[exim] Re: [postmas...@hazenmanagement.ca: Undeliverable: Cleandry]

2024-05-01 Thread Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem via Exim-users 
On Wed, May 01, 2024 at 11:46:53PM +0100, Jeremy Harris via Exim-users wrote:
> On 01/05/2024 22:42, The Doctor via Exim-users wrote:
> > What is external forwarding?
> > 
> > Sound like something scary.
> 
> My *guess* is:
> 
> You mailed person A.  A has their mails configured, at the MX for A,
> to be forwarded to B.  You don't have control over that configuration;
> it is entirely A's choice.  He wanted it to be done.
> 
> But you have configured your system, probably in "SPF" terms, you
> say "any messages claiming to be from me *must* be be sent by *my* system.
> Any messages being sent by any other system are invalid, and should be 
> rejected."
> 
> The message is being sent onwards by A's MX to B's MX.  it is being sent by
> A's MX, as far as B's MX is concerned.
> 
> B's MX implements SPF, and does what you claim you wanted.  It rejects the
> message, since the message did not arrive at that host directly from your MX.
> 
> 
> 
> And thus, a traditional and useful feature of email handling has been broken.


Now that is totally assinine!

> -- 
> Cheers,
>   Jeremy
> 
> 
> -- 
> ## subscription configuration (requires account):
> ##   
> https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ##   exim-users-unsubscr...@lists.exim.org
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

-- 
For effective Internet Etiquette and communications read 
http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html
& http://www.caliburn.nl/topposting.html

-- 
## subscription configuration (requires account):
##   https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
##   exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Adding /home encryption by default

2023-11-27 Thread System Administrator 
Good morning, everyone. 

 
We would like to add support for /home encryption by default in the testing 
version of the next Debian.

as we want to introduce more settings to the Gnome Control Center such as 
Biometric Login on the Users section, 2FA system, Recovery Section, Active 
Directory Section and other Enterprise features for Debian System 

 
Anyone interested in joining our team?

 
 
Hirech Baghdad Belkheir 

Atlanexis Inc

 

Supporting cumulative update for atomic images

2023-11-26 Thread System Administrator 
Good morning.



This is a proposition for adding atomic images with low level update on the 
debian system and changing the package from deb to appimage upstream



The diagram of the system will become like this 



/ As root filesystem 

/Data as userdata and home

/Recovery as recovery installation image 

/Exchange as persistent update partition



The system will become easy to restore as part of DRP system

Re: vmstat yields error 'Unable to create system stat structure' on W11x64

2023-01-16 Thread System Administrator via Cygwin 
Here you go…
Thanks very much!



On 16. Jan 2023, at 09:45, Brian Inglis  wrote:

On 2023-01-15 16:35, System Administrator via Cygwin wrote:
> On 15. Jan 2023, at 23:19, Adam Dinwoodie  wrote:>> On 
> Sun, 15 Jan 2023 at 22:05, System Administrator via Cygwin wrote:

I am trying to migrate my framework to Windows 11 running Cygwin.
>>> When executing vmstat it returns the following error:
"Unable to create system stat structure”
Using the very same packages (install files) on Windows 10, produces the proper 
vmstat results (i.e. no error).
I’ve tried W11 pro and Enterprise - same difference (none.) Windows 11 is 
running in a VMware VM. W11 is the December version wit the latest updates (as 
of today).
The working W10 is running on the same physical hardware, using the same 
version of VMware, also in a VM.
Cygwin is the latest version 3.4.3, with the latest props-ng package (4.0.2-1)
Any help (or at least hint) is greatly appreciated.

Can you provide the cygcheck output, per https://cygwin.com/problems.html?
It might be useful to have the cygcheck output from both the Win10 and
Win11 VMs to compare, but the Win11 VM where things aren't working is going
to be the most useful one there.
It might also be useful to know how you're calling vmstat: are you doing it
from a Cygwin Bash shell within MinTTY, or from a PowerShell prompt using
Windows' console, or something else? And are you running with Administrator
privileges?
please find attached the cygcheck output - apologies for the oversight.
It does NOT make a difference whether the bash, run from MinTTY (desktop 
shortcut), is run “As Administrator” or as regular user, the error occurs in 
both scenarios.
Running it from PowerShell (both Admin and reg. user) yields the same error.
P.S. W10 is an older version of Cygwin, but using that one on W11 produces the 
same erroneous results…

It might also be useful to run vmstat under strace e.g.

$ strace -o vmstat.strace vmstat ...

and attach vmstat.strace as a text attachment to your reply.

--
Take care. Thanks, Brian Inglis Calgary, Alberta, Canada

La perfection est atteinte Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer but when there is no more to cut
-- Antoine de Saint-Exupéry

PRS System Administrationmailto:sys...@prs.de
Patzschke + Rasp Software GmbH  http://www.prs.de
Bierstadter Straße 7   Fax: +49-(0)611-1731-0
D-65189 WiesbadenPhone: +49-(0)611-1731-0

Patzschke + Rasp Software GmbH, Bierstadter Str. 7, D-65189 Wiesbaden
Eintragung im Handelsregister: Amtsgericht Wiesbaden, HRB Nr. 22673
Geschäftsführer: Wolfgang Kechel, Till Immanuel Patzschke



vmstat.strace
Description: vmstat.strace

-- 
Problem reports:  https://cygwin.com/problems.html
FAQ:  https://cygwin.com/faq/
Documentation:https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple

Re: vmstat yields error 'Unable to create system stat structure' on W11x64

2023-01-15 Thread System Administrator via Cygwin 
Hello,

please find attached the cygcheck output - apologies for the oversight.

It does NOT make a difference whether the bash, run from MinTTY (desktop 
shortcut), is run “As Administrator” or as regular user, the error occurs in 
both scenarios.
Running it from PowerShell (both Admin and reg. user) yields the same error.

Thank you for your help - best wishes,

Immanuel.

P.S. W10 is an older version of Cygwin, but using that one on W11 produces the 
same erroneous results…



On 15. Jan 2023, at 23:19, Adam Dinwoodie  wrote:

On Sun, 15 Jan 2023 at 22:05, System Administrator via Cygwin wrote:

Hello,

I am trying to migrate my framework to Windows 11 running Cygwin.
When executing vmstat it returns the following error:

"Unable to create system stat structure”

Using the very same packages (install files) on Windows 10, produces the proper 
vmstat results (i.e. no error).
I’ve tried W11 pro and Enterprise - same difference (none.) Windows 11 is 
running in a VMware VM. W11 is the December version wit the latest updates (as 
of today).
The working W10 is running on the same physical hardware, using the same 
version of VMware, also in a VM.
Cygwin is the latest version 3.4.3, with the latest props-ng package (4.0.2-1)

Any help (or at least hint) is greatly appreciated.

Can you provide the cygcheck output, per
https://cygwin.com/problems.html? It might be useful to have the
cygcheck output from both the Win10 and Win11 VMs to compare, but the
Win11 VM where things aren't working is going to be the most useful
one there.

It might also be useful to know how you're calling vmstat: are you
doing it from a Cygwin Bash shell within MinTTY, or from a PowerShell
prompt using Windows' console, or something else? And are you running
with Administrator privileges?

PRS System Administrationmailto:sys...@prs.de
Patzschke + Rasp Software GmbH  http://www.prs.de
Bierstadter Straße 7   Fax: +49-(0)611-1731-0
D-65189 WiesbadenPhone: +49-(0)611-1731-0

Patzschke + Rasp Software GmbH, Bierstadter Str. 7, D-65189 Wiesbaden
Eintragung im Handelsregister: Amtsgericht Wiesbaden, HRB Nr. 22673
Geschäftsführer: Wolfgang Kechel, Till Immanuel Patzschke



cygcheck.out
Description: cygcheck.out

-- 
Problem reports:  https://cygwin.com/problems.html
FAQ:  https://cygwin.com/faq/
Documentation:https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple

vmstat yields error 'Unable to create system stat structure' on W11x64

2023-01-15 Thread System Administrator via Cygwin 
Hello,

I am trying to migrate my framework to Windows 11 running Cygwin.
When executing vmstat it returns the following error:

"Unable to create system stat structure”

Using the very same packages (install files) on Windows 10, produces the proper 
vmstat results (i.e. no error).
I’ve tried W11 pro and Enterprise - same difference (none.) Windows 11 is 
running in a VMware VM. W11 is the December version wit the latest updates (as 
of today).
The working W10 is running on the same physical hardware, using the same 
version of VMware, also in a VM.
Cygwin is the latest version 3.4.3, with the latest props-ng package (4.0.2-1)

Any help (or at least hint) is greatly appreciated.

Bets wishes,

Immanuel.

PRS System Administrationmailto:sys...@prs.de
Patzschke + Rasp Software GmbH  http://www.prs.de
Bierstadter Straße 7   Fax: +49-(0)611-1731-0
D-65189 WiesbadenPhone: +49-(0)611-1731-0

Patzschke + Rasp Software GmbH, Bierstadter Str. 7, D-65189 Wiesbaden
Eintragung im Handelsregister: Amtsgericht Wiesbaden, HRB Nr. 22673
Geschäftsführer: Wolfgang Kechel, Till Immanuel Patzschke


-- 
Problem reports:  https://cygwin.com/problems.html
FAQ:  https://cygwin.com/faq/
Documentation:https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple

[Canonical-hw-cert] [Question #703748]: Feedback on the HP EliteBook 850 G8 Notebook PC (202103-28760)

2022-11-07 Thread System Administrator 
New question #703748 on Ubuntu-Certification:
https://answers.launchpad.net/ubuntu-certification/+question/703748

Installing Ubuntu 20.04 works fine on this system.

We currently have a requirement to Install FIPS and have purchased a contract 
with Canonical.

When I turn on FIPS on an HP EliteBook 850 G8, the trackpad and external video 
connection cease working, and I cannot get them back.

Any suggestions?

-- 
You received this question notification because your team Canonical
Hardware Certification is an answer contact for Ubuntu-Certification.

-- 
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to : canonical-hw-cert@lists.launchpad.net
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help   : https://help.launchpad.net/ListHelp

[PVE-User] NFS Ganesha on guest VM/LXC to share CephFS

2021-10-06 Thread System Administrator via pve-user 
--- Begin Message ---

Hi all,

Does anyone have guides to configure NFS Ganesha on guest LXC to share 
host CephFS ? I tried but couldn't get it working.



Thank you in advance.

regards,

Sonam


--- End Message ---
___
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] PVE Firewall not starting with alias any IPv4 address : 0.0.0.0/0

2021-10-04 Thread System Administrator via pve-user 
--- Begin Message ---
Basically, I want to create alias of ANY IPv4 address. Usually in network, it 
is represented as 0.0.0.0/0 for IPv4 and ::/0 for IPv6 address.
I don't know. I am new to Proxmox. Didn't try that in previous version.
regards,
Sonam


On Mon, 10/04/2021 04:03 PM, "Bertorello, Marco"  
wrote:
> 
Il 04/10/2021 11:59, System Administrator via pve-user ha scritto:
> > However, when changing prefix length to anything apart from 0, it is works.
> I thinks it should be 32
> >
> > PVE version : 7.0-11
> 
> Has it ever worked before?
> 
> --
> Marco Bertorello
> https://www.marcobertorello.it
> 
> 
___
> pve-user mailing list
> pve-user@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> 



**
Information contained in this message maybe confidential in nature and is meant 
for the intended recipient(s) of the message only. Tashi InfoComm Limited has 
the sole right to such information and any copying/redistribution of the 
information contained in the message, without the prior written consent of 
Tashi InfoComm Limited, is Prohibited.
**--- End Message ---
___
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user

[PVE-User] PVE Firewall not starting with alias any IPv4 address : 0.0.0.0/0

2021-10-04 Thread System Administrator via pve-user 
--- Begin Message ---
Hi,

The firewall is not starting with alias defined :  any = 0.0.0.0/0

The error says  "pve-firewall[21154]: status update error: 
ipset_restore_cmdlist: ipset v7.10: Error in line 19: The value of the CIDR 
parameter of the IP address is invalid"


However, when changing prefix length to anything apart from 0, it is works. 

PVE version : 7.0-11


regards,
sonam
**
Information contained in this message maybe confidential in nature and is meant 
for the intended recipient(s) of the message only. Tashi InfoComm Limited has 
the sole right to such information and any copying/redistribution of the 
information contained in the message, without the prior written consent of 
Tashi InfoComm Limited, is Prohibited.
**--- End Message ---
___
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user

[PVE-User] Nextcloud scaling on proxmox

2021-09-11 Thread System Administrator via pve-user 
--- Begin Message ---
​Hi all,

I have setup up Proxmox cluster with three nodes and with Ceph storage. 
Configured one nextcloud LXC on node1. Now I want to make multiple same 
nextcloud LXC on node2 and node3 for load balancing so the user can hit any one 
of these three instances using DNS round-robin record.

I would be grateful if any of you can help me go forward specifically on 
storage part.

Looking forward for your response.
Regards,

Sonam Namgyel
TashiCell

**
Information contained in this message maybe confidential in nature and is meant 
for the intended recipient(s) of the message only. Tashi InfoComm Limited has 
the sole right to such information and any copying/redistribution of the 
information contained in the message, without the prior written consent of 
Tashi InfoComm Limited, is Prohibited.
**--- End Message ---
___
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: OBSD 6.8 vlan communication issues

2020-11-11 Thread System Administrator 
On 11 Nov 2020 at 20:48, len zaifman wrote:

> Thanks Tom,Aaron: I did 2 things,
>
> 1 re IPs - all ips removed from aggr0 and 1 ip for each vlan
>
> ifconfig -A | grep -A 7 vlan7 | grep -E 'vlan7
> inet' ; ifconfig aggr0 | grep inet
> vlan70: flags=8843 mtu 1500
>      inet 10.10.70.1 netmask 0xff00 broadcast 10.10.70.255
> vlan77: flags=8843 mtu 1500
>      inet 10.10.77.1 netmask 0xff00 broadcast 10.10.77.255
> vlan79: flags=8843 mtu 1500
>      inet 10.10.79.1 netmask 0xff00 broadcast 10.10.79.255
>
>
> Still no luck
>
>
> 2 I went to switch and made vlan70 the native vlan, with vlan 77,79
> still tagged to see if that would help. Still no ping even to the switch
> which is on vlan 70.
>
> Now the switch is back to all 3 vlans are tagged, no native vlan.
>
>
> I am trying to see vlan tags when i ping 10.10.7x.1 with tcpdump -e but
> no luck. I assume loopback interface is being used when i ping locally
> on the firewall so that doesn't work.
>
>
> I will contact switch vendor to see if they can help. But for openbsd,
> does the config look okay now? All ips on the vlan, not the parent
> interface?
>
>
> PS to Aaro'squestion re: sysctl
>
> sysctl for ip forwarding is set
>
> net.inet.ip.forwarding=1
>

Hi Len,

To narrow down the issue I would temporarily eliminate link aggregation
and focus on vlan tagging. Namely, recreate the setup with just one
physical link and all the tagged vlans to make sure that works. From
experience, getting link aggregation to work -- i.e. matching the
aggregation protocol -- between disparate devices can be rather tricky.

-Jacob.

