Linux-Misc Digest #472, Volume #24 Mon, 15 May 00 01:13:02 EDT
Contents:
Re: SSL Certificates with OpenSSL/mod_ssl... ("Fr�d�ric Malenfant")
Re: sysadmin book (Paul Kimoto)
Re: Need input on developing a unified configuration program for linux (Todd Knarr)
Re: Distribution "for" CD-urning w/ IDE? ([EMAIL PROTECTED])
Re: 2 network cards: problems, but more clues! ([EMAIL PROTECTED])
Re: HELP! Mouse Double-Click Speed (Richard Vienneau)
Re: Need input on developing a unified configuration program for linux (David A.
Lethe)
Re: kudzu segmentation fault ("David ..")
Re: 2 network cards: problems, but more clues! (Arjan Drieman)
----------------------------------------------------------------------------
From: "Fr�d�ric Malenfant" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.misc,alt.os.linux,linux.redhat.install,linux.redhat
Subject: Re: SSL Certificates with OpenSSL/mod_ssl...
Date: Sun, 14 May 2000 23:53:18 -0400
if your server hosts for exemple www.firstcompany.com and
www.secondcompany.com and www.thirdcompany.com on the same server (same IP
address), all of those companies can have a different secure certificate and
use it for each company on the same server. Yes you can do that.
And, maybe this is not what you asked to me...
another case can be possible. You have only 1 certificate, and every
companies on your web server are using the same. We did that in our
company. Example, for each public_html directory, we have a directory that
redirects in a special directory in the company account that have the
certificate.
for example, the principal company is called global, and have a certificate.
/home/global/public_html is his principal directory.
And, we have 2 other companies, firstcompany and secondcompany.
So, they have their directories,
/home/firstcompany/public_html
and
/home/secondcompany/public_html.
And, in their directories, we have a redirection, like:
/home/secondcompany/public_html/secure
is redirected to
/home/global/public_html/secondcompany.
So, the certificate is registered to global, but firstcompany can use it,
but its https files seems to be in his directory, but are in the directory
of global.
And, for this to work, you have to call your URL beginning with
www.global.com/secondcompany for example, because if you try to use
www.secondcompany.com/secure it will not work because the certificate is for
global.com.
Hope this will help.
--
___________________________
Fr�d�ric Malenfant
Les Logiciels Saturne
Pont-Rouge, Qu�bec
"Tux" <[EMAIL PROTECTED]> a �crit dans le message news:
[EMAIL PROTECTED]
> "Fr�d�ric Malenfant" wrote:
>
> > > 2. If I am hosting multiple websites for different people, do I have
to
> > > have a certificate for each one of those websites, or just one for the
> > > server that I am using...???
> >
> > At our company, we are hosting a lot of .com, but the ssl certificate is
> > registered only for one company, ourcompany.com.
> >
> > So, for example, if on our web server we have a site for
www.ourclient.com,
> > when on this site we want to make a ssl connection, we redirect it to
> > www.ourcompany.com/ourclient so there we can use the SSL certificate we
> > have. We can't use it directly on www.ourclient.com, even if it is on
the
> > same web server machine.
>
> Would it be possible to set up a certificate that you can have for
different
> clients on the one server, or would you have to have different servers for
> this to be possible...????
>
> Thanks,
> Trevor...
>
------------------------------
From: [EMAIL PROTECTED] (Paul Kimoto)
Subject: Re: sysadmin book
Date: 14 May 2000 23:57:12 -0500
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>,
Dances With Crows wrote:
> Seriously, system administration is one of those things where you are
> occasionally faced with problems that you've never seen before and no one
> else has seen before. In those circumstances, your best bet will be to
> have a lot of basic knowledge in whatever OS is being used, a hefty supply
> of caffeine, a willingness to make a total fool of yourself, and a really
> good line of BS you can spout to your boss if you pooch the system beyond
> all recognition. Aileen Frisch's book is a good start nontheless.
