Re: Some documents on 3 PCs
On Sunday 15 February 2009 10:03:55 Allan Dreyer Andersen wrote: Hi all I have a laptop, a desktop both with Debian and another laptop provided by my work with Windows XP. Right now I'm copying my personal documents and pictures between these 3 PC and it's a hell. And from time to time I miss copying specific files with updates ... so there must be a better way to handle all this. Do you have some ideas how to solve this? I'm thinking to setup a server and some SVN system, but is this the best way solving it or do you have other suggestions? Thanks a lot in advance. -- Venlig hilsen / Best regards Allan Dreyer Andersen I would suggest unison, I use it at home to sync my work laptop with my home fileserver (it's just a nfs/samba server and is not required) Unison[1] is available for windows[2], and is in the Debian repositories[3]. NB. make sure the versions are the same across all the machines you are syncing... [1] http://www.cis.upenn.edu/~bcpierce/unison/ [2] http://alan.petitepomme.net/unison/index.html [3] http://packages.debian.org/search?keywords=unison -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) cliff...@nighthawk.co.za (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: On battery power, so skipping file system check when in AC power
On Saturday 14 February 2009 09:15:46 Virgo Pärna wrote: Does anyone else also receives On battery power, so skipping file system check warning, when starting up a laptop with AC power connected? Especially in Lenny. -- Virgo Pärna virgo.pa...@mail.ee I also get this when on battery power, and it works fine when on AC power. I believe this is actually a good thing cause if you checking your disks and then run out of battery bad things(tm) can happen... -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) cliff...@nighthawk.co.za (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: calender, contacts, appts., to do list, etc. server for Debian
On Friday 30 January 2009 17:35:50 H.S. wrote: ClamAV 0.94.2 signatures . Hi, I am playing around with the idea of installing a calender server on a Debian machine at my home. The idea is that the family can maintain their calenders, appointments, schedules and to-do lists on the server and be able to access it from anywhere over the internet. Now if the server allows syncing to mobile devices, that would be an added bonus but is not required at present. Any ideas what we have in this respect in Debian? Experiences and insights will be most welcome. Regards. -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read. I'm using davical[1] both at work and home (two seperate installations) and it's working quite well for me... I basically followed the instructions found at [2] on the davical wiki [3] even though the instuctions were for ubuntu it was easy enough to just install ;) HTH [1] http://rscds.sourceforge.net/ [2] http://wiki.davical.org/w/Installation_Guide_Update_(Feb_2008) [3] http://wiki.davical.org/w/Main_Page -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) cliff...@nighthawk.co.za (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: USB disk fails when accessed after idle for some hours
On Thursday 29 January 2009 18:52:08 Reid Priedhorsky wrote: ClamAV 0.94.2 signatures . All, I have a USB disk (a 320GB Western Digital My Passport) which is exhibiting the following problem. When first hooked up and mounted, it works fine. I've successfully transferred 100's of GB onto the disk. However, if left idle for some hours, it fails when accessed, with a spontaneous USB disconnect and reconnect of the device (log excerpts below). Some hours later, it still gives immediate I/O errors when accessed (e.g. with ls), but unmounting and re-mounting the drive makes it work again. (It might have also needed a physical unplug and re-plug once, but I don't recall for sure.) It is a 2.5 disk with no external power supply, just power from USB. This happens in multiple port group and multiple cables. I have another USB disk, this one a 3.5 IDE drive which I installed in a USB enclosure myself, that does have external power, that works with no problems. Now, the unmount/remount cycle suggests that I could perhaps work around the problem with automount. But, if the disk is just plain defective, I don't want to paper over the problem. I wonder if the computer can't provide enough power to run the device (it exceeds the 500mA/port limit, though that was NOT clear in the newegg description). However, if that's true, why does it only fail after a long idle? Thoughts? Many thanks in advance, Reid This looks similar to a problem I have with a 500G Toshiba drive. Have you tried this on a USB 1 port? does it do the same? PS. I still don't know why mine dies. (at work I have a couple of 1Tb drives that work fine on USB2) -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) cliff...@nighthawk.co.za (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Problem with printer Canon iP1800
On Friday 23 January 2009 23:46:49 Сергей Овчар wrote: Can anyone help me adjust the printer? I use files: cnijfilter-common_2.70-3_i386.deb cnijfilter-ip1800series_2.70-3_i386.deb and after my attempt to install the, I've got this error -- invoke-rc.d: unknown initscript, /etc/init.d/cupsys not found. dpkg: error processing cnijfilter-ip1800series (--install): subprocess post-installation script returned error exit status 100 Errors were encountered while processing: cnijfilter-ip1800series -- How can I solve the problem? I wrote a post[1] about getting this printer setup sorry for the shameless plug ;) [1] http://nighthawk.co.za/2008/07/canon-ip1800/ -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) cliff...@nighthawk.co.za (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Family Tree Program