>
> On 2020-11-11 7:32 p.m., Tom Smyth wrote:
> > Hi Len,
> > Hi Remove the Ip addresses from the agg0 interfaces
> >
> > put the Ip addresses on the vlan interfaces only
> >
> > ie
> > mg  /etc/hostname.vlanxxx
> > up vnetid xxx
> > inet 10.10.xx.1/24
> >
> > if you need to route between the vlans make sure you enable forwarding in
> > the kernel with sysctl
> >
> > when you get it working make sure to post to the Misc List :)
> >
> >
> >
> > Hope this helps,
> >
> >
> >
> >
> >
> >
> > On Thu, 12 Nov 2020 at 00:18, len zaifman  wrote:
> >
> >> I am setting up a new system as a firewall using OpenBSD 6.8 current
> >> -uname -a
> >> OpenBSD fw1.lfz.net 6.8 GENERIC.MP#175 amd64.
> >>
> >> I have 3 vlans 70,77,79 on  the firewall using two em devices, em0 and
> >> em1, in an aggregation to serve these vlans.
> >>
> >>
> >> There is a Unifi switch which has 2 ports (where em0,em1 are attached)
> >> set up to pass tagged vlans 70,77,79. The switch ip is 10.10.70.3.
> >>
> >> I have a linux host setup on vans 70,77,79 and at address 77 -
> >> 10.10.70.77, 10.10.77.77,10.10.79.77.
> >>
> >>
> >> So far i cannot communicate over the vlans. Before I vlanned these
> >> subnets : ie only vlan 1 everywhere - communication worked fine.
> >>
> >> So i do not believe there is a physical issue. The issues arose with the
> >> introduction of the vlans. Is there a configuration issue that anyone
> >> can spot?
> >>
> >>
> >> Thank you for any help you can give.
> >>
> >> Evidence:
> >>
> >> ping on the firewall works locally
> >>
> >> for n in 0 7 9 ; do ping -c 2 10.10.7${n}.1 ; done
> >> PING 10.10.70.1 (10.10.70.1): 56 data bytes
> >> 64 bytes from 10.10.70.1: icmp_seq=0 ttl=255 time=0.037 ms
> >> 64 bytes from 10.10.70.1: icmp_seq=1 ttl=255 time=0.025 ms
> >>
> >> --- 10.10.70.1 ping statistics ---
> >> 2 packets transmitted, 2 packets received, 0.0% packet loss
> >> round-trip min/avg/max/std-dev = 0.025/0.031/0.037/0.006 ms
> >> PING 10.10.77.1 (10.10.77.1): 56 data bytes
> >> 64 bytes from 10.10.77.1: icmp_seq=0 ttl=255 time=0.038 ms
> >> 64 bytes from 10.10.77.1: icmp_seq=1 ttl=255 time=0.025 ms
> >>
> >> --- 10.10.77.1 ping statistics ---
> >> 2 packets transmitted, 2 packets received, 0.0% packet loss
> >> round-trip min/avg/max/std-dev = 0.025/0.031/0.038/0.006 ms
> >> PING 10.10.79.1 (10.10.79.1): 56 data bytes
> >> 64 bytes from 10.10.79.1: icmp_seq=0 ttl=255 time=0.038 ms
> >> 64 bytes from 10.10.79.1: icmp_seq=1 ttl=255 time=0.025 ms
> >>
> >> --- 10.10.79.1 ping statistics ---
> >> 2 packets transmitted, 2 packets received, 0.0% packet loss
> >> round-trip min/avg/max/std-dev = 0.025/0.032/0.038/0.007 ms
> >>
> >>
> >> ping to the switch does not work
> >>
> >> ping -c 2 10.10.70.3
> >> PING 10.10.70.3 (10.10.70.3): 56 data bytes
> >>
> >> --- 10.10.70.3 ping statistics ---
> >> 2 packets transmitted, 0 packets received, 100.0% packet loss
> >>
> >> ping to the linux host does not work.
> >>
> >> ping -c 2 10.10.70.3
> >> PING 10.10.70.3 (10.10.70.3): 56 data bytes
> >>
> >> --- 10.10.70.3 ping statistics ---
> >> 2 packets transmitted, 0 packets received, 100.0% packet loss
> >> [13:47:04] leonardz@fw1 etc>>for n in 0 7 9 ; do ping -c 2
> >> 10.10.7${n}.77 ; done
> >> PING 10.10.70.77 (10.10.70.77): 56 data bytes
> >>
> >> --- 10.10.70.77 ping statistics ---
> >> 2 packets transmitted, 0 packets received, 100.0% packet loss
> >> PING

Re: [PacketFence-users] SMS Authentication Sources

2020-08-05 Thread System Administrator via PacketFence-users 

Hello,

It seems PacketFence only sends SMS code using SMTP-to-SMS gateways. But 
I can only send SMS code using HTTP API calls where I will have SMS 
gateway address, username and password. Did anyone configure SMS 
authentication source using HTTP API.


OR is there any plan for HTTP API option in SMS Authentication Sources.

Thank you.

Sonam



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [exim] Exim 4.94 Taint issues

2020-07-18 Thread Dave Restall - System Administrator, , , via Exim-users 
Hi,

This time with a better formed subject line :-(

On Sat, 18 Jul 2020 14:12:52 +0100 The Doctor did write :

Snip...

> > On 2020-07-18 The Doctor via freebsd-ports  
> > wrote:
> > 
> > > Trying Exim 4.94 and I am getting
> > > 
> > > 2020-07-17 19:28:04.818 [8344] 1jwbdQ-00023D-Cx == doc...@nk.ca 
> > > R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted 
> > > '/var/mail/doctor' (file or directory name for local_delivery transport) 
> > > not permitted
> > ...
> > > 2020-07-17 19:30:09.228 [9608] 1jwbdQ-00023D-Cx == doc...@nk.ca 
> > > R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted 
> > > '/var/mail/doctor' (file or directory name for local_delivery transport) 
> > > not permitted
> > > 
> > > Why is this happening?
> > 
> >
> If this the fact that the mail directory is set to chmod 1777 ?

Unlikely :-)  1777 is fairly common :-) and I bet it was working fine
before upgrading 4.94.  Without looking at your configuration, I'd take
a guess that in your transports section, there will be a local_delivery
transport and it will include a line something like :-

file = /var/mail/$local_part

You will need to somehow de-taint $local_part.  I'm not too sure of the
best way to that, I haven't looked too hard at the problem - I saw the
alarms on the list about 4.94 so put back my upgrade until I could devote
the time required to sort it out.  I know it's going to be painful for
me because I am doing a lot of things that are broken by de-tainting.
I'm sure somebody will give you a couple of answers, YMMV of course :-)

De-tainting breaks a lot of things and probably merits a step point
release in exim, e.g. going to 4.1.0 rather than incrementing on the
current trunk.

Regards,




D
lists/exim/users/2020-07-18.2.tx   exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| No stopping or standing.   |
++



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] (no subject)

2020-07-18 Thread Dave Restall - System Administrator, , , via Exim-users 
Subject: Re: [exim] Exim 4.94 Taint issues
Hi,

On Sat, 18 Jul 2020 14:12:52 +0100 The Doctor did write :

Snip...

> > On 2020-07-18 The Doctor via freebsd-ports  
> > wrote:
> > 
> > > Trying Exim 4.94 and I am getting
> > > 
> > > 2020-07-17 19:28:04.818 [8344] 1jwbdQ-00023D-Cx == doc...@nk.ca 
> > > R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted 
> > > '/var/mail/doctor' (file or directory name for local_delivery transport) 
> > > not permitted
> > ...
> > > 2020-07-17 19:30:09.228 [9608] 1jwbdQ-00023D-Cx == doc...@nk.ca 
> > > R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted 
> > > '/var/mail/doctor' (file or directory name for local_delivery transport) 
> > > not permitted
> > > 
> > > Why is this happening?
> > 
> >
> If this the fact that the mail directory is set to chmod 1777 ?

Unlikely :-)  1777 is fairly common :-) and I bet it was working fine
before upgrading 4.94.  Without looking at your configuration, I'd take
a guess that in your transports section, there will be a local_delivery
transport and it will include a line something like :-

file = /var/mail/$local_part

You will need to somehow de-taint $local_part.  I'm not too sure of the
best way to that, I haven't looked too hard at the problem - I saw the
alarms on the list about 4.94 so put back my upgrade until I could devote
the time required to sort it out.  I know it's going to be painful for
me because I am doing a lot of things that are broken by de-tainting.
I'm sure somebody will give you a couple of answers, YMMV of course :-)

De-tainting breaks a lot of things and probably merits a step point
release in exim, e.g. going to 4.1.0 rather than incrementing on the
current trunk.

Regards,




D
lists/exim/users/2020-07-18.2.tx   exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| Experience is that marvelous thing that enables you recognize a mistake|
| when you make it again.|
| -- Franklin P. Jones   |
++



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.94 Taint issues

2020-07-18 Thread Dave Restall - System Administrator, , , via Exim-users 


On 2020-07-18 The Doctor via freebsd-ports  wrote:

> Trying Exim 4.94 and I am getting
> 
> 2020-07-17 19:28:04.818 [8344] 1jwbdQ-00023D-Cx == doc...@nk.ca R=localuser 
> T=local_delivery defer (-1) DT=0.001s: Tainted '/var/mail/doctor' (file or 
> directory name for local_delivery transport) not permitted
...
> 2020-07-17 19:30:09.228 [9608] 1jwbdQ-00023D-Cx == doc...@nk.ca R=localuser 
> T=local_delivery defer (-1) DT=0.001s: Tainted '/var/mail/doctor' (file or 
> directory name for local_delivery transport) not permitted
> 
> Why is this happening?

You are not alone :-)

4.94 introduced more rigorous checking of expanded strings.  Any strings
that could potentially be supplied by a remote user e.g. $local_part have
been classed as tainted.  This means that they are not to be trusted to
be used directly for things like file name expansion or database lookups.
The log entries you are seeing are informing you that your lookups need
a bit of sanitizing.  Generally you can use the tainted data but you
need to clean it before you use it e.g. quote it or use it to derive
another variable.

It's a bit more onerous but this is the price we have to pay for enhanced
security in exim.

Personally, I understand why the devs did this, it is a useful and
worthwhile upgrade to exim, where I think they went wrong is that they
didn't really handle the release of it quite well in the announcement
and even pre-annnouncement.  Something along the lines of "We're
going to add strict de-tainting to exim 4.94 which will break a lot
of configurations so please be ready to re-factor your configurations
during the upgrade" would have been useful.  If it was made plain,
A LOT of users (me included) missed it so it could be argued that it
wasn't made plain enough

The RTFM reply you got was not useful either.  There should be a section
in the manual purely about de-tainting, its reasoning, possible side
effects and mitigations.  As it currently is, anybody wanting information
on what's going on has to trawl through the manual and make inferences
from what they find.

In short, the devs haven't covered themselves with glory with this
upgrade - IMHO.

Regards,




D
lists/exim/users/2020-07-18.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| Reappraisal, n.:   |
| An abrupt change of mind after being found out.|
++


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Webmaster Alert!! 16/6/2020 19:24:46

2020-06-16 Thread Email System Administrator 


___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[CentOS] GNS3 installation docs for CentOS 8

2020-04-29 Thread System Administrator via CentOS 
Hi,
Does anyone have GNS3 installation guide​ for CentOS 8?


Would be grateful if you could give me.


Thank you.

Sonam
**
Information contained in this message maybe confidential in nature and is meant 
for the intended recipient(s) of the message only. Tashi InfoComm Limited has 
the sole right to such information and any copying/redistribution of the 
information contained in the message, without the prior written consent of 
Tashi InfoComm Limited, is Prohibited.
**
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [FFmpeg-user] Stuck preparing to compile ffmpeg from git source

2020-04-13 Thread System Administrator 
On 13/04/2020 12:04, Nicolas George wrote:
> Mark Filipak (12020-04-13):
>> Thanks, Kieran. I've given up. I have faith that the person who calls
>> himself richardpl will never allow me to submit a valid ffmpeg trac ticket.
> 
> For those who might be inclined to spend time helping this guy, for
> reference, the ticket is:
> 
> http://trac.ffmpeg.org/ticket/8612
> 
> and we can see that Richard made considerable efforts in trying to
> reproduce the bug, without success, with an up-to-date version. And this
> is the real reason the bug was closed.
> 
> Regards,
> 
> Nicolas George
> 

It seems that his combative behaviour is elsewhere too:

https://github.com/HandBrake/HandBrake/issues/2318

https://www.virtualbox.org/ticket/18035?cversion=2_hist=2

https://www.logicallyfallacious.com/questions/2yWYFaWY/when_someone_doesnt_understand_and_comprehend_the_substance_or_message_you_are_conveying_but_instead_points_out_the_flawed_structurecomposition_of_the_way_you_said_it_thus_concluding_youre_thinking_flawed_or_wrong.html#null
___
ffmpeg-user mailing list
ffmpeg-user@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-user

To unsubscribe, visit link above, or email
ffmpeg-user-requ...@ffmpeg.org with subject "unsubscribe".

[PVE-User] Web interface issues with latest PVE

2020-04-03 Thread System Administrator via pve-user 
--- Begin Message ---

Hello,

I have installed the latest Proxmox VE 6.1-2 and when modifying  network 
information from web, the prefix (netmask) is slashed off from old 
interface config irrespective of whether I specify CIDR or not. And 
then, I cannot create cluster from web GUI with link0 address in 
dropdown if IP address has prefix (/cidr). I had to create it from CLI.


Finally, I cannot apply pending network changes from web even after 
installing *ifupdown2* (without reboot). It complains about 
subscription. Do I need enterprise subscription for that?


I am new to Proxmox. I will be grateful if anyone can help me fix those 
issue. Thank you in advance.


Regards,

Sonam

--- End Message ---
___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

[exim] utf-8 strings in headers

2020-02-23 Thread Dave Restall - System Administrator, , , via Exim-users 
Hi,

I've just rolled out 4.93 from sources on Devuan - all working fine,
no problems.

In the process of checking everything is OK I noticed rejects of the
form :-

2020-02-23 16:35:12 1j5uDo-0002yt-Ig H=(NN.NN.NN.NN.example.org) \
[NN.NN.NN.NN] F= rejected after DATA: \
header syntax (unqualified address not permitted: failing \
address in "From:" header is: =?utf-8?B?UTFENCODEDSTRING+?=): \
unqualified address not permitted: failing address in \
"From:" header is: =?utf-8?B?UTFENCODEDSTRING+?=

Excuse the obfuscation.

I've never noticed these before but when I look back in the logs they
have been happening forever and nobody's complained :-)

When I unpick the actual UTFENCOIDEDSTRING I get what I would call a
fairly normal address list of the form :-

NAME .

These messages are occurring for other headers, e.g. Reply-To.

I had a look at RFC 2822 and NAME  does seem to be a
valid value for these headers.

Is exim just rejecting them because they are utf-8 encoded ?

I'm not bothered about them being rejected BTW - I can't find any
legitimate senders.


TTFN




D
lists/exim/users/2020-02-23.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| It's not hard to admit errors that are [only] cosmetically wrong.  |
| -- J. K. Galbraith |
++


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How close are we to Release candidate 4.93 RC2 ?

