentally chose Apache 2 instead of 1.3 make deinstall doesn't work because the installation didn't happen and running make install again fails, and I don't get prompted again. Or reconfigure --with-apxs I didn't see any mention of this in The Handbook -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 510 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050205/d03ece13/attachment.bin From scottro Sat Feb 5 18:09:53 2005 From: scottro (Scott) Date: Sat, 5 Feb 2005 18:09:53 -0500 Subject: [nycbug-talk] failed port install In-Reply-To: References: Message-ID: <20050205230953.GB89225@mail.scottro.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, Feb 05, 2005 at 06:04:50PM -0500, Matthew Terenzio wrote: > Is there an easy way to back out of a port install gone bad. > > During a PHP install I was prompted for a few parameters and > accidentally chose Apache 2 instead of 1.3 > > make deinstall doesn't work because the installation didn't happen > > and running make install again fails, and I don't get prompted again. > > Or reconfigure --with-apxs > > I didn't see any mention of this in The Handbook Which php, /lang/php4? If so, then just do make config (in the port directory) and it should give you the option to use Apache2. HTH. - - -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Buffy: You're a vampire. Oh, I'm sorry. Was that an offensive term? Should I say undead American? - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCBVIW+lTVdes0Z9YRAmbgAJ4tsHDMA5kdztjgsRzRYuzmZMCDtwCgsU3x UvBcEA/ONh7dKJnMUt1X3Kk= =hFlM - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCBVJB+lTVdes0Z9YRAjGRAKCm/0ZuYmfrtdoYE/xmqX9FE4VkNgCeOMhl x4/RFQ80o2o45dmJ2Qv/l0w= =APZg -----END PGP SIGNATURE----- From mspitzer Sat Feb 5 18:43:55 2005 From: mspitzer (Marc Spitzer) Date: Sat, 5 Feb 2005 18:43:55 -0500 Subject: [nycbug-talk] failed port install In-Reply-To: References: Message-ID: <8c50a3c305020515437b19bc4f@mail.gmail.com> On Sat, 5 Feb 2005 18:04:50 -0500, Matthew Terenzio wrote: > Is there an easy way to back out of a port install gone bad. > > During a PHP install I was prompted for a few parameters and > accidentally chose Apache 2 instead of 1.3 > first you have portupgrade installed right? If not please install it. > make deinstall doesn't work because the installation didn't happen > and running make install again fails, and I don't get prompted again. > Or reconfigure --with-apxs try doing a make clean or make distclean(I think), there is a very nice man page also on ports. if worse come to worse you can delete /var/pkg/db/, /usr/X11R6/ and /usr/local/ and start from scrach. If you have upgraded perl and setup a link into the base system then you will need to fix that before the clean up. Before you do that though it might be wise to try a make deinstall on every package that showed up on the make clean, in the reverse order that they showed up and then try again. To figure out how to take good notes 'man script'. Also please be aware that some packages you may try to delete have other things that depend on them. marc > > I didn't see any mention of this in The Handbook I am sure that it says some where, pay attention to what you are doing and don't screw it up. But I could be wrong, actually I hope I am. marc From george Sun Feb 6 10:17:47 2005 From: george (G. Rosamond) Date: Sun, 6 Feb 2005 10:17:47 -0500 Subject: [nycbug-talk] A stat. . . . Message-ID: <95d1e382dd998565cec12f849b62d432@sddi.net> From our www site stats. . . Top 30 of 70 Total Countries # Hits Files KBytes Country 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet (arpa) From jpb Sun Feb 6 06:06:55 2005 From: jpb (Jim Brown) Date: Sun, 6 Feb 2005 11:06:55 +0000 Subject: [nycbug-talk] failed port install In-Reply-To: References: Message-ID: <20050206110655.GA25208@sixshooter.v6.thrupoint.net> * Matthew Terenzio [2005-02-05 18:04]: > Is there an easy way to back out of a port install gone bad. > > During a PHP install I was prompted for a few parameters and > accidentally chose Apache 2 instead of 1.3 > > make deinstall doesn't work because the installation didn't happen > > and running make install again fails, and I don't get prompted again. > > Or reconfigure --with-apxs > > I didn't see any mention of this in The Handbook > Yeah, this is usually ugly. The problem is that ports load and install other ports- which is usually what you want. In this case, you want to find the dependencies and trim only what you don't want. Here's what I've done- If you've completed the install and the port has been registered, run pkg_info -L pkgname This shows a list of all files related to the package. Next, run pkg_info -r pkgname This shows a list of other packages required by this package. If you still suspect that you're not getting everything, or you want to super-cautious, go to the work directory for the top level product (PHP in your case), and remove the .build_done and .install_done files. Then cd up to the main port directory, and start a script session. Rerun the make and make install. When all is done, exit from the script session, and your typescript file will have a record of all actions performed during the make install. Armed with all this information delete just the files you think apply to apache2. Or, delete it all, and start over. Good luck! Best Regards, Jim B. From jesse Sun Feb 6 15:22:32 2005 From: jesse (Jesse Callaway) Date: Sun, 6 Feb 2005 15:22:32 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <95d1e382dd998565cec12f849b62d432@sddi.net> References: <95d1e382dd998565cec12f849b62d432@sddi.net> Message-ID: <20050206202232.GB22475@mail.theholymountain.com> On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: > > From our www site stats. . . > > Top 30 of 70 Total Countries > # Hits Files KBytes Country > 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet > (arpa) Who has these addresses, where are they now? Does this mean Xerox, and Bell Labs, etc? DOD? -jesse From pete Sun Feb 6 15:50:59 2005 From: pete (Pete Wright) Date: Sun, 6 Feb 2005 15:50:59 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <20050206202232.GB22475@mail.theholymountain.com> References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> Message-ID: <20050206205059.GH41413@finn.nomadlogic.org> On Sun, Feb 06, 2005 at 03:22:32PM -0500, Jesse Callaway wrote: > On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: > > > > From our www site stats. . . > > > > Top 30 of 70 Total Countries > > # Hits Files KBytes Country > > 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet > > (arpa) > > > Who has these addresses, where are they now? Does this mean Xerox, and Bell Labs, etc? DOD? opps that was me. i was messing around on the W.O.P.R. looking for a nice game of tic-tak-to and got bored ;p -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From lists Sun Feb 6 16:08:02 2005 From: lists (lists at genoverly.net) Date: Sun, 6 Feb 2005 22:08:02 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_A_stat=2E_=2E__=2E_=2E?= Message-ID: <0MKyxe-1CxtfO3gce-0006LK@mrelay.perfora.net> > opps that was me. i was messing around on the W.O.P.R. looking for a nice game of tic-tak-to > and got bored ;p > > -pete > can you change my grades next time you are in there? From pete Sun Feb 6 16:34:45 2005 From: pete (Pete Wright) Date: Sun, 6 Feb 2005 16:34:45 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <0MKyxe-1CxtfO3gce-0006LK@mrelay.perfora.net> References: <0MKyxe-1CxtfO3gce-0006LK@mrelay.perfora.net> Message-ID: <20050206213445.GI41413@finn.nomadlogic.org> On Sun, Feb 06, 2005 at 10:08:02PM +0100, lists at genoverly.net wrote: > > > opps that was me. i was messing around on the W.O.P.R. looking for a nice game of tic-tak-to > > and got bored ;p > > > > -pete > > > > can you change my grades next time you are in there? i already did, and booked a flight to paris for the whole bug. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From chsnyder Sun Feb 6 18:43:12 2005 From: chsnyder (csnyder) Date: Sun, 6 Feb 2005 18:43:12 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050205195631.GA41413@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> Message-ID: On Sat, 5 Feb 2005 14:56:31 -0500, Pete Wright wrote: > On Sat, Feb 05, 2005 at 12:32:08PM +0000, Jim Brown wrote: > > * Pete Wright [2005-02-04 04:51]: > > > seems like apache is a popular topic lately... > > > so i've recently moved a mail server running: > > > > > > postfix+courier-imap+http-ssl+squirellmail+debian > > > > > > to 5.3-RELEASE. > > > > > > the migration was pretty painless and i'm trucking > > > away and having a blast...altho one thing that has > > > been bothering me is the performance of squirellmail > > > I'm noticing long load times for pages that were > > > quite quick one the debian install (for example loading > > > my inbox is taking several seconds to load while it > > > much quicker before the migration). the network > > > is the same, and reqular imap connections are as > > > quick as can be...so i'm thinking that it might > > > be an issue with the apache/php install. > > > > > > so what do the folks do here to tune php/httpsd > > > installs. while we discuss amoungst ourselves > > > i'll see if i can hack up a little benchmark script. > > > > > > -p > > > > > > > > > > > > Anytime I see long load or access times, I immediately > > suspect some DNS problem. > > > > it's not a DNS issue, no other network issues are slow, and > httpd runs fine...loading even heavier pages. > > -p > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > It's a longshot but worth a try -- could this be an entropy-gathering problem? Is Squirrelmail or PHP looking to /dev/random for some reason? -- Chris Snyder http://chxo.com/ From george Sun Feb 6 22:14:07 2005 From: george (G. Rosamond) Date: Sun, 6 Feb 2005 22:14:07 -0500 Subject: [nycbug-talk] Shmoocon device. . . Message-ID: <57730877c1bececf73921e7ee178ea19@sddi.net> Here's one device that I'm ordering *now*. . . Found out about it from someone at Shmoocon. Detects all wireless networks, whether or not they broadcast their SSID, details encryption method, signal strength. . . pretty useful, particularly in Manhattan for those who wander between clients. https://www.canarywireless.com/shop/shopdisplayproducts.asp? id=1&cat=Wi%2DFi+Detectors George From lists Mon Feb 7 09:38:59 2005 From: lists (michael) Date: Mon, 7 Feb 2005 09:38:59 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <57730877c1bececf73921e7ee178ea19@sddi.net> References: <57730877c1bececf73921e7ee178ea19@sddi.net> Message-ID: <20050207093859.4100881f@delinux.abwatley.com> On Sun, 6 Feb 2005 22:14:07 -0500 "G. Rosamond" wrote: > https://www.canarywireless.com/shop/shopdisplayproducts.asp? > id=1&cat=Wi%2DFi+Detectors See if you can get volume discount. I'm in. -- --- From george Mon Feb 7 09:49:18 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 09:49:18 -0500 Subject: [nycbug-talk] Tor. . . Message-ID: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> This is a project that is in the FreeBSD ports. . . security/tor. . . From pkg-descr: Tor: an anonymizing overlay network for TCP Tor is a connection-based low-latency anonymous communication system which addresses many flaws in the original onion routing design. Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. Remember that this is development code -- DON'T RELY ON THE CURRENT TOR NETWORK FOR ANONYMITY! WWW: http://tor.eff.org/ - rik The developers spoke at Shmoocon. . . seems like an awesome project. . . George From george Mon Feb 7 09:51:01 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 09:51:01 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207093859.4100881f@delinux.abwatley.com> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> Message-ID: On Feb 7, 2005, at 9:38 AM, michael wrote: > On Sun, 6 Feb 2005 22:14:07 -0500 > "G. Rosamond" wrote: > > >> https://www.canarywireless.com/shop/shopdisplayproducts.asp? >> id=1&cat=Wi%2DFi+Detectors > > See if you can get volume discount. I'm in. > First, the device is on backorder. . . second, I doubt we're ordering enough, as I think the minimum is 25. . . And already ordered mine. . . should be in either later in the month or early March. . . beware! George From marco Mon Feb 7 09:51:55 2005 From: marco (marco at metm.org) Date: Mon, 7 Feb 2005 09:51:55 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207093859.4100881f@delinux.abwatley.com> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> Message-ID: <20050207145155.GR17083@metm.org> On Sun, 6 Feb 2005 22:14:07 -0500 "G. Rosamond" wrote: > > https://www.canarywireless.com/shop/shopdisplayproducts.asp? > id=1&cat=Wi%2DFi+Detectors > Can you sum up what this device can do that kismet/mac can't ? -- Marco From george Mon Feb 7 09:53:29 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 09:53:29 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207145155.GR17083@metm.org> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> Message-ID: On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: > On Sun, 6 Feb 2005 22:14:07 -0500 "G. Rosamond" > wrote: >> >> https://www.canarywireless.com/shop/shopdisplayproducts.asp? >> id=1&cat=Wi%2DFi+Detectors >> > Can you sum up what this device can do that kismet/mac can't ? > Fit in your hand. It's the size of the standard Verizon caller ID boxes. . . but a little thinner. George From jschauma Mon Feb 7 10:01:52 2005 From: jschauma (Jan Schaumann) Date: Mon, 7 Feb 2005 10:01:52 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> Message-ID: <20050207150152.GG19653@netmeister.org> "G. Rosamond" wrote: > This is a project that is in the FreeBSD ports. . . security/tor. . . > WWW: http://tor.eff.org/ You may remember this pacakge from my talks last week, too. (That is, _if_ you paid attention ;-) I first saw Tor at the Usenix Security Symposium last Summer, where the developers presented it. (After the presentation, tor was in pkgsrc. :) It recently moved to the EFF site, since EFF became a sponsor of tor. -Jan -- DON'T PANIC! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050207/838350fd/attachment.bin From george Mon Feb 7 10:10:07 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 10:10:07 -0500 Subject: [nycbug-talk] BSDCan Message-ID: BSDCan is only a few months away. . . It would be great to have some color brochures at our new few meetings until the conference. There's a brochure link here: http://www.bsdcan.org/2005/help.php We should also have the brochure online, if it isn't already. . . From those who attended last year, anyone interested in being the central conduit for information on it. It would be nice to have someone who knows who's going from NYC, assistance with transportation, etc. EMail me offline if interested.. . George From dan Mon Feb 7 10:30:11 2005 From: dan (Dan Langille) Date: Mon, 07 Feb 2005 10:30:11 -0500 Subject: [nycbug-talk] BSDCan In-Reply-To: Message-ID: <42074333.17099.6A2ACC27@localhost> On 7 Feb 2005 at 10:10, G. Rosamond wrote: > BSDCan is only a few months away. . . > > > It would be great to have some color brochures at our new few meetings > until the conference. There's a brochure link here: > http://www.bsdcan.org/2005/help.php The list of papers will be ready by the 19th. I'll look at upgrading the brochure by then. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From gb.nycbug.org Mon Feb 7 10:36:46 2005 From: gb.nycbug.org (George Bourozikas) Date: Mon, 7 Feb 2005 10:36:46 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207150152.GG19653@netmeister.org> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <20050207150152.GG19653@netmeister.org> Message-ID: <200502071036.46771.gb.nycbug.org@olivesandhoney.com> I've been using Tor+Privoxy for a couple of weeks (on a linux system, but it's more or less OS-agnostic) and I've been loving it. Great idea and pretty fast for what it does, too! --george From george Mon Feb 7 10:52:41 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 10:52:41 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207150152.GG19653@netmeister.org> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <20050207150152.GG19653@netmeister.org> Message-ID: <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> On Feb 7, 2005, at 10:01 AM, Jan Schaumann wrote: > "G. Rosamond" wrote: >> This is a project that is in the FreeBSD ports. . . security/tor. . . > >> WWW: http://tor.eff.org/ > > You may remember this pacakge from my talks last week, too. (That is, > _if_ you paid attention ;-) I only had 4 calls from clients during your meeting. . . blah. But yes, it was your example pkg, I do remember that. . . > > I first saw Tor at the Usenix Security Symposium last Summer, where the > developers presented it. (After the presentation, tor was in pkgsrc. > :) Nice. . . > > It recently moved to the EFF site, since EFF became a sponsor of tor. > Previously funded by the US Navy. . . what irony. . . I have one of the developer's emails. They are located in Boston. . . maybe we could get them for a meeting at some point. . . George From marco Mon Feb 7 10:54:02 2005 From: marco (Marco Scoffier) Date: Mon, 7 Feb 2005 10:54:02 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> Message-ID: <20050207155401.GT17083@metm.org> On Mon, Feb 07, 2005 at 09:53:29AM -0500, G. Rosamond wrote: > >On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: >>Can you sum up what this device can do that kismet/mac can't ? >> >Fit in your hand. > >It's the size of the standard Verizon caller ID boxes. . . but a little >thinner. > Ok. Sorry for being an idiot, but if I want to connect my laptop to a wireless net, I can run kismet to find networks, presumably my laptop will already be in my bag ... why do I want another heavier than software device ? >George From bob Mon Feb 7 11:04:11 2005 From: bob (Bob Ippolito) Date: Mon, 7 Feb 2005 11:04:11 -0500 Subject: [nycbug-talk] Homegraph URL spoofing exploit for browsers Message-ID: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> http://www.shmoo.com/idn/ http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html Browsers that support IDN (unicode domain names) are easily susceptible to spoofing attacks because there are many code points that look the same. Their specific example uses а (CYRILLIC SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER A) in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL LETTER A}ypal.com' and have a browser-trusted cert for it. -bob From bob Mon Feb 7 11:09:50 2005 From: bob (Bob Ippolito) Date: Mon, 7 Feb 2005 11:09:50 -0500 Subject: [nycbug-talk] Homeograph URL spoofing exploit for browsers In-Reply-To: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> References: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> Message-ID: <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> On Feb 7, 2005, at 11:04, Bob Ippolito wrote: > http://www.shmoo.com/idn/ > http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html > > Browsers that support IDN (unicode domain names) are easily > susceptible to spoofing attacks because there are many code points > that look the same. Their specific example uses а (CYRILLIC > SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER A) > in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL LETTER > A}ypal.com' and have a browser-trusted cert for it. (that title was supposed to be homeograph -- my typing skills have apparently left me) -bob From tux Mon Feb 7 11:05:22 2005 From: tux (Kevin Reiter) Date: Mon, 7 Feb 2005 11:05:22 -0500 Subject: [nycbug-talk] Tor. . . References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net><20050207150152.GG19653@netmeister.org> <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> Message-ID: <000301c50d30$46f882d0$6400a8c0@olympus> : I have one of the developer's emails. They are located in Boston. . . : maybe we could get them for a meeting at some point. . . I spoke to both of them about that during dinner on Saturday, and they seemed interested. I'll be contacting them later in the week to discuss a few things, and I'll extend the official invite to them if nobody has any objections.. -Kev From lists Mon Feb 7 11:23:36 2005 From: lists (michael) Date: Mon, 7 Feb 2005 11:23:36 -0500 Subject: [nycbug-talk] BSDCan In-Reply-To: <42074333.17099.6A2ACC27@localhost> References: <42074333.17099.6A2ACC27@localhost> Message-ID: <20050207112336.77f4d2c3@delinux.abwatley.com> On Mon, 07 Feb 2005 10:30:11 -0500 "Dan Langille" wrote: > The list of papers will be ready by the 19th. I'll look at upgrading > the brochure by then. ..and I'll do NYCBUG.org shortly after that.. -- --- From tillman Mon Feb 7 12:09:02 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:09:02 -0600 Subject: [nycbug-talk] Tor. . . In-Reply-To: <200502071036.46771.gb.nycbug.org@olivesandhoney.com> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <20050207150152.GG19653@netmeister.org> <200502071036.46771.gb.nycbug.org@olivesandhoney.com> Message-ID: <20050207170902.GC9678@seekingfire.com> On Mon, Feb 07, 2005 at 10:36:46AM -0500, George Bourozikas wrote: > I've been using Tor+Privoxy for a couple of weeks (on a linux system, but > it's more or less OS-agnostic) and I've been loving it. Great idea and > pretty fast for what it does, too! I've been using it on FreeBSD -current (on i386) for a while now too, and it does indeed rock :-) One annoyance is that the config file format changed. When I portugprade'd it it make no mention of that via pkg-message, so I had a dead proxy for a few days until I noticed it (I only use tor sporadically, the slowness is enough to make me prefer a direct connection most of the time). It was hilarious the first time I surfed to Google with Tor -- the code that detects country of original based on IP address (from Akamai, I suspect) assumed I was in Germany and presented Google to me in German. Good fun :-) -T -- Page 2: Unix today is nothing less than a worldwide culture, comprising many tools, ideas and customs. - Harley Hahn, _The Unix Companion_ From tillman Mon Feb 7 12:18:06 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:18:06 -0600 Subject: [nycbug-talk] BSDCan In-Reply-To: <20050207112336.77f4d2c3@delinux.abwatley.com> References: <42074333.17099.6A2ACC27@localhost> <20050207112336.77f4d2c3@delinux.abwatley.com> Message-ID: <20050207171806.GD9678@seekingfire.com> On Mon, Feb 07, 2005 at 11:23:36AM -0500, michael wrote: > On Mon, 07 Feb 2005 10:30:11 -0500 > "Dan Langille" wrote: > > > The list of papers will be ready by the 19th. I'll look at upgrading > > the brochure by then. > > ..and I'll do NYCBUG.org shortly after that.. I spoke with the webmaster of www.losurs.org, the local open source group in Regina (with 574 members at last count) and he'll get something promoting BSDCan up soon. I'll also add the brochure and promote it from my personal domain which gets about 2000 unique visitors a month, mostly referrals from search engines for folks looking for Unixy and open source stuff. -T -- Enlightenment is: do what you want, eat what there is Jack Kerouac From bruno Mon Feb 7 12:41:15 2005 From: bruno (bruno) Date: Mon, 7 Feb 2005 12:41:15 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <20050206202232.GB22475@mail.theholymountain.com> References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> Message-ID: <20050207174115.GA10460@loftmail.com> On Sun, Feb 06, 2005 at 03:22:32PM -0500, Jesse Callaway wrote: > On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: > > > > From our www site stats. . . > > > > Top 30 of 70 Total Countries > > # Hits Files KBytes Country > > 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet > > (arpa) > > > Who has these addresses, where are they now? Does this mean Xerox, > and Bell Labs, etc? DOD? These domains are used only for Internet infrastructure. From gb.nycbug.org Mon Feb 7 12:24:28 2005 From: gb.nycbug.org (George Bourozikas) Date: Mon, 7 Feb 2005 12:24:28 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207170902.GC9678@seekingfire.com> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <200502071036.46771.gb.nycbug.org@olivesandhoney.com> <20050207170902.GC9678@seekingfire.com> Message-ID: <200502071224.28637.gb.nycbug.org@olivesandhoney.com> On Monday 07 February 2005 12:09, Tillman Hodgson wrote: [...] > It was hilarious the first time I surfed to Google with Tor -- the code > that detects country of original based on IP address (from Akamai, I > suspect) assumed I was in Germany and presented Google to me in German. > Good fun :-) > > -T That can be funnier than you think. When I first went to google it sent me to google.gr, which had me wondering (briefly) how it figured out that I am greek... --george From george Mon Feb 7 12:24:45 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 12:24:45 -0500 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <20050207174115.GA10460@loftmail.com> References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> <20050207174115.GA10460@loftmail.com> Message-ID: On Feb 7, 2005, at 12:41 PM, bruno wrote: > On Sun, Feb 06, 2005 at 03:22:32PM -0500, Jesse Callaway wrote: >> On Sun, Feb 06, 2005 at 10:17:47AM -0500, G. Rosamond wrote: >>> >>> From our www site stats. . . >>> >>> Top 30 of 70 Total Countries >>> # Hits Files KBytes Country >>> 26 39 0.33% 37 0.38% 1690 0.40% Old style Arpanet >>> (arpa) >> >> >> Who has these addresses, where are they now? Does this mean Xerox, >> and Bell Labs, etc? DOD? > > These domains are used only for Internet infrastructure. > Okay, okay. . . I'll now burst the bubble.. . Hans says that they are for nonresolvable addresses.. . Although there is already an entry for that. . . Maybe it's tor users. . . g From tillman Mon Feb 7 12:29:40 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:29:40 -0600 Subject: [nycbug-talk] A stat. . . . In-Reply-To: References: <95d1e382dd998565cec12f849b62d432@sddi.net> <20050206202232.GB22475@mail.theholymountain.com> <20050207174115.GA10460@loftmail.com> Message-ID: <20050207172940.GE9678@seekingfire.com> On Mon, Feb 07, 2005 at 12:24:45PM -0500, G. Rosamond wrote: > Hans says that they are for nonresolvable addresses.. . > > Although there is already an entry for that. . . > > Maybe it's tor users. . . Tor users should appear as real, pubically-visible, IP addresses. Just not the IPs one might normally expect ;-) I put a page up at http://www.seekingfire.com/projects/tor/ that tells me what IP I'm comign from. I use it to test the Tor stuff before venturing out into the "wild". Other folks are welcome to use it when testing Tor stuff as well. -T -- "The truth of a proposition has nothing to do with its credibility. And vice versa." -- Robert Heinlein From alex Mon Feb 7 12:20:40 2005 From: alex (alex at pilosoft.com) Date: Mon, 7 Feb 2005 12:20:40 -0500 (EST) Subject: [nycbug-talk] A stat. . . . In-Reply-To: Message-ID: On Mon, 7 Feb 2005, G. Rosamond wrote: > Okay, okay. . . I'll now burst the bubble.. . > > Hans says that they are for nonresolvable addresses.. . > > Although there is already an entry for that. . . > > Maybe it's tor users. . . No. Its for stupid people who misconfigure their PTR zone and are missing the dot after the PTR record. Correct: (assuming you are in 10.1.2 zone) 99 PTR host99.example.com. Incorrect: 99 PTR host99.example.com The latter will result in the following PTR record: host99.example.com.2.1.10.in-addr.arpa. Hence, .arpa TLD. (think about it and you'll understand why) -alex From bruno Mon Feb 7 12:49:07 2005 From: bruno (bruno) Date: Mon, 7 Feb 2005 12:49:07 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207155401.GT17083@metm.org> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> <20050207155401.GT17083@metm.org> Message-ID: <20050207174907.GB10460@loftmail.com> On Mon, Feb 07, 2005 at 10:54:02AM -0500, Marco Scoffier wrote: > On Mon, Feb 07, 2005 at 09:53:29AM -0500, G. Rosamond wrote: > > > >On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: > >>Can you sum up what this device can do that kismet/mac can't ? > >> > >Fit in your hand. > > > >It's the size of the standard Verizon caller ID boxes. . . but a little > >thinner. > > > > Ok. Sorry for being an idiot, but if I want to connect my laptop to a > wireless net, I can run kismet to find networks, presumably my laptop > will already be in my bag ... > > why do I want another heavier than software device ? Sometimes it is harder to find an open AP. It might take a number of blocks, or minutes, until there is one available (open and signal is strong enough). In cases like this, it is easier to walk around with a little hand held device than an open laptop. It is also less suspicious (just in case), and saves laptop battery. It depends on your needs, if you don't need to read email or do things many times a day using wireless, then it probably makes less sense to get one. From tillman Mon Feb 7 12:30:19 2005 From: tillman (Tillman Hodgson) Date: Mon, 7 Feb 2005 11:30:19 -0600 Subject: [nycbug-talk] Tor. . . In-Reply-To: <200502071224.28637.gb.nycbug.org@olivesandhoney.com> References: <2f01f74119307f0affb3eaf678bb5c42@sddi.net> <200502071036.46771.gb.nycbug.org@olivesandhoney.com> <20050207170902.GC9678@seekingfire.com> <200502071224.28637.gb.nycbug.org@olivesandhoney.com> Message-ID: <20050207173019.GF9678@seekingfire.com> On Mon, Feb 07, 2005 at 12:24:28PM -0500, George Bourozikas wrote: > On Monday 07 February 2005 12:09, Tillman Hodgson wrote: > [...] > > It was hilarious the first time I surfed to Google with Tor -- the code > > that detects country of original based on IP address (from Akamai, I > > suspect) assumed I was in Germany and presented Google to me in German. > > Good fun :-) > > That can be funnier than you think. When I first went to google it sent me > to google.gr, which had me wondering (briefly) how it figured out that I > am greek... Google knows All. Time for a tinfoil hat, they're on to us! ;-) -T -- I discovered the secret of the sea in meditation upon the dewdrop. Kahlil Gibran From jesse Mon Feb 7 12:33:19 2005 From: jesse (Jesse Callaway) Date: Mon, 7 Feb 2005 12:33:19 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <000301c50d30$46f882d0$6400a8c0@olympus> References: <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> <000301c50d30$46f882d0$6400a8c0@olympus> Message-ID: <20050207173319.GA27973@mail.theholymountain.com> On Mon, Feb 07, 2005 at 11:05:22AM -0500, Kevin Reiter wrote: > : I have one of the developer's emails. They are located in Boston. . . > : maybe we could get them for a meeting at some point. . . > > I spoke to both of them about that during dinner on Saturday, and they seemed > interested. I'll be contacting them later in the week to discuss a few things, > and I'll extend the official invite to them if nobody has any objections.. > > -Kev That would be excellent. See what they say about this summer. A hands on lab would be great. I'm keeping track of who, what, where, when for events. In fact if anyone has any good ideas for a meeting (lecture or otherwise)please send a note to talk. Who knows, worst case situation they could coach us on baseball. -jesse From pete Mon Feb 7 13:14:11 2005 From: pete (Pete Wright) Date: Mon, 7 Feb 2005 13:14:11 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> Message-ID: <20050207181411.GK41413@finn.nomadlogic.org> On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: > On Sat, 5 Feb 2005 14:56:31 -0500, Pete Wright wrote: > > It's a longshot but worth a try -- could this be an entropy-gathering problem? > Is Squirrelmail or PHP looking to /dev/random for some reason? i changed it to /dev/urandom in the httpsd config file, no noticable improvement. i then read through the php.ini file, and increased this value: output_buffering = 8192 (defaulted to 4096) notied some improvements in loading pages....but it was still slow. then did what i should have done fromt he get go, ran top while loading pages and noticed that impad was maxing out while my INBOX was being loaded. i think this may have to due with my *very* cluttered INBOX. i'll post more info when i have it.... -p > > > -- > Chris Snyder > http://chxo.com/ -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bschonhorst Mon Feb 7 13:43:48 2005 From: bschonhorst (Brad Schonhorst) Date: Mon, 7 Feb 2005 13:43:48 -0500 Subject: [nycbug-talk] Shmoocon device. . . In-Reply-To: <20050207174907.GB10460@loftmail.com> References: <57730877c1bececf73921e7ee178ea19@sddi.net> <20050207093859.4100881f@delinux.abwatley.com> <20050207145155.GR17083@metm.org> <20050207155401.GT17083@metm.org> <20050207174907.GB10460@loftmail.com> Message-ID: <8c7625be29a57754c9e8395adb80f970@vcsnyc.org> >> 53:29AM -0500, G. Rosamond wrote: >>> >>> On Feb 7, 2005, at 9:51 AM, marco at metm.org wrote: >>>> Can you sum up what this device can do that kismet/mac can't ? >>>> >>> Fit in your hand. >>> >>> It's the size of the standard Verizon caller ID boxes. . . but a >>> little >>> thinner. >>> >> >> Ok. Sorry for being an idiot, but if I want to connect my laptop to a >> wireless net, I can run kismet to find networks, presumably my laptop >> will already be in my bag ... >> >> why do I want another heavier than software device ? > > Sometimes it is harder to find an open AP. It might take a number of > blocks, or minutes, until there is one available (open and signal is > strong enough). In cases like this, it is easier to walk around with a > little hand held device than an open laptop. It is also less suspicious > (just in case), and saves laptop battery. It depends on your needs, if > you don't need to read email or do things many times a day using > wireless, then it probably makes less sense to get one. > I could see myself carrying this when I don't have my laptop or don't actually need a connection. So I'm walking to work, checking out possible locations to sit with a cup of coffee and check email later in the day...WarWalking Also, this would make setting up a wireless network much easier. i hate running around our school with my powerbook in one hand and a tool box in the other. -brad From spork Mon Feb 7 14:04:15 2005 From: spork (Charles Sprickman) Date: Mon, 7 Feb 2005 14:04:15 -0500 (EST) Subject: [nycbug-talk] httpsd In-Reply-To: <20050207181411.GK41413@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> Message-ID: On Mon, 7 Feb 2005, Pete Wright wrote: > notied some improvements in loading pages....but it was still slow. > then did what i should have done fromt he get go, ran top while loading > pages and noticed that impad was maxing out while my INBOX was being > loaded. i think this may have to due with my *very* cluttered INBOX. > i'll post more info when i have it.... Some other quick notes once you get to the root of the problem... Only load up the php extensions you need; you'll save memory which may save you from swap and speed things up. A squirrelmail-only install I run has the following in extensions.ini: extension=gettext.so extension=pcre.so extension=session.so extension=mysql.so extension=zlib.so extension=sockets.so extension=imap.so extension=mhash.so And again, if this apache process is mainly doing squirrelmail you'll get a HUGE boost in zippiness with one of the php accelerators. Zend costs money, but http://www.php-accelerator.co.uk is free and has been working great for me. Very noticeable improvement in squirrelmail with the accel loaded... Charles > > -p > >> >> >> -- >> Chris Snyder >> http://chxo.com/ > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From mspitzer Mon Feb 7 14:09:11 2005 From: mspitzer (Marc Spitzer) Date: Mon, 7 Feb 2005 14:09:11 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050207181411.GK41413@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> Message-ID: <8c50a3c305020711097811bdc4@mail.gmail.com> On Mon, 7 Feb 2005 13:14:11 -0500, Pete Wright wrote: > On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: > notied some improvements in loading pages....but it was still slow. then did > what i should have done fromt he get go, ran top while loading pages and noticed > that impad was maxing out while my INBOX was being loaded. i think this may have > to due with my *very* cluttered INBOX. i'll post more info when i have it.... If you are using a mbox(aka 1 big file) for your local inbox you will have problems, I speak from experience here. The problem is that you need to load and parse your inbox and due to the way UFS works if you change anything, other than an append on the end, you will need to write the new file then delete the old(from imapd POV) and this can use 2x the space of the inbox and be very slow. look into maildir or some other format if you have lots of mail and want imapd to be happy. marc From george Mon Feb 7 13:47:39 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 13:47:39 -0500 Subject: [nycbug-talk] Tor. . . In-Reply-To: <20050207173319.GA27973@mail.theholymountain.com> References: <4f4c6140a18a8c27a3d871b15043dcba@sddi.net> <000301c50d30$46f882d0$6400a8c0@olympus> <20050207173319.GA27973@mail.theholymountain.com> Message-ID: On Feb 7, 2005, at 12:33 PM, Jesse Callaway wrote: > On Mon, Feb 07, 2005 at 11:05:22AM -0500, Kevin Reiter wrote: >> : I have one of the developer's emails. They are located in Boston. >> . . >> : maybe we could get them for a meeting at some point. . . >> >> I spoke to both of them about that during dinner on Saturday, and >> they seemed >> interested. I'll be contacting them later in the week to discuss a >> few things, >> and I'll extend the official invite to them if nobody has any >> objections.. >> >> -Kev > > That would be excellent. See what they say about this summer. A hands > on lab would be great. I'm keeping track of who, what, where, when for > events. In fact if anyone has any good ideas for a meeting (lecture or > otherwise)please send a note to talk. > Who knows, worst case situation they could coach us on baseball. > > -jesse Yes, Jesse's the go-to guy for meeting speakers and topics. I think a tor meeting would be great to get multiple sponsors for. . . It's a great service and tool, from what I picked up, and it's certainly worth advocating for in NYC. If it's been funded by the US Navy and EFF, that does say something. . . (not that I'm sure what ) George From george Mon Feb 7 13:45:39 2005 From: george (G. Rosamond) Date: Mon, 7 Feb 2005 13:45:39 -0500 Subject: [nycbug-talk] Homeograph URL spoofing exploit for browsers In-Reply-To: <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> References: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> Message-ID: On Feb 7, 2005, at 11:09 AM, Bob Ippolito wrote: > On Feb 7, 2005, at 11:04, Bob Ippolito wrote: > >> http://www.shmoo.com/idn/ >> http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html >> >> Browsers that support IDN (unicode domain names) are easily >> susceptible to spoofing attacks because there are many code points >> that look the same. Their specific example uses а (CYRILLIC >> SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER >> A) in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL >> LETTER A}ypal.com' and have a browser-trusted cert for it. > > (that title was supposed to be homeograph -- my typing skills have > apparently left me) > This made a security list I found out about this weekend. . . a lot cleaner than Bugtraq. It's at www.secunia.com. Highly recommended. Anyone else have any feedback on the Secunia list? I find Bugtraq frustrating sometimes for the side comments and banter. George From steve Mon Feb 7 15:17:27 2005 From: steve (steve) Date: Mon, 07 Feb 2005 15:17:27 -0500 Subject: [nycbug-talk] backup from bsd Message-ID: <4207CCD7.2050504@n2sw.com> Hi all, One of my jobs is using Veritas to do all their backups, the issue i have is that veritas does not play nicely with fbsd, they only client they have (that i found) didnt compile properly, and i can not rely on it, that it will backup as required. So does anybody know of a way i can backup multiple servers to a windows box, (say run a bacula server on windows (is it possible?)) and from there veritas will take it to tape. Directly from bsd servers to tape is not an option ( i did try) the ones in command dont want it. thanx Steve Rieger From dan Mon Feb 7 15:23:09 2005 From: dan (Dan Langille) Date: Mon, 07 Feb 2005 15:23:09 -0500 Subject: [nycbug-talk] backup from bsd In-Reply-To: <4207CCD7.2050504@n2sw.com> Message-ID: <420787DD.4069.6B351374@localhost> On 7 Feb 2005 at 15:17, steve wrote: > One of my jobs is using Veritas to do all their backups, the issue i > have is that veritas does not play nicely with fbsd, they only client > they have (that i found) didnt compile properly, and i can not rely on > it, that it will backup as required. So does anybody know of a way i > can backup multiple servers to a windows box, (say run a bacula server > on windows (is it possible?)) and from there veritas will take it to > tape. Directly from bsd servers to tape is not an option ( i did try) > the ones in command dont want it. The Bacula server does not run on Windows (but the bacula client does). Failing that, have bacula run on a BSD box, and backup to a shared mount point on a windows box. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From rick Mon Feb 7 15:35:39 2005 From: rick (Rick Aliwalas) Date: Mon, 7 Feb 2005 15:35:39 -0500 (EST) Subject: [nycbug-talk] backup from bsd In-Reply-To: <4207CCD7.2050504@n2sw.com> References: <4207CCD7.2050504@n2sw.com> Message-ID: On Mon, 7 Feb 2005, steve wrote: > One of my jobs is using Veritas to do all their backups, the issue i have is > that veritas does not play nicely with fbsd, they only client they have (that > i found) didnt compile properly, and i can not rely on it, that it will > backup as required. So does anybody know of a way i can backup multiple > servers to a windows box, (say run a bacula server on windows (is it > possible?)) and from there veritas will take it to tape. Directly from bsd > servers to tape is not an option ( i did try) the ones in command dont want > it. You could use DUMP(8) to remotely back up the BSD machines to a file on a machine already getting backed by w/ Veritas. You could even wrapper w/ ssh. Run this on a unix box that has lots of disk and already gets dumped by Veritas: ssh -n BSDBOX /sbin/dump 0auf - / | dd of=/BIGFS/root.dmp ssh -n BSDBOX /sbin/dump 0auf - /usr | dd of=/BIGFS/usr.dmp ... Of course if you don't have a unix server that gets backed up by Veritas, then it's time to break out the cheese grater and start shaving your head. i.e. write the dump file to the local disk and move the thing to a windoze machine w/ samba or ftp... -rick From pete Mon Feb 7 16:00:24 2005 From: pete (Pete Wright) Date: Mon, 7 Feb 2005 16:00:24 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> Message-ID: <20050207210024.GA63972@finn.nomadlogic.org> On Mon, Feb 07, 2005 at 02:04:15PM -0500, Charles Sprickman wrote: > On Mon, 7 Feb 2005, Pete Wright wrote: > > >notied some improvements in loading pages....but it was still slow. > >then did what i should have done fromt he get go, ran top while loading > >pages and noticed that impad was maxing out while my INBOX was being > >loaded. i think this may have to due with my *very* cluttered INBOX. > >i'll post more info when i have it.... > > Some other quick notes once you get to the root of the problem... > > Only load up the php extensions you need; you'll save memory which may > save you from swap and speed things up. A squirrelmail-only install I run > has the following in extensions.ini: > > extension=gettext.so > extension=pcre.so > extension=session.so > extension=mysql.so > extension=zlib.so > extension=sockets.so > extension=imap.so > extension=mhash.so > > And again, if this apache process is mainly doing squirrelmail you'll get > a HUGE boost in zippiness with one of the php accelerators. Zend costs > money, but http://www.php-accelerator.co.uk is free and has been working > great for me. Very noticeable improvement in squirrelmail with the accel > loaded... > > Charles awesome thanks charles, i'll give that a try. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Mon Feb 7 16:01:34 2005 From: pete (Pete Wright) Date: Mon, 7 Feb 2005 16:01:34 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <8c50a3c305020711097811bdc4@mail.gmail.com> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> Message-ID: <20050207210134.GB63972@finn.nomadlogic.org> On Mon, Feb 07, 2005 at 02:09:11PM -0500, Marc Spitzer wrote: > On Mon, 7 Feb 2005 13:14:11 -0500, Pete Wright wrote: > > On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: > > notied some improvements in loading pages....but it was still slow. then did > > what i should have done fromt he get go, ran top while loading pages and noticed > > that impad was maxing out while my INBOX was being loaded. i think this may have > > to due with my *very* cluttered INBOX. i'll post more info when i have it.... > > If you are using a mbox(aka 1 big file) for your local inbox you will > have problems, I speak from experience here. The problem is that you > need to load and parse your inbox and due to the way UFS works if you > change anything, other than an append on the end, you will need to > write the new file then delete the old(from imapd POV) and this can > use 2x the space of the inbox and be very slow. look into maildir or > some other format if you have lots of mail and want imapd to be happy. fortunately I'm using Maildir, i made that decision a while ago...around the time i migrated away from POP. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From jonathan Mon Feb 7 17:33:27 2005 From: jonathan (Jonathan) Date: Mon, 07 Feb 2005 17:33:27 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <20050207210134.GB63972@finn.nomadlogic.org> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> <20050207210134.GB63972@finn.nomadlogic.org> Message-ID: <4207ECB7.5010808@kc8onw.net> Pete Wright wrote: > On Mon, Feb 07, 2005 at 02:09:11PM -0500, Marc Spitzer wrote: > >>On Mon, 7 Feb 2005 13:14:11 -0500, Pete Wright wrote: >> >>>On Sun, Feb 06, 2005 at 06:43:12PM -0500, csnyder wrote: >>>notied some improvements in loading pages....but it was still slow. then did >>>what i should have done fromt he get go, ran top while loading pages and noticed >>>that impad was maxing out while my INBOX was being loaded. i think this may have >>>to due with my *very* cluttered INBOX. i'll post more info when i have it.... >> >>If you are using a mbox(aka 1 big file) for your local inbox you will >>have problems, I speak from experience here. The problem is that you >>need to load and parse your inbox and due to the way UFS works if you >>change anything, other than an append on the end, you will need to >>write the new file then delete the old(from imapd POV) and this can >>use 2x the space of the inbox and be very slow. look into maildir or >>some other format if you have lots of mail and want imapd to be happy. > > > fortunately I'm using Maildir, i made that decision a while ago...around > the time i migrated away from POP. > > -p > Just a "Me Too" but I have the same problem. Courier-IMAP will max out for about 10-15 seconds before Squirrelmail even gets the data to start creating the page. This is with a Maildir folder with 11000+ messages in it. My 300 message inbox only takes about 3-4 seconds total. The numbers may be somewhat off as it's been a while since I've actually used my webmail but they should be fairly close. I do have threading enabled which I know increases the workload but even before I enabled threading it was not much faster :P If someone would like a shell account to test things I may be able to provide one, or just tell me what to do on IM. Hope I can help, Jonathan From bob Mon Feb 7 17:56:42 2005 From: bob (Bob Ippolito) Date: Mon, 7 Feb 2005 17:56:42 -0500 Subject: [nycbug-talk] Homeograph URL spoofing exploit for browsers In-Reply-To: References: <6747b23ae3841c57a37db5b0d39d59fa@redivi.com> <3b466bf24dcfc1c2acccb5f7dff417e3@redivi.com> Message-ID: <8a0c90488f8f7b1786cbb6c0edf373b7@redivi.com> On Feb 7, 2005, at 13:45, G. Rosamond wrote: > > On Feb 7, 2005, at 11:09 AM, Bob Ippolito wrote: > >> On Feb 7, 2005, at 11:04, Bob Ippolito wrote: >> >>> http://www.shmoo.com/idn/ >>> http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html >>> >>> Browsers that support IDN (unicode domain names) are easily >>> susceptible to spoofing attacks because there are many code points >>> that look the same. Their specific example uses а (CYRILLIC >>> SMALL LETTER A), which looks identical to a (LATIN SMALL LETTER >>> A) in most fonts. ShmooGroup has registered u'p\N{CYRILLIC SMALL >>> LETTER A}ypal.com' and have a browser-trusted cert for it. >> >> (that title was supposed to be homeograph -- my typing skills have >> apparently left me) >> > > This made a security list I found out about this weekend. . . a lot > cleaner than Bugtraq. It's at www.secunia.com. > > Highly recommended. > > Anyone else have any feedback on the Secunia list? > > I find Bugtraq frustrating sometimes for the side comments and banter. Well, I just heard about it today.. I coded up a Safari defense and did a blog entry about it and the development process: http://bob.pythonmac.org/archives/2005/02/07/idn-spoofing-defense-for- safari/ -bob From mspitzer Mon Feb 7 18:38:55 2005 From: mspitzer (Marc Spitzer) Date: Mon, 7 Feb 2005 18:38:55 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <4207ECB7.5010808@kc8onw.net> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> <20050207210134.GB63972@finn.nomadlogic.org> <4207ECB7.5010808@kc8onw.net> Message-ID: <8c50a3c305020715382a43d580@mail.gmail.com> On Mon, 07 Feb 2005 17:33:27 -0500, Jonathan wrote: > Just a "Me Too" but I have the same problem. Courier-IMAP will max out > for about 10-15 seconds before Squirrelmail even gets the data to start > creating the page. This is with a Maildir folder with 11000+ messages > in it. My 300 message inbox only takes about 3-4 seconds total. The > numbers may be somewhat off as it's been a while since I've actually > used my webmail but they should be fairly close. I do have threading > enabled which I know increases the workload but even before I enabled > threading it was not much faster :P If someone would like a shell > account to test things I may be able to provide one, or just tell me > what to do on IM. > > Hope I can help, > Jonathan here is a thought, if it is not turned on rebuild your kernel with DIRHASH(sp?) turned on. I think it is turned on by default. What it does is store files in a hash instead of a linked list . And this can speed up file access quite a bit for fat directories. marc From jonathan Mon Feb 7 19:58:38 2005 From: jonathan (Jonathan) Date: Mon, 07 Feb 2005 19:58:38 -0500 Subject: [nycbug-talk] httpsd In-Reply-To: <8c50a3c305020715382a43d580@mail.gmail.com> References: <20050204094915.GA11959@finn.nomadlogic.org> <20050205123208.GA16758@sixshooter.v6.thrupoint.net> <20050205195631.GA41413@finn.nomadlogic.org> <20050207181411.GK41413@finn.nomadlogic.org> <8c50a3c305020711097811bdc4@mail.gmail.com> <20050207210134.GB63972@finn.nomadlogic.org> <4207ECB7.5010808@kc8onw.net> <8c50a3c305020715382a43d580@mail.gmail.com> Message-ID: <42080EBE.1020003@kc8onw.net> Marc Spitzer wrote: > On Mon, 07 Feb 2005 17:33:27 -0500, Jonathan wrote: > > >>Just a "Me Too" but I have the same problem. Courier-IMAP will max out >>for about 10-15 seconds before Squirrelmail even gets the data to start >>creating the page. This is with a Maildir folder with 11000+ messages >>in it. My 300 message inbox only takes about 3-4 seconds total. The >>numbers may be somewhat off as it's been a while since I've actually >>used my webmail but they should be fairly close. I do have threading >>enabled which I know increases the workload but even before I enabled >>threading it was not much faster :P If someone would like a shell >>account to test things I may be able to provide one, or just tell me >>what to do on IM. >> >>Hope I can help, >>Jonathan > > > here is a thought, if it is not turned on rebuild your kernel with > DIRHASH(sp?) turned on. I think it is turned on by default. What > it does is store files in a hash instead of a linked list . And this > can speed up file access quite a bit for fat directories. > > marc DIRHASH is enable by default now so no help there :P server% grep -i dirhash /usr/src/sys/i386/conf/GENERIC options UFS_DIRHASH # Improve performance on big directories Thanks for the suggestion though, Jonathan From lists Mon Feb 7 20:14:01 2005 From: lists (lists at genoverly.net) Date: Tue, 8 Feb 2005 02:14:01 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_A_stat=2E_=2E__=2E_=2E?= Message-ID: <0MKz1m-1CyJz00U4R-0006pf@mrelay.perfora.net> On Mon, 7 Feb 2005 11:29:40 -0600 Tillman Hodgson wrote: > I put a page up at http://www.seekingfire.com/projects/tor/ that tells > me what IP I'm comign from. I use it to test the Tor stuff before > venturing out into the "wild". Other folks are welcome to use it when > testing Tor stuff as well. > > -T Very cool. We did something similar in the footer on NYCBUG.org, but it is kinda quiet. Michael From tillman Tue Feb 8 09:19:47 2005 From: tillman (Tillman Hodgson) Date: Tue, 8 Feb 2005 08:19:47 -0600 Subject: [nycbug-talk] A stat. . . . In-Reply-To: <0MKz1m-1CyJz00U4R-0006pf@mrelay.perfora.net> References: <0MKz1m-1CyJz00U4R-0006pf@mrelay.perfora.net> Message-ID: <20050208141947.GM9678@seekingfire.com> On Tue, Feb 08, 2005 at 02:14:01AM +0100, lists at genoverly.net wrote: > > On Mon, 7 Feb 2005 11:29:40 -0600 > Tillman Hodgson wrote: > > > I put a page up at http://www.seekingfire.com/projects/tor/ that tells > > me what IP I'm comign from. I use it to test the Tor stuff before > > venturing out into the "wild". Other folks are welcome to use it when > > testing Tor stuff as well. > > Very cool. We did something similar in the footer on NYCBUG.org, but it > is kinda quiet. Oh, hey, I didn't notice that. Nice. I suppose that next I'll have to look into changing my agent string. -T -- "Money is truthful. If a man speaks of his honor, make him pay cash." -- Robert Heinlein From lists Tue Feb 8 17:21:50 2005 From: lists (michael) Date: Tue, 8 Feb 2005 17:21:50 -0500 Subject: [nycbug-talk] benchmark OS perf Message-ID: <20050208172150.1fd288eb@delinux.abwatley.com> I know this is just chum in the water for you sharks.. but still an interesting article. http://software.newsforge.com/software/04/12/27/1238216.shtml?tid=72&tid=29 Using MySQL to benchmark OS performance The following operating systems were used for the comparison testing: * FreeBSD 4.11 * FreeBSD 5.3 * NetBSD 2.0 * Linux 2.6 * Linux 2.4 * Solaris 10 x86 (build 69) * OpenBSD 3.6 Conclusion: After having performed all of the tests and compiled the results, there were quite a few surprises that I think will challenge a few tightly-held assumptions in regards to which operating systems are fast and which aren't. In the next article, I'll present the results for all six operating systems. -- --- From alex Tue Feb 8 17:25:56 2005 From: alex (alex at pilosoft.com) Date: Tue, 8 Feb 2005 17:25:56 -0500 (EST) Subject: [nycbug-talk] benchmark OS perf In-Reply-To: <20050208172150.1fd288eb@delinux.abwatley.com> Message-ID: On Tue, 8 Feb 2005, michael wrote: > I know this is just chum in the water for you sharks.. but still an > interesting article. Just another test made by a clueless person. One doesn't test performance of an OS by compiling and running a certain package. You get "how well does mysql run on this OS" (article body says that, article header does not). Author has no idea what 'cold cache' and 'hot cache' is. Nowhere he says whether he rebooted *just before* running the benchmark itself. Since he doesn't say that, the results are useless - you can't compare benchmarks with hot cache with cold cache. From lists Tue Feb 8 17:58:09 2005 From: lists (Hans Zaunere) Date: Tue, 8 Feb 2005 17:58:09 -0500 Subject: [nycbug-talk] benchmark OS perf In-Reply-To: Message-ID: <20050208225816.D09ADA862F@virtu.nyphp.org> > > I know this is just chum in the water for you sharks.. but still an > > interesting article. > Just another test made by a clueless person. > > One doesn't test performance of an OS by compiling and running a certain > package. You get "how well does mysql run on this OS" (article body says > that, article header does not). Agreed - the article's heading is a bit superfluous. > Author has no idea what 'cold cache' and 'hot cache' is. Nowhere he says > whether he rebooted *just before* running the benchmark itself. Since he > doesn't say that, the results are useless - you can't compare benchmarks > with hot cache with cold cache. True, and it's a little bogus that we have to wait for the actual results. Seems like it'll generate more ad revenue for newsforge, though. That said, PeterZ is good stuff, and I'll bet he guided this guy well. This article does raise a major point, though, and that's threading under FreeBSD, and the BSD's in general. Speaking specifically to FreeBSD, it's hard to get it be a creditable OS for databases when all you can say is "well, pick a thread library; most should work about the same" After talking with a FreeBSD core developer, they are working on this for 5.3. And, in fact, the thread project itself uses MySQL to test their thread library (not the the whole OS) for performance, leaks, etc. So, the future is bright... H From okan Wed Feb 9 09:42:35 2005 From: okan (Okan Demirmen) Date: Wed, 9 Feb 2005 09:42:35 -0500 Subject: [nycbug-talk] benchmark OS perf In-Reply-To: <20050208172150.1fd288eb@delinux.abwatley.com> References: <20050208172150.1fd288eb@delinux.abwatley.com> Message-ID: <20050209144235.GA33011@yinaska.pair.com> On Tue 2005.02.08 at 17:21 -0500, michael wrote: > http://software.newsforge.com/software/04/12/27/1238216.shtml?tid=72&tid=29 I will refrain from commenting too much on this, to stay professional here. However, (I shouldn't).... -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From okan Wed Feb 9 10:15:54 2005 From: okan (Okan Demirmen) Date: Wed, 9 Feb 2005 10:15:54 -0500 Subject: [nycbug-talk] benchmark OS perf In-Reply-To: <20050208172150.1fd288eb@delinux.abwatley.com> References: <20050208172150.1fd288eb@delinux.abwatley.com> Message-ID: <20050209151554.GA42148@yinaska.pair.com> On Tue 2005.02.08 at 17:21 -0500, michael wrote: > In the next article, I'll present the results for all > six operating systems. http://software.newsforge.com/software/04/12/27/1243207.shtml?tid=72&tid=29 results -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From megan.restuccia Wed Feb 9 12:49:44 2005 From: megan.restuccia (Megan Restuccia) Date: Wed, 9 Feb 2005 12:49:44 -0500 Subject: [nycbug-talk] [Fwd: Know Anyone?] Message-ID: <20050209174944.JREV15978.out012.verizon.net@outgoing.verizon.net> This is a recruiter, but I have known hime for about 5 years and has helped place several friends - good guy. Anyone interested? Let me know. Megan > I wanted to touch base because we just received a new job for a Solaris > Systems Administration consultant (6 months) with a financial company > in Parsippany NJ. If you know anyone feel free to pass my contact > information on to them. > > Tony > From swygue Wed Feb 9 15:27:47 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 15:27:47 -0500 Subject: [nycbug-talk] pkg_add Message-ID: How do I change pkg_add temp directory? I tried this, # env PKG_TMDIR=/"directory I want". This did not help, I read the manpage and it mention something about template, I do not know what to do. Thanks -- I need a job.. --------------------------------------- From rick Wed Feb 9 15:37:40 2005 From: rick (Rick Aliwalas) Date: Wed, 9 Feb 2005 15:37:40 -0500 (EST) Subject: [nycbug-talk] pkg_add In-Reply-To: References: Message-ID: On Wed, 9 Feb 2005, swygue wrote: > How do I change pkg_add temp directory? I tried this, # env > PKG_TMDIR=/"directory I want". This did not help, I read the manpage > and it mention something about template, I do not know what to do. What O/S? What shell? Your syntax ain't right for bourne/korn/bash : # env PKG_TMDIR=/"directory I want" you may want to try # PKG_TMDIR="/directory I want" and verify w/ # echo $PKG_TMDIR -rick > I need a job.. From jpb Wed Feb 9 10:41:15 2005 From: jpb (Jim Brown) Date: Wed, 9 Feb 2005 15:41:15 +0000 Subject: [nycbug-talk] pkg_add In-Reply-To: References: Message-ID: <20050209154115.GA32521@sixshooter.v6.thrupoint.net> * swygue [2005-02-09 15:28]: > How do I change pkg_add temp directory? I tried this, # env > PKG_TMDIR=/"directory I want". This did not help, I read the manpage > and it mention something about template, I do not know what to do. Looks like you are using a /bin/sh shell or derivative. Try: PKG_TMPDIR=/foo_dir export PKG_TMPDIR pkg_add foo_pkg.tgz Directory /foo_dir must have adequate space, or it won't be used. Best Regards, Jim B. From ike Wed Feb 9 15:55:06 2005 From: ike (Isaac Levy) Date: Wed, 9 Feb 2005 15:55:06 -0500 Subject: [nycbug-talk] Fun PPC news Message-ID: <1ce2b70b715d883d963982e51a5d8364@lesmuug.org> Hi All, This one made me think 'wow, this insanely cool, when will I have one in my hands'! ArsTechnica article, diving into a new PPC multi-core IBM/Sony/Toshiba Cell Processor: (yummy) http://tinyurl.com/6ft3o -or- http://arstechnica.com/articles/paedia/cpu/cell-1.ars Official IBM Press Release sphiel: http://tinyurl.com/5y2kh -or- http://www-1.ibm.com/press/PressServletForm.wss? MenuChoice=pressreleases&TemplateName=ShowPressReleaseTemplate&SelectStr ing=t1.docunid=7502&TableName=DataheadApplicationClass&SESSIONKEY=any&Wi ndowTitle=Press+Release&STATUS=publish Rocket- .ike From mspitzer Wed Feb 9 16:04:25 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 16:04:25 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: <20050209154115.GA32521@sixshooter.v6.thrupoint.net> References: <20050209154115.GA32521@sixshooter.v6.thrupoint.net> Message-ID: <8c50a3c305020913043f374405@mail.gmail.com> If this is netbsd then "man pkg_add", here are the key bits; PKG_TMPDIR Staging directory for installing packages, defaults to /var/tmp. Set to directory with lots of free disk if you run out of space when installing a binary package. now before that in the options/switches section; -t template Use template as the input to mktemp(3) when creating a ``staging area.'' By default, this is the string /var/tmp/instmp.XXXXXX, but it may be necessary to override it in the situation where space in your /var/tmp directory is limited. Be sure to leave some number of `X' characters for mktemp(3) to fill in with a unique ID. You can get a performance boost by setting the staging area template to reside on the same disk partition as target directo- ries for package file installation; often this is /usr. freebsd 5.3 is similar in content, reading the fine manual is useful. marc From pete Wed Feb 9 16:08:45 2005 From: pete (Pete Wright) Date: Wed, 9 Feb 2005 16:08:45 -0500 Subject: [nycbug-talk] Fun PPC news In-Reply-To: <1ce2b70b715d883d963982e51a5d8364@lesmuug.org> References: <1ce2b70b715d883d963982e51a5d8364@lesmuug.org> Message-ID: <20050209210845.GA76608@finn.nomadlogic.org> On Wed, Feb 09, 2005 at 03:55:06PM -0500, Isaac Levy wrote: > Hi All, > > This one made me think 'wow, this insanely cool, when will I have one > in my hands'! yea i saw that, looks pretty awesome. too bad sony doesn't give me any discounts on playstations or anything fun like that... -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From swygue Wed Feb 9 17:00:02 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 17:00:02 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD Message-ID: Has anyone installed and run Vmware succesfully, there seems to be a problem with 001.vmware.sh. Here is the output: $ ./001.vmware.sh start [: -eq: unexpected operator I checked various mailing, the problem is mention but no fix. One person suggest that line 26 is null and maybe this as something to do with it. Anyone with vmware3-3.2.1.2242_10,1 running and can verify this for me. Thanks Snip // l24:vmware=`vmware_config vmware.fullpath` 25:vmware_libdir=`vmware_config libdir` 26:networking= 27:dev_vmnet1=/dev/vmnet1 28:vmnet1_minor=0x00800001 <------- -- I need a job, really! --------------------------------------- From pete Wed Feb 9 17:43:13 2005 From: pete (Pete Wright) Date: Wed, 9 Feb 2005 17:43:13 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD In-Reply-To: References: Message-ID: <20050209224313.GA77004@finn.nomadlogic.org> On Wed, Feb 09, 2005 at 05:00:02PM -0500, swygue wrote: > Has anyone installed and run Vmware succesfully, there seems to be a > problem with 001.vmware.sh. Here is the output: > > $ ./001.vmware.sh start > [: -eq: unexpected operator > looks like a bug in the shell script 001.vmware.sh...i would read through that code and look for where the -eq operator is being misused. maybe if the script is not too long i would post the script here...or email a link to where we can take a look at it. > I checked various mailing, the problem is mention but no fix. One > person suggest that line 26 is null and maybe this as something to do > with it. Anyone with vmware3-3.2.1.2242_10,1 running and can verify > this for me. > i have had it working on 4.x > > Snip // > l24:vmware=`vmware_config vmware.fullpath` > 25:vmware_libdir=`vmware_config libdir` > 26:networking= > 27:dev_vmnet1=/dev/vmnet1 > 28:vmnet1_minor=0x00800001 > > <------- > where is the from...the startup script? -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From swygue Wed Feb 9 20:32:46 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 20:32:46 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: <20050209224709.3FA24A87B6@virtu.nyphp.org> References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: > ---------- Forwarded message ---------- > From: Marc Spitzer > To: talk at lists.nycbug.org > Date: Wed, 9 Feb 2005 16:04:25 -0500 > Subject: Re: [nycbug-talk] pkg_add > If this is netbsd then "man pkg_add", here are the key bits; > > PKG_TMPDIR Staging directory for installing packages, defaults to > /var/tmp. Set to directory with lots of free disk if you run > out of space when installing a binary package. > > now before that in the options/switches section; > > -t template > Use template as the input to mktemp(3) when creating a ``staging > area.'' By default, this is the string /var/tmp/instmp.XXXXXX, > but it may be necessary to override it in the situation where > space in your /var/tmp directory is limited. Be sure to leave > some number of `X' characters for mktemp(3) to fill in with a > unique ID. > > You can get a performance boost by setting the staging area > template to reside on the same disk partition as target directo- > ries for package file installation; often this is /usr. > > freebsd 5.3 is similar in content, reading the fine manual is useful. > > marc I read the manual, but don't understand what I should do. From mspitzer Wed Feb 9 20:35:04 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 20:35:04 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: <8c50a3c3050209173534bd2d0e@mail.gmail.com> On Wed, 9 Feb 2005 20:32:46 -0500, swygue wrote: > > ---------- Forwarded message ---------- > > From: Marc Spitzer > > To: talk at lists.nycbug.org > > Date: Wed, 9 Feb 2005 16:04:25 -0500 > > Subject: Re: [nycbug-talk] pkg_add > > If this is netbsd then "man pkg_add", here are the key bits; > > > > PKG_TMPDIR Staging directory for installing packages, defaults to > > /var/tmp. Set to directory with lots of free disk if you run > > out of space when installing a binary package. > > > > now before that in the options/switches section; > > > > -t template > > Use template as the input to mktemp(3) when creating a ``staging > > area.'' By default, this is the string /var/tmp/instmp.XXXXXX, > > but it may be necessary to override it in the situation where > > space in your /var/tmp directory is limited. Be sure to leave > > some number of `X' characters for mktemp(3) to fill in with a > > unique ID. > > > > You can get a performance boost by setting the staging area > > template to reside on the same disk partition as target directo- > > ries for package file installation; often this is /usr. > > > > freebsd 5.3 is similar in content, reading the fine manual is useful. > > > > marc > > I read the manual, but don't understand what I should do. > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From swygue Wed Feb 9 20:46:59 2005 From: swygue (swygue) Date: Wed, 9 Feb 2005 20:46:59 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD In-Reply-To: <20050209224709.3FA24A87B6@virtu.nyphp.org> References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: > > Has anyone installed and run Vmware succesfully, there seems to be a > > problem with 001.vmware.sh. Here is the output: > > > > $ ./001.vmware.sh start > > [: -eq: unexpected operator > > > > looks like a bug in the shell script 001.vmware.sh...i would read through > that code and look for where the -eq operator is being misused. maybe if > the script is not too long i would post the script here...or email a link > to where we can take a look at it. You can see it here: http://www.beldance.com/kenny/ The script is from vmware3 installation, it is located in /usr/local/etc/rc.d/. From mspitzer Wed Feb 9 20:58:02 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 20:58:02 -0500 Subject: [nycbug-talk] pkg_add In-Reply-To: References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: <8c50a3c305020917584b821c90@mail.gmail.com> > > PKG_TMPDIR Staging directory for installing packages, defaults to > > /var/tmp. Set to directory with lots of free disk if you run > > out of space when installing a binary package. > > > > now before that in the options/switches section; > > > > -t template > > Use template as the input to mktemp(3) when creating a ``staging > > area.'' By default, this is the string /var/tmp/instmp.XXXXXX, > > but it may be necessary to override it in the situation where > > space in your /var/tmp directory is limited. Be sure to leave > > some number of `X' characters for mktemp(3) to fill in with a > > unique ID. > > > > You can get a performance boost by setting the staging area > > template to reside on the same disk partition as target directo- > > ries for package file installation; often this is /usr. > > > > freebsd 5.3 is similar in content, reading the fine manual is useful. > > > > marc > > I read the manual, but don't understand what I should do. did you read the man page for mktemp(3) ? it explains what is going on fo temp file/directory creation. What you need to do is set the env var to a string that represents a directory followed by a filename followed by a dot followed by a bunch of 'X's to say put random stuff here. marc From mspitzer Wed Feb 9 21:08:42 2005 From: mspitzer (Marc Spitzer) Date: Wed, 9 Feb 2005 21:08:42 -0500 Subject: [nycbug-talk] vmware3 and FreeBSD In-Reply-To: References: <20050209224709.3FA24A87B6@virtu.nyphp.org> Message-ID: <8c50a3c3050209180852abd56c@mail.gmail.com> On Wed, 9 Feb 2005 20:46:59 -0500, swygue wrote: > > > Has anyone installed and run Vmware succesfully, there seems to be a > > > problem with 001.vmware.sh. Here is the output: > > > > > > $ ./001.vmware.sh start > > > [: -eq: unexpected operator > > > > > > > looks like a bug in the shell script 001.vmware.sh...i would read through > > that code and look for where the -eq operator is being misused. maybe if > > the script is not too long i would post the script here...or email a link > > to where we can take a look at it. > > You can see it here: > http://www.beldance.com/kenny/ I looked at it and there is definatly a bug in the script, now my question to you is why/what is the bug and how could you fix it. It would be a good idea to write a short 5-10 line script that has the same behavior. Then post it on to the list and then we can point out how you did it wrong until you do it correctly. Then you will have learned something instead of punting. get your fishing pole and go to work. marc > > The script is from vmware3 installation, it is located in > /usr/local/etc/rc.d/. > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From pete Thu Feb 10 15:35:43 2005 From: pete (Pete Wright) Date: Thu, 10 Feb 2005 15:35:43 -0500 Subject: [nycbug-talk] BSDCAN BUG BOF Message-ID: <20050210203543.GA24609@finn.nomadlogic.org> so what do you all think about having a UserGroup BOF during BSDCAN...unless one is already planned in which case i'm already there ;) -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From mikel.king Thu Feb 10 22:15:00 2005 From: mikel.king (mikel king) Date: Thu, 10 Feb 2005 22:15:00 -0500 Subject: [nycbug-talk] interesting article.... Message-ID: <420C2334.2040607@ocsny.com> http://software.newsforge.com/software/04/12/27/1238216.shtml?tid=72&tid=29 -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org http://www.MySql.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. +------------------------------------------+ From swygue Fri Feb 11 11:37:48 2005 From: swygue (swygue) Date: Fri, 11 Feb 2005 11:37:48 -0500 Subject: [nycbug-talk] Streaming, Webcasting Hosting Provider Message-ID: Anyone know of dedicated server hosting providers in NYC that can withstand the bandwidth of Streaming music and Webcasting ? Or Anyone using a dedicated server hosting provider that they would recommend ? Does not matter where they are located. Oh, yeah! I prefer BSD. -- swygue how to become a guru ? --------------------------------------- From pete Fri Feb 11 13:35:58 2005 From: pete (pete wright) Date: Fri, 11 Feb 2005 10:35:58 -0800 Subject: [nycbug-talk] Streaming, Webcasting Hosting Provider In-Reply-To: References: Message-ID: <76507b1892527b3c320c72845160dee7@nomadlogic.org> On Feb 11, 2005, at 8:37 AM, swygue wrote: > Anyone know of dedicated server hosting providers in NYC that can > withstand the bandwidth of Streaming music and Webcasting ? > are ya interested in co-lo or having them provide the gear? also how much bandwidth are you predicting you will use? personally i'd co-locate, especially if you are concerned about traffic...if you are expecting alot of traffic it may be worth looking at internap or one of the larger facilities in the city (i'm sure we all have opinions on which ones we prefer in nyc ;) -p ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From george Fri Feb 11 19:05:21 2005 From: george (G. Rosamond) Date: Fri, 11 Feb 2005 19:05:21 -0500 Subject: [nycbug-talk] a funny site. . . Message-ID: <831813ce40c4428ddfb9d5bdd983e656@sddi.net> from a link off Slashdot. . . this might be the funniest site I've ever seen. . . make sure you scroll down. http://objective.jesussave.us/propaganda.html From marco Fri Feb 11 20:01:59 2005 From: marco (marco at metm.org) Date: Fri, 11 Feb 2005 20:01:59 -0500 Subject: [nycbug-talk] a funny site. . . In-Reply-To: <831813ce40c4428ddfb9d5bdd983e656@sddi.net> References: <831813ce40c4428ddfb9d5bdd983e656@sddi.net> Message-ID: <20050212010159.GE16230@metm.org> On Fri, Feb 11, 2005 at 07:05:21PM -0500, G. Rosamond wrote: >from a link off Slashdot. . . this might be the funniest site I've ever >seen. . . make sure you scroll down. > >http://objective.jesussave.us/propaganda.html Sounds so much like a hoax that it is hard to believe it is real... -- Marco From dlavigne6 Sun Feb 13 17:44:46 2005 From: dlavigne6 (Dru) Date: Sun, 13 Feb 2005 17:44:46 -0500 (EST) Subject: [nycbug-talk] mac os termcap question Message-ID: <20050213174321.O571@dru.domain.org> Any of the Mac OS X users know the solution for this one: "Also one thing that would make my life a modicum eaiser, the default setting odd OS X terminal is xterm-color. When i try to run screen on some system (donno about ours) it whines about no termcap entry. Could you possibly check to see if this is configged right?" TIA, Dru From bob Sun Feb 13 18:32:29 2005 From: bob (Bob Ippolito) Date: Sun, 13 Feb 2005 18:32:29 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <20050213174321.O571@dru.domain.org> References: <20050213174321.O571@dru.domain.org> Message-ID: <5d815dbecc65aea6509b265be848557b@redivi.com> On Feb 13, 2005, at 17:44, Dru wrote: > Any of the Mac OS X users know the solution for this one: > > "Also one thing that would make my life a modicum eaiser, the default > setting odd OS X terminal is xterm-color. When i try to run screen on > some system (donno about ours) it whines about no termcap entry. Could > you possibly > check to see if this is configged right?" > In Terminal, go to Preferences. Click on the Declare terminal type ($TERM) pop-up menu to change to vt100 (or whatever). -bob From steve.rieger Mon Feb 14 10:06:58 2005 From: steve.rieger (steve rieger) Date: Mon, 14 Feb 2005 10:06:58 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <5d815dbecc65aea6509b265be848557b@redivi.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> Message-ID: <4210BE92.30200@tbwachiat.com> if you keep it on xterm-colour you also might have vi issues, (although this does not afect vim) as stated change it to vt100 works for me no problem Bob Ippolito wrote: > > On Feb 13, 2005, at 17:44, Dru wrote: > >> Any of the Mac OS X users know the solution for this one: >> >> "Also one thing that would make my life a modicum eaiser, the default >> setting odd OS X terminal is xterm-color. When i try to run screen on >> some system (donno about ours) it whines about no termcap entry. Could >> you possibly >> check to see if this is configged right?" >> > > In Terminal, go to Preferences. Click on the Declare terminal type > ($TERM) pop-up menu to change to vt100 (or whatever). > > -bob > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > > -- -- Steve Rieger TBWA/Chiat/Day 212-804-1131 (office) 646-335-8915 (cell) From bob Mon Feb 14 10:33:50 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 10:33:50 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <4210BE92.30200@tbwachiat.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> Message-ID: On Feb 14, 2005, at 10:06 AM, steve rieger wrote: > Bob Ippolito wrote: >> On Feb 13, 2005, at 17:44, Dru wrote: >>> Any of the Mac OS X users know the solution for this one: >>> >>> "Also one thing that would make my life a modicum eaiser, the >>> default setting odd OS X terminal is xterm-color. When i try to run >>> screen on some system (donno about ours) it whines about no termcap >>> entry. Could you possibly >>> check to see if this is configged right?" >>> >> In Terminal, go to Preferences. Click on the Declare terminal type >> ($TERM) pop-up menu to change to vt100 (or whatever). > > if you keep it on xterm-colour you also might have vi issues, > (although this does not afect vim) > > as stated change it to vt100 works for me no problem It's a trade-off, of course. ls -G won't be colored if you are using vt100. -bob From steve.rieger Mon Feb 14 10:39:01 2005 From: steve.rieger (steve rieger) Date: Mon, 14 Feb 2005 10:39:01 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> Message-ID: <4210C615.8060206@tbwachiat.com> an assuming that we are using a black background with green text, most colours will make it harder to see Bob Ippolito wrote: > On Feb 14, 2005, at 10:06 AM, steve rieger wrote: > >> Bob Ippolito wrote: >> >>> In Terminal, go to Preferences. Click on the Declare terminal type >>> ($TERM) pop-up menu to change to vt100 (or whatever). >> >> >> if you keep it on xterm-colour you also might have vi issues, >> (although this does not afect vim) >> >> as stated change it to vt100 works for me no problem > > > It's a trade-off, of course. ls -G won't be colored if you are using > vt100. > > -bob > > > > -- -- Steve Rieger TBWA/Chiat/Day 212-804-1131 (office) 646-335-8915 (cell) From steve.rieger Mon Feb 14 10:54:13 2005 From: steve.rieger (steve rieger) Date: Mon, 14 Feb 2005 10:54:13 -0500 Subject: [nycbug-talk] /etc/hosts Message-ID: <4210C9A5.7090900@tbwachiat.com> hi all, is there a difference between these two and if so can you elaborate cat /etc/hosts 192.10.20.25 yoyo.mama.com yoyo cat /etc/hosts 192.10.20.25 yoyo yoyo.mama.com -- -- Steve Rieger TBWA/Chiat/Day 212-804-1131 (office) 646-335-8915 (cell) From bob Mon Feb 14 10:59:33 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 10:59:33 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <4210C615.8060206@tbwachiat.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> Message-ID: <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> On Feb 14, 2005, at 10:39 AM, steve rieger wrote: > Bob Ippolito wrote: >> On Feb 14, 2005, at 10:06 AM, steve rieger wrote: >>> Bob Ippolito wrote: >>> >>>> In Terminal, go to Preferences. Click on the Declare terminal type >>>> ($TERM) pop-up menu to change to vt100 (or whatever). >>> >>> >>> if you keep it on xterm-colour you also might have vi issues, >>> (although this does not afect vim) >>> >>> as stated change it to vt100 works for me no problem >> It's a trade-off, of course. ls -G won't be colored if you are using >> vt100. > > an assuming that we are using a black background with green text, most > colours will make it harder to see Uh, I guess, but not using colors makes it harder to distinguish between types of files. I use gray on black. -bob From jpb Mon Feb 14 06:03:27 2005 From: jpb (Jim Brown) Date: Mon, 14 Feb 2005 11:03:27 +0000 Subject: [nycbug-talk] /etc/hosts In-Reply-To: <4210C9A5.7090900@tbwachiat.com> References: <4210C9A5.7090900@tbwachiat.com> Message-ID: <20050214110327.GA42005@sixshooter.v6.thrupoint.net> * steve rieger [2005-02-14 10:54]: > hi all, > > > is there a difference between these two and if so can you elaborate > > > > > cat /etc/hosts > 192.10.20.25 yoyo.mama.com yoyo > > > > cat /etc/hosts > 192.10.20.25 yoyo yoyo.mama.com > -- > -- The fully qualified domain name should come first. Aliases come after that. The first entry is correct. Best Regards, Jim B. From mspitzer Mon Feb 14 11:23:56 2005 From: mspitzer (Marc Spitzer) Date: Mon, 14 Feb 2005 11:23:56 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> Message-ID: <8c50a3c305021408232f87a9e1@mail.gmail.com> On Mon, 14 Feb 2005 10:59:33 -0500, Bob Ippolito wrote: > > On Feb 14, 2005, at 10:39 AM, steve rieger wrote: > > > Bob Ippolito wrote: > >> On Feb 14, 2005, at 10:06 AM, steve rieger wrote: > >>> Bob Ippolito wrote: > >>> > >>>> In Terminal, go to Preferences. Click on the Declare terminal type > >>>> ($TERM) pop-up menu to change to vt100 (or whatever). > >>> > >>> > >>> if you keep it on xterm-colour you also might have vi issues, > >>> (although this does not afect vim) > >>> > >>> as stated change it to vt100 works for me no problem > >> It's a trade-off, of course. ls -G won't be colored if you are using > >> vt100. > > > > an assuming that we are using a black background with green text, most > > colours will make it harder to see > > Uh, I guess, but not using colors makes it harder to distinguish > between types of files. I use gray on black. personally I hate color coding, why bother when you have 'ls -F' anyway and it is portable anywhere. marc > > -bob > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From bob Mon Feb 14 12:15:57 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 12:15:57 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <8c50a3c305021408232f87a9e1@mail.gmail.