The classic book here, though, is Nemeth, Snyder, Seebass, and Hein, Unix
system administration handbook (2nd edition 1995, Prentice-Hall). It
doesn't have any Linux-specific coverage, and (therefore) assumes that your
system comes preinstalled from the (usual commercial unix) vendor.
--
Paul Kimoto <[EMAIL PROTECTED]>
------------------------------
From: Todd Knarr <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux,comp.os.linux.development,comp.os.linux.development.apps,comp.os.linux.development.system,comp.os.linux.setup
Subject: Re: Need input on developing a unified configuration program for linux
Date: 15 May 2000 04:18:55 GMT
In comp.os.linux.development.system <[EMAIL PROTECTED]>
Mongoose <[EMAIL PROTECTED]> wrote:
> transportability would be no issue. What does everyone else think of
> this idea? Any suggestions?
I would advise you look at RedHat's 'linuxconf' Web interface and
such before starting. This is not a new idea, it has it's merits,
but it has some problems as well:
1) One needs to have a seperate configuration program for the initial
installation, when the system has not been configured sufficiently
to run the Web server needed to process your CGI scripts/modules?
2) How does one configure systems that are not running a Web server at
all?
--
Collin was right. Never give a virus a missile launcher.
-- Erk, Reality Check #8
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Distribution "for" CD-urning w/ IDE?
Date: 15 May 2000 00:03:25 -0400
I believe that Mandrake 7 does some strange auto-setup for you. When I
installed it, it set the drive up as a supermount drive in /etc/fstab which I
quickly removed and then did it by hand. I can't find a damn bit of
documentation about supermount, other than guessing that it is an automount
program and that when you go into the directory it mounts it, perhaps it
umounts it when you leave? Anyway, it did work right off the bat as scd0 and I
think that supermount also detects the drive and "insmod ide-scsi" for you,
but like I said I didn't understand and so I did it in a way that I knew what
was going on without actually trying to burn anything.
-John
ps. I hope the response is satisfactoraly wishy-washy for you... :)
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
t (JEDIDIAH) writes:
>On Sun, 14 May 2000 10:31:23 GMT, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wro
te:
>>Hi guys!
>>
>>I thought I'd throw out my old installation, RedHat 6.0, and do a
>>completely new installation with some new distribution, I don't know
>>which.
>>
>>The thing I would like some help with is the following:
>>
>>I have 2 IDE-HD (6 and 13GB) and one Sony CRX-100E CDWriter(IDE).
>>Is there any distribution that allows me to just start burn audio CD's
>>from the start or must I go through this "generic SCSI"-thing with
>>whichever I'd choose?
>>
>>If I have to, could you recommend a distribution that makes this easy
>>at the installation procedure?
>
> As of yet, none of the distros has automated this process
> to my knowledge. There's certainly no reason that they
> couldn't if they really wanted to.
>
> Sound modules were similarly "neglected" for a considerable
> amount of time before distros came out with shiny happy config
> utilities.
>
>[deletia]
>--
>
> In what language does 'open' mean 'execute the evil contents of' |||
> a document? --Les Mikesell / | \
>
> Need sane PPP docs? Try penguin.lvcm.com.
>
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.networking,comp.os.linux.setup
Subject: Re: 2 network cards: problems, but more clues!
Date: Mon, 15 May 2000 04:06:31 GMT
As a followup to my last message, and based on a suggestion by someone
else, here's what the routing tables look like BEFORE and AFTER I give
the command "route add default eth0":
BEFORE:
> route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
64.40.68.248 * 255.255.255.252 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 1 lo
> netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
64.40.68.248 0.0.0.0 255.255.255.252 U 1500 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 1500 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo
...
