Re: NIS Problems
Hendrika, Not sure what you might have already tried but one place to check is 3 files in the /etc/ directory: yp.conf, yp.serv.conf and ypserv.securenets. Your server will need to allow access from the client box, and know what maps to serve. The client box will need to know the hostname or IP address if it is not on the same network using broadcast mode. Check the logs to see what errors there may be. There's docs for all of this in the package. BTW, try configuring your email program so send text only messages and not text with html. Will make your posts much easier to read in a text only mail program. Hope this is helpful. On Mon, 1 Nov 2004, Hendrika Joubert wrote: This is a multi-part message in MIME format. --=_NextPart_000_007B_01C4C008.7C1DB6D0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Hi there, I am running two debian servers and are having problems with nis = updating to my mail server. The one server is running all my data and = logins, etc and the other one is running my mail. I found that when i = created a user on my data server is wasn't updated to my mail server. = The data server is running debian 2.4.26 and the mail 2.4.18-bf2.4. Is = there something really simple that i am missing or can try. If anyone = has any suggestions please let met know. I am running out of ideas and i = am not good at things this big. I just handle the basics and i did not = set up nis originally.=20 Thanks=20 --=_NextPart_000_007B_01C4C008.7C1DB6D0 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=3DContent-Type content=3Dtext/html; = charset=3Diso-8859-1 META content=3DMSHTML 6.00.2800.1106 name=3DGENERATOR STYLE/STYLE /HEAD BODY bgColor=3D#ff DIVFONT face=3DArial size=3D2Hi there,/FONT/DIV DIVFONT face=3DArial size=3D2I am running two debian servers and are = having=20 problems with nis updating to my mail server. The one server is running = all my=20 data and logins, etc and the other one is running my mail. I found that = when i=20 created a user on my data server is wasn't updated to my mail server. = The data=20 server is running debian 2.4.26 and the mail 2.4.18-bf2.4. Is there = something=20 really simple that i am missing or can try. If anyone has any = suggestions please=20 let met know. I am running out of ideas and i am not good at things this = big. I=20 just handle the basics and i did not set up nis originally. = /FONT/DIV DIVFONT face=3DArial size=3D2/FONTnbsp;/DIV DIVFONT face=3DArial size=3D2Thanks /FONT/DIV DIVnbsp;/DIV/BODY/HTML --=_NextPart_000_007B_01C4C008.7C1DB6D0-- Ernest Johanson Systems Administrator Fuller Theological Seminary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: nfs-kernel-server and firewalls
Right. It can go in /etc/init.d or in /etc/network/interfaces. Probably better in interfaces so the rules are applied as soon as the interfaces are up. On Sat, 3 Jul 2004, Tom Allison wrote: Ernest Johanson wrote: Good refinement to tighten things up. Thanks. I thought it would be necessary to re-run rpcinfo each time I booted because I can't find anything that says these ports are a certainty. That, and I only have NFS 3 support that I have to worry about. # NFS # First you open up the RPC port iptables -A INPUT -i $IFACE -p udp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport sunrpc -m state --state NEW \ -j ACCEPT iptables -A INPUT -i $IFACE -p tcp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport sunrpc -m state --state NEW \ -j ACCEPT # Since rpc is so varied and large in it's ports I thought # It easiest to just capture them all there and scroll throue # the list. One for TCP, one for UDP TCP=`rpcinfo -p | grep 3 tcp | awk '{print $4}' | sort | uniq` for P in $TCP; do iptables -A INPUT -i $IFACE -p tcp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport $P -m state --state NEW \ -j ACCEPT done UDP=`rpcinfo -p | grep 3 udp | awk '{print $4}' | sort | uniq` for P in $UDP; do iptables -A INPUT -i $IFACE -p udp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport $P -m state --state NEW \ -j ACCEPT done Ernest Johanson Systems Administrator Fuller Theological Seminary Ernest Johanson Systems Administrator Fuller Theological Seminary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: nfs-kernel-server and firewalls
Been following this thread and understand that the goal is to configure a firewall to control access to the ports used for NFS. If so, then suggest the following: #!/bin/sh NFSPORTS=`rpcinfo -p | awk '/tcp/||/udp/ {print $4}' | sort | uniq` for PORT_NUM in $NFSPORTS do iptables -A INPUT -j target -s srcip -p tcp|udp --dport $PORT_NUM ... done Hope this is helpful. On Fri, 2 Jul 2004, Tom Allison wrote: Tadeusz Bak wrote: On Thu, 1 Jul 2004, Tom Allison wrote: Portmapper sits on one port, but it's redirecting the nfs connection all over the place. I can't seem to nail it down to one set of ports. The rpc services called by portmaper can be binded to specific ports, see man pages for details. To find out what services are registered run: rpcinfo -p Greetings, Tad I have one connection working, always did. The working machine is on 192.168.1.0/24, the non-working machine is on 192.168.0.0/24 (DMZ) /etc/exports: /var/www192.168.1.0/24(rw,no_root_squash) These are identical on both machines /etc/hosts.allow is identical on both machines (empty) I've opened up port 111 (sunrpc) for both udp and tcp protocols and restarted both the port mapper and the nfs-kernel-server. Now I get iptables blocking on port 989/udp-989/udp (ftps-data) which doesn't make any sense. Next time I try to mount I get 995-989 and it keeps changing with each trial of 'mount -t nfs cling:/var/www/ /cling/' (cling is the machine name, DNS works great!). I'm not really sure what's roaming on the IP addresses, but I kind of can't use that under a firewalled device. Ernest Johanson Systems Administrator Fuller Theological Seminary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: nfs-kernel-server and firewalls