On Monday 05 January 2009 12:38:56 Zaki Akhmad wrote: Dear all, I am looking for family tree program. Anybody can give me suggestion? -- Zaki Akhmad I know it's online as apposed to desktop app http://www.geni.com -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
USB External hdd issues
the drive (this time) but was doing an e2fsck on the drive, I now have the drive attached via the onboard USB and the e2fsck is running with out issue. After this crash I have to power the drive off and back on to get it to work again. I have tried different cables and different ports on the USB2 card and this still happens, also if the drive is mounted and this happens then I can't unmount it so I end up with: /dev/sda1 on /media/disk type ext3 (rw,noatime) /dev/sdb1 on /media/disk type ext3 (rw,noatime) /dev/sdc1 on /media/disk type ext3 (rw,noatime) Current kernel is: Linux shredder 2.6.26-1-686 #1 SMP Mon Dec 15 18:15:07 UTC 2008 i686 GNU/Linux Upgraded from etch to lenny hoping the new kernel would help, which it hasn't. Anybody had and solved this issue? What else can I do to debug? -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: USB External hdd issues
On Sunday 04 January 2009 17:01:02 Ron Johnson wrote: On 01/04/09 06:11, Clifford W. Hansen wrote: On Sunday 04 January 2009 12:48:40 Andrei Popescu wrote: On Sun,04.Jan.09, 10:22:15, Clifford W. Hansen wrote: [...] My problem is that when connected via USB2 (which the drive is supposed to be), the drive disconnects: [...] Could be hardware problems. Can you try the drive on USB2 in another computer? Regards, Andrei Sorry forgot to mention that, I have tried it on a couple of linux boxen with the same result. I have also tried a couple of cables aswell with the same result. Either the USB circuitry in the enclosure is faulty, or the drive is dying. That was one of my thoughts, although this is a new drive (less than 4 months old). Hopefully still under warranty... (except that I repartitioned and Linuxified it, ext3++ :p ) -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: USB External hdd issues
On Sunday 04 January 2009 12:48:40 Andrei Popescu wrote: On Sun,04.Jan.09, 10:22:15, Clifford W. Hansen wrote: [...] My problem is that when connected via USB2 (which the drive is supposed to be), the drive disconnects: [...] Could be hardware problems. Can you try the drive on USB2 in another computer? Regards, Andrei Sorry forgot to mention that, I have tried it on a couple of linux boxen with the same result. I have also tried a couple of cables aswell with the same result. -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: 64-bit Flash Player
On Wednesday 10 December 2008 09:38:57 Johann Spies wrote: On Tue, Dec 09, 2008 at 09:49:59PM -0500, Daryl Styrk wrote: I just did a fresh install.. So what I did was. mkdir ~/.mozilla/plugins and move the .so there. get rid of any other instances of a previous flash install. I did nothing else, didn't attempt to install anything else.. Works like a charm here. Strange. This did not work for me on an Ubuntu Hardy installation as well as on Debian Lenny. Although Firefox (about:plugins) would show that the flashplayer is active, it just did not work. Regards Johann I have this installed and working on a Lenny install. I added: deb http://www.debian-multimedia.org lenny main to /etc/apt/sources.list and then just apt-get install flashplayer-mozilla % apt-cache showpkg flashplayer-mozilla Package: flashplayer-mozilla Versions: 2:10.0.12.36-0.4 (/var/lib/apt/lists/www.debian- multimedia.org_dists_lenny_main_binary-amd64_Packages) (/var/lib/dpkg/status) Description Language: File: /var/lib/apt/lists/www.debian- multimedia.org_dists_lenny_main_binary-amd64_Packages MD5: bb9247096c537dda139929f0e5c61b84 Reverse Depends: Dependencies: 2:10.0.12.36-0.4 - libc6 (2 2.3.6-6) libfontconfig1 (2 2.4.0) libfreetype6 (2 2.2) libglib2.0-0 (2 2.12.0) libgtk2.0-0 (2 2.8.0) libx11-6 (0 (null)) libxext6 (0 (null)) iceweasel (16 (null)) www-browser (0 (null)) nspluginwrapper (0 (null)) ia32-libs-libcurl3 (0 (null)) ia32-libs-libnss3 (0 (null)) ia32-libs-gtk (0 (null)) gsfonts-x11 (0 (null)) flashplugin-nonfree (0 (null)) Provides: 2:10.0.12.36-0.4 - Reverse Provides: Hope this helps... Clifford. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Shorewall network/interfaces
On Wednesday 26 November 2008 02:54, Tom Allison wrote: Andrei Popescu wrote: On Tue,25.Nov.08, 06:04:52, Tom Allison wrote: I too am trying to set-up Shorewall as a firewall box. And I ran into some peculiar problems that are related to shorewall and not related to shorewall. right now I'm trying to get the firewall interfaces to come up on the same network. So eth0 and eth1 are both on 192.168.1.0/24 with eth1 being DHCP and eth0 being static (eth0 will be my LAN and eth1 will be my internet). Do they *need* to be on the same network? They don't need to be on the same network, but I only have one for now. I originally tried to set this up against the ISP and it could not identify any dhcp traffic and only rejected everything as being a martian. Seriously broken? I'll have to go back and RTFM. I too am running shorewall and only have two interfaces eth0 (lan) and eth1 (net/pppoe). My eth1 does not have an ip assigned: (I used pppoeconf to setup pppoe) interfaces # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.0.1 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 192.168.0.1 dns-search example.com auto dsl iface dsl inet ppp pre-up /sbin/ifconfig eth1 up # line maintained by pppoeconf provider dsl #auto eth1 #iface eth1 inet manual /interfaces My internet gets started automagically on boot and I get the following routes: route /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface xxx.xxx.xxx.xxx 0.0.0.0 255.255.255.255 UH0 00 ppp0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth0 0.0.0.0 0.0.0.0 0.0.0.0 U 0 00 ppp0 /route As you can see eth1 doesn't appear at all as there is no real network attached to it, just the modem. And then in /etc/shorewall/interfaces make sure that the ppp0 interface has the dhcp option. Hope this helps. -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) [EMAIL PROTECTED] (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments pgpQYQkFDxbbc.pgp Description: PGP signature