AFTER:
> route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
64-40-68-248.me * 255.255.255.252 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 2 lo
default * 0.0.0.0 U 0 0 4 eth0
> netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
64.40.68.248 0.0.0.0 255.255.255.252 U 1500 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 1500 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo
0.0.0.0 0.0.0.0 0.0.0.0 U 1500 0 0 eth0
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Richard Vienneau <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.questions,linux.dev.x11,linux.redhat
Subject: Re: HELP! Mouse Double-Click Speed
Date: Mon, 15 May 2000 04:32:21 GMT
I tried DoubleClickTimeout but upon starting X it complains that it is not a
valid pointer section keyword. I tried the XFree webpage for documentation
and could not find any way of changing the mouse double-click time. Thanks
anyway.
Rich
Conor Daly wrote:
> Should be an entry in the Pointers section of /etc/X11/XF86Config
>
> Something like DoubleClickTimeout
>
> --
> Conor Daly
>
> [EMAIL PROTECTED]
> Richard Vienneau wrote in message <[EMAIL PROTECTED]>...
> >How can I change the double-click speed for X windows or the KDE desktop
> >environment? I have just installed Linux on a computer used by an
> >elderly person and they cannot click fast enough to produce consistent
> >double-clicks.
> >
> >TIA!
> >
> >Rich
> >
--
Richard Vienneau
System Software Engineer
Dinamikos Technology Inc.
466 Speers Rd., 3rd Floor,
Oakville, Ontario L6K 3W9
Tel: (905) 337-9607
Fax: (905) 849-9947
------------------------------
From: [EMAIL PROTECTED] (David A. Lethe)
Crossposted-To:
comp.os.linux,comp.os.linux.development,comp.os.linux.development.apps,comp.os.linux.development.system,comp.os.linux.setup
Subject: Re: Need input on developing a unified configuration program for linux
Date: Mon, 15 May 2000 04:49:30 GMT
On Mon, 15 May 2000 01:57:58 GMT, Mongoose <[EMAIL PROTECTED]> wrote:
>Hello,
> I'm am currently developing a linux configuration program that
>will be designed to run on all distros for a college research project.
>It is to allow people to create modules for configuring different
>aspects of a linux os. Now these modules can be written in any
>language that can be executed on a system and use stdio. Now to use
>these modules I was thinking of having the modules create cgi forms
>using html. This would require the user to have a loopback connect and
>a web browser on their system, two very common and simple items for
>linux. The webrowser would load the html page, and send a cgi string
>back to the module and the module would edit the system based on the
>users input in the cgi string. Now I was wondering if most people
>agree with the idea of using a web browser for the system
>administration? I figure using html is a common way of implementing an
>interface that most people know. They wouldn't have to learn anything
>new in order to create a module for whatever they wish. Plus
>webbrowsers are available in almost every platform possible so
>transportability would be no issue. What does everyone else think of
>this idea? Any suggestions?
HTML is absolutely the way to go.
However ...
What happens if you want to change the IP number of your linux box?!!
------------------------------
From: "David .." <[EMAIL PROTECTED]>
Subject: Re: kudzu segmentation fault
Date: Sun, 14 May 2000 23:50:51 -0500
Greg Greenway wrote:
>
> Hi all,
>
> I just upgraded kernels from 2.2.14 to 2.2.15, and now everytime i run
> kudzu, the only thing it does is say "Segmentation fault" and then
> exits. I only notice this because whenever i reboot, when it gets to
> detecting new hardware, it always fails. Any ideas what is wrong? I
> configured and recompiled the new kernel to almost the same as the old
> one was. TIA.
>
> GREG
Why do you have kudzu run every time you boot the system?? It is only
needed when you add new hardware.
--
Registered with the Linux Counter. http://counter.li.org
ID # 123538
------------------------------
From: [EMAIL PROTECTED] (Arjan Drieman)
Crossposted-To: comp.os.linux.networking,comp.os.linux.setup
Subject: Re: 2 network cards: problems, but more clues!