Good refinement to tighten things up. On Fri, 2 Jul 2004, Tom Allison wrote: Ernest Johanson wrote: Been following this thread and understand that the goal is to configure a firewall to control access to the ports used for NFS. If so, then suggest the following: #!/bin/sh NFSPORTS=`rpcinfo -p | awk '/tcp/||/udp/ {print $4}' | sort | uniq` for PORT_NUM in $NFSPORTS do iptables -A INPUT -j target -s srcip -p tcp|udp --dport $PORT_NUM ... done # NFS # First you open up the RPC port iptables -A INPUT -i $IFACE -p udp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport sunrpc -m state --state NEW \ -j ACCEPT iptables -A INPUT -i $IFACE -p tcp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport sunrpc -m state --state NEW \ -j ACCEPT # Since rpc is so varied and large in it's ports I thought # It easiest to just capture them all there and scroll throue # the list. One for TCP, one for UDP TCP=`rpcinfo -p | grep 3 tcp | awk '{print $4}' | sort | uniq` for P in $TCP; do iptables -A INPUT -i $IFACE -p tcp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport $P -m state --state NEW \ -j ACCEPT done UDP=`rpcinfo -p | grep 3 udp | awk '{print $4}' | sort | uniq` for P in $UDP; do iptables -A INPUT -i $IFACE -p udp -s $LAN --sport $LO_PORTS \ -d $IF_ADDRESS --dport $P -m state --state NEW \ -j ACCEPT done Ernest Johanson Systems Administrator Fuller Theological Seminary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Change password from shellscript
chpasswd will do exactly what you want. Ernest Johanson Systems Administrator Fuller Theological Seminary On Tue, 16 Dec 2003, James Williamson wrote: Date: Tue, 16 Dec 2003 07:10:13 + From: James Williamson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Change password from shellscript On Monday 15 Dec 2003 7:04 pm, Peter wrote: Howdie, I want to make a shellscript with the ability to change a userspassword. I can't get it to work properly because when i say passwd user i will have to enter the password is there a way or a switch todo this in a style like passwd user password My version of passwd has a --stdin switch which'll read the=20 password from STDIN, i.e. echo $password | passwd --stdin $username If your's doesn't you may want to take a look at expect. James Thankz, Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Screenshots in Linux?
Take a look at the scrot package. Runs from the command line and will caputre the whole screen or a window you choose. Ernest Johanson Systems Administrator Fuller Theological Seminary On Wed, 19 Nov 2003, Joseph Jones wrote: Date: Wed, 19 Nov 2003 00:42:20 + From: Joseph Jones [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Screenshots in Linux? How do you take a screenshot in Linux? Preferably from the terminal and of the whole screen. Joe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: update-rc.d
One suggestion here might be to put an exit statement on a line by itself near the beginning of the script, before anything is executed. This will prevent the script from running even though the rc.d links are in place. When you update the package, the install script should detect that the init script was modified and ask you if you want to keep your current version of the script or use the new one. That way you don't have to reconfigure the links. Hope this is helpful Ernest Johanson Systems Administrator Fuller Theological Seminary On Wed, 12 Nov 2003, Miguel Alvarez Blanco wrote: Date: Wed, 12 Nov 2003 12:42:57 +0100 From: Miguel Alvarez Blanco [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: update-rc.d Hi, I do not really know if this is a bug or a feature, so I am not sending it as a bug report. The problem is fairly general, it has happened several times to me, although the last one was because of the ipmasq package. I had the package installed in my system while I was using it to provide net access to another machine while on a single-IP net connection, but I no longer used it, so I just used update-rc.d to remove the links in rcS.d and avoid it running at startup. I did not want to erase it, since the machine is a laptop and I may need it again sometime (I prefer not to remove packages, because I may need them in a circumstance in which I do not have net access). However, it seems that there was some update in the woody package (maybe security related) in the last months, and so I automatically upgraded it. The update re-installed the scripts in rcS.d, but since I did not shut down the machine for some time, I did not notice it. Yesterday, I had to boot windoze to use the parallel port scanner (pity it does not work with sane or vmware), and after reboot I had no net connection. Now, it took me some time to realize that evverything was right in the net scripts, until I went to look with iptables, and notice that the ipmasq script was there again. Sure, it took me less than five minutes to remove the script again and put everything in order, but I think that it is annoying. So, this is my question: is there another way of keeping a package around without it actually updating the startup scripts whenever it is upgraded? If not, it may be that some update-rc.d record file should be kept, in order not to change back startup files that the sysadmin may have modified or erased for some reason. As I said, it has happened several times, so this is not an isolated problem of the ipmasq package, but rather something in the general usage of the Debian system (which I really like in most other respects: brilliant job!). If I am missing something, please do tell me, preferably by answering this e-mail (I will follow-up to the list to keep everyone informed). Thanks, Miguel -- --- Miguel Alvarez Blanco E-mail:[EMAIL PROTECTED] HomePage: http://web.uniovi.es/qcg/mab/miguel.html Mail: Dpto. Quimica Fisica y Analitica, Universidad de Oviedo. Facultad de Quimica, c/ Julian Claveria, 8. 33006-Oviedo, Spain. Phone: +34 98510 5017 Fax: +34 98510 3125 Dpt.Office: +34 98510 3034 UNIX is user friendly. It's just selective about who its friends are. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Help, OSX vs Linux