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> Message-ID: On Feb 14, 2005, at 11:23 AM, Marc Spitzer wrote: > On Mon, 14 Feb 2005 10:59:33 -0500, Bob Ippolito > wrote: >> >> On Feb 14, 2005, at 10:39 AM, steve rieger wrote: >> >>> Bob Ippolito wrote: >>>> On Feb 14, 2005, at 10:06 AM, steve rieger wrote: >>>>> Bob Ippolito wrote: >>>>> >>>>>> In Terminal, go to Preferences. Click on the Declare terminal type >>>>>> ($TERM) pop-up menu to change to vt100 (or whatever). >>>>> >>>>> >>>>> if you keep it on xterm-colour you also might have vi issues, >>>>> (although this does not afect vim) >>>>> >>>>> as stated change it to vt100 works for me no problem >>>> It's a trade-off, of course. ls -G won't be colored if you are >>>> using >>>> vt100. >>> >>> an assuming that we are using a black background with green text, >>> most >>> colours will make it harder to see >> >> Uh, I guess, but not using colors makes it harder to distinguish >> between types of files. I use gray on black. > > personally I hate color coding, why bother when you have 'ls -F' > anyway and it is portable anywhere. For the same reason most (sane) software developers use syntax highlighting. You either like it or you don't, but it provides a "low-bandwidth" way to categorize tokens and can measurably enhance productivity. I personally use "/bin/ls -G -F -h" on Mac OS X as my alias for ls. Colored ls -G output also provides more information than ls -F alone. It distinguishes a+w directories, for example. Fortunately I don't use any platforms that have issues with colored terminals, though on some platforms like Linux I use a slightly different alias to accomplish the same thing. -bob From mspitzer Mon Feb 14 13:00:45 2005 From: mspitzer (Marc Spitzer) Date: Mon, 14 Feb 2005 13:00:45 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> Message-ID: <8c50a3c3050214100053b8c447@mail.gmail.com> On Mon, 14 Feb 2005 12:15:57 -0500, Bob Ippolito wrote: > > On Feb 14, 2005, at 11:23 AM, Marc Spitzer wrote: > > > personally I hate color coding, why bother when you have 'ls -F' > > anyway and it is portable anywhere. > > For the same reason most (sane) software developers use syntax > highlighting. You either like it or you don't, but it provides a > "low-bandwidth" way to categorize tokens and can measurably enhance > productivity. I do use it for coding and have learned not to trust it as much as I did, weird thing in emacs where the code was right but the regex got confused. > > I personally use "/bin/ls -G -F -h" on Mac OS X as my alias for ls. > Colored ls -G output also provides more information than ls -F alone. > It distinguishes a+w directories, for example. Fortunately I don't use > any platforms that have issues with colored terminals, though on some > platforms like Linux I use a slightly different alias to accomplish the > same thing. each to his own and your eyes must be better then mine. some of the colors that have come up when I have played with color coding just did not read well against a given background, yellow letters on white or dark blue on black for example. another thing that I just do not like about it is that the same color can mean different things, a directory here a socket there etc. and when working on a strange box I do not want help breaking things. marc From bob Mon Feb 14 13:07:24 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 13:07:24 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <8c50a3c3050214100053b8c447@mail.gmail.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> <8c50a3c3050214100053b8c447@mail.gmail.com> Message-ID: <1cc8be1fb1a95faeb8633741f65b7e79@redivi.com> On Feb 14, 2005, at 1:00 PM, Marc Spitzer wrote: > On Mon, 14 Feb 2005 12:15:57 -0500, Bob Ippolito > wrote: >> >> On Feb 14, 2005, at 11:23 AM, Marc Spitzer wrote: >> >>> personally I hate color coding, why bother when you have 'ls -F' >>> anyway and it is portable anywhere. >> >> For the same reason most (sane) software developers use syntax >> highlighting. You either like it or you don't, but it provides a >> "low-bandwidth" way to categorize tokens and can measurably enhance >> productivity. > > I do use it for coding and have learned not to trust it as much as > I did, weird thing in emacs where the code was right but the regex > got confused. The correctness of syntax highlighting is definitely inversely proportional to the complexity of the syntax it is highlighting :) Let me guess, Perl? -bob From mikel.king Mon Feb 14 13:32:59 2005 From: mikel.king (Mikel King) Date: Mon, 14 Feb 2005 13:32:59 -0500 Subject: [nycbug-talk] goBSD Message-ID: <4210EEDB.5070401@ocsny.com> Stumbled across this article... http://www.grabageek.net/modules/news/article.php?storyid=127 The goals of GoBSD are: # Manage stable DragonFly releases We want to free DragonFly developers from the burden of worrying about release scheduling and stabilization so they can focus only on continuing development. We feel that the efforts of the core developers will be best spent when focused on the enhancement of the system, resulting in faster development and quicker adoption of new techniques. We also believe that users of all types can benefit from the use of DragonFly, so we are working to make releases that are thoroughly tested and easy to use. more info @ http://gobsd.com/ -- Cheers, Mikel King Optimized Computer Solutions, INC 39 West Fourteenth Street Second Floor New York, NY 10011 http://www.ocsny.com +------------------------------------------+ You may like them. You will see. You may like them in a tree. http://www.FreeBSD.org http://www.OpenOffice.org http://www.Mozilla.org +------------------------------------------+ How do you spell cooperation? Pessimists use each other, but optimists help each other. Collaboration feeds your spirit, while competition only stokes your ego. You'll find the best way to get along. +------------------------------------------+ -------------- next part -------------- A non-text attachment was scrubbed... Name: mikel.king.vcf Type: text/x-vcard Size: 353 bytes Desc: not available Url : http://lists.nycbug.org/pipermail/talk/attachments/20050214/adc8c11a/attachment.vcf From mspitzer Mon Feb 14 13:44:33 2005 From: mspitzer (Marc Spitzer) Date: Mon, 14 Feb 2005 13:44:33 -0500 Subject: [nycbug-talk] mac os termcap question In-Reply-To: <1cc8be1fb1a95faeb8633741f65b7e79@redivi.com> References: <20050213174321.O571@dru.domain.org> <5d815dbecc65aea6509b265be848557b@redivi.com> <4210BE92.30200@tbwachiat.com> <4210C615.8060206@tbwachiat.com> <950245b91ccaa7274cedf9e43b6b1eb7@redivi.com> <8c50a3c305021408232f87a9e1@mail.gmail.com> <8c50a3c3050214100053b8c447@mail.gmail.com> <1cc8be1fb1a95faeb8633741f65b7e79@redivi.com> Message-ID: <8c50a3c3050214104466ed2cce@mail.gmail.com> On Mon, 14 Feb 2005 13:07:24 -0500, Bob Ippolito wrote: > > The correctness of syntax highlighting is definitely inversely > proportional to the complexity of the syntax it is highlighting :) Let > me guess, Perl? it was tcl and it was not even code. very complex string that confused/overloaded the "this is a string" regex. and then my editor was on lsd, lots of colors and no connection to reality. marc From pete Mon Feb 14 15:17:45 2005 From: pete (Pete Wright) Date: Mon, 14 Feb 2005 15:17:45 -0500 Subject: [nycbug-talk] SCALE 05 Review Message-ID: <20050214201745.GA70232@finn.nomadlogic.org> hey all, i've written up a piece about SCALE 05 that went down this weekend. check it out here: www.nomadlogic.org/~pete/scale.html -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Mon Feb 14 15:27:25 2005 From: george (G. Rosamond) Date: Mon, 14 Feb 2005 15:27:25 -0500 Subject: [nycbug-talk] SCALE 05 Review In-Reply-To: <20050214201745.GA70232@finn.nomadlogic.org> References: <20050214201745.GA70232@finn.nomadlogic.org> Message-ID: <980c0cdb62c849f6292291c46e0221ab@sddi.net> On Feb 14, 2005, at 3:17 PM, Pete Wright wrote: > hey all, i've written up a piece about SCALE 05 > that went down this weekend. check it out here: > > www.nomadlogic.org/~pete/scale.html > Nice Pete. . . it's a great piece that gives a good sense of the event. . . It's even better that he still says he's in NYCBUG. . . George From pete Mon Feb 14 16:11:52 2005 From: pete (pete wright) Date: Mon, 14 Feb 2005 13:11:52 -0800 Subject: [nycbug-talk] SCALE 05 Review In-Reply-To: <980c0cdb62c849f6292291c46e0221ab@sddi.net> References: <20050214201745.GA70232@finn.nomadlogic.org> <980c0cdb62c849f6292291c46e0221ab@sddi.net> Message-ID: On Feb 14, 2005, at 12:27 PM, G. Rosamond wrote: > > On Feb 14, 2005, at 3:17 PM, Pete Wright wrote: > >> hey all, i've written up a piece about SCALE 05 >> that went down this weekend. check it out here: >> >> www.nomadlogic.org/~pete/scale.html >> > > Nice Pete. . . it's a great piece that gives a good sense of the > event. . . > thanks...i hope to have some pics up soon. there was another guy there taking pictures so i'll keep you all posted. > It's even better that he still says he's in NYCBUG. . . > well shoot, at the least it's easier to type nycbug than bsdusersofsocal ;) quick question to the list, i've been unable to send any emails to bsdnews.org (*not* chris's bsdnews.com site) to try to get this posted. does anyone know who is behind the site all emails to them are bouncing. -pete > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From pete Mon Feb 14 16:14:56 2005 From: pete (pete wright) Date: Mon, 14 Feb 2005 13:14:56 -0800 Subject: [nycbug-talk] Fwd: Great experiences at the Southern California Linux Expo (SCALE) Message-ID: <17e940449ad6d5a1ed807f776f79e365@nomadlogic.org> sorry for the re-post those who are on netbsd-advocacy but kevin is a great guy and thought this may be of interest as well... -p Begin forwarded message: > From: Kevin Lahey > Date: February 14, 2005 1:10:51 PM PST > To: netbsd-advocacy at netbsd.org > Subject: Great experiences at the Southern California Linux Expo > (SCALE) > > Executive summary: > > I had a great time working the NetBSD booth at the Southern California > Linux Expo (SCALE). We spent two full days evangelizing NetBSD, > checking out the other exhibits, and meeting new people. > > The whole story: > > I only comparatively recently moved to the Los Angeles area, so I was > amazed and delighted at the size of the open source community out here. > The exhibition itself had something like 30 or 40 booths, including > vendors like IBM and Novell, and open source projects including > flightgear.org (a really cool flight simulator), FreeBSD, the FSF, > Gnome, and the Wikipedia folks. I don't think I saw as many open > source > projects at the nation Linux shows I've done! For more info: > > http://www.socallinuxexpo.org/ > > The all-volunteer group that put on SCALE was completely professional > and totally organized. The booths were beautifully laid out, with > power > and networking (and wireless networking). All I had to do was show up > and set up. My thanks to Gareth Greenaway (who was my point of > contact) > and all the rest of the folks from SCALE who made this fun and easy. > > Our booth worked out great. Jan Schaumann rush-mailed me a whole box > full of NetBSD t-shirts and flyers, which got me started on the right > foot. I brought down my NetBSD-running Thinkpad as an example of > recent > hardware, and a Cobalt Raq2 and Qube to show off a little > retro-computing action. > > I was proud of my Qube, but then fellow developer John Klos showed up > with the real big guns -- a VAXstation that kept pulling in our fellow > old-timers, an SGI Indy, and an Amiga. He also brought out a 32-inch > HD > TV/monitor that attracted lots of folks to the booth, and allowed us to > show that our desktop looked pretty much just like any other UNIX (a > big > deal from some of the folks there who were new to open-source OSes). > > John may have missed his calling as a brilliant marketing guy -- > Sunday, > he brought out a bowl of candy and his awesome G3-based Tonka truck (an > old iMac motherboard wedged into a Tonka dumptruck) which which had > plenty of folks stopping by the booth. > > The *BSD community of Los Angeles was really helpful, no matter > which of the several BSD varients they usually use. I was blown > away by the generosity of Pete Wright and Michael Dickerson, who came > out Saturday and talked up NetBSD all day! > > I had a great time, and was delighted to find so many open-minded and > enthusiastic fellow open source folks. Any number of folks seemed > interested in learning one more system, and figuring out the BSD thing. > They wanted to know where they could slide it into their all-Linux > organizations, what we were planning for the future, and where they > could get more info. > > Our fellow exhibitors were just as friendly. The FreeBSD guys spent > plenty of time hanging out with us, as did Linux folks from all over. > The Linux Astronomy (http://www.linuxastronomy.org) folks were > particularly fun and helpful. > > If you get a chance to do a similar booth elsewhere, I whole-heartedly > encourage you to go for it! > > [Sorry for making this so long, but I wanted to make sure I thanked > everybody, and, heck, it was fun and exciting and I'm still pumped up > about it!] > > Kevin > kml at patheticgeek.net > ~o0OO0o~ Pete Wright pete at nomadlogic.org www.nomadlogic.org freenode.net: nomadlogic_ From branto Mon Feb 14 16:22:18 2005 From: branto (Brant I. Stevens) Date: Mon, 14 Feb 2005 16:22:18 -0500 Subject: [nycbug-talk] Error compiling Ethereal 0.10.9 on Mac OSX 10.3.8/Fink In-Reply-To: Message-ID: I figure I'd try asking you guys, since there seems to be a lot of Mac development expertise here... Any help with the below is much appreciated. I thought it was a library issue with a default compilation of Ethereal, but I ran make clean, then reset my ./configure options to point everything into one directory for libraries, but still no dice. (my bad on the subject down below... It is supposed to be Mac OSX 10.3.8... Duh...) -Brant ------ Forwarded Message From: "Brant I. Stevens" Date: Sun, 13 Feb 2005 22:18:19 -0500 To: Subject: Error compiling Ethereal 0.10.9 on Mac OSX 10.3.9/Fink Hi all... I am experiencing a problem with compiling ethereal... I have 0.10.6 installed on this box, but am trying to install the newer version, and get the error below. Also shown are my ./configure options. Any help offered is appreciated. branto-g4-01-branto-com:~/download/ethereal-0.10.9 branto$ ./configure --prefix=/sw --enable-threads --enable-randpkt --enable-ipv6 --with-ssl=/sw --with-pcre=/sw ld: warning multiple definitions of symbol _compute_timestamp_diff util.o definition of _compute_timestamp_diff in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _compute_timestamp_diff ld: warning multiple definitions of symbol _create_tempfile util.o definition of _create_tempfile in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _create_tempfile ld: warning multiple definitions of symbol _get_args_as_string util.o definition of _get_args_as_string in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _get_args_as_string ld: warning multiple definitions of symbol _get_conn_cfilter util.o definition of _get_conn_cfilter in section (__TEXT,__text) /usr/local/lib/libethereal.dylib(libethereal.0.0.1.dylib-master.o) definition of _get_conn_cfilter ld: warning multiple definitions of symbol _locale_charset /sw/lib/libiconv.dylib(localcharset.o) definition of _locale_charset /sw/lib/libintl.dylib(localcharset.lo) definition of _locale_charset ld: Undefined symbols: _proto_registrar_dump_values _range_convert_str _range_empty _value_is_in_range _convert_string_case _convert_string_to_hex _get_addr_name _range_convert_range _range_copy _ranges_are_equal _dcerpc_add_conv_to_bind_table _dcerpc_get_transport_salt _dcerpc_hooks_init_protos _T_h323_message_body_vals make[2]: *** [ethereal] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 branto-g4-01-branto-com:~/download/ethereal-0.10.9 branto$ ------ End of Forwarded Message From pete Mon Feb 14 16:57:31 2005 From: pete (Pete Wright) Date: Mon, 14 Feb 2005 13:57:31 -0800 (PST) Subject: [nycbug-talk] Error compiling Ethereal 0.10.9 on Mac OSX 10.3.8/Fink In-Reply-To: References: Message-ID: <14693.160.33.20.11.1108418251.squirrel@160.33.20.11> > I figure I'd try asking you guys, since there seems to be a lot of Mac > development expertise here... Any help with the below is much > appreciated. while there are definatly are alot of mac people on this list it looks like the problem you are running into is with fink. you may get more millage pinging their list to see what they have to say. there is also this group: http://lesmuug.org/ they may be able to help you as well.... -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bob Mon Feb 14 17:16:59 2005 From: bob (Bob Ippolito) Date: Mon, 14 Feb 2005 17:16:59 -0500 Subject: [nycbug-talk] Error compiling Ethereal 0.10.9 on Mac OSX 10.3.8/Fink In-Reply-To: References: Message-ID: <587771f302149dfd0ad14be01e88c926@redivi.com> On Feb 14, 2005, at 4:22 PM, Brant I. Stevens wrote: > I figure I'd try asking you guys, since there seems to be a lot of Mac > development expertise here... Any help with the below is much > appreciated. > > I thought it was a library issue with a default compilation of > Ethereal, but > I ran make clean, then reset my ./configure options to point > everything into > one directory for libraries, but still no dice. > > (my bad on the subject down below... It is supposed to be Mac OSX > 10.3.8... > Duh...) Use darwinports : % sudo /opt/local/bin/port install ethereal +adns +ipv6 +net-snmp +pcre (go make some coffee) % open-x11 /opt/local/bin/ethereal (presumably that works - I'm still making coffee) -bob From bob Tue Feb 15 00:20:04 2005 From: bob (Bob Ippolito) Date: Tue, 15 Feb 2005 00:20:04 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit Message-ID: <080a028cd0c0a6f73659a097734181d6@redivi.com> As a follow-up to the Shmoo IDN exploit, Mozilla is going to set IDN to false by default (as of Firefox 1.0.1, and Mozilla 1.8 beta): http://weblogs.mozillazine.org/gerv/archives/007556.html One of the authors of the IDN standard brings to attention that although it is the registrars responsibility to handle this issue, there are more elegant solutions than just turning it off: http://lookit.proper.com/archives/000302.html The Unicode Consortium also has an early draft of their technical report on this and related issues: http://unicode.org/reports/tr36/ So far, it does not seem like anyone has implemented a "nice" version of IDN awareness, though I might take a whack at it later this week if I find the time. The hardest part is just designing the UI, looking up the block that a particular code point resides in is pretty trivial actually, though you would have to parse the relevant section of the UCD . -bob From elric Tue Feb 15 00:29:20 2005 From: elric (Roland Dowdeswell) Date: Tue, 15 Feb 2005 00:29:20 -0500 Subject: [nycbug-talk] /etc/hosts In-Reply-To: Your message of "Mon, 14 Feb 2005 10:54:13 EST." <4210C9A5.7090900@tbwachiat.com> Message-ID: <20050215052920.B77613701F@arioch.imrryr.org> On 1108396453 seconds since the Beginning of the UNIX epoch steve rieger wrote: > >hi all, > > >is there a difference between these two and if so can you elaborate > >cat /etc/hosts >192.10.20.25 yoyo.mama.com yoyo > >cat /etc/hosts >192.10.20.25 yoyo yoyo.mama.com Yes. getnameinfo()/gethostbyaddr() will return the first name that appears. So, in general, you put the FQDN first unless you are in an environment where you need name resolution to return non-FQDNs. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/ From chsnyder Tue Feb 15 10:18:54 2005 From: chsnyder (csnyder) Date: Tue, 15 Feb 2005 10:18:54 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: <080a028cd0c0a6f73659a097734181d6@redivi.com> References: <080a028cd0c0a6f73659a097734181d6@redivi.com> Message-ID: It totally sucks that Mozilla would turn IDN off rather than implement the logic to detect if multiple codepages were being used in the same url. What about Mozilla users in the rest of the world? Download an XPI with annoying warnings about how "dangerous" it is to use my native characterset is not really acceptable. >From the IDN in Applications RFC http://www.apps.ietf.org/rfc/rfc3490.html#sec-10 (page 20) To help prevent confusion between characters that are visually similar, it is suggested that implementations provide visual indications where a domain name contains multiple scripts. Such mechanisms can also be used to show when a name contains a mixture of simplified and traditional Chinese characters, or to distinguish zero and one from O and l. DNS zone adminstrators may impose restrictions (subject to the limitations in section 2) that try to minimize homographs. It's something they should have been doing all along, which gives Opera no excuse either. From spork Tue Feb 15 14:49:23 2005 From: spork (Charles Sprickman) Date: Tue, 15 Feb 2005 14:49:23 -0500 (EST) Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: References: <080a028cd0c0a6f73659a097734181d6@redivi.com> Message-ID: For our OS-X using friends, I'll point this out: http://haoli.dnsalias.com/ I've been using Saft with Safari for quite a while to get a ton of extra "little features". Last update added an IDN "fix"... Charles On Tue, 15 Feb 2005, csnyder wrote: > It totally sucks that Mozilla would turn IDN off rather than implement > the logic to detect if multiple codepages were being used in the same > url. > > What about Mozilla users in the rest of the world? Download an XPI > with annoying warnings about how "dangerous" it is to use my native > characterset is not really acceptable. > >> From the IDN in Applications RFC > http://www.apps.ietf.org/rfc/rfc3490.html#sec-10 (page 20) > To help prevent confusion between characters that are visually > similar, it is suggested that implementations provide visual > indications where a domain name contains multiple scripts. Such > mechanisms can also be used to show when a name contains a mixture of > simplified and traditional Chinese characters, or to distinguish zero > and one from O and l. DNS zone adminstrators may impose restrictions > (subject to the limitations in section 2) that try to minimize > homographs. > > It's something they should have been doing all along, which gives > Opera no excuse either. > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From bob Tue Feb 15 15:03:30 2005 From: bob (Bob Ippolito) Date: Tue, 15 Feb 2005 15:03:30 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: References: <080a028cd0c0a6f73659a097734181d6@redivi.com> Message-ID: <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> On Feb 15, 2005, at 14:49, Charles Sprickman wrote: > On Tue, 15 Feb 2005, csnyder wrote: > >> It totally sucks that Mozilla would turn IDN off rather than implement >> the logic to detect if multiple codepages were being used in the same >> url. >> >> What about Mozilla users in the rest of the world? Download an XPI >> with annoying warnings about how "dangerous" it is to use my native >> characterset is not really acceptable. >> >>> From the IDN in Applications RFC >> http://www.apps.ietf.org/rfc/rfc3490.html#sec-10 (page 20) >> To help prevent confusion between characters that are visually >> similar, it is suggested that implementations provide visual >> indications where a domain name contains multiple scripts. Such >> mechanisms can also be used to show when a name contains a mixture of >> simplified and traditional Chinese characters, or to distinguish zero >> and one from O and l. DNS zone adminstrators may impose restrictions >> (subject to the limitations in section 2) that try to minimize >> homographs. >> >> It's something they should have been doing all along, which gives >> Opera no excuse either. > For our OS-X using friends, I'll point this out: > > http://haoli.dnsalias.com/ > > I've been using Saft with Safari for quite a while to get a ton of > extra "little features". Last update added an IDN "fix"... The kind of IDN spoofing defense that IDNSnitch and Saft implement is only very marginally better than just denying all IDN hosts. It's very anglocentric and distrusts every IDN host, regardless of whether it contains mixed scripts or any known homographs. So far, I don't believe that anyone has implemented the recommended approach -- certainly not for Safari, anyway. -bob From spork Tue Feb 15 16:04:21 2005 From: spork (Charles Sprickman) Date: Tue, 15 Feb 2005 16:04:21 -0500 (EST) Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> References: <080a028cd0c0a6f73659a097734181d6@redivi.com> <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> Message-ID: On Tue, 15 Feb 2005, Bob Ippolito wrote: > The kind of IDN spoofing defense that IDNSnitch and Saft implement is > only very marginally better than just denying all IDN hosts. It's very > anglocentric and distrusts every IDN host, regardless of whether it > contains mixed scripts or any known homographs. Surprising since the author comes from a place where they use "funny symbols" when they type. :) > So far, I don't believe that anyone has implemented the recommended > approach -- certainly not for Safari, anyway. That's understandable considering Saft is just an "add on" and not a different browser built around WebKit. I'm sure that an update will follow from Apple in the next few weeks. I haven't seen anything in my ADC account yet, but I'm watching... Charles > -bob > > From bob Tue Feb 15 16:24:32 2005 From: bob (Bob Ippolito) Date: Tue, 15 Feb 2005 16:24:32 -0500 Subject: [nycbug-talk] Mozilla response to IDN homograph exploit In-Reply-To: References: <080a028cd0c0a6f73659a097734181d6@redivi.com> <5145dfe6f881dc8bdebae74f04ae86f9@redivi.com> Message-ID: <2a133cd36120ceb669f53aed61a55a3f@redivi.com> On Feb 15, 2005, at 16:04, Charles Sprickman wrote: > On Tue, 15 Feb 2005, Bob Ippolito wrote: > >> The kind of IDN spoofing defense that IDNSnitch and Saft implement is >> only very marginally better than just denying all IDN hosts. It's >> very anglocentric and distrusts every IDN host, regardless of whether >> it contains mixed scripts or any known homographs. > > Surprising since the author comes from a place where they use "funny > symbols" when they type. :) Yeah but not many. He lives in Stockholm, not Beijing :) >> So far, I don't believe that anyone has implemented the recommended >> approach -- certainly not for Safari, anyway. > > That's understandable considering Saft is just an "add on" and not a > different browser built around WebKit. I'm sure that an update will > follow from Apple in the next few weeks. I haven't seen anything in > my ADC account yet, but I'm watching... That's no excuse, the amount of black magic integration involved in doing "nice" IDN spoof detection and doing an ugly hack like this is precisely the same. The difference is probably about two hours worth of work (but not Safari hacking, just extra IDN-related code on top of the hook he is already using). Adding a graphical notice in the URL bar rather than using a pop-up would probably be another two hours, not because it's hard, but because *that* would require some more Safari hacking. I would expect that it's worth his time since he's selling this thing. -bob From george Tue Feb 15 23:09:31 2005 From: george (G. Rosamond) Date: Tue, 15 Feb 2005 23:09:31 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . Message-ID: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> I was dead set on a ThinkPad, but after playing with a client's Sharp MM10, I may change that. For those who don't know them, check out www.sharpusa.com, but make sure your browser identifies as IE. They are two pounds, have 10.4" displays, and are sweet. . . with the extra battery, they get 9 hours of uptime. . . Googling shows some references to people running a BSD on them, but does anyone on Talk have any experience, things I should know, etc. . . George From pete Tue Feb 15 23:18:42 2005 From: pete (Pete Wright) Date: Tue, 15 Feb 2005 23:18:42 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216041842.GA85097@finn.nomadlogic.org> On Tue, Feb 15, 2005 at 11:09:31PM -0500, G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. > > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. > > They are two pounds, have 10.4" displays, and are sweet. . . with the > extra battery, they get 9 hours of uptime. . . > > Googling shows some references to people running a BSD on them, but > does anyone on Talk have any experience, things I should know, etc. . . ok i'll bite, i'm an huge fan of the thinkpads. i have an X31 (which seems pretty similar to the MM10). it does look pretty good, but a couple things that differ i think are worth noting. first off, i'm a huge fan of the thinkpad "nipple" for the mouse. i've always had problems with the track- pads on laptops, my palm always seems to move the mouse...which will end up moving the focus on my window in xwindows. the "nipple" is not in the way and the thinkpad's have a real three button mice as well. secondly the X31 comes with builtin Gig-e via the "em" device. seems to work quite well with 4.x. lastly it's got a 1.4ghz chip on it, that will scale down to 550mhz when running on batteries. i get about 5 hours of battery life on it (unless i'm using my pcmcia wifi card then i loose about an hour or so). so performance is not too bad on the sucker either. i don't know the price of the sharps, and granted you do pay a premium with the thinkpad but IMO it's worth it. -p -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bruno Tue Feb 15 23:48:16 2005 From: bruno (bruno) Date: Tue, 15 Feb 2005 23:48:16 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216044816.GB23791@loftmail.com> On Tue, Feb 15, 2005 at 11:09:31PM -0500, G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. > > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. > > They are two pounds, have 10.4" displays, and are sweet. . . with the > extra battery, they get 9 hours of uptime. . . > > Googling shows some references to people running a BSD on them, but > does anyone on Talk have any experience, things I should know, etc. . . If you're into those, a friend of mine has a small fujitsu, sounds about the same, small, 8 hours with a minibay battery, very pretty, small but nice display. He is not running a UNIX flavor, but I hear BSDs do run on them. Don't remember the model, I'm sure you'll find them on fujitsu site. From mspitzer Tue Feb 15 23:59:59 2005 From: mspitzer (Marc Spitzer) Date: Tue, 15 Feb 2005 23:59:59 -0500 Subject: [nycbug-talk] Fwd: UNIGROUP 17-FEB-2005 (Thurs): ZOPE - Open Source Web Development Framework In-Reply-To: <200502152037.j1FKbgt2000862@progplus.com> References: <200502152037.j1FKbgt2000862@progplus.com> Message-ID: <8c50a3c3050215205940845246@mail.gmail.com> If you want to hear a talk about zope marc ---------- Forwarded message ---------- From: Unigroup_of_NY Date: Tue, 15 Feb 2005 15:37:42 -0500 (EST) Subject: UNIGROUP 17-FEB-2005 (Thurs): ZOPE - Open Source Web Development Framework To: mspitzer at gmail.com Unigroup's February 2005 meeting is THIS Thursday... ===================================================================== UNIGROUP OF NEW YORK - UNIX USERS GROUP - FEBRUARY 2005 ANNOUNCEMENTS ===================================================================== ----------------------------------------------------- 1. UNIGROUP'S FEBRUARY 2005 GENERAL MEETING ANNOUNCEMENT ----------------------------------------------------- When: THURSDAY, February 17th, 2005 (3rd Thursday) Where: Alliance for Downtown NY Conference Facility Downtown Center 104 Washington Street South West Corner of Wall Street Area Downtown, New York City ** Please RSVP (not mandatory) ** Time: 6:15 PM - 6:25 PM Registration 6:25 PM - 6:45 PM Ask the Wizard, Questions, Answers and Current Events 6:45 PM - 7:00 PM Unigroup Business and Announcements 7:00 PM - 9:30 PM Main Presentation ----------------------------------------------- Topic: ZOPE - An Open Source Web Development Framework ----------------------------------------------- Speakers: Rob Page, CEO and President, Zope Corporation INTRODUCTIONS: -------------- Please keep an eye out for a series of _MONTHLY_ meetings which we have confirmed for February, March and April 2005. The meeting schedule is posted below (all on the 3rd Thursday). We are finally holding our meeting on Web Development and Zope! This meeting was supposed to be a followup our meeting on Python (March 2003), but it wound up being delayed for various reasons and due to various events (including things like the Solaris 10 launch). During this time, our friends at Zope Corporation have been patient, and they have been waiting for the chance to present Zope to Unigroup. We do appreciate their support! I've called Zope a "Web Development Framework", but from what I've read, it may be much more than this (see below). Major corporations are using Zope to build web sites and bring content to market. One such example is Computer Associates... see their press release about CA and Zope Corp: http://www3.ca.com/Press/PressRelease.asp?CID=59297 Also note that we expect to have CA present to Unigroup, later in the year, and they were also invited to participate in this week's Zope meeting. ------------------------------------------------------------------- SPECIAL INSTRUCTIONS: --------------------- To REGISTER for this event, please RSVP by using the Unigroup Registration Page: http://www.unigroup.org/unigroup-rsvp.html This will allow us to automate the registration process. (Registration will also add you to our mailing list.) Please continue to check the Unigroup web site and meeting page, for any last minute updates concerning this meeting. If you registered for this meeting, please check your email for any last minute announcements as the meeting approaches. Please try to RSVP as soon as possible. Note: RSVP is not mandatory for this location, but it does help us to properly plan the meeting (food, drinks, handouts, seating, etc.). ------------------------------------------------------------------- OUTLINE OF THE MAIN PRESENTATION: --------------------------------- This month's meeting will be a presentation on ZOPE: - What is Zope? - Who uses the platform? - What is possible with the platform? - The Zope Community and Activities (e.g., Sprints) - Platform Futures The Zope Software System: ------------------------- (Extracted from http://www.zope.com/Corporate/CompanyProfile.html) Zope is a unique software system: a high-performance application server, a web server, and a content management system. It is a complete, self-contained solution, that includes a robust, scalable object database, web services architecture, and powerful programming capabilities. It is designed for customization and extensibility. Its components integrate tightly with a wide range of leading web server and database systems. Zope promotes rapid creation and deployment of complex applications, totally manageable through a web interface. All of this, and complete open source access, are provided without cost. There are no licensing or runtime fees for the software. What Is Zope? ------------- (Extracted from http://www.zope.org/WhatIsZope) Zope is an open source web application server primarily written in the Python programming language. It features a transactional object database which can store not only content and custom data, but also dynamic HTML templates, scripts, a search engine, and relational database (RDBMS) connections and code. It features a strong through-the-web development model, allowing you to update your web site from anywhere in the world. To allow for this, Zope also features a tightly integrated security model. Built around the concept of "safe delegation of control", Zope's security architecture also allows you to turn control over parts of a web site to other organizations or individuals. The transactional model applies not only to Zope's object database, but to many relational database connectors as well, allowing for strong data integrity. This transaction model happens automatically, ensuring that all data is successfully stored in connected data sources by the time a response is returned to a web browser or other client. There are numerous products (plug-in Zope components) available for download to extend the basic set of site building tools. These products include new content objects; relational database and other external data source connectors; advanced content management tools; and full applications for e-commerce, content and document management, or bug and issue tracking. Zope includes its own HTTP, FTP, WebDAV, and XML-RPC serving capabilities, but can also be used with the Apache or other web servers. ------------------------------------------------------------------- Web Resources: -------------- Zope Corporation http://www.zope.com Zope Open Source Community http://www.zope.com/Services/Community.html Zope Community http://www.zope.org Zope Developer Community http://dev.zope.org Zope Powered Sites http://www.zope.org/Resources/ZopePowered ------------------------------------------------------------------- Speaker Biography: ------------------ (Extracted from http://www.zope.com/Corporate/Management/Page.html) Rob Page, Chief Executive Officer & President, Zope Corporation: Rob Page provides leadership and vision, directing corporate operations, professional services, product development and sales. He is involved in all aspects of company strategy, client services and quality assurance. Prior to co-founding Zope Corporation in 1995, he co-founded Connecting Minds, a consultancy firm. He also served for nine years in the Marine Corps and Marine Corps Reserve as a data systems officer. Rob earned his B.S. in Aerospace Engineering from the University of Florida. Company Biography: ------------------ (Extracted from http://www.zope.com/Corporate/CompanyProfile.html) Zope Corporation uses Zope Software to create high-end custom solutions with unparalleled time to market. The company generates revenue by offering Zope-based products, content management solutions through consulting services, support and training. Building on the open source model, customers are freed of vendor dependence because they have the source code of their product / custom solution. ------------------------------------------------------------------- Giveaways: ---------- O'Reilly has been kind enough to provide us with some of their books, which we will continue to raffle off as giveaways at our meetings. Addison-Wesley Professional/Prentice Hall PTR has been kind enough to provide us with some of their books, which we will continue to raffle off as giveaways at our meetings. Unigroup would like to thank both companies for the support provided by their User Group programs. Note: The chances tend to be about 1 in 5, that any attendee of our meeting will walk away with a fairly valuable giveaway (ie. most books are valued between $30 and $60)! ------------------------------------------------------------------- Fee Schedule: Yearly Membership (includes all meetings): $ 50.00 Non-Member Single Meeting: $ 20.00 Student Yearly Membership: $ 20.00 Non-Member Student Single Meeting (with ID): $ 5.00 Payment Methods: Cash, Check, American Express. ------------------------------------------------------------------- Complimentary Food and Refreshments will be served. This includes sandwiches such as Turkey, Chicken, Tuna and Grilled Vegetables, as well as Assorted Salads (Cole Slaw, Potato, Tossed, Caesar, Pasta), Cookies/Brownies, Bottled Water and Assorted Beverages. ------------------------------------------------------------------- Directions: Alliance for Downtown NY Conference Facility Downtown Center 104 Washington Street Wall Street Area Downtown, New York City This building is located on the West side of the street, the second building north of Rector Street. Cross Streets: Between Rector (South) and Carlisle (North) Streets. Enter the lobby, and tell the guard at the desk that you are heading for Unigroup. You will be directed to the meeting room. Our meeting location is in the Lower West Corner of Downtown, North of the Battery Tunnel, South of the Downtown Hotel, East of West Street, and West of Greenwich Street. Walking West on Rector Street from Broadway, you pass Church, Greenwich then Washington Streets. There are multiple blocks of parking lots right there, between Washington and Greenwich Streets, starting at the Battery Tunnel and extending North for a number of blocks. Nearest mass transit stations, in order, are the '1/9' (Rector Street), 'R/W' (Rector Street) and the '4/5' (Wall Street). ----- Please mark this meeting on your calendar and join us! Please tell your friends about Unigroup! ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ ----------------- 2. UPCOMING MEETINGS ----------------- We have a series of meetings in the works: - 17-FEB-2005 : Zope / Web Page Development Rob Page / Zope Corporation - 17-MAR-2005 : Solaris 10 Part 2 Field Trip to Sun Microsystems - 21-APR-2005 : AFS and OpenAFS Jeff Altman / Secure Endpoints - IPsec - Samba - Field Trip to HP - Invited - Field Trip to CA - Invited - Unix 35th Birthday Celebration - DNS - Unix Clusters and Clustered Databases - Linux Clustering Part 3: Beowulf version 2 - Building a Firewall using FreeBSD and Linux - High Performance Internet Servers / Web Acceleration - Unix Office Tools: Word Processors, Spreadsheets, Accounting Packages. - PKI - GNU Development Environments - iSCSI, Serial ATA, and other new peripheral technologies Please let us know about any other meeting topics that you may be interested in. Potential speakers on Unix related technology topics should contact the Unigroup board at uniboard at unigroup.org. ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ I hope to see you all at our next meeting! -Rob Weiner Unigroup Executive Director unilist at unigroup.org http://www.unigroup.org From dan Wed Feb 16 06:57:57 2005 From: dan (Dan Langille) Date: Wed, 16 Feb 2005 06:57:57 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <4212EEF5.24609.26AFEE4@localhost> On 15 Feb 2005 at 23:09, G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. I'd say, still go for the ThinkPad. Will Andrews just bought a T41P (? I think that's the one) and he pleased with it. > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. > > They are two pounds, have 10.4" displays, and are sweet. . . with the > extra battery, they get 9 hours of uptime. . . > > Googling shows some references to people running a BSD on them, but > does anyone on Talk have any experience, things I should know, etc. . . When you go to test drive the laptop, take a FreeSBIE CD with you. Boot off it. Look around. Things look OK? If so, you're ahead of the game. If it does not boot, proceed with caution. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From lists Wed Feb 16 09:01:48 2005 From: lists (Hans Zaunere) Date: Wed, 16 Feb 2005 09:01:48 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216140231.32F7CA85F3@virtu.nyphp.org> > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. Come on, don't be crazy... > For those who don't know them, check out www.sharpusa.com, but make > sure your browser identifies as IE. Oh, and you're still considering a Sharp? H From george Wed Feb 16 09:31:19 2005 From: george (George Georgalis) Date: Wed, 16 Feb 2005 09:31:19 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <20050216143119.GK16801@sta.local> On Tue, Feb 15, 2005 at 11:09:31PM -0500, G Rosamond wrote: >I was dead set on a ThinkPad, but after playing with a client's Sharp >MM10, I may change that. > >For those who don't know them, check out www.sharpusa.com, but make >sure your browser identifies as IE. I had a slick sharp graphing calculator once. It was neat, but always felt constrained on what I could do with it, only what they intended, nothing flexible. Then it quite unexpectantly broke. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From tux Wed Feb 16 11:15:17 2005 From: tux (Kevin Reiter) Date: Wed, 16 Feb 2005 11:15:17 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> Message-ID: <42137195.5070409@penguinnetwerx.net> G. Rosamond wrote: > I was dead set on a ThinkPad, but after playing with a client's Sharp > MM10, I may change that. Go here, Grasshopper: http://gerda.univie.ac.at/freebsd-laptops/ Updated often and loads of good info that's model-specific. I used it to get X working on my Dell C640 on 4.10. > For those who don't know them, check out www.sharpusa.com, but make sure > your browser identifies as IE. If it doesn't work with anything other than IE, why would you waste your time/energy on it? I would guess (notice I didn't say "assume"? :) that if they can't be bothered to make their website W3C compliant, they didn't spend any development dollars in making sure they have hardware that plays nice with anything other than M$... ..just me .02 . From george Thu Feb 17 21:11:19 2005 From: george (G. Rosamond) Date: Thu, 17 Feb 2005 21:11:19 -0500 Subject: [nycbug-talk] OnLamp from Dru. . . Message-ID: Seems like one of our list members is being too modest in publicizing her ware . . . http://www.onlamp.com/pub/a/bsd/2005/02/17/FreeBSD_Basics.html It's a deli.cio.us piece. . . g From george Thu Feb 17 21:46:00 2005 From: george (G. Rosamond) Date: Thu, 17 Feb 2005 21:46:00 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . Message-ID: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> There's a great security document and tool available for a number of OSs, including FreeBSD, at www.cisecurity.org I'm going through the doc right now, which documents the tool's procedures. . . some looks pretty basic (disabling anonymous ftp) but some is very interesting (making sure no dot files are world writeable). Highly recommended. I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a less-than-mission-critical server tomorrow . . . George From mspitzer Thu Feb 17 22:18:28 2005 From: mspitzer (Marc Spitzer) Date: Thu, 17 Feb 2005 22:18:28 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> References: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: <8c50a3c305021719186e4c55e8@mail.gmail.com> On Thu, 17 Feb 2005 21:46:00 -0500, G. Rosamond wrote: > There's a great security document and tool available for a number of > OSs, including FreeBSD, at www.cisecurity.org Did not know the freebsd one was out. The router one is cool, used it at work around 2000, very useful tool for a large plant. marc From jesse Fri Feb 18 08:14:15 2005 From: jesse (Jesse Callaway) Date: Fri, 18 Feb 2005 08:14:15 -0500 Subject: [nycbug-talk] what the? Message-ID: <20050218131415.GE48925@mail.theholymountain.com> I guess I do know where all of that church money goes now... They need to hire crack spammers! iptables... yuck. iptables? hmm... This is just TOO weird. http://newyork.craigslist.org/mnh/cpg/60151192.html -jesse From steve Fri Feb 18 08:37:14 2005 From: steve (steverieger) Date: Fri, 18 Feb 2005 08:37:14 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: To be honest with you I have this exact issue with the fbsd folks (the developers not the users) On my other os, I always mount /usr as read only, and all my sql and apache stuff goes elswhere, but the default fbsd setup puts the apache rootdir in /usr/local/www and sometimes the /var slice is a bit small to handle all my databases. But for any decent sys admin I recommend to always mount /usr as ro,nosuid,logging My .02C On 2/17/05 9:46 PM, "G. Rosamond" wrote: > There's a great security document and tool available for a number of > OSs, including FreeBSD, at www.cisecurity.org > > I'm going through the doc right now, which documents the tool's > procedures. . . some looks pretty basic (disabling anonymous ftp) but > some is very interesting (making sure no dot files are world > writeable). > > Highly recommended. > > I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a > less-than-mission-critical server tomorrow . . . > > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From chsnyder Fri Feb 18 09:01:43 2005 From: chsnyder (csnyder) Date: Fri, 18 Feb 2005 09:01:43 -0500 Subject: [nycbug-talk] what the? In-Reply-To: <20050218131415.GE48925@mail.theholymountain.com> References: <20050218131415.GE48925@mail.theholymountain.com> Message-ID: On Fri, 18 Feb 2005 08:14:15 -0500, Jesse Callaway wrote: > I guess I do know where all of that church money goes now... They need to hire crack spammers! iptables... yuck. iptables? hmm... This is just TOO weird. > > http://newyork.craigslist.org/mnh/cpg/60151192.html > Spamming to promote family values, I love it! Great find. From jhlists Fri Feb 18 09:45:06 2005 From: jhlists (jh) Date: Fri, 18 Feb 2005 09:45:06 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <42137195.5070409@penguinnetwerx.net> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> <42137195.5070409@penguinnetwerx.net> Message-ID: <4215FF72.8060902@hirschman.net> Kevin Reiter wrote: > > I would guess (notice I didn't say "assume"? :) that > if they can't be bothered to make their website W3C compliant, they > didn't spend any development dollars in making sure they have hardware > that plays nice with anything other than M$... > > ..just me .02 . > Since it is typically two different groups inside of a huge company responsible for marketing the computer and designing the computer, I'd say that this is generally a poor conclusion. That being said, as a former Sharp notebook owner: beware. I found their support to be miserable even for Windows - they didn't bother to post new drivers from the Japan site on the USA site. I think that the USA sub of the company is really geared to marketing and selling black box items; I found Sony to be much the same way (just not as bad). My $.02 jh From tux Fri Feb 18 10:48:20 2005 From: tux (Kevin Reiter) Date: Fri, 18 Feb 2005 10:48:20 -0500 Subject: [nycbug-talk] OnLamp from Dru. . . In-Reply-To: References: Message-ID: <42160E44.20304@penguinnetwerx.net> G. Rosamond wrote: > Seems like one of our list members is being too modest in publicizing > her ware . . . > > http://www.onlamp.com/pub/a/bsd/2005/02/17/FreeBSD_Basics.html ..and if you follow the link for "thefish" screenshots, you'll see that you can enable Isaac to do something for you, but it doesn't say what.. man ike returns nothing, so it looks like he's a little behind on the documentation :) (Top-left Qt box) From okan Fri Feb 18 11:17:43 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 11:17:43 -0500 Subject: [nycbug-talk] Laptop purchase possibility. . . In-Reply-To: <20050216041842.GA85097@finn.nomadlogic.org> References: <1a22c3a3d2005886f53328f2e2d852cc@sddi.net> <20050216041842.GA85097@finn.nomadlogic.org> Message-ID: <20050218161743.GA21934@yinaska.pair.com> On Tue 2005.02.15 at 23:18 -0500, Pete Wright wrote: > On Tue, Feb 15, 2005 at 11:09:31PM -0500, G. Rosamond wrote: > > I was dead set on a ThinkPad, but after playing with a client's Sharp > > MM10, I may change that. > > > > For those who don't know them, check out www.sharpusa.com, but make > > sure your browser identifies as IE. > > > > They are two pounds, have 10.4" displays, and are sweet. . . with the > > extra battery, they get 9 hours of uptime. . . > > > > Googling shows some references to people running a BSD on them, but > > does anyone on Talk have any experience, things I should know, etc. . . > > ok i'll bite, i'm an huge fan of the thinkpads. i have an X31 (which seems > pretty similar to the MM10). it does look pretty good, but a couple things > that differ i think are worth noting. first off, i'm a huge fan of the > thinkpad "nipple" for the mouse. i've always had problems with the track- > pads on laptops, my palm always seems to move the mouse...which will end up > moving the focus on my window in xwindows. the "nipple" is not in the way > and the thinkpad's have a real three button mice as well. > > secondly the X31 comes with builtin Gig-e via the "em" device. seems to > work quite well with 4.x. lastly it's got a 1.4ghz chip on it, that will > scale down to 550mhz when running on batteries. i get about 5 hours of > battery life on it (unless i'm using my pcmcia wifi card then i loose about > an hour or so). so performance is not too bad on the sucker either. > > i don't know the price of the sharps, and granted you do pay a premium with > the thinkpad but IMO it's worth it. i'm with pete on this. as much as the premium may be for a thinkpad, i will always go for one. it is not a branding thing at all, more of a feature set - though that is hard to enumerate. i'd love to see ibm (or whoever the new vendor is) to start offering mobil amd64 ;) okan > -p > > > -- > ~~oO00Oo~~ > Peter Wright > pete at nomadlogic.org > www.nomadlogic.org/~pete > 917.415.9866 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From okan Fri Feb 18 11:27:23 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 11:27:23 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: References: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: <20050218162723.GB21934@yinaska.pair.com> On Fri 2005.02.18 at 08:37 -0500, steverieger wrote: > To be honest with you > > I have this exact issue with the fbsd folks (the developers not the users) > > On my other os, I always mount /usr as read only, and all my sql and apache > stuff goes elswhere, but the default fbsd setup puts the apache rootdir in > /usr/local/www and sometimes the /var slice is a bit small to handle all my > databases. i'm not too familiar with where stuff goes in freebsd, but i like data in /var - including www and mysql and pgsql...etc. but each data dir gets its own slice if it is important to me. > But for any decent sys admin I recommend to always mount /usr as > ro,nosuid,logging i've heard that statement many times before, but what exactly does that give you? mounting /usr as nosuid? - what do you break? read-only /usr for what reason? whoever gets root can easily do a re-mount. not flaming, but curious to hear additional reasons that i've heard before behind this ;) cheers > > My .02C > > > > > On 2/17/05 9:46 PM, "G. Rosamond" wrote: > > > There's a great security document and tool available for a number of > > OSs, including FreeBSD, at www.cisecurity.org > > > > I'm going through the doc right now, which documents the tool's > > procedures. . . some looks pretty basic (disabling anonymous ftp) but > > some is very interesting (making sure no dot files are world > > writeable). > > > > Highly recommended. > > > > I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a > > less-than-mission-critical server tomorrow . . . > > > > George > > > > _______________________________________________ > > % NYC*BUG talk mailing list > > http://lists.nycbug.org/mailman/listinfo/talk > > %Be sure to check out our Jobs and NYCBUG-announce lists > > %We meet the first Wednesday of the month > > > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From jesse Fri Feb 18 11:47:54 2005 From: jesse (Jesse Callaway) Date: Fri, 18 Feb 2005 11:47:54 -0500 Subject: [nycbug-talk] Re: wondering where Richte is at? In-Reply-To: <0445708ef11380246cb1078d644f5fa3@lesmuug.org> References: <0445708ef11380246cb1078d644f5fa3@lesmuug.org> Message-ID: <20050218164754.GB885@mail.theholymountain.com> On Fri, Feb 18, 2005 at 10:56:23AM -0500, Isaac Levy wrote: > Hi BER, > > So I was just thinking about a conversation we had a while back about > Dennis Richte, and asking him if he would do a nycbug meeting. I had a > few questions for you about this idea- > > 1) Where is Dennis Richte? You'd said he was around the northeast here? > > 2) What do you think is the best way to approach him? Should we just > email him out of the blue? > > 3) Do you have any suggestions for starting points for topics, seeing > as the possibilities are quite broad? (i.e. what do you think he has > that's really special to share with little unix youngin's like me?) > > Rocket- > .ike > mmmm.... I'm getting tingly all over thinking about megaloencephalic rodentia. From steve Fri Feb 18 11:57:32 2005 From: steve (steverieger) Date: Fri, 18 Feb 2005 11:57:32 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: <20050218162723.GB21934@yinaska.pair.com> Message-ID: My /etc/vfstab looks like this (just one entry /path/to/dev /mnt/point ufs 2 yes logging,ro,noatime,nosuid,forcedirectio noatime is self explanatory forcedirectio, means that all the large files on my web server that get sent out have a direct io instead of being buffered via the kernel. This is for my apache slice On 2/18/05 11:27 AM, "Okan Demirmen" wrote: > On Fri 2005.02.18 at 08:37 -0500, steverieger wrote: >> To be honest with you >> >> I have this exact issue with the fbsd folks (the developers not the users) >> >> On my other os, I always mount /usr as read only, and all my sql and apache >> stuff goes elswhere, but the default fbsd setup puts the apache rootdir in >> /usr/local/www and sometimes the /var slice is a bit small to handle all my >> databases. > > i'm not too familiar with where stuff goes in freebsd, but i like data > in /var - including www and mysql and pgsql...etc. but each data dir > gets its own slice if it is important to me. > >> But for any decent sys admin I recommend to always mount /usr as >> ro,nosuid,logging > > i've heard that statement many times before, but what exactly does > that give you? mounting /usr as nosuid? - what do you break? read-only > /usr for what reason? whoever gets root can easily do a re-mount. > not flaming, but curious to hear additional reasons that i've heard > before behind this ;) > > cheers > >> >> My .02C >> >> >> >> >> On 2/17/05 9:46 PM, "G. Rosamond" wrote: >> >>> There's a great security document and tool available for a number of >>> OSs, including FreeBSD, at www.cisecurity.org >>> >>> I'm going through the doc right now, which documents the tool's >>> procedures. . . some looks pretty basic (disabling anonymous ftp) but >>> some is very interesting (making sure no dot files are world >>> writeable). >>> >>> Highly recommended. >>> >>> I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a >>> less-than-mission-critical server tomorrow . . . >>> >>> George >>> >>> _______________________________________________ >>> % NYC*BUG talk mailing list >>> http://lists.nycbug.org/mailman/listinfo/talk >>> %Be sure to check out our Jobs and NYCBUG-announce lists >>> %We meet the first Wednesday of the month >>> >> >> >> _______________________________________________ >> % NYC*BUG talk mailing list >> http://lists.nycbug.org/mailman/listinfo/talk >> %Be sure to check out our Jobs and NYCBUG-announce lists >> %We meet the first Wednesday of the month From jonathan Fri Feb 18 12:00:59 2005 From: jonathan (Jonathan) Date: Fri, 18 Feb 2005 12:00:59 -0500 Subject: [nycbug-talk] Wine and Starcraft ( and games in general) Message-ID: <42161F4B.20108@kc8onw.net> Has anyone here had experience getting games to run under wine? I installed starcraft fine but the no cd cracks I have found don't work and it does not seem to realize I have the CD mounted :P I don't have sound yet either but I have not messed with that at all yet. Any help is *greatly* appreciated, Jonathan Error Message: Starcraft is unable to read a required file. Your Starcraft CD may not be in the CDROM drive... ~/.wine/dosdevices > ll total 0 lrwxr-xr-x 1 jonathan jonathan 10 Feb 18 10:26 c: -> ../drive_c lrwxr-xr-x 1 jonathan jonathan 11 Feb 18 11:44 d: -> /mnt/cdrom/ lrwxr-xr-x 1 jonathan jonathan 8 Feb 18 10:33 d:: -> /dev/md0 lrwxr-xr-x 1 jonathan jonathan 1 Feb 18 10:26 z: -> / > ll /mnt/cdrom total 592758 -r-xr-xr-x 1 root wheel 40 Jan 8 1998 autorun.inf dr-xr-xr-x 1 root wheel 2048 Dec 20 1999 directx5 dr-xr-xr-x 1 root wheel 2048 Dec 20 1999 help -r-xr-xr-x 1 root wheel 606857006 Mar 11 1999 install.exe dr-xr-xr-x 1 root wheel 2048 Dec 20 1999 isp -r-xr-xr-x 1 root wheel 1078 Jan 14 1998 sc.ico -r-xr-xr-x 1 root wheel 25088 Jan 14 1998 setup.exe -r-xr-xr-x 1 root wheel 95232 Jan 20 1998 smackw32.dll ~/.wine/config [Drive D] "Path" = "/mnt/cdrom" "Type" = "cdrom" "Label" = "CD-Rom" "Filesystem" = "win95" ; make sure that device is correct and has proper permissions ! "Device" = "/dev/md0" > cd ~/.wine/drive_c/Program\ Files/Starcraft/ > wine StarCraft.exe fixme:file:get_default_drive_device auto detection of DOS devices not supported on this platform fixme:cdrom:CDROM_GetInterfaceInfo not implemented for BSD Converted drive type to new entry HKLM\Software\Wine\Drives "C:" = L"hd" Converted drive type to new entry HKLM\Software\Wine\Drives "D:" = L"cdrom" Converted drive type to new entry HKLM\Software\Wine\Drives "E:" = L"hd" Converted drive type to new entry HKLM\Software\Wine\Drives "F:" = L"network" Converted drive type to new entry HKLM\Software\Wine\Drives "Z:" = L"hd" fixme:ntdll:NtQueryVolumeInformationFile device info not properly supported on this platform err:heap:HEAP_CreateSystemHeap system heap base address 0x80000000 not available Please use the registry key HKEY_CURRENT_CONFIG\Software\Fonts\LogPixels to set the screen resolution and remove the "Resolution" entry in the config file From okan Fri Feb 18 12:07:05 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 12:07:05 -0500 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: References: <20050218162723.GB21934@yinaska.pair.com> Message-ID: <20050218170705.GA40099@yinaska.pair.com> On Fri 2005.02.18 at 11:57 -0500, steverieger wrote: > My /etc/vfstab looks like this (just one entry > > /path/to/dev /mnt/point ufs 2 yes logging,ro,noatime,nosuid,forcedirectio > noatime is self explanatory > forcedirectio, means that all the large files on my web server that get sent > out have a direct io instead of being buffered via the kernel. > > This is for my apache slice ok, for the www slice, makes sense. (not to nit-pick, but why logging/noatime if ro? unless freebsd's ufs2 logging/noatime is doing something i don't know about. i was more looking for reasons behind mounting /usr ro, but no big deal. i've had this arguement both ways in past lives, hence my curiousity. thanks > On 2/18/05 11:27 AM, "Okan Demirmen" wrote: > > > On Fri 2005.02.18 at 08:37 -0500, steverieger wrote: > >> To be honest with you > >> > >> I have this exact issue with the fbsd folks (the developers not the users) > >> > >> On my other os, I always mount /usr as read only, and all my sql and apache > >> stuff goes elswhere, but the default fbsd setup puts the apache rootdir in > >> /usr/local/www and sometimes the /var slice is a bit small to handle all my > >> databases. > > > > i'm not too familiar with where stuff goes in freebsd, but i like data > > in /var - including www and mysql and pgsql...etc. but each data dir > > gets its own slice if it is important to me. > > > >> But for any decent sys admin I recommend to always mount /usr as > >> ro,nosuid,logging > > > > i've heard that statement many times before, but what exactly does > > that give you? mounting /usr as nosuid? - what do you break? read-only > > /usr for what reason? whoever gets root can easily do a re-mount. > > not flaming, but curious to hear additional reasons that i've heard > > before behind this ;) > > > > cheers > > > >> > >> My .02C > >> > >> > >> > >> > >> On 2/17/05 9:46 PM, "G. Rosamond" wrote: > >> > >>> There's a great security document and tool available for a number of > >>> OSs, including FreeBSD, at www.cisecurity.org > >>> > >>> I'm going through the doc right now, which documents the tool's > >>> procedures. . . some looks pretty basic (disabling anonymous ftp) but > >>> some is very interesting (making sure no dot files are world > >>> writeable). > >>> > >>> Highly recommended. > >>> > >>> I'm going to run on my FBSD 5.3 workstation now, and maybe tryout on a > >>> less-than-mission-critical server tomorrow . . . > >>> > >>> George > >>> > >>> _______________________________________________ > >>> % NYC*BUG talk mailing list > >>> http://lists.nycbug.org/mailman/listinfo/talk > >>> %Be sure to check out our Jobs and NYCBUG-announce lists > >>> %We meet the first Wednesday of the month > >>> > >> > >> > >> _______________________________________________ > >> % NYC*BUG talk mailing list > >> http://lists.nycbug.org/mailman/listinfo/talk > >> %Be sure to check out our Jobs and NYCBUG-announce lists > >> %We meet the first Wednesday of the month > > -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From dlavigne6 Fri Feb 18 12:28:15 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 12:28:15 -0500 (EST) Subject: [nycbug-talk] Re: wondering where Richte is at? In-Reply-To: <20050218164754.GB885@mail.theholymountain.com> References: <0445708ef11380246cb1078d644f5fa3@lesmuug.org> <20050218164754.GB885@mail.theholymountain.com> Message-ID: <20050218122657.E553@dru.domain.org> On Fri, 18 Feb 2005, Jesse Callaway wrote: > On Fri, Feb 18, 2005 at 10:56:23AM -0500, Isaac Levy wrote: >> Hi BER, >> >> So I was just thinking about a conversation we had a while back about >> Dennis Richte, and asking him if he would do a nycbug meeting. I had a >> few questions for you about this idea- >> >> 1) Where is Dennis Richte? You'd said he was around the northeast here? >> >> 2) What do you think is the best way to approach him? Should we just >> email him out of the blue? >> >> 3) Do you have any suggestions for starting points for topics, seeing >> as the possibilities are quite broad? (i.e. what do you think he has >> that's really special to share with little unix youngin's like me?) >> >> Rocket- >> .ike >> > > mmmm.... I'm getting tingly all over thinking about megaloencephalic rodentia. One of my favourite bookmarks is Dennis' homepage (with contact info): http://cm.bell-labs.com/who/dmr/index.html If you guys get Dennis, I'm definitely coming down! Dru From dlavigne6 Fri Feb 18 12:31:27 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 12:31:27 -0500 (EST) Subject: [nycbug-talk] why /var? In-Reply-To: References: Message-ID: <20050218122904.W553@dru.domain.org> Out of pure innocent curiosity, why do you prefer /var? I don't see the logic as I never thought of a website as "variable" data but I'm interested in hearing someone else's point of view. Dru From tillman Fri Feb 18 12:28:38 2005 From: tillman (Tillman Hodgson) Date: Fri, 18 Feb 2005 11:28:38 -0600 Subject: [nycbug-talk] FreeBSD security document & tool. . . In-Reply-To: References: <0ecd8008e39477e42ccb51c09ae2ba53@sddi.net> Message-ID: <20050218172838.GE92490@seekingfire.com> On Fri, Feb 18, 2005 at 08:37:14AM -0500, steverieger wrote: > To be honest with you > > I have this exact issue with the fbsd folks (the developers not the users) > > On my other os, I always mount /usr as read only, and all my sql and apache > stuff goes elswhere, but the default fbsd setup puts the apache rootdir in > /usr/local/www and sometimes the /var slice is a bit small to handle all my > databases. > > But for any decent sys admin I recommend to always mount /usr as > ro,nosuid,logging I usually do mount /usr with restricted rights on boxes where the ability to upgrade quickly isn't a concern (the security tradeoff for thsi practice). But I also have /usr/local as a seperate partition (as well as /usr/ports, /usr/obj and /usr/src -- those are usually remote filesystems in my case anyway). -T -- There should be a science of discontent. People need hard times and oppression to develop psychic muscles. - from "Collected Sayings of Muad'Dib" by the Princess Irulan From daggerquill Fri Feb 18 13:42:12 2005 From: daggerquill (Jay) Date: Fri, 18 Feb 2005 13:42:12 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218122904.W553@dru.domain.org> References: <20050218122904.W553@dru.domain.org> Message-ID: <4ce365ec050218104253ee27cf@mail.gmail.com> On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru wrote: > > Out of pure innocent curiosity, why do you prefer /var? I don't see the > logic as I never thought of a website as "variable" data but I'm > interested in hearing someone else's point of view. > > Dru I can't speak for anyone else, but I can tell you why I like /var. It all depends on how you define 'variable'. From a system standpoint, websites are fairly variable. Unlike the executables in /bin, /sbin, and /usr/*, web content is intended to change. Maybe not everday, but often. In an ideal world, executables are completely static; if they didn't have bugs, we'd never touch them. Also, if you have any kind of user-generated web data--bbs, bloggs, file submission pages--web data is extrememly variable. The best answer, though, is that /var is where system daemons put their data. Most partition labels don't accurately reflect use anymore, anyway. We don't let many users store publically accessible executables in /usr/bin or /usr/local/bin, even though that's what they're there for. Close to half of anything in most most variations on the bin theme is likely to not even be binary, but executables in some interpreted or compiled and interpreted language like perl, python, or java. And if we're going to be really serious about truth in advertising on filesystems, the mail spool should almost certainly go in /tmp, and the only honest label for the rest would be to make one big /etc partition and leave it at that. But these things have a long and not always rational history, and /var is where daemon's put their data, and /usr isn't where users put their data. And it makes sense to put the webroot with the mail spool and the database directories so that you can harden /usr and enforce a serious look, but don't touch policy on that partition. This is probably a theological issue, though. best, --jay From okan Fri Feb 18 14:17:02 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 14:17:02 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: <20050218191702.GA71889@yinaska.pair.com> On Fri 2005.02.18 at 13:42 -0500, Jay wrote: > On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru wrote: > > > > Out of pure innocent curiosity, why do you prefer /var? I don't see the > > logic as I never thought of a website as "variable" data but I'm > > interested in hearing someone else's point of view. > > > > Dru > > I can't speak for anyone else, but I can tell you why I like /var. It > all depends on how you define 'variable'. From a system standpoint, > websites are fairly variable. Unlike the executables in /bin, /sbin, > and /usr/*, web content is intended to change. Maybe not everday, but > often. In an ideal world, executables are completely static; if they > didn't have bugs, we'd never touch them. Also, if you have any kind > of user-generated web data--bbs, bloggs, file submission pages--web > data is extrememly variable. > > The best answer, though, is that /var is where system daemons put > their data. Most partition labels don't accurately reflect use > anymore, anyway. We don't let many users store publically accessible > executables in /usr/bin or /usr/local/bin, even though that's what > they're there for. Close to half of anything in most most variations > on the bin theme is likely to not even be binary, but executables in > some interpreted or compiled and interpreted language like perl, > python, or java. And if we're going to be really serious about truth > in advertising on filesystems, the mail spool should almost certainly > go in /tmp, and the only honest label for the rest would be to make > one big /etc partition and leave it at that. > > But these things have a long and not always rational history, and /var > is where daemon's put their data, and /usr isn't where users put their > data. And it makes sense to put the webroot with the mail spool and > the database directories so that you can harden /usr and enforce a > serious look, but don't touch policy on that partition. as you didn't intend to speak for anyone else, you did mostly for me ;) i agree with what you have stated. one can take /var, and its depths (/var/mysql /var/www /var/named /var/spool /var/mail .... one slice or many) and ship them somewhere else, without arch/os concerns(mostly). /usr contains utils and applications (minus the stuff on /) - one note here, i don't quite agree with freebsd's location for /usr/local/etc - creates one more place to keep track of - i know i'll hear about this futher in this thread ;) > This is probably a theological issue, though. yes, most certainly. okan > best, > > --jay > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From bschonhorst Fri Feb 18 14:57:48 2005 From: bschonhorst (Brad Schonhorst) Date: Fri, 18 Feb 2005 14:57:48 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218191702.GA71889@yinaska.pair.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <20050218191702.GA71889@yinaska.pair.com> Message-ID: <6048e8467a07f24c7316728eda290394@vcsnyc.org> On Feb 18, 2005, at 2:17 PM, Okan Demirmen wrote: > On Fri 2005.02.18 at 13:42 -0500, Jay wrote: >> On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru >> wrote: >>> >>> Out of pure innocent curiosity, why do you prefer /var? I don't see >>> the >>> logic as I never thought of a website as "variable" data but I'm >>> interested in hearing someone else's point of view. >>> >>> Dru >> >> I can't speak for anyone else, but I can tell you why I like /var. It >> all depends on how you define 'variable'. From a system standpoint, >> websites are fairly variable. Unlike the executables in /bin, /sbin, >> and /usr/*, web content is intended to change. Maybe not everday, but >> often. In an ideal world, executables are completely static; if they >> didn't have bugs, we'd never touch them. Also, if you have any kind >> of user-generated web data--bbs, bloggs, file submission pages--web >> data is extrememly variable. >> >> The best answer, though, is that /var is where system daemons put >> their data. Most partition labels don't accurately reflect use >> anymore, anyway. We don't let many users store publically accessible >> executables in /usr/bin or /usr/local/bin, even though that's what >> they're there for. Close to half of anything in most most variations >> on the bin theme is likely to not even be binary, but executables in >> some interpreted or compiled and interpreted language like perl, >> python, or java. And if we're going to be really serious about truth >> in advertising on filesystems, the mail spool should almost certainly >> go in /tmp, and the only honest label for the rest would be to make >> one big /etc partition and leave it at that. >> >> But these things have a long and not always rational history, and /var >> is where daemon's put their data, and /usr isn't where users put their >> data. And it makes sense to put the webroot with the mail spool and >> the database directories so that you can harden /usr and enforce a >> serious look, but don't touch policy on that partition. > > as you didn't intend to speak for anyone else, you did mostly for me ;) I second that but the more I think about it, the issue probably has more to do with what you are used to or work on regularly. Sometimes I wonder why there isn't a /log though. > i agree with what you have stated. one can take /var, and its depths > (/var/mysql /var/www /var/named /var/spool /var/mail .... one slice > or many) and ship them somewhere else, without arch/os > concerns(mostly). > /usr contains utils and applications (minus the stuff on /) - one > note here, i don't quite agree with freebsd's location for > /usr/local/etc - creates one more place to keep track of - i know > i'll hear about this futher in this thread ;) > That always bothered me too, I guess I understand the idea of putting sys config files in /etc and any additional software configs in /user/local/etc but because I work on many OS's, I always find myself first searching /etc, taking a moment to scratch my head and then remembering /usr/local/etc. Gotta say, it seems that 2 places for config files violates the KISS rule... -Brad From chsnyder Fri Feb 18 15:10:18 2005 From: chsnyder (csnyder) Date: Fri, 18 Feb 2005 15:10:18 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218122904.W553@dru.domain.org> References: <20050218122904.W553@dru.domain.org> Message-ID: On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru wrote: > > Out of pure innocent curiosity, why do you prefer /var? I don't see the > logic as I never thought of a website as "variable" data but I'm > interested in hearing someone else's point of view. > > Dru I think using /var for a website implies that there is only one website on the host. I was suprised to see this when I first started using FreeBSD, but I accept it now as "one of those things." It's better than /usr/local/apache/htdocs for sure. For virtual hosting setups, or situations where multiple users need to access the same site, I always put them in the /home tree as /home/ From dan Fri Feb 18 15:51:15 2005 From: dan (Dan Langille) Date: Fri, 18 Feb 2005 15:51:15 -0500 Subject: [nycbug-talk] BSDCan - program publicity Message-ID: <42160EF3.2004.E9FFA02@localhost> Gidday folks, The BSDCan program will be announced soon. I'm looking for help in distributing and organizing publicity for this announcement. I will be sending the schedule out the BSDCan announce mailing list firs and updating the BSDCan website. Then I'll hit bsdnews.com. What I'd like is volunteers to post references to those stories on other websites. If you have a suggestion, let us know what website you'll hit. If you don't want to post the announcement, just suggest a website, and perhaps we'll get others to post instead. A few weeks later, another announcement will be sent. This will include the schedule and the opening of registration. This represents a second waves of posts to websites. It'd be nice if people could rally again for the second hit. Thanks. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From pete Fri Feb 18 15:52:00 2005 From: pete (Pete Wright) Date: Fri, 18 Feb 2005 15:52:00 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <20050218205200.GA17998@finn.nomadlogic.org> On Fri, Feb 18, 2005 at 03:51:15PM -0500, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. > > A few weeks later, another announcement will be sent. This will > include the schedule and the opening of registration. This represents > a second waves of posts to websites. It'd be nice if people could > rally again for the second hit. > count me in for posting to the so. cal. bsd users lists. i'll also hit the general la unix user groups as well. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From dlavigne6 Fri Feb 18 16:18:03 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 16:18:03 -0500 (EST) Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <20050218161741.D553@dru.domain.org> On Fri, 18 Feb 2005, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. I'll definitely write up an O'Reilly blog... Dru From dlavigne6 Fri Feb 18 16:19:57 2005 From: dlavigne6 (Dru) Date: Fri, 18 Feb 2005 16:19:57 -0500 (EST) Subject: [nycbug-talk] why /var? In-Reply-To: <20050218191702.GA71889@yinaska.pair.