Re: /var/log growing rapidly
On Tuesday 18 November 2008 14:03:23 Paul Cartwright wrote: On Tue November 18 2008, Ron Johnson wrote: First, tail -f /var/log/messages to see exactly what all the new log entries are. That should point you towards the offender. I rebooted, and it stopped doing it. I went back into messages.0 , which was the LARGE file, and found lots, and lots, and lots of these lines: Nov 17 07:53:24 paulandcilla kernel: [68956.446825] Unknown InputIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=972 TOS=0x00 PREC=0x00 TTL=64 ID=1103 DF PROTO=UDP SPT=53543 DPT=53543 LEN=952 Nov 17 07:53:24 paulandcilla kernel: [68956.446825] Unknown OutputIN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=788 TOS=0x00 PREC=0x00 TTL=64 ID=1104 DF PROTO=UDP SPT=53543 DPT=53543 LEN=768 Nov 17 07:53:24 paulandcilla kernel: [68956.446825] Unknown InputIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=788 TOS=0x00 PREC=0x00 TTL=64 ID=1104 DF PROTO=UDP SPT=53543 DPT=53543 LEN=768 I did a CTRL-ALT-F9 earlier that day, thinking I was switching to my OTHER user logged in, and those lines were on the screen, instead of the gdm login screen. Then did a CTRL-ALT-F7 to get back to where I was, and was back to my logged in account. Looks like gdm didn't like me going to that screen without starting a new login session through the menus? -- Paul Cartwright Registered Linux user # 367800 Registered Ubuntu User #12459 I'm not sure what program caused those messages but they look like firewall log messages. Since it stopped when you rebooted I'd say there was a program trying to run and the firewall was stopping it from sending data and also logging the fact. Just looking at these messages, you should allow all traffic on the lo interface to the lo interface and disable logging. I don't know what you are using for your firewall scripts so I can't help till I know... -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) [EMAIL PROTECTED] (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: [OT] less spam
On Wednesday 19 November 2008 06:27:08 Celejar wrote: On Tue, 18 Nov 2008 23:06:36 -0500 Kamaraju S Kusumanchi [EMAIL PROTECTED] wrote: Hugo Vanwoerkom wrote: Hi, After the shutdown of that server I get less spam. Others have noted that too: http://www.washingtonpost.com/wp-dyn/content/article/2008/11/18/AR2008111 801120.html?hpid=topnews Hugo yep. A more graphical version of the result can be seen at http://forum.spamcop.net/forums/index.php?autocom=custompage=stats (look at the monthly averages). With projects like castlecops' SIRT/PIRT/MIRT, knujon, complainterator etc., spammers are having a very hard time this year! Good for us! Not to worry; the spamming botnet is coming back online: McColo, a network provider that was yanked offline following reports it enabled more than half the world's spam, briefly returned from the dead over the weekend so it could hand-off command and control channels to a new source, security researchers said. The rogue network provider regained connectivity for about 12 hours on Saturday by making use of a backup arrangement it had with Swedish internet service provider TeliaSonera. During that time, McColo was observed pushing as much as 15MB of data per second to servers located in Russia, according to Paul Ferguson, a security researcher for anti-virus software maker Trend Micro. The brief resurrection allowed miscreants who rely on McColo to update a portion of the massive botnets they use to push spam and malware. Researchers from FireEye saw PCs infected by the Rustock botnet being updated so they'd report to a new server located at abilena.podolsk-mo.ru for instructions. That means the sharp drop in spam levels reported immediately after McColo's demise isn't likely to last. From http://www.theregister.co.uk/2008/11/18/short_mccolo_resurrection/ (hat tip: http://it.slashdot.org/it/08/11/18/219204.shtml). Kamaraju S Kusumanchi Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator If only they could use all that energy and time for doing good instead, imagine how much better Debian/Linux would be if that energy was spent on bug fixes instead of sending spam... (2c) -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) [EMAIL PROTECTED] (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: what's the group and username of apache2 web server?
On Thursday 30 October 2008 12:55:47 Star Liu wrote: I use mono asp.net(a module of apache2) as the backend of my website, when I want to modify a file of the website, it says permission denied, so i give write permission to others so that asp.net program get tha permission to write into this file. I think it's not a good solution, I should find out the exact user or group of apache(should be the same of asp.net?), then give write permission to only this group and user. How to get the group and username of apache? thanks The user and group are www-data, and iirc the default permissions on /var/www do not reflect this, but it is safe to change them. For example I do the following: chown -R www-data:www-data /var/www chmod -R 660 /var/www find /var/www -type d -exec chmod 2770 {} \; Hope this helps... -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Mobile/SMS) +27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail/Jabber/GMail) [EMAIL PROTECTED] (GPG) 0x936D6C19 (Web) http://nighthawk.co.za/ We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Samba domain not found
