Re: How do I find out who's using port # xxxxx
Martin Bialasinski writes: [snip] Try lsof |grep smtp You can also try: # fuser -v 25/tcp Nice, isn't it? -- Adriano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: POP3 with Qmail
Pasi Kärkkäinen writes: [snip] If I use Qmail's POP3 daemon, it supports only Maildirs and Pine does NOT support maildirs? Is there some patch for pine to make it support maildirs? Yes, I think you can find a pointer to it at www.qmail.org. As an alternative, you can use the '/var/qmail/bin/pinq' wrapper, it converts a Maildir to Mailbox and execs pine. -- Adriano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Procmail, qmail and file locking
David Maslen writes: I'm a bit unsure if it's safe to use procmail with qmail. qmail only uses flock as a locking mechanism (no dotlocking). If your procmail binary also uses flock, there should be no problem. Try 'procmail -v' to check: Locking strategies: dotlocking, flock() If I use vm to view the folders created by procmail directly, this process won't occur. I'll be reading a mailbox that could well have something added to it, and that would be bad I think. You can use procmail delivery folders as vm incoming folders, eg procmail delivers to ~/folders/DEBIAN, which vm uses as the incoming folder for ~/folders/debian. Then you can type g to get new mail, without problems. Try the code attached below in your .vm file (I don't know who wrote it, so I can't give the due credit). There are other solutions as well: create a .qmail-debian file that delivers to a Maildir (not Mailbox), make procmail forward the mail to you-debian and make vm use maildirs. Maildirs don't require file locking, so you are safe. Also, there's a patch to make procmail deliver to maildirs, see www.qmail.org. HTH, -- Adriano ;; Since I use procmail to filter my mail, I like to shove my incoming ;; mail to folders. Due to Emacs (and hence VM) locking, it's not wise ;; to view the incoming spool file, so I make procmail dump mail to ;; folders IN ALL CAPS. Then I have VM make spool files from each one of ;; those, except they'll be in all lower case. (setq vm-spool-files (append (list (list vm-primary-inbox ~/Mailbox (concat vm-primary-inbox .crash))) ;; Mailing list inboxes ;; I arrange that all my procmail maildrops are in ~/Mail/[A-Z]* (mapcar '(lambda (s) make the appropriate entry for vm-spool-files (list (concat vm-folder-directory lists/ s) (concat vm-folder-directory lists/ (upcase s)) (concat vm-folder-directory lists/ s .crash))) ;; So I create a vm-spool-files entry for each mail drop (mapcar 'downcase (directory-files (concat vm-folder-directory lists/) nil ^[A-Z].+) -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Procmail, qmail and file locking
Adriano Nagelschmidt Rodrigues writes: David Maslen writes: I'm a bit unsure if it's safe to use procmail with qmail. qmail only uses flock as a locking mechanism (no dotlocking). If your procmail binary also uses flock, there should be no problem. Try 'procmail -v' to check: Locking strategies: dotlocking, flock() Forgot to mention that if all your mail goes to procmail (qmail doesn't do deliveries) then you shouldn't worry about procmail not using flock. -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: [Q] 56K US Robotics?
Would anyone know how to verify that I am connecting to Internet at 56K. I run Debian hamm + 2.1.78 kernel. I also have an USR 56K modem, and I am getting the following connect messages Feb 1 11:23:08 pequod chat[310]: CONNECT 33600/ARQ/x2/LAPM/V42BIS ^^ after my ISP started using digital modems to support 56K. -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Netscape 4.04.... [Read this Please!]
Orn E. Hansen writes: For those who are having trouble, you need to set the environment variable MOZILLA_HOME to the path where netscape is located. On my machine, it is located in... MOZILLA_HOME=/usr/lib/netscape Also, it may be possible that the line that sets the LD_LIBRARY_PATH variable in the wrapper (/usr/bin/X11/netscape) is causing the problem. Try commenting it out... -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
hamm PATH - MANPATH
In bo this mapping in /etc/manpath.config used to work. An user just needed to have the binary location is his PATH to be able to read the respective manpages. Am I missing something? [pequod:~] manpath /usr/man:/var/qmail/man:/usr/local/man:/usr/X11R6/man [pequod:~] man -d qmail-send ... found manpath map /var/qmail/bin -- /var/qmail/man ... *manpath search path* = /usr/man:/usr/X11R6/man:/usr/local/man ... No manual entry for qmail-send Thanks, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Is Perl 5.004.04-3 Package Routine Broken?