On Fri, 3 Oct 2003, Mike Egglestone wrote: Date: Fri, 3 Oct 2003 10:20:25 -0700 From: Mike Egglestone [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Help, OSX vs Linux Hi All, I'm a system's admin looking after several different sites at which most of them have woody servers. But some of the staff are pushing for OSX servers. The workstations range from PC's to Imacs. running all different OS's. I'm finding it difficult to convince them that OSX is not the way to go. We all know the reasons why Debian is so Great, but they can't see it. The biggest push is that the OSX server can have workgroups for accounts and thus lock workstations so that only certain workgroups have access to certain applications on OS 9.x machines. Are you saying that the OSX server access control works with OS9 clients to limit access for those users? If so, then I suppose the size of the Mac user base, and the criticalness of the apps they need to access would be factors. If the access control applies to all the users, then the scope of the issue changes. A precise appraisal of the benefit would be very useful. I use netatalk currently, and use local multiple users on OS 9 to lock down the machine but its not quite as tight as how OSX server can do it with Mac Mananger. Again, what's the specific benefit of the increased controls? The more closely that can be defined, and alternatives evaluated, the better case can be made. This may also show that the OSX solution is what's needed. I love the fact the Debian has apt-get and I can quickly install the daemons such as squid, exim, apache, samba, netatalk, dhcp,ipmasq and so many other great things. Supposedly, OSX can run and do all this too, correct? The only reasons I can think of that makes Debian better is that is Free, its more stable, and its way faster. Are there any other benefits of debian that out way it from OSX? Don't blame you for wanting to maitain a homegeneous environment. With the introduction of a new OS, training and adminsitrative costs have to increase. Try to quantify it. Also, the proprietary nature of Mac hardware has to be factored in. And you are tied to the fortunes of one company. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Any users of mondoarchive on debian boxes?
I'm running the mondoarchive package on Debian 3.0 using a 2.4.22 kernel compliled from source. Saw the commentary on the mondo web site; not sure what the issue there is. The Debian package works fine; getting the kernel parameters straight is essential. I've not used the kernel packages, but imagine that you have to get the source package to add the necessary functions. Ernest Johanson Systems Administrator Fuller Theological Seminary On Wed, 24 Sep 2003, Paul E Condon wrote: Date: Wed, 24 Sep 2003 21:07:40 -0600 From: Paul E Condon [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Any users of mondoarchive on debian boxes? An article in Oct issue of Linux journal got me interested in Mondo Archive, which is software that builds self-booting restore CDs for Linux systems. So, I started to try to use it. I found a debian package in Woody, and did the standard apt-get ... . I had mostly no problem understanding the man page. But some puzzles lead me to look at the Mondo web site, and ... From reading the Mondo web site, it appears that there are no documented instances of mondoarchive being used successfully on a Debian system, and that Debian kernels are somehow non- standard, and difficult to work with. Is this true? And, if true, why is there a Debian package of Mondo Archive? And if not true, who, on this list has experience? Is there a different Debian list where I should be going for help on this particular package? Thanks. -- Paul E Condon [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache access control
Some things to check would be: 1. Within the Directory directive, check the AllowOverride statement. It must contain the AuthConfig directive-type. 2. AccessFileName needs to be .htaccess if that's the name of your file. 3. Have to reboot the server too :-) If you haven't seen it already you might want to look at http://httpd.apache.org/docs/howto/htaccess.html. Good advice on the use of .htaccess files. Ernest Johanson Systems Administrator Fuller Theological Seminary On Wed, 17 Sep 2003, Roberto Sanchez wrote: Date: Wed, 17 Sep 2003 17:30:57 +0200 (CEST) From: Roberto Sanchez [EMAIL PROTECTED] To: Debian User [EMAIL PROTECTED] Subject: Apache access control I am trying to get Apache 1.3 to prompt for a password for some file located in a particular directory on one of my sites. I created a password file like this: # htpasswd -c /etc/apache/passwd username I entered the password and then created this .htaccess file in the appropriate directory: AuthType Basic AuthName Please Authenticate AuthUserFile /etc/apache/passwd Require user valid-user I have read through all the related Apache docs on access control and googled around for some time. I can't figure out why this will not prompt for a password. I kind of need to figure this out before I can take the site live (the password protection is a requirement from higher headquarters). -Roberto ___ Yahoo! Messenger - Nueva versión GRATIS Super Webcam, voz, caritas animadas, y más... http://messenger.yahoo.es -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: NIS problem