I am trying to setup a Samba domain inside an Active Directory network. This is a separate domain and will be replacing the AD, the problem is that one of the machines connected to the AD cannot find the domain when told to use it. We can see this domain when we goto Network Places (Windows XP) but are unable to access it. We are really at a loss here, as I previously setup a test domain and it worked (this was a couple of months ago), this machine was then completly reinstalled and this new domain isn't working. I initially set up the domain in a VM (this was at home) and this worked. Has anyone had this issue before and solved it, I can't seem to convince Uncle Google to give me an answer. (I might be asking the wrong question) -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: Kerberos with LDAP backend / Replace active directory
On Tuesday 14 October 2008 21:51:31 Richard A Nelson wrote: On Tue, 14 Oct 2008, Clifford W. Hansen wrote: I take it I will need to get a Krb5 schema file for ldap? Yes, and iirc, one comes with Heimdal package (likely in /usr/share/doc) if you can't find one, let me know Found one thanx, also found a doc (in portugese which I don't speak or read but managed to copy and paste). So I now have it all working from a Linux point of view. Yea I'm not actually sure why we need kerberos, but my boss seems to think we do... It is a prety nice environment, Single Sign On, dual-trust, etc... It, unfortunately, failed to learn from AFS in that you can only be in one Kerberos realm at a time (I routinely am in at least three AFS realms) I normally use ssh keys and havn't needed anything better/else. Actually I had previously looked at these doc, (and forgot about them) *thanx* Now the only problem is that I don't get a kerberos ticket when logging in to the samba domain from windows... No you wont... Samba 4 is a NT4 PDC/BDC - no Kerberos :( Note that even current stock Samba does support Kerberos auth from Linux! You'll either need Samba 4 (in experimental, iirc), or (shudder) delegate authentication to a real Windows PDC Guess I'm going to have to give SMB4 a go (yes in experimental, shudder), I didn't hear that last part :p -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: Kerberos with LDAP backend / Replace active directory
On Saturday 11 October 2008 16:30:21 Damon L. Chesser wrote: On Fri, 2008-10-10 at 22:10 +0200, Clifford W. Hansen wrote: I'm looking to setup Kerberos with an LDAP backend, I have found a couple of howtos and nothing seems to be complete. Has anybody set this up before and have documentation on how to replicate it. Basically what I am doing is trying to replace our Active Directory, with a samba domai Well, this link has a real good howto on the ldap part and another one on kerberos on ldap: http://techpubs.spinlocksolutions.com/dklar/ldap.html http://techpubs.spinlocksolutions.com/dklar/kerberos.html Not sure if that answers your question, but it is a start on getting an LDAP server up and running with kerberos authentication. Then you can work on the SAMBA part and plug in LDAP. HTH Actually I had previously looked at these doc, (and forgot about them) *thanx* Now the only problem is that I don't get a kerberos ticket when logging in to the samba domain from windows... -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: Kerberos with LDAP backend / Replace active directory
On Friday 10 October 2008 23:03:38 Richard A Nelson wrote: On Fri, 10 Oct 2008, Clifford W. Hansen wrote: Has anybody set this up before and have documentation on how to replicate it. I had an existing LDAP setup for Linux/AIX/Samba - and it was trivial to get Heimdal-kdc up and running using the existing LDAP database, just had to add the requisite Krb5Principal entries to LDAP Basically what I am doing is trying to replace our Active Directory, with a samba domain. I didn't need anything beyond a NT4 domain - so the combination worked fine for me... If you rely on anything beyond NT4 domain, you'll need samba4 (in experimental) I take it I will need to get a Krb5 schema file for ldap? Yea I'm not actually sure why we need kerberos, but my boss seems to think we do... -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Kerberos with LDAP backend / Replace active directory
I'm looking to setup Kerberos with an LDAP backend, I have found a couple of howtos and nothing seems to be complete. Has anybody set this up before and have documentation on how to replicate it. Basically what I am doing is trying to replace our Active Directory, with a samba domain. -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: external USB harddrive not recognized when present at boot
On Thursday 25 September 2008 09:34:28 Lubos Vrbka wrote: hi guys, i am encountering an interesting (and annoying) problem. when the external USB harddrive is plugged in during boot (i have dell d430 with d/port port replicator - the drive is connected to one of the usb ports on the d/port), i can hear it spinning in the very beginning, but then it powers down and won't get recognized. it's neither shown in /dev/disk/by-uuid nor do the udev rules apply to create the node in /dev. apparently, it has something to do with this error showing up approx. 