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <20050218191702.GA71889@yinaska.pair.com> Message-ID: <20050218161909.Q553@dru.domain.org> Thanks, all :-) I knew I could count on nycbug for a thorough explanation without an ensueing flame war... Dru From pete Fri Feb 18 16:08:42 2005 From: pete (Pete Wright) Date: Fri, 18 Feb 2005 16:08:42 -0500 Subject: [nycbug-talk] sysinstall substitue Message-ID: <20050218210842.GC17998@finn.nomadlogic.org> hey all, i've been playing with doing install's via serial console on a sun box i got here. i'd have to say after installing solaris, net free and open bsd via console that netbsd probably has the best installer followed by open's. i know there is a long running debate on the freebsd lists re. sysinstall and how it needs to be "fixed". what i found during with installing freebsd via console on the sparc is that the menu's are pretty much useless...while netbsd's installer not only worked without a hitch, clearly labeled short-cut keys were also available. given a menu like this: a) start install b) some other option c) another option you can either use the arrow keys to highlight a option or just press a,b or c. i know this is possible with sysinstall...but could not get it to work properlly on my sun box. btw this is just one feature of the net install system...i've found many other features that sysinstall is lacking. so...does anyone have an opinion on the possibility of porting the netbsd installer over to free. honestly i don't even know what lang. net's installer is written in... -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From steve.rieger Fri Feb 18 16:23:31 2005 From: steve.rieger (Steve Rieger) Date: Fri, 18 Feb 2005 16:23:31 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050218161909.Q553@dru.domain.org> Message-ID: Some folks prefer many separate slices for different directories, and some folks only have / /usr /tmp /var and swap, I have many including /usr/local/nbin where I put all user binaries/scripts that need to be accessed by all, /usr/local/cbin for cron binaries/scripts I also divide /var/log and /var/spool, but then again I spend about two days setting up a new server, In the past (when doing a new mail server) I also formatted the hd with 4bytes instead of the usual, I also take into consideration where I will out what slice on the physical drive depending what it will do. The options are endless, just go with what you are comfortable, but once in a while try something new. On 2/18/05 4:19 PM, "Dru" wrote: > > Thanks, all :-) I knew I could count on nycbug for a thorough explanation > without an ensueing flame war... > > Dru > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > -- Steve Rieger Ext; 1131 Cell 646-335-8915 DC 173*101254*4 From george Fri Feb 18 16:24:06 2005 From: george (G. Rosamond) Date: Fri, 18 Feb 2005 16:24:06 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: On Feb 18, 2005, at 3:51 PM, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. > > A few weeks later, another announcement will be sent. This will > include the schedule and the opening of registration. This represents > a second waves of posts to websites. It'd be nice if people could > rally again for the second hit. > > Thanks. > Me, on the other hand, is going to keep it a secret, since we don't want too big a BSDCan. . . I mean, it did get difficult finding an outdoor table in Ottawa already.. . I'll do DN. I assume Marco will hit NYCBUG's announce. . . I've already created the text for the next announce email. g From bob Fri Feb 18 16:31:21 2005 From: bob (Bob Ippolito) Date: Fri, 18 Feb 2005 16:31:21 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: On Feb 18, 2005, at 1:42 PM, Jay wrote: > On Fri, 18 Feb 2005 12:31:27 -0500 (EST), Dru > wrote: >> >> Out of pure innocent curiosity, why do you prefer /var? I don't see >> the >> logic as I never thought of a website as "variable" data but I'm >> interested in hearing someone else's point of view. > > The best answer, though, is that /var is where system daemons put > their data. Most partition labels don't accurately reflect use > anymore, anyway. We don't let many users store publically accessible > executables in /usr/bin or /usr/local/bin, even though that's what > they're there for. Close to half of anything in most most variations > on the bin theme is likely to not even be binary, but executables in > some interpreted or compiled and interpreted language like perl, > python, or java. And if we're going to be really serious about truth > in advertising on filesystems, the mail spool should almost certainly > go in /tmp, and the only honest label for the rest would be to make > one big /etc partition and leave it at that. "bin" really means "executable". As for the mail spool, the idea is that it's supposed to be persistent until it's ready to go out. You should be able to wipe /tmp on reboot (if not more often) without any adverse effects, that wouldn't be true if the mail spool was there. Just because it's volatile doesn't mean it's temporary.. -bob From pete Fri Feb 18 16:30:59 2005 From: pete (Pete Wright) Date: Fri, 18 Feb 2005 16:30:59 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218161909.Q553@dru.domain.org> Message-ID: <20050218213059.GA18338@finn.nomadlogic.org> On Fri, Feb 18, 2005 at 04:23:31PM -0500, Steve Rieger wrote: > Some folks prefer many separate slices for different directories, and some > folks only have / /usr /tmp /var and swap, I have many including > /usr/local/nbin where I put all user binaries/scripts that need to be > accessed by all, /usr/local/cbin for cron binaries/scripts I also divide > /var/log and /var/spool, but then again I spend about two days setting up a > new server, > > In the past (when doing a new mail server) I also formatted the hd with > 4bytes instead of the usual, I also take into consideration where I will out > what slice on the physical drive depending what it will do. > > > The options are endless, just go with what you are comfortable, but once in > a while try something new. well that's really the beauty of the unix filesystem eh? -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From okan Fri Feb 18 16:51:25 2005 From: okan (Okan Demirmen) Date: Fri, 18 Feb 2005 16:51:25 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <20050218215125.GA10099@yinaska.pair.com> On Fri 2005.02.18 at 15:51 -0500, Dan Langille wrote: > Gidday folks, > > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. > > I will be sending the schedule out the BSDCan announce mailing list > firs and updating the BSDCan website. Then I'll hit bsdnews.com. > > What I'd like is volunteers to post references to those stories on > other websites. If you have a suggestion, let us know what website > you'll hit. If you don't want to post the announcement, just suggest > a website, and perhaps we'll get others to post instead. > > A few weeks later, another announcement will be sent. This will > include the schedule and the opening of registration. This represents > a second waves of posts to websites. It'd be nice if people could > rally again for the second hit. i'll hit up undeadly.org > Thanks. > -- > Dan Langille : http://www.langille.org/ > BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From daggerquill Fri Feb 18 17:13:16 2005 From: daggerquill (Jay) Date: Fri, 18 Feb 2005 17:13:16 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: <4ce365ec05021814134d779a4@mail.gmail.com> On Fri, 18 Feb 2005 16:31:21 -0500, Bob Ippolito wrote: > "bin" really means "executable". > > As for the mail spool, the idea is that it's supposed to be persistent > until it's ready to go out. You should be able to wipe /tmp on reboot > (if not more often) without any adverse effects, that wouldn't be true > if the mail spool was there. Just because it's volatile doesn't mean > it's temporary.. > That's exactly the point. "bin" doesn't mean executable, per se; it's short for "binary". It's used to mean "executable" because "binary" and "executable" were interchangeable. Your program had to be a compiled binary to run. In many cases that's still true, but it's becoming less true by the day, particularly on things like large web servers: think how much code in cgi-bin is likely to be perl or python scripts. The name, however, has stuck around, and will continue to stick around because it's what people are used to. /exec would me more descriptive, though, or OS X's "/Applications", or even Windows "C:\Program Files". I'm not adovcating a change; I'm just pointing out that you can't trust the partition labels to adequately describe the content. I'm not advocating moving the mail spool to /tmp, either. Clearly that would be disasterous. but if we're talking about truth in advertising, spools aren't "variable" data like logs, or databases, or /var/run files that serve to save, record, or report particular system, data, or harware states. Spools are a place to temporarily store data until confirmation is recieved that they've been handled appropriately. "Persistent unil [I'm done with it]" sounds like a temp file to me. A potentially long-lived temp fiels, but still a temp file. Again, I'm not objecting to the naming scheme, just saying that we need to take the labels with a grain of salt (or two). --jay From bob Fri Feb 18 17:36:13 2005 From: bob (Bob Ippolito) Date: Fri, 18 Feb 2005 17:36:13 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec05021814134d779a4@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> Message-ID: <8078167320d59657837c5ebe9c24f634@redivi.com> On Feb 18, 2005, at 5:13 PM, Jay wrote: > On Fri, 18 Feb 2005 16:31:21 -0500, Bob Ippolito > wrote: > >> "bin" really means "executable". >> >> As for the mail spool, the idea is that it's supposed to be persistent >> until it's ready to go out. You should be able to wipe /tmp on reboot >> (if not more often) without any adverse effects, that wouldn't be true >> if the mail spool was there. Just because it's volatile doesn't mean >> it's temporary.. > > That's exactly the point. "bin" doesn't mean executable, per se; it's > short for "binary". It's used to mean "executable" because "binary" > and "executable" were interchangeable. Your program had to be a > compiled binary to run. In many cases that's still true, but it's > becoming less true by the day, particularly on things like large web > servers: think how much code in cgi-bin is likely to be perl or python > scripts. The name, however, has stuck around, and will continue to > stick around because it's what people are used to. /exec would me > more descriptive, though, or OS X's "/Applications", or even Windows > "C:\Program Files". I'm not adovcating a change; I'm just pointing > out that you can't trust the partition labels to adequately describe > the content. Well, shared libraries and the kernel also clearly fit the original meaning of "bin" (as you describe it). The intention has always been executable.. I wouldn't be surprised if bin was chosen because it was easy to type, most UNIX terms are pretty optimal on a QWERTY keyboard. Perhaps it's just finger memory, but I find "bin" a lot easier to type than "exe" or "exec". The big difference between UNIX naming and NeXT / Windows naming schemes is that in the these worlds you keep your application and everything (static) having to do with that application in *one* place. On NeXT based systems /Applications is very different than /usr/bin. Effectively, each application bundle is its own "/usr/local" tree. You find names like "Resources" instead of "share", "Frameworks" instead of "lib", and (i.e. "MacOS") instead of "bin". It's basically turtles all the way down in the NeXT case; Frameworks are also equivalent to a subset of the "/usr/local" tree. The root of the framework is "lib", "Headers" is "include" and "Resources" is "share". Windows is mostly similar to this (applications+static resources have their own tree), except that there is no standard schema for how that tree should look, and a lot of Windows applications misbehave and toss some stuff into the Windows equivalent of "/usr/lib". You really don't see that on NeXT or Mac OS X, unless the developer is really naive or lazy. > I'm not advocating moving the mail spool to /tmp, either. Clearly > that would be disasterous. but if we're talking about truth in > advertising, spools aren't "variable" data like logs, or databases, or > /var/run files that serve to save, record, or report particular > system, data, or harware states. Spools are a place to temporarily > store data until confirmation is recieved that they've been handled > appropriately. "Persistent unil [I'm done with it]" sounds like a > temp file to me. A potentially long-lived temp fiels, but still a > temp file. Temporary files are intended to go away as soon as the controlling process does or sooner. Clearly, a mail spool is a database. Just because its usage pattern tries to ensure that the database shouldn't contain many items at a given time doesn't make the database itself temporary. > Again, I'm not objecting to the naming scheme, just saying that we > need to take the labels with a grain of salt (or two). Likewise -- maybe we should upgrade that grain to a dash? :) -bob From john Fri Feb 18 17:53:55 2005 From: john (John Bacall) Date: Fri, 18 Feb 2005 17:53:55 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: References: <42160EF3.2004.E9FFA02@localhost> Message-ID: <200502181746.16917.john@unixen.org> On Friday 18 February 2005 04:24 pm, G. Rosamond wrote: > > What I'd like is volunteers to post references to those stories on > > other websites. If you have a suggestion, let us know what website > > you'll hit. > I'll do DN. I can do undeadly, as well as nylug-announce. If you can make it easy on folks, branch all such `to disseminate' posts off 1 (one) thread, one level off the root post, please: Subject: junk `> Re: junk `> `> `> disseminate `> disseminate `> Re: junk `> `> `> disseminate John From george Fri Feb 18 18:25:07 2005 From: george (G. Rosamond) Date: Fri, 18 Feb 2005 18:25:07 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <200502181746.16917.john@unixen.org> References: <42160EF3.2004.E9FFA02@localhost> <200502181746.16917.john@unixen.org> Message-ID: On Feb 18, 2005, at 5:53 PM, John Bacall wrote: > On Friday 18 February 2005 04:24 pm, G. Rosamond wrote: >>> What I'd like is volunteers to post references to those stories on >>> other websites. If you have a suggestion, let us know what website >>> you'll hit. > >> I'll do DN. > > I can do undeadly, as well as nylug-announce. If you can make it easy > on > folks, branch all such `to disseminate' posts off 1 (one) thread, one > level off the root post, please: > > Subject: junk > `> Re: junk > `> > `> > `> disseminate > `> disseminate > `> Re: junk > `> > `> > `> disseminate > John-John. . . You're confusing me. What are you talking about? g From john Fri Feb 18 19:46:20 2005 From: john (John Bacall) Date: Fri, 18 Feb 2005 19:46:20 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: References: <42160EF3.2004.E9FFA02@localhost> <200502181746.16917.john@unixen.org> Message-ID: <200502181939.28365.john@unixen.org> Dan mentioned he will pass on 'more' details that need advertising as they become available. As I 'have' some spare time presently am more than happy to help. Usually I am a regular with volunteering for such duty, but it gets 'challenging' chasing down such ensuing details, buried off 'various' threads. John-John From george Fri Feb 18 20:29:37 2005 From: george (George Georgalis) Date: Fri, 18 Feb 2005 20:29:37 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <8078167320d59657837c5ebe9c24f634@redivi.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> Message-ID: <20050219012937.GA2419@xeon> On Fri, Feb 18, 2005 at 05:36:13PM -0500, Bob Ippolito wrote: > >On Feb 18, 2005, at 5:13 PM, Jay wrote: > >>Again, I'm not objecting to the naming scheme, just saying that we >>need to take the labels with a grain of salt (or two). > >Likewise -- maybe we should upgrade that grain to a dash? :) > Just some to throw in the mix, I don't put scripts in /usr/local/bin I put them in /usr/local/script and add that to the host's PATH when I create it. That way if I ever backup or reinstall, I don't bring all those local binaries (which I'll want to recompile on the new host). As a rule of thumb, I don't make directories with plural names. Sometimes plural is appropriate, but at the end of the path, the file is singular. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From jesse Sat Feb 19 04:57:54 2005 From: jesse (Jesse Callaway) Date: Sat, 19 Feb 2005 04:57:54 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219012937.GA2419@xeon> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> Message-ID: <20050219095754.GA6280@mail.theholymountain.com> On Fri, Feb 18, 2005 at 08:29:37PM -0500, George Georgalis wrote: > On Fri, Feb 18, 2005 at 05:36:13PM -0500, Bob Ippolito wrote: > > > >On Feb 18, 2005, at 5:13 PM, Jay wrote: > > > >>Again, I'm not objecting to the naming scheme, just saying that we > >>need to take the labels with a grain of salt (or two). > > > >Likewise -- maybe we should upgrade that grain to a dash? :) > > > > Just some to throw in the mix, I don't put scripts in /usr/local/bin I > put them in /usr/local/script and add that to the host's PATH when I > create it. That way if I ever backup or reinstall, I don't bring all > those local binaries (which I'll want to recompile on the new host). > > As a rule of thumb, I don't make directories with plural names. Sometimes > plural is appropriate, but at the end of the path, the file is singular. > > // George > Wow, plural? What's the deal with that? No 'media' folders? -jesse From george Sat Feb 19 10:38:58 2005 From: george (George Georgalis) Date: Sat, 19 Feb 2005 10:38:58 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219095754.GA6280@mail.theholymountain.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> <20050219095754.GA6280@mail.theholymountain.com> Message-ID: <20050219153858.GA2798@xeon> On Sat, Feb 19, 2005 at 04:57:54AM -0500, Jesse Callaway wrote: >On Fri, Feb 18, 2005 at 08:29:37PM -0500, George Georgalis wrote: >> On Fri, Feb 18, 2005 at 05:36:13PM -0500, Bob Ippolito wrote: >> > >> >On Feb 18, 2005, at 5:13 PM, Jay wrote: >> > >> >>Again, I'm not objecting to the naming scheme, just saying that we >> >>need to take the labels with a grain of salt (or two). >> > >> >Likewise -- maybe we should upgrade that grain to a dash? :) >> > >> >> Just some to throw in the mix, I don't put scripts in /usr/local/bin I >> put them in /usr/local/script and add that to the host's PATH when I >> create it. That way if I ever backup or reinstall, I don't bring all >> those local binaries (which I'll want to recompile on the new host). >> >> As a rule of thumb, I don't make directories with plural names. Sometimes >> plural is appropriate, but at the end of the path, the file is singular. >> >> // George >> > >Wow, plural? What's the deal with that? No 'media' folders? No 'medias' no 'hosts' no 'domains' folder - just the singular form. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From marco Sat Feb 19 10:45:15 2005 From: marco (marco at metm.org) Date: Sat, 19 Feb 2005 10:45:15 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219153858.GA2798@xeon> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> <20050219095754.GA6280@mail.theholymountain.com> <20050219153858.GA2798@xeon> Message-ID: <20050219154514.GI5654@metm.org> On Sat, Feb 19, 2005 at 10:38:58AM -0500, George Georgalis wrote: >>> As a rule of thumb, I don't make directories with plural names. Sometimes >>> plural is appropriate, but at the end of the path, the file is singular. >> >On Sat, Feb 19, 2005 at 04:57:54AM -0500, Jesse Callaway wrote: >>Wow, plural? What's the deal with that? No 'media' folders? > >No 'medias' no 'hosts' no 'domains' folder - just the singular form. > Former database programmer huh? -- Marco From george Sat Feb 19 15:22:03 2005 From: george (George Georgalis) Date: Sat, 19 Feb 2005 15:22:03 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <20050219154514.GI5654@metm.org> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> <4ce365ec05021814134d779a4@mail.gmail.com> <8078167320d59657837c5ebe9c24f634@redivi.com> <20050219012937.GA2419@xeon> <20050219095754.GA6280@mail.theholymountain.com> <20050219153858.GA2798@xeon> <20050219154514.GI5654@metm.org> Message-ID: <20050219202203.GC2798@xeon> On Sat, Feb 19, 2005 at 10:45:15AM -0500, marco at metm.org wrote: >On Sat, Feb 19, 2005 at 10:38:58AM -0500, George Georgalis wrote: >>>> As a rule of thumb, I don't make directories with plural names. Sometimes >>>> plural is appropriate, but at the end of the path, the file is singular. >>> >>On Sat, Feb 19, 2005 at 04:57:54AM -0500, Jesse Callaway wrote: >>>Wow, plural? What's the deal with that? No 'media' folders? >> >>No 'medias' no 'hosts' no 'domains' folder - just the singular form. >> >Former database programmer huh? nah, I just think proper names (and naming sustem) are very important. depending on context, directories could be plural eg "./distfiles" so I vacillated a while and finally decided, damn it, even if I sometimes refer to "./distfiles", "./distfile/*" implies plural and is less typing. (I'm putting in /usr/local/distfile, with the implied functionality, on Linux systems now, and making it nfs where possible, vs typical linux /usr/local/src containing tarballs and extracted source... not going off the deep end, changing BSD.) I'm not quite up to Jesse's security model, one file per spindle. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From ike Sat Feb 19 20:53:53 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 20:53:53 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: Hi All, On Feb 18, 2005, at 1:42 PM, Jay wrote: > This is probably a theological issue, though. Heh. I've spent a lot of time studying userland hierarchies on various systems in the last year, and from what I've found historically, this has indeed always been a theological issue . Every notable variation I've seen simply has various tradeoffs, but what I've found interesting, is that things fundamentally haven't changed in 35+ years for most systems. The lexical logic is the same- and on most systems, pretty easy to figure out- (i.e. I've seen veteran BSD heads not even flinch jumping into /Users/ on OSX- [though perhaps grumble about the upper-case U]). Especially after Bob posted the Next/Cocoa logic, what I wanted to contribute to this thread is: man 7 hier A bunch of folks here likely already know about this man page, but for those who don't, any good unix should explain it's reasoning for it's userland layout. With that, I'll post a few man pages in this thread from various boxen running close to me,, but the FreeBSD man page site has man hier for all the BSD's, and a LOT of other platforms, here: http://www.freebsd.org/cgi/man.cgi? query=hier&apropos=0&sektion=0&manpath=FreeBSD+5.3- RELEASE+and+Ports&format=html -- If you have a platform that's not there, I'd love to see the hier man page posted in this thread- If you want to make a text file of a man page, it's annoying to pipe to file because of the reverse-line-feeds when printed on screen, here's the commands I used to make the files I'm posting to this thread (replace 'SomeUnixFilename.txt' with whatever filename you want to): uname -a >> SomeUnixFilename.txt && man hier | col -bx >> SomeUnixFilename.txt Rocket- .ike From ike Sat Feb 19 20:57:51 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 20:57:51 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: <4ce365ec050218104253ee27cf@mail.gmail.com> References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: For the record in this thread, Darwin 6 and 7(current) have the same man page, both are below, -- Darwin codd 6.6 Darwin Kernel Version 6.6: Sun Jul 6 05:12:51 PDT 2003; root:tmp/xnu-6.6.2-4-root.obj/RELEASE_PPC Power Macintosh powerpc HIER(7) System Miscellaneous Information Manual HIER(7) NAME hier - layout of filesystems DESCRIPTION A sketch of the filesystem hierarchy. / root directory of the filesystem /bin/ user utilities fundamental to both single-user and multi- user environments /dev/ block and character device files fd/ file descriptor files; see fd(4) /etc/ system configuration files and scripts /mach_kernel kernel executable (the operating system loaded into memory at boot time). /sbin/ system programs and administration utilities fundamental to both single-user and multi-user environments /tmp/ temporary files /usr/ contains the majority of user utilities and applications bin/ common utilities, programming tools, and applica- tions include/ standard C include files arpa/ C include files for Internet service protocols hfs/ C include files for HFS machine/ machine specific C include files net/ misc network C include files netinet/ C include files for Internet standard protocols; see inet(4) nfs/ C include files for NFS (Network File System) objc/ C include files for Objective-C protocols/ C include files for Berkeley service protocols sys/ system C include files (kernel data structures) ufs/ C include files for UFS lib/ archive libraries libexec/ system daemons & system utilities (executed by other programs) local/ executables, libraries, etc. not included by the basic operating system sbin/ system daemons & system utilities (executed by users) share/ architecture-independent data files calendar/ a variety of pre-fab calendar files; see calendar(1) dict/ word lists; see look(1) web2 words from Webster's 2nd International words common words man/ manual pages misc/ misc system-wide ascii text files mk/ templates for make; see make(1) skel/ example . (dot) files for new accounts tabset/ tab description files for a variety of terminals; used in the termcap file; see termcap(5) zoneinfo/ timezone configuration information; see tzfile(5) /var/ multi-purpose log, temporary, transient, and spool files at/ timed command scheduling files; see at(1) backups/ misc. backup files db/ misc. automatically generated system-specific database files log/ misc. system log files wtmp login/logout log; see wtmp(5) mail/ user mailbox files run/ system information files describing various info about system since it was booted utmp database of current users; see utmp(5) rwho/ rwho data files; see rwhod(8), rwho(1), and ruptime(1) spool/ misc. printer and mail system spooling directo- ries mqueue/ undelivered mail queue; see sendmail(8) tmp/ temporary files that are kept between system reboots SEE ALSO ls(1), apropos(1), whatis(1), whereis(1), finger(1), which(1), find(1), grep(1), fsck(8) HISTORY A hier manual page appeared in Version 7 AT&T UNIX. BSD June 5, 1993 BSD -- Darwin ikebook.local 7.8.0 Darwin Kernel Version 7.8.0: Wed Dec 22 14:26:17 PST 2004; root:xnu/xnu-517.11.1.obj~1/RELEASE_PPC Power Macintosh powerpc HIER(7) BSD Miscellaneous Information Manual HIER(7) NAME hier - layout of filesystems DESCRIPTION A sketch of the filesystem hierarchy. / root directory of the filesystem /bin/ user utilities fundamental to both single-user and multi- user environments /dev/ block and character device files fd/ file descriptor files; see fd(4) /etc/ system configuration files and scripts /mach_kernel kernel executable (the operating system loaded into memory at boot time). /sbin/ system programs and administration utilities fundamental to both single-user and multi-user environments /tmp/ temporary files /usr/ contains the majority of user utilities and applications bin/ common utilities, programming tools, and applica- tions include/ standard C include files arpa/ C include files for Internet service protocols hfs/ C include files for HFS machine/ machine specific C include files net/ misc network C include files netinet/ C include files for Internet standard protocols; see inet(4) nfs/ C include files for NFS (Network File System) objc/ C include files for Objective-C protocols/ C include files for Berkeley service protocols sys/ system C include files (kernel data structures) ufs/ C include files for UFS lib/ archive libraries libexec/ system daemons & system utilities (executed by other programs) local/ executables, libraries, etc. not included by the basic operating system sbin/ system daemons & system utilities (executed by users) share/ architecture-independent data files calendar/ a variety of pre-fab calendar files; see calendar(1) dict/ word lists; see look(1) web2 words from Webster's 2nd International words common words man/ manual pages misc/ misc system-wide ascii text files mk/ templates for make; see make(1) skel/ example . (dot) files for new accounts tabset/ tab description files for a variety of terminals; used in the termcap file; see termcap(5) zoneinfo/ timezone configuration information; see tzfile(5) /var/ multi-purpose log, temporary, transient, and spool files at/ timed command scheduling files; see at(1) backups/ misc. backup files db/ misc. automatically generated system-specific database files log/ misc. system log files wtmp login/logout log; see wtmp(5) mail/ user mailbox files run/ system information files describing various info about system since it was booted utmp database of current users; see utmp(5) rwho/ rwho data files; see rwhod(8), rwho(1), and ruptime(1) spool/ misc. printer and mail system spooling directo- ries mqueue/ undelivered mail queue; see sendmail(8) tmp/ temporary files that are kept between system reboots SEE ALSO ls(1), apropos(1), whatis(1), whereis(1), finger(1), which(1), find(1), grep(1), fsck(8) HISTORY A hier manual page appeared in Version 7 AT&T UNIX. BSD June 5, 1993 BSD From ike Sat Feb 19 21:11:07 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 21:11:07 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: <6fd7e4eb49c503ae49221376a5890a5d@lesmuug.org> For the record on this thread, a straight FreeBSD system, -- FreeBSD orangedragon 4.10-RELEASE FreeBSD 4.10-RELEASE #0: Tue May 25 22:47:12 GMT 2004 root at perseus.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 HIER(7) FreeBSD Miscellaneous Information Manual HIER(7) NAME hier -- layout of filesystems DESCRIPTION A sketch of the filesystem hierarchy. / root directory of the filesystem /bin/ user utilities fundamental to both single-user and multi-user environments /boot/ programs and configuration files used during operating system bootstrap defaults/ default bootstrapping configuration files; see loader.conf(5) /dev/ block and character device files MAKEDEV script for creating device files; see MAKEDEV(8) fd/ file descriptor files; see fd(4) /etc/ system configuration files and scripts defaults/ default system configuration files; see rc(8) gnats/ gnats configuration files; see send-pr(1) isdn/ isdn4bsd configuration files; see isdnd(8) kerberosIV/ configuration files for kerberos version IV; see kerberos(1) localtime local timezone information; see ctime(3) mail/ Sendmail control files mtree/ mtree configuration files; see mtree(8) namedb/ named configuration files; see named(8) periodic/ scripts that are run daily, weekly, and monthly, via cron(8); see periodic(8) ppp/ ppp configuration files; see ppp(8) ssl/ OpenSSL configuration files uucp/ uucp configuration files; see uucp(1) /kernel pure kernel executable (the operating system loaded into memory at boot time). /modules/ loadable kernel modules; see kldstat(8) /mnt/ empty directory commonly used by system administrators as a tem- porary mount point /proc/ process file system; see procfs(5), mount_procfs(8) /root/ root's HOME directory /sbin/ system programs and administration utilities fundamental to both single-user and multi-user environments /stand/ programs used in a standalone environment /tmp/ temporary files that are not guaranteed to persist across system reboots /usr/ contains the majority of user utilities and applications bin/ common utilities, programming tools, and applications games/ useful and semi-frivolous programs include/ standard C include files arpa/ C include files for Internet service pro- tocols cam/ C include files for the Common Access Methods Layer scsi/ The SCSI device on top of CAM dev/ C include files for programming various FreeBSD devices ppbus/ The parallel port bus; see ppbus(4) usb/ The USB subsystem fs/ smbfs/ SMB/CIFS filesystem g++/ GNU C++ include files std/ GNU C++ libstdc++ include files isc/ ISC utility library libisc include files isofs/ cd9660/ iso9660 filesystem kerberosIV/ C include files for kerberos authentica- tion package; see kerberos(1) libmilter/ C include files for libmilter, the send- mail mail filter API machine/ machine-specific C include files msdosfs/ MS-DOS file system net/ misc network C include files netatalk/ Appletalk protocol netatm/ ATM include files; see atm(8) netinet/ C include files for Internet standard protocols; see inet(4) netinet6/ C include files for Internet protocol version 6; see inet6(4) netipx/ IPX/SPX protocol stacks netkey/ kernel key-management service netnatm/ NATM include files; see natm(4) netns/ Xerox NS protocols netsmb/ SMB/CIFS requester nfs/ C include files for NFS (Network File System) objc/ Objective C include files openssl/ OpenSSL (Cryptography/SSL toolkit) head- ers pccard/ PC-CARD controllers posix4/ POSIX real-time extensions includes; see p1003_1b(9) protocols/ C include files for Berkeley service pro- tocols readline/ get a line from a user, with editing; see readline(3) rpc/ remote procedure calls; see rpc(3) rpcsvc/ definition of RPC service structures; see rpc(3) security/ PAM; see pam(8) ss/ MIT SIPB `subsystem' library, part of Kerberos IV. sys/ system C include files (kernel data structures) ufs/ C include files for UFS (The U-word File System) ffs/ Fast filesystem mfs/ memory file system; see mount_mfs(8) ufs/ UFS filesystem vm/ virtual memory; see vmstat(8) lib/ archive libraries aout/ a.out archive libraries compat/ shared libraries for compatibility aout/ a.out backward compatibility libraries libdata/ misc. utility data files doscmd/ files used by doscmd (drivers, fonts, etc.); see doscmd(1) fonts/ fonts used by doscmd gcc/ ??? ldscripts/ linker scripts; see ld(1) lint/ various prebuilt lint libraries; see lint(1) msdosfs/ Character set conversion tables perl/ 5.00503/ contains Perl modules for Perl version 5.00503; see perl(1) stallion/ holds the download firmware images libexec/ system daemons & system utilities (executed by other programs) aout/ utilities to manipulate a.out executables elf/ utilities to manipulate ELF executables lpr/ utilities and filters for LP print system; see lpr(1) sendmail/ the sendmail binary; see mailwrapper(8) and sendmail(8) sm.bin/ restricted shell for sendmail; see smrsh(8) uucp/ uucp utilities; see uucp(1) local/ local executables, libraries, etc. Also used as the default destination for the FreeBSD ports framework. Within local/, the general layout sketched out by hier(7) for /usr should be used. Exceptions are the man directory (directly under local/ rather than under local/share/), ports documentation (in share/doc//), and /usr/local/etc (mimics /etc). obj/ architecture-specific target tree produced by building the /usr/src tree ports/ The FreeBSD ports collection (optional). sbin/ system daemons & system utilities (executed by users) share/ architecture-independent files calendar/ a variety of pre-fab calendar files; see calendar(1) dict/ word lists; see look(1) web2 words from Webster's 2nd Inter- national words common words papers/ reference databases; see refer(1) doc/ miscellaneous documentation; source for most of the printed BSD manuals (available from the USENIX association) FAQ/ Frequently Asked Questions IPv6/ implementation notes for IPv6 bind/ documents pertaining to BIND (the Berkeley Internet Name Domain) es/ Spanish translations of docu- ments in /usr/share/doc handbook/ FreeBSD Handbook ja/ Japanese translations of docu- ments in /usr/share/doc ncurses/ HTML documents pertaining to ncurses; see ncurses(3X) ntp/ HTML documents pertaining to the Network Time Protocol papers/ UNIX Papers psd/ UNIX Programmer's Supplementary Documents ru/ Russian translations of docu- ments in /usr/share/doc smm/ UNIX System Manager's Manual tutorials/ FreeBSD tutorials usd/ UNIX User's Supplementary Docu- ments zh/ Chinese translations of docu- ments in /usr/share/doc examples/ various examples for users and programmers games/ ASCII text files used by various games groff_font/ device description file for device name info/ GNU Info hypertext system isdn/ ISDN libg++/ libg++'s genclass prototype/template class files locale/ localization files; see setlocale(3) man/ manual pages me/ macros for use with the me macro package; see me(7) misc/ misc system-wide ASCII text files fonts/ ??? pcvtfonts/ pcvt fonts; see pcvt(4) termcap terminal characteristics data- base; see termcap(5) mk/ templates for make; see make(1) nls/ national language support files; see mklocale(1) pcvt/ pcvt documentation and etc examples; see pcvt(4) perl/ perl library files; see perl(1) sendmail/ sendmail configuration files; see sendmail(8) skel/ example . (dot) files for new accounts syscons/ files used by syscons; see syscons(4) fonts/ console fonts; see vidcontrol(1) and vidfont(1) keymaps/ console keyboard maps; see kbdcontrol(1) and kbdmap(1) scrnmaps/ console screen maps tabset/ tab description files for a variety of ter- minals; used in the termcap file; see termcap(5) tmac/ text processing macros; see nroff(1) and troff(1) vi/ localization support and utilities for vi(1) zoneinfo/ timezone configuration information; see tzfile(5) src/ BSD, third-party, and/or local source files bin/ source code for files in /bin contrib/ source code for contributed software crypto/ source code for contributed cryptography software etc/ source code for files in /etc games/ source code for files in /usr/games gnu/ Utilities covered by the GNU General Pub- lic License include/ source code for files in /usr/include kerberosIV/ source code for kerberos version IV lib/ source code for files in /usr/lib libexec/ source code for files in /usr/libexec release/ files required to produce a FreeBSD release sbin/ source code for files in /sbin secure/ build directory for files in /usr/src/crypto share/ source for files in /usr/share sys/ kernel source code tools/ tools used for maintenance and testing of FreeBSD usr.bin/ source code for files in /usr/bin usr.sbin/ source code for files in /usr/sbin X11R6/ X11R6 distribution executables, libraries, etc (optional). bin/ X11R6 binaries (servers, utilities, local packages/ports). etc/ X11R6 configuration files and scripts. include/ X11R6 include files. lib/ X11R6 libraries. man/ X11R6 manual pages. share/ architecture-independent files. /var/ multi-purpose log, temporary, transient, and spool files account/ system accounting files acct execution accounting file; see acct(5) at/ timed command scheduling files; see at(1) jobs/ directory containing job files spool/ directory containing output spool files backups/ misc. backup files crash/ default directory to store kernel crash dumps; see crash(8) and savecore(8) cron/ files used by cron; see cron(8) tabs/ crontab files; see crontab(5) db/ misc. automatically generated system-specific data- base files empty/ empty directory used by sshd(8) for privilege separa- tion; see sshd(8) games/ misc. game status and score files heimdal/ kerberos server databases; see kdc(8) log/ misc. system log files wtmp login/logout log; see wtmp(5) mail/ user mailbox files msgs/ system messages database; see msgs(1) preserve/ temporary home of files preserved after an accidental death of an editor; see ex(1) quotas/ filesystem quota information files run/ system information files describing various info about system since it was booted ppp/ writable by the ``network'' group for command connection sockets; see ppp(8) utmp database of current users; see utmp(5) rwho/ rwho data files; see rwhod(8), rwho(1), and ruptime(1) spool/ misc. printer and mail system spooling directories clientmqueue/ undelivered submission mail queue; see sendmail(8) ftp/ commonly ~ftp; the anonymous ftp root directory mqueue/ undelivered mail queue; see sendmail(8) output/ line printer spooling directories uucp/ uucp spool directory uucppublic/ commonly ~uucp; public uucp temporary directory tmp/ temporary files that are kept between system reboots vi.recover/ the directory where recovery files are stored yp/ the NIS maps NOTES This manual page documents the default FreeBSD filesystem layout, but the actual hierarchy on a given system is defined at the system administra- tor's discretion. A well-maintained installation will include a cus- tomized version of this document. SEE ALSO apropos(1), find(1), finger(1), grep(1), ls(1), whatis(1), whereis(1), which(1), fsck(8) HISTORY A hier manual page appeared in Version 7 AT&T UNIX. FreeBSD 4.11 June 5, 1993 FreeBSD 4.11 From ike Sat Feb 19 21:13:09 2005 From: ike (Isaac Levy) Date: Sat, 19 Feb 2005 21:13:09 -0500 Subject: [nycbug-talk] why /var? In-Reply-To: References: <20050218122904.W553@dru.domain.org> <4ce365ec050218104253ee27cf@mail.gmail.com> Message-ID: For the record on this thread, a client's RedHat system, -- Linux huck 2.4.21-4.ELsmp #1 SMP Fri Oct 3 17:52:56 EDT 2003 i686 i686 i386 GNU/Linux HIER(7) Linux Programmer???s Manual HIER(7) NAME hier - Description of the file system hierarchy DESCRIPTION A typical Linux system has, among others, the following directories: / This is the root directory. This is where the whole tree starts. /bin This directory contains executable programs which are needed in single user mode and to bring the system up or repair it. /boot Contains static files for the boot loader. This directory only holds the files which are needed during the boot process. The map installer and configuration files should go to /sbin and /etc. /dev Special or device files, which refer to physical devices. See mknod(1). /dos If both MS-DOS and Linux are run on one computer, this is a typ- ical place to mount a DOS file system. /etc Contains configuration files which are local to the machine. Some larger software packages, like X11, can have their own sub- directories below /etc. Site-wide configuration files may be placed here or in /usr/etc. Nevertheless, programs should always look for these files in /etc and you may have links for these files to /usr/etc. /etc/opt Host-specific configuration files for add-on applications installed in /opt. /etc/sgml This directory contains the configuration files for SGML and XML (optional). /etc/skel When a new user account is created, files from this directory are usually copied into the user???s home directory. /etc/X11 Configuration files for the X11 window system (optional). /home On machines with home directories for users, these are usually beneath this directory, directly or not. The structure of this directory depends on local administration decisions. /lib This directory should hold those shared libraries that are nec- essary to boot the system and to run the commands in the root filesystem. /mnt This directory contains mount points for temporarily mounted filesystems /opt This directory should contain add-on packages that contain static files. /proc This is a mount point for the proc filesystem, which provides information about running processes and the kernel. This pseudo-file system is described in more detail in proc(5). /root This directory is usually the home directory for the root user (optional). /sbin Like /bin, this directory holds commands needed to boot the sys- tem, but which are usually not executed by normal users. /tmp This directory contains temporary files which may be deleted with no notice, such as by a regular job or at system boot up. /usr This directory is usually mounted from a separate partition. It should hold only sharable, read-only data, so that it can be mounted by various machines running Linux. /usr/X11R6 The X-Window system, version 11 release 6 (optional). /usr/X11R6/bin Binaries which belong to the X-Windows system; often, there is a symbolic link from the more traditional /usr/bin/X11 to here. /usr/X11R6/lib Data files associated with the X-Windows system. /usr/X11R6/lib/X11 These contain miscellaneous files needed to run X; Often, there is a symbolic link from /usr/lib/X11 to this directory. /usr/X11R6/include/X11 Contains include files needed for compiling programs using the X11 window system. Often, there is a symbolic link from /usr/include/X11 to this directory. /usr/bin This is the primary directory for executable programs. Most programs executed by normal users which are not needed for boot- ing or for repairing the system and which are not installed locally should be placed in this directory. /usr/bin/X11 is the traditional place to look for X11 executables; on Linux, it usually is a symbolic link to /usr/X11R6/bin. /usr/dict Replaced by /usr/share/dict. /usr/doc Replaced by /usr/share/doc. /usr/etc Site-wide configuration files to be shared between several machines may be stored in this directory. However, commands should always