Try editing your /etc/nsswitch.conf file, changing the entry for passwd and group to files nis instead of compat. Ernest Johanson Systems Administrator Fuller Theological Seminary On Mon, 15 Sep 2003, Xavier Andrade wrote: Date: Mon, 15 Sep 2003 13:51:01 -0400 (CLT) From: Xavier Andrade [EMAIL PROTECTED] To: Rishikesh [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: NIS problem On Mon, 15 Sep 2003, Rishikesh wrote: I am trying to make NIS work on my home network. I have followed the HOWTO below to the word. http://lyre.mit.edu/~powell/debian-howto/nis.html I keep getting error message YPBINDPROC_DOMAIN: Domain not bound I searched the archive of the debian mailing lists and did not find any discussion related to this message. Any help will be appreciated. I have a small 3 computer home network connected using a Belkin router. NIS is broadcasting the net searching fo a server and to my experience never finds it. To avoid this, manually add the ip address of your nis server to /etc/yp.conf, the line that you have to add is something like: ypserver 10.0.0.1 Xavier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: exim questions: Filtering extensitons with version 3.35 or Howto move from exim 3.35 to 4.2
Take a look at http://www.exim.org/system_filter.exim. It is a filter implemented in the exim filtering system. Ernest Johanson Systems Administrator Fuller Theological Seminary On Fri, 22 Aug 2003, Ivan Wills wrote: Date: Fri, 22 Aug 2003 10:30:19 +1000 From: Ivan Wills [EMAIL PROTECTED] To: Debian-user [EMAIL PROTECTED] Subject: exim questions: Filtering extensitons with version 3.35 or How to move from exim 3.35 to 4.2 Hi I need to implement mail filters for attachments with dangerous file extensions in exim. Does any one know how to do this with the version of exim 3.35 which comes with Debian Woody? How hard is it to move exim to version 4.2x under Debian Woody? (Do any deb's exist for Woody?) Any help would be greatly appreciated. Thanks Ivan -- ,###' *##/ Ivan Wills ,*##' Email : [EMAIL PROTECTED] .*##) ,###' l##*/ ,. __ _. _ .*##' /%# ;*##*_*###o#' .*#/ ./###;. /##* /##' ,#*' '#*' %#/ *%## *#* '*##* *##. .##' .*#/ |#*# # ##o#''#*#, ,##**##__*#* .#*, ,[EMAIL PROTECTED] *##' '*#|; *##'`*###*' '###*'##*' ,##'\#*. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: paper size
Check /etc/papersize. Ernest Johanson Systems Administrator Fuller Theological Seminary On Wed, 23 Jul 2003, nori heikkinen wrote: Date: Wed, 23 Jul 2003 11:47:08 -0400 From: nori heikkinen [EMAIL PROTECTED] To: debian-user [EMAIL PROTECTED] Subject: paper size trying to print things via enscript and mpage. they're both defaulting to a4 paper, and i can't figure out how to specify letter paper. with enscript, -M letter looks like it should work: -M name, --media=name Select an output media name. Enscript's default output media is determined from libpaper and falls back to A4. ... but does not. the -b Letter option from mpage looks similarly promising: -bpapertype Prepare output for selected paper type. Papersize can be A3 for European A3, A4 for European A4, Letter for US Letter or Legal for Legal sized paper. For default see 'mpage -x'. To see the list of currently available types, just give the 'mpage -bl' or 'mpage -b?' command (Note: mpage exits after finding such option use.) .. but also poos. is there some environment variable i need set? this works fine on other debian systems i use (that i did not, unfortunately, install myself) without `env` showing anything about paper sizes ... tia, /nori -- .~. nori @ sccs.swarthmore.edu /V\ http://www.sccs.swarthmore.edu/~nori/jnl/ // \\ @ maenad.net /( )\ www.maenad.net ^`~'^ get my (*new*) key here: http://www.maenad.net/geek/gpg/7ede5499.asc (please *remove* old key 11e031f1!) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: squid user_auth
Right. Here localusers is the acl to require passwords. What about the following: acl all src 0.0.0.0/0.0.0.0 acl localnetwork proxy_auth 192.168.0.0/255.255.255.0 remove the proxy_auth here. The config file says that a list of usernames follows proxy_auth, unless using REQUIRED keyword. acl localusers proxy_auth REQUIRED http_access deny !localnetwork http_access allow localusers insert all after allow so that it reads: http_access allow all localusers Ernest Johanson Systems Administrator Fuller Theological Seminary On Wed, 16 Jul 2003, Botha, Francois wrote: Date: Wed, 16 Jul 2003 16:20:00 +0200 From: Botha, Francois [EMAIL PROTECTED] To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Cc: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Subject: RE: squid user_auth Hi, password is not a acl, I tried proxy_auth but still no go ): Regards, FB -Original Message- From: Ernest Johanson [mailto:[EMAIL PROTECTED] Sent: 15 July 2003 19:30 To: Botha, Francois Cc: Debian-User Subject: Re: squid user_auth Francois, Try adding the keyword password to the end of your http_access allow directives. Ernest Johanson Systems Administrator Fuller Theological Seminary On Tue, 15 Jul 2003, Botha, Francois