Annoying truths about bash
Howdie, here's an anomally I just discovered after a very annoying debugging session... My native bash (Ubuntu 17.04) is version 4.4.7(1)-release # aa=" hello" ; md5sum <<< $aa fc22c4f0ac67cb377dd50629601e4df0 - # aa=" hello" ; md5sum <<< "$aa" fc22c4f0ac67cb377dd50629601e4df0 - bash on Ubuntu 16.04 has version 4.3.48(1)-release # aa=" hello" ; md5sum <<< $aa b1946ac92492d2347c6235b4d2611184 - # aa=" hello" ; md5sum <<< "$aa" fc22c4f0ac67cb377dd50629601e4df0 - So as usual, please give strings explicit quotes, or it will bite you in the tush. For the record, the way the older bash behaves may well be the "correct" one (losing the space from the string while tokenizing), and the new one is more sensible. but it certainly isn't fair to fix this in a minor version and screw up people's scripts, eh? :) -- Does the name Pavlov ring a bell? Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Debian stretch launch get-together
In case anyone missed my post to Hamakor (http://hamakor.org.il/pipermail/discussions/2017-May/006891.html) Here's a re-do: we have 6 people (and counting) meeting on Saturday 17/6 at Porter & Sons (Tel Aviv). Anyone here wants to join? Please answer me off-list. Thanks, Ira. -- First human clone Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Android and the 64 billion bytes question.
Now do you format a 64GB SDXC card to use with Android? the opinions on the web are all over the place. some say it's OK to keep ExFat (it came formatted) since it's pretty stable in FUSE and the Cyanogenmod supports it. others say one should partition it down to two 32GB parts of Fat32 for compatibility with older OS in case you need to reset (also I found my version of CWM does not read ExFAT). Others say ext2 is the way to go, or ext3 (Windows machines won't support that easily, but I don't care since I don't run one). Basically it's a question of what FS is the most convenient, stable, safe and speed-optimized for flash. The forums people argue but I feel none of them have serious ways to back up their opinions. If you have any facts or educated opinions, I'd be happy to learn. -- World class chipmunk Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Android and the 64 billion bytes question.
Like I said, ExFAT is not an issue with my desktop, only with my CWM recovery. it seems CyanogenMod have a CWM fused into their kernel, so if I try to install a newer CWM or TWRP, I still get the older CWM that won't support ExFAT. I also thought splitting the card into two 32G partitions could save me from loosing more than one partition at once, if anything bad happens. Quoting Hetz Ben Hamo, from the post of Thu, 10 Oct: Yes, there is, but just like with FAT, FAT32, NTFS, SMB etc - you won't see Microsoft chasing Ubuntu, CentOS or Red Hat for royalties. MS is asking royalties from the hardware vendors, not from you or your favorite distribution. BTW: Both Fedora and Ubuntu already support exfat. תודה, *חץ בן חמו* *חץ ביז http://www.hetz.biz*- שרותי פרילאנס לניהול ותחזוקת שרתי Linux ופתרונות וירטואליזציה. טלפון: 054-5297156 אתם מוזמנים לבקר אותנו בבלוג היעוץ שלנו http://vps-consulting.info [image: גם אתר זה מתארח ב-חץ ביז שרתי VPS] * * 2013/10/10 Udi Finkelstein linux...@udif.com Weren't there any patent issues with exFAT? Udi On Thu, Oct 10, 2013 at 2:09 AM, Hetz Ben Hamo h...@hetz.biz wrote: Hi, The ExFAT was invented by Microsoft specifically for such a removable storage and support for flash cards with this sizes (it supports up to 64 ZB). Its fully supported under Android (Samsung wrote the kernel module, so there's a native support for it), and you can grab the kernel module from here: https://github.com/dorimanx/exfat-nofuse You can use ext3/ext4 (ext2 is a dog slow on SD) but then you'll have the overhead of journaling, and you won't have any compatibility with any Windows/Mac, in case you want to stick your card into such systems. תודה, *חץ בן חמו* *חץ ביז http://www.hetz.biz*- שרותי פרילאנס לניהול ותחזוקת שרתי Linux ופתרונות וירטואליזציה. טלפון: 054-5297156 אתם מוזמנים לבקר אותנו בבלוג היעוץ שלנו http://vps-consulting.info [image: גם אתר זה מתארח ב-חץ ביז שרתי VPS] * * 2013/10/9 Ira Abramov lists-linux...@ira.abramov.org Now do you format a 64GB SDXC card to use with Android? the opinions on the web are all over the place. some say it's OK to keep ExFat (it came formatted) since it's pretty stable in FUSE and the Cyanogenmod supports it. others say one should partition it down to two 32GB parts of Fat32 for compatibility with older OS in case you need to reset (also I found my version of CWM does not read ExFAT). Others say ext2 is the way to go, or ext3 (Windows machines won't support that easily, but I don't care since I don't run one). Basically it's a question of what FS is the most convenient, stable, safe and speed-optimized for flash. The forums people argue but I feel none of them have serious ways to back up their opinions. If you have any facts or educated opinions, I'd be happy to learn. -- World class chipmunk Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Straight from the hourse's mouth Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Linux friendly NAS or networked drive/raid - perhaps wireless
Quoting Steve G., from the post of Fri, 04 Oct: So I am thinking, maybe I should get an external network drive, or raid, or NAS, and use it to consolidate my drive and keep all my files in one place from now onward. I have yet to see a cheap hardware off-the-shelf NAS that can beat a PC in performance or flexibility. I would get three WD Red disks and build a Linux machine around them, doesn't have to be too powerful. Don't stick old drives in there, you want reliability. use RAID5 in software, dm-crypt if you want some privacy, Samba, NFS and OwnClouׁ• like people already suggested, and a very logical directory tree so you can find everything easily. Also - backup backup baskup. there are cheap cloud services where you can have unlimited storagef for $20-$#0 a year, the better ones support rsync. don't be too cheap, you want your data alive. Especially unique stuff like family photos that can't be recovered from a torrent site... -- Built by 100 monkeys with 100 typewriters Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[Job] Small simple system job for a freelancer
Howdie peeps, I just got a call from some law firm that are taking apart a bankrupt company, an old client of mine. They need someone to come in and backup that Linux based environment they don't know what to do with. If I'm guessing right, it's the server where all the company's IP was on - about 100-150 SVN repos (No, it never made sense) into which they comitted binaries (Yup...) and the TRAC setup for each (sqlite and some random files like that). What they need I assume is someone to back the whole thing out in a bunch of tarballs. the nicest part is that this was already done daily on the machine, so it's probably just a case of copying the most recent version of the tarballs off to an external drive or something. Easy job, won't take more than 2-3 hours of staring at the screen mostly, etc. If you can do this, please get in touch and I'll hook you up to the lawyer dude. Shana Tova, Ira. -- Another bad creation Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Retooling my mail server
Quoting Tzafrir Cohen, from the post of Fri, 19 Jul: http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/ and I http://workaround.org/ispmail/squeeze Similar in attitude http://www.iredmail.org/ A script that you run and it does everything (?) for you If you go this route, here's another one: http://yunohost.org/ Thanks, I'll look at them. You asked about my list of requirements, so: 1. I have my own mail server, I want to upgrade it. it's time I learn DKIM, SPF and other tools that didn't exist when I first built it. 2. I want to use more SSL and TLS wherever possible, the NSA are not the only big brother around. 3. I want to try and detach myself from SAAS I can't control, so I'm thinking OwnCloud instead of Dropbox, getting back to my own server rather than waiting for the other shoe to drop at Gmail, etc. 4. I'll still need to manage multiple virtual mail domains. I would very much require catch-all addresses and mail-EXT@domain extensions because me and my current users rely heavily on that. 5. I want a modern, web-managed list server. 6. I like managing my mail in tagged conversations rather than folder-sorted messages. I hope to find a webUI that will do that for me. I have not yet looked into the latest versions og IMP, roundcube, squirrel and friends, but I remember they don't offer it. So if you have insights and recommendations (hopefully ones that don't involve LDAP which I hate with my guts), I'll appreciate the input :) -- Where it's at Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Retooling my mail server
Howdie, I've been delaying this for years, but for the last 15 of them I've been working with qmail and ezmlm and they are getting dated. no DKIM, no smtp auth, lots of modern features and community missing. Then the other day someone tweeted me this: http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/ and I thought that with all my love of Qmail it's something to get modernized and look into virtual domain pop-toaster solutions in postfix. I'll also look for a modern friendly MLM, and I wonder if Sympa is the only newer face over mailman, and if so, is it better? If you have any input, I'll appreciate it :) Also, I'm considering keeping all the configs on my system with Chef Solo. I like Chef so much more than Puppet, but If you have a ready-made pop-toaster setup for puppet already tested and running well, I'll consider it. The next component to install after ditching Gmail as far as I can, will be OwnCloud so I can ditch DropBox and friends as well. Got any pros and cons to share? I'll appreciate this too. Last and somewhat least (off topic) is that we are hiring, there are two DevOps positions (not just one as the list shows), we also need an Ira-clone DevOps person for developing the Iron-to-IAAS part of the product: http://hiring.gooodjob.com/jobs/en/?pid=2OrgID=462pref=user8894 -- Boldly going where no man has gone before Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Current Video Card winning horse?
Quoting Amos Shapira, from the post of Wed, 10 Oct: (Piggy backing but is related) What about USB3 monitors? Are they a viable option yet? not that I could find. I have no idea if the standard is even implemented, nor if it is supported in Linux. Requirements: - have it play nice with Xorg (Debian/Ubuntu). - preferably FOSS drivers, but only if rock solid. - preferably a GPU that supports CUDA/OpenCL (though the only client I have for it ATM is BOINC https://boinc.berkeley.edu/wiki/GPU_computing ) - preferably dual-port, so I can send a signal to a secondary screen/projector. - No special gamer mad features needed. The most 3D I'll do with it is probably Desktop Cube :) Well, the screen arrived today and I can tell you two things... A. I hooked it up with the D-Sub of my piss-ant on-board intel chip, and other than a slight blurriness (due to analog signal loss, no doubt, or a low-q A/D), it seems to push the full resolution quite well. 2560X1440 at 60Hz, I get good response, and full screen video is fine, even 1080P video files render nicely, though you can see the frame rate is not full. B. a friend who is a video editor will give me an older dual HD4850 ATI card. At 1 TeraFLOP it can handle 4 HD screens, so I have no doubt it will be over the top for my modest single screen, and the price is so cheap (used) that I don't mind the old hardware version. Thanks for all your input :-) -- Bachelor number one Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Looking for directions about compiling and tracing OpenJDK
Quoting Amos Shapira, from the post of Tue, 09 Oct: Hi, I have an idea which involves going somewhat deep into the bowls of the Java Jar class loader when using the official Oracle JDK 6 (and soon 7). To verify this I started looking at the JDK source code but it's not small and I'd like to try to trace through it while it executes Java programs. Does anyone here have experience in doing something like this and can give me some useful pointers on how to do this? I'd like to be able to do gdb java -jar HelloWorld.jar and single-step through the class loader while it loads HelloWorld.jar. My humble opinion - gdb will catch way too much crap. Is it so low in the stack that you can't provision it with JMX and trace it through that? -- Ben and Jerry's love child Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Current Video Card winning horse?
Ahoy maties! The time has come for me to upgrade some of my antique hardware, and I have ordered myself a nice mega-monitor with the ass-whooping resolution of 2550X1440. This means the old VGA on board won't do and I need to look at higher-end stuff (DVI-D at minimum). I googled this issue quite a bit, limiting google for results only from the last month and still I'm not sure who do we not-hate this month (I suppose I'm looking at ATI and nVidia) Requirements: - have it play nice with Xorg (Debian/Ubuntu). - preferably FOSS drivers, but only if rock solid. - preferably a GPU that supports CUDA/OpenCL (though the only client I have for it ATM is BOINC https://boinc.berkeley.edu/wiki/GPU_computing ) - preferably dual-port, so I can send a signal to a secondary screen/projector. - No special gamer mad features needed. The most 3D I'll do with it is probably Desktop Cube :) Thanks in advance! -- A can of Whoop-Ass Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Looking for directions about compiling and tracing OpenJDK
Quoting Amos Shapira, from the post of Tue, 09 Oct: To give more details of what I'm after - I want to know whether the class bytecode address points into the mmap(2)'ed jar file or into malloc(3)'ed memory. I think I found part of the code path inside the jdk source which does this and now I'm trying to determine what are the situations in which each option is taken. Can JMX do that? The code I'm looking at is written in pure C. if that information is exposed to the java objects in the VM, then maybe. otherwise, I guess it's a case of getting your fingers dirty with GDB... -- The secret to happiness Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Heterogenous, dynamic RAID for a home server
Hey people, A friend of mine want to build a file server machine at home to get the benefits of a Drobo, but for 1500 NIS rather than $1500. The idea is to mix in 1T, 2T and 3T disks he already has, and on occasion grow the ׁ•torage by another disk or replace and rebalance it. He wants it to be more reliable than RAID0 but more efficient than RAID10, so RAID 5/6 are more like it. I looked around at the idea of ZFS or a distributed FS on a single node, but they are not options. I'm thinking how to do it with a block redundancy scheme, and so far I came up with this: create a RAID5 from the lower 1TB of all the disks you have, then a smaller RAID5 array from the second TB, and finally a RAID1 or RAID5 from whatever you have left. so if we say I have 2*3T and 2*2T and 1*1T, I have (5-1)*1T+(4-1)*1T+1T (the last is RAID1). now I have 8TB in three block devices, and I make a single LV (LVM2) from three extents. Is there a better solution? do note that it's not optimal for spindle activity, but this is a home machine serving two other computers and a TV streamer at the worst case. Any feedback is welcome... -- Perishable item Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[JOB] DevoOps and software engineers, lend me your brains!