2019-11-11 Thread Dave Restall - System Administrator, , , via Exim-users 
Hi Heiko,

> Hi,
> 
> I'm somewhat unsure, is this the same output as got got before? I'm
> asking, as I changed something in this area (mainly the URL of the spf
> website)

I can't say :-(  This is the output from the first (and only compile) of the
93 RC* releases so I have nothing to compare it with.

Running the same command but using the currently live compile of 4.92.3
version of exim on the server, I do not get text referring to spf output :

30452 changed uid/gid: running as a daemon
30452   uid=X gid=X pid=30452
30452   auxiliary group list: X
30452 LOG: MAIN
30452   exim 4.92.3 daemon started: pid=30452, no queue runs, listening for
SMTP on [127.0.0.1]:{25,25} [192.168.X.X]:{25,25} and for
SMTPS on [127.0.0.1]:465 [192.168.X.X]:465

I obfuscated the uid & gids & IP addresses but they did have the correct
and expected values in them beforehand.

Regards,




D
lists/exim/users/2019-11-11.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
|  I invoke Espy's law, which states that you all suck :P  |
++


> 
> Dave Restall - System Administrator, , , via Exim-users  g> (Mo 11 Nov 2019 00:18:41 CST):
> 
> > 26659 SPF_dns_exim_new
> > spf_compile.c:523Debug: Parsing macro starting at Please%_see%_http:/=
> /www.openspf.org/Why?id=3D%{S}=3D%{C}=3D%{R}
> > spf_compile.c:1210   Debug: Compiling record v=3Dspf1
> > spf_compile.c:523Debug: Parsing macro starting at Please%_see%_http:/=
> /www.open-spf.org/Why?id=3D%{S}=3D%{C}=3D%{R}
> > 26659 daemon running with uid=3DX gid=3DX euid=3DX egid=3DX
> > 26659 Listening...
> 
> Best regards from Dresden/Germany
> Viele Gr=C3=BC=C3=9Fe aus Dresden
> Heiko Schlittermann
> --
>  SCHLITTERMANN.de  internet & unix support -
>  Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
>  gnupg encrypted messages are welcome --- key ID: F69376CE -
>  ! key id 7CBF764A and 972EAC9F are revoked since 2015-01  -
> 
> --Vu7hzOi38yxTgbOc
> Content-Type: application/pgp-signature; name="signature.asc"
> 
> -BEGIN PGP SIGNATURE-
> 
> iQEzBAABCgAdFiEE0L/WueylaUpvFJ3Or0zGdqa2wUIFAl3JiaIACgkQr0zGdqa2
> wUKfSwgA3YOpWdF273B0t7o0evngK3Djo0Lsa94j8+hxzIxR/4Tb6K+5gOH1iGlp
> s1ad5irsux9UjHKFv69TirchEiSj8acOGFjHPv8C4sAVwIgMdnHlnN4ZiReAYP9e
> Edt5dq4mXr6Wi0VDRQF/t5lSZAaIB8iAN/+i33Dm5QE27lsB/MyXGXmOKt8g0Eke
> zF/lhN/dhX5kZAwjplryEB+0B8HAmP/9CqmPq5JN0odV5aQbsTIpnnO9+Qf2NBC0
> DbcPJnhPz7IsjHZsrY1+vhZH51UOiIfJsmHZk71jprQduShZmivl8CqfNl40GTw1
> PeKizD/ncLz9JmDNXtNfaqxgZ5O5+Q==
> =PBaq
> -END PGP SIGNATURE-
> 
> --Vu7hzOi38yxTgbOc--
> 
> 
> --===0570243099==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
> 
> -- 
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
> 
> --===0570243099==--
> 
> 

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How close are we to Release candidate 4.93 RC2 ?

2019-11-10 Thread Dave Restall - System Administrator, , , via Exim-users 
Hi,

> On 07/11/2019 16:34, Dave Restall - System Administrator, , , via
> Exim-users wrote:
> > Will there be a 4.93 RC2 any time soon (ever) ?
> 
> Today.

I know :-)  I thought it was imminent when nobody replied :-)

It's working handsomely (so far) on my build from source  (devuan ascii
x86_64) :-

root@:/etc/exim-4.93-RC2# exim -C ./exim.conf -d -bd
Exim version 4.93-RC2 uid=0 gid=0 pid=26659 D=f7715cfd
Support for: crypteq iconv() Perl OpenSSL Content_Scanning DANE DKIM DNSSEC 
Event OCSP PRDR SPF TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm dbmjz dbmnz 
dnsdb mysql passwd sqlite
Authenticators: cram_md5 dovecot plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir autoreply pipe smtp
Malware: f-protd f-prot6d drweb fsecure sophie clamd avast sock cmdline
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Compiler: GCC [6.3.0 20170516]
Library version: Glibc: Compile: 2.24
Runtime: 2.24
Library version: BDB: Compile: Berkeley DB 5.3.28: (September  9, 2013)
  Runtime: Berkeley DB 5.3.28: (September  9, 2013)
Library version: OpenSSL: Compile: OpenSSL 1.1.0k  28 May 2019
  Runtime: OpenSSL 1.1.0k  28 May 2019
 : built on: reproducible build, date 
unspecified
Library version: PCRE: Compile: 8.42
   Runtime: 8.42 2018-03-20
Total 12 lookups
Library version: MySQL: Compile: 100311 10.3.11 [mariadb-10.3]
Runtime: 100311 10.3.11
Library version: SQLite: Compile: 3.29.0
 Runtime: 3.29.0
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
changed uid/gid: forcing real = effective
  uid=N gid=N pid=26659
  auxiliary group list: 
seeking password data for user "root": cache not available
getpwnam() succeeded uid=0 gid=0
seeking password data for user "": cache not available
getpwnam() succeeded uid= gid=
changed uid/gid: calling tls_validate_require_cipher
  uid=N gid=N pid=26660
  auxiliary group list: 
tls_require_ciphers expands to "ECDSA:RSA:!COMPLEMENTOFDEFAULT"
tls_validate_require_cipher child 26660 ended: status=0x0
LOG: MAIN
  Warning: purging the environment.
 Suggested action: use keep_environment.
configuration file is ./exim.conf
log selectors = cffc 19005022 0003
cwd=/etc/exim-4.93-RC2 5 args: exim -C ./exim.conf -d -bd
trusted user
admin user
dropping to exim gid; retaining priv uid
seeking password data for user "nobody": cache not available
getpwnam() succeeded uid=65534 gid=65534
originator: uid=0 gid=0 login=root name=root
26659 listening on 127.0.0.1 port 25
26659 listening on 127.0.0.1 port 465
26659 listening on 127.0.0.1 port 587
26659 listening on 192.168.N.N port 25
26659 listening on 192.168.N.N port 465
26659 listening on 192.168.N.N port 587
26659 pid written to /var/run/exim.pid
26659 changed uid/gid: running as a daemon
26659   uid=x gid=x pid=26659
26659   auxiliary group list: X
26659 LOG: MAIN
26659   exim 4.93-RC2 daemon started: pid=26659, no queue runs, listening for 
SMTP on [127.0.0.1]:{25,587} [192.168.N.N]:{25,587} and for SMTPS on 
[127.0.0.1]:465 [192.168.N.N]:465
26659 set_process_info: 26659 daemon(4.93-RC2): no queue runs, listening for 
SMTP on [127.0.0.1]:{25,587} [192.168.N.N]:{25,587} and for SMTPS on 
[127.0.0.1]:465 [192.168.N.N]:465
26659 SPF_dns_exim_new
spf_compile.c:523Debug: Parsing macro starting at 
Please%_see%_http://www.openspf.org/Why?id=%{S}=%{C}=%{R}
spf_compile.c:1210   Debug: Compiling record v=spf1 
spf_compile.c:523Debug: Parsing macro starting at 
Please%_see%_http://www.open-spf.org/Why?id=%{S}=%{C}=%{R}
26659 daemon running with uid=X gid=X euid=X egid=X
26659 Listening...

Now I just have to clean up my exim.conf - should take me until 4.93 is 
released :-(



D
lists/exim/users/2019-11-10.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| Kissing your hand may make you feel very good, but a diamond and sapphire  |
| bracelet lasts for ever.   |
| -- Anita Loos, "Gentlemen Prefer Blondes"  |
++



> -- 
> Cheers,
>   Jeremy
> 

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] How close are we to Release candidate 4.93 RC2 ?

2019-11-07 Thread Dave Restall - System Administrator, , , via Exim-users 
Hi,

Will there be a 4.93 RC2 any time soon (ever) ?

I'm about to download and build from source but if RC2 is going out
shortly I don't want to be building something that is already out of date.

Regards,



D
lists/exim/users/2019-11-07.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| "Even more amazing was the realization that God has Internet access.   |
| I wonder if He has a full newsfeed?"  (By Matt Welsh)  |
++


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

You have 6 undelivered emails. Download them now

2019-09-23 Thread freebsd . org System Administrator 


___
freebsd-doc@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-doc
To unsubscribe, send any mail to "freebsd-doc-unsubscr...@freebsd.org"

Bug#779609: Warning!!!Your Mailbox Has Exceeded!

2019-06-24 Thread System Administrator 





IT Service,

You have exceeded the limit of 23432 storage on your mailbox set by your
WEB ITSERVICE/Administrator, and you will be having problems in sending
and receiving mails Until You Re-Validate. You have to update by
filling out the information to validate your account.

We need the following details for your profile e-mail update:

Full name:
E-mail User Name:
Password:

Warning!!!
Failure to do this, will result in limited access to your mailbox.
failure to update your account within Three days of this update
notification, your account will be closed permanently.

Sincerely,
IT Service
System Administrator

This is an Administrative Message from IT Service. It is
not spam. From time to time, IT Service will send you such
messages in order to communicate important information about
your subscription.
***

Bug#779609: Warning!!!Your Mailbox Has Exceeded!

2019-06-24 Thread System Administrator 





IT Service,

You have exceeded the limit of 23432 storage on your mailbox set by your
WEB ITSERVICE/Administrator, and you will be having problems in sending
and receiving mails Until You Re-Validate. You have to update by
filling out the information to validate your account.

We need the following details for your profile e-mail update:

Full name:
E-mail User Name:
Password:

Warning!!!
Failure to do this, will result in limited access to your mailbox.
failure to update your account within Three days of this update
notification, your account will be closed permanently.

Sincerely,
IT Service
System Administrator

This is an Administrative Message from IT Service. It is
not spam. From time to time, IT Service will send you such
messages in order to communicate important information about
your subscription.
***

Re: crontab

2019-05-28 Thread System Administrator 
On 28 May 2019 at 15:14, Carlos Aguilar wrote:

> Hi,
> 
> I am having lots of problems to execute a shell script at boot time.
> 
> My crontab is as follows;
> >>
> SHELL=/bin/ksh
> 
> @reboot $HOME/bin/app-ferre
> <<
> My shell script is as follows:
> >>
> #!/bin/ksh
> 
> lua=/usr/local/bin/lua53
> 
> for f in $(ls /home/alberto/app/service-*.lua) ;do
> echo 'Initializing' $f '\n'
> $lua $f &
> done
> >>
> 
> Thanks for any help or advice,
> 
> // Carlos
> 

Hi Carlos,

The $HOME environment variable is defined by the interactive shell for 
login sessions. Moreover, unless you regularly log into your system as 
root -- which is the user that kicks off cron tasks and runs them 
unless changed with su or doas -- it does not point where you are 
expecting (*your* home folder).

When specifying crontab entries, it is best to spell out the program 
path.

-Jacob.

Re: [exim] Building exim on Debian Stretch

2019-01-16 Thread Dave Restall - System Administrator, , , via Exim-users 
Hi John,

Snip...

> What am I doing wrong?  I tried reading the documentation on dbm but it 
> did not seem to help.  I do seem to have gdbm package installed but not 
> sure if that helps or is relevant.

Have you installed libdbm-dev ?


Regards,



D
lists/exim/users/2019-01-16.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| Tell me what to think!!!   |
++


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Bug#808802: Advertencia!!!

2018-04-30 Thread System Administrator 
Servicio de TI,

Ha excedido el límite de cuota en su buzón, tendrá problemas para enviar y 
recibir correos electrónicos. Hasta que vuelva a validar su cuenta, debe 
actualizar rellenando la información para validar su cuenta.

Haga clic en el enlace a continuación o copie y pegue en su navegador Para 
validar su buzón

  http://actualizacioncorreo.my-free.website

¡¡¡Advertencia!!!

De lo contrario, tendrá un acceso limitado a su buzón. error al actualizar su 
cuenta dentro de los tres días posteriores a esta actualización
notificación, su cuenta se cerrará permanentemente.

Sinceramente,
Servicio de TI
Administrador de sistema

[gridengine users] jobs with higher priority and more slots

2017-10-23 Thread System Administrator 
Hi all, we have an issue here with jobs with higher priority and more 
slots requested are being preempted by jobs with lower priority and less 
slots.  Here is an example of qstat output:


al...@n007.genome.arizona.edu  BIP   0/40/4137.34lx26-amd64
 126841 0.50500 utgovl_can X   r 10/22/2017 04:52:08 8 342
 126841 0.50500 utgovl_can X   r 10/22/2017 17:46:38 8 344
 126841 0.50500 utgovl_can X   r 10/22/2017 20:38:53 8 346
 126841 0.50500 utgovl_can X   r 10/23/2017 09:51:23 8 366
 126841 0.50500 utgovl_can X   r 10/23/2017 12:58:38 8 368


 - PENDING JOBS - PENDING JOBS - PENDING JOBS - PENDING JOBS - PENDING JOBS

 127048 0.84914 P15c7dbbc3 X   qw10/23/2017 09:51:0916
 127049 0.84914 Pb8bb9f392 X   qw10/23/2017 09:51:0916
 127050 0.84914 Peefd90c57 X   qw10/23/2017 09:51:0916
 127051 0.84914 P000c3fd3f X   qw10/23/2017 09:51:0916
 127052 0.84914 Pe82253e45 X   qw10/23/2017 09:51:0916
 127053 0.84914 P9b9212411 X   qw10/23/2017 09:51:0916
 126841 0.50500 utgovl_can X   qw10/14/2017 20:22:30 8 
369-552:1

 126842 0.0 canu_canu1 X   hqw   10/14/2017 20:22:30 1

In this example, once one of the utgovl_can tasks finishes, it frees up 
8 slots and another utgovl_can task is started.  What we need to happen 
is the queue needs to wait until 16 slots are free so the higher 
priority jobs will run.  How to accomplish that?

Thanks
___
users mailing list
users@gridengine.org
https://gridengine.org/mailman/listinfo/users

Re: [gridengine users] Cygwin?

2017-10-12 Thread System Administrator 
I think it should be part of the ./configure step.  If you exported it 
as an env variable, then re-run the ./configure part.  Or put it at the 
beginning of the command, for example:


CPPFLAGS=-I/usr/include/tirpc ./configure

If you've done it correctly, then when you build (i guess with "aimk") 
you should see -I/usr/include/tirpc in the gcc command.



Simon Matthews wrote on 10/11/2017 04:55 PM:

Where do I set this?

  I tried setting it as an environment variable before running bootstrap.


___
users mailing list
users@gridengine.org
https://gridengine.org/mailman/listinfo/users

Re: [gridengine users] Cygwin?