wrote: Date: Tue, 15 Jul 2003 14:02:59 +0200 From: Botha, Francois [EMAIL PROTECTED] To: Debian-User [EMAIL PROTECTED] Subject: squid user_auth Hi, I'm playing with squid-2.4.6-2 on a 3.0/stable machine and am having problems with the user authentication bit. My authentication side of the httpd.conf has: -- snip -- acl all src 0.0.0.0/0.0.0.0 acl localnetwork proxy_auth 192.168.0.0/255.255.255.0 acl localusers proxy_auth REQUIRED http_access deny !localnetwork http_access allow localusers http_access allow localnetwork http_access deny all proxy_auth_realm Squid proxy-caching web server authenticate_program /usr/lib/squid/ncsa_auth /etc/passwd.squid #authenticate_program /usr/lib/squid/pam_auth #authenticate_program /tmp/test.sh -- /snip -- My squid dialog box pops up asking for username and password, I fill this in (using ncsa_auth with /etc/passwd.squid with htpasswd -d generated passwords) and the box just pops up again, nothing in any logs regarding this. When I use ncsa_auth from the commandline with username password i get the OK so all is well there. I've tried the same with pam_auth, and it also just pops up again in the browser as-if my password is wrong, yet again - if I run it from the commandline, it's happy. And yes, I have checked permissions of the /etc/passwd.squid, it is only readable to the squid user (proxy), I've tried changing this to a+rw out of desperateness but it's still acting the same way (: I've also made a simple shell script in /tmp which prints $@ for me to another file, squid executes this but passes nothing as a argument, i've put a 'read' line in the script and passed that towards a file aswell and also got nothing?! -- snip -- #!/bin/bash # while true ; do echo I was passed $@ /tmp/test.out read vars echo I was also passed $vars /tmp/test.out echo OK done -- /snip -- Output: -- snip -- I was passed -- /snip -- So, it does not get to filling in the read line bit?! I've searched all I could online and the only real problem is with permissions of the passwd file - which I know is not a problem. Does anybody have any ideas? Thanks, Francois Botha Snr. Systems Engineer e-mail: [EMAIL PROTECTED] http://www.thawte.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: squid user_auth
Francois, Try adding the keyword password to the end of your http_access allow directives. Ernest Johanson Systems Administrator Fuller Theological Seminary On Tue, 15 Jul 2003, Botha, Francois wrote: Date: Tue, 15 Jul 2003 14:02:59 +0200 From: Botha, Francois [EMAIL PROTECTED] To: Debian-User [EMAIL PROTECTED] Subject: squid user_auth Hi, I'm playing with squid-2.4.6-2 on a 3.0/stable machine and am having problems with the user authentication bit. My authentication side of the httpd.conf has: -- snip -- acl all src 0.0.0.0/0.0.0.0 acl localnetwork proxy_auth 192.168.0.0/255.255.255.0 acl localusers proxy_auth REQUIRED http_access deny !localnetwork http_access allow localusers http_access allow localnetwork http_access deny all proxy_auth_realm Squid proxy-caching web server authenticate_program /usr/lib/squid/ncsa_auth /etc/passwd.squid #authenticate_program /usr/lib/squid/pam_auth #authenticate_program /tmp/test.sh -- /snip -- My squid dialog box pops up asking for username and password, I fill this in (using ncsa_auth with /etc/passwd.squid with htpasswd -d generated passwords) and the box just pops up again, nothing in any logs regarding this. When I use ncsa_auth from the commandline with username password i get the OK so all is well there. I've tried the same with pam_auth, and it also just pops up again in the browser as-if my password is wrong, yet again - if I run it from the commandline, it's happy. And yes, I have checked permissions of the /etc/passwd.squid, it is only readable to the squid user (proxy), I've tried changing this to a+rw out of desperateness but it's still acting the same way (: I've also made a simple shell script in /tmp which prints $@ for me to another file, squid executes this but passes nothing as a argument, i've put a 'read' line in the script and passed that towards a file aswell and also got nothing?! -- snip -- #!/bin/bash # while true ; do echo I was passed $@ /tmp/test.out read vars echo I was also passed $vars /tmp/test.out echo OK done -- /snip -- Output: -- snip -- I was passed -- /snip -- So, it does not get to filling in the read line bit?! I've searched all I could online and the only real problem is with permissions of the passwd file - which I know is not a problem. Does anybody have any ideas? Thanks, Francois Botha Snr. Systems Engineer e-mail: [EMAIL PROTECTED] http://www.thawte.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: TCP/IP printing under Debian
Glad to hear you got things working. To solve the staircase issue, use a2ps to print text files. Will need to pipe output through unix2dos also. Thanks to all of you. Someday, I'll take a deeper look at the more classical printer confguration, too. I tried it, but after a staircase printout of the /etc/passwd I figured it might be easier after all to try cups a second time. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: TCP/IP printing under Debian