4 seconds after the boot start, at the time when the drive spins. usb 5-8.3: new full speed USB device using ehci_hcd and address 5 usb 5-8.3: device descriptor read/64, error -32 usb 5-8.3: device descriptor read/64, error -32 usb 5-8.3: new full speed USB device using ehci_hcd and address 6 usb 5-8.3: device descriptor read/64, error -32 usb 5-8.3: device descriptor read/64, error -32 usb 5-8.3: new full speed USB device using ehci_hcd and address 7 usb 5-8.3: device not accepting address 7, error -32 usb 5-8.3: new full speed USB device using ehci_hcd and address 8 usb 5-8.3: device not accepting address 8, error -32 since after unplugging and plugging again, the harddrive is recognized, udev plays its part and i am getting the respective device nodes in /dev. usb 5-8.3: new high speed USB device using ehci_hcd and address 10 usb 5-8.3: configuration #1 chosen from 1 choice scsi1 : SCSI emulation for USB Mass Storage devices usb 5-8.3: New USB device found, idVendor=04fc, idProduct=0c15 usb 5-8.3: New USB device strings: Mfr=2, Product=3, SerialNumber=1 usb 5-8.3: Product: USB to Serial-ATA bridge usb 5-8.3: Manufacturer: Sunplus Technology Inc. usb 5-8.3: SerialNumber: SAMSUNG HDS0MUJ2KP933468 usb-storage: device found at 10 usb-storage: waiting for device to settle before scanning usb-storage: device scan complete scsi 1:0:0:0: Direct-Access SAMSUNG HD501LJ PQ: 0 ANSI: 2 scsi 1:0:0:0: Attached scsi generic sg1 type 0 Driver 'sd' needs updating - please use bus_type methods sd 1:0:0:0: [sda] 976773168 512-byte hardware sectors (500108 MB) sd 1:0:0:0: [sda] Write Protect is off sd 1:0:0:0: [sda] Mode Sense: 38 00 00 00 sd 1:0:0:0: [sda] Assuming drive cache: write through sd 1:0:0:0: [sda] 976773168 512-byte hardware sectors (500108 MB) sd 1:0:0:0: [sda] Write Protect is off sd 1:0:0:0: [sda] Mode Sense: 38 00 00 00 sd 1:0:0:0: [sda] Assuming drive cache: write through sda: sda1 sd 1:0:0:0: [sda] Attached SCSI disk this is on lenny/amd64 with up-to-date installation. on my previous laptop with etch, even when the drive was present on boot, it would be recognized and taken care of by udev, iirc (it would spin immediatelly on boot start and then once more during the boot procedure). does anybody have any hint as how to proceed from here? thanks, lubos -- Lubos [EMAIL PROTECTED] http://www.lubos.vrbka.net Lubos, My first thought would be to try without the D/Port, as in connect the drive to one of the machines USB ports and see if that works... I have never used a D/Port, so I'm shooting in the dark as it were :) but I do remember someone once before had an issue with devices on a D/Port... PS. maybe also try the debian-laptop list HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: NFS or Samba (windows client)
On Tuesday 16 September 2008 21:52:39 Andrei Popescu wrote: On Tue,16.Sep.08, 10:29:31, Clifford W. Hansen wrote: I would prefer not to install samba just for one machine, but if I have to so be it (although I might have to do so in any event to share the printer). I can only tell you that as far as I know you Windows can access a cups printer directly using the IPP protocol. Regards, Andrei Thank for the hint... And yes you can although you need to specify the printer path using the web url to the printer. (just installed the printers and they working.) -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: NFS or Samba (windows client)
On Tuesday 16 September 2008 23:29:39 Paulo Silva wrote: You could try using some NFS implementation on your Windows (I think SFU[1] has a nfs client but there should be others) but imo samba is not hard to setup and will give you less trouble. [1] http://technet.microsoft.com/en-us/interopmigration/bb380242.aspx Ter, 2008-09-16 às 10:29 +0200, Clifford W. Hansen escreveu: Greetings list, At home I have a couple of Debian boxen, and am using NFS on the nas (pc with a usb hdd) to share file between these systems. The main problem is that my fiance's pc still has windows on it (it is dual boot, she doen't know it yet *eg*), and she needs access to some of these shares. I would prefer not to install samba just for one machine, but if I have to so be it (although I might have to do so in any event to share the printer). I would also like to mount these shares similar to how I do so on my Linux boxen, eg. c:\My Documents - nfs://nfsserver/mydocuments (afaik this is not possible) The ultimate solution would be to remove windows, but this is a work in progress... ;) -- Paulo Silva [EMAIL PROTECTED] Thank you for the link, still busy downloading, but will post results. I know samba is easy to setup (except if you trying to make a domain controller), I would just like to have as little installed as possible on my nas As for less trouble, well I'll find out once it's finished downloading... /me curses south african internet speed or the lack thereof... :/ -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: init.d startup script does not exit
On Sunday 14 September 2008 08:35:13 rex wrote: Hello, I have a script that launches a program. If I launch this program manually, it keeps on running in the shell. It is a webserver, so I need it running all the time. However, if I exit the shell, it kills the webserver. I tried putting links to it in the rc0.d, rc1.d etc to make it start during startup, but it keeps on going during startup and never starts the other services. here is my script in /etc/init.d/coldfusion #!/bin/sh -e sAppName=ColdFusion 8 sUser=cfuser COLDFUSION_HOME=/opt/jrun4 case $1 in start) echo Starting ${sAppName} as user $sUser... su ${sUser} -c $COLDFUSION_HOME/bin/jrun -start instance01 exit 0 ;; stop) echo Stopping ${sAppName}... su ${sUser} -c $COLDFUSION_HOME/bin/jrun -stop instance01 ;; restart) echo Restarting ${sAppName}... su ${sUser} -c $COLDFUSION_HOME/bin/jrun -restart instance01 ;; status) su ${sUser} -c $COLDFUSION_HOME/bin/jrun -status instance01 ;; *) echo usage: /etc/init.d/coldfusion {stop|start|restart|status} exit 1 esac exit 0 ## EOF When I run #/etc/init.d/coldfusion start, it displays the startup messages, until it hits: 09/13 23:31:40 info Deploying EJB JRunSQLInvoker from: file:/opt/jrun4/lib/jrun-comp.ear Server instance01 ready (startup time: 23 seconds) and then the program/cursor is just there, waiting... forever... It does not exit. If this was in the startup, I would never get to the user login. And, if I press Ctrl-C, then the program terminates, but then webserver is dead. Any suggestions please? Thanks! - Rex Rex, I'm not sure if there is a better way to do this, but you could try adding a at the end of the start line: su ${sUser} -c $COLDFUSION_HOME/bin/jrun -start instance01 HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: init.d startup script does not exit