We're a young dynamic consultancy firm with strong offerings in cutting-edge devops magic, distributed systems design and automated deployment and management, IAAS wrangling, etc. We're looking for DevOps with or without cloud experience, expecially if you're the kind of guy/gal who wears a CAP and mixes SQL with NoSQL juice for breakfast. Send me your resume at ira(at)fewbytes.com. Thanks, Ira. -- I did it for my people! Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Security patches for Apache 1.3.x?
howdie! I have an embeded system (roughly based on CentOS 3) with a few legacy components, one of which is Apache 1.3.42, which has served us well this far, but now we bumped into these: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1928 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0419 Since the Apache 1.x line is EOL and I don't see this package has been maintained with sec patches by Debian or even RHEL (correct me if I missed anything) Before I'm forced to rock the boat with a move to Apache2, lighty or nginx, is there a source for patches for this that I missed? Thanks, Ira. -- Patron of the arts Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: RMS, Hosts Must Support Boycott?
Quoting geoffrey mendelson, from the post of Sun, 12 Jun: On Jun 12, 2011, at 10:50 AM, Uri Even-Chen wrote: I don't agree with you, Geoff. What Richard Stallman does as a private person does not mean the FSF in involved. As a private person Richard Stallman has the right to boycott Israeli institutions and universities. It does not mean that the FSF is boycotting Israel. You can agree or not, it's your opinion. However US law is that once he signs his emails as an officer of the corporation, in this case president, it does. you know, there IS a logical falacy of guilt by association. before you oycot the FSF and the registration office that handled their NGO registration, and the entire govenrment of the country that enploys that registration clerk, and so on, I suggest we stop and call on the FSF spokespeople to give their opinion on the matter and maybe resolve it otherwise. two sideline remarks: 1. As I mentioned in my blog post, I don't see the financial boycott as a problem, and I'm even hoping it started moving something, but I have a real problem with justifying the academic BDS. however after I saw this Item, I wonder what will I do if more and more Universities ד‚?ere proven to act the same: http://www.mako.co.il/news-channel2/Channel-2-Newscast/Article-230c47f2e3f8031004.htm# 2. As usuall, I am suprised how appropriate my random signature comes out :-) -- Peacemaker Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
USB I/O draining my userspace (Ubuntu Natty 64b)
First, an appology. I added another message on the RMS fiasco only to find out later the threads all died out and I was committing a faux pas. my appologies! please ignore I posted it if at all possible. Second, here's my problem: I have here a workstation running an Athlon 3700+, and part of my job is to occasionally write out an image file to USB universal card reader, testing the product of my builds. The writing takes forever (since I haven't discovered how to get dd to write out the sparse image to the CF card sparsely). Also, untill I moved the card reader to one of the backpanel ports, the write would drag my entire environment to a halt at the same time - even the mouse pointer gets stuck at some point, until dd would finish. switching from front to back panel and adding the oflag=dsync option solved the freַ¯ing of the userspace but not the horrible writing speeds. I have a feeling this is a major bug with the USBstorage driver or some related module, but as this is old hardware running on the latest kernel from Ubuntu, I am surprised. Anyone got a clue? Thanks, Ira. -- Fastest gun in the west Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: USB I/O draining my userspace (Ubuntu Natty 64b)
Quoting Yedidyah Bar-David, from the post of Wed, 15 Jun: Perhaps it uses USB1 and not 2? nope, I had that problem when I accidentally switched ports to a USB1 port, the 22 minute burn took over 113 minutes before I noticed it was still writing and killed it. also, to answer Geoff - nothing else is on the USB, the M/K are on PS/2 connectors. Maybe the same controller chip, but not the same bus or kernel module. at least with oflag=dsync it doesn't get the entire userspace stuck, whatever that does. bs=8M is the next parameter I'll try, or maybe I should go for 32M? Can you rmmod all *hci_ucd modules except for ehci_hcd and see what happens? nope, I assumed Ubuntu would have taken precautions not to insmod anything useless for my hardware... Did you try cp (or cp --sparse=always if you really want to) and see if it helps? I don't know of a similar option for dd. I have here an image with partitions in it, which is why I use DD. cp can't help me, sadly. -- A fetus who made it Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: sponsorship?
Quoting Aviad Mandel, from the post of Sun, 29 May: Could anyone please explain why His Majesty's visit to the holy land matters at all? This thread sounds like a bunch of teenager girls who want to touch Justin Bieber. Well, on the one hand I share the sentiment. The ideas are more important than the man himself. however the items in the papers ARE focusing on the person and his decisions, and make us look bad, if only for a day, in some beholders' eyes. It's a public relations issue, not a fanboy thing. Not for me anyway - I don't think he's doing any justice to the cause with the way he presents the issues most of the time, creating antagonism too often. However since the FSF has chosen him as a spokesperson and not someone else, then his public persona and now political views affect our community's public image, therefore the issue needs to be addressed. However, since it's not a GNU/Linux issue, I prefer we all take this discussion to Hamakor's list, as people asked before. RMS has replied to Eddie Aronovich's accusation with a defensive, laconic short answer. I hope he'll reply to my personal email to him in a different tone. Updates, if you want them, will be on the discussions@hamakor list, and my blog, probably. -- Master of disguise Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Linux 3.0
I see no one else mentioned it on the list, so here it is, fresh from the kernel liׁ•t - Linus is considering a switch from 2.6.X to 3.X soon. No technical reason I can see, only that the kernel is going to be entering its third decade of life in July. Your ideas? :) http://www.h-online.com/open/news/item/Linux-3-0-could-be-out-in-July-1248294.html -- The great communicator Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: sponsorship?
Yup, you found a few items that refer to Israel and Israel policies. not one of them goes against the right of Israel to exist, says the palestinians are perfect and Israelis are evil, nothing of the sort. all he writes there are criticisms about Israeli policies and actions, the same criticisms and even more extreme could be found on my blog, the feed of people I follow on Twitter and in the daily papers (not only Ha'aretz). One of the items even says I saw a mainstream news article which called them anti-Israel protesters, which is clearly not true. He is not claiming to hold anti-Israeli opinions, nor do I. If this is a democracy, it should be legitimate to criticize my government and army when they use crute force against a conquered people, as well as against peaceful protestors who are its own civilians. So - not anti-Israel until you prove otherwise. Quoting amichay p. k., from the post of Sun, 29 May: This is what i found. On the HaMakor list someone already made a similar claim. I searched and have not found anything blatantly anti-israeli. He points out various things I don't like to hear about Israel but that does not make those points incorrect. I am sure you will now reply with a lits of links to his posts, otherwise people might think you are just making empty accusations. Gabor ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Regards, Amichay. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * Web site developer, and an independent security researcher. My Blog: http://am1chay.blogspot.com/. For permission to read, please contact me. ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Free with any purchase Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: sponsorship?
Quoting Stan Goodman, from the post of Sun, 29 May: Please enlighten me: When he says that the reason Israel doesn't fortify the border with the PA, but instead puts up a fence (the one that the PA calls 'Die WLL) specifically to separate Palestinians from their lands, that is not blatantly anti-Israel? That doesn't project the image of the diabolical Jew? In my naivete, I would have thought otherwise. Not every CRITICISM against a policy is automatically a rejection of the state that performed it. I think the wall is a horrible humanitarian, ecological, humane and ethical decision. It's not just me and the UN and the EU and the US that think that, it's also the supreme court of ISRAEL. are you of the opinion that we are all anti-Israeli, supreme court of your own country included? Why I said it was twisted is that the fence is, of course, a fortification, and it exists for reasons not unlike those for which the fence is collective punishment against an entire population. the fence is also creating humanitarian problems, seperating people from property, livelihood, schools, hospitals and beaurocracy. It's also seperating them from hope and reconciliation. it's creating more enemis than it is stopping, it is costing billions of my tax payer money. It is also a very obviuos way of setting the border without negotiations. I could go on, but if you believe the fence is a good thing you are either heartless, racist or a sucker that would swallow anything his government tells you. Also, see what I did there? I didn't only criticize my government, I actually accused it of crimes. Still it's my legal freedom to do so. I didn't say Israel is not a legitimate country, I'm not anti Israeli because I believe there are better ways to do this without violence and oppression. If I thought for a moment that this was irreversible, and the country IS indeed hopelessly racist, I would stop trying to change it for the good, leave here and call myself an anti-Israeli. Not proudly. I'm glad we are not there yet. Why would anybody want to listen to this man? Do you think he would stand in front of an Israeli audience and not lecture it on the criminal way Israel treats peaceful terrorists? And everybody in the audience that's a false dichotomy and straw man in one blow. please stick to facts. Where is this man from? I understand him to be a Brit, is that right? So Well, seems you know less about RMS and Democracy than he knows about the Israel-Palestine conflict. Congrats. Go get educated before you can state your opinions in public. -- Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
RMS clarifies, backlash was unneeded
I'm quoting below RMS' reply to Guy Shefer. He sent me a longer reply in person and they both confirm what I thought - he's more interested in fulfilling his original obligation and also use it for promoting collaboration. Moreover, he says the ban imposed on him is NOT Israel in its entirety, but only the Universities (the private Shenkar College seems kosher according to him). The weird but sensible thing to do is find lecture halls outside the universities and there would be no conflict. I'll be posting his personal replies to me in my blog later, and sending them to the papers. On Mon, May 30, 2011 at 07:36, Richard Stallman r...@gnu.org wrote: I saw that you sent an E-mail message canceling all of your talks in Israel= in the upcoming visit. Not all of them -- only the ones at universities. It is the universities that the funders object to. I have one planned talk which is not at a university, which I still plan to give. I will forward your message to them. I hope you can indeed work something out, because cooperation between Israelis and Palestinians is good. Another possible approach is to find other venues for the other talks I was going to give in Israel. -- Dr Richard Stallman President, Free Software Foundation 51 Franklin St Boston MA 02110 USA www.fsf.org, www.gnu.org Skype: No way! That's nonfree (freedom-denying) software. Use free telephony http://directory.fsf.org/category/tel/ ___ Discussions mailing list discussi...@hamakor.org.il http://hamakor.org.il/cgi-bin/mailman/listinfo/discussions - End forwarded message - -- Melts in your mouth but not in your hand Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: where is it?