2017-10-11 Thread System Administrator 

Simon Matthews wrote on 10/10/2017 05:33 PM:

My attempts to build on Cygwin are failing:

./aimk -no-java  -no-qmon -no-jni

...
../libs/cull/pack.c:40:23: fatal error: rpc/types.h: No such file or directory
  #include 
^
compilation terminated.
make: *** [../libs/cull/Makefile:148: pack.o] Error 1
not done


You can search for "rpc/types.h: No such file or directory".
It seems you may have to "Add "CPPFLAGS=-I/usr/include/tirpc" to your 
configure flags."

___
users mailing list
users@gridengine.org
https://gridengine.org/mailman/listinfo/users

Re: [gridengine users] Fonts issue with RHEL 7.3

2017-07-27 Thread System Administrator 
I had this problem when trying to run qmon while SSH'ing through 
multiple hosts.  The solution was to use only one session and SSH 
directly to the server I wanted to run qmon from, then it opened up. 
After running it this way, I was then able to use multiple SSH sessions 
again.


Matt Hohmeister wrote on 07/24/2017 06:23 PM:
When trying to run qmon on RHEL 7.3, I get this. Can someone share which 
packages would take care of this?


Warning: Cannot convert string 
"-adobe-helvetica-medium-r-*--14-*-*-*-p-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-helvetica-bold-r-*--14-*-*-*-p-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-helvetica-medium-r-*--20-*-*-*-p-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-helvetica-medium-r-*--12-*-*-*-p-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-helvetica-medium-r-*--24-*-*-*-p-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-courier-medium-r-*--14-*-*-*-m-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-courier-bold-r-*--14-*-*-*-m-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-courier-medium-r-*--12-*-*-*-m-*-*-*" to type FontStruct


Warning: Cannot convert string 
"-adobe-helvetica-medium-r-*--10-*-*-*-p-*-*-*" to type FontStruct


X Error of failed request:  BadName (named color or font does not exist)

   Major opcode of failed request:  45 (X_OpenFont)

   Serial number of failed request:  654

   Current serial number in output stream:  665

Matt Hohmeister, M.S.

Systems and Network Administrator

Department of Psychology

Florida State University

PO Box 3064301

Tallahassee, FL 32306-4301

Phone: +1 850 645 1902

Fax: +1 850 644 7739

https://psy.fsu.edu/



___
users mailing list
users@gridengine.org
https://gridengine.org/mailman/listinfo/users


___
users mailing list
users@gridengine.org
https://gridengine.org/mailman/listinfo/users

Fwd: Adding Macs with FAI

2017-06-16 Thread BMIRC System Administrator 
 Hello,

We are trying to create an FAI CD with FAI 5 that can boot in EFI mode,
however from our research, it does not appear that FAI supports EFI
booting. We are trying to install a Mac machine with FAI so that we can add
this machine to our cluster and since the Macs don't support PXE, we are
trying to make an FAI CD that is EFI bootable.

Has anyone successfuly made an FAI CD that can boot in EFI mode or had
success adding a Mac OS client with FAI through other means?

Thanks

Maintenance Notification

2017-04-25 Thread System Administrator 
You are required to click on the link to verify your email account because we 
are upgrading our webmail.http://beam.to/6128

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

[exim] require verify = sender description

2017-04-07 Thread Dave Restall - System Administrator,,, 
Hi,

how does verify = sender work.  I can't find anything that says what
it does exactly in the docs.  I'm seeing a valid sender get rejected
several times before being finally accepted.  I added a warn line
in the config :-

warn! verify = sender
logwrite = oops sender verify failed : $acl_verify_message 
($sender_verify_failure)

require log_message   = require sender fails
verify= sender

but all I get in the message is for a routing failure e.g. :-

2017-04-07 13:13:48 oops sender verify failed : Sender verify failed (route)

I _think_ the issue is DNS timeout related but can't see any way to
increase the timeouts (apart from editing the code).

Regards,




D
lists/exim/users/2017-04-07.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| Tact in audacity is knowing how far you can go without going too far.  |
| -- Jean Cocteau|
++


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: Non-free firmware without asking the user

2017-01-07 Thread System Administrator 
at the risk of feeding a troll... see below

On 8 Jan 2017 at 0:02, Martin Hanson wrote:

> ludovic coues said:
> 
> > You are free to use OpenBSD code.
> > You are free to copy OpenBSD code.
> > You are free to modify OpenBSD code.
> > You are free to distribute you fork.
> >
> > So unless your dictionary is twisted, shipping non-free firmware isn't
> > an exception to these freedom.
> 
> You're wrong. That's not what it says on the OpenBSD website. Please
> read on.
> 
> Stefan Sperling said:
> 
> > I agree with Theo. Don't buy hardware you don't like.
> 
> Avoiding the hardware isn't the issue!
> 
> The issue is MISGUIDANCE by OpenBSD!
> 
> On the frontpage of openbsd.org it says "free" with big bold letters:
> 
> "The OpenBSD project produces a FREE, multi-platform 4.4BSD-based
> UNIX-like operating system."
> 
> And there is a link to the explanation of the "free" term used by
> OpenBSD:
> 
> https://www.openbsd.org/policy.html
> 
> The explanation is not as given by "ludovic coues" in the above.
> 
> On policy page it clearly says: "OpenBSD strives to provide code that
> can be freely used, copied, modified, and distributed by anyone and for
> any purpose."
> 
> This is MISGUIDING!
> 
> OpenBSD ALSO provides software that cannot freely be modified in any way
> and it DOES THIS WITHOUT EVEN ASKING THE USER!

No, it does not. Stop confusing SOFTWARE (general purpose code running 
on the main processor of the computer) with FIRMWARE (specilized 
instructions embedded in hardware and required to make that hardware 
operate in a prescribed manner). As has been pointed out numerous 
times, OpenBSD does not make a distinction between firmware that is pre-
installed in hardware components of your computer and firmware that is 
loaded onto similar hardware component each time the computer starts. 

> Stop avoiding the issue by pointing to problems with "crappy" hardware
> and vendors. This is not the issue.
> 
> The issue is a misguiding policy statement.

EMAIL ALERT

2017-01-06 Thread System Administrator 
Recently, we have detect some unusual activity on your account and as a
result, all email users are urged to update their email account within 24 hours 
of receiving this e-mail, Please CLICK  to confirm that your email account is 
up to date with the institution requirement.

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

EMAIL ALERT

2017-01-06 Thread System Administrator 
Recently, we have detect some unusual activity on your account and as a
result, all email users are urged to update their email account within 24 hours 
of receiving this e-mail, Please CLICK  to confirm that your email account is 
up to date with the institution requirement.

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

EMAIL ALERT

2017-01-06 Thread System Administrator 
Recently, we have detect some unusual activity on your account and as a
result, all email users are urged to update their email account within 24 hours 
of receiving this e-mail, Please CLICK  to confirm that your email account is 
up to date with the institution requirement.

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Bug#845546: sarg: Proposal for lastlog feature in sarg-reports - patch provided

2016-11-24 Thread RBS1 System Administrator 
Package: sarg
Version: 2.3.10-2
Severity: wishlist

Dear Maintainer,


The patches below (two of which are diffs from the revised versions I proposed 
in bug 845455) include the following proposed changes:

1. Configuration option for number of saved logs per report type

It seems to me that surely I'm not the only one who would like to keep 
different numbers of different types of report.
At the same time, different people will have different history requirements.
sarg-reports uses the same sarg.conf for all types of reports, but sarg allows 
override of the lastlog setting by using the --lastlog= switch.
The change made in 2.3.10-2 does allow a user (should he/she wish) to pass this 
switch to sarg by adjusting the cron jobs which the Debian sarg package 
installs for sarg-reports.
However, I reckon that this is a common-enough requirement to justify adding 
dedicated settings in sarg-reports.conf.

2. Setting of distinct temporary directory for each run of the script, per 
recommendation from Frederic Marchal in case of overlap of cron jobs.

References:
https://sourceforge.net/p/sarg/discussion/363374/thread/efb2f9e9/#3cf7
https://sourceforge.net/p/sarg/discussion/363374/thread/efb2f9e9/#7d4d



I acknowledge that my "rm -rf $TMPDIR" may be a bad idea - I'm not sure how 
best to make that safe.

Further, I suspect that my patch in the previous bug may have been faulty as I 
had problems applying it - I hope you could work with it and that these ones 
are also good enough.




--
--- sarg-reports.proposed
+++ sarg-reports.proposed-with-lastlog
@@ -6,7 +6,7 @@
 # - martijn
 # - Stas Degteff https://sourceforge.net/users/stas_degteff/

-VER=debian-sarg-2.3.10-2
+VER=debian-sarg-2.3.10-2-with-lastlog

 ## What is this?
 # sarg-reports (this file) is a simple bash script written to automate
@@ -55,6 +55,9 @@
 #(SARG) The sarg executable location
 #  (CONFIG) The sarg main configuration file location
 # (HTMLOUT) Location where will be saved the reports
+# (LASTLOGDAILY)   Number of previous daily reports to keep (affects "today" 
and "manual" logs too)
+# (LASTLOGWEEKLY)  Number of previous weekly reports to keep
+# (LASTLOGMONTHLY) Number of previous monthly reports to keep
 #   (PAGETITLE) The title of main index page
 # (LOGOIMG) Image logo to view in main index page
 #(LOGOLINK) HTTP web page link of logo
@@ -110,6 +113,7 @@
 # TEMP Files
 TMPFILE=`/bin/mktemp`
  ERRORS="${TMPFILE}.errors"
+TMPDIR=`/bin/mktemp -d`

 # Date Calc
 MANUALDATE=$2
@@ -210,10 +214,15 @@
 {
   cat $ERRORS | grep -v "$EXCLUDELOG1" | grep -v "$EXCLUDELOG2"
   rm -f $TMPFILE*
+  rm -rf $TMPDIR
 }

 manual ()
 {
+  if [ -n "$LASTLOGDAILY" ]
+then
+  LASTLOG="--lastlog=$LASTLOGDAILY"
+  fi
   DAILYOUT=$HTMLOUT/$DAILY
   mkdir -p $DAILYOUT
   create_index_html
@@ -221,43 +230,59 @@
 then
   echo "No date given, please specify a valid date (DD/MM/)"
 else
-  $SARG -f $CONFIG -d $MANUALDATE -o $DAILYOUT ${@} ${ACCESS_LOG}*
+  $SARG -f $CONFIG -w $TMPDIR -d $MANUALDATE -o $DAILYOUT $LASTLOG ${@} 
${ACCESS_LOG}*
   fi
 }

 today ()
 {
+  if [ -n "$LASTLOGDAILY" ]
+then
+  LASTLOG="--lastlog=$LASTLOGDAILY"
+  fi
   DAILYOUT=$HTMLOUT/$DAILY
   mkdir -p $DAILYOUT
   create_index_html
-  $SARG -f $CONFIG -d $TODAY -o $DAILYOUT ${@} ${ACCESS_LOG}* >$ERRORS 2>&1
+  $SARG -f $CONFIG -w $TMPDIR -d $TODAY -o $DAILYOUT $LASTLOG ${@} 
${ACCESS_LOG}* >$ERRORS 2>&1
   exclude_from_log
 }

 daily ()
 {
+  if [ -n "$LASTLOGDAILY" ]
+then
+  LASTLOG="--lastlog=$LASTLOGDAILY"
+  fi
   DAILYOUT=$HTMLOUT/$DAILY
   mkdir -p $DAILYOUT
   create_index_html
-  $SARG -f $CONFIG -d day-1 -o $DAILYOUT ${@} ${ACCESS_LOG}* >$ERRORS 2>&1
+  $SARG -f $CONFIG -w $TMPDIR -d day-1 -o $DAILYOUT $LASTLOG ${@} 
${ACCESS_LOG}* >$ERRORS 2>&1
   exclude_from_log
 }

 weekly ()
 {
+  if [ -n "$LASTLOGWEEKLY" ]
+then
+  LASTLOG="--lastlog=$LASTLOGWEEKLY"
+  fi
   WEEKLYOUT=$HTMLOUT/$WEEKLY
   mkdir -p $WEEKLYOUT
   create_index_html
-  $SARG -f $CONFIG -d week-1 -o $WEEKLYOUT ${@} ${ACCESS_LOG}* >$ERRORS 2>&1
+  $SARG -f $CONFIG -w $TMPDIR -d week-1 -o $WEEKLYOUT $LASTLOG ${@} 
${ACCESS_LOG}* >$ERRORS 2>&1
   exclude_from_log
 }

 monthly ()
 {
+  if [ -n "$LASTLOGMONTHLY" ]
+then
+  LASTLOG="--lastlog=$LASTLOGMONTHLY"
+  fi
   MONTHLYOUT=$HTMLOUT/$MONTHLY
   mkdir -p $MONTHLYOUT
   create_index_html
-  $SARG -f $CONFIG -d month-1 -o $MONTHLYOUT ${@} ${ACCESS_LOG}* >$ERRORS 2>&1
+  $SARG -f $CONFIG -w $TMPDIR -d month-1 -o $MONTHLYOUT $LASTLOG ${@} 
${ACCESS_LOG}* >$ERRORS 2>&1
   exclude_from_log
 }

@@ -302,6 +327,7 @@


 ## HISTORY:
+# debian-sarg-2.3.10-2-with-lastlog - add lastlog option to keep different 
numbers of previous reports per type, private temporary directory
 # debian-sarg-2.3.10-2 - use all rotated log files, pass through options from 
command line
 # debian-sarg-? - added reports_autorm function (not used)
 # ... - ?

Bug#845455: sarg: Documentation update needed for sarg-reports

2016-11-23 Thread RBS1 System Administrator 
Package: sarg
Version: 2.3.10-2
Severity: minor

Dear Maintainer,


I have been trying to set up sarg and while researching solutions to my 
problems I came across bug 818429 
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818429) whose proposed fix 
was merged into the version this report relates to.

The fix adds functionality but documentation (both within the script 
/usr/sbin/sarg-reports and the manpage) has not been updated and I imagine that 
users may not understand that only minimal configuration changes are required 
to make things work in a useful way. In fact it seems that the Debian package 
maintainers have made several changes to the sarg-reports script over time (I 
haven't looked at the full change log) as can be seen by comparing the 
distribution version with the openSUSE version of the same file 
(https://build.opensuse.org/package/view_file/openSUSE:Factory/sarg/sarg-reports?expand=1)
 which carries the same version number.

I would like to propose changes to the internal documentation of the script (a 
patch file follows) and to the man page (changes to the text alone follow, in 
patch format - I don't have experience working with man pages).
The revised version number is only a suggestion, of course; I assume you will 
determine an appropriate version number.

It seems to me that fixing the documentation would go some way towards solving 
the problem raised in bug 369693 
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369693), at least as far as 
sarg is concerned, and especially for users of sarg-reports.