reference those files using the /etc directory. Links from files in /etc should point to the appropriate files in /usr/etc. /usr/games Binaries for games and educational programs (optional). /usr/include Include files for the C compiler. /usr/include/X11 Include files for the C compiler and the X-Windows system. This is usually a symbolic link to /usr/X11R6/include/X11. /usr/include/asm Include files which declare some assembler functions. This used to be a symbolic link to /usr/src/linux/include/asm. /usr/include/linux This contains information which may change from system release to system release and used to be a symbolic link to /usr/src/linux/include/linux to get at operating system specific information. (Note that one should have include files there that work cor- rectly with the current libc and in user space. However, Linux kernel source is not designed to be used with user programs and does not know anything about the libc you are using. It is very likely that things will break if you let /usr/include/asm and /usr/include/linux point at a random kernel tree. Debian systems don???t do this and use headers from a known good kernel version, provided in the libc*-dev package.) /usr/include/g++ Include files to use with the GNU C++ compiler. /usr/lib Object libraries, including dynamic libraries, plus some exe- cutables which usually are not invoked directly. More compli- cated programs may have whole subdirectories there. /usr/lib/X11 The usual place for data files associated with X programs, and configuration files for the X system itself. On Linux, it usu- ally is a symbolic link to /usr/X11R6/lib/X11. /usr/lib/gcc-lib contains executables and include files for the GNU C compiler, gcc(1). /usr/lib/groff Files for the GNU groff document formatting system. /usr/lib/uucp Files for uucp(1). /usr/local This is where programs which are local to the site typically go. /usr/local/bin Binaries for programs local to the site. /usr/local/doc Local documentation. /usr/local/etc Configuration files associated with locally installed programs. /usr/local/games Binaries for locally installed games. /usr/local/lib Files associated with locally installed programs. /usr/local/include Header files for the local C compiler. /usr/local/info Info pages associated with locally installed programs. /usr/local/man Man pages associated with locally installed programs. /usr/local/sbin Locally installed programs for system administration. /usr/local/share Local application data that can be shared among different archi- tectures of the same OS. /usr/local/src Source code for locally installed software. /usr/man Replaced by /usr/share/man. /usr/sbin This directory contains program binaries for system administra- tion which are not essential for the boot process, for mounting /usr, or for system repair. /usr/share This directory contains subdirectories with specific application data, that can be shared among different architectures of the same OS. Often one finds stuff here that used to live in /usr/doc or /usr/lib or /usr/man. /usr/share/dict Contains the word lists used by spell checkers. /usr/share/doc Documentation about installed programs. /usr/share/games Static data files for games in /usr/games. /usr/share/info Info pages go here. /usr/share/locale Locale information goes here. /usr/share/man Manpages go here in subdirectories according to the man page sections. /usr/share/man//man[1-9] These directories contain manual pages for the specific locale in source code form. Systems which use a unique language and code set for all manual pages may omit the substring. /usr/share/misc Miscellaneous data that can be shared among different architec- tures of the same OS. /usr/share/nls The message catalogs for native language support go here. /usr/share/sgml Files for SGML and XML. /usr/share/terminfo The datebase for terminfo. /usr/share/tmac Troff macros that are not distributed with groff. /usr/share/zoneinfo Files for timezone information. /usr/src Source files for different parts of the system, included with some packages for reference purposes. Don???t work here with your own projects, as files below /usr should be read-only except when installing software. /usr/src/linux This was the traditional place for the kernel source. Some dis- tributions put here the source for the default kernel they ship. You should probably use another directory when building your own kernel. /usr/tmp Obsolete. This should be a link to /var/tmp. This link is present only for compatibility reasons and shouldn???t be used. /var This directory contains files which may change in size, such as spool and log files. /var/adm This directory is superseded by /var/log and should be a sym- bolic link to /var/log. /var/backups Reserved for historical reasons. /var/cache Data cached for programs. /var/catman/cat[1-9] or /var/cache/man/cat[1-9] These directories contain preformatted manual pages according to their man page section. (The use of preformatted manual pages is deprecated.) /var/cron Reserved for historical reasons. /var/lib Variable state information for programs. /var/local Variable data for /usr/local. /var/lock Lock files are placed in this directory. The naming convention for device lock files is LCK.. where is the device???s name in the filesystem. The format used is that of HDU UUCP lock files, i.e. lock files contain a PID as a 10-byte ASCII decimal number, followed by a newline character. /var/log Miscellaneous log files. /var/opt Variable data for /opt. /var/mail Users??? mailboxes. Replaces /var/spool/mail. /var/msgs Reserved for historical reasons. /var/preserve Reserved for historical reasons. /var/run Run-time variable files, like files holding process identifiers (PIDs) and logged user information (utmp). Files in this direc- tory are usually cleared when the system boots. /var/spool Spooled (or queued) files for various programs. /var/spool/at Spooled jobs for at(1). /var/spool/cron Spooled jobs for cron(1). /var/spool/lpd Spooled files for printing. /var/spool/mail Replaced by /var/mail. /var/spool/mqueue Queued outgoing mail. /var/spool/news Spool directory for news. /var/spool/rwho Spooled files for rwhod(8). /var/spool/smail Spooled files for the smail(1) mail delivery program. /var/spool/uucp Spooled files for uucp(1). /var/tmp Like /tmp, this directory holds temporary files stored for an unspecified duration. /var/yp Database files for NIS. CONFORMS TO The Filesystem Hierarchy Standard, Version 2.2 BUGS This list is not exhaustive; different systems may be configured dif- ferently. SEE ALSO find(1), ln(1), mount(1), proc(5), The Filesystem Hierarchy Standard Linux 2001-09-07 HIER(7) From lists Tue Feb 22 05:46:01 2005 From: lists (lists at genoverly.net) Date: Tue, 22 Feb 2005 11:46:01 +0100 Subject: [nycbug-talk] Hackathon & T-shirts Message-ID: <0MKz1m-1D3XaF1VEF-0006fd@mrelay.perfora.net> Hello NYCBUG Subscribers, For the past few years, OpenBSD programmers have come together from far and wide for a Hackathon. The Hackathon is an important event in the OpenBSD calendar. The core developers get together for a planned week of hardcore improvements / discussions on OpenBSD. The idea is to get everyone in the same room so that they work themselves into a coding frenzy. It is also a chance for people who work together all year on the project to actually *get* together. NYCBUG would like help sponsor the event. To that end we will be taking collections for the next few weeks. We will be including the take from the donations made at the Holiday party. Also, we have a SPECIAL SURPRISE for generous donations. If you give $50 or more, you will recieve a brand new, freshly baked, first edition... NYCBUG T-SHIRT!! That's right. You could wear a 100% cotton, white BeefyT, emblazoned with the black and red NYCBUG logo. And as a super-special-bonus these T's have art on the back that only a BSD user would love: a hand crafted dmesg!! Please contact us about making your donation. From george Tue Feb 22 11:40:31 2005 From: george (George Georgalis) Date: Tue, 22 Feb 2005 11:40:31 -0500 Subject: [nycbug-talk] using css for printed materals Message-ID: <20050222164031.GA2898@ixeon.local> Goal, develop documentation model that will easily port to SGML. Requirements, standard technical report type formatting, outline type formatting, with lots of tables. Sounds like standard html (table header, and column identifiers on top of each table). But there is a catch, the documents will be printed and on each printed page should appear the table header and column labels. Is there a css (media=print) tag that will put Table header and col identifiers on each page, like below? Any templates for this? // George ----------------------page break---------------------------- 1.2.3 section 1.2.3.4 section Some text.... +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | | |yack yack |bb | | | | | | | | | | | | +-------+--------------------------------------+----+----+ ----------------------page break---------------------------- +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | | |yack yack |bb | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ 1.2.3 section 1.2.3.5 section Some text.... +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | | |yack yack |bb | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ ----------------------page break---------------------------- +-------+--------------------------------------+----+----+ | Table header | +-------+--------------------------------------+----+----+ |col1 |col2 col3 |col4|col5| +-------+--------------------------------------+----+----+ |yack |yack yack yack |:) |:( | | | | | | +-------+--------------------------------------+----+----+ |yack |yack yack yack |aa | | +-------+--------------------------------------+----+----+ Some text.... -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From daggerquill Tue Feb 22 12:05:43 2005 From: daggerquill (Jay) Date: Tue, 22 Feb 2005 12:05:43 -0500 Subject: [nycbug-talk] using css for printed materals In-Reply-To: <20050222164031.GA2898@ixeon.local> References: <20050222164031.GA2898@ixeon.local> Message-ID: <4ce365ec05022209055293cada@mail.gmail.com> On Tue, 22 Feb 2005 11:40:31 -0500, George Georgalis wrote: > Goal, develop documentation model that will easily port to SGML. > Requirements, standard technical report type formatting, outline type > formatting, with lots of tables. > > Sounds like standard html (table header, and column identifiers on top > of each table). But there is a catch, the documents will be printed > and on each printed page should appear the table header and column > labels. Is there a css (media=print) tag that will put Table header and > col identifiers on each page, like below? Any templates for this? > > // George > George, There are a couple of ways to do this. It's tough in the browser, because that depends so heavily on the user's set-up: lett/a4 conversion, fonts, margins, etc. My preference would be html2latex, which is a perl module to do exactly what its name implies. you can get it from cpan if you don't already have it. Take a look at the docs at html2latex.sourceforge.net. If it doesn't automatically produce the output you're looking for, you can postprocess the LaTeX source before sending it to the printer. If the idea is for visitors to the website to be able to print themselves, run pdflatex on the file and let them download the pdf. HTH, --jay From mspitzer Tue Feb 22 12:26:02 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 12:26:02 -0500 Subject: [nycbug-talk] using css for printed materals In-Reply-To: <20050222164031.GA2898@ixeon.local> References: <20050222164031.GA2898@ixeon.local> Message-ID: <8c50a3c305022209265cc2282d@mail.gmail.com> On Tue, 22 Feb 2005 11:40:31 -0500, George Georgalis wrote: > Goal, develop documentation model that will easily port to SGML. > Requirements, standard technical report type formatting, outline type > formatting, with lots of tables. Why not use sgml as the master format and then derive html/pdf/ps/etc from it? > > Sounds like standard html (table header, and column identifiers on top > of each table). But there is a catch, the documents will be printed > and on each printed page should appear the table header and column > labels. Is there a css (media=print) tag that will put Table header and > col identifiers on each page, like below? Any templates for this? Look at CSS 2.0, I think it has page formating directives in it. marc > > // George > > ----------------------page break---------------------------- > > 1.2.3 section > 1.2.3.4 section > > Some text.... > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > | | | | | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > 1.2.3 section > 1.2.3.5 section > > Some text.... > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > +-------+--------------------------------------+----+----+ > > Some text.... > > -- > George Georgalis, systems architect, administrator Linux BSD IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From joshmccormack Tue Feb 22 13:04:01 2005 From: joshmccormack (joshmccormack at travelersdiary.com) Date: Tue, 22 Feb 2005 19:04:01 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_using_css_for_printed_materals?= Message-ID: <0MKyxe-1D3eOB01ps-0002eb@mrelay.perfora.net> You can specify a print stylesheet, and you could have content only visible for when it prints. I think what you're asking is if you can control the printing of column headers, so they print on every new page. Hmm... that's a tougher one. I don't think there's an easy way. I think you're entering into the hack/kindof works area. Here's some good info on Print CSS stuff. Josh George Georgalis wrote on 02/22/2005, 05:40:31 PM: > Goal, develop documentation model that will easily port to SGML. > Requirements, standard technical report type formatting, outline type > formatting, with lots of tables. > > Sounds like standard html (table header, and column identifiers on top > of each table). But there is a catch, the documents will be printed > and on each printed page should appear the table header and column > labels. Is there a css (media=print) tag that will put Table header and > col identifiers on each page, like below? Any templates for this? > > // George > > > ----------------------page break---------------------------- > > 1.2.3 section > 1.2.3.4 section > > Some text.... > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > | | | | | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > 1.2.3 section > 1.2.3.5 section > > Some text.... > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > | |yack yack |bb | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > > ----------------------page break---------------------------- > > +-------+--------------------------------------+----+----+ > | Table header | > +-------+--------------------------------------+----+----+ > |col1 |col2 col3 |col4|col5| > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |:) |:( | > | | | | | > +-------+--------------------------------------+----+----+ > |yack |yack yack yack |aa | | > +-------+--------------------------------------+----+----+ > > Some text.... > > > > -- > George Georgalis, systems architect, administrator Linux BSD IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month From george Tue Feb 22 13:15:22 2005 From: george (George Georgalis) Date: Tue, 22 Feb 2005 13:15:22 -0500 Subject: [nycbug-talk] using css for printed materals In-Reply-To: <0MKyxe-1D3eOB01ps-0002eb@mrelay.perfora.net> References: <0MKyxe-1D3eOB01ps-0002eb@mrelay.perfora.net> Message-ID: <20050222181522.GB3116@ixeon.local> On Tue, Feb 22, 2005 at 07:04:01PM +0100, joshmccormack at travelersdiary.com wrote: > >You can specify a print stylesheet, and you could have content only >visible for when it prints. > >I think what you're asking is if you can control the printing of column >headers, so they print on every new page. Hmm... that's a tougher one. >I don't think there's an easy way. I think you're entering into the >hack/kindof works area. > >Here's some good info on Print CSS stuff. > >Josh Yeah. Figured it would be tough, but was hoping there was something standard to put table header on top of each page for printed media. (Sounds simple enough). Not going with sgml right now because I need to get the doc out asap and I'm not up to speed with sgml. (this might be tough there too) So for now I'm sticking with html and forsaking the per page table headers. But I have another problem. After several sublists my tables are significantly indented (
            ). I don't want to break out of the ordered lists, the table belongs nested, but is there a way to make the table the full width of the document? // George PS was a link for printed CSS info missing? -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From tillman Tue Feb 22 15:44:11 2005 From: tillman (Tillman Hodgson) Date: Tue, 22 Feb 2005 14:44:11 -0600 Subject: [nycbug-talk] The serial cable jungle Message-ID: <20050222204411.GG92490@seekingfire.com> Howdy folks, I'm trying to find some information on how to pin those little RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as opposed to Sun box) to my Digi PortServer II. Google ain't showin' me no luv. A few things that I know for sure: * A Cisco-style console cable doesn't work -- anyone know how *these* puppies are wired? * 10-pin RJ-45? wtf? Digi and their altpin scheme is evil * Digi part number 76000697 looks like what I need, except it's a bazillion Canadian dollars (well, it's more than making my own adapters using generic stuff I can pick up at the electronics supply store) * The PDF "Digi Terminal Server Cable Guide" only lists DB25 examples. Does anyone know of a reasonably accurate DB25->DB9 pin mapping guide? Thanks all, -T -- "If 'everybody knows' such-and-such, then it ain't so, by at least ten thousand to one." -- Robert Heinlein From mspitzer Tue Feb 22 16:04:06 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 16:04:06 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: <8c50a3c305022213042d5bd046@mail.gmail.com> On Tue, 22 Feb 2005 14:44:11 -0600, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as > opposed to Sun box) to my Digi PortServer II. Try a straight through ethernet cable, its what I use for pc <-> sun console cables marc > > Google ain't showin' me no luv. > > A few things that I know for sure: > > * A Cisco-style console cable doesn't work -- anyone know how *these* > puppies are wired? > * 10-pin RJ-45? wtf? Digi and their altpin scheme is evil > * Digi part number 76000697 looks like what I need, except it's a > bazillion Canadian dollars (well, it's more than making my own > adapters using generic stuff I can pick up at the electronics supply > store) > * The PDF "Digi Terminal Server Cable Guide" only lists DB25 examples. > Does anyone know of a reasonably accurate DB25->DB9 pin mapping guide? > > Thanks all, > > -T > > -- > "If 'everybody knows' such-and-such, then it ain't so, by at least ten > thousand to one." > -- Robert Heinlein > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From aron Tue Feb 22 16:10:16 2005 From: aron (Aron Roberts) Date: Tue, 22 Feb 2005 16:10:16 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: On Feb 22, 2005, at 3:44 PM, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server > (as > opposed to Sun box) to my Digi PortServer II. > You may be looking for this: http://yost.com/Computers/RJ45-serial/ From aron Tue Feb 22 16:11:32 2005 From: aron (Aron Roberts) Date: Tue, 22 Feb 2005 16:11:32 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: <55bf6ae8568a6917d9aa58ebcd36a5ef@slam.cc> On Feb 22, 2005, at 3:44 PM, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server > (as > opposed to Sun box) to my Digi PortServer II. > then again, you might not :) From joshmccormack Tue Feb 22 16:18:01 2005 From: joshmccormack (joshmccormack at travelersdiary.com) Date: Tue, 22 Feb 2005 22:18:01 +0100 Subject: =?iso-8859-1?Q?Re:_Re:_[nycbug-talk]_using_css_for_printed_materals?= Message-ID: <0MKz5u-1D3hRq3FOf-0006jf@mrelay.perfora.net> Doh, yes there was supposed to be a link: http://www.codestyle.org/css/media/FAQ.shtml Josh George Georgalis wrote on 02/22/2005, 07:15:22 PM: > On Tue, Feb 22, 2005 at 07:04:01PM +0100, joshmccormack at travelersdiary.com wrote: > > > >You can specify a print stylesheet, and you could have content only > >visible for when it prints. > > > >I think what you're asking is if you can control the printing of column > >headers, so they print on every new page. Hmm... that's a tougher one. > >I don't think there's an easy way. I think you're entering into the > >hack/kindof works area. > > > >Here's some good info on Print CSS stuff. > > > >Josh > > Yeah. Figured it would be tough, but was hoping there was something > standard to put table header on top of each page for printed > media. (Sounds simple enough). > > Not going with sgml right now because I need to get the doc out asap and > I'm not up to speed with sgml. (this might be tough there too) > > So for now I'm sticking with html and forsaking the per page table > headers. But I have another problem. After several sublists my tables > are significantly indented (). > > I don't want to break out of the ordered lists, the table belongs > nested, but is there a way to make the table the full width of the > document? > > // George > > PS was a link for printed CSS info missing? > > > -- > George Georgalis, systems architect, administrator Linux BSD IXOYE > http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month From tillman Tue Feb 22 16:28:48 2005 From: tillman (Tillman Hodgson) Date: Tue, 22 Feb 2005 15:28:48 -0600 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <8c50a3c305022213042d5bd046@mail.gmail.com> References: <20050222204411.GG92490@seekingfire.com> <8c50a3c305022213042d5bd046@mail.gmail.com> Message-ID: <20050222212848.GH92490@seekingfire.com> On Tue, Feb 22, 2005 at 04:04:06PM -0500, Marc Spitzer wrote: > On Tue, 22 Feb 2005 14:44:11 -0600, Tillman Hodgson > wrote: > > Howdy folks, > > > > I'm trying to find some information on how to pin those little > > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as > > opposed to Sun box) to my Digi PortServer II. > > Try a straight through ethernet cable, its what I use for pc <-> sun > console cables That's what I use too. The Digi is a little different though ... lemme see if I can find a picture. Ah: http://yost.com/Computers/RJ45-serial/ Hmmm. I wonder if that's actually exactly what I was looking for :-) -T -- "The mind is not a vessel to be filled but a fire to be kindled." -- Plutarch (45 - 125 A.D. Greek Writer & Lecturer) From jesse Tue Feb 22 17:23:16 2005 From: jesse (Jesse Callaway) Date: Tue, 22 Feb 2005 17:23:16 -0500 Subject: [nycbug-talk] The serial cable jungle In-Reply-To: <20050222204411.GG92490@seekingfire.com> References: <20050222204411.GG92490@seekingfire.com> Message-ID: <20050222222316.GA5421@mail.theholymountain.com> On Tue, Feb 22, 2005 at 02:44:11PM -0600, Tillman Hodgson wrote: > Howdy folks, > > I'm trying to find some information on how to pin those little > RJ-45<->DB9M adpaters such that I can hook up a typical Intel server (as > opposed to Sun box) to my Digi PortServer II. > > Google ain't showin' me no luv. > > A few things that I know for sure: > > * A Cisco-style console cable doesn't work -- anyone know how *these* > puppies are wired? > * 10-pin RJ-45? wtf? Digi and their altpin scheme is evil > * Digi part number 76000697 looks like what I need, except it's a > bazillion Canadian dollars (well, it's more than making my own > adapters using generic stuff I can pick up at the electronics supply > store) > * The PDF "Digi Terminal Server Cable Guide" only lists DB25 examples. > Does anyone know of a reasonably accurate DB25->DB9 pin mapping guide? > > Thanks all, > > -T I checked the Digi website and they are pointing you to resellers which offer $25USD for a 10 pack. That's cheaper than building them yourself. I've priced this project out before, and it's cheaper. Materials will cost you about the same. And then you have to build them. Bust out the multimeter. Rebuild a couple of them... by now you've lost a little money. But I admit it is fun. http://www.digi.com/products/consolemanagement/digicm.jsp I don't think the fact that it's a CM model instead of a PortServerII will be of any signifigance. But of course you can check with the sales person on the phone. -jesse From okan Tue Feb 22 23:01:20 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:01:20 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) Message-ID: <20050223040120.GA85458@yinaska.pair.com> so in my quest to have a paperless office, i'm struggling with one big thing: faxing/emailing back forms sent or downloaded in pdf form. thought i'd hit up this knowledgable list to see if anyone has any bright ideas ;) obivously the faxing thing is not an issue (faxmodem+hylafax), nor the emailing part;) the part about filling out forms that come across the wire as pdf. i'm aware that adobe can edit certain "fillable" pdf forms, but the majority of stuff out there is not of that type - besides, i'm not going to bye adobe to fill this gap ;) are there any ideas out there? is coverting the pdf to an image, then editing that image a valid, and sane, idea? ideas? or maybe a hit on the head with a good cluestick that has the magic google search keywords ;) thanks. -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From george Tue Feb 22 23:06:54 2005 From: george (G. Rosamond) Date: Tue, 22 Feb 2005 23:06:54 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. 'Paperless office'? You're so 1991. . . > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) Buy a Mac and buy the full version of Acrobat. . . Would love to hear some insight on this. . . George From mspitzer Tue Feb 22 23:15:26 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 23:15:26 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <8c50a3c305022220152f72c3f@mail.gmail.com> On Tue, 22 Feb 2005 23:01:20 -0500, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) Emacs? only half in jest. A regular pdf is just a text file after all. Also check out the linux emulation stuff, adobie supports linux(I think anyway) so perhaps you could get it running and use the linux versions edit features. marc From j Tue Feb 22 23:15:31 2005 From: j (Freeman, Joshua) Date: Tue, 22 Feb 2005 23:15:31 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) Message-ID: <319FD9EAB7A43E43895ACA5AA1F81E05F88981@xmail.nybg.org> One possibility is to use some kind of OCR app. to convert the PDF to an editable file... unfortunately though, I don't think you can go from 'pdf' to OCR... I think the OCR apps. want you to actually have a paper version that you scan first, thus converting the paper document to an image, either a .tif or .pdf or .jpg.... You've asked an interesting and challenging question! j. Joshua S. Freeman Director, Information Technology, NYBG v: 718 817 8937 m: 347 392 2560 jfreeman at nybg dot org -----Original Message----- From: talk-bounces at lists.nycbug.org on behalf of G. Rosamond Sent: Tue 2/22/2005 11:06 PM To: Okan Demirmen Cc: talk at lists.nycbug.org Subject: Re: [nycbug-talk] editting pdf's... (dot dot dot) On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. 'Paperless office'? You're so 1991. . . > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) Buy a Mac and buy the full version of Acrobat. . . Would love to hear some insight on this. . . George _______________________________________________ % NYC*BUG talk mailing list http://lists.nycbug.org/mailman/listinfo/talk %Be sure to check out our Jobs and NYCBUG-announce lists %We meet the first Wednesday of the month -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050222/a1718107/attachment.html From dan Tue Feb 22 23:19:27 2005 From: dan (Dan Langille) Date: Tue, 22 Feb 2005 23:19:27 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <42160EF3.2004.E9FFA02@localhost> Message-ID: <421BBDFF.1779.DBE3F@localhost> On 18 Feb 2005 at 15:51, Dan Langille wrote: > The BSDCan program will be announced soon. I'm looking for help in > distributing and organizing publicity for this announcement. OK! now is the time. Thanks. http://www.bsdcan.org/2005/presentations.php nycbug-announce has already been hit (thanks). cheers -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From okan Tue Feb 22 23:23:48 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:23:48 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <8c50a3c305022220152f72c3f@mail.gmail.com> References: <20050223040120.GA85458@yinaska.pair.com> <8c50a3c305022220152f72c3f@mail.gmail.com> Message-ID: <20050223042348.GB88478@yinaska.pair.com> On Tue 2005.02.22 at 23:15 -0500, Marc Spitzer wrote: > On Tue, 22 Feb 2005 23:01:20 -0500, Okan Demirmen wrote: > > so in my quest to have a paperless office, i'm struggling with one > > big thing: faxing/emailing back forms sent or downloaded in pdf > > form. > > > > thought i'd hit up this knowledgable list to see if anyone has any > > bright ideas ;) > > > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > > the emailing part;) the part about filling out forms that come > > across the wire as pdf. i'm aware that adobe can edit certain > > "fillable" pdf forms, but the majority of stuff out there is not > > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > > > are there any ideas out there? is coverting the pdf to an image, > > then editing that image a valid, and sane, idea? ideas? or maybe a > > hit on the head with a good cluestick that has the magic google > > search keywords ;) > > Emacs? only half in jest. A regular pdf is just a text file after all. hah ;) > Also check out the linux emulation stuff, adobie supports linux(I > think anyway) so perhaps you could get it running and use the linux > versions edit features. so i'd do the emulation thing, but now i have to go out and buy this adobie thingy, which possibly could be more $$, legally, than a silly hardware fax machine, and most probably could not edit ~80% of the pdf's out there. someone correct me if i'm wrong, but a pdf has to have "fill-in" attributes before even adobe can edit it, which happens during the creation phase - maybe. thanks though okan > marc > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From okan Tue Feb 22 23:26:13 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:26:13 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <319FD9EAB7A43E43895ACA5AA1F81E05F88981@xmail.nybg.org> References: <319FD9EAB7A43E43895ACA5AA1F81E05F88981@xmail.nybg.org> Message-ID: <20050223042613.GC88478@yinaska.pair.com> On Tue 2005.02.22 at 23:15 -0500, Freeman, Joshua wrote: > One possibility is to use some kind of OCR app. to convert the PDF to an editable file... unfortunately though, I don't think you can go from 'pdf' to OCR... I think the OCR apps. want you to actually have a paper version that you scan first, thus converting the paper document to an image, either a .tif or .pdf or .jpg.... that's interesting....wondering one can fool some OCR out there to take a file as input rather than an image from a scanner... > You've asked an interesting and challenging question! we'll see how this all plays out... ;) thanks > j. > > Joshua S. Freeman > Director, Information Technology, NYBG > v: 718 817 8937 m: 347 392 2560 > jfreeman at nybg dot org > > > > -----Original Message----- > From: talk-bounces at lists.nycbug.org on behalf of G. Rosamond > Sent: Tue 2/22/2005 11:06 PM > To: Okan Demirmen > Cc: talk at lists.nycbug.org > Subject: Re: [nycbug-talk] editting pdf's... (dot dot dot) > > > On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > > > so in my quest to have a paperless office, i'm struggling with one > > big thing: faxing/emailing back forms sent or downloaded in pdf > > form. > > 'Paperless office'? You're so 1991. . . > > > > > thought i'd hit up this knowledgable list to see if anyone has any > > bright ideas ;) > > > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > > the emailing part;) the part about filling out forms that come > > across the wire as pdf. i'm aware that adobe can edit certain > > "fillable" pdf forms, but the majority of stuff out there is not > > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > > > are there any ideas out there? is coverting the pdf to an image, > > then editing that image a valid, and sane, idea? ideas? or maybe a > > hit on the head with a good cluestick that has the magic google > > search keywords ;) > > Buy a Mac and buy the full version of Acrobat. . . > > Would love to hear some insight on this. . . > > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > > > -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From mspitzer Tue Feb 22 23:32:38 2005 From: mspitzer (Marc Spitzer) Date: Tue, 22 Feb 2005 23:32:38 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223042348.GB88478@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> <8c50a3c305022220152f72c3f@mail.gmail.com> <20050223042348.GB88478@yinaska.pair.com> Message-ID: <8c50a3c305022220322c09c5e4@mail.gmail.com> On Tue, 22 Feb 2005 23:23:48 -0500, Okan Demirmen wrote: > > so i'd do the emulation thing, but now i have to go out and buy > this adobie thingy, which possibly could be more $$, legally, than > a silly hardware fax machine, and most probably could not edit ~80% > of the pdf's out there. someone correct me if i'm wrong, but a pdf > has to have "fill-in" attributes before even adobe can edit it, which > happens during the creation phase - maybe. If they created the form correctly you do not need to buy the full version to fill it in the free version works fine, well it did for me on reader V7 on windows, when I filled out some forms for work. And remember there is always emacs /2 marc > > thanks though > > okan > > > marc > > _______________________________________________ > > % NYC*BUG talk mailing list > > http://lists.nycbug.org/mailman/listinfo/talk > > %Be sure to check out our Jobs and NYCBUG-announce lists > > %We meet the first Wednesday of the month > > -- > Okan Demirmen > PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 > PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From george Tue Feb 22 23:34:02 2005 From: george (G. Rosamond) Date: Tue, 22 Feb 2005 23:34:02 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <421BBDFF.1779.DBE3F@localhost> References: <421BBDFF.1779.DBE3F@localhost> Message-ID: <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: > On 18 Feb 2005 at 15:51, Dan Langille wrote: > >> The BSDCan program will be announced soon. I'm looking for help in >> distributing and organizing publicity for this announcement. > > OK! now is the time. Thanks. > > http://www.bsdcan.org/2005/presentations.php > > nycbug-announce has already been hit (thanks). > And I also hit Daemon News. . . although it hasn't posted yet. Undeadly.org, Usenet, the various project mailing lists. . . Come on all, lots to do. Volunteers get to pay Canadian dollars for the conference. George From okan Tue Feb 22 23:41:49 2005 From: okan (Okan Demirmen) Date: Tue, 22 Feb 2005 23:41:49 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> References: <421BBDFF.1779.DBE3F@localhost> <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> Message-ID: <20050223044149.GE88478@yinaska.pair.com> On Tue 2005.02.22 at 23:34 -0500, G. Rosamond wrote: > > On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: > > >On 18 Feb 2005 at 15:51, Dan Langille wrote: > > > >>The BSDCan program will be announced soon. I'm looking for help in > >>distributing and organizing publicity for this announcement. > > > >OK! now is the time. Thanks. > > > >http://www.bsdcan.org/2005/presentations.php > > > >nycbug-announce has already been hit (thanks). > > > > And I also hit Daemon News. . . although it hasn't posted yet. > > Undeadly.org, Usenet, the various project mailing lists. . . Come on > all, lots to do. undeadly and openbsd list hit. just saw it go over nysa list > Volunteers get to pay Canadian dollars for the conference. > > George > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- Okan Demirmen PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934 PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934 From george Wed Feb 23 00:00:55 2005 From: george (G. Rosamond) Date: Wed, 23 Feb 2005 00:00:55 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <20050223044149.GE88478@yinaska.pair.com> References: <421BBDFF.1779.DBE3F@localhost> <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> <20050223044149.GE88478@yinaska.pair.com> Message-ID: <6010e7d7d69a2fc131948bac41bb9d2a@sddi.net> On Feb 22, 2005, at 11:41 PM, Okan Demirmen wrote: > On Tue 2005.02.22 at 23:34 -0500, G. Rosamond wrote: >> >> On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: >> >>> On 18 Feb 2005 at 15:51, Dan Langille wrote: >>> >>>> The BSDCan program will be announced soon. I'm looking for help in >>>> distributing and organizing publicity for this announcement. >>> >>> OK! now is the time. Thanks. >>> >>> http://www.bsdcan.org/2005/presentations.php >>> >>> nycbug-announce has already been hit (thanks). >>> >> >> And I also hit Daemon News. . . although it hasn't posted yet. >> >> Undeadly.org, Usenet, the various project mailing lists. . . Come on >> all, lots to do. > > undeadly and openbsd list hit. just saw it go over nysa list > I see that. . . and I just hit Slashdot . . . but don't worry about your server Dan, no one goes there anymore, it's too crowded. George (yes, that was a Yogi Berra quote) From pete Wed Feb 23 00:06:07 2005 From: pete (Pete Wright) Date: Wed, 23 Feb 2005 00:06:07 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <20050223050607.GA73615@finn.nomadlogic.org> On Tue, Feb 22, 2005 at 11:01:20PM -0500, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) > > thanks. my connection is a bit spotty right now, so this'll be quick. it may be worth checking out converting the pdf to .ps then using gs to convert that to ascii. i have some scripts that'll do this, altho i'm sure you can figure something out. if you want more info lemme know and i'll email again from a better connection at home. HTH -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From pete Wed Feb 23 00:10:28 2005 From: pete (Pete Wright) Date: Wed, 23 Feb 2005 00:10:28 -0500 Subject: [nycbug-talk] BSDCan - program publicity In-Reply-To: <6010e7d7d69a2fc131948bac41bb9d2a@sddi.net> References: <421BBDFF.1779.DBE3F@localhost> <4c062a6cfece1d3fc32ff2dcef7cb013@sddi.net> <20050223044149.GE88478@yinaska.pair.com> <6010e7d7d69a2fc131948bac41bb9d2a@sddi.net> Message-ID: <20050223051028.GC73615@finn.nomadlogic.org> On Wed, Feb 23, 2005 at 12:00:55AM -0500, G. Rosamond wrote: > > On Feb 22, 2005, at 11:41 PM, Okan Demirmen wrote: > > >On Tue 2005.02.22 at 23:34 -0500, G. Rosamond wrote: > >> > >>On Feb 22, 2005, at 11:19 PM, Dan Langille wrote: > >> > >>>On 18 Feb 2005 at 15:51, Dan Langille wrote: > >>> > >>>>The BSDCan program will be announced soon. I'm looking for help in > >>>>distributing and organizing publicity for this announcement. > >>> > >>>OK! now is the time. Thanks. > >>> > >>>http://www.bsdcan.org/2005/presentations.php > >>> > >>>nycbug-announce has already been hit (thanks). > >>> > >> > >>And I also hit Daemon News. . . although it hasn't posted yet. > >> > >>Undeadly.org, Usenet, the various project mailing lists. . . Come on > >>all, lots to do. > > > >undeadly and openbsd list hit. just saw it go over nysa list > > > > I see that. . . and I just hit Slashdot . . . but don't worry about > your server Dan, no one goes there anymore, it's too crowded. > > George > > (yes, that was a Yogi Berra quote) wow didn't know Yogi was a /.'er. Prolly a linux gnuser too ;p i hit bsdofsocal.org's list. altho it's pretty dead. hopefully some people are sub'd to it. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From george Wed Feb 23 11:51:40 2005 From: george (George Georgalis) Date: Wed, 23 Feb 2005 11:51:40 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <20050223165140.GA14659@ixeon.local> On Tue, Feb 22, 2005 at 11:01:20PM -0500, Okan Demirmen wrote: > >are there any ideas out there? is coverting the pdf to an image, >then editing that image a valid, and sane, idea? ideas? or maybe a >hit on the head with a good cluestick that has the magic google >search keywords ;) I've not had to do this, but my first thought is opening it with gimp and paint over... second thought is print it, fill it out and fax back, but that wouldn't be paperless. Actually in the spirit of paperless office, I refuse fax communications, "I don't have a fax machine" because, anyway you slice it, it is everything we don't like about paper, only low-res. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From ike Wed Feb 23 12:14:47 2005 From: ike (Isaac Levy) Date: Wed, 23 Feb 2005 12:14:47 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223165140.GA14659@ixeon.local> References: <20050223040120.GA85458@yinaska.pair.com> <20050223165140.GA14659@ixeon.local> Message-ID: <6640880aa56472ca2d921c3017c42e11@lesmuug.org> Hi Okan, George, All, - my quickie .02?, On Feb 22, 2005, at 11:01 PM, Okan Demirmen wrote: > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) /me winces: I've worked with these PDF forms systems since their baby days, (98'?), and in the end, it's the same deal as Word docs. The PDF specification is open, but all the form stuff, is extra stuff that Adobe has layered in on top- muddy territory, I don't think it's all open spec stuff that Adobe does. Regardless, the only apps that actually work with these things are adobe acrobat apps- plain and simple. I've had PDF's that came to me which I opened with Preview.app on my mac, (where pdf is built into the core display engines), only to find that Preview wasn't displaying filled-in form text. Had to open with Acrobat Reader, really annoying. So in the end, we have 3 real choices: 1) Give in and run Adobe apps somewhere/somehow 2) Be hardcore about what formats people send you stuff (.txt !) 