On Sunday 14 September 2008 09:12:35 rex wrote: Thank you! It worked! So, what does that mean? - Rex Clifford W. Hansen wrote: On Sunday 14 September 2008 08:35:13 rex wrote: Hello, I have a script that launches a program. If I launch this program manually, it keeps on running in the shell. It is a webserver, so I need it running all the time. However, if I exit the shell, it kills the webserver. I tried putting links to it in the rc0.d, rc1.d etc to make it start during startup, but it keeps on going during startup and never starts the other services. here is my script in /etc/init.d/coldfusion #!/bin/sh -e sAppName=ColdFusion 8 sUser=cfuser COLDFUSION_HOME=/opt/jrun4 case $1 in start) echo Starting ${sAppName} as user $sUser... su ${sUser} -c $COLDFUSION_HOME/bin/jrun -start instance01 exit 0 ;; stop) echo Stopping ${sAppName}... su ${sUser} -c $COLDFUSION_HOME/bin/jrun -stop instance01 ;; restart) echo Restarting ${sAppName}... su ${sUser} -c $COLDFUSION_HOME/bin/jrun -restart instance01 ;; status) su ${sUser} -c $COLDFUSION_HOME/bin/jrun -status instance01 ;; *) echo usage: /etc/init.d/coldfusion {stop|start|restart|status} exit 1 esac exit 0 ## EOF When I run #/etc/init.d/coldfusion start, it displays the startup messages, until it hits: 09/13 23:31:40 info Deploying EJB JRunSQLInvoker from: file:/opt/jrun4/lib/jrun-comp.ear Server instance01 ready (startup time: 23 seconds) and then the program/cursor is just there, waiting... forever... It does not exit. If this was in the startup, I would never get to the user login. And, if I press Ctrl-C, then the program terminates, but then webserver is dead. Any suggestions please? Thanks! - Rex Rex, I'm not sure if there is a better way to do this, but you could try adding a at the end of the start line: su ${sUser} -c $COLDFUSION_HOME/bin/jrun -start instance01 HTH It's used to background a process see: http://www.google.co.za/search?q=linux+job+controlie=utf-8oe=utf-8aq=trls=org.mozilla:en-US:officialclient=firefox-a http://linuxreviews.org/beginner/jobs/ But I agree with Tzafrir, use the start-stop-daemon program. If anything it sounds better than backgrounding a process. And thank you Gabriel I belive you are correct the should be before the and not after it... ;) HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: problems with pear using debian and php5
On Sunday 14 September 2008 15:16:03 crana2 wrote: yes, i purged yesterdy and did again now. No effect. btw, pear list gives the following Installed packages, channel pear.php.net: = PackageVersion State Archive_Tar1.3.1 stable Console_Getopt 1.2 stable PEAR 1.4.11 stable -- View this message in context: http://www.nabble.com/problems-with-pear-using-debian-and-php5-tp19476174p1 9480247.html Sent from the Debian User mailing list archive at Nabble.com. After installing PEAR it is a good idea to do a: $ pear upgrade-all This will bring it up to the latest (stable) versions of the PEAR packages. And yes, the pear packages are stored in /usr/share/php. HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: MRT HOW TO?
On Monday 08 September 2008 06:53:24 GI_Mike - Herman von Mandel wrote: Greetings to the list! Does anybody have access to a good MRT (Multi-Threaded Routing Toolkit) HOW TO? I have searched the web and the debian.org pages (as well as merit.edu - apparently the original maintainer) but I can't find a HOW TO or man/info page anywhere. Thanks! This has from what I've read and started looking at been replaced by rrdtool. (if I am wrong please correct me). This will probably help with finding a good tutorial. I'm still trying to wade through a couple, but mainly: apt-get install rrdtool man rrdtool I think that will help the most for now... HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: MRT HOW TO?
On Wednesday 10 September 2008 11:44:21 Tammo Schuelke wrote: I think you're confusing MRT (Multi-Threaded Routing Toolkit) and MRTG (Multi-Router Traffic Grapher). -Original Message- From: Clifford W. Hansen [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2008 11:35 AM To: debian-user@lists.debian.org Cc: [EMAIL PROTECTED] Subject: Re: MRT HOW TO? On Monday 08 September 2008 06:53:24 GI_Mike - Herman von Mandel wrote: Greetings to the list! Does anybody have access to a good MRT (Multi-Threaded Routing Toolkit) HOW TO? I have searched the web and the debian.org pages (as well as merit.edu - apparently the original maintainer) but I can't find a HOW TO or man/info page anywhere. Thanks! This has from what I've read and started looking at been replaced by rrdtool. (if I am wrong please correct me). This will probably help with finding a good tutorial. I'm still trying to wade through a couple, but mainly: apt-get install rrdtool man rrdtool I think that will help the most for now... HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments yes sorry... that is defiantly my bad I blame the men in white coats... ;) -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: MySQL goes away?
On Saturday 30 August 2008 12:26:06 Rico Secada wrote: Hi, I keep getting this from Amavis about MySQL: **Unmatched Entries** NOTICE: reconnecting in response to: err=2006, S1000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 40) line 153, GEN27 line 3.: 2 Time(s) NOTICE: reconnecting in response to: err=2006, S1000, DBD::mysql::st execute failed: MySQL server has gone away at (eval 40) line 153, GEN32 line 3.: 2 Time(s) Does anyone know what exactly this means? Best regards. Have a look at the following: http://dev.mysql.com/doc/refman/5.0/en/gone-away.html I have had this issue in the past, although I can't remember what /i did to fix it. You could check the following: - firewall rules - restart mysql and see if it still happens - check how many connections you have: - sudo netstat -tapn | grep mysql - mysqladmin processlist You might have too many clients connected but iirc that would be a different error... HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: network interfaces not persistent on nslu2/arm