Quoting Maayan Eshed, from the post of Tue, 12 Apr: the volume on that distro is by default on the same panel item as the mail and several other programs. to see what i mean right-click on the paneladd to panelindicator applet. Thanks Ma'ayan, that indicator applet has ֳ¦scaped from me too, and the damn thing is not just the volume, it's also the keyboard language. anyone knows how to turn off that mail indicator or make it work with T-bird instead of dEvolution? -- Hail Eris, Hack Linux! Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: auto-maximize a logical partition with ext3
Quoting Amos Shapira, from the post of Wed, 06 Apr: Ah and btw - sfdisk is king when it comes to scripting fdisk. Just pay I agree it is a nice tool, but I would not call it king. I have a lot of tings I'd do very differently in the dump format it offers, the import format it would recognize and other information it should give me with less pain. -- Squadron leader Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Creating a User with Access to a Single Command
Quoting Ohad Levy, from the post of Tue, 05 Apr: /etc/passwd: ariel:x:uid:gid::/home/ariel:/bin/rbash ls -l /bin/rbash lrwxrwxrwx 1 root root 4 Apr 10 2006 /bin/rbash - bash maybe I'm missing something.. but what would if the user simply type /usr/bin/something else? man rbash -- Fourth branch of government Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
MediaWiki sorting the Hebrew Alphabet
On several sites I manage I have this problem - Category pages display articles and subcategories sorted absolutely wrong. As far as I can tell this is only a Hebrew issue. Anyone got a clue? Someone told me it may be a question of DB collation or something, but I don't want to touch anything irreversibly without knowing exactly what would happen. Example: http://ecowiki.site.co.il/%D7%A7%D7%98%D7%92%D7%95%D7%A8%D7%99%D7%94:%D7%9E%D7%A2%D7%A8%D7%9B%D7%95%D7%AA -- King of the wild things Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Looking for KVM consultant
Quoting Tzafrir Cohen, from the post of Sun, 03 Apr: On Sun, Apr 03, 2011 at 10:41:13AM +0300, Tom Rosenfeld wrote: Hi guys, We are looking for help setting up KVM in our production environment. We have been using Vserver, but want to move to KVM which has many more tools for management. For the record, the direct replacement for Linux VServer would be OpenVZ or (for newer kernels. Not Centos 5.x) potentially lxc. I have had a very good track record with Proxmox VE: http://pve.proxmox.com/wiki/Main_Page It's a Debian with both KVM and OpenVZ, built-in clustering and a unified Web interface to create and manage the machines. -- The butterfly effect Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
auto-maximize a logical partition with ext3
Hello friends, last resort before I go and reinvent the wheel, badly. I have a system here that creates a dozen images for medias of different sizes, installing a few dozen machines every day. I would like to make the process more unified - install the same 4G image on all medias (dd) and then maximize sda6, the last ext3 partition, and naturally, the underlying extended partition sda4. The only tool that automates resizing like that is parted, and it still needs a precise partition length instead of use all available space, and won't resize ext3 if I don't turn off the journaling first (make it ext2). I tried deducing the maximum partition size with fdisk -l and other sfdisk instead, but each uses different units and I have no idea how to convert them all correctly so I'm left with working, non overlapping partitions. I'm prepared to do it the hard way, I just wondered if there's a tool I missed or an existing script that already does this. Thanks. -- His own worst enemy Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: auto-maximize a logical partition with ext3
Quoting Hetz Ben Hamo, from the post of Sun, 03 Apr: Umm, last time I checked, resize2fs (which now supports ext4, at least in Fedora) can resize to use all available space if you don't give it any Maybe I should have been more verbose - I know how to resize the FS, it's a no brainer. the problem is resizing the partition to the max without having to find the media size, or at the very least figuring out what is the maximum size it's alowed to be set to. I can get the info in sectors with fdisk -lu, then I could get, process and write back the partition table with sfdisk, but it is hard to get the right number of sections for the partitions. for instance, I have here a CF card of 1GB, it has 2001888 sectors, but if I use fdisk to create a partition with the default maximum size it ends at 2001855 - so is it a problem if I set the partition end to the end of the disk or how do I find out the number of sectors to leave out if it needs to land on the mysterious and anacronistic cylinder boundery? -- The doctor is |IN| Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: auto-maximize a logical partition with ext3
Quoting guy keren, from the post of Sun, 03 Apr: if it is the last partition, how about using expect (or similar) to automate 'fidk' on the device (probably need to set a loop device on the image file first), delete the partition and re-create it? as far as i remember, when you create a partition via fdisk's interactive prompt, by default it suggest to use all the available extra space. if it's a logical partition - you'll need to delete the underlying logical part as well, i assume. that solution has come to mind, and I have seen one case where it was used (to create, not resize). there's no need even for expect, you can simply redirect the input because the interaction is well known in advance, but it's a very ugly solution I hope not to have to implement for a dozen reasons. At the moment I'm taking all the information I can with greps and awk, dumping with SFDISK, making the corrections and loading back. c'est la vie. Happily, my next task is a bit more interesting. making vmbuilder work with logical partitions... -- Good omen Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Pop toaster recommendations seeked
Quoting Yedidyah Bar-David, from the post of Mon, 01 Nov: I worked for several years with postfix+dovecot+postfixadmin. IIRC it was mostly based on this howto: http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfixadmin+on+debian+sarge which is pretty dated, but postfixadmin itself (and the underlying tools, no doubt) is still maintained. It's pretty basic but working. the howto is very out of date, but I improvised and got dovecot and postfixadmin to play nice with the same DB scheme (which changed since the howto), but now I have postfix refusing to connect to the database. I'm close to open a new thread on that since I feel like I exhausted everything Google could find me. -- An endangered species Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
chrooted postfix in debian and mysql
Quoting Ira Abramov, from the post of Tue, 02 Nov: the howto), but now I have postfix refusing to connect to the database. I'm close to open a new thread on that since I feel like I exhausted everything Google could find me. Motherfrakker! This took two important hours and here's the solution: postfix kept complaining the socket was not there but it is. finally I saw that one example listed the map setting in main.cf thus: virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf rather than: virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf As most of the faqs do. I did grep chroot /etc/postfix/* and discovered that master.cf indeed defaults all the services to chroots (not a bad idea at all) but not the proxymap. indeed if you look at the postfix processes in /proc you will see that most interesting bits do run chrooted. the solution was not to move the socket into the chroot, but instead to use the proxy: to get to it. methinks this and other bits of the process mean the howto needs a serious update. If only I had the time :-) -- The gift that keeps on giving Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Pop toaster recommendations seeked
Howdie folks. for years I would install qmail+vpopmail+qmailadmin to give a client a nice robust virtual-domains web manager with mailing lists and all they needed, but today I discovered, that after 2-3 years of code freeze and maybe drop of users, courier imap seems has broken the option of authenticating with vpopmail, which means I have a wonderful virtual mail management and delivery system, but no pop3 and imapd to use it with. maybe it's time to ditch this kit and find another. option 1: courier MTA and SQWebmail - not so happy about it. I don't know the MTA, the message store is proprietary and limiting, no central management via web of the users (other than PHPMyAdmin, not friendly enough for my client. options 2: Zimbra. seams like a bit of an overkill but I'm told it works well, has postfix for an engine, and rumors say it supports virtual domains well (though I could not be sure from the confusing admin manual). Option 3: ? Donno... can you recommend? I'd love some input from your experience, I could not find anything solid enough with a webby control panel on howtoforge, so it looks like I'll lean towards Zimbra unless anyone has a rabbit in his hat to offer. Thanks! Ira. -- Good to the last drop Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
seeking cross-platform professional backup recommendation
Da subject unraveled: Cross Platform = runs windows, backs up Linux (specifically Debian) Professional = can properly back up and restore AD and Exchange. Seeking = Right now it's ArcServe. Symantec seems cheeper, but it seems like the buzz about the Linux agent is negative. Bacula and AMANDA are probably not options since they won't use shadow copies thus can't back up databases swiftly and restore them partially and intelligently like propriatary tools do. So, from your experience, should we go on with ArcServe, risk Symantec or is there a good, GUI-friendly Free b/u system to consider? thanks! -- The bald the beautiful Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
quicker mirror of RHEL images
Need to install RHEL for a client tomorrow and they don't have the media. downloading the eval images is slow. anyone got a local mirror of rhel-AS-64bit-5.4 or 5.5 for me to D/L? Thanks! -- The 13th Apostle Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: What's inside the evrit reader?
Quoting sara fink, from the post of Sun, 30 May: 2010/5/30 Hetz Ben Hamo het...@gmail.com Hi, Evrit is indeed a Linux device, but it had a very very stritct DRM. I think I heard from someone inside NDS that the DRM is built inside the kernel as a module. Not sure though, just a rumor I heard. I am not sure about drm built in the kernel, but if it's built as a module, what's the problem to do rmmod module-name? Provided that somehow it's possible to get root and shell to the device. Besides, I wouldn't buy a ereader with wifi. Just a reminder, kindle (by amazon) and they deleted automatically from users the book 1984. They can do the same to evrit. this has nothing to do with Wifi, it has to do with the document management software. I played with this a little at the store, it seems to be pretty responsive (at E-ink speed limitations), It does read PDF and a few popular e-reader formats, but I found it still a bit coarׁ•e. and the GUI left me wanting. If anyone knows of a different/cheaper e-reader that does RTL and Hebrew, please let us know. -- Big man on campus Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
export MantisBT to Bugzilla, anyone?
I have an old machine here, Debian Etch with Mantis 1.0.8. the problem is that it's patched in a weird way so that the scheme's not upgradable to 1.2.X, nor does Debian provide a path out of this mess with Lenny or Squeeze. From the forums it seems everybody is aware of the problem but nobody seems to do anything about it. so my other option is to port it to Bugzilla, but there are no current tools to do it, as much as I searched. m2bz died years ago, Bugzilla offers an importer module if I feel like sitting down to write hooks for Mantis, and the thid option is to write an XML exporter for Mantis (didn't find one ready-made), then use XSLT to translate and import it into the Bugzilla (while somehow maintaining my sanity). since I seem to have given up on Google, and I din't feel there's a way to do this on my own that would not be a cruel and unusual self-punishment, I wonder if anyone has a script they once wrote tucked somewhere? Thanks, Ira. -- I will eat you up Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
cross-platform bare metal remote restore system?
Howdie people! Got a client that needs a test environment where the disk on one specific server (maybe more in the future?) are wiped clean once in a while (so the performance tests always start at the same state). They want the same machine to be at alternate times installed with one of several images, Windows and Linux. Naturally I prefer to skip proprietary solutions and go to open. One of the requiremnets is that the data is only wiped on one of the two disks in the machine, or preferably just a single partition (the OS). Stored images can go to the other disk, or a remote server. Naturally I prefer a remote server because then I'll be able to use it for other one-shot installs as well (such as virtual machines, or just future bare-metals) On the short list are: * OpenQRM (an overkill, and I think avoiding full wipe is not easy) * G4L (I know nothing about it) * Partimage/PING (donno it, and it seems unmaintained) * Clonezilla (seems like the best candidate ATM) * FOG (aka freeghost - seems pretty good as well) So... before I sink my teeth in, I'd love any recommendations or warnings that will save me time. If you have interesting horror stories that go with the warnings, that's even better :-) Thanks, Ira. -- Dumb as they come Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[off] Bezeq NGN - good or bad?
my fellow sysadmins - Nezeq just called one of my client offering an upgrade from 5000/500 to NGN 1/800. They say it only takes a sec as their router is compatible. Is it stable and safe by now? should one make the switch? Offlist replies appreciated, though I thought it may be of interested to others, based on past experience :-) -- Morning person Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[OT] Urgent! AntiBiometric law campaign needs your help!
WE NEED A LAMP HACKER (can be perl, php, whatever). After getting shouted at, I try to separate politics from FOSS, but here's one where we really need the community. The knesset has a page that shows which MKs are in and out of the building: http://www.knesset.gov.il/presence/heb/PresentList.aspx we already extract that info, it's annoying but doable: http://no2bio.n2b.org/ The campaign is also keeping a list of the MKs on a googledocs spreadsheet that lists the MKs that are for or against the law. We need someone who can take the two lists (Google will export as CSV or XLS, I think) and make up a script that can cross the lists, tally and show if the people currently in the building give a majority for or against the law. If you care to help us hack something together, please write me in person and I'll make sure you have access to the info needed, and access to a server to host the scripts. Thanks in advance! Ira, and the anti-biometric DB campaign. -- One for the books Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Any key-party planned this August at the Penguin(tm)?