3) Write something or get involved with an open project that addresses your needs, (none of which seem very comprehensive or solid at the time of this writing) -- That stated, my solution in the office is to just stay away from all of it- I've become somewhat of a pain with file formats (No word files, RTF only- or Plain Text), usually annoying to some HR depts and biz. folks, but it's just how I roll. Usually the work we're doing is more important than mucking about with documents, and in the end, even if they complain, folks *can* read .txt files everywhere. Another solution I've been slowly moving towards, is more web use- areas for my clients to upload files, and for me to post contracts, etc... in HTML. Since I build things like intranets all the time, I've been noodling my own intranet type app for a long time- but never really finished off the job cleanly, (though it's amazing how far a web app with decent access control can go...) On Feb 23, 2005, at 11:51 AM, George Georgalis wrote: > Actually in the spirit of paperless office, I refuse fax > communications, > "I don't have a fax machine" because, anyway you slice it, it is > everything we don't like about paper, only low-res. > > // George I kindof agree with GG here- I try to minimize faxing alltogether, using the local kinkos or copy shop for the 1 or 2 times annually that I need to send/recieve faxes. As another sidenote, I've done the efax things, years ago, and well, I personally found it really quite annoying in the end- none of the software/services/etc are ever very complete- after all these years. Usually I find I need to fax signed docs, which in most contexts I want to fedex anyhow... OK, a bit more than .02?, but whatever... Hope DC's treating you well and your office at least has a good view of the Potomac or some monument or somesuch. Rocket- .ike From george Wed Feb 23 15:15:08 2005 From: george (G. Rosamond) Date: Wed, 23 Feb 2005 15:15:08 -0500 Subject: [nycbug-talk] BSDCan announce on Slashdot: rejected Message-ID: 2005-02-23 04:59:34 BSDCan 2005 Presentation Listing Released (BSD,Announcements) (rejected) Nice. . . should have mentioned Debian ham radios using DES powered by sun spots. . . I'll try again in another way later on. . . George From daggerquill Wed Feb 23 10:46:17 2005 From: daggerquill (Jay) Date: Wed, 23 Feb 2005 10:46:17 -0500 Subject: [nycbug-talk] editting pdf's... (dot dot dot) In-Reply-To: <20050223040120.GA85458@yinaska.pair.com> References: <20050223040120.GA85458@yinaska.pair.com> Message-ID: <4ce365ec05022307462f61e697@mail.gmail.com> On Tue, 22 Feb 2005 23:01:20 -0500, Okan Demirmen wrote: > so in my quest to have a paperless office, i'm struggling with one > big thing: faxing/emailing back forms sent or downloaded in pdf > form. > > thought i'd hit up this knowledgable list to see if anyone has any > bright ideas ;) > > obivously the faxing thing is not an issue (faxmodem+hylafax), nor > the emailing part;) the part about filling out forms that come > across the wire as pdf. i'm aware that adobe can edit certain > "fillable" pdf forms, but the majority of stuff out there is not > of that type - besides, i'm not going to bye adobe to fill this gap ;) > > are there any ideas out there? is coverting the pdf to an image, > then editing that image a valid, and sane, idea? ideas? or maybe a > hit on the head with a good cluestick that has the magic google > search keywords ;) > > thanks. > Find a wordprocessor that will import the pdf as a graphical format. Open Office won't, but I don't know about the other options. Otherwise, turn it into EPS or some other format that your word processor will work with and use it as a background image. Then you can draw text boxes where you want them, or just use the space bar and carriage returns to get in the right ballpark. If done this a couple of times. You'll lose a lot of resolution with the graphic conversions, but it was a fax to begin with, right? HTH, --jay savage From dlavigne6 Thu Feb 24 10:11:39 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 10:11:39 -0500 (EST) Subject: [nycbug-talk] savelogs Message-ID: <20050224100827.Q587@dru.domain.org> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from the command line whether I'm in the tcsh or the sh shell. However, as soon as I script it (Bourne shell script, simply has the same command I run at the command line), it runs TWICE, resulting in an empty log file. I'm losing hair on this one. Any suggestions? Dru From dan Thu Feb 24 10:09:51 2005 From: dan (Dan Langille) Date: Thu, 24 Feb 2005 10:09:51 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224100827.Q587@dru.domain.org> Message-ID: <421DA7EF.3890.7878966@localhost> On 24 Feb 2005 at 10:11, Dru wrote: > Anyone have any idea what I'm missing here? I'm using > sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress > logs. Works beautifully from the command line whether I'm in the tcsh > or the sh shell. What does that give you that newsyslog doesn't? Command line interface? -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From dlavigne6 Thu Feb 24 10:30:21 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 10:30:21 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <421DA7EF.3890.7878966@localhost> References: <421DA7EF.3890.7878966@localhost> Message-ID: <20050224102832.N587@dru.domain.org> On Thu, 24 Feb 2005, Dan Langille wrote: > On 24 Feb 2005 at 10:11, Dru wrote: > >> Anyone have any idea what I'm missing here? I'm using >> sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress >> logs. Works beautifully from the command line whether I'm in the tcsh >> or the sh shell. > > What does that give you that newsyslog doesn't? Command line > interface? More control over how the logs are renamed. For example, I can save messages.2005-02-24.gz to /someother/path. Dru From bschonhorst Thu Feb 24 10:26:47 2005 From: bschonhorst (Brad Schonhorst) Date: Thu, 24 Feb 2005 10:26:47 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224100827.Q587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> Message-ID: <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> > Anyone have any idea what I'm missing here? I'm using > sysutils/savelogs on a FreeBSD 5.2.1 system to rotate and compress > logs. Works beautifully from the command line whether I'm in the tcsh > or the sh shell. > > However, as soon as I script it (Bourne shell script, simply has the > same command I run at the command line), it runs TWICE, resulting in > an empty log file. > > Hey Dru- When you say script it, do you mean script it and run it from cron or are you just testing the script right now? From dlavigne6 Thu Feb 24 10:45:06 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 10:45:06 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> Message-ID: <20050224104257.L587@dru.domain.org> On Thu, 24 Feb 2005, Brad Schonhorst wrote: >> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on >> a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from >> the command line whether I'm in the tcsh or the sh shell. >> >> However, as soon as I script it (Bourne shell script, simply has the same >> command I run at the command line), it runs TWICE, resulting in an empty >> log file. >> >> > > Hey Dru- > > When you say script it, do you mean script it and run it from cron or are you > just testing the script right now? Testing the script. It's real simple (simply the commands I run at the command line:) #!/bin/sh cd /var/log /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog Dru From mspitzer Thu Feb 24 11:56:28 2005 From: mspitzer (Marc Spitzer) Date: Thu, 24 Feb 2005 11:56:28 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224100827.Q587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> Message-ID: <8c50a3c305022408566537cb32@mail.gmail.com> On Thu, 24 Feb 2005 10:11:39 -0500 (EST), Dru wrote: > > Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on > a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from > the command line whether I'm in the tcsh or the sh shell. > > However, as soon as I script it (Bourne shell script, simply has the same > command I run at the command line), it runs TWICE, resulting in an empty > log file. > > I'm losing hair on this one. Any suggestions? what does the cron log say, /var/log/cron on my 5.3 system. I do not have savelogs installed so is it a script or compiled program? It may me as simple as a path issue, when it happens to me it usually is. good luck, marc From dlavigne6 Thu Feb 24 12:43:21 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 12:43:21 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <8c50a3c305022408566537cb32@mail.gmail.com> References: <20050224100827.Q587@dru.domain.org> <8c50a3c305022408566537cb32@mail.gmail.com> Message-ID: <20050224124312.U587@dru.domain.org> On Thu, 24 Feb 2005, Marc Spitzer wrote: > On Thu, 24 Feb 2005 10:11:39 -0500 (EST), Dru wrote: >> >> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs on >> a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully from >> the command line whether I'm in the tcsh or the sh shell. >> >> However, as soon as I script it (Bourne shell script, simply has the same >> command I run at the command line), it runs TWICE, resulting in an empty >> log file. >> >> I'm losing hair on this one. Any suggestions? > > what does the cron log say, /var/log/cron on my 5.3 system. I do > not have savelogs installed so is it a script or compiled program? > It may me as simple as a path issue, when it happens to me it > usually is. It is a perl script. Dru From george Thu Feb 24 14:32:35 2005 From: george (George Georgalis) Date: Thu, 24 Feb 2005 14:32:35 -0500 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224104257.L587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> Message-ID: <20050224193235.GD15866@ixeon.local> On Thu, Feb 24, 2005 at 10:45:06AM -0500, Dru wrote: > >#!/bin/sh >cd /var/log >/usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages >/usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog > from the never heard of it, never tried it peanut gallery; do you get double instances when invoked like this? #!/bin/sh cd /var/log /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages or #!/bin/sh cd /var/log /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages maillog just an un biased guess. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From jpb Thu Feb 24 09:52:16 2005 From: jpb (Jim Brown) Date: Thu, 24 Feb 2005 14:52:16 +0000 Subject: [nycbug-talk] savelogs In-Reply-To: <20050224104257.L587@dru.domain.org> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> Message-ID: <20050224145216.GA6802@sixshooter.v6.thrupoint.net> * Dru [2005-02-24 10:38]: > > > On Thu, 24 Feb 2005, Brad Schonhorst wrote: > > >>Anyone have any idea what I'm missing here? I'm using sysutils/savelogs > >>on a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully > >>from the command line whether I'm in the tcsh or the sh shell. > >> > >>However, as soon as I script it (Bourne shell script, simply has the same > >>command I run at the command line), it runs TWICE, resulting in an empty > >>log file. > Testing the script. It's real simple (simply the commands I run at the > command line:) > > #!/bin/sh > cd /var/log > /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages > /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog > Um, you are running two separate instances in your script, back to back. How about a sleep between them? Maybe you are running into a race problem when the other script starts... Just a thought. Jim B. From dlavigne6 Thu Feb 24 15:06:54 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 15:06:54 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <20050224145216.GA6802@sixshooter.v6.thrupoint.net> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> <20050224145216.GA6802@sixshooter.v6.thrupoint.net> Message-ID: <20050224150604.T587@dru.domain.org> On Thu, 24 Feb 2005, Jim Brown wrote: > * Dru [2005-02-24 10:38]: >> >> >> On Thu, 24 Feb 2005, Brad Schonhorst wrote: >> >>>> Anyone have any idea what I'm missing here? I'm using sysutils/savelogs >>>> on a FreeBSD 5.2.1 system to rotate and compress logs. Works beautifully >>>> from the command line whether I'm in the tcsh or the sh shell. >>>> >>>> However, as soon as I script it (Bourne shell script, simply has the same >>>> command I run at the command line), it runs TWICE, resulting in an empty >>>> log file. > > > >> Testing the script. It's real simple (simply the commands I run at the >> command line:) >> >> #!/bin/sh >> cd /var/log >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog >> > > > Um, you are running two separate instances in your script, back to back. > How about a sleep between them? Maybe you are running into a race problem > when the other script starts... >From the slap myself in the head dept., I think George and Jim have spotted the same thing... I'll try again tonight and let you guys know... Dru From dlavigne6 Thu Feb 24 21:05:57 2005 From: dlavigne6 (Dru) Date: Thu, 24 Feb 2005 21:05:57 -0500 (EST) Subject: [nycbug-talk] savelogs In-Reply-To: <20050224193235.GD15866@ixeon.local> References: <20050224100827.Q587@dru.domain.org> <4c51efb6da404438d1487ae972fc7b78@vcsnyc.org> <20050224104257.L587@dru.domain.org> <20050224193235.GD15866@ixeon.local> Message-ID: <20050224210031.P587@dru.domain.org> On Thu, 24 Feb 2005, George Georgalis wrote: > On Thu, Feb 24, 2005 at 10:45:06AM -0500, Dru wrote: >> >> #!/bin/sh >> cd /var/log >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf messages >> /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf maillog >> > > from the never heard of it, never tried it peanut gallery; do you get double instances when invoked like this? Sweet, easy to configure program--quite customizable. No BSD-style documentation, though ;-) Contrary to the docs, this is the proper way to run it from a script/cron: /usr/local/bin/savelogs --config=/usr/local/etc/savelogs.conf i.e. don't specify logs to rotate from the command line (as they're specified in the config file) Dru From EInker Fri Feb 25 11:56:03 2005 From: EInker (Inker, Evan) Date: Fri, 25 Feb 2005 16:56:03 -0000 Subject: [nycbug-talk] First Look At Solaris 10 Message-ID: <386AEEE1B7BAC34CB4DDF394C2349278D6EB39@w2cs-nyk02.gam.com> First Look At Solaris 10 Last update: 02-25-2005 Sun Microsystems has recently released Solaris 10. It is currently free, as in beer, and most of it is promised to be released under an OSI approved license in the second quarter of 2005. Most everyone reading this probably knows all of that. The release and subsequent open sourcing of Solaris 10 has caused quite an uproar in the Open Source community and the IT industry as a whole. Linux advocates have been fighting Solaris advocates on forums across the Internet. The zealotry and misrepresentation from both sides has been really quite impressive. However, I am a BSD user. I am not on either side and will do my best to allow neither zealotry nor misrepresentation into this review. Please continue reading after you have stopped laughing. All political issues aside, Solaris 10 is a very impressive OS. It has some features no other operating system can claim and some that are not necessarily new, but have been implemented in an excellent way. This is not to say it is perfect. There are definitely things I dislike and areas that seem quite unpolished. One of those aforementioned unpolished areas is the installation routine. It can be assumed that Solaris will not be installed by a novice. Even so, the Solaris install is painful and brings with it memories of Windows 2000 installs of old. This is not because its difficult, it is not. The installation is simply unwieldy. My main complaints are the following: * You must partition, install a small base system and reboot to finish the install. I expect an OS to be installable without a reboot. * For the first section of the install there is a web browser in the background, but for unknown reasons there is no browser in the second section. * You have to switch CD's during the install, which is fine, but you can't just switch and walk away. You have to wait for it to read the CD and display another screen and then press next. There is probably a reason for this, but I just find it annoying. Issues like these make the installation routine seem unfinished and just don't fit with the overall quality of the OS. Upon booting Solaris for the first time, you are greeted by dtlogin. This is the default graphical login manager for Solaris and plainly has CDE roots. At this point, there is a drop-down menu in which you can choose to go back to a console login or choose which wm/dm to enter, both CDE and JDS3 are options. I am sure CDE has many great features and I know that some people love it. However, I am not one of them. JDS3 on the other hand is a nicely polished GNOME desktop. The theme and general feel is much improved over Sun's earlier versions. Nothing is very remarkable about JDS3, except network browsing. I have never seen any GNOME desktop do as well with windows and NIX network browsing. There are things I dislike about JDS. As a media player, Sun has chosen the "Java Media Player." This program has no redeeming factors. XMMS or Rhythmbox would be much better choices. They also tapped Mozilla to be the web browser, not Firefox. With FF gaining more and more attention, this choice makes very little sense to me. However, those are my only complaints about JDS3 and they are small ones. Nobody is considering Solaris 10 because of JDS3 or its installation routine. They are looking at it because of new features like DTrace, Zones and the new Service Management Framework. Indeed, it has been quite awhile since we have seen a release of any OS with as many large features as Solaris 10. DTrace One of the main new features in Solaris 10 is DTrace, a dynamic instrumentation system. DTrace consists of a scripting language, named D (not to be confused with the fledgling D Programming Language), and loadable kernel modules named "providers." When called upon, these "providers" track and report system information. DTrace has several features that separate it from other similar systems: * It is dynamic. DTrace has no effect on system performance when not in use. Only those providers that are needed by a particular command are loaded and used. This means if you want to collect data on the scheduler, DTrace will not be collecting data on the IO system as well. This greatly improves performance over those systems that collect a huge amount of unneeded data. * It can instrument both the kernel-level and user-level. * It is safe. DTrace will not allow you to damage the system through its use. Some may find the idea of anything being "totally safe" rather amusing. However, this appears to be true. Time will tell if it holds up, but for the moment I have no evidence to the contrary. * It is adaptable. DTrace really is more a scripting language then it is a tool like truss or top. This has its downside and upside. The disadvantage is that it is not a small thing to learn. Most will probably never use DTrace directly, but instead use programs written in D. There are already some of these and there will eventually be many more. The advantage to this is that its not limited like top or truss. Supposedly the test of a well-designed program is that people use it for things the author never thought of. DTrace passes this test with flying colors. DTrace will inevitably be compared to similar systems. These include The Linux Trace Toolkit (LTT) and Dprobes. These systems may grow into something equivalent to DTrace, but at the moment they are not even close. LTT is not dynamic and has only around 45 points of instrumentation to avoid a large performance penalty. Comparing that to Dtrace: # DTrace -l | wc -l 36110 Dprobes is much more advanced, but has problems as well. It is dynamic, but lacks some of the advanced features of the D language and is not safe. You can definitely bring down a machine with a badly written Dprobes script. It also supposedly performs poorly on multiple CPUs. One interesting DTrace script I found is seeksize.d. This script tracks the offset value of seek requests to the discs, per process. I have never been able to see this information before and it is really quite interesting, although somewhat shocking. The script was written by Brendan Gregg, who has produced many DTrace scripts that review system information from shell use to socket statistics. [ http://users.tpg.com.au/adsln4yb/dtrace.html] Zones If you have used FreeBSD Jails, Solaris Zones are going to sound very familiar. They are based on the same basic concept. Both can be considered somewhat like a heavy-duty chroot. Each Zone or Jail is a virtual OS, complete with IP address, separate configuration and even a separate package DB (zones can also share a DB). Now, this may seem like exactly what UserModeLinux or Xen do, but it isn't. The difference is that all the Zones/Jails share one kernel. In Xen or UML, the sub-machines are full OS's, kernel and all. They run on vm-like layer over the actual kernel. The advantage to this is security; it is very difficult to break out of a virtual server setup in this way. The disadvantage is speed; running all these different kernels has a large performance hit. This is why FreeBSD Jails were thought of in the first place and Sun has gone that direction with Zones. It is theoretically possible to break out of a Jail or Zone. In fact, there have been security vulnerabilities in the past that allow processes to do just that. It is of course up to the System Administrator to balance these issues. Personally, I would rather be able to run a large number of Jails/Zones and take the minimal security risk. Service Management Framework SMF (The Service Management Framework) is Solaris 10's replacement for the aged sysV init. I have mixed feelings about SMF. It is definitely a step forward, but it adds a level of complexity that was not there before. The idea behind it is fairly simple and SMF can be logically split into several parts: * Startups scripts. These are very like the normal scripts you see in every UNIX implementation * XML manifests. This is where things get different. Every service has an XML file that holds information about the service. What other services does it depend on? What services does it not depend on, but are recommended? All these relationships and more are stored in the manifests. * svcs. The svcs command is one of the main interfaces to SMF. It can tell you what services are started, which are stopped and even what services failed to start and why. For example, if service A depends on service B and you have stopped service B, svcs might tell you that service A has failed because service B is stopped. * svcadm. This is the administrative tool for SMF. You can add, delete, stop and start services here. * init. The init systems works a bit differently on Solaris 10 because of all this. If a service fails to start or crashes, it will be restarted. Also, if you stop a service that another service depends on, that service will also be stopped. Likewise, if you start a service that depends on several others, they will all be started. Also, the dependency system allows init to start multiple services in parallel. My concern about SMF is that its not as transparent as a system like rc.d on NetBSD/FreeBSD or even the old sysV init. It is still fairly easy to understand, but there is a level of "magic" that wasn't there before. Maybe my concerns are baseless? I don't know. It will be interesting to watch how users react to the new system. Along with new features, there have been improvements made to the general OS, many having to do with speed. Solaris has been given the nickname "Slowlaris" in the past. With Solaris 10, Sun has worked hard to make that name no longer applicable. One of the areas where Solaris needed improvement was the network stack. I have no experience with it personally, but apparently the old version was not a great performer, especially on multiple CPUs. Sun has decided to fix this Old-Testament style. Solaris 10 features an entirely new stack named FireEngine. Built to improve performance and prepare for future networking technology (faster Ethernet), FireEngine includes some very interesting threading technology that should reduce resource contention. [3] Another improvement to Solaris is the X86 support. Solaris has supported this architecture before, but both speed and stability were sorely lacking. This has changed with Solaris 10. All the machines I installed Solaris 10 on were X86 and, besides the obvious sparse driver support, it worked very well. With Sun committing to the AMD Opteron (an X86-like platform), the opening of Solaris and the energy Sun has appeared to expend on making X86 a "tier 1" platform, it can be safely assumed that support for this architecture isn't going to be disappearing. The experience of actually using Solaris 10 as a day-to-day OS is rather interesting. I installed and used 3 versions of Solaris 10, two betas and the final. I tested them on my laptop, but mostly used them on my desktop machine. The features of Solaris 10 make it sound like the long lost brother of sliced bread and, to some extent, I found this to be correct. Solaris 10 can do things no other OS can and its very fast. However, there are some significant hurdles to using Solaris when you come from Linux or BSD. It is very different. This cannot be repeated enough. If you have ever made the switch from Linux to BSD or the other way, you know how little differences can really make it difficult. In Solaris, the differences are not little. The first time I booted Solaris, I was a bit worried. It was quite a slow boot. I had to use this thing while reviewing it and as I watched the login prompt finally appear, I was starting to wonder if I was going to need a book while Mozilla started. They have fixed this in the final release, but I needn't have worried at the time either. The Solaris boot may have been slow, but thats the only element of the system were that word applied. I have yet to see a set of benchmarks that everyone likes and I don't have any skill in that area to begin with. Therefore, I won't be attempting to give the good reader numbers on Solaris 10's speed. Suffice to say that you cannot use the OS as a desktop without noticing it. Mozilla starts fast, GNOME is snappy and and I had at least 5 things compiling while listening to music with no skipping. This does not mean all users will find Solaris 10 the gift from god it is sometimes portrayed as. There are many differences when coming from other NIX. Some are very minor and some are very not. These differences range from the purely personally unsettling to build breaking, linker error making monsters from hell. The first difference you will notice is that the default shell is the Bourne shell. Not bash, but the POSIX Bourne shell. Coming from BSD, this wasn't so shocking. The total lack of a /root directory was rather shocking, but even that could be understood fairly readily. What I kept coming up against though, was how many places things were installed. The BSD tools are installed in /usr/ucb, the GNU tools in /usr/sfw, Solaris development tools in /usr/ccs, /usr/X11 contains Xorg and /usr/X contains openwin. These are just examples, there are many more. I am not saying this is a bad thing, but balancing your PATH that much takes getting used to. Something else you may notice, is an almost total lack of audio drivers. While I am willing to forgive Solaris for not having a lot of drivers for X86 because of its youth, the total lack of support in this area is too glaring to not mention. The Open Sound System supports Solaris and works very well, but this must be addressed at some point. X86 Solaris users should not be forced to go to 4Front to get audio support. While I am on the subject of drivers, I should mention that hardware support on X86 is not great. I am convinced this will improve, but for the moment I would only use Solaris 10 on very common hardware. As for laptops, its not ready yet. The version of Solaris released to the public does not include wireless support. However, I gather from the Sun blogs that an internal build now does include wireless drivers, so this should not be a permanent problem. A developer will notice other differences with Solaris. While some Open Source software will choke on BSD or even some Linux distributions, a large number will blow a fuse on Solaris. Some just require little tweaks to get working, while others require trench warfare. Both NetBSD's pkgsrc and the Blastwave ( www.blastwave.org) software distribution help to make this tolerable. With the coming OpenSolaris, I expect this to improve as they attract more developers. Speaking of developers, there are many goodies hidden in Solaris 10 that may lure them over. Obviously, DTrace has the potential to greatly help developers, but there are other utilities that are also very useful. One thing I found while looking for a Solaris alternative to valgrind was mdb and libumem. Mdb is the Solaris Modular Debugger and is exactly what it sounds like. Libumem is a user-land slab allocator[4] introduced in Solaris 9. What is interesting is that these two tools work together. [5] This is how it works. The developer compiles his/her code like normal, but instead of executing it with a debugger s/he sets some environment variables: UMEM_DEBUG=default UMEM_LOGGING=transaction LD_PRELOAD=libumem.so.1 then executes the code. The developer tests it out like normal, but then opens up another terminal, uses gcore to to get a core dump of the program and uses MDB to examine the core dump. MDB will then let you find memory leaks, browse stacks, find corrupt buffers and even double frees. More info about libumem and MDB is available here: http://access1.sun.com/techarticles/libumem.html There are many little tools like this hidden all over Solaris. The pTools are another prime example of this. These are a set of utilities that extract information from the /proc file system. Among other things, these tools include: * prstat: a replacement for top * pldd: prints the dynamic libs linked into running processes (including those added with dlopen) * pwdx: prints the cwd of the given process * pstop: stops the given process * prun: the reverse of pstop There is also the Solaris Management Console, a "toolbox" of administration utilities such as user management, patch management and performance monitoring. There are too many of these little utilities and small features hidden throughout the system to mention or simply find. In conclusion... Solaris 10 is a rather amazing OS. I learn quickly, but I was hard pressed to even tap the surface of Solaris. It is very fast, has new features that are revolutionary and old features that are not very well known, but deserve to be. Its hardware support could, and I think will, be improved, some software will be difficult to compile and it can be difficult to use at times when coming from other NIX. However, any relatively knowledgeable user should give it a shot. You may be impressed. Sources: 1. http://www.sun.com/bigadmin/content/dtrace/dtrace_usenix.pdf 2. http://www.opersys.com/LTT/documentation.html 3. http://www.sun.com/bigadmin/xperts/sessions/11_fireengine/ 4. http://srl.cs.jhu.edu/courses/600.418/SlabAllocator.pdf 5. http://access1.sun.com/techarticles/libumem.html Notes: Certain sites really helped in writing this. In no particular order these were: BigAdmin: www.bigadmin.com The Blog of Ben Rockwood: www.cuddletech.com/blog/index.php PlanetSolaris: www.planetsolaris.org BlastWave: www.blastwave.org Written by Narayan Newton - Mad Penguin(tm) Systems Administrator Sun, Sun Microsystems and Solaris are Registered Trademarks of Sun Microsystems, Inc. Linux is a Registered Trademark of Linus Torvalds. Regards, Evan M. Inker **************************************************************************** This message contains confidential information and is intended only for the individual or entity named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as an invitation or offer to buy or sell any securities or related financial instruments. GAM operates in many jurisdictions and is regulated or licensed in those jurisdictions as required. **************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.nycbug.org/pipermail/talk/attachments/20050225/9e4b85c5/attachment.html From ike Fri Feb 25 12:04:58 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 12:04:58 -0500 Subject: [nycbug-talk] First Look At Solaris 10 In-Reply-To: <386AEEE1B7BAC34CB4DDF394C2349278D6EB39@w2cs-nyk02.gam.com> References: <386AEEE1B7BAC34CB4DDF394C2349278D6EB39@w2cs-nyk02.gam.com> Message-ID: <9d47b53bd071ee240af7220b4c95f656@lesmuug.org> Hi Evan, On Feb 25, 2005, at 11:56 AM, Inker, Evan wrote: > First Look At Solaris 10 > > Last update:? 02-25-2005 > Sun Microsystems has recently released Solaris 10 [snip-big press release type message] I can't speak for the whole list, but I'm not entirely sure why you posted a long solaris press release to the nyc*bug talk list? I mean it's a loose conversational list, open to a wide gammut of topics and tech, but this feels like white noise spam in my inbox here- (if I wanted this kind of thing I'd sign up to a Solaris list?) I'm not meaning to start any flames, but is there some specific interesting reason you posted this to nyc*bug? Best, .ike From ike Fri Feb 25 12:17:56 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 12:17:56 -0500 Subject: [nycbug-talk] First Look At Solaris 10 In-Reply-To: <386AEEE1B7BAC34CB4DDF394C2349278D6EB3B@w2cs-nyk02.gam.com> References: <386AEEE1B7BAC34CB4DDF394C2349278D6EB3B@w2cs-nyk02.gam.com> Message-ID: Hi Evan, On Feb 25, 2005, at 12:06 PM, Inker, Evan wrote: > Apologies it was meant to go to a different email address No problem- not too much damage done, there's a lot of folks on this list who use/like Solaris- so (*shrug*) somebody may find it of interest. :) Rocket- .ike From steve Fri Feb 25 12:35:51 2005 From: steve (steverieger) Date: Fri, 25 Feb 2005 12:35:51 -0500 Subject: [nycbug-talk] First Look At Solaris 10 In-Reply-To: Message-ID: I did speak to the gentleman that posted this, and he said that it was meant for a different list. A few points I would like to make, (as a solaris admin) Solaris does not require more than one disk, yes it does require a reboot upon install, as does fbsd. Zfs is a totally separate os, meaning I can compile things in zone1 (say apache) and serve pages from there, and I can compile mysql in zone2, and these two will never know of each other, they think that they are separate servers. If anybody has questions regarding solaris feel free to contact me off list. Thanx On 2/25/05 12:17 PM, "Isaac Levy" wrote: > Hi Evan, > > On Feb 25, 2005, at 12:06 PM, Inker, Evan wrote: > >> Apologies it was meant to go to a different email address > > > No problem- not too much damage done, there's a lot of folks on this > list who use/like Solaris- so (*shrug*) somebody may find it of > interest. :) > > Rocket- > .ike > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > From steve.rieger Fri Feb 25 12:36:36 2005 From: steve.rieger (Steve Rieger) Date: Fri, 25 Feb 2005 12:36:36 -0500 Subject: [nycbug-talk] Mail stress test Message-ID: Does anybody on the list know of a decent script I can run to stress test my smtp, pp, and imap servers, -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From ike Fri Feb 25 12:45:58 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 12:45:58 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: Message-ID: <15cbdc75c18096955f3fb8b038972ce7@lesmuug.org> Wordup Steve, On Feb 25, 2005, at 12:36 PM, Steve Rieger wrote: > Does anybody on the list know of a decent script I can run to stress > test my > smtp, pp, and imap servers, I don't know of any scripts offhand, but I'm curious as to what kind of testing you want to do? i.e. there's loads of testing fun that can be done, especially if you have access to servers in different places, geographically... I'd love to start a thread here about tactics based on what your doing- I've found I never really get a true grasp of load until a given server is online and has connections coming to it from all over the net, different routes, disperate latency, etc... entropy impossible to truly reproduce in any lab... What kinds of stress are you trying to put the boxes through? Rocket- .ike From steve.rieger Fri Feb 25 12:58:47 2005 From: steve.rieger (Steve Rieger) Date: Fri, 25 Feb 2005 12:58:47 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <15cbdc75c18096955f3fb8b038972ce7@lesmuug.org> Message-ID: Am trying to see what my servers can hold in the following areas Max concurrent connections for pop Max concurrent connections for smtp Max concurrent connections for imap I will be running these tests on postfix, ms exchange, and sun messaging server. I don't quite trust the numbers that the vendors gave me On 2/25/05 12:45 PM, "Isaac Levy" wrote: > Wordup Steve, > > On Feb 25, 2005, at 12:36 PM, Steve Rieger wrote: > >> Does anybody on the list know of a decent script I can run to stress >> test my >> smtp, pp, and imap servers, > > I don't know of any scripts offhand, but I'm curious as to what kind of > testing you want to do? i.e. there's loads of testing fun that can be > done, especially if you have access to servers in different places, > geographically... I'd love to start a thread here about tactics based > on what your doing- > > I've found I never really get a true grasp of load until a given server > is online and has connections coming to it from all over the net, > different routes, disperate latency, etc... entropy impossible to truly > reproduce in any lab... > > What kinds of stress are you trying to put the boxes through? > > Rocket- > .ike > > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From ike Fri Feb 25 13:23:50 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 13:23:50 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: Message-ID: Wordup Steve, On Feb 25, 2005, at 12:58 PM, Steve Rieger wrote: > Am trying to see what my servers can hold in the following areas > > Max concurrent connections for pop > > Max concurrent connections for smtp > > Max concurrent connections for imap Well, not sure if this is what you want, but here's what I'd do- From any other servers you have access to, (offsite is best?), I'd whip up a shell script to do the following: 1) connect to the servers manually using telnet 2) initiate MANY connections in some automated fashon -- For the record on list, I googled up these notes on connecting to the mail servers: Direct connection through IMAP and POP: http://tinyurl.com/6elh9 -or- http://mailservices-oldsysadmin.web.cern.ch/mailservices-oldsysadmin/ sysadmin/Operations/telnet_connection.htm -- So I'd just write some scripts that connect manually to accounts, and run them in big batches from remote machines- Sorry I'm don't have a complete solution, but I hope this is at least a helpful start- Rocket- .ike > > I will be running these tests on postfix, ms exchange, and sun > messaging > server. > > > I don't quite trust the numbers that the vendors gave me > > From pete Fri Feb 25 13:20:05 2005 From: pete (Pete Wright) Date: Fri, 25 Feb 2005 13:20:05 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: Message-ID: <20050225182005.GA6040@finn.nomadlogic.org> On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: > Does anybody on the list know of a decent script I can run to stress test my > smtp, pp, and imap servers, > hey steve, sorry i don't know any off the top of my head, altho i do know that there are ample perl modules that offer this functionality (smtp, pop and imap). the problem may be tho that you will end up stressing the client running the script before you end up stressing the server. -pete -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From bob Fri Feb 25 13:36:45 2005 From: bob (Bob Ippolito) Date: Fri, 25 Feb 2005 13:36:45 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <20050225182005.GA6040@finn.nomadlogic.org> References: <20050225182005.GA6040@finn.nomadlogic.org> Message-ID: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> On Feb 25, 2005, at 1:20 PM, Pete Wright wrote: > On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: >> Does anybody on the list know of a decent script I can run to stress >> test my >> smtp, pp, and imap servers, >> > > hey steve, > sorry i don't know any off the top of my head, altho > i do know that there are ample perl modules that offer this > functionality (smtp, pop and imap). the problem may be tho > that you will end up stressing the client running the script > before you end up stressing the server. The number of TCP connections that it'll accept is likely to be much, much, much, much higher than the number of active connections it can deal with. Unless the application is written particularly poorly, you'll hit kernel limitations (but maybe just a soft one, like the per-process descriptor limit) before the application will notice. Ideally you really need a benchmark that actually attempts to do something with the server, like all of the http benchmarks do. Though, i can't say I know of anything for other protocols. -bob From steve.rieger Fri Feb 25 13:51:11 2005 From: steve.rieger (Steve Rieger) Date: Fri, 25 Feb 2005 13:51:11 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> Message-ID: Ok so nobody knows, and it might not even be possible to max out the concurrent connections for those protocols. So I will take a step back and ask do you know of a way I can create 100 concurrent connections for each of those protocols, on these servers. Thanx On 2/25/05 1:36 PM, "Bob Ippolito" wrote: > > On Feb 25, 2005, at 1:20 PM, Pete Wright wrote: > >> On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: >>> Does anybody on the list know of a decent script I can run to stress >>> test my >>> smtp, pp, and imap servers, >>> >> >> hey steve, >> sorry i don't know any off the top of my head, altho >> i do know that there are ample perl modules that offer this >> functionality (smtp, pop and imap). the problem may be tho >> that you will end up stressing the client running the script >> before you end up stressing the server. > > The number of TCP connections that it'll accept is likely to be much, > much, much, much higher than the number of active connections it can > deal with. Unless the application is written particularly poorly, > you'll hit kernel limitations (but maybe just a soft one, like the > per-process descriptor limit) before the application will notice. > > Ideally you really need a benchmark that actually attempts to do > something with the server, like all of the http benchmarks do. Though, > i can't say I know of anything for other protocols. > > -bob > > > -- Steve Rieger Office 212-804-1131 Cell 646-335-8915 DC 173*101254*4 From lists Fri Feb 25 13:58:21 2005 From: lists (Hans Zaunere) Date: Fri, 25 Feb 2005 13:58:21 -0500 Subject: [nycbug-talk] MySQL Talk in Boston/MIT Message-ID: <20050225185823.C85E9A8633@virtu.nyphp.org> For those who might be in the Boston area, I'll be giving an in-depth technical overview of MySQL at the Boston ACM chapter on March 19th. http://www.gbcacm.org/website/ --- Hans Zaunere, Sales Engineer MySQL, Inc. www.mysql.com Office: +1 212.213.1131 President, Founder New York PHP http://www.nyphp.org AMP Technology Supporting Apache, MySQL and PHP From ryanseu Fri Feb 25 14:47:59 2005 From: ryanseu (Ryan Seu) Date: Fri, 25 Feb 2005 14:47:59 -0500 Subject: [nycbug-talk] help with freeBSD Message-ID: <96b52a6005022511476c2d9459@mail.gmail.com> Hi everyone. I'm a noob to freeBSD but I'm definitely trying to working on it and get the kinks out. I have a basic tech question that might belong more on the X.org list but I thought I'd throw it out here first I just installed freeBSD 5.3 on my work station (Dell Dimension 3000) that has i865G intel chipset. I managed to get X started but I'm having problem adjusting the video mode. It keeps going back to the default 640X480 mode. I checked the log file and the only thing that I can see that seems relavent is this: (II) I810(0): Monitor0: Using default hsync range of 31.00-80.00 kHz (II) I810(0): Monitor0: Using default vrefresh range of 56.00-75.00 Hz (II) I810(0): Not using mode "1280x1024" (no mode of this name) (II) I810(0): Increasing the scanline pitch to allow tiling mode (640 -> 1024). (--) I810(0): Virtual size is 640x480 (pitch 1024) (**) I810(0): Built-in mode "640x480" (II) I810(0): Attempting to use 73Hz refresh for mode "640x480" (41) and it goes on The device and screen section of my configuration file is as follows: Section "Device" Identifier "Card0" Driver "i810" ChipSet "865G" Card "i810 865G" EndSection Section "Screen" Identifier "Screeno" Device "Card0" Monitor "Minotor0" DefaultDepth 16 Subsection "Display" Viewport 0 0 Depth 16 Modes "1280x1024" EndSubSection EndSection Any suggestions? Ryan From lists Fri Feb 25 15:16:01 2005 From: lists (lists at genoverly.net) Date: Fri, 25 Feb 2005 21:16:01 +0100 Subject: =?iso-8859-1?Q?Re:_[nycbug-talk]_help_with_freeBSD?