Leif, You can accomplish this using the lpr/lpd facility that is likely already installed. There were some security issues with lpd awhile back, so you may want to make sure you have the latest pacakges for the Debian version you're running. Read the man page for lpr. There's lots of options, but you likely will only need a few of them. Here's a sample from a server here: lp:\ :lp=:\ :rm=printer.org.tld:\ :rp=pr1:\ :sd=/var/spool/lpd/remote:\ :sh=true:\ :lf=/var/log/lp-errs: You may need to get the queue name (parameter rp) from the printer docs. OTH pr1 may work fine. One advantage here is that you don't have to install any other services, which is good from a security standpoint. Ernest Johanson Systems Administrator Fuller Theological Seminary On Mon, 14 Jul 2003, Leif B. Kristensen wrote: Date: Mon, 14 Jul 2003 19:46:11 +0200 From: Leif B. Kristensen [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: TCP/IP printing under Debian Hi, I'm new to Debian and to this list. I've successfully installed Woody on an old Pentium (133MHz, 128 MB RAM, 2x4GB HD) and set it up as an experimental web server behind my firewall. I have not cared to set up any GUI on it, as I want to run it by CLI from a remote console (Putty). The installation has been plain fun so far, but now I'm rather stuck as I want to be able to print out stuff such as man pages, configuration files, and other documentation. I've got an old HP4M+ laser printer which, according to linuxprinting.org should work perfectly with Linux. It's connected to my LAN via Ethernet, and has its own IP address. I've worked a lot with UNIX administration, but I have no experience with printer installation. The howtos that I have been able to find on the net so far, seem mostly to deal with installation of parallel printers, and with the use of some GUI tool. Can anybody direct me to a basic resource on CLI-based TCP/IP printer setup under Debian/Linux? TIA, --=20 Leif Biberg Kristensen=20 http://solumslekt.org/ mail to leif at solumslekt dot org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: TCP/IP printing under Debian
Sorry for the mistake below. The right manapge is printcap. Read the man page for lpr. There's lots of options, but you likely will only need a few of them. Here's a sample from a server here: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Securing POP3
Chris, Perdition 1.11 can function as a POP3s proxy. Currently it's in unstable, which might not be what you want. If you're comfortable compiling apps from source, you can get the distribution and docs from http://www.vergenet.net/linux/perdition. I had to add an extra debian package or two and create a link to get everything working. Can provide the details if you'd like. Tried Qpopper and had trouble with it. Particularly with Outlook Express and attachments, and with uses who leave mail on the server. Sometimes it workes fine, other times it refuses to download the mail. Tried all the suggested fixes but still have the problems. Have about 1700 users, so YMMV. The qpopper mailing list has lots of traffic on this issue. Ernest Johanson Systems Administrator Fuller Theological Seminary On Fri, 11 Jul 2003, Christopher Swingley wrote: Date: Fri, 11 Jul 2003 09:16:13 -0800 From: Christopher Swingley [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Securing POP3 Greetings! What options do I have for securing POP3 on a Debian server? I've got clients connecting with all varieties of platforms (proprietary UNIX, Linux, Win XX, Max OS 9 / 10) and mail user agents (Eudora, Mozilla Mail, Netscape Mail, Lookout Express, Outhouse, etc.). Around 50 clients, some setting their MUA's to check every 30 seconds. . . 'sslwrap' seems like one option. I'm interested in people's experiences and suggestions. Thanks, Chris -- Christopher S. Swingley email: [EMAIL PROTECTED] IARC -- Frontier Program Please use encryption. GPG key at: University of Alaska Fairbanks www.frontier.iarc.uaf.edu/~cswingle/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: x doesn't work; mouse configuration blues
If you haven't already, try verifying that /dev/psaux does in fact exist. If not, it will have to be created. Also, check to see if gpm is installed. gpm gives you mouse control of the cursor wihin a console, and can cause problems under X. Ernest Johanson Systems Administrator Fuller Theological Seminary On Thu, 26 Jun 2003, Christopher R Laughman wrote: Date: Thu, 26 Jun 2003 00:05:05 -0400 From: Christopher R Laughman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: x doesn't work; mouse configuration blues i'm having a really difficult time installing debian for the first time. i've been using redhat for a few years, but getting x to work in debian is proving difficult. the initial installation of the bf2.4 version of woody appeared to work well, but when the computer rebooted and tried to startx, it tried a few times and then prompts to configure the X server. it is then able to start X with a 1280x1400 (or whatever it is) resolution, but the mouse doesn't work whatsoever. the information for the monitor and the video card is correct in the XF86 config file; the mouse i have is a 2 button Trekker, which has always worked in redhat when i specified random 2-button ps/2 mouse. thanks c ... ... config file ... # ** # Core Pointer's InputDevice section # ** Section InputDevice # Identifier and driver IdentifierMouse1 Drivermouse Option ProtocolMicrosoft Option Device /dev/psaux # When using XQUEUE, comment out the above two lines, and uncomment # the following line. #Option ProtocolXqueue # Baudrate and SampleRate are only for some Logitech mice. In # almost every case these lines should be omitted. #Option BaudRate9600 #Option SampleRate 150 # Emulate3Buttons is an option for 2-button Microsoft mice # Emulate3Timeout is the timeout in milliseconds (default is 50ms) Option Emulate3Buttons #Option Emulate3Timeout50 # ChordMiddle is an option for some 3-button Logitech mice #Option ChordMiddle EndSection ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Why isn't there a cron.hourly?