Due to the fact that recent math news are a compelling reason to regenerate GnuPGP (OpenPGP) keys, I have made myself a new pair. If you have signed my old F78F3EE4 and trust its trust of my new key 135D47A1, I would appreciate it if you would renew the signatures to the new one. Similarily, if you need my new key's signature on your new key based on trust of the older key, drop me a personal note. The Debian project's keyring was tested and apparently more than 50% of the people who still have old DSA1024 keys will need to regenerate them. I guess it's time to check your old keys and see if you need new ones, and then have a serious key signing party at the next August Penguin. Is anyone organizing one already? I'm willing to take care of it by default. Thanks, Ira -- Just approaching on the east, it's hurricane Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Netfilter module name oddity
Maybe I slept through some old thread about this, but nothing came out of searching Google about this: why do I have so many similarly named modules in my kernel? who is the clown who decided to break some very basic naming conventions of module filenames and give me a small heart attack? 10809 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_connmark.ko 12079 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_CONNMARK.ko 10066 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_dscp.ko 11193 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_DSCP.ko 9885/lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_mark.ko 10903 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_MARK.ko 10137 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_rateest.ko 13381 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_RATEEST.ko 9193/lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_tcpmss.ko 12506 /lib/modules/2.6.26-1-amd64/kernel/net/netfilter/xt_TCPMSS.ko 9141/lib/modules/2.6.26-1-amd64/kernel/net/ipv4/netfilter/ipt_ecn.ko 9975/lib/modules/2.6.26-1-amd64/kernel/net/ipv4/netfilter/ipt_ECN.ko 8762/lib/modules/2.6.26-1-amd64/kernel/net/ipv4/netfilter/ipt_ttl.ko 9232/lib/modules/2.6.26-1-amd64/kernel/net/ipv4/netfilter/ipt_TTL.ko At first glance I was sure it's some sort of a weird rootkit attempt, but apparently it's all kosher and I'm the last silly person on the planet to notice. Now I just need to know why this makes sense to whoever is maintaining this code (Rusty?) and how come I have not found any info about this with any combination of relevant search terms... -- Tool of the trade Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: ssh from 012 cable to server in US fail
Quoting Tomer Cohen, from the post of Tue, 28 Apr: Hi, I had the same issue yesterday evening (012, cable). After few hours I periodically tried, I was able to access the machines (one is located in Dreamhost, the other at sourceforge.net), but very slowly and with sudden disconnections after about one minute of each connection. these all sound annoyingly like the adventures a friend of mine had when connecting to my server from china, including obvious man-in-the-middle attacks, such as each time hׁ” tried to connect, the server would display a different host key. If the state of Israel has started building a great firewall they are both doing it wrong, as well as against the current law. very sad :-( On Tue, Apr 28, 2009 at 11:10, Rami Addady r...@active.co.il wrote: Hi, I have weird problem , staring this morning I can't ssh to a server in US, from some computers that connect to the Internet using 012 cabels. But if I'm ssh to server in 012 farm and then from it to the US server is work fine! I called 012 technical support but they didn't help me. It's not a FW issue because the ssh session start. When I try to ssh it start and after some time fail , here is debug session. ssh -v -l user 111.111.111.111 OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to ... port 22. debug1: Connection established. debug1: identity file /home/user/.ssh/identity type -1 debug1: identity file /home/user/.ssh/id_rsa type -1 debug1: identity file /home/user/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.9p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP ... after few minutes... Connection closed by 111.111.111.111 Any idea what wrong Rami ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Tomer Cohen http://tomercohen.com H. L. Mencken - It is even harder for the average ape to believe that he has descended from man. http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- The way of the world Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Please Send Announcements / Reminders of Herzelinux Events by E-mail
Quoting Shlomi Fish, from the post of Sun, 19 Apr: Hi Gilad! I'd like to thank you for organising Herzelinux ( http://tuxology.net/herzelinux/ ), which I've enjoyed attending several talks given there. you may notice that the meetings are published on a public Google Calendar. you can add it as a subscription to your own calendar if you are using GCal and it will even send you Email and SMS reminders for free. you can also subcribe to an iCal of it (in your sunbird or what have you) and it also produses RSS, so you can subscribe to it with any tool you wish and/or set yourself up a mail, SMS and other gateways as needed. However, I've missed the latest talk (where Lisha spoke about Mobile Internet Tough. Sadly, I did too. I was not reminded that it will take place the day it did. I also I suggest you fire your butler. Gilad is a VERY busy manager of a company. The Calendar is managed by his lovely wife and (very busy) business partner Limor. I suggest that instead of complaining on a public list, you create a little app to do what you need that and invite us all to use it too. A bonus would also be anns/rems on Israeli news sites. sure, what does a 200px-by-200px cost on Ynet or NRG theses days? it's peanuts... -- The only living boy in Ney York Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: stealing domain names by Israeli registrar
Quoting Boaz Rymland, from the post of Fri, 17 Apr: Consultation needed: As Shachar says, ISOC should be able to help. on one of the Israeli registrars - internic.co.il and check through Are they one of the Registrars? sounds like a phishing site from your description... I always go through ISOC. let's see... http://isoc.org.il/domain_heb/index.html Well, I'll be damned, they ARE. The page also has a link to email a complaint. Please note that there are 6 official registrars for domains under .il, and I prefer to go to the original - ISOC itself: http://isoc.org.il/domain_heb/registration_direct.html The reason - they are an NPO, and they are trustworthy people, some of them I'm happy to know personally. Most importantly, the money goes to good causes: http://isoc.org.il/about_heb/index.html * is that business method illegal? I doubt it. * what can be done here in order to react? (be the internic method legal or not). not sure. you could ask ISOC and maybe a lawyer or two who are into online fraud, Intelectual property, etc. * luckily for us, after I talked to my friend we made it clear that the needed domain should finish with a .org, not .co.il, so we actually weren't hit by Internic sting. The incident was and still is, very irritating. well, thanks for the heads-up, I suppose :-) -- The muscles from Brussles Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Seeking tag-based mail client.
Quoting Tzafrir Cohen, from the post of Sat, 04 Apr: On Sat, Mar 28, 2009 at 09:19:33PM +0300, Ira Abramov wrote: Dear lazyweb, I am hooked on the Gmail way of managing mail conversations by tags rather than by directories, it's really hard to leave that (and other features) behind, now that I'm trying to get rid of my gAddiction. I understand people have immitated several sides of this in Thunderbird but it's far from being useful, or stable. Plus I'd rather have a web-based program as well, so I can access it on my server from anywhere. I haven't used roundcube, Squirel and IMP3 is a little crude (imp4 I haven't tried) and I am not really sure what else is out there that is worth my time to test. Can anyone recommend a good tool/combo or two to try? http://sup.rubyforge.org/ (Haven't tried it, though) well, it looks like it'll definitely replace my last few mutt activities, but I was hoping for a webby interface. Thanks! and I guess I'll keep looking. -- Foreign barbarian Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Timezone update in SCO
Spent some time yesterday at a client with an antique SCO 5.0.7 machine, trying to get it to do IST/IDT switching done right. You can take the following wither as a helpful advice or a funny horror story of how not to do things :) First, I went to the huji FTP, but there were timezone updates for all OSs other than SCO. I could not find any timezone files on the system and no real cocumentation was to be found, so I assumed it's hard-compiled into the libc or something (the only help the late SCO ״¥ad to offer was a patch package from 2007 which for many reasons was too invasive a solution. Luckily I discovered the TZ variable can be a one-line zonefile on its own! having used GNU machines with /etc/localtime and /usr/share/zoneinfo/ I never bothered to even look for this kind of a solution... SCO has /etc/TIMEZONE, and the man F timezone works on my Debian as man timezone as well. here's the new, self-explaining /etc/TIMEZONE I wrote for them: # Set timezone environment to default for this machine ## old way (no automatic change) # TZ='IST-2' ## This works for Israel in 2009. needs to be changed in 2010! TZ=IST-2IDT-3,J86/2:00:00,J270/2:00:00 # If you look at the man page for this file (man F timezone), it is all # explained. The new DST begins at 2:00 AM on the 86th day of the year # 27th of March and ends at 2:00 AM on 27th of September or the 270th # day, That's expressed in TIMEZONE as # Mmonth.week.day/time,month.week.day/time in SANE countries, but not # in ISRAEL, we are too smart for that... The dates DST starts and ends # on are too random for one rule, so I use the specific day with Jday. # to calculate the day-of-year, ssh to a GNU machine and use: date -d # sep 27 2009 +%j (and you will get 270) You could leave off the # /2:00:00 because 2:00 AM is the default. # NOTE! once you are nearing December 2009 it's time to comment the # TZ above and uncomment the next one, then REBOOT (annoyingly!) # so all the processes get the right environment. # It's that simple... # # BTW, times for switching IST/IDT are published here (true to 2009) # http://www.moin.gov.il/Apps/PubWebSite/PageByItem.nsf/PrintTopicPage?OpenAgenttopic=6PMGZN2_2_6SVEPE2 # search moin.gov.il again when these run out: ##2010: 26.3 till 12.9 #TZ=IST-2IDT-3,J85,J255 ##2011: 1.4 till 2.10 #TZ=IST-2IDT-3,J91,J275 export TZ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: bug in date?
Quoting Hetz Ben Hamo, from the post of Fri, 27 Mar: Hi, Take a look at this: # date -s 27 MAR 2009 02:54:00 date: invalid date `27 MAR 2009 02:54:00' However.. # date -s 27 MAR 2009 03:00:00 Fri Mar 27 03:00:00 IDT 2009 Why is it invalid?? not a bug, it's actually smarter than I thought it would be :-) -- Assimilated by the Borg Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Timezone update in SCO
Quoting Doron Shikmoni, from the post of Fri, 27 Mar: Hi Ira, See: ftp://ftp.cs.huji.ac.il/pub/tz/israel/aix/timezone.2009 You mean the good-ol' AIX has no better, zic-like solution for this? that's hillarious in a very sad way... man, I have barely touched Unix machines in years. I think since I left Internet Ganav in 2000, I have bumped into one BSD-based pfSense, these two SCO machines yesterday and maybe 30 minutes on a SunOS machine. I wonder if I'm geting the right (or wrong?) kind of clients or is this really the age of GNU/Linux ;) shabat shalom! -- Just beyond your reach Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
No Israeli CPAN mirror?
I remember there used to be 2 or 3... http://mirrors.cpan.org/search.cgi?country=Israel -- The order of the phoenix Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Cheap VM cluster (software, storage) ideas
Quoting Ghiora Drori, from the post of Thu, 05 Mar: Hi, s3 is not used for block storage!! local ec2 instances storage or EBS drives are used. Yeah, I see that now. The problem was I have never heard of EBS till you email (not that I could find much about them, but I understand they are somewhat like an external storage you see as any other disk on the bus, only you get the ability to share it among many VMs. Now THAT is interesting. cheap common storage is a real boon and I can use that for smarter hosting of clusters without shelling out for an iSCSI or FC machine... All that is left to decide is which clustered FS is the fastest and most reliable that I can use with this setup. As to cost if you are using 4 servers it really does not matter. If you are you are using a 100 and there number can drop to 50 or go up depending on what you are doing the savings are significant. true, but this is not the case at the moment, unless I give each virtual web host a separate unique VM, but that would be insane. Koan: if apache runs just one website, but inside a VM. Is it still a Virtual host? Ira. On Thu, Mar 5, 2009 at 10:25 AM, Ira Abramov lists-linux...@ira.abramov.org wrote: Quoting Ghiora Drori, from the post of Wed, 04 Mar: Hi, Why would s3 bother you ? Its there it does not cost money if you do not use it it cost fairly little when you do and it works ok. Well, I was told it's not accassible as a simple filesystem, which means it won't work as shared storage for my current set of apps (various PHP and other tools expecting to find plain files in the directories they put them in... The only thing you will need s3 for is to store images of systems you want to launch, you could use public images but the cost of keeping private onse in s3 is negligible and this gives much more flexiblity in creating custom servers. Well, the hosting guy has 5 very different servers hosted right now. a winXP for Marcom, a couple of production Debian LAMPs, a test LAMP and a spare machine for sensitive sites. I think we are talking about too many details to try and just dump them P2V on a cloud and hope for the best... You do have to learn how to handle it aka instances can die and then you loose their disk this has been rare lately, was more common a few month ago. The EBS drives however do not die with the machine so data are you trying to cheer me up? :) I have machines with 500-600 days of uptime here, I don't need to move a bunch of Israeli sites to a far away cloud that occasionally has a lightning storm as well. You can put mysql, or any other software in images or load them when the instance is up. You can run RedHat, Gentoo, Ubuntu or even Windows... You can scale up and down the number of your servers and EBS disks as needed. If your servers were built for clustering in the first place, maybe. This is not a case of Drag'n'drop, as you can understand :) Make an account and play with it!! A small machine/instance (32 bits) is 10 cents an hour. If you cannot afford that you are not really commercial :) A few minor calculations should give you the correct cost numbers. 10 cents an hour are $2.4 a day or about $75 a month. this is more or less what the guy is paying in Israel now, and he gets less latency (all Hebrew sites and wanted only by Israelis), more disk space, etc. I guess the only real plus of histing the apps there is the Fun in the SAN. As sysadmin using it in a real web company it is very good, has a learning curve like everything else. yeah, only he's expecting definite answers from me, and Now I have to talk him into doing a pilot because I don't have all the correct answers. But that's the way the Internet works, right? :-) Cheers, Ira. -- Santa's little helper Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Constant change is here to stay! ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Another word for awesome Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Cheap VM cluster (software, storage) ideas
Quoting Ghiora Drori, from the post of Wed, 04 Mar: Hi, Why would s3 bother you ? Its there it does not cost money if you do not use it it cost fairly little when you do and it works ok. Well, I was told it's not accassible as a simple filesystem, which means it won't work as shared storage for my current set of apps (various PHP and other tools expecting to find plain files in the directories they put them in... The only thing you will need s3 for is to store images of systems you want to launch, you could use public images but the cost of keeping private onse in s3 is negligible and this gives much more flexiblity in creating custom servers. Well, the hosting guy has 5 very different servers hosted right now. a winXP for Marcom, a couple of production Debian LAMPs, a test LAMP and a spare machine for sensitive sites. I think we are talking about too many details to try and just dump them P2V on a cloud and hope for the best... You do have to learn how to handle it aka instances can die and then you loose their disk this has been rare lately, was more common a few month ago. The EBS drives however do not die with the machine so data are you trying to cheer me up? :) I have machines with 500-600 days of uptime here, I don't need to move a bunch of Israeli sites to a far away cloud that occasionally has a lightning storm as well. You can put mysql, or any other software in images or load them when the instance is up. You can run RedHat, Gentoo, Ubuntu or even Windows... You can scale up and down the number of your servers and EBS disks as needed. If your servers were built for clustering in the first place, maybe. This is not a case of Drag'n'drop, as you can understand :) Make an account and play with it!! A small machine/instance (32 bits) is 10 cents an hour. If you cannot afford that you are not really commercial :) A few minor calculations should give you the correct cost numbers. 10 cents an hour are $2.4 a day or about $75 a month. this is more or less what the guy is paying in Israel now, and he gets less latency (all Hebrew sites and wanted only by Israelis), more disk space, etc. I guess the only real plus of histing the apps there is the Fun in the SAN. As sysadmin using it in a real web company it is very good, has a learning curve like everything else. yeah, only he's expecting definite answers from me, and Now I have to talk him into doing a pilot because I don't have all the correct answers. But that's the way the Internet works, right? :-) Cheers, Ira. -- Santa's little helper Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Windows-free laptop in Israel - possible after all
Quoting Oleg Goldshmidt, from the post of Mon, 02 Mar: service), and left with a nice Lenovo ThinkPad X200 with FreeDOS for my trouble. indeed a trouble. the X200 is not as good as the X60 it's priced to replace. Sic transrit gloria laptopi - Lenovo is sadly phasing out the good old IBM hardware for this new wave of second-rate design :-( BTW, If you want to go really cheap hardware and a Free OS, take a look at these guys: http://shop.affordy.com/pl_product~af-lp-01-g~7~0.htm -- Bundle of joy Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Ubunto Pocket Guide pdf - freedownload link
Quoting Moshe Brace using Yahoo, from the post of Tue, 03 Mar: http://www.ubuntupocketguide.com/download2.html I came across the above link there's a free pdf download to be had. To Moshe and the all the others who want to send us more links - it's a nice thought, but not the coeect use of the Linux-IL. I suggest you collect them in delicious.com or a service like it, and just add the URL to that tag to your signature, and people will subscribe to that at will, and we all have less irrelevant traffic on the list :-) Thanks, Ira. -- Man without peer Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Citrix vs. VMware, Users' experience?