Wintermute writes: New problem. When I attempt to install the Perl 5.004.04-3 file, it breaks at the post-installation phase. As such, other updates that require Perl will not configure themselves. I have even fetched the file manually and used dpkg (with most all of the debugging options) and still no luck. I can run the Perl post install script by hand with configure and it runs just fine, but for some reason dpkg and dselect both tell me that it can't configure it because the post install script returned error 123. Same problem here. After trying to install it with dpkg, I runned the postinst script manually with the 'configure' parameter. Then I edited the /var/lib/dpkg/status file, in the perl package section changed the line install ok not-configured to install ok installed and deleted the line which read configured version: previous_package_version_here (or something like that) This kludge fooled dpkg into thinking that perl was ok (and I think it really is ok, haven't had any problems) and I could move on to the other packages. My excuse for doing it is that I don't know deb package internals and didn't have the previous libc6 perl pack. anymore. Regards, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
RE: Email only users, and Bulk User Adds/Removes
Daniel Martin writes: [snip] is all that they can do). Also, you may wish to create a directory under /home (for example, called /home/nologin) with mode 755 owned by root, and then set all the users' home directories to that instead of the default. (Of course, you can't do this if using something like qmail, which expects to be able to drop things into users' home directories) Just for the record, you can do this with qmail. See qmail-users(5) for details. -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: debian 2.0
On Wed, 19 Nov 1997, Timothy Phan wrote: I think this question has been asked before and I'd like to bring it up again since it been a while. Is there a set day for the Debian 2.0 (or the next release after 1.3.1)? If your machine isn't a critical production one and you have some time to spare, then don't wait... Upgrade! But prepare a rescue disk just in case. I ended up with a broken bash, couldn't login anymore **. Fixing it was fun, btw. hamm is very nice, it's where all the latest packages go, not to mention the big move to libc6. So far, I only had problems with rusersd rwalld looping... -- Adriano ** if you're curious, I managed to regain root access by booting with the rescue disk, copying sh to my hd as sh_resc (/bin/sh is normally a link to bash) and changing root's shell to sh_resc, then rebooting normally. Maybe it would be a good thing to have an uid 0 maintenance account with a simple static shell... Then again, maybe not. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: tripwire segfaults
Walter L. Preuninger II writes: I am trying to use tripwire, but when running walterp# tripwire -init ### Phase 1: Reading configuration file ### Phase 2: Generating file list Segmentation fault (core dumped) You may want to install the tripwire package from hamm, which seems to be ok. To do that, you first have to install libc6 (there's a nice debian howto about it which is posted regularly). IMHO it's something worth doing (lots of nice and up to date packs in hamm...) -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
nis weak passwords
Hello, apparently yppasswd in the nis package wasn't compiled with -DUSE_OBVIOUS to check for weak passwords. I found out that more than 20% of the user passwords in a Debian net I was managing were _very_ weak (eg login name). Not a very comfortable figure (even if one's using shadow passwords). I was inclined to install npasswd (or even a modified yppasswd) in /usr/local/bin. However, the server, yppasswdd, doesn't require that its clients talk to it from privileged ports (so yppasswd doesn't need to be suid root and I can't enforce my password policy). I think it would be nice if Debian addressed this (potential) security problem in an out-of-the-box configuration... IMHO, it already beats all commercial Unixes I know. Thanks, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: shadow and nis
Behan Webster writes:
For the life of me I can not seem to get nis to work with shadow
passwords. I can get each to work seperately, but not together.
Can anyone with experience with using these two together please
explain how to set it up properly? I'm stumped.
Yes, apparently the clients don't bother to look up the shadow map (or maybe
there's a protocol error), the error messages are something like user foo
doesn't have a password.
What I did was install shadow in _all_ machines. In the server, I put the
NIS source password group files in /var/etc (remember to turn off rx
permission for others in that dir and adjust /var/yp/Makefile).
Then you have to configure /etc/ypserv.conf so that ypserv mangles the
encrypted password field in the passwd* maps if the client comes from a port
1024.
Put + entries in the cilents' (and server) passwd group files. You'll also
need a custom adduser, btw.
Some things that break under this setup:
* 'finger' appears not to like getting an 'x' instead of the encrypted
password ('finger -m foo' works, 'finger foo' only works if you're root).
* yppasswdd wasn't compiled with shadow support, so you can't use yppasswd to
change a user's password from your root shell (unless you recompile).
--
Adriano
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: Smail is getting confused
Bruno O. M. Simoes writes: Based on RFC #1035,974, there's no such problem about IP addresses on MX entry. Are you sure? According to RFC 974, Each MX matches a domain name with two pieces of data, a preference value ... and the name of a host. There's no mention about IP addresses, and all examples use host names. Also, in RFC 1035, [quote]: EXCHANGEA domain-name which specifies a host willing to act as a mail exchange for the owner name. MX records cause type A additional section processing for the host specified by EXCHANGE. [unquote] However, _sendmail_ sends fine. Alas, sendmail isn't a good example wrt following rfc definitions (and security also :-) What do you say? I would say, if you are looking for a nice MTA, give qmail a try (www.qmail.org). Good luck, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: Smail is getting confused
Bruno O. M. Simoes writes: I have a Bind driver router configured in smail (/etc/smail/routers). When it finds a MX entry in the target host where is its IP number (x.x.x.x) instead its name (target.com) it doesn't accept this kind of MX entry. What can I do? You can play by the rules. You can't use IP addresses in an MX record, if I remember the DNS RFC correctly. -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: just how bad is Fortran?