On Tuesday 26 August 2008 21:18:25 Rainer Dorsch wrote: Hello, I have an usb ethernet adapter in my nslu2. I wanted to keep the network interfaces persistent with udev: nslu2:~# cat /etc/udev/rules.d/z25_persistent-net.rules # This file was automatically generated by the /lib/udev/write_net_rules # program, probably run by the persistent-net-generator.rules rules file. # # You can modify it, as long as you keep each rule on a single line. # Unknown net device (/class/net/eth0) (ixp400_eth) SUBSYSTEM==net, DRIVERS==?*, ATTRS{address}==00:18:39:28:f2:a9, NAME=eth0 # USB device 050d:0121 (pegasus) SUBSYSTEM==net, DRIVERS==?*, ATTRS{address}==00:05:1b:00:5a:39, NAME=eth1 This does not work for me: nslu2:~# zgrep Belkin /var/log/syslog.1.gz Aug 25 23:45:49 nslu2 kernel: pegasus 1-1:1.0: eth0, Belkin F5D5050 USB Ethernet, 00:05:1b:00:5a:39 Aug 25 23:57:05 nslu2 kernel: pegasus 1-1:1.0: eth0, Belkin F5D5050 USB Ethernet, 00:05:1b:00:5a:39 nslu2:~# grep Belkin /var/log/syslog Aug 26 18:57:28 nslu2 kernel: pegasus 1-1:1.0: eth1, Belkin F5D5050 USB Ethernet, 00:05:1b:00:5a:39 Aug 26 20:06:34 nslu2 kernel: pegasus 1-1:1.0: eth1, Belkin F5D5050 USB Ethernet, 00:05:1b:00:5a:39 nslu2:~# Actually it worked for a long time reliably, but since the last kernel upgrade to nslu2:~# uname -a Linux nslu2 2.6.18-6-ixp4xx #1 Tue Aug 19 20:03:53 UTC 2008 armv5tel GNU/Linux nslu2:~# dpkg -s linux-image-2.6.18-6-ixp4xx Package: linux-image-2.6.18-6-ixp4xx Status: install ok installed Priority: optional Section: admin Installed-Size: 25028 Maintainer: Debian Kernel Team [EMAIL PROTECTED] Architecture: arm Source: linux-2.6 Version: 2.6.18.dfsg.1-22etch2 Provides: linux-image, linux-image-2.6, linux-modules-2.6.18-6-ixp4xx Depends: module-init-tools (= 0.9.13), coreutils (= 5.96), initramfs-tools (= 0.55) | yaird (= 0.0.12-8) | linux-initramfs-tool Pre-Depends: debconf (= 0.2.17) | debconf-2.0 Suggests: linux-doc-2.6.18, fdutils Conflicts: initramfs-tools ( 0.55), yaird ( 0.0.12-8) Description: Linux 2.6.18 image on IXP4xx This package provides the binary image and pre-built loadable modules for Linux kernel 2.6.18 on IXP4xx based (Linksys NSLU2, etc) machines. nslu2:~# I see the interfaces changing. Does anybody have an idea what could go wrong here? Thanks, Rainer -- Rainer Dorsch Lärchenstr. 6 D-72135 Dettenhausen 07157-734133 email: [EMAIL PROTECTED] jabber: [EMAIL PROTECTED] GPG Fingerprint: 5966 C54C 2B3C 42CC 1F4F 8F59 E3A8 C538 7519 141E Full GPG key: http://pgp.mit.edu/ What do you mean by I see the interface changing. does it change with every reboot? or is it now called eth1 where it used to be eth0. If it's just that it got renamed, then I'd remove the first interface in /etc/udev/rules.d/z25_persistent-net.rules and change the second one from eth1 to eth0 HTH -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Copied debian etch system assigns eth2 to only Ethernet adapter
On Monday 25 August 2008 17:19:00 roy hills wrote: I have a Debian Etch system running on VMware workstation 6. The system has been copied from another system using dump/restore in single user mode followed by re-installing grub in the MBR. The system boots and runs fine. The only oddity is that it assigns the name eth2 to the only Ethernet adapter, rather than eth0 as expected. Stranger still, the kernel reports the Ethernet adapter as eth0 at boot time. Here's what the kernel reports at boot: Linux version 2.6.18-6-686 (Debian 2.6.18.dfsg.1-22) ([EMAIL PROTECTED]) (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)) #1 SMP Tue Jun 17 21:31:27 UTC 2008 ... ACPI: PCI Interrupt :02:00.0[A] - GSI 18 (level, low) - IRQ 169 pcnet32: PCnet/PCI II 79C970A at 0x2000, 00 0c 29 f8 0b e4 assigned IRQ 169. eth0: registered as PCnet/PCI II 79C970A pcnet32: 1 cards_found. ... But ifconfig shows it as eth2: $ /sbin/ifconfig -a eth2 Link encap:Ethernet HWaddr 00:0C:29:F8:0B:E4 inet addr:192.168.1.62 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fef8:be4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:858 errors:0 dropped:0 overruns:0 frame:0 TX packets:709 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:70875 (69.2 KiB) TX bytes:97361 (95.0 KiB) Interrupt:169 Base address:0x2000 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:8 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:560 (560.0 b) TX bytes:560 (560.0 b) sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) The eth2 Ethernet device works fine if I add it to /etc/network/interfaces. I'm running the standard Debian Etch kernel and modules. Any ideas why the adapter is showing up as eth2? Roy _ Win New York holidays with Kellogg’s Live Search http://clk.atdmt.com/UKM/go/107571440/direct/01/ Roy, I believe it's doing this because the network card has a different mac address to the previous machine (albeit virtual) Have a look in the following file: % cat /etc/udev/rules.d/z25_persistent-net.rules You should see lines like the following: # PCI device 0x14e4:0x1677 (tg3) SUBSYSTEM==net, DRIVERS==?*, ATTRS{address}==xx:xx:xx:xx:xx:xx, NAME=ethx where xx:xx:xx:xx:xx:xx is the mac address and ethx is the device name just delete all ethx lines and then on reboot eth0 should be eth0 again... HTH PS. I had a similar issue recently also with VMWare and this solved it ;) -- Thank you, Clifford W. Hansen PHP Developer / Linux Administrator (Cell)+27 82 883 8677 (Fax) +27 86 503 0634 (E-Mail) [EMAIL PROTECTED] (MSN) [EMAIL PROTECTED] (GPG) 0x936D6C19 We have seen strange things today! () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments signature.asc Description: This is a digitally signed message part.