Date: 15 May 2000 05:03:03 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 15 May 2000 03:32:46 GMT, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
>address. I planned to have eth1 as "192.168.1.1", and the other
>machines in the building as .2, .3, .4, etc. Sound good?
Sure.
>1) With eth1 installed, I've suddenly lost the ability to access the
>Internet through eth0.
> ping: sendto: Network is unreachable
> ping: wrote 216.32.74.51 64 chars, ret=-1
"Network is unreachable" usually means there's something wrong with
your routing table.
>This problem can be fixed ONLY if I manually type in "route add default
>eth0". Then it works:
> > route add default eth0
See. ;-)
Basic Knowledge - How does a routing table work?
A routing table is just that, a routing table. It tells the kernel
where to send the packets to that it wants to send. If you don't do
any weird subnetting a linux routing table should contain N+1 lines,
where N is the number of interfaces you have. You have two interfaces,
so you need 3 lines, i.e.
- One line to the subnet eth0 is on.
- One line to the subnet eth1 is on.
- One line for everything else. (aka the "default")
Let's take a look at my routing table:
Kernel IP routing table
Destination Gateway Genmask Iface
192.168.0.0 0.0.0.0 255.255.255.0 eth1
62.108.8.0 0.0.0.0 255.255.254.0 eth0
0.0.0.0 62.108.8.1 0.0.0.0 eth0
eth1 is on the subnet 192.168.0.0/24, eth0 is on 62.108.8.0/23, and
eth0 is my default gateway. S'pose I am the linux kernel and I have
a packet to send. I'd look at the first line in my routing table, and
if the destination of the packet matches the destination and mask in my
routing table, I'd send it to eth1. In this case, that's everything for
192.168.0.x. Since those hosts are on my own subnet, I don't need to
pass it on to a gateway. That's why there's 0.0.0.0 in the gateway
field.
S'pose it's not for 192.168.0.x. Then I'd look at the next line of the
routing table. That line is for 62.108.8.0/23, which is 62.108.8.x and
62.108.9.x.
S'pose it's not for 62.108.8.0/23 either... I'd just look at the next
line, which is 0.0.0.0/0.0.0.0 also known as 0/0 or "anywhere". Those
addresses, like www.amazon.com, aren't on my subnets so I just send them
to my default gateway which will know where to pass it on to.
>What's up with this? How do I fix it, other than typing in "route add
>default eth0" every time I reboot?
You place the appropriate line in the appropriate boot script. See
below. By the way, the appropriate way to define the default gateway
is
route add default gw <gateway> metric 1
I *think* that 64.40.68.249 is your default gateway, since that's the
first router you meet when you do a traceroute. So that'd make
route add default gw 64.40.68.249 metric 1
And the kernel would figure out that it's eth0 you want to talk to.
Since RH probably hides it in some configuration script you probably
won't see the actual command.
> traceroute: Warning: Multiple interfaces found; using 64.40.68.250 @
>eth0
> traceroute to 192.168.1.2 (192.168.1.2), 30 hops max, 40 byte packets
> 1 * * (here it hangs)
>
>Wait a minute - I want it to look for 192.168.1.x on *eth1* - and yet
>the first line seems to indicate that it is again using eth0. Why is
>that? How do I fix it?
No idea. Try the fixes mentioned elsewhere in this post. If that
doesn't fix this problem, post the output of netstat -rn and ifconfig as
followup to this message. It has to be a routing problem.
>/etc/conf.modules
> alias eth0 3c59x
> alias eth1 3c59x
>(these are two similar but not identical cards)
>(is there a problem since I'm NOT specifying IO/IRQ info?)
If they both show up in ifconfig alright, and they do, then there's no
problem with the irqs, io addresses or drivers.