I want to make life easy for two clients of mine who want to go virtual, but are set against MS as host (Not my work, I swear! :) Citrix XenServer is free, in case you missed it: http://www.citrix.com/English/ps2/products/feature.asp?contentID=1686939 ESXi has been free for a while as well: https://www.vmware.com/tryvmware/?p=esxi And of course, the Xen project alone is free and Free, but people tell me it's not for the beginners. This is what I need for the clients. Both are good at windows, only starting out in Linux. Both need something that's not too techie and CLI to manage. ESXi has been the automatic no-brainer choice, but with XenServer being free I'll need to ask the Lazyweb... I googled for comparisons, all I learned is how the I/O and CPU overhead and driver efficiency are, but thee's no information about the user experience, compatibility with hardware, and so on. Before I waste a day on tests, did anyone try this themselves? The second client also wants HA, I understand the XenServer comes with the LiveMotion thingy but no HA features (that will cost you a license of Xen Essentials, a remote management machine, etc). Should I tell him to go and add a few thousand $$$ to the project or is there a reliable hack to achieve a similar effect? (VM revival on another node if its host becomess unstable/dead) any ideas and experiences welcome... -- Mongolian beefcake Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Cheap VM cluster (software, storage) ideas
related to the Citrix-vs-VMware question, in the spirit of the times... I want to create a way to host a cheap HA solution for a web hosting outfit. they are running a few pretty busy asymetric servers and want to start improving that infrastructure. each machine holds several dozens of virtual hosts. At the moment each server has its own local storage and mysql. every part is a SPOF other than the minimal RAID and such things. I'm thinking: * Move to a central non-virtual MySQL for the backend. * have two servers go P2V and have those VMs hosted back on their original hardwares (sadly this means some painful downtime), and find a way to let them crash-migrate for HA (still trying to figure this out) * Second stage, add a second MySQL in a master-master setup. I'd love to have two servers with symetrical setup, but as you can guess, the virtual hots are dozens of different apps that are too expensive to go and rewrite for clusters at this point, with the issues of user-uploaded files having to be available to both Apaches, etc. Assuming we want the cheapest reliable solution, i.e. not a $6K-20K SAN and FC, I am looking for an easier solution (easier on the pocket at least). However NFS proved to be a disaster in such cases (high-load web services), OCFS has not been nice to me with any setup other than maybe Oracle clusters, and GFS also never ran smoothly in my tests. Also OCFS and GFS require a common disk, which at this budget would be a Linux machine running an iSCSI target at best (or OpenNAS). Am I missing something? Can this kind of reliability be achieved without shelling out big bucks? Of course, The other option is just separate the MySQL, have a third machine rsync the files of the two (non virtual) servers every few minutes and have the hosting farm's layer4 switch redirect to the fallback if something happens. Not very smart nor scalable, but does 70% of what we need till a bigger investment is required. your thoughts, as before, are welcome... Thanks, Ira. -- Can't catch me yet Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Cheap VM cluster (software, storage) ideas
Quoting Ghiora Drori, from the post of Wed, 04 Mar: Hi, Amazon EC2 instances plus their EBS disks. Scalable, available, reliable (from my experience) and you can experiment for a few $'s a day. I tried to calculate the hosting costs, but was lost when I could not find the full explanation on how to calculate some of the parameters Amazon asked. Also it seemed the move to the EC2 would force me to use S3 and that was a deal breaker. this EBS feature is something I missed from the stroll in their site, so I suppose it's not something they are pushing hard yet. is it production-ready? can I stick a mysql server and all and just keep it all running as-is? As for hosting cost calculations - is there a tool you can recommend I can run on existing servers, or just a checklist to go over, that will help me judge if my system would make the move smoothly and at what price? I see so many conflicting suggestions on Google and I don't know which to trust, and have 0 time for useless trial and error. Also, knowing this client, I think he's not too happy about shooting his precious core business machines over the net to be hosted out of reach. It may be a psychological thing, but I can sympathize :-) On Wed, Mar 4, 2009 at 11:06 AM, Ira Abramov lists-linux...@ira.abramov.org wrote: related to the Citrix-vs-VMware question, in the spirit of the times... I want to create a way to host a cheap HA solution for a web hosting outfit. they are running a few pretty busy asymetric servers and want to start improving that infrastructure. each machine holds several dozens of virtual hosts. At the moment each server has its own local storage and mysql. every part is a SPOF other than the minimal RAID and such things. I'm thinking: * Move to a central non-virtual MySQL for the backend. * have two servers go P2V and have those VMs hosted back on their original hardwares (sadly this means some painful downtime), and find a way to let them crash-migrate for HA (still trying to figure this out) * Second stage, add a second MySQL in a master-master setup. I'd love to have two servers with symetrical setup, but as you can guess, the virtual hots are dozens of different apps that are too expensive to go and rewrite for clusters at this point, with the issues of user-uploaded files having to be available to both Apaches, etc. Assuming we want the cheapest reliable solution, i.e. not a $6K-20K SAN and FC, I am looking for an easier solution (easier on the pocket at least). However NFS proved to be a disaster in such cases (high-load web services), OCFS has not been nice to me with any setup other than maybe Oracle clusters, and GFS also never ran smoothly in my tests. Also OCFS and GFS require a common disk, which at this budget would be a Linux machine running an iSCSI target at best (or OpenNAS). Am I missing something? Can this kind of reliability be achieved without shelling out big bucks? Of course, The other option is just separate the MySQL, have a third machine rsync the files of the two (non virtual) servers every few minutes and have the hosting farm's layer4 switch redirect to the fallback if something happens. Not very smart nor scalable, but does 70% of what we need till a bigger investment is required. your thoughts, as before, are welcome... Thanks, Ira. -- Can't catch me yet Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Constant change is here to stay! ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- An out of body experiance Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Citrix vs. VMware, Users' experience?
Quoting Lior Okman, from the post of Wed, 04 Mar: Ira Abramov wrote: This is what I need for the clients. Both are good at windows, only starting out in Linux. Both need something that's not too techie and CLI to manage. ESXi has been the automatic no-brainer choice, but with XenServer being free I'll need to ask the Lazyweb... There's also Proxmox Virtual Environment ( http://pve.proxmox.com/wiki/Main_Page ) , which provide an OpenVZ and KVM hybrid solution, which a very usable web interface. A lot easier to install IMO than ESXi. Quoting Oron Peled, from the post of Wed, 04 Mar: 1. You forgot KVM. If you have modern CPU (e.g: Intel from Core-2 Duo and up or an equivalent AMD [don't remember their spec]) you can get a Free solution with pretty good performance. I've been waiting for KVM to hit the prime-time for a while, I remember Mulix told me a year ago it's Xen done the right way and it should be my first step into the world of FOSS virtualizations, however I'm looking at the market, and it seems between EC2 and Academic grids - I see Xen has become the de-facto standard for now. I may love playing with it on my own servers, but I'm much more conservative in what I offer clients. I don't want them left with a system only 10 people in the country know how to handle if excrement occurs. However, I admit Qumranet's SolidICE sounds pretty sweet on paper. Anyone using it in production? their site is not very detailed, there's no trial version that I can find from either them or from RHAT. Also, So far all posts and articles I saw comparing hypervisors picked Citrix against VMware, occasionally mentioning M$. None give KVM/Qumranet, OpenVZ and the rest even the tiniest mention. know anyone using it in production at least, and are they professionally happy with it? thanks, Ira. -- A choose-your-own-adventure Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: SanDisk Cruzer micro 8Gb and Ubuntu, GNU/Linux
Quoting Amichai Rotman, from the post of Tue, 17 Feb: I didn't know it is possible to remove the U3 system and that is why I refrain from buying the Cruzer hardware. I don't use it or plan to use it, so I will follow Shahar's advice and remove the U3 system. the U3 controller is a cute concept, you can resize the partitions making the devices if you have access to the API but they are keeping that a secret. however the U3 software is lame. Lexar is not much better. (both are Israeli develpments, btw.) If the autoplay bothers you then do like me, just turn off the autoplay feature for all plugable devices (google for the right registry key) half a year ago I upgraded from a 4G Lexar to a 16G contour because they were the fastest around at the time I bought them, I also own two older 4G cruzer micros, which I now use for MP3 in my car, it has no problem ignoring the cd device and playing my podcasts and music just fine. also I have never encountered any GNU, Mac or Win machine that hated any of my DoKs. don't own an 8GB though, but 16GB is a-OK. -- For a freaky time call Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: How You Can Help the Tel Aviv Open Source Club
Quoting e2xbegqsdyt21hfc, from the post of Mon, 16 Feb: Didn't you meant to say that you are tired of the poor results and low return of your many efforts? Are we now allowing both noobs AND trolls? nobody sent me the memo. -- Sith Lord Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: How You Can Help the Tel Aviv Open Source Club
Quoting Shlomi Fish, from the post of Tue, 17 Feb: We have a Google Calendar. Search for Google Calendar on I know, I've been subscribed to it for a while. I'm not on FB and won't be on it for the near future, so that's not a good option for advertising to me. Facebook is not the only way to learn of upcoming Telux activities. that's a good thing :-) lower expectations (and buy less cookies) Good idea. Yup, my diet already lost me over 10kg... -- Shadow on the wall Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Linux spam on wikipedia.