= Message-ID: <0MKz1m-1D4luT2pQr-0003sh@mrelay.perfora.net> On Fri, 25 Feb 2005 14:47:59 -0500 Ryan Seu wrote: > I just installed freeBSD 5.3 on my work station (Dell Dimension 3000) > that has i865G intel chipset. I managed to get X started but I'm > having problem adjusting the video mode. It keeps going back to the > default 640X480 mode. Not sure but this might help... "Why can I only get 648x480 on this Dell GX270?" http://nycbug.org/index.php?NAV=Library&SUBM=27 Michael From unixenigma Fri Feb 25 15:43:43 2005 From: unixenigma (G T) Date: Fri, 25 Feb 2005 12:43:43 -0800 (PST) Subject: [nycbug-talk] help with freeBSD In-Reply-To: <96b52a6005022511476c2d9459@mail.gmail.com> Message-ID: <20050225204343.7796.qmail@web53908.mail.yahoo.com> --- Ryan Seu wrote: > Hi everyone. I'm a noob to freeBSD but I'm > definitely trying to > working on it and get the kinks out. I have a basic > tech question that > might belong more on the X.org list but I thought > I'd throw it out > here first > > I just installed freeBSD 5.3 on my work station > (Dell Dimension 3000) > that has i865G intel chipset. I managed to get X > started but I'm > having problem adjusting the video mode. It keeps > going back to the > default 640X480 mode. I checked the log file and the > only thing that I > can see that seems relavent is this: > > (II) I810(0): Monitor0: Using default hsync range of > 31.00-80.00 kHz > (II) I810(0): Monitor0: Using default vrefresh range > of 56.00-75.00 Hz > (II) I810(0): Not using mode "1280x1024" (no mode of > this name) > (II) I810(0): Increasing the scanline pitch to allow > tiling mode (640 -> 1024). > (--) I810(0): Virtual size is 640x480 (pitch 1024) > (**) I810(0): Built-in mode "640x480" > (II) I810(0): Attempting to use 73Hz refresh for > mode "640x480" (41) > > and it goes on > > The device and screen section of my configuration > file is as follows: > > Section "Device" > Identifier "Card0" > Driver "i810" > ChipSet "865G" > Card "i810 865G" > EndSection > > Section "Screen" > Identifier "Screeno" > Device "Card0" > Monitor "Minotor0" > DefaultDepth 16 > Subsection "Display" > Viewport 0 0 > Depth 16 > Modes "1280x1024" > EndSubSection > EndSection > > Any suggestions? > > Ryan > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce > lists > %We meet the first Wednesday of the month > probably this high mode is not supported by this driver/card/monitor try using something else and double check the driver - sometimes using default one helps. Not sure but I thought modes cane be setup like: "800X600 1024X768 1280X1024" in any case I would not advice to use highest. Try lower ones first. Play with deapth as well. It did cause some problems some time ago too. Later on I'll check my confs... (if still your problem's not resolved) GT __________________________________ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 From pete Fri Feb 25 15:41:22 2005 From: pete (Pete Wright) Date: Fri, 25 Feb 2005 15:41:22 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> Message-ID: <20050225204122.GB6040@finn.nomadlogic.org> On Fri, Feb 25, 2005 at 01:51:11PM -0500, Steve Rieger wrote: > Ok so nobody knows, and it might not even be possible to max out the > concurrent connections for those protocols. > > So I will take a step back and ask do you know of a way I can create 100 > concurrent connections for each of those protocols, on these servers. > this still may be possible with the perl modules (i assume there are modules for other langs as well). for example, the Net::IMAP module from CPAN pretty much give you all the functionality of an imap client. so you could setup on the server a test account with messages in it and have to script connect, get a listing of messages etc. i believe the same is true for Net::POP etc. so i guess i'm suggesting that by using libraries like this you should be able to script something up. i'm sure one of the python or php guru's here know of similar way's to do this. now will this give you a good measure of how each server will handle a live load...i dunno. -p > > > Thanx > > > > > On 2/25/05 1:36 PM, "Bob Ippolito" wrote: > > > > > On Feb 25, 2005, at 1:20 PM, Pete Wright wrote: > > > >> On Fri, Feb 25, 2005 at 12:36:36PM -0500, Steve Rieger wrote: > >>> Does anybody on the list know of a decent script I can run to stress > >>> test my > >>> smtp, pp, and imap servers, > >>> > >> > >> hey steve, > >> sorry i don't know any off the top of my head, altho > >> i do know that there are ample perl modules that offer this > >> functionality (smtp, pop and imap). the problem may be tho > >> that you will end up stressing the client running the script > >> before you end up stressing the server. > > > > The number of TCP connections that it'll accept is likely to be much, > > much, much, much higher than the number of active connections it can > > deal with. Unless the application is written particularly poorly, > > you'll hit kernel limitations (but maybe just a soft one, like the > > per-process descriptor limit) before the application will notice. > > > > Ideally you really need a benchmark that actually attempts to do > > something with the server, like all of the http benchmarks do. Though, > > i can't say I know of anything for other protocols. > > > > -bob > > > > > > > > -- > Steve Rieger > Office 212-804-1131 > Cell 646-335-8915 > DC 173*101254*4 > > > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month -- ~~oO00Oo~~ Peter Wright pete at nomadlogic.org www.nomadlogic.org/~pete 917.415.9866 From marco Fri Feb 25 15:54:00 2005 From: marco (marco at metm.org) Date: Fri, 25 Feb 2005 15:54:00 -0500 Subject: [nycbug-talk] help with freeBSD In-Reply-To: <96b52a6005022511476c2d9459@mail.gmail.com> References: <96b52a6005022511476c2d9459@mail.gmail.com> Message-ID: <20050225205400.GP6257@metm.org> On Fri, Feb 25, 2005 at 02:47:59PM -0500, Ryan Seu wrote: >Hi everyone. I'm a noob to freeBSD but I'm definitely trying to >working on it and get the kinks out. I have a basic tech question that >might belong more on the X.org list but I thought I'd throw it out >here first > here is a thread with someone who seems to have a very similar problem to you (same chipset, freebsd): http://lists.freebsd.org/pipermail/freebsd-questions/2004-November/066044.html there seems to be a video ram setting in the bios which cannot be overwritten. you have to go into the bios and change it from 1M to 128M or whatever you have. HTH, -- Marco From bob Fri Feb 25 16:00:00 2005 From: bob (Bob Ippolito) Date: Fri, 25 Feb 2005 16:00:00 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <20050225204122.GB6040@finn.nomadlogic.org> References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> <20050225204122.GB6040@finn.nomadlogic.org> Message-ID: On Feb 25, 2005, at 3:41 PM, Pete Wright wrote: > On Fri, Feb 25, 2005 at 01:51:11PM -0500, Steve Rieger wrote: >> Ok so nobody knows, and it might not even be possible to max out the >> concurrent connections for those protocols. >> >> So I will take a step back and ask do you know of a way I can create >> 100 >> concurrent connections for each of those protocols, on these servers. >> > > this still may be possible with the perl modules (i assume there > are modules for other langs as well). for example, the Net::IMAP > module from CPAN pretty much give you all the functionality of an > imap client. so you could setup on the server a test account with > messages in it and have to script connect, get a listing of messages > etc. i believe the same is true for Net::POP etc. so i guess i'm > suggesting that by using libraries like this you should be able to > script something up. i'm sure one of the python or php guru's here > know of similar way's to do this. Python ships with imaplib, poplib, and smtplib, which are all perfectly capable clients that could be used to develop a benchmarking tool. -bob From chsnyder Fri Feb 25 16:18:51 2005 From: chsnyder (csnyder) Date: Fri, 25 Feb 2005 16:18:51 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> Message-ID: On Fri, 25 Feb 2005 13:51:11 -0500, Steve Rieger wrote: > Ok so nobody knows, and it might not even be possible to max out the > concurrent connections for those protocols. > > So I will take a step back and ask do you know of a way I can create 100 > concurrent connections for each of those protocols, on these servers. > > Thanx > Use your favorite web scripting language (PHP, Perl) to make the connection and perform some pseudo-realistic task. Then you can use Apache's ab tool to generate many concurrent and repeating executions of the script over some length of time. Spread the love out to a few cheap shared hosting sites around the net and watch your server deal with the load. Of course there must be a more elegant way to do it, the above merely reflects the web applications sandbox I like to play in. -- Chris Snyder http://chxo.com/ From ike Fri Feb 25 16:32:45 2005 From: ike (Isaac Levy) Date: Fri, 25 Feb 2005 16:32:45 -0500 Subject: [nycbug-talk] Mail stress test In-Reply-To: <20050225204122.GB6040@finn.nomadlogic.org> References: <4bdb7cc7374bde161a3e2eba78da6533@redivi.com> <20050225204122.GB6040@finn.nomadlogic.org> Message-ID: <282407430504b7484d73e4babe7b0cd4@lesmuug.org> On Feb 25, 2005, at 3:41 PM, Pete Wright wrote: > so i guess i'm > suggesting that by using libraries like this you should be able to > script something up. Pete and Bob are totally spot on here, but to my knowledge, (and after some googling on the issue for my own purposes) it's just not that easy to *really* pull off in a shell script- I just looked up forking in the bash shell for example, and controlling forking from shell scripts seems unusably confusing to me. I'd personally choose Python, but I'd think there's common libs to do the tasks in any language- The task still seems to be: 1) program to fork off a controllable number of concurrent child processes 2) and have the child processes establish connections to the mail server What languages are you comfortable hacking about with? Is this worth doing as a nyc*bug quickie hackathon? Everyone whip something up in a given language that does the above tasks? Perhaps the app would be called from a shell like so: Usage: TestTheServer servername.com 100 imap Where, servername.com is the server your hitting, 100 is an integer representing how many child processes to simultaneously start, and 'imap' is the protocol- (could build in a few very basic connection protocols?) hrm... would be fun to write... Rocket- .ike From ryanseu Sun Feb 27 14:33:55 2005 From: ryanseu (Ryan Seu) Date: Sun, 27 Feb 2005 14:33:55 -0500 Subject: [nycbug-talk] help with freeBSD In-Reply-To: <20050225205400.GP6257@metm.org> References: <96b52a6005022511476c2d9459@mail.gmail.com> <20050225205400.GP6257@metm.org> Message-ID: <96b52a6005022711336011cf85@mail.gmail.com> Thanks guys. It turned out the issue was the same as the one listed on the thread. Just had to change the BIOS memory to 8mb. Ryan On Fri, 25 Feb 2005 15:54:00 -0500, marco at metm.org wrote: > On Fri, Feb 25, 2005 at 02:47:59PM -0500, Ryan Seu wrote: > >Hi everyone. I'm a noob to freeBSD but I'm definitely trying to > >working on it and get the kinks out. I have a basic tech question that > >might belong more on the X.org list but I thought I'd throw it out > >here first > > > here is a thread with someone who seems to have a very similar problem > to you (same chipset, freebsd): > > http://lists.freebsd.org/pipermail/freebsd-questions/2004-November/066044.html > > there seems to be a video ram setting in the bios which cannot be > overwritten. you have to go into the bios and change it from 1M to 128M > or whatever you have. > > HTH, > > -- > Marco > _______________________________________________ > % NYC*BUG talk mailing list > http://lists.nycbug.org/mailman/listinfo/talk > %Be sure to check out our Jobs and NYCBUG-announce lists > %We meet the first Wednesday of the month > -- Ryan Seu 15-50 216th Street Bayside, NY 11360 From lists Sun Feb 27 18:26:01 2005 From: lists (lists at genoverly.net) Date: Mon, 28 Feb 2005 00:26:01 +0100 Subject: [nycbug-talk] encrypted drive space Message-ID: <0MKz1m-1D5XpS24Q0-0007Hw@mrelay.perfora.net> It was almost exactly a year ago that Roland Dowdeswell introduced NYCBUG to his cryptographic device driver (cgd). To mark the anniversary, I have published the notes I took while I recently created an encrypted device for my laptop. http://nycbug.org/index.php?NAV=Library&SUBM=88 Let me know what you think. Michael From ike Mon Feb 28 12:17:52 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 12:17:52 -0500 Subject: [nycbug-talk] dealing with drift Message-ID: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Hi All, I was just wanting to post on some of the post-meeting conversations I've repeatedly over-heard about managing time-drift across clusters of machines- (you know who you people are...) How do folks like to do this? Special tools beyond rockin' timed? Anyone know any good urls on the topic (either practical or acidemic)? Rocket- .ike -- P.S. below, (since I'm talking about time), ikepoch script (for Hans?) -- #!/usr/bin/env python ################################################ # iketime ################################################ # # Therefore, if one subtracts their birth-date # expressed in epoch, from the current time in epoch, # one arrives at personal epoch- or, the total number # of seconds one has been alive. # # The epoch, is the point where the time starts. # On January 1st of that year, at 0 hours, the # ``time since the epoch'' is zero. For Unix, # the epoch is 1970. # ################################################ # # I, Isaac Levy was born August 10, 1976, 4:11AM MST. # This is GMT+7, therefore making my birth date 11:11 GMT. # # or, expressed using time.gmtime(), # # (1976, 8, 10, 11, 11, 00, 1, tm_yday, 0) # # Special thanks to chopin (jer at zetaweb.com) for finding # a bug in my comments which were confusing. from calendar import timegm from time import time birthday = (1976, 8, 10, 11, 11, 0, 1, 223, 0) print time() - float(timegm(birthday)) """ The above time returned is the number of seconds which I have been alive. Modify the 'birthday' value to get your personal epoch. """ From george Mon Feb 28 12:33:27 2005 From: george (George Georgalis) Date: Mon, 28 Feb 2005 12:33:27 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Message-ID: <20050228173327.GA20548@ixeon.local> On Mon, Feb 28, 2005 at 12:17:52PM -0500, Isaac Levy wrote: >Hi All, > >I was just wanting to post on some of the post-meeting conversations >I've repeatedly over-heard about managing time-drift across clusters of >machines- (you know who you people are...) > >How do folks like to do this? Special tools beyond rockin' timed? >Anyone know any good urls on the topic (either practical or acidemic)? Am I missing something here? Isn't the obvious answer, for a cluster, to configure the headnode (whether is connected to internet and synced or not) to answer ntp queries from nodes, and configure the nodes ntp time server to use their headnode? /usr/ports/net/ntp // George >P.S. below, (since I'm talking about time), ikepoch script (for Hans?) interesting, now I can calculate my own poch time! -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org From dan Mon Feb 28 12:43:28 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 12:43:28 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228173327.GA20548@ixeon.local> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Message-ID: <422311F0.27976.1CAD9D10@localhost> On 28 Feb 2005 at 12:33, George Georgalis wrote: > On Mon, Feb 28, 2005 at 12:17:52PM -0500, Isaac Levy wrote: > >Hi All, > > > >I was just wanting to post on some of the post-meeting conversations > >I've repeatedly over-heard about managing time-drift across clusters of > >machines- (you know who you people are...) > > > >How do folks like to do this? Special tools beyond rockin' timed? > >Anyone know any good urls on the topic (either practical or acidemic)? > > Am I missing something here? Isn't the obvious answer, for a cluster, to > configure the headnode (whether is connected to internet and synced or > not) to answer ntp queries from nodes, and configure the nodes ntp time > server to use their headnode? /usr/ports/net/ntp > > // George > > >P.S. below, (since I'm talking about time), ikepoch script (for Hans?) > > interesting, now I can calculate my own poch time! Sounds like much the same way I manage my home network. My gateway acts as time master, and all other machines on my network sync with it. In turn, the gateway syncs with an external source. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From jpb Mon Feb 28 13:04:13 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 13:04:13 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228173327.GA20548@ixeon.local> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> Message-ID: <20050228180413.GA15008@sixshooter.v6.thrupoint.net> * George Georgalis [2005-02-28 12:33]: > On Mon, Feb 28, 2005 at 12:17:52PM -0500, Isaac Levy wrote: > >Hi All, > > > >I was just wanting to post on some of the post-meeting conversations > >I've repeatedly over-heard about managing time-drift across clusters of > >machines- (you know who you people are...) > > > >How do folks like to do this? Special tools beyond rockin' timed? > >Anyone know any good urls on the topic (either practical or acidemic)? > > Am I missing something here? Isn't the obvious answer, for a cluster, to > configure the headnode (whether is connected to internet and synced or > not) to answer ntp queries from nodes, and configure the nodes ntp time > server to use their headnode? /usr/ports/net/ntp I would add diversity here. Having only one time master is a SPoF. Diverse routing is helpful as well. Just finished a similar exercise, though just for a collection (not a cluster) of machines. NTP on all BSDs but the OpenBSD box. OpenNTP on that. I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, it's not easy to verify that you are, in fact, synched with another NTP master. Also- one other nit: OpenNTP comes preconfigured to synch to a pool of servers from ntp.org. Why, I don't know. Simplicity maybe- but how am I supposed to verify *those* servers? Best Regards, Jim B. From ike Mon Feb 28 13:09:22 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:09:22 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228173327.GA20548@ixeon.local> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> Message-ID: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> Thanks yall', On Feb 28, 2005, at 12:33 PM, George Georgalis wrote: >> Hi All, >> >> I was just wanting to post on some of the post-meeting conversations >> I've repeatedly over-heard about managing time-drift across clusters >> of >> machines- (you know who you people are...) >> >> How do folks like to do this? Special tools beyond rockin' timed? >> Anyone know any good urls on the topic (either practical or acidemic)? > > Am I missing something here? Isn't the obvious answer, for a cluster, > to > configure the headnode (whether is connected to internet and synced or > not) to answer ntp queries from nodes, and configure the nodes ntp time > server to use their headnode? /usr/ports/net/ntp On Feb 28, 2005, at 12:43 PM, Dan Langille wrote: > Sounds like much the same way I manage my home network. My gateway > acts as time master, and all other machines on my network sync with > it. In turn, the gateway syncs with an external source. Cool. My question then changes to this: Are there any tricks to maintain redundancy with ntp servers? i.e. is there a builtin/traditional way to configure things so that *all* machines can act as ntp servers in the event that the ntp box goes el' muerte? Rocket- .ike From dan Mon Feb 28 13:16:04 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 13:16:04 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> References: <20050228173327.GA20548@ixeon.local> Message-ID: <42231994.3496.1CCB7523@localhost> On 28 Feb 2005 at 13:09, Isaac Levy wrote: > Are there any tricks to maintain redundancy with ntp servers? i.e. is > there a builtin/traditional way to configure things so that *all* > machines can act as ntp servers in the event that the ntp box goes el' > muerte? Configure NetSaint or other monitoring tool to monitor your primary ntp service. When it goes down, you'll be told. If you're concerned about the ntp server (versus ntp service) going down, you're getting into another arena, and it sounds like CARP to me (i.e. multiple servers, same IP address, etc). If your ntp service can't sync with an outside server for a day or so, you shouldn't get much drift. Your cluster will all be at the same time, because the server is still up. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From ike Mon Feb 28 13:20:05 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:20:05 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228180413.GA15008@sixshooter.v6.thrupoint.net> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <20050228180413.GA15008@sixshooter.v6.thrupoint.net> Message-ID: <63e4e5e924aa5cc80f735368d35b2153@lesmuug.org> On Feb 28, 2005, at 1:09 PM, Isaac Levy wrote: > Cool. My question then changes to this: ... redundancy... Doh, just as I hit send, Jim's message pretty much answered my question :) On Feb 28, 2005, at 1:04 PM, Jim Brown wrote: > I would add diversity here. Having only one time master is a SPoF. > Diverse routing is helpful as well. Configuring the master/slave relationships is the stuff I'm going to dig into here- gonna' rock the man pages for ntpd from here. If there's a builtin way to setup a failover master/slave configuration, that's hot- but if not, I'd assume it can just be scripted in some simple/sane manner. (thinking out loud, I'm imaging scripts to swap out config files and restart ntp based on responses etc...). Further digging just showed me that a lib. written by a trusted source exists for my favorite language, Python: http://www.egenix.com/files/python/mxDateTime.html > > Just finished a similar exercise, though just for a collection > (not a cluster) of machines. > > NTP on all BSDs but the OpenBSD box. OpenNTP on that. > > I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, > it's not easy to verify that you are, in fact, synched with another > NTP master. > > Also- one other nit: OpenNTP comes preconfigured to synch to > a pool of servers from ntp.org. Why, I don't know. Simplicity > maybe- but how am I supposed to verify *those* servers? Hrm. I love time problems- this question sounds like it leads to more of an ontological issue than a technical one :) Rocket- .ike From jpb Mon Feb 28 13:25:07 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 13:25:07 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> Message-ID: <20050228182507.GB15008@sixshooter.v6.thrupoint.net> * Isaac Levy [2005-02-28 13:09]: > Thanks yall', > > On Feb 28, 2005, at 12:33 PM, George Georgalis wrote: > > >>Hi All, > >> > >>I was just wanting to post on some of the post-meeting conversations > >>I've repeatedly over-heard about managing time-drift across clusters > >>of > >>machines- (you know who you people are...) > >> > >>How do folks like to do this? Special tools beyond rockin' timed? > >>Anyone know any good urls on the topic (either practical or acidemic)? > > > >Am I missing something here? Isn't the obvious answer, for a cluster, > >to > >configure the headnode (whether is connected to internet and synced or > >not) to answer ntp queries from nodes, and configure the nodes ntp time > >server to use their headnode? /usr/ports/net/ntp > > On Feb 28, 2005, at 12:43 PM, Dan Langille wrote: > > >Sounds like much the same way I manage my home network. My gateway > >acts as time master, and all other machines on my network sync with > >it. In turn, the gateway syncs with an external source. > > > Cool. My question then changes to this: > > Are there any tricks to maintain redundancy with ntp servers? i.e. is > there a builtin/traditional way to configure things so that *all* > machines can act as ntp servers in the event that the ntp box goes el' > muerte? Simple suggestion: Pick 4 or more servers from the list at http://ntp.isc.org/bin/view/Servers/StratumOneTimeServers (Use any 'OpenAccess' server listed. If the server indicates that the maintainer would like to hear from you- send a courtesy email. See the 'Rules Of Engagement' at http://ntp.isc.org/bin/view/Servers/RulesOfEngagement ) One one machine, put two servers from the above list in the /etc/ntp.conf file. server one.someserver.com server two.someserver.com On another machine, put the other two servers from the above list in /etc/ntp.conf. server three.someserver.com server four.someserver.com I actually use a pool of eight NTP stratum 1 servers, and have four entries on each of my servers. I also add a driftfile statement. See ntp.conf(5) for details. There are many options in ntp.conf, most of which you will never use. For the truly paranoid, use authentication. Hope this helps, Jim B. From ike Mon Feb 28 13:25:16 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:25:16 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <42231994.3496.1CCB7523@localhost> References: <20050228173327.GA20548@ixeon.local> <42231994.3496.1CCB7523@localhost> Message-ID: <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> Thanks Dan, On Feb 28, 2005, at 1:16 PM, Dan Langille wrote: > If your ntp service can't sync with an outside server for a day or > so, you shouldn't get much drift. Your cluster will all be at the > same time, because the server is still up. In all practicality, very true. The situation where I'm trying to implement this is a bit strange though; where boxes that go down could be physically taken offline for perhaps weeks at a time- or never return to the cluster, so I'd like to try to make it as brainless as possible- (but in the end, brainless moves can require extreme brainwork/time when they fail :) - /me teetering on the fence all over... Rocket- .ike From ike Mon Feb 28 13:26:57 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:26:57 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228182507.GB15008@sixshooter.v6.thrupoint.net> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> <20050228182507.GB15008@sixshooter.v6.thrupoint.net> Message-ID: On Feb 28, 2005, at 1:25 PM, Jim Brown wrote: > Hope this helps, > Jim B. Heck yeah! Thanks Jim, and everybody on this thread. Learned a lot very quickly here. Rocket- .ike From dan Mon Feb 28 13:35:07 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 13:35:07 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> References: <42231994.3496.1CCB7523@localhost> Message-ID: <42231E0B.15189.1CDCE7E0@localhost> On 28 Feb 2005 at 13:25, Isaac Levy wrote: > In all practicality, very true. > The situation where I'm trying to implement this is a bit strange > though; where boxes that go down could be physically taken offline for > perhaps weeks at a time- or never return to the cluster, so I'd like to > try to make it as brainless as possible- (but in the end, brainless > moves can require extreme brainwork/time when they fail :) - /me > teetering on the fence all over... CARP comes to mind. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From jpb Mon Feb 28 13:38:32 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 13:38:32 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> References: <20050228173327.GA20548@ixeon.local> <42231994.3496.1CCB7523@localhost> <83593330ecaa1c48a98bbecbaafabc17@lesmuug.org> Message-ID: <20050228183832.GC15008@sixshooter.v6.thrupoint.net> * Isaac Levy [2005-02-28 13:25]: > Thanks Dan, > > On Feb 28, 2005, at 1:16 PM, Dan Langille wrote: > > >If your ntp service can't sync with an outside server for a day or > >so, you shouldn't get much drift. Your cluster will all be at the > >same time, because the server is still up. > > In all practicality, very true. > The situation where I'm trying to implement this is a bit strange > though; where boxes that go down could be physically taken offline for > perhaps weeks at a time- or never return to the cluster, so I'd like to > try to make it as brainless as possible- (but in the end, brainless > moves can require extreme brainwork/time when they fail :) - /me > teetering on the fence all over... You can run ntpd -q (or ntpdate) to perform a one-time clock jump before your run ntpd. ntpd will not sync up if you are more than 1000 seconds off the reference server. ntpd -q (or ntpdate) gives you a chance to jump close to the reference server in one jump. ntpd will then sync up with a reference server. In my understanding, ntpd does not set the BIOS time. It normally sets the OS time. Always use UTC as the time source and set your timezone accordingly. Best Regards, Jim B. From ike Mon Feb 28 13:53:37 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 13:53:37 -0500 Subject: [nycbug-talk] CARP on FreeBSD [list thread fork] Message-ID: <83c50e2389853c34d44e49f4f6153e7a@lesmuug.org> Hi all, Thought I'd fork this from the ntp thread in case it got noisy, On Feb 28, 2005, at 1:35 PM, Dan Langille wrote: > On 28 Feb 2005 at 13:25, Isaac Levy wrote: >> ... boxes that go down could be physically taken offline for >> perhaps weeks at a time- or never return to the cluster, so I'd like >> to >> try to make it as brainless as possible- > > CARP comes to mind. *sigh* For these systems in particular, where I'm doing a lot of jailing, FreeBSD 4.x is de-facto production standard for me, for some time to come... with that, I've got some longing reservations about diving down the CARP path right now... Dan: I know Carp is living a healthy life in FreeBSD 5.x, but do you know anything I don't know, (or that google is witholding from me), about CARP on FreeBSD 4.x? So far, this is the only relevant stuff I found on the issue: http://lists.freebsd.org/pipermail/freebsd-pf/2004-September/000300.html (Pyun YongHyeon, who ported CARP to FreeBSD 5.x, speaking on why he doesn't care to port to FreeBSD 4.x... And with a tear welling up in my eye, I can see his logic.) -- Anyone have any good thoughts on this, or should just accept this and plan to keep CARP fun relegated to ike-playland for the next year or so? Rocket- .ike From dan Mon Feb 28 14:06:42 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 14:06:42 -0500 Subject: [nycbug-talk] Re: CARP on FreeBSD [list thread fork] In-Reply-To: <83c50e2389853c34d44e49f4f6153e7a@lesmuug.org> Message-ID: <42232572.21183.1CF9D2A5@localhost> On 28 Feb 2005 at 13:53, Isaac Levy wrote: > Dan: I know Carp is living a healthy life in FreeBSD 5.x, but do you > know anything I don't know, (or that google is witholding from me), > about CARP on FreeBSD 4.x? All I know about CARP I learned at BSDCan. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From ike Mon Feb 28 14:17:55 2005 From: ike (Isaac Levy) Date: Mon, 28 Feb 2005 14:17:55 -0500 Subject: [nycbug-talk] Re: CARP on FreeBSD [list thread fork] In-Reply-To: <42232572.21183.1CF9D2A5@localhost> References: <42232572.21183.1CF9D2A5@localhost> Message-ID: <3237f3d46948311db8a115ed2be26ef0@lesmuug.org> On Feb 28, 2005, at 2:06 PM, Dan Langille wrote: > On 28 Feb 2005 at 13:53, Isaac Levy wrote: > >> Dan: I know Carp is living a healthy life in FreeBSD 5.x, but do you >> know anything I don't know, (or that google is witholding from me), >> about CARP on FreeBSD 4.x? > > All I know about CARP I learned at BSDCan. Digit- yeah, same here, thx for the heads up though. I've toyed with it some in the studio here with ad-hock parts boxen (and as many nics as I could conjure out of the shoebox), but it's still relegated to weekend hacking and fun, since I've chosen (happily) to limit myself to FreeBSD, for doing jailing in production life... /me slides CARP onto the backburner for a slow simmer here... Rocket- .ike From o_sleep Mon Feb 28 15:03:40 2005 From: o_sleep (Bjorn Nelson) Date: Mon, 28 Feb 2005 15:03:40 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: <20050228180413.GA15008@sixshooter.v6.thrupoint.net> References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <20050228180413.GA15008@sixshooter.v6.thrupoint.net> Message-ID: Hello Jim, > I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, > it's not easy to verify that you are, in fact, synched with another > NTP master. ntpq -p checks the peer status and if ntp is working you should have a refid other then 0.0.0.0 for that peer. Also you can go into the ntpq interactive utility: type: ntpq then type: associations conf should say "yes." -Bjorn From jpb Mon Feb 28 15:35:47 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 15:35:47 -0500 Subject: [nycbug-talk] dealing with drift In-Reply-To: References: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> <20050228173327.GA20548@ixeon.local> <20050228180413.GA15008@sixshooter.v6.thrupoint.net> Message-ID: <20050228203547.GA15409@sixshooter.v6.thrupoint.net> * Bjorn Nelson [2005-02-28 15:03]: > Hello Jim, > > >I do miss the ntpdc utility on OpenBSD. Unless I'm missing something, > >it's not easy to verify that you are, in fact, synched with another > >NTP master. > > ntpq -p > checks the peer status and if ntp is working you should have a refid > other then 0.0.0.0 for that peer. > > Also you can go into the ntpq interactive utility: > type: ntpq > then type: associations > > conf should say "yes." > > -Bjorn > Thanks! I'll check that out. Best Regards, Jim B. From jpb Mon Feb 28 21:05:37 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 21:05:37 -0500 Subject: [nycbug-talk] Seeking tape backup unit Message-ID: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> Hello all- I'm seeking to purchase a tape backup unit, used or new, probably SCSI. Something fairly recent is better, but this is going in a standard Dell OptiPlex P4 box running FreeBSD 5.3. I'll probably use bacula for backup. 10G minimum capacity. Does not have to have an autochanger, but if you have one, let's talk. I'm in the NYC metro area, but I'll pay for shipping if it's too far to drive. Thanks, Jim B. From dan Mon Feb 28 21:19:25 2005 From: dan (Dan Langille) Date: Mon, 28 Feb 2005 21:19:25 -0500 Subject: [nycbug-talk] Seeking tape backup unit In-Reply-To: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> Message-ID: <42238ADD.1685.1E85FC6E@localhost> On 28 Feb 2005 at 21:05, Jim Brown wrote: > I'm seeking to purchase a tape backup unit, used or new, > probably SCSI. Something fairly recent is better, but this > is going in a standard Dell OptiPlex P4 box running FreeBSD 5.3. > I'll probably use bacula for backup. 10G minimum capacity. Does > not have to have an autochanger, but if you have one, let's talk. > > I'm in the NYC metro area, but I'll pay for shipping if > it's too far to drive. How much do you need to put on a tape daily? 4GB? 10GB? 35GB? -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ From jpb Mon Feb 28 22:08:05 2005 From: jpb (Jim Brown) Date: Mon, 28 Feb 2005 22:08:05 -0500 Subject: [nycbug-talk] Seeking tape backup unit In-Reply-To: <42238ADD.1685.1E85FC6E@localhost> References: <20050301020537.GA15845@sixshooter.v6.thrupoint.net> <42238ADD.1685.1E85FC6E@localhost> Message-ID: <20050301030805.GB15845@sixshooter.v6.thrupoint.net> * Dan Langille [2005-02-28 21:19]: > On 28 Feb 2005 at 21:05, Jim Brown wrote: > > > I'm seeking to purchase a tape backup unit, used or new, > > probably SCSI. Something fairly recent is better, but this > > is going in a standard Dell OptiPlex P4 box running FreeBSD 5.3. > > I'll probably use bacula for backup. 10G minimum capacity. Does > > not have to have an autochanger, but if you have one, let's talk. > > > > I'm in the NYC metro area, but I'll pay for shipping if > > it's too far to drive. > > How much do you need to put on a tape daily? 4GB? 10GB? 35GB? 10GB min Jim B. From alex Mon Feb 28 12:09:35 2005 From: alex (alex at pilosoft.com) Date: Mon, 28 Feb 2005 12:09:35 -0500 (EST) Subject: [nycbug-talk] dealing with drift In-Reply-To: <7738dbcd310f2d000ea497d5da3be3f1@lesmuug.org> Message-ID: On Mon, 28 Feb 2005, Isaac Levy wrote: > I was just wanting to post on some of the post-meeting conversations > I've repeatedly over-heard about managing time-drift across clusters of > machines- (you know who you people are...) > > How do folks like to do this? Special tools beyond rockin' timed? > Anyone know any good urls on the topic (either practical or acidemic)? It is called ntpd. -alex From alex Mon Feb 28 13:13:09 2005 From: alex (alex at pilosoft.com) Date: Mon, 28 Feb 2005 13:13:09 -0500 (EST) Subject: [nycbug-talk] dealing with drift In-Reply-To: <4dafb832d4efd684ce7e0dc2e03132f0@lesmuug.org> Message-ID: On Mon, 28 Feb 2005, Isaac Levy wrote: > Are there any tricks to maintain redundancy with ntp servers? i.e. is > there a builtin/traditional way to configure things so that *all* > machines can act as ntp servers in the event that the ntp box goes el' > muerte? Yes, it is called 'ntpd'. -alex