Agreed that an hourly crontab is not too common an occurence. It could be done by using the cron.daily entry in /etc/crontab as a template. Create the cron.hourly directory and set the cron.hourly entry in crontab as needed. Ernest Johanson Systems Administrator Fuller Theological Seminary On Thu, 12 Jun 2003, Colin Watson wrote: Date: Thu, 12 Jun 2003 15:14:00 +0100 From: Colin Watson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Why isn't there a cron.hourly? On Thu, Jun 12, 2003 at 03:08:43PM +0200, Jon Haugsand wrote: RedHat has the directory /etc/cron.hourly, but this is not present in debian. Why is that? Probably because the main motivation for /etc/cron.interval, as I understand it, is to make it possible to include crontab fragments in packages, and it seems rare for a package to want an hourly crontab. Certainly it has benefits for users as well, but users can always use /etc/crontab or 'crontab -e'; packages have to have separate files. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Exim-TLS - how to auth user?
Do you have an authenticator configured in your exim.conf file? You have to have one before exim will recognize the authentication methods. Chs. 36 and 37 in the manual explain how to do it. Ernest Johanson Systems Administrator Fuller Theological Seminary On Fri, 21 Feb 2003, Iain Tatch wrote: Date: Fri, 21 Feb 2003 19:25:49 + From: Iain Tatch [EMAIL PROTECTED] Reply-To: Iain Tatch [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Exim-TLS - how to auth user? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello the list I have a question regarding authenticating an SMTP request. I have a user who would like to be able to use my Debian woody machine as a general SMTP host while he is on the road. He could be connecting via any of a number of dial-up accounts, all with dynamic IP assignment, so I cannot authenticate him via a simple IP address. My MTA on this box is Exim, and after a little bit of reading around, I decided what I needed to do was to use the SMTP-AUTH extension (as per RFC 2554), and to avoid sending passwords in the clear, to use the TLS version of Exim. So I `apt-get install exim-tls`, created myself a TLS certificate, and made the necessary modifications to the exim.conf to switch on the SMTP-over-TLS stuff. FYI the additional stuff I made to the exim.conf are: # Which hosts do we tell that we have STARTTLS available? tls_advertise_hosts = * # File locations tls_certificate = /etc/ssl/certs/exim.tls.crt tls_privatekey = /etc/ssl/certs/exim.tls.key # insist that any client using auth starts a TLS session first auth_over_tls_hosts = * So far so good, if I telnet to port 25 and issue an EHLO command, exim replies that one of the functions supported is STARTTLS. But what I *don't* seem to be able to do is get Exim to recognise any of the authentication methods, it doesn't seem to have been compiled with either AUTH_PLAIN or AUTH_CRAM-MD5 (or anything else). If this is so, I'm still not really much better off. I can insist that my roaming user connects via a secure method, but if I still have no way of authenticating him then I still can't verify identity, and hence I'd still have to leave my Exim in a basically open relay state (albeit one that will require a secure connection). Am I missing something, or has the Exim-TLS package been compiled without any of the AUTH methods. Which seems rather odd to me. Any help, tips, flames etc gratefully received. Thanks! - -- Iain | PGP mail preferred: pubkey www.deepsea.f9.co.uk/misc/iain.asc ($=,$,)=split/13\//,13\13\/tl.rnh r HITtahkPctacriAneeeusaoJ;; for([EMAIL PROTECTED]//,$,){$..=$$[$=];$$=$=[$=];[EMAIL PROTECTED];[EMAIL PROTECTED] eq$$$==$?;$==$?;for($)[EMAIL PROTECTED] eq$_;;last if!$;$=++}}print$..$/ -BEGIN PGP SIGNATURE- Version: PGP 8.0 - not licensed for commercial use: www.pgp.com iQA/AwUBPlZ9MGByUNb+aO+GEQKUfQCfZ+3mnBVMlCAKWNnJTzh/Wxuw/6QAoKrQ 8o4DtywZHbxZY0o8Iqf5fUUw =duCg -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HELP! dhcp server not talking to clients