Re: Redirect hostname to internal box
Jacob S wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 03 Feb 2006 12:24:27 +0200 Clifford W. Hansen [EMAIL PROTECTED] wrote: Greetings, Firstly I'm not sure if this is the right place but here goes: I'm using Debian 3.1. I have dyndns with wildcards enabled, and I'd like to have traffic to a specific hostname directed to my internal webserver. e.g. phpsysinfo.example.com - firewall intbox.example.com - internal box Due to it being dynamic dns (dyndns.org) and I only have one ipaddress, I can't seem to get it to work with out doing apache redirecting to a different port I believe Apache's mod_proxy would do this. But make sure you read the appropriate documentation and set it up carefully, so that you're not turning Apache into an open proxy. HTH, Jacob -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD41p1kpJ43hY3cTURArMoAJ4rdmAKTF5Jyjw+sG1vidvu8SE3VACgr+W3 lvv05slYjQ9fcKVQxqG+8Ng= =jgyi -END PGP SIGNATURE- mod_proxy is working like a dream... thanx... And yes like you said, set it up carefully -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: OT: Re: Firewalling: best approach?
Greetz, Firstly I'm only top posting to keep with the flow... secondly, I agree with Mark, I've used shorewall and found it really easy to use especially when you are lazy++ like me... After installing shorewall apt-get install shorewall shorewall-docs you will need to set: Firewall:~# vi /etc/default/shorewall Now simply change startup = 0 to startup = 1 save, and exit. Shorewall configuration files are stored in two separate places: /etc/shorewall stores all the program configuration files. /usr/share/shorewall stores supporting files and action files. On the Debian package version of shorewall, /etc/shorewall is rather empty. Luckily, we're provided with default configuration files in /usr/share/doc/shorewall/default-config Since we will need to use these config files to actually make Shorewall work, the first thing to do is to copy them over to /etc/shorewall: Firewall:~# cp /usr/share/doc/shorewall/default-config/* /etc/shorewall/ Now our /etc/shorewall directory should have default copies of all the config files. Next we modify a few of them to get our firewall in basic working order. I'm only going to cover the basic configurations necessary to get the firewall working. Please read the documentation in each config file you edit so you can fully understand what each step is really doing! Taken from: http://www.cyberdogtech.com/firewalls/firewall/ Take a look at that website it has a couple of nice tips... also read the conf files, that should help alot aswell :) Good luck M. Maas wrote: Hi, Listen I don't want to be an ass... No really.. I don't! But would the use shorewall not make it easier? Or even the IPcop distribution? Seriously, I'd like to know the reasoning behind choosing the manual route instead of a easier automated one. Thanks, Mark Bradley Alexander wrote: I am trying to configure a firewall, but nailing down the configuration is eluding me. The box is running Debian stable. I have tried with iproute2 (I'm including a description below), but not gotten the intended effect. I have tried the lartc list, to no avail. A friend of mine suggested setting up a virtual server for one set of interfaces and running the other set on the native machine. Which is the best approach to this? Muddling through the iproute2 configuration, or the virtual server route? If virtual server, which would be the best one? Qemu? Xen? VMware player or server (Free as in beer, but not is in speech)? Basically, I have a rackmount server with six network interfaces (2 onboard and a quad card). eth0 is the internal network, eth1 is a kiosk network, eth2 is a DMZ/wireless network. On the outbound side, eth3 is a DSL connection and eth4 is a cablemodem connection. What I am trying to do is route all internal traffic out the DSL connection (eth0 to eth3), and the two dmzs, kiosk and wireless out the cable connection (eth1 and eth2 to eth4). Thus far as I have been unable to get this to work. For the sake of the discussion, the internal network is 10.1.1.0/24, the kiosk is 172.16.1.0/24 and the dmz/wireless is 192.168.1.0/24. The dsl line is 1.2.3.4 and the cable line is 9.8.7.6. I added the following to rt_tables: 1 internal 2 kiosk 3 dmz then created a script ip rule add from 10.1.1.0/24 table internal ip route add default via 1.2.3.4 dev eth3 table internal ip rule add from 172.16.1.0/24 table kiosk ip route add default via 9.8.7.6 dev eth4 table kiosk ip rule add from 192.168.1.0/24 table dmz ip route add default via 9.8.7.6 dev eth4 table dmz When I run this script, it does not do what I expect, especially after running the firewall rules atop it. I thought I had it nailed, but it wasn't working as expected, and I really couldn't test very well. I'm hoping some kind soul on this list might have a few minutes for an email exchange to help me get this sorted out. If so, please email me off-list. I'm sure its probably something that I overlooked, but I'm at a loss as to what. Regards, --b -- *Clifford W. Hansen* Web Developer / Linux Administrator *NiGhTHawK Productions* *E*: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] *M*: +27 82 883 8677 This email and all contents are subject to the following disclaimer: Unauthorised use of characters, images, sounds, odors, severed limbs, noodles, wierd dreams, strange looking fruit, oxygen, and certain parts of Jupiter are strictly forbidden. If I find you violating, or molesting my property in any way, I will employ a pair of burly convicts to find you, kidnap you, and perform god-awful sexual experiments on you until you lose the ability to sound out vowels. I don't know why you are still reading this, but by doing so you have proven that you have far too much time on your hands, and you should go plant a tree, or read a book or something
Redirect hostname to internal box
Greetings, Firstly I'm not sure if this is the right place but here goes: I'm using Debian 3.1. I have dyndns with wildcards enabled, and I'd like to have traffic to a specific hostname directed to my internal webserver. e.g. phpsysinfo.example.com - firewall intbox.example.com - internal box Due to it being dynamic dns (dyndns.org) and I only have one ipaddress, I can't seem to get it to work with out doing apache redirecting to a different port I hope this makes sence and I hope you can help. Thanx... Clifford. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]