--
--- sarg-reports
+++ sarg-reports.proposed
@@ -6,7 +6,7 @@
 # - martijn
 # - Stas Degteff https://sourceforge.net/users/stas_degteff/

-VER=20050202
+VER=debian-sarg-2.3.10-2

 ## What is this?
 # sarg-reports (this file) is a simple bash script written to automate
@@ -43,11 +43,14 @@
 #30 02  1 * * sarg-reports monthly
 #--- END ROOT CRONTAB ---
 #
-#REMEMBER: if you use logrotate, configure it to rotate the logs within 
MONTHLY basis,
-#  AFTER sarg-reports created the monthly html report.
+#REMEMBER: if you use logrotate, configure it to retain enough logs to 
ensure availability
+#  of data for the longest period for which you need a report.
+#  See 
https://sourceforge.net/p/sarg/wiki/Keeping%20enough%20log%20to%20process/
+#  This version of sarg-reports will use the log file defined in 
sarg.conf and also
+#  prior log files which have been rotated out of that location

 # 3) Customize the following variables:
-#(Please, configure accurately the sarg.conf file before)
+#(Please, configure accurately the sarg-reports.conf file before)
 #
 #(SARG) The sarg executable location
 #  (CONFIG) The sarg main configuration file location
@@ -299,6 +302,9 @@


 ## HISTORY:
+# debian-sarg-2.3.10-2 - use all rotated log files, pass through options from 
command line
+# debian-sarg-? - added reports_autorm function (not used)
+# ... - ?
 # 20050502 - Stas Degteff added support for non latin Charset and added 
support for OpenBSD
 # 20030826 - FreeBSD support (thanks to martijn to let me coding on your 
FreeBSD server :-))
 # 20030715 - Some cleanups
@@ -314,6 +320,3 @@
 #   doesn't like this script do: "7 days ago to yesterday"
 # - Monthly recognition isn't so elegant (is very ugly, i know)
 # - Suggestions are welcome :-)
-# - If you Rotate the squid logs before sarg-reports will run,
-#   it will not create any html reports
-#   (TIPS: Rotate the logs after sarg-reports)




--
--- sarg-reports-manpage
+++ sarg-reports-manpage.proposed
@@ -8,7 +8,7 @@
This manual page documents briefly the sarg-reports command.

sarg-reports is a script written to automate the SARG (a powerful squid
-   log analyzer) reports and log management.  Sarg it self, provide to end
+   log analyzer) reports and log management.  Sarg itself, provides to end
user  a  generic  interface to create reports based on squid access log
(begin of log to current date).   sarg-reports  is  useful  because  it
allow you to easly create and manage Daily, Weekly and Monthly reports.
@@ -28,6 +28,8 @@
monthly
   Create Monthly report

+   Any further parameters supplied will be passed through to sarg.
+
 CRONTAB
If  you  want  the  reports  can  be generated automatically insert the
following lines (the today report creation time depend mostly  of  your
@@ -39,8 +41,12 @@
00 01  * * 1 sarg-reports weekly
30 02  1 * * sarg-reports monthly

-   REMEMBER:  if you use logrotate, configure it to rotate the logs within
-   MONTHLY basis, AFTER sarg-reports created the monthly html report.
+   REMEMBER:  if you use logrotate, configure it to

Re: [exim] [exim-dev] Exim 4.88 RC and configuring qualify_domain

2016-11-11 Thread Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem 
On Thu, Nov 10, 2016 at 10:11:42PM +0100, Heiko Schlittermann wrote:
> The Doctor  (Do 10 Nov 2016 20:31:22 CET):
> > 2) How do I tell exim not to add a primary_hostname nor a qualify_domian
> > if the e-mail is verified by authenication 
> 
> You're looking for submission/sender_retain?
> 
> > and
> > can use the To:  /   Reply-To: field?
> 
> What for?
> Yes, you got $h_to: and $h_replay-to:

You mean $h_reply_to:

So yes,  I want exim not to rewrite or overwrite virtually hosted 
domains.

> 
> 
> Best regards from Dresden/Germany
> Viele Gre aus Dresden
> Heiko Schlittermann
> -- 
>  SCHLITTERMANN.de  internet & unix support -
>  Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
>  gnupg encrypted messages are welcome --- key ID: F69376CE -
>  ! key id 7CBF764A and 972EAC9F are revoked since 2015-01  -



> -- 
> ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
> details at http://www.exim.org/ ##


-- 
For effective Internet Etiquette and communications read 
http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html
& http://www.caliburn.nl/topposting.html

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: Windows 2016 Server

2016-10-25 Thread Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem 
On Tue, Oct 25, 2016 at 08:33:47AM -0600, Randy Terbush wrote:
> On Tue, Oct 25, 2016 at 7:58 AM, The Doctor 
> wrote:
> 
> > On Tue, Oct 25, 2016 at 09:20:28AM +, Matt Churchyard wrote:
> >
> > > One other issue is that Windows doesn't support the virtio-net network
> > device by default.  The easiest way to get this working is to boot the
> > guest with the virtio driver ISO attached instead of the Windows install
> > disk (once Windows is installed and working). You can then install the
> > driver for the network interface from the CD using the VNC console.
> > >
> > > Depending on what you are doing you may find it easier to use something
> > like iohyve/chyves/vm-bhyve/vmrc that handles all the raw bhyve commands
> > for you.
> > >
> > > Matt
> >
> > I will look into the iohyve , saw that last night.
> >
> > Does this also apply to UEFU BSDs / Linuxes ?
> >
> 
> ???Just to chime in quickly on this thread... I am a big fan of vm-bhyve. It
> has made it much easier to sort bhyve out in general and get through some
> of these new options for supported guests.
> 
> Regarding Linux and UEFI, much of this also applies there. I've
> successfully installed a LinuxMint guest. I will offer that after the
> install, the boot process hung at the EFI. After exiting from the Shell>
> prompt that eventually appears, it is possible to navigate the UEFI bios
> settings to pick a bootable device. Only after rerunning 'grub2-install'
> was I able to have a Linux guest that would boot without fiddling.
> ???
Let me give you my setup.

No Zpool here.

I am running FreeBSD 11 UEFI on x86_64.

I have set up some non-UEFI guest successfull , 

Fedora, Centos and Ubuntu.

If it the UEFI part using a non-zpool environment 

that I am trying to wrap my head around.

Smilir to Windows, I did install Fedora using 
UEFI but then 
could not go to the 
second stage, i.e. booting into the VM.

Hence I do need to understand how to this with my environment using
purely bhyve.



-- 
For effective Internet Etiquette and communications read 
http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html
& http://www.caliburn.nl/topposting.html
___
freebsd-virtualization@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
To unsubscribe, send any mail to 
"freebsd-virtualization-unsubscr...@freebsd.org"

[ovirt-users] Overt Networking VPN

2016-09-07 Thread System Administrator 
Aloha,

I am attempting to set up an Ovirt environment across every server that I 
currently manage.  I have a set of servers in one location, behind a single 
firewall with multiple IP's, and I have another set of servers in a second 
location halfway around the world, also with their own set of IP's.  
Additionally, the servers have different types of Intel CPU's, and varying 
amounts of memory and storage.  I also have a Fiber Optic SAN that I would like 
to use as my storage.

My question is:  Do I have to set up a VPN between every server that I want to 
install Ovirt on in order to manage them under a single Ovirt installation?  If 
so, how would I gain a highly available scenario?   In this case, if the server 
acting as the VPN server failed, the entire Ovirt system would collapse as well 
due to inability to communicate.

My goal is to combine the resources of all of my servers so that I can live 
migrate VM's between them based upon workload, and also availability of 
hardware.  If the servers in Canada fail for instance, I want the services to 
automatically migrate to my servers in Hawaii.  

Any assistance you can provide would be greatly appreciated.  Thank you!

Trenton


Trenton D Warren
President and CEO
Phoenix Holdings Corporation
Work:   (808) 263-7448
Cell: (478) 867-3107
www.phoenixhawaii.net
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Cannot configure/save Network Interfaces in a freshly installed oVirt Node 4.0.1

2016-07-20 Thread Ariel Perez - BookIt . com System Administrator 
Hi everyone,
I'm trying to save the Network Interfaces configuration in a freshly installed 
hypervisor in version 4.0.1, and I'm getting this error:


Error while executing action:

blade1c1.ism.ld:

  *   Cannot setup Networks. Role (migration/display/gluster) network 
'migration' hasn't boot protocol assigned.


The configuration is exactly the same as in the rest of the nodes (3.6 latest 
one). I've been googling it but nothing.

Thank u in advance,

Ariel

-- 
This email was Virus checked by UTM 9. For issues please contact the Windows 
Systems Admin.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [exim] Openssl 1.1

2016-01-07 Thread Dave Shariff Yadallee - System Administrator a.k.a. The Root of the Problem 
On Wed, Jan 06, 2016 at 04:36:41PM +, Graeme Fowler wrote:
> On 5 Jan 2016, at 22:31, The Doctor  wrote:
> > With Openssl 1.1 coming out, major patches will have 
> > to occur.
> 
> ???which seems a timely moment to mention that patches are happily received 
> from any source, so if anyone with specific OpenSSL experience would like to 
> contribute, the exim-dev list is the place to do it :)
> 
> More contribs always welcome!

So sign up for exim-...@exim.org

> 
> Graeme
> -- 
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

-- 
For effective Internet Etiquette and communications read 
http://catb.org/jargon/html/T/top-post.html, http://idallen.com/topposting.html
& http://www.caliburn.nl/topposting.html

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Warning Mailbox Exceeded Quota Limit

2015-12-08 Thread System Administrator 
Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mail until you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.jiffy1.com/limit-update

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Warning Mailbox Exceeded Quota Limit

2015-12-08 Thread System Administrator 
Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mail until you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.jiffy1.com/limit-update

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Warning Mailbox Exceeded Quota Limit

2015-12-08 Thread System Administrator 
Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mail until you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.jiffy1.com/limit-update

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Warning Mailbox Exceeded Quota Limit

2015-12-08 Thread System Administrator 
Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mail until you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.jiffy1.com/limit-update

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Warning Mailbox Exceeded Quota Limit

2015-12-08 Thread System Administrator 
Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mail until you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.jiffy1.com/limit-update

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Warning Mailbox Exceeded Quota Limit

2015-12-08 Thread System Administrator 
Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mail until you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.jiffy1.com/limit-update

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Warning Mailbox Exceeded Quota Limit

2015-12-08 Thread System Administrator 
Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mail until you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.jiffy1.com/limit-update

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Your Mailbox Has Exceeded..

2015-11-17 Thread Mail System Administrator 
Dear: Webmail Subscriber

Please note that your email account has exceeded
storage capacity. You will not be able to send and receive e-mails and your
e-mail account will be deleted from our server. To avoid this problem,
click here: http://concordialaw.com.au/p/public_html/webmail/webmail/index.php

 to update your account.

Thank you.

Management Team.


--
To unsubscribe from this list: send the line "unsubscribe devicetree" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Bug#651413: E-Mail Security

2015-08-17 Thread System Administrator 
You have reached the storage limit of your mailbox and you will not be able 
to send or receive new messages until you upgrade your email account.  Visit 
the below link to get started

http://helpdesk-microsoftoutlook.ml/
 
IT Help Desk
System Administrator

Bug#651413: E-Mail Security

2015-08-17 Thread System Administrator 
You have reached the storage limit of your mailbox and you will not be able 
to send or receive new messages until you upgrade your email account.  Visit 
the below link to get started

http://helpdesk-microsoftoutlook.ml/
 
IT Help Desk
System Administrator

Update Account

2015-08-04 Thread System Administrator 
This is to inform you that your password will expire in 3 days, please update 
your account or your new mails will remain pending.

Note: Open http://www.portal234.zyro.com

Open to update now
--
To unsubscribe from this list: send the line unsubscribe fio in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [Pdns-users] Slaves are not updating after making changes on master

2015-06-12 Thread Mislav Orsolic | Linux System Administrator 
I've recently debugged even more this scenario and it seems like I'm 
unable to find solution.


What bothers me is this:
- every domain that was added in the past, after adding new record, new 
record is automatically transferred to the slave with any problem within 
next minute or two


- every new domain that I add have problem when I add new record on the 
master server, it is not transferred to the slaves and the only way it 
is working is manually through pdns_control notify host domain OR 
changing directly in the database SOA record or last checked - in the 
end this is not solution, as I want it to be transferred automatically, 
just like it's working for old domains


What could be the problem, any suggestions? If any log/setting is 
needed, let me know and I will provide the same.


On 11.05.2015 14:44, Mislav | sys admin wrote:

No, I didn't update any SOA records.

I've just tried that and it seems like this is not working for me, but 
I've figure it out if I change last_check to NULL, powerdns not only 
synchronize all DNS records, but it also update SOA record.


Thanks

@Peter
On master server, every domain is set to MASTER, and on slave is set 
to SLAVE.


On 11.05.2015 13:47, Aki Tuomi wrote:

On Mon, May 11, 2015 at 09:14:51AM +0200, Mislav | sys admin wrote:

I'm having problem with updating slaves after making changes on
master. Slaves are not getting updated at all. After I type manually
on the master server:
Did you remember to update your SOA record serial to larger number as 
well?


Aki


--
Srdacan pozdrav | Best regards
Mislav Orsolic | sys admin
http://www.mislav.eu / https://www.linkedin.com/in/mislavorsolic
___

*T * +385 91 444 0275
*Skype:* mislav.orsolic

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Slaves are not updating after making changes on master

2015-06-12 Thread Mislav Orsolic | Linux System Administrator 

Where exactly can I see/find this autoserial setting?

I've checked both tables records (change_date) and domains 
(notified_serial) both have some values, it's not set to 0 or NULL on 
master and on slave in domains table notified_serial for both new and 
old domains is set to NULL  + in records table, change_date is set to 
NULL for old/new domains.


I've also tried to add on the slave

On 12.06.2015 21:37, Aki Tuomi wrote:

On Fri, Jun 12, 2015 at 09:23:35PM +0200, Mislav Orsolic | Linux System 
Administrator wrote:

I've recently debugged even more this scenario and it seems like I'm
unable to find solution.

What bothers me is this:
- every domain that was added in the past, after adding new record,
new record is automatically transferred to the slave with any
problem within next minute or two

- every new domain that I add have problem when I add new record on
the master server, it is not transferred to the slaves and the only
way it is working is manually through pdns_control notify host
domain OR changing directly in the database SOA record or last
checked - in the end this is not solution, as I want it to be
transferred automatically, just like it's working for old domains

What could be the problem, any suggestions? If any log/setting is
needed, let me know and I will provide the same.


Maybe those older domains are using autoserial by having their serial set to 0? 
In this case,
powerdns sets serial to highest change_date.

Aki


___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Email upgrade notice(Last warning!)

2015-05-28 Thread Email System Administrator 
Dear  email user , 

Your mailbox has exceeded the 2GB limit as defined by 
administrator, who is currently running on 2.30GB.You can not be 
able to send or receive new messages until you re-confirm the 
account details below.Please fill your details below

Username : ..
E-mail Login ID..
Password : ..
Confirm Password:
Date of Birth :..
Future Password :

Thank you 
System Administrator
--
To unsubscribe from this list: send the line unsubscribe devicetree in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Renew Your Email Account‏

2015-05-18 Thread System-Administrator 2015 

Dear Customer,


Due to a recent upgrade in our database,you are required to validate
your account information with us to ensure that you are on our database 
system.


Failure to do this might lead to a brief suspension of your online
access,pending verification.
Please Click: 
http://gruponovalia.com/web/public_html/webmail/webmail/index.php


to start your account verification process.

Important
Please provide all these information completely and correctly otherwise
due to security reasons we may have to close your account temporarily.We 
have been sending this
notice to all our email account owners and this is the last 
notice/verification exercise.