Quoting Ira Abramov, from the post of Sun, 15 Feb: If anyone asks you about Jaya, The Linux Group, Miky Barzilay or the little community conference he's organizing, just give them a heads up. It may be a legitimate, professional business, but the guy practices dirty marketing, so he's got a black point in my book. My mistake everyone. false alarm. It's the good old linux-israel.net site with a new design. -- Thanking and leaving Yeruham Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: How You Can Help the Tel Aviv Open Source Club
Quoting Shlomi Fish, from the post of Mon, 16 Feb: Please don't take it so hard. It's just normal artifact of a club meeting that requires no RSVP. Maybe. But I've noticed a gradual dwindling in the number of Telux attendees in the past months, and it makes me unhappy. Well, I can tell you that my favorite channel for event updates these days is an ical subscription to my Google Calendar. that way I can see it in my calendar, get a (free!) SMS reminder before the event and/or an Email to remind me a few hours or days before it (no need for mailing list) or as RSS (no need for you to feed me). However, since Google is starting to irk me lately, that may change in favor of T-bird+lightning (I haven't tested how it handles ical subscriptions) I'm not on FB and won't be on it for the near future, so that's not a good option for advertising to me. requiring people to RSVP probably won't work. Can't require, but you can always ask, so see if ANYONE is intending to come. if more than 5 reply, you know you are good. if none reply you may still get 5-10 people showing up, but you will know when you can lower expectations (and buy less cookies) I realise there are fluctuations. But like I said we've been on a negative trend. Now you know how I felt back in 2000... -- Boy genious Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Debian Lenny release party
Quoting Yehoshua (Shay) O'Hayon Suchar, from the post of Sun, 15 Feb: and we are going to meet for a little celebration at around 8.30-9pm in a cafe/bar called Lenny's in tel aviv Well, this is a very short notice. I didn't see any announcement about it until today which is the day of that event. right, we are quite spontaneous:) then how about Thursday? I'll celebrate after my server finishes the upgrade and reboots without a glitch. deal? :-) uma:~# uptime 22:12:33 up 521 days, 8:21, 3 users, load average: 1.99, 1.78, 1.99 yup, time to start the upgrade, I'll go tak to my partner :-) -- Your hetero life mate Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Linux spam on wikipedia.
FYI and FWIMC, I just removed two links from the Hebrew Wikipedia article Linux that pointed to a little consultancy firm called Jaya who seems to be all into SAP and hates RHAT for some odd reason. The website seems two weeks old, based on the Forum entries. Times are tough, competition is fearce, but spamming is not an option. If anyone asks you about Jaya, The Linux Group, Miky Barzilay or the little community conference he's organizing, just give them a heads up. It may be a legitimate, professional business, but the guy practices dirty marketing, so he's got a black point in my book. BTW, his links box hints he's cooperating with Hamakor, What'sup, Penguin, IGLU and others. umm -- Barman! Double shot of Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Bank Leumi site finally works from Linux
Quoting Yuval Hager, from the post of Wed, 11 Feb: I was happily amazed to find out that the new revamped site of Bank Leumi fully works using Opera on Linux. I also tested FF, and it seems to work fine too (including viewing cheques images, graphs etc.). So long IE in Crossover, and thanks for all the sites :) too late for me, I left them 5-6 years ago (website was only 10-20% of the reason), though they did leave access open for an older, undocumented version that still worked with gecko browsers. my Otzar Hayal account (oddly via the Po'alim's website) is imperfect but ok. Lately I also saw that Orange and Clalit work well on FF. I guess mobile Internet browsers had an impact where Linux hadn't any... at least it's fixed! (read - viewable, usable, but probably not standards-compliant still) slowly moving to a better stage in the life of the Israeli web. maybe IE8 will give the final needed jolt when Israelis start using it in a year or two... -- The man with no name Ira Abramov http://ira.abramov.org/email/ signature.asc Description: Digital signature ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Standards compliance in Doar Israel
Quoting Dotan Cohen, from the post of Sun, 08 Feb: I have to send a document to Doar Israel. I plan on sending it in .odt format. Is there a law in Israel, such as there is in many European countries, that states that Israeli agencies must accept standards-compliant formats such as odf? Am I being a menuval by sending in this format? not evil, not silly, just quixotic, and self-defeating (you WILL have to resend it). RTF is sorta-kinda mid-way between de-facto and de-jure standrd. not as proprietary as DOC, but not as esoteric (and unrecognized by gov't) as ODT. One day maybe, soon I hope, but not yet. -- Former mouseketeer Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Identifying linux-il messages
Quoting Shachar Shemesh, from the post of Sun, 08 Feb: Personally, I have no objection to putting the matter up for a vote again. open, anonymous poll on some website? works for me. let's count the methods to consider, and vote on each. I say multiple choice, because some people are accomodating :-) Have Ely enforce it by: * reply-to * tag the subject * use the mutt-supported headers * hack the list server to allow any of the above as a personal setting for each subscriber (why is it not a built-in feature?!) * let each reader pick his way. I am sure most people would be annoyed by most of the above, and since this list IS mostly about the hacks and kluges of life with FOSS - I do my own filtering and suggest you do the same. Here are some ideas: * Sub, post and reply with a unique address (like I do, but it may not be conveniant with some mail clients) * qmail allows dash extensions and filters easely * postfix, sendmail (with switch), Gmail and others alow plus extensions * Filter on list headers, TO or CC headers, or envelope sender regex. (not an option with many clients) * Ob: Social hacking - start adding XIL or [XIL] to every post and reply here, and see if it catches on, forcing the listmaster to add it permanently :-) (I filter on envelope recipient and headers, and I remove subject tags with SED once they are ready to be delivered to the mbox (to save terminal realestate), knowing the list server will add them again to my posts) Yay text filters :-) -- The Grepmaster, Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Identifying linux-il messages
Quoting Shachar Shemesh, from the post of Wed, 11 Feb: I'm not sure what those mutt supported headers are. In mutt, I mapped r to reply, and L for reply to list. the L option overrides reply-to, btw, which is cool. Behavior is set by the muttrc and certain headers more here: http://www.mutt.org/doc/manual/manual-4.html#ss4.8 http://www.ietf.org/proceedings/98dec/I-D/draft-ietf-drums-mail-followup-to-00.txt http://cr.yp.to/proto/replyto.html Also google for: * reply to list * header Mail-Reply-To * header Mail-Followup-To Supported in EZ-mlm since (I think) day 1, and apparently it's now supported directly and via extensions in Evolution, Thunderbird and maybe others. However, unsupported (not even scriptable, I think) in Gmail without Gmail labs' intervention. (I have a long list of ideas for those guys, I'll add it in) Anyway, I've given some thought to the why is it not a built-in feature question. I think the reply-to field was deemed too dangerous yeah, yeah, I hate it too. I meant, why are the preferences of headers, subject tags et cetera not available as personal settings. the subject munging is meaningless to perform on a per-subscriber basis, as it will get right back when people hit reply. Indeed. to support this, mailman should remove the tag before processing a post and add it back when the post is sent to the subscribers. the obvious problem is WHERE to add the tag back. add it at the beginning and you break thread detection in clients. add it at the end, and some mail clients will chop it off if the subject is too long, and screw up thread detection again. have Mailman follow the thread to do the smart thing and you have a whole new can of worms... bla...@#$% ok, forget it. headers is the way. metadata is always better than guessing games. * Ob: Social hacking - start adding XIL or [XIL] to every post and reply here, and see if it catches on, forcing the listmaster to add it permanently :-) Of course, once you suggest that, you also have to take into account the possibility that people will NOT catch on to this. Would you then say that it would force the yay-sayers to accept its absence? :-) naturally I take it into account. I said see if it catches on suggesting it may not. -- The heart of the matter Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Bank Leumi site finally works from Linux
Quoting Gilboa Davara, from the post of Wed, 11 Feb: On Wed, 2009-02-11 at 13:27 +0200, Yuval Hager wrote: I was happily amazed to find out that the new revamped site of Bank Leumi fully works using Opera on Linux. I also tested FF, and it seems to work fine too (including viewing cheques images, graphs etc.). So long IE in Crossover, and thanks for all the sites :) I must have asked them about 10,000 times and almost gave up hope. Now I can finally remove ies4linux! I think we should send them a really fancy letter with a few dozen signatures, saying thanks for finally fixing it. I'm not cynical. they got nags and negative rap from us all the years, they need to get appreciation too. Newspaper reporters and people who bump into FOSS zealots in Ynet talkbacks usually (understandably) see us as a bunch of complaining elitist techno-snobs. I say we should show our other side and give some kudos once in a while when someone does the RIGHT thing. (In other words, they think we are Hammas, we need to show them we are not even Fatah, maybe Hadash at worst :-) Even if it's late and partial, we can send them positive remarks for congratulating them on how far they've come instead of only (or first) complaining about what still needs to be done. So how about if a bunch of us write Leumi some thank you notes, or send them a big fancy Thank you kind of thing with 30 signatures, so they can frame and hang on their wall, and later we could get companies to get their sites corrected and we better rap in the press. We can even join hands the some computer usability SIG or ISOC, ILA or some adult computer literacy NGO that was helped by this. We should try to try and make it a bigger, more impressive gesture. Is it corny? - sure, CEOs love corny... Is it a bit kitch and looks a little out of integrity? - Could be, but the long-term benefits are effective dialogs with the next businesses that run broken sites. - Ideally, In time, such endoresment might be actually catch on, and since Hamakor won't be selling them for kickbacks, companies will actually have to fix sites to get one :-) Anyone cares to take this further? Ori Idan, are you doing any PR of this kind today? Ira. (and, as if often does, my random sig pulls out a bull's eye :-) -- Service with a Smile Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Bank Leumi site finally works from Linux
Quoting Oren Held, from the post of Thu, 12 Feb: (can't send SMS, can't read perut sichot on orange-bill). See what they wrote me a few weeks ago: http://israeliweb.blogli.co.il/archives/19 well, I didn't test it thoroughly... 2. Clalit doesn't work, it's been discussed here on the list only a few days ago. Even the Contact Us link on the login page fails. (https://e- services.clalit.org.il/login/main.aspx) Did I imagine it? I could awear it worked two weeks ago... I'll try again. Anyway, the point is my previews reply to the thread. Nighty night! -- We can work it out. Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Bank Leumi site finally works from Linux
Quoting Ira Abramov, from the post of Thu, 12 Feb: 2. Clalit doesn't work, it's been discussed here on the list only a few days ago. Even the Contact Us link on the login page fails. (https://e- services.clalit.org.il/login/main.aspx) Did I imagine it? I could awear it worked two weeks ago... I'll try again. very strange, this error message is a new one for me :-) the main frame in that page: Redirect Loop Firefox has detected that the server is redirecting the request for this address in a way that will never complete. The browser has stopped trying to retrieve the requested item. The site is redirecting the request in a way that will never complete. And write us opens a new tab to http://www.clalit.org.il/HE-IL/contactus and I get 404. hmm... Question: if a website crashes in the middle of the night and there are no support people to roll in the crash cart, will anyone hear it play C:\WINNT\Media\Windows 2003 Critical Stop.wav to call the nurse, or does it wait till morning for the doctors' rounds? -- Court-appointed penguin Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Overzealous RBL blocks entire bezeqint range.