Rick Hawkins writes: I don't mean fortran in generall, i mean the available linux versions. From what I've read so far, Linux fortran tools aren't exactly state of the art (as you know, chances are that gcc is going to optmize your code much better). I'm familiar with Fortran, C, C++, etc., and the coding for fortran is far more efficient for what i'm doing: it comes down to applying functions to arrays. You mean performance wise? Do you have some numbers? It's an interesting comparison... As for the numerical libs, are there some you can't find in C? I also may have the world's only project that really calls for an Object Fortran :) Good luck with your project, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: just how bad is Fortran?
Sorry, I can't resist ;-) fortran (77) is horrible. Well, it _was_ ok, Backus was a pioneer, etc. But we are in the end of the '90s (and I thought only *my* profs were forcing students to use it!) You will be much better writing your code in ANSI C (pointers aren't difficult once you get to know them). Regards, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Solved! Re: Quotas AMD
Just FYI: Felix Almeida writes: I'm using the AMD to mount the home directories by NFS on the clients. I've read all of documents related to quotas, but with no success... The problem was in the way I built the amd map for poor Felix's network ;-) The home server has two file systems under /home, u1 u2. The quota files are in the fs root directories (ie /home/u1, /home/u2). The amd map only told the clients to mount /home. I had a feeling that it might be the source of the problem, and today I changed the map so that the clients would mount /home/u1 /home/u2 also, and voila'... -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: NFS and netgroups
Joerg Delker writes: Does anyone define his nfs-exports access-permissions via netgroups? What I meen is a exports entry like /usr/local @hosts(ro) I've defined netgroups in /etc/netgroups and serving them via NIS (yp). A 'ypcat netgroups' lists me all my groups, so the netgroups should be ok. If I try to 'mount nfsserver:/usr/local /mnt' on a connected machine, I get a 'permission deinied'. Did you try using FQDNs in the netgroups? ie hosts (host1.my.domain,,) (host2.my.domain,,) ... Hope this helps, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Netgroups won't work
Hi, I have put together a handful of PCs and installed the latest rex on them. nis is working ok, but I can't make netgroups work. The clients (and servers) can retrieve the netgroup map: % ypmatch tudog netgroup (turing,-,) (ritchie,-,) (knuth,-,) The hosts are also in the hosts file. All host.conf files have the 'nis' keyword in the order line. % ypmatch ritchie hosts 192.168.45.42 ritchie.ime.usp.br ritchie However, entries like '@tudog' in the files hosts.equiv and exports don't work. Here's an error message: Apr 2 20:40:32 turing mountd[178]: Unauthorized access by NFS client 192.168.45.42. If I add ritchie explicitly to the exports file, there's no problem. I'm using libc 5.4.20 nis 2.00, BTW. I also tried to use the bo libc nis packages (on another net, this time using a sun nis server), to no avail. Any hints? Thanks a lot, -- Adriano
Upgrading rex's libc, was Re: Bug in libc5.4.13
Tadeusz Bak writes: [SNIP] The bug is fixed in libc5.4.17 (from bo directory). So I think that libc in rex should be upgraded. Yes, why not upgrade rex's libc? Nothing would break, the packages are ready... If we want rex to be stable, that would be part of the normal bug fixing routine. Regards, -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: ICMP redirect kernel message
mike horansky writes: Looking through /var/log/messages, I see Jan 18 18:23:34 bigbox kernel: ICMP redirect from IP addr withheld Jan 18 18:23:34 bigbox last message repeated 3 times every few days. Is that an indication of Ping Of Death? Some other problem? ICMP redirects are sent by your gateways to your host to provide it with a better route to some place (ie, telling you to use another local gateway for that particular connection). Gateways shouldn't obey ICMP redirs, BTW. If you received an ICMP redir from a host that's not your gateway, I think something is amiss. Maybe it's just a (remote) configuration problem? Shouldn't your routers block these packages? -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: ping reply without OS (was: Re: Unidentified subject!)
Mario Olimpio de Menezes writes: I experienced such situation when my nameserver was down for a warm reboot, so that I couldn't telnet to it, but ping got response from the machine during the reboot. I can't explain such situation, but it is quite strange to me. Nothing strange about it. There's a thing called Address Resolution Protocol (arp), which maps IPs to MAC (network card) addresses. It makes TCP/IP work over your ethernet. Try this: # arp -a You'll see that you have a table mapping local IPs to MACs (the ethernet protocol doesn't understand IP addresses, only MAC ones). So, to send a datagram to your name server, you need its MAC address, which already was in your arp table. Now, the OS wasn't fully operational, some services (inetd) weren't available yet, but the kernel and the tcp layer were there, answering pings (which uses the ICMP protocol). -- Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
qmail, was RE: mta suggestions?
Hamish Moffatt writes: [SNIP - Virtual Domains Config question] Can anyone suggest a way to do this? Either another MTA (eg sendmail), or how to do it with smail? I'd prefer to stick with smail as possible, since I understand it to some extent, and have UUCP working with that already. Hi, Give qmail a try. It's flexible and very simple to configure. Also, it is very fast (can handle more than 200K/day mail messages without problems) and isn't likely to have sendmail's security problems. In fact, I think qmail handles all debian lists. I don't remember the official site url, but you can get there from http://www.qmail.org Good luck, Adriano -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