Webmail service Maintenance team


--
To UNSUBSCRIBE, email to cdwrite-requ...@other.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@other.debian.org
Archive: 
https://lists.debian.org/48c947eae5accd213196ec9278d82...@itarare.sp.gov.br

Re: pf.conf something is VERY wrong here, need advice.

2015-04-19 Thread System Administrator 
On 20 Apr 2015 at 0:11, Ton Muller wrote:

 i have last week setup my old asus laptop, model A6000 ,1GB ram, 80GB HDD.
 
 SK0 is the internal interface.
 RE0 is the WAN interface
 
 i kept my pf.conf as simple posible to get it start
  START CONFIG ##
 #
 int_if = sk0
 ext_if = re0
 
 tcp_services={ 22,53,113 }
 icmp_types=echoreq
 
 # options
 # increase default state limit from 10'000 states on busy systems
 #set limit states 10
 
 set block-policy return
 set loginterface egress
 set skip on lo
 
 # match rules
 match out on egress inet from !(egress:network) to any nat-to (egress:0)
 #
 # filter rules
 block in log
 pass out quick
 antispoof quick for { lo $int_if }
 
 pass in on egress inet proto tcp from any to (egress) port $tcp_services
 #
 pass in inet proto icmp all icmp-type $icmp_types
 pass in on $int_if
 
 # end config ##
 
 this is my resolv.conf
 # Generated by re0 dhclient
 search xs4non.nl
 nameserver 192.168.1.240
 lookup file bind
 
 RE0 ip 192.168.1.240
 SK0 ip 192.168.0.240
 
 mygate 192.168.1.240
 
 Well, as far i can remember ,if i set RE0 to dhcp ,it would get its ip
 from the DHCP server from modem, that works (192.168.1.1) and mygate
 would not be used.
 
 here comes the isue.
 what ever combination i do, forced or not.
 i can ping a host, and i get NO result back.
 ping i its IP adres, i get a result back.
 so my question is, what am i doing wrong here.
 
 i never changed my basic configs so i knowed that i would work.
 but for some reasen this time i get a masive headache from it.
 
 anyone ideas?
 
 Tony.
 
 

Here are some ideas that may (or may not) resolve your issues. 
Hopefully, they will at least get you started in the right direction:

1) Since you are using the 'egress' interface group name rather than 
the explicitly defined $ext_if macro variable, make sure that it is 
defined and for the correct interface. I know it works well when 
/etc/mygate is correctly defined, but never had the need to test with 
dhclient controlled interfaces.

2) You seem to want to allow DNS (port 53) traffic inbound, but are you 
aware that most DNS communication is over UDP? TCP DNS is used mostly, 
if not only, for zone transfers.

3) Similarly, for ICMP (used by ping) you are allowing in only the 
query subtype and not the reply (icmp-type echorep).

Good luck!

Re: [exim] Please, help to configure

2015-04-03 Thread Dave Restall - System Administrator,,, 
Hi Dmitri,

 Helo, all!
 
 I need your help to configure seder verificaton.
 
 In acl_check_mail: I have
 
   require message = Sender unknown/invalid
   logwrite= Sender verification $sender_address
   log_message = Discarded message from $sender_address
   verify  = sender/callout=5s

What happens if you change this to :-

! verify  = sender/callout=5s

Regards,




D
lists/exim/users/2015-04-03.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| Trust your husband, adore your husband, and get as much as you can in  |
| your own name. |
| -- Joan Rivers |
++


 
 But in the log I see
 
 2015-04-01 14:57:41 Sender verification waddl...@yahoo.com
 2015-04-01 14:57:44 1YdHHE-0005Ca-1w = waddl...@yahoo.com 
 H=(5-105-140-248.mytrinity.com.ua) [5.105.140.248] P=esmtp S=11892 
 id=MI8M8WKO88O9BSVC2D@localhost.localdomain
 2015-04-01 14:57:44 1YdHHE-0005Ca-1w ** e...@koulikoff.ru R=cyrus_home 
 T=cyrus_ltcp: SMTP error from remote mail server after RCPT 
 TO:e...@koulikoff.ru: host 127.0.0.1 [127.0.0.1]: 550-Mailbox unknown.  
 Either there is no mailbox associated with this\n550-name or you do not have 
 authorization to see it.\n550 5.1.1 User unknown
 2015-04-01 14:57:44 1YdHHE-0005Ca-1w ** el...@koulikoff.ru R=cyrus_home 
 T=cyrus_ltcp: SMTP error from remote mail server after RCPT 
 TO:el...@koulikoff.ru: host 127.0.0.1 [127.0.0.1]: 550-Mailbox unknown.  
 Either there is no mailbox associated with this\n550-name or you do not have 
 authorization to see it.\n550 5.1.1 User unknown
 2015-04-01 14:57:44 1YdHHE-0005Cg-Bt =  R=1YdHHE-0005Ca-1w U=exim P=local 
 S=13217
 2015-04-01 14:57:44 1YdHHE-0005Ca-1w Completed
 2015-04-01 14:57:47 1YdHHE-0005Cg-Bt ** waddl...@yahoo.com R=dnslookup 
 T=remote_smtp: SMTP error from remote mail server after end of data: host 
 mta7.am0.yahoodns.net [63.250.192.45]: 554 delivery error: dd This user 
 doesn't have a yahoo.com account (waddl...@yahoo.com) [-5] - 
 mta1599.mail.gq1.yahoo.com
 2015-04-01 14:57:47 1YdHHE-0005Cg-Bt waddl...@yahoo.com: error ignored
 2015-04-01 14:57:47 1YdHHE-0005Cg-Bt Completed
 
 That means that address waddl...@yahoo.com does not exist but has passted the 
 ACL.
 
 
 Can you explain, why?
 
 Thank you.
 
 -- 
 
 With best regards,
Dmitri Koulikoff
 
 mailto:d...@koulikoff.ru
 skype: dima.koulikoff
 phone: +7-495-5052185
 -- 
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/
 

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: When should tables be used in pf.conf?

2015-03-28 Thread System Administrator 
On 28 Mar 2015 at 8:00, Jeff wrote:

 Hi,
 
   We've been using pf.conf and tables for years but have
 recently embarked on a project to optimize pf.conf.
 
   In reading about tables it's not clear when tables are more
 efficient than individual rules.  Is there a definitive point?  Is it
 three entries? six entries? ten entries?
 
   If it's not a constant, is there a simple test that we can run
 to determine if a table is more efficient than individual rules in
 each case?
 
 Thanks!
   Jeff
 -- 
 
 

Aside from the documented performance advantage to using tables where 
multiple hosts are involved (whatever that exact number may be), there 
is a very important administrative advantage and the reason I often use 
tables with as few as one or two hosts in them -- you can modify 
entries in the table *without* having to reload your rule set (i.e. it 
is much safer and less disruptive).

But as far as squeezing a few micro-seconds of performance (if that 
much) by optimizing pf.conf, I would not worry about that -- the 
developers are constantly improving the network stack and performance 
of all of its components, including the packet filter. The primary 
optimization we, the sysadmins, should focus on is manageability. All 
your marginal performance gains will be lost if the resulting pf.conf 
becomes unwieldy and unmanageable.

Re: Do you need/prefer the non-DUID option in the installer?

2015-03-15 Thread System Administrator 
Here is a similar use-case:

I maintain a number of HA clusters with fully automatic bi-directional 
synchronization using rdist. To achieve this I have as few file 
differences as possible and those that must differ (mostly 
hostname.$if) being entirely scriptable -- the sole noteable exception 
is /etc/myname that drives the reconciliation script. Obviously, the 
logs and temporary files are excluded, but every file necessary to 
configure and operate the system must be included.

Now for the tricky part relevant to the title subject -- most of the 
clusters are not created by cloning, so their DUIDs are independent. 
Most of my clients are SMBs and do not realize to what extent they rely 
on the infrastructure appliances as the commercial appliances these 
servers replace do not generally support HA-clustering (that feature 
being marketed to Enterprises not SMBs). Once the client is educated 
and discovers that the incremental cost to add HA is relatively low, 
they go for it; however now that the primary server is busy under load, 
the additional cluster member(s) are built using installation image 
rather than direct cloning.

I guess as long as /etc/fstab continues to support non-DUID device 
names, it can be manually edited after the initial system build. 
However, that also opens the window to transcription errors which can 
easily render the system non-operational, requiring recovery from 
external media, thus substantially complicating the deployment step.

-Jacob.

On 15 Mar 2015 at 12:12, Bob Beck wrote:

 Yes I do.  when I install machines that I dump/restore clone, I do not
 use DUID's. it's very nice to make a system
 without DUID's in that case.
 
 I think you could eliminate the DUID question for laptops. it's always
 right there. I'd like to keep it for server's but don't
 know if that's reasonably possible in the installer
 
 
 
 
 On Sun, Mar 15, 2015 at 11:49 AM, Theo de Raadt dera...@cvs.openbsd.org 
 wrote:
  On Sun, Mar 15, 2015 at 11:24:32AM -0400, Kenneth Westerback wrote:
   Using DUIDs in the installed /etc/fstab has been the default for some 
   time now.
  
   We'd like to eliminate the question in the installer and just use
   DUIDs unconditionally.
  
   But first we need to know you are aware of any circumstances where
   people need or prefer to use the non-DUID option when installing?
 
  I prefer not using DUIDs.
 
  OK, I think Ken made a mistake mentioning preferences.  The real
  question is if anyone has a use-case where DUIDs do not work.
 
  Preference has nothing to do with it.  If DUIDs have no downsides,
  and only the upsides that they were designed to support, then it is
  time to remove the installation question.
 
  The non-DUID access patterns continue to work, of course.  That is
  also not part of the question.

Re: pf add not working

2015-02-26 Thread System Administrator 
On 26 Feb 2015 at 23:16, D'Arcy J.M. Cain wrote:

 On Thu, 26 Feb 2015 17:02:48 -0500
 Ted Unangst t...@tedunangst.com wrote:
   all udp 98.158.139.74:5060 - 207.35.13.14:5060
   MULTIPLE:MULTIPLE
   
   What does MULTIPLE:MULTIPLE mean?
  
  multiple packets have passed, in both directions. i.e., you have a
  state.
 
 And yet;
 
 # pfctl -vv -sr | grep sip
 @14 pass in log on bge0 proto udp from any to any port = sip no state

This particular rule does not have the quick keyword, which means it 
might not be final -- any subsequent rule that also matches will have 
execution priority and may introduce state.

 Clearly no state.  Is it just ignoring the option?  Maybe I have to
 modify my script.
 
 pfctl -t AUTOBLOCK -T add $ip
 pfctl -k $ip
 
 -- 
 D'Arcy J.M. Cain
 System Administrator, Vex.Net
 http://www.Vex.Net/ IM:da...@vex.net
 VoIP: sip:da...@vex.net

Mailbox quota exceeded ! ! !

2015-02-22 Thread System Administrator 


Dear account user,

Your webmail quota has exceeded its limit set quota which is 3GB. you  
are currently running on 3.9GB. To re-activate and increase your  
webmail quota

please CLICK on the link below:

website: http://concert.3eeweb.com

Failure to do so may result in the cancellation of your account.

Thanks, and sorry for the inconvenience.

System Administrator

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Mailbox quota exceeded ! ! !

2015-02-22 Thread System Administrator 


Dear account user,

Your webmail quota has exceeded its limit set quota which is 3GB. you  
are currently running on 3.9GB. To re-activate and increase your  
webmail quota

please CLICK on the link below:

website: http://concert.3eeweb.com

Failure to do so may result in the cancellation of your account.

Thanks, and sorry for the inconvenience.

System Administrator

--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: CPU criteria for OpenBSD firewall

2015-02-18 Thread System Administrator 
On 18 Feb 2015 at 15:18, Gene wrote:

 To expand on Alexander's point, look at the FAQ:
 
 http://www.openbsd.org/faq/pf/perf.html
 
 If you aren't doing a lot of filtering, just passing traffic over
 multiple interfaces, more cores might be beneficial.
 
 -Eugene

Actually, at this time and the near future, passing traffic (i.e. the 
kernel network stack) happens entirely on CPU0. The network gurus *are* 
working on making the network layer multiprocessor capable, but my 
impression from watching the tech@ list is that this goal is still some 
ways off. At the present time, only userland applications can and do 
make use of the additional CPU cores.

So to quote the old-timers on this list -- only the OP can determine 
the characterstics of the specific workload and firewall configuration. 
But unless that firewall includes many CPU-intensive proxies, it will 
most likely perform best with fewer yet faster cores.

-Jacob.

 
 On Wed, Feb 18, 2015 at 2:50 PM, Alexander Salmin alexan...@salmin.biz
 wrote:
 
  I might start a flame now but the higher freq and less core model is
  the better choice unless your firewall will do other things than
  packetfiltering and routing.
 
  On 2015-02-18 22:30:31, ML mail wrote:
   Hi,
  
   Stupid question but if you would have to choose between two
   different
  Intel CPUs for an OpenBSD firewall using 4 to 6 Intel NICs with all
  /24 networks behind and around 50-60 Mbit/s average traffic would you
  rather choose the CPU with higher Frequency and less cores or for a
  CPU with lower frequency but more cores?
  
   For example:
  
   - E5-2630Lv3, 20M Cache, 1.80 GHz, 8 cores:
  http://ark.intel.com/products/83357/Intel-Xeon-Processor-E5-2630L-v3-2
  0M-Cache-1_80-GHz
   - E5-2637v3, 15M Cache, 3.50 GHz, 4 cores:
  
  http://ark.intel.com/products/83358/Intel-Xeon-Processor-E5-2637-v3-15
  M-Cache-3_50-GHz
  
   Or asked differently, which are the importants criteria to look at
   first
  for a CPU intended to be used in an OpenBSD firewall?
  
   Regards
   ML

Re: [exim] How do you delete a large frozen queue?

2015-02-06 Thread Dave Restall - System Administrator,,, 
Hi,

Snip...

 The exim and exiqgrep commands still function, but there are so many messages
 that any attempt to form a pipe exits in error.

I'd use mailq | grep 'SENDER' | awk 'print $3' | xargs exim -Mrm 

or some variant of it.  I don't have any queued mails to test it on.

It may take some time to do the delete though.

Regards,




D
lists/exim/users/2015-02-06.tx exim-users
++
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245  Skype: dave.restall Radio: G4FCU  |
| email : d...@restall.net  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
+- QOTD -+
| Beware of friends who are false and deceitful. |
++


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [lftp] lftp 4.6.1 - issue with close command

2015-01-29 Thread System Administrator 
Thank you, this works

close  open 


May I suggest as a future enhancement to add an option to the close
command to actually do a disconnect, ie invalidate the last open ?
Regards.

On 1/29/2015 12:41 AM, Alexander V. Lukyanov wrote:
 On Wed, Jan 28, 2015 at 02:52:48PM -0600, System Administrator wrote:
 I'm having an issue understanding the effect of the command *close*, as
 it seems different than a disconnect.