Quoting Noam Rathaus, from the post of Tue, 10 Feb: Ira, We had a thread exactly about this subject on the 24th of July 2008 :) Sorry, I didn't bother searching every archive before posting... And the outcome was nothing, so don't spend too much effort on trying to convince people that UCEPROTECT is good or bad, as people either love them I won't try to convince anyone, I'm stating a fact: if you use uceprotect, you will find 20%-35% of all Israeli internet users and hosted servers can't mail you, and it WILL hurt your business, and will annoy your friends. You can do with that info whatver you choose to do... -- Sore winner Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Uptime vs. security (was: [offtopic] Government and technology)
Quoting Shlomi Fish, from the post of Sat, 07 Feb: On Friday 06 February 2009 23:42:54 Ira Abramov wrote: 23:40:21 up 512 days, 9:49, 2 users, load average: 0.89, 0.83, 1.11 That's a nice uptime. However, weren't there any newer kernels released since with important security updates? Won't that potentially jeopardise your system? So far I believe all the fixes were to local exploits (of which I'm less worried) and maybe once to a remote exploit when using a feature which I do not. I am hoping Lenny becomes stable soon, though it could have been cool to have a 550 day uptime :-) Shlomi Fish (who is using Mandriva Cooker on his home machine, which recommends rebooting for every upgrade of the kernel, glibc or dbus, etc. I haven't used Mandrivel in years, and the Microsoft doctorine is ok for home stations I suppose.. and who is shutting down the computer at night anyway, to save on electricity.) Not really an option on a hosted, busy webserver... however, ideally at home I would either hibernate or use the power and CPU cycles for good, like installing BOINC and have it look for HIV cures and useful proteins. All you have left to worry about are spinning disks, which I hope will be affordably exchangable with SSD within 4-5 years. If you are worried about such issues like unsustainable technologies, I suggest you look into the platform of Hayeruka-Meimad, I'm trying to help relevant agendas and solutions into bills. Yom Tov, Ira. -- Not the mama Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: [offtopic] Government and technology
Quoting sara fink, from the post of Sat, 07 Feb: HI Ira Who is the party? What subjects you raised with them? What distro you are interested to install and what laws you intend to propose them? Hi, sorry for the delay in replies, it's ben a crazy time these last few weeks :-) As some of you are bloggers and some are not, And since this is getting off-topic as well, I'll try to be brief, and link to the full info on other sites: Technology must-haves in platforms: http://hayeruka-meimad.org.il/technology Story behind it: http://www.2jk.org/praxis/?p=1813 Why Social-democratic votes are important: http://www.2jk.org/praxis/?p=1866 They say bloggers are early adopters...http://www.aplaton.co.il/story_513 (my own post on this will be online a little later today) Basically, for me Open Source is not just a cool tech toy. I use the term Free Software as part of the wider picture of individual freedoms and sustainability. If those things are dear to you as a proponent of freedom, if you are appaled like me by the idea of an Israeli DMCA, communications' censorship, tomorrow is the once-in-3-years you get to change something. I drafted some basic pragmatic proposals regarding the role of technology in the continuing problems caused by the lack of clearly defined speech and privacy rights in Israel, the digital devide, the social devides, and crumbling of the educational system, and of course the stopping of the Biometric DB law, among other issues. I found people that I could talk to and get excited about the ideas, and they are happy to cooperate. Participatory democracy at work! This is what Free Software is about, after all. http://en.wikipedia.org/wiki/Participatory_democracy If any of this bugs you, you know why you absolutely have to go out tomorrow and vote for a Social-Democratic Ticket. It doesn't have to be the far left, I talked to at least 4-5 people who voted Likud and Liberman and will be voting Yeruka-Meimad this time. I hope whatever you do, you can take a few minutes to consider what's really at stake, and read their platform. If you want to discuss this forther, I'll be talking to Sara and the others who responded off-list, so please write me off-list if you want to join in. Thanks, Ira. -- Ira Abramov http://ira.abramov.org/blog/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: OFFTOPIC: Re: Hebrew spam: what to do about it?
Quoting Aviram Jenik, from the post of Mon, 09 Feb: On Sunday 08 February 2009 23:42:54 b...@rymland.com wrote: The only down side is that in small claims you have to file and appear yourself, without a lawyer. This is basically the reason I haven't done Agreed. The only reason I wrote what I did is to let you know the legal opinion that I've heard: You can't 'outsource' it. For many people, though, 1,000 NIS is worth a day off from work (not to mention the satisfaction). I'm sure there's something we can do to centralize the filings and get all the money donated for a good cause. We just need an unemployed volunteer who would do it for a 15% cut :-) We may be crappy Jews who give away knowledge and software, but if we dig back in our genes, I'm sure we can find a solution :-) That's an interesting project for ISOC+Hamakor to collaborate on, and for all the new unemployed software people to tackle... getting payed for fighting Email annoyances? Super... I can supply you with proof and logs about how my server is keeling over, and spamassassin taking precious CPU cycles from Apache each time there's a spam attack. this is measurable damage that can even raise the claims. plus if enough people join a lawsuit, it can be taken to a higher court, and save us the personal presence in court. Anyone here got an unemployed law graduate friend who will work for a cut of the winnings? It's a win-win situation :) -- Your I-ching reading Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Overzealous RBL blocks entire bezeqint range.
Attention Shay O'Hayon and anyone else using UCEPROTECT's RBL: about a quarter or a third of Israel's users, those using dialups or mail servers on the Bezeqint network are blocked from mailing you. from their site: What means listed at UCEPROTECT-Level 3? GAME OVER. We and our users have seen enough spam and heared all possible excusions why some lazy providers think to be not responsible for what their customers are doing. apparetly they are blocking all 1180160 IP addresses of the ISP because this last week they sent 5789 (0.491 %) spam mails. I wonder if even that is not 20% false positives... As much as I hate spam, I think this RBL is a tiny bit out of sync with the universal definition of sane. oddly, Shay's server also rejected mail I sent him from Gmail, and with even less information on WHY. I suggest you pick other RBLs that are maintained by anyone over the age of 15 at the very least. Email me when you have fixed this. thanks! Ira. -- Owner of a lownly heart Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[offtopic] Government and technology
Howdie people! This is not directly connected to FOSS, but it's something many of you may be worried about like me. I have recently helped one party add a technology chapter to their platform, not before I made sure they understand the issues and their importance. In fact they liked some of the ideas I raised so much I might be sitting down with them to prepare a bill or two on the matter, and start moving this forward to make a few laws that will protect the citizens on Israel from rights' violations, make the government more accountable and transparent, reform the education system and on the way maybe solve a few other things. Free Software is ofcourse a part of the infrastructures proposed. I'm looking for a few proactive people to help me out with reviews and ideas, please reply off list if you care to jump in! Oh, and just so this remains slightly on-topic, I am enjoying the nice, round number of uptime days on my server, so I'll share it with you: 23:40:21 up 512 days, 9:49, 2 users, load average: 0.89, 0.83, 1.11 (it's the curse and the blessing of working with Debian stable :-) Thanks in advance, Ira. -- King of the house Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[OFF] Wordcamp in 10 days, need your help!
Although not tied directly to this list, I hope many of you will find it interesting andqor may be able to help: Wordpress is coming up in 10 days. If you haven't registered, I suggest you head to the programme page and check it out, and maybe register as well: http://2008.wordcamp.co.il/schedule/ Please note this is organized by volunteers and they could use your help in spreading the word. Also, at the moment they are a few laptops short (7 to be precise) for the lecture halls as well as the registration stand at the entrance. If you can lend them your laptop for a day, or know of a company willing to lend/rent a few laptops for the day, they would be very happy to know. please contact n_springbank (at) yahoo.com if you can help! See you there! Ira. -- First in a series Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[JOB/CLIENT SEARCHING] I'm up for grabs
div topic=off I'll make it brief, more details here: http://ira.abramov.org/blog/2008/10/29/looking-for-a-job/ If you don't know me: I've been doing IT for over 14 years now. most of it on GNU/Linux systems and FOSS, but I prefer working with people rather than boxes: consulting, planning, teaching, organizing. On my way to switch careers, but I still need income in my old IT profession till I successfully make the switch I want. Need my services as a freelancer/consultant or an employee? Let's help eachother. Thanks, Ira. /div -- The X Factor Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Spamassassin is gragging my server down to its knees
Quoting Oren Held, from the post of Mon, 28 Jul: Few quick tips: - Try to see what is the filter which kills your CPU, maybe it's unnecessary? how can I profile that? - Use the RAZOR2 filter, PYZOR, DCC those slow down the process by a lot, and too many messages get stuck in the queue. last time I used that I started losing legit mail because remote SMTP servers kept timing out from all the load. (to clarify - with the simscan setup, remote side don't get an SMTP OK on the message before it's cheecked for virii and spam, which means they get a 5XX error message instead of a good session reply, which is excellent for some of the problems (you can't send spammers bounces), but not when the sender is a zombie that doesn't care about failures and doesn't report them back) - Use bayes filter (teach sa using sa-learn) I do use it, it may actually be one of the bits that slows the system down... I might have to take the tests to near-line, i.e. refuse only to RBLed mail like today, and accept otherwise potentially spam to be checked later, at the mailbox level and not SMTP. it's much more of a headache to set up in Qmail though, and I don't like it. -- A total mindjob Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Spamassassin is gragging my server down to its knees
Quoting Henry Ficher, from the post of Mon, 28 Jul: Hi Ira, 1. Run spamassassin --lint -D and check for problems. --lint coes out fine. -D spewes way too much. what am I looking for? the only things resembling errors are: dbg: metadata: failed to load 'IP::Country::Fast', skipping (lots of merged duplicate rules during initial parse) seems OK to me. 2. Are you doing RBL checks within spamassassin? You shouldn't. Have your MTA do the checks instead. of course I don't, I turned off all non-local tests as they slowed down the checks to a halt. the MTA runs rblsmtpd though, and does a check before qmail-smtpd is even run. 3. Are you using a cacheing nameserver? yes, and the RBL stage is not the heavy bit, it's the spamd process which is way after it down the chain. 4. See this link: http://wiki.apache.org/spamassassin/FasterPerformance I went over it in the past, I'll go check again if any new advice came up. What I really think I'll be forced to do is buy spam filtering services from a third party and free my CPU for web. I'll start looking. -- Yellow supremacist Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Spamassassin is gragging my server down to its knees
ever since 9am sharp, my server has jumped to a load average of 5-6 and is steady up there. I niced spamassassin but it's not much use, the LAMP is still slow, which means the websites on the server are extremely slow as it is. I stopped the Apache and MySQL and the load does not drop. Spam has finally hit the big time I suppose. If spamassassin was doing the perfect job done by Google, I'd shut up, but it doesn't. it still leaves lots of false negatives in my box, and what's worse is, it takes such a long time to scan each mail, that legal ones fail and retry and end up arriving 2-3 times, or even 10. this is becoming very unworkable. Unless I find a better solution, I'll have to consider moving about 15 mail domains out to other hosts (And I am not too keen about google apps) I use spamd and clamav as daemons, triggered by simscan for qmail, and the quad-core Xeon is sweating like a pig. if anyone has any ideas, I'd love to hear them... -- What the world needs now Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [JOB] Junior SA at Modu Mobile
Quoting Ira Abramov, from the post of Sun, 22 Jun: The VLSI group at Modu Mobile (Atir Yeda, Kfar Saba) needs a sysadmin for their group. it's a small setup but is expected to grow. knowledge of NFS+NIS a must support for windows users using Cvnc to use the CentOS machines some perl and shell scripting (sadly tcsh at the moment) Condor batch manager. Seriously? nobody? Are sysadmins that hard to find these days? I'll go search linkedin... -- Tons of fun Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[JOB] Junior SA at Modu Mobile
The VLSI group at Modu Mobile (Atir Yeda, Kfar Saba) needs a sysadmin for their group. it's a small setup but is expected to grow. knowledge of NFS+NIS a must support for windows users using Cvnc to use the CentOS machines some perl and shell scripting (sadly tcsh at the moment) Condor batch manager. spare CPU cycles of the person's head will be lended to the windows IT team, you have been warned :-) If this bothers you, see if they are happy with hiring half-time :-) I think that sums is basically for now, though job description may extend with time, of course. they are growing at inconcievable rates. please send your resumes to Barak.Barda (at) modumobile.com -- In just a few moments you will witness Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Finding which type of FS a DVD has
Quoting Lior Kaplan, from the post of Mon, 16 Jun: dd if=/dev/hdc of=myfs.iso bs=10k count=1 $ file myfs.iso myfs.iso: , 44.1 kHz, Stereo any ideas ? well, highly irregular, but cdrecord lets you do stupid things if you screw up the commandline, maybe someone wrote a WAV file directly when they were trying to burn music? try playing this in xmms or something, see if it is really audio. basically, I think it lets you burn any file without checking if it's a legal iso or UDF image. that way you can eurn even a read-only ext2fs on a cd, though it's probably a very bad idea :) -- The breakfast of champions Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[JOB] tiny emergency - RHEL not booting up at an office in Haifa
Teatraot Yisrael are having an emergency with a server getting stuck during boot. I think it's RHEL, but it's been years since i installed it. They are in downtown Haifa and I have no way of reaching them at short notice. anyone wants to help them fix it? please call their IT guy at 054-4462-530. Tak, Ira. -- A familiar face in a strange land Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
SIP gateway providers in Israel?
A friend of mine is moving abroad, and wanted to keep in cheap contact with his friends and fanily in Israel. He tried talking me into installing Asterisk at my home for him to be able to do that, but I don't want to diving into the maintenance of more equipment and software (though he was more than willing to donate all the hardware needed, etc). Question is, if there's an Israeli company that provides Packet8 or Vonage-like service with an Israeli local line and number? or maybe one of you who would be willing to accept his equipment to host a PBX for such uses, in exchange for using it yourself as well? -- Unplanned pregnancy Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: SIP gateway providers in Israel?