>-------------------------------------------------------
>OUTPUT FROM netstat -r:
>Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt Iface
> 64-40-68-248.me * 255.255.255.252 U 1500 0 0 eth0
> 192.168.1.0 * 255.255.255.0 U 1500 0 0 eth1
> 127.0.0.0 * 255.0.0.0 U 3584 0 0 lo
> default * 0.0.0.0 U 1500 0 0 eth0
>#### Note that the last line only appears after
>#### I manually run "route add default eth0"
Try "netstat -rn" or "route -n". Ip addresses are more informative than
names when talking about routing tables.
>-------------------------------------------------------
>/etc/sysconfig/network
>GATEWAY= # Do I need a GATEWAY here? What?
Yes. That'll probably make the default line appear automagically at
boot time. And hopefully with the right gateway ;-) Try to stick
64.40.68.249 there, reboot (since I don't know how well re-running those
scripts work in RH), and see what you get.
You can probably re-run the script by typing "/etc/sysconfig/network"
but I'm not sure if that'll remove old junk from your routing table...
>/etc/sysconfig/network-scripts/ifcfg-eth0
>DEVICE="eth0"
>USERCTL=no
>ONBOOT="yes"
>BOOTPROTO="none"
>BROADCAST=64.40.68.255
>NETWORK=64.40.68.248
>NETMASK="255.255.255.252"
>IPADDR="64.40.68.250"
Hm let's see. Network is ip address AND netmask. We'll write the
addresses in binary form (partly, because I'm lazy) and do some
routing logic.
64.40.68.250 = 64 40 68 11111010
255.255.255.252 = 11111111.11111111.11111111.11111100
===================================================== AND
64 40 68 11111000
is 64.40.68.248, so that's right.
And let's see, the broadcast address is ip address OR inverse netmask.
netmask = 11111111.11111111.11111111.11111100
inverse netmask = 00000000.00000000.00000000.00000011
64.40.68.250 = 64 40 68 11111010
===================================================== OR
64 40 68 11111011
is 64.40.68.251, not 64.40.68.255 ... That's weird. There *is* a way
to see if your broadcast address is right, especially with small
subnets like yours.
You can ping 64.40.68.255 with your current setup. If it is NOT your
broadcast address, you'll either nothing back or a reply from 64.40.68.255.
If it *is* your broadcast address, you'll get a reply from any responding
host on the subnet (including your gateway!), e.g.:
# ping 62.108.9.255
PING 62.108.9.255 (62.108.9.255): 56 data bytes
64 bytes from 62.108.9.17: icmp_seq=0 ttl=255 time=2.9 ms
64 bytes from 62.108.6.1: icmp_seq=0 ttl=255 time=8.7 ms (DUP!)
64 bytes from 62.108.8.1: icmp_seq=0 ttl=255 time=10.0 ms (DUP!)
64 bytes from 62.108.9.17: icmp_seq=1 ttl=255 time=1.7 ms
64 bytes from 62.108.6.1: icmp_seq=1 ttl=255 time=4.4 ms (DUP!)
64 bytes from 62.108.8.1: icmp_seq=1 ttl=255 time=5.8 ms (DUP!)
Notice that I get replies from 3 hosts, notice the icmp_seq's
(sequence numbers, they just count the packets) and notice the DUP!.
That all makes sure to me that 62.108.9.255 is indeed my broadcast
address.
If you get only one reply (which is quite possible with such a small
subnet) and it's not 64.40.68.255, then it *should be* your gateway's.
>DEVICE=eth1
>BROADCAST=192.168.1.255
>NETWORK=192.168.1.0
>NETMASK=255.255.255.0
>IPADDR=192.168.1.1
That's ok for sure.
I'd think that your DSL provider uses dhcp, right? If I were you, I'd
just install/use a dhcp client like pump (which is redhat's default, i
think) or alternatevily dhcpcd or dhclient. It'd mean you wouldn't
have to mess with the routing for eth0 manually, just point the dhcp
client to eth0 and it'll get an ip address and so on from the dhcp
server.
HTH,
Arjan
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.misc) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