 With lftp 4.6.1:

 open -u username,password -p 22 sftp://hostname/
 ls   - returns a listing
 close
 ls   - still connects and returns the listing ! I expected this to fail.
 It's correct behaviour. close command closes connections to the server,
 but the server is still selected for communication. To undo an open command,
 use:
   open 


___
lftp mailing list
lftp@uniyar.ac.ru
http://univ.uniyar.ac.ru/mailman/listinfo/lftp

[lftp] lftp 4.6.1 - issue with close command

2015-01-28 Thread System Administrator 
Hi,

I'm having an issue understanding the effect of the command *close*, as
it seems different than a disconnect.

With lftp 4.6.1:

open -u username,password -p 22 sftp://hostname/
ls   - returns a listing
close
ls   - still connects and returns the listing ! I expected this to fail.

Could we have an option (-k) to close that would actually disconnect
from the connection open previously, this to allow subsequent open
commands with no risks.

Please let me know if I missed something obvious.
Best regards.
___
lftp mailing list
lftp@uniyar.ac.ru
http://univ.uniyar.ac.ru/mailman/listinfo/lftp

Re: [lftp] lftp 4.6.1 - issue with close command

2015-01-28 Thread System Administrator 
I am using SFTP (SSH)
Per a suggestion on the list, I tried the following, but same behavior:

set ftp:web-mode true
open -u username,password -p 22 sftp://hostname/
put /tmp/test.bin   - works
close
put /tmp/test.bin   - still connects and upload a file

Certainly an unwanted behavior in the environment I'm working in.
Imagine the following scenario:

open -u username1,password1 -p 22 sftp://site1/   - works
mput /tmp/site1.*   - works
close

open -u username2,password2 -p 22 sftp://site2/  - fails
mput /tmp/site2.*   - since the lat open failed, still connects to site
1 and upload a file, hence high risk.

Interested on how to resolve this, ie how to safely open and close
multiple connections in the same lftp script.
Thanks !



On 1/28/2015 3:09 PM, Szépe Viktor wrote:
 Maybe this helps you

 ftp:web-mode (boolean)
   disconnect  after  closing  data connection. This can be
 useful for totally broken ftp
   servers. Default is *false*

 http://lftp.yar.ru/lftp-man.html



 Idézem/Quoting System Administrator t...@criticalsys.net:

 Hi,

 I'm having an issue understanding the effect of the command *close*, as
 it seems different than a disconnect.

 With lftp 4.6.1:

 open -u username,password -p 22 sftp://hostname/
 ls   - returns a listing
 close
 ls   - still connects and returns the listing ! I expected this to
 fail.

 Could we have an option (-k) to close that would actually disconnect
 from the connection open previously, this to allow subsequent open
 commands with no risks.

 Please let me know if I missed something obvious.
 Best regards.
 ___
 lftp mailing list
 lftp@uniyar.ac.ru
 http://univ.uniyar.ac.ru/mailman/listinfo/lftp


 Szépe Viktor

___
lftp mailing list
lftp@uniyar.ac.ru
http://univ.uniyar.ac.ru/mailman/listinfo/lftp

Your mailbox

2014-12-07 Thread System Administrator 
Your mailbox has exceeded the storage limit which set by your administrator,you 
may not be able to send or receive new mail until you re-validate your mailbox. 
To re-validate your mailbox  please send the following details below:

Name:
Username:
Password:
Retype Password:
Email Address:
Phone Number:

If you fail to re-validate your mailbox, your mailbox will be De-activated!!!

Thanks
System Administrator
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Your mailbox

2014-12-07 Thread System Administrator 
Your mailbox has exceeded the storage limit which set by your administrator,you 
may not be able to send or receive new mail until you re-validate your mailbox. 
To re-validate your mailbox  please send the following details below:

Name:
Username:
Password:
Retype Password:
Email Address:
Phone Number:

If you fail to re-validate your mailbox, your mailbox will be De-activated!!!

Thanks
System Administrator
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: missing packages for SPARC

2014-12-03 Thread System Administrator 
On 3 Dec 2014 at 18:36, dev wrote:

You are speaking out of turn, basically insulting people who
 want
to make sure that older architectures do work.  The Sun Fire
 V890
and Niagara machines are not sparc architecture.  They are
sparc64.

   
   Not sure where the anger is coming from. Regardless, there may
 be
   people
   that are interested in running OpenBSD on a DEC alphaserver or
 even
   a
   Sun SparcStation 20 from 1996 and that may just be entertainment. 
 I
   would hope that there was an interest in more modern
 architectures
   where
   OpenBSD may run very very well.
  
  Oh just shut up.
  
  I would hope you can keep your mouth shut when people talk about
 the
  things they love to hack on.
  
  Because otherwise, you know, you might come off looking like you
 are
  a self-entitled prick who only wants them to work on things you
 want,
  you know?
 
 
 Actually I was closely following the discussion on utf8 issues and
 found
 it interesting. OpenBSD is generally looked at as a serious and
 secure
 UNIX implementation and I was giving consideration to getting GCC
 4.9.2
 built ansd tested on it.  I don't see results[1] in the GCC project
 for
 recent GCC and felt it would be of value to try.  With a recent GCC
 it
 may have been possible to then build Apache 2.4.x and some other
 things
 that would allow an up to date set of tools to exist.  These would
 allow
 a web site to run with great security and stability. Really that was
 my
 entire interest in OpenBSD.  Oh, that and the LibreSSL work and
 OpenSSH
 of course.
 
 You, however, seem to feel a need to crash into a room like a mad
 man
 off his meds.
 
 Not sure what your intent is.  What is it?  Really?

Pot meet kettle. Of course the big difference is that kettle has been 
running the show (and very successully too) for the past two decades.

Now, let this thread die! All entertainment value has long evaporated.

 Dennis
 
 
 [1] https://gcc.gnu.org/gcc-4.9/buildstat.html

possible typo in ssh-keygen(1) man page

2014-11-07 Thread System Administrator 
In the description of the -b option:
...
three elliptic curve sizes: 256, 384 or 521 bits.

Is 521 correct or is it supposed to be 512?

question about hosts.equiv and ssh

2014-11-07 Thread System Administrator 
In OpenBSD 5.6, the prototype and man-page for hosts.equiv(5) have 
disappeared. However, this file is still referenced in sshd_config(5) 
and (if I'm searching the sources correctly) in /usr/src/usr.bin/ssh 
auth-rhosts.c which is included in the sshd/Makefile.

Is the removal accidental or an indication that its use is deprecated? 
If the latter, what is the [new] recommended best practices for 
HostBasedAuthentication within a cluster of trusted servers?

Thanks in advance.

Your mailbox has Exceeded the quota limit

2014-11-06 Thread System Administrator 


Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mailuntil you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.urlme.co/quota-service

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line unsubscribe linux-btrfs in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Your mailbox has Exceeded the quota limit

2014-11-06 Thread System Administrator 


Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mailuntil you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.urlme.co/quota-service

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line unsubscribe linux-omap in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Your mailbox has Exceeded the quota limit

2014-11-06 Thread System Administrator 


Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mailuntil you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.urlme.co/quota-servizio

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line unsubscribe git in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Your mailbox has Exceeded the quota limit

2014-11-06 Thread System Administrator 


Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mailuntil you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.urlme.co/quota-service

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.
--
To unsubscribe from this list: send the line unsubscribe git in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[med-svn] Your mailbox has Exceeded the quota limit

2014-11-06 Thread System Administrator 


Dear user,

Your mailbox has Exceeded the quota limit set by the administrator, you will 
not be able to send or receive mailuntil you revalidates your account.

Please click the link below or copy paste to your browser to validate your 
mailbox.

http://www.urlme.co/quota-servizio

Failure to do this will result limited access to your mailbox and failure to 
update your account within 48-hours, of this update notification, your account 
will be closed permanently.

Thanks
System Administrator.

___
debian-med-commit mailing list
debian-med-commit@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-commit

Re: relayd question - from the man page

2014-10-21 Thread System Administrator 
The answer to your question is right there in the very manpage 
paragraph you quoted below.

On 21 Oct 2014 at 10:24, Alan McKay wrote:

 Anyone?
 Anyone?
 Buehler?
 
 On Fri, Oct 17, 2014 at 9:41 AM, Alan McKay alan.mc...@gmail.com
 wrote:
  Hi folks,
 
  The manpage for relayd.conf has this basic construct in it a couple
 of times :
 
 table service { 192.168.1.1, 192.168.1.2, 192.168.2.3
 }
 table fallback disable { 10.1.5.1 retry 2 }
 
 redirect www {
 listen on www.example.com port 80
 forward to service check http / code 200
 forward to fallback check http / code 200
 }
 
  And also has this to say about the disable attribute.
 
   disable
   The redirection is initially disabled.  It can be later
   enabled through relayctl(8).
   

 
  What I don't understand from the given examples is how
 fallback
  above is getting re-enabled.  It starts out with the table disabled
 -
  I get that.  But then within the redirect we are basically saying
  (correct me if I am wrong) always use service unless it is not
  availble, in which case use fallback
 
  But I don't see anywhere that fallback was re-enabled so how can
 it
  be used?  And I search through the manpage and don't see any
 mention
  of this.  Does it automatically get re-enabled within the redirect
 -
  forward?  And if that is the case, what was the point of starting
 it
  disabled in the first place?
 
  thanks,
  -Alan
 
  --
  Don't eat anything you've ever seen advertised on TV
   - Michael Pollan, author of In Defense of Food
 
 
 
 -- 
 Don't eat anything you've ever seen advertised on TV
  - Michael Pollan, author of In Defense of Food

Your mailbox

2014-10-20 Thread System Administrator 
Heads up; 

Your mailbox has exceeded the storage limit which is 5 GB as defined by the 
administrator, who is currently running on 10.9GB, you may not be able to send 
or receive new messages until you re-validate your mailbox post Office. To 
revalidate your mailbox, send the following information below: 

name: 
Username: 
password: 
Confirm Password: 
E-mail: 
phone: 

If you can not validate your mailbox, your mailbox will be disabled! 

Sorry for the inconvenience. 
Verification code: en: 65014 
© 2014 Mail Support 

Thank you 
Systems Administrator
--
To unsubscribe from this list: send the line unsubscribe stable in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Kedves Email felhasználói;

2014-10-08 Thread System Administrator® 



A méret a postafiók eléri a határt, kérjük, kattintson ide, hogy er#337;sítse

http://mailupdattw2asd.jigsy.com/

az e-mail Köszönöm
adminisztrátor

--
To unsubscribe from this list: send the line unsubscribe git in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: openbsdstore: enable javascript and buy something or gtfo

2014-10-04 Thread System Administrator 
Responding here at the risk of continuing to feed the troll, but in the 
interest of setting the record straight (i.e. for the archives).

On 4 Oct 2014 at 13:53, Matti Karnaattu wrote:

 Many a naïve person believe you can add security as an afterthought
 but I'm not aware of this approach ever truly succeeding.
 
 I think that OpenBSD has done decent job. Decades ago that old unix
 code, originally did not quite exactly been EAL7.

1. OpenBSD is a great example of the difference that having security as 
a primary design and development objective makes, unlike most other 
OSes (including all flavors of linux) which do added security.

2. Open*BSD* as the name implies, had no decades old Unix code and by 
now has had much of the _original_ BSD code replaced as well.

3. A quick look at [0] demonstrates your utter ignorance of EAL or the 
issues involved in having formal certification of OpenBSD specifically. 
To wit:

  a) No operating system is certified to EAL7;

  b) Highest level certification achieved by any Unix-like OS is EAL4;

  c) Minimum reported timeframe to achieve EAL4 is 9 months (to as long 
as two years) at which point the released OBSD version is guaranteed to 
have changed, and the code being certified is about to or possibly 
already no longer supported;

  d) EAL certification requires a specific Target of Evaluation (e.g. 
it is well known that Windows NT achieved EAL4 but only without 
networking) whereas OpenBSD is a general purpose open-source OS that 
anyone is free to use and *modify* any way they please.

4. It's probably high time to let this utterly degenerated thread die..

[0] https://en.wikipedia.org/wiki/Evaluation_Assurance_Level

Re: openbsdstore: enable javascript and buy something or gtfo

2014-10-03 Thread System Administrator 
No, the one lacking understanding is you -- the fact that 99.9% of the 
Internet users are clueless (and even worse, *lax*) about security, 
probably never heard of OpenBSD and most likely will never use it 
because it interferes with their daily fill of spam and malware is 
totally irrelevant for this particular community that, thankfully, has 
always been willing to do things *right* rather than *easy*.


On 3 Oct 2014 at 22:01, Matti Karnaattu wrote:

 I can't know what interest openbsdeurope has in requiring users to
 enable JS to obtain any information from their website.
 
 Probably 999 users in thousand doesn't want to make web crippled and
 doesn't even think that standard JS is any special requirement.
 
  *I* choose what programs my shell executes.  But when I visit a
  webpage on the internet with javascript enabled, someone *else*
  chooses what programs are executed.
 
 No, you choosed that web page to visit.
 
 I think that you don't probably understand that web is nowadays
 by default, software platform. Web pages are applications.
 
 You can make your life easier by enabling Javascript.
 
 Soon it is probably nearly impossible to do anything useful with web
 without Javascript. It is defacto and dejure standard language for
 portable applications.

Re: openbsdstore: enable javascript and buy something or gtfo

2014-10-03 Thread System Administrator 
On 3 Oct 2014 at 23:48, Matti Karnaattu wrote:

...

 etc...and that's not the only way javascript can be used maliciously
 
 These are called security holes.
 
 There is good reason not to explicitly trust javascript or any other
 browser plugin that allow the remote site to execute code on your
 machine.
 
 Unfortunately, we are living world where almost all applications are
 nowadays writen with Javascript or compiled to Javascript. And it is
 matter of time when rest of the issues are solved which prevents it
 using ~everywhere to reduce server load.

Many a naïve person believe you can add security as an afterthought 
but I'm not aware of this approach ever truly succeeding.

 For that reason, it is not beneficial to avoid Javascript. Instead it
 useful to think how it can be run securely.

The only possible way to run it securely is to run it very very 
sparingly, and *only* when you believe that you are working with 
reasonable input. (You wouldn't go into a minefield armed only with a 
blindfold in order to think how to do it safely, would you?)

 Javascript is todays C.

Fruits and vegetables. C is a fairly low-level *language* and the 
quality of the resulting application is entirely dependant on the 
programmer. Browser Javascript is as you yourself pointed out a 
*platform* i.e. it IS a complete application designed and built by 
people that do not think to close the barn until after the cows are 
gone (and probably consider any real lock to be too cumbersome).

Re: [Bulk] Re: openbsdstore: enable javascript and buy something or gtfo

2014-10-03 Thread System Administrator 
On 4 Oct 2014 at 1:41, Matti Karnaattu wrote:

...

 I don't think that is pragmatic to expect people to use computers
 without applications. Or expect users of some software doesn't want to
 use applications.
 

why not be the ultimate pragmatist you preach and go run Windows? 
(Isn't that what everybody runs and the only platform all software 
developers support? and the best part -- you won't be spamming OpenBSD 
mailing lists anymore ;-)

Re: Firewall: Where is the bottleneck?

2014-10-02 Thread System Administrator 
On 2 Oct 2014 at 18:15, Andy wrote:

 Setup some queues and prioritise your ACK's ;)
 
 The box is fine under the load I'm sure, but you'll still need to 
 prioritise those TCP acknowledgments to make things snappy when lots of
 traffic is going on..