Quoting Geoffrey S. Mendelson, from the post of Sun, 15 Jun: Their packages are slanted twoard U.S./Anglo olim customers with the basic packages offering tiers of calling to the U.S. They do offer a deluxe package with incoming U.S. and Israeli numbers, and (reasonably) unlimited calls to the U.S./Canada and a few other countries including Israeli land lines. that usually means a phone in israel recieving and making calls as if it's connectd to the US PSTN. I'm trying to have that with a phone in Hong Kong, making local calls and receiving local calls in Israel. Basically your Oleh service but for yordim :-) Today I also learned from GBY this is called DID which is an annoying TLA to search for, since it's such a common english word, but that's life. -- Twentieth century fox Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[JOB] Trinity needs Kernel/Drivers people
Hi people, Trinity Software took over MontaVista Linux representation in Israel a few months ago and their project portfolio is bursting. they are looking for more kernel hackers, and especially driver experts for the embedded system projects they deliver. So send your resumes to gil (at) trinity.co.il :) Shabat Shalom, Ira. -- SpamBot collectors' item Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
NetworkManager
Quoting Hetz Ben Hamo, from the post of Tue, 03 Jun: Ira, Network Manager is going to be the new default networking configuration application accross the board: SuSE (SLES), RHEL 6, Ubuntu, and Mandriva (if I'm not mistaken). Not sure about the next stable version of Debian though.. then where is the documentation? config files? CLI? some nice intro to know what I'm facing? -- A surprise in every box of Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: QoS question
Quoting sara fink, from the post of Tue, 03 Jun: So, if they do it on the docsis channels, what exactly they do? And, how this influences the end user? it means the IP channel is locked to 1500/500 or 7000/700 or whatever the speed you are paying Hot for. nothing to do with the ISP, who may be running other trafic shapers (and only Bezekint are claiming that they don't. The rest are definitely running stuff to limit you, and in the case of 012, they have been caught rewriting actual bitorrent packets to ruin your speeds, among other tricks) -- Evil from the 8th dimension Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Debian still generated bad ssh keys
Quoting Amos Shapira, from the post of Sat, 07 Jun: But can you mark a package as nothing depends on it, but I want it around (lower-case m in aptitude) vs. keep it around as long as something needs it, but remove it when it's no longer needed by anything else (upper-case M in aptitude)? I don't know. I never looked for that feature (nor did I know it in aptitude) so I go aptitude -m liblala to mark it you say? I tried aptitude --help and it's not mentioned. It's markauto (capital M in the interactive interface) and unmarkauto (lower case m in the interactive interdface). Just found this from aptitude --help. ahh... but here I thought we were comparing the CLIs of aptitude and apt-get. So I can't give more plausible explanations. 30 seconds sounds closer to my experience. Anyone knows what this slow Writing extendad state stage is? and I agree about it being unecessarily verbose: uma:~# time aptitude markauto bash Reading package lists... Done Building dependency tree... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0B of archives. After unpacking 0B will be used. Writing extended state information... Done (that's the slow bit!) 'import site' failed; use -v for traceback Traceback (most recent call last): File /usr/bin/apt-listchanges, line 29, in ? import apt_pkg ImportError: No module named apt_pkg real0m40.616s user0m1.776s sys 0m5.208s also, that ImportError: No module named apt_pkg error has been happening for the last few months and I have no clue what started it. It seems like apt-listchanges is missing a python package but I donno what it is. btw: another time comparison: uma:~# time apt-get install python-apt Reading package lists... Done Building dependency tree... Done python-apt is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. real0m0.198s user0m0.192s sys 0m0.004s uma:~# time aptitude install python-apt Reading package lists... Done Building dependency tree... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0B of archives. After unpacking 0B will be used. Writing extended state information... Done 'import site' failed; use -v for traceback Traceback (most recent call last): File /usr/bin/apt-listchanges, line 29, in ? import apt_pkg ImportError: No module named apt_pkg real0m46.009s user0m1.824s sys 0m5.268s then not confirm this but can get long and tadeious. I also learned about one of the yum-utils programs which can do something similar but not being interactive means it's a lot of typing to go through everything. well, that's just one more reason I go for CentOS only if my client absolutely insists, and RHEL if they insist AND bribe me. package management is so underrated in the non-dpkg world :-( (and SuSE is the worst!) it's your funural. Ubuntu has proven to be nothing but headache to me so far. In what way was it a headache? weird defaults for workplace lans (no ssh server?!), undocumented NetworkManager behavior (if /etc/network/interfaces is empty and google is no help - how do I set up the NICs?), not working out of the box in VMware... and that weird new init procedure that I haven't started touching yet. At the time I googled around (a few months back) I could not find a transitional tutorial for all the new gadgetry. If forced, I'll learn it when it hits Debian and CentOS. I hope documentation is better these days. -- Public citizen no. 1 Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: OT: Netscape 4.61i
Quoting Tomer Cohen, from the post of Wed, 04 Jun: Hi, Long time ago, there was a Netscape browser with the version tag 4.61i. It used to be the first version with the core of Netscape Navigator to feature bidi support without funky fonts (Globes font was quite popular back than) thanks to IBM contribution and some talent people in Israel [1]. Unfortunately, there is no way to get that version today. Google search show it was linked from some kids warez sites [2] even on ISOC servers (http://www.isoc.org.il/hebrew is 404 for now). no idea why you would want it, but from here: http://wp.netscape.com/eng/intl/ Quote: Netscape 6.2.3 is still available. Bidi support (Arabic/Hebrew) is included. I got linked here: http://browser.netscape.com/releases it's 6.2.3, not 4.61, and it's the newer named Navigator (no longer communicator), but it;s the oldest I could find. any reason for this ghost chase? -- Your I-ching reading Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
protection from runaway CPU-hogging process
still at the client with the VLSI tools. Some of the users here are running heavy simulations (all userspace, almost 0 kernel time), at times a single process can hog the entire system. I have no idea how that happens, as this is a fairly modern kernel (the slightly older scheduler of RHEL4's 2.6.9) and the Cadence tools are not using lightwזight procs, so all the load is on a single core (on a quad Xeon) and yet once it starts the whole machine is choked, and I can only hit the reset. step 1: I asked them all to nice down the jobs, but they are not very happy to. I'm trying to educate them and make them use wrappers (I'm introducing condor here anyway) step2: I have set up the root's .bashrc to renice me up to -4 and so I can keep a session active for the next time this happens and at least be able to run top and kill step3: I need a monitor to alert and maybe kill or renice such processes when they pop up and drag the machine down to a halt. till I find out who the culprit is, I don't have a procname and so monit is not a good choice. any other good ideas? step4: how do I log this without overlogging? some sort of a smart process auditing daemon? I don't want to improvise with shell scripts and cron, grepping from PS, because when the excrement impacts the venta it may not be able to run (unless I hike the crond's priority to a negative nice). I need a small reliable C proggy to do the right thing. the obvious is maybe to set some ulimits on the users, but I don't want to limit heavy processes that do NOT choke the system. -- A meal best served cold Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Anti-RTL mindset is similar to anti-accessibility mindset
Quoting Dotan Cohen, from the post of Fri, 06 Jun: 2008/6/6 Ira Abramov [EMAIL PROTECTED]: Quoting Dotan Cohen, from the post of Tue, 03 Jun: decision. Maybe the ETK/GTK/Qt decision is not arbitrary, but from here it certainly seems so. don't blow it out of proportions either. it does come with GTK, just that the DEFAULT IMPLEMENTATION of the interface is not GTK. you can (and people probably have) implement it again in GTK with BiDi. You try running two toolkits at once on a 400 mHz processor with 128 MB RAM, tell me how well it runs, then we'll discuss the option. a. this was exactly my point about adding in QT support, it made no sense adding a fourth toolkit to a platform that may already be overloaded with 3. b. like I said REIMPLEMENT. the platform comes with three toolkits, but the basic apps runs on the least rich of the three (no doubt because it's the leanest). However if you live in a country that needs RTL and other features, no one is stoping you from implementing all those base apps in a different toolkit to add those fetures. In fact I have no doubt somewhere someone already started. that was you use a heavier toolkit, but can use it for everything. -- Fighting for a lost cause Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Anti-RTL mindset is similar to anti-accessibility mindset
Quoting Shachar Shemesh, from the post of Fri, 06 Jun: Ira Abramov wrote: In fact, I would not be surprised if they take over the Symbian market within a year or two as well. the iPhone will survive, but I think OpenMoko is too slow and heavy to stay afloat in the coming flood. We are trying to get someone from Google to talk about Android during August Penguin, but my main concern with it is that, at least so far, it appears like it will not be very open. It is an open platform, in the sense that anyone can write software for it. This is a great improvement over other phones, and definitely an iPhone killer, but it is not sufficient reason for me to forgo my OpneMoko hopes. well, I saw the vids and didn't dive further into it. it seems like if you stick to apps that indeed it's limiting and well behaved, as much as it would be to write an app to any J2ME phone I guess, but since Android IS GNU/Linux below it will have to come with sources and therefore allow circumvantion and reinvention of the OS for any phone that runs it, am I wrong? The only difference is that here you can't freely buy a reference hardware platform (with official support) like with OpenMoko, but need to improvise one yourself. Still, you have full access to all the firmware (like openmoko) on a richer platform (3.5G and 4G phones, no doubt). with OpenMoko you stay stuck with barely GPRS, no multitouch and other features that are quickly becoming the standard for 2009 smartphones. Also, bear in mind that all indications show that OpenMoko phones WILL be able to run Android. http://code.google.com/android/ yes, but how will they compete with the rest? just the hardware hackers? a small niche indeed. -- Bugfix release Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Debian still generated bad ssh keys
Quoting Amos Shapira, from the post of Tue, 03 Jun: On Tue, Jun 3, 2008 at 8:05 AM, Ira Abramov I have no idea where that comes from. apt-get autoremove takes care of packages that are no longer dependent upon (or is that only in sid?). But can you mark a package as nothing depends on it, but I want it around (lower-case m in aptitude) vs. keep it around as long as something needs it, but remove it when it's no longer needed by anything else (upper-case M in aptitude)? I don't know. I never looked for that feature (nor did I know it in aptitude) so I go aptitude -m liblala to mark it you say? I tried aptitude --help and it's not mentioned. I find aptitude slower to load than even YUM in fully interactive mode, I have no idea why, but nore than once I gave up on it after it takes 4-5 minutes to load on my sid, including after it finishes installing/upgrading packages. I just revert to apt-get and it has very rarely failed me. Wow - 4-5 minutes is a very long time. Something is weird on your system. have you tried strace? disk errors in dmesg? check memory consumption? Maybe cleanup the apt-get cache? I don't have slowness of anything else, so it's not my disk, and it's not happening with apt-get. specifically it's the phase where aptitude says Writing extended state information at the status line when it's Loading cache. I just clocked that at 30 seconds. this happens after it finishes an update run (u) and also when I hit go (g) and again on the way back from finishing the go action on the way back to the package selection screen, and finally again once I hit q and wait yet 30 more seconds before I get back to my shell prompt. this is a major improvement since a few weeks ago, when this Writing ext. state info stage would take it several minutes, and I'd just give up and break it with ctrl-C. but still, it's annoying as hell. I don't think the cache has anything to do with it, but I run autoclean daily, and sometimes apt-get clean if I'm short on space. Is there an interactive mode for YUM? I'd love to see it but so far when I asked about it I got use some gnome-based gui, which I'm not going to do since many of the servers are on the other side of the world and I'd generally very much rather not have X11 stuff on them. don't think there is, and don't think I'd like to have one even slower than the commandline. At least as far as I followed up to Etch, aptitude uses apt-get at its back and adds lots of intelligence in front of it, it's not just a pretty GUI and that's why it's useful on the command line as well. so why keep the apt-get commandline at all? memory consumption? apt-get's binary is 127k on etch, while aptitude is 2.6 meg. I prefer a slightly smarter apt-get over the bloated aptitude that is just too slow to be useful for me 99% of the time. But then again - I'm only up to date more or less with Etch (with very few backports), and planning to move my last Etch desktop (at work) to Ubuntu as soon as I can. it's your funural. Ubuntu has proven to be nothing but headache to me so far. -- The friendly ghost Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Anti-RTL mindset is similar to anti-accessibility mindset
Quoting Dotan Cohen, from the post of Sat, 07 Jun: You try running two toolkits at once on a 400 mHz processor with 128 MB RAM, tell me how well it runs, then we'll discuss the option. a. this was exactly my point about adding in QT support, it made no sense adding a fourth toolkit to a platform that may already be overloaded with 3. I think that Qt was one of the three, the other two being ETK and GTK. I'm not fluent in the Openmoko-verse, but I think it seems you are right, it's GtK and Qtopia. however according to this (out of date?) page, the base apps are GTK and not ETK, so which is right? http://wiki.openmoko.org/wiki/Why_Not_QT -- Karma chameleon Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