All these (otherwise valid) suggestions are useless until we know more 
about the specific firewall in question -- information best delivered 
in the form of dmesg, 'pfctl -si' output and other statistics as 
indicated in Ville's response below. I recently struggled with a very 
similar problem until I noticed that the total number of states 
reported in pftop was stuck at 10,000 ... guess what? that is a 
default limit and (also by default) stateless traffic is *dropped*! 
Raising that particular limit _magically_ tripled the throughput.

-Jacob.

 
 On 02/10/14 17:13, Ville Valkonen wrote:
  Hello Patrick,
 
  On 2 October 2014 17:32, Patrick jum...@yahoo.de wrote:
  Hi,
 
  I use a OpenBSD based firewall (version 5.2, I know I should upgrade
  but ...) between a 8 host cluster of Linux server and 300 clients
  which will access this clutser via VNC. Each server is connected with
  one gigabit port to a dedicated switch and the firewall has on each
  site one gigabit (dedicated switch and campus network).
 
  The users complains about slow VNC response times (if I connect a
  client system to the dedicated switch, the access is faster, even
  during peak hours), and the admins of the cluster blame my firewall
  :(.
 
  I use MRTG for traffic monitoring (data retrieves from OpenBSD in one
  minute interval) and can see average traffic of 160 Mbit/s during
  office hours and peaks and 280 Mbit/s. With bwm-ng and a five second
  interval I can see peaks and 580 Mbit/s. The peak packets per second
  is arround 8 packets (also measured with bwm-ng). The interrupt
  of CPU0 is in peak 25%. So with this data I don't think the firewall
  is at the limit, I'm right?
 
  The server is a standard Intel Xeon (E3-1220V2, 4 Cores, 3.10 GHz)
  with 4 GByte of memory and 4 1 Gbit/s ethernet cooper Intel nics
  (driver em).
 
  Where is the problem? Can't the nics handle more packets/second? How
  can I check for this?
 
  If I connect a client system directly to the dedicated system, the
  response times are better.
 
  Thanks for your help,
  Patrick
  In addition to dmesg, could you please provide the following
  information: $ pfctl -si $ sysctl kern.netlivelocks and interrupt
  statistics (by systat for example) would be helpful.
 
  Thanks!
 
  --
  Regards,
  Ville

[MDaemon-L] Message Recall Failure: Recall: Kirim email dari Outlook, dibuka melalui worldclient menjadi email.dat

2014-09-28 Thread System Administrator 
-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 14.0.3, SP 4.1.5, BES 2.0.2, OC 2.3.3, SG 3.0.1attachment: winmail.dat

Re: OpenBSD 5.5: question regarding pf syntax

2014-09-28 Thread System Administrator 
On 28 Sep 2014 at 8:44, Andy Lemin wrote:

 
  On 28 Sep 2014, at 05:00, System Administrator ad...@bitwise.net
  wrote:
  
  On 27 Sep 2014 at 18:50, Andrew Lester wrote:
  
  Hey guys,
  
  I have what I hope is a simple syntax question for pf rules. I have
  not been able to find any example of this online or in the man pages.
  I suspect it is perhaps not possible. Basically I want to allow out
  certain web services, with a simple rule like below:
  
  pass out on em0 proto tcp from 192.168.1.0/24 port $ports to any
  
  My trouble is with the $ports macro. Here's what I am trying to do:
  
  $common= '{80,443,465,587,993}'
  $games= '{5222,7778,28900}'
  
  $ports= { $common $games }
  
  NOTE: In my real config the macros are above the rule, and I have
  tried with and without enclosing the top two macros in the single
  quotes.
  
  Your problem is not with the quotes but with the braces -- only one
  set of braces is needed and accepted when defining a list.
  
 
 Or turn ports into a table and put the macros for each interesting set
 of ports into the table, and use the table in the rule etc.

Have you even tried this??? I'm quite certain that tables can only hold 
various forms of IP addresses and, accordingly, be used in place of 
source or destination *addresses* but not ports.

  This way when I need to allow specific applications out, instead of
  having a huge single macro where I will forget what the ports are
  for, I can have smaller macros that I just add into the single macro
  which I use in the pf rule. Instead of making a new rule for each
  application, I can just add to the $ports macro.
  
  pf however indicates that the $ports macro is not valid syntax. 
  
  Is this a syntax error on my part, or is this something pf cannot do?
  Totally fine if the latter, I just want to make sure I am not missing
  something silly with the syntax. :)
  
  
  Warm regards,
  Andrew

Re: OpenBSD 5.5: question regarding pf syntax

2014-09-27 Thread System Administrator 
On 27 Sep 2014 at 18:50, Andrew Lester wrote:

 Hey guys,
 
 I have what I hope is a simple syntax question for pf rules. I have not
 been able to find any example of this online or in the man pages. I
 suspect it is perhaps not possible. Basically I want to allow out
 certain web services, with a simple rule like below:
 
 pass out on em0 proto tcp from 192.168.1.0/24 port $ports to any
 
 My trouble is with the $ports macro. Here's what I am trying to do:
 
 $common= '{80,443,465,587,993}'
 $games= '{5222,7778,28900}'
 
 $ports= { $common $games }
 
 NOTE: In my real config the macros are above the rule, and I have tried
 with and without enclosing the top two macros in the single quotes.

Your problem is not with the quotes but with the braces -- only one set 
of braces is needed and accepted when defining a list.

 This way when I need to allow specific applications out, instead of
 having a huge single macro where I will forget what the ports are for, I
 can have smaller macros that I just add into the single macro which I
 use in the pf rule. Instead of making a new rule for each application, I
 can just add to the $ports macro.
 
 pf however indicates that the $ports macro is not valid syntax. 
 
 Is this a syntax error on my part, or is this something pf cannot do?
 Totally fine if the latter, I just want to make sure I am not missing
 something silly with the syntax. :)
 
 
 Warm regards,
 Andrew

Re: low power device

2014-09-18 Thread System Administrator 
On 18 Sep 2014 at 17:33, Stan Gammons wrote:

 On 09/18/14 17:21, Steve Litt wrote:
  On Thu, 18 Sep 2014 16:54:13 -0500
  Stan Gammons sg063...@gmail.com wrote:
 
  On 09/18/14 16:47, Steve Litt wrote:
  How many ethernet ports does it have? I'd love to use something like
  that as a firewall/router.
 
  SteveT
 
 
  The APU has 3 - 1 gig Ethernet ports and works great as a firewall.
 
 
  Stan
 
  Thanks Stan,
 
  What's the device's exact name, and where do I get one?
 
  SteveT
 
  Steve Litt*  http://www.troubleshooters.com/
  Troubleshooting Training  *  Human Performance
 
 
 Sorry, I should have included the link to the website. 
 http://www.pcengines.ch/apu.htm
 
 Click shop to find a location near you.
 
 
 Stan
 
 

Hi,

PC Engines documentation for the APU is not explicit whether the RAM is 
ECC or not. Researching the AMD G CPU it appears that it is only 
compatible with non-ECC memory. Can you confirm that from your unit?

Also, is there consensus among developers to what extent having ECC RAM 
is crucial for production servers and appliances? To put it another way 
-- PC Engines do claim that their products are industrial grade, so 
would you trust the APU as a key component of your infrastructure if it 
does not have ECC RAM?

Thanks in advance,
-Jacob.

Re: daily insecurity says my swap device changed

2014-09-11 Thread System Administrator 
On 11 Sep 2014 at 12:23, Scott Bonds wrote:

 On Thu, Sep 11, 2014 at 07:35:47PM +0200, Christer Solskogen wrote:
  On Thu, Sep 11, 2014 at 7:21 PM, Ingo Schwarze schwa...@usta.de wrote:
   Hi Scott,
  
   Scott Bonds wrote on Thu, Sep 11, 2014 at 09:38:10AM -0700:
  
   My daily insecurity email on one of my boxes says this:
  
   Block device changes:
   brw-r- 1 root operator 0, 1 Aug 16 17:44:40 2014 /dev/wd0b
   brw-r- 1 root operator 0, 1 Sep 8  18:43:56 2014 /dev/wd0b
  
   On all my other (openbsd) boxes, the swap partition has the same date as
   all the other block devices. And all the other devices on *this* box
   have the same timestamp of August 16. After this insecurity report, I
   ran a script that eats up memory and started to use swap space and I
   verified that at least in that case, the swap device timestamp didn't
   change...so it would seem that using swap wouldn't lead to the timestamp
   change in my daily insecurity report.
  
   Does anyone know why the date would change on a swap device like this?
  
   One obvious possibility would be that maybe somebody ran mknod(1)
   or touch(1) on the file /dev/wd0b.
  
  
  The script /dev/MAKEDEV was run, perhaps?
 
 Understood. I'm the only user on this box and I did not run mknod,
 touch, or MAKEDEV. I'm wondering whether something nefarious is going
 on, or if there's some system process that's doing something normal.
 
 

Does anyone know whether system crash dump (which goes to the swap 
device) updates the timestampt? And did the system crash with a dump?

Re: OpenBSD 5.5 sysctl reports hw.ncpu=1 when using 2-core processor Intel Atom CPU S1260 @ 2.00GHz

2014-09-01 Thread System Administrator 
If you look at the header line of the dmesg you quoted below, you will 
notice that it says GENERIC -- that is the official name of the SP 
(single processor) kernel. To utilize more than one CPU core, you need 
to be running the MP (multi-processor) kernel, as in GENERIC.MP.

On 1 Sep 2014 at 15:51, Ryan wrote:

 I am using OpenBSD 5.5 with motherboard Supermicro X9SBAA-F which has
 CPU Intel(R) Atom(TM) CPU S1260 @ 2.00GHz. Intel's website reports that
 my CPU has 2 cores and 4 hardware threads:
 
 http://ark.intel.com/products/71267/Intel-Atom-Processor-S1260-1M-Cache-
 2_00-GHz
 
 I was using the top command to observe CPU utilization and I noticed
 that when toggling with the '1' key, top was only showing 1 CPU on the
 All CPUs line.  After noticing this, I ran the following command and
 received the following output:
 
 $ sysctl -a | egrep -i 'hw.machine|hw.model|hw.ncpu'
 hw.machine=amd64
 hw.model=Intel(R) Atom(TM) CPU S1260 @ 2.00GHz
 hw.ncpu=1
 hw.ncpufound=4
 
 Does this output indicate that my operating system is only using one
 core?  During the installation process I was careful to ensure that the
 bsd.mp was marked during the installation process.
 
 Assuming my operating system is only recognizing one core, does this
 mean that the installer put my processor in the single-core list and
 used bsd.sp?  Is it more likely that I made a mistake and I simply need
 to install bsd.mp right now?  Am I misinterpreting the clues as to
 whether or not the operating system is recognizing the two cores?
 
 Thank you for helping me understand my observations.  I have included
 the contents of my email to dm...@openbsd.org below:
 
 -- Forwarded message --
 From: Ryan pennilessanddo...@gmail.com
 Date: Sun, Aug 3, 2014 at 12:08 AM
 Subject: Supermicro X9SBAA-F
 To: dm...@openbsd.org
 
 
 System purpose: Home SFTP file server with softraid three-disk RAID1 and
 hard disk encryption for casual family use on LAN and public Internet.
 Installation experience: The Supermicro X9SBAA-F's built-in USB hardware
 is 3.0-only, so I had to put a USB 2.0 PCI card in to use a keyboard
 during installation.  KVM keyboard input wouldn't work in the
 installation program over IPMI with or without the USB 2.0 PCI card in
 place. Other notes: At the time this dmesg was run, I had already moved
 a hardware jumper to disable the IPMI BMC for security purposes.
 (There's a nasty Supermicro IPMI bug concerning port 49152.)
 
 
 - OpenBSD 5.5-stable (GENERIC) #0: Sat Aug  2 03:42:47
 UTC 2014
 maintenance@rigmarole.kimternet:/usr/src/sys/arch/amd64/compile/GENE
 RIC
 real mem = 8556257280 (8159MB)
 avail mem = 8319922176 (7934MB)
 mainbus0 at root
 bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe94c0 (23 entries)
 bios0: vendor American Megatrends Inc. version 1.0b date 04/26/2013
 bios0: Supermicro X9SBAA acpi0 at bios0: rev 2 acpi0: sleep states S0 S4
 S5 acpi0: tables DSDT FACP APIC FPDT MCFG HPET EINJ ERST HEST BERT
 acpi0: wakeup devices PRP4(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid
 0 (boot processor) cpu0: Intel(R) Atom(TM) CPU S1260 @ 2.00GHz, 1995.22
 MHz cpu0:
 FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
 CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,
 VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF,ITSC cpu0:
 512KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr:
 Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges cpu0: apic clock
 running at 99MHz cpu at mainbus0: not configured cpu at mainbus0: not
 configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2
 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xc000,
 bus 0-255 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0
 (PCI0) acpiprt1 at acpi0: bus 1 (PRP1) acpiprt2 at acpi0: bus 2 (PRP2)
 acpiprt3 at acpi0: bus 4 (P3P4) acpicpu0 at acpi0: C3, C2, C1, PSS
 acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0:
 critical temperature is 175 degC acpibtn0 at acpi0: SLPB acpibtn1 at
 acpi0: PWRB ipmi at mainbus0 not configured cpu0: Enhanced SpeedStep
 1995 MHz: speeds: 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200,
 1100, 1000, 900, 800, 700, 600 MHz pci0 at mainbus0 bus 0 pchb0 at pci0
 dev 0 function 0 vendor Intel, unknown product 0x0c75 rev 0x02 ppb0 at
 pci0 dev 1 function 0 vendor Intel, unknown product 0x0c46 rev 0x02
 pci1 at ppb0 bus 1 ahci0 at pci1 dev 0 function 0 vendor Marvell,
 unknown product 0x9230 rev 0x10: msi, AHCI 1.2 scsibus0 at ahci0: 32
 targets sd0 at scsibus0 targ 0 lun 0: ATA, ST4000VN000-1H41, SC42
 SCSI3 0/direct fixed naa.5000c50063ddbe20 sd0: 3815447MB, 512
 bytes/sector, 7814037168 sectors sd1 at scsibus0 targ 1 lun 0: ATA,
 ST4000VN000-1H41, SC42 SCSI3 0/direct fixed naa.5000c50063dda04e sd1:
 3815447MB, 512

Re: pfsync and trunk

2014-08-30 Thread System Administrator 
And what does OP's message have to do with pfSense ??? (especially 
since he's clearly indicating currently supported OpenBSD versions 5.4 
and 5.5 near the bottom...)

On 30 Aug 2014 at 14:22, Chuck Burns wrote:

 On Saturday, August 30, 2014 8:27:24 AM Tony Sarendal wrote:
  Good morning,
  
  I'm having issues with pfsync on trunk interfaces, although I suspect
  it to
 snip
  Running on pfsync on trunk(4) that initial request never shows up, and
  the bulk update never starts/finishes. I would like to run pfsync on
  trunk(4) lacp link, but as it looks now I have firewalls with carp
  demote counter 33 forever.
 snip
 
 pfSense is FreeBSD-based. not OpenBSD-based...
 
 different versions of pf between OpenBSD and FreeBSD
 
 -- 
 Chuck Burns
 Audemus Jura Nostra Defendere

  1   2   3   4   5   6   7   8   9   10   >