Not sure what the problem is but have a few observations: The option subnet-mask 255.255.255.0 statement should be in a subnet declaration if needed. Did you compile your own kernel? Dhcpd requires two settings (don't remember what they are at the moment, but they're in the docs.) The 192.168.1.x addresses suggest that there is another host on the network handing out assignments (wireless AP, dsl modem/router, etc). HTH, Ernest Johanson Systems Administrator Fuller Theological Seminary On Mon, 16 Dec 2002, Charles Lewis wrote: Date: Mon, 16 Dec 2002 23:53:00 -0600 From: Charles Lewis [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: HELP! dhcp server not talking to clients I have dhcp set up on my linux box to serve a Win2000 box, a Win98 box, a WinXP box, and networked HP LJ1200. It works fine, until I try to upgrade the kernel from 2.4.18 to 2.4.20 (from an earlier thread). The machine locks up after a few minutes, so I go back to 2.4.18, and all my machines are getting 198.168.1.x numbers when my dhcp server is supposed to be providing 10.0.0.x numbers. It's very frustrating to everyone in the house because suddenly none of them can use the internet, print, or save files to their samba shares. Now I am not a network guru, so maybe someone can help me spot some problems in my setup. Here is my dhcpd.conf: #option domain-name ; #option domain-name-servers 205.165.192.254,205.165.193.254; server-identifier lewisc; authoritative; option subnet-mask 255.255.255.0; default-lease-time 600; max-lease-time 7200; subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.6 10.0.0.254; option broadcast-address 10.0.0.255; option routers 10.0.0.1; option netbios-name-servers 10.0.0.1; } host lewisc2 { hardware ethernet 00:01:03:E7:48:1F; fixed-address 10.0.0.2; } host lewisc3 { hardware ethernet 00:00:39:F0:9A:C5; fixed-address 10.0.0.3; } host caleb { hardware ethernet 00:A0:CC:D2:A0:73; fixed-address 10.0.0.4; } host officelj { hardware ethernet 00:01:E6:48:69:A2; fixed-address 10.0.0.5; } When I run dhcpd in debug mode, I get: Listening on LPF/eth0/00:01:03:dd:22:e0/10.0.0.0 Sending on LPF/eth0/00:01:03:dd:22:e0/10.0.0.0 Sending on Socket/fallback/fallback-net And it just sits there with no feedback. When I do a tcpdump -i eth0, I get the following junk: 23:46:04.324753 192.168.1.102.netbios-dgm 192.168.1.255.netbios-dgm: NBT UDP PACKET(138) 23:46:33.933645 192.168.1.1.bootps 255.255.255.255.bootpc: xid:0xbee8b113 C:192.168.1.101 Y:192.168.1.101 ether 0:1:e6:48:69:a2 file [|bootp] 23:46:36.287786 arp who-has 192.168.1.1 tell 192.168.1.102 23:46:36.289146 192.168.1.1.bootps 255.255.255.255.bootpc: xid:0xf220e34f C:192.168.1.102 Y:192.168.1.102 ether 0:a0:cc:d2:a0:73 file [|bootp] 23:49:04.314952 192.168.1.1.bootps 255.255.255.255.bootpc: xid:0x28e8b113 C:192.168.1.101 Y:192.168.1.101 ether 0:1:e6:48:69:a2 file [|bootp] 23:49:06.268378 arp who-has 192.168.1.1 tell 192.168.1.102 23:49:06.269729 192.168.1.1.bootps 255.255.255.255.bootpc: xid:0xdd3f9a45 C:192.168.1.102 Y:192.168.1.102 ether 0:a0:cc:d2:a0:73 file [|bootp] The last time this happened, it eventually started working, but I think it may have been because the lease ran out on all the machines. *shrug* I don't know but I'm ready to pull what little hair I have left out. Any ideas would be GREATLY appreciated. Charles Lewis -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Webtrends Reporting Server on debian - error
I've been running Webtrends on Debian. Currently at 2.0c, Debian 2.1, kernel 2.2.12. It's been awhile, but I remember having to adjust file ownership. The server starts as root and runs as user daemon. More specific information about the problem would be helpful. Linux debian-sd 2.2.19pre17 potato system. The software is installed in /usr/local/webtrends. It is a webtrends reporting server 3.1c 3.1.c? In the original post, it was 1.3c. I haven't seen v3 so there could be many differences. And the server should use port 80 for the users. Reporting Engine uses port . I was not sucessful at changing the port number that WebTrends listens to. Ended up using the install default. Suggest using that to at least get it running. Starting the server as user root: ./wtrs.server start wtrs not started. Hangs forever: A ps shows: sh ./wtrs.server start root 528 523 0 22:24 pts/100:00:00 sh /usr/local/webtrends/wtrs_ui.server start daemon 529 528 0 22:24 pts/100:00:00 /usr/local/webtrends/wtrs_ui -start Cannot connect to port 80 ./wtrs.server { start | stop | status }: No such file or directory I am not sure what is cannot find? These process names are different than what I have, so your version may be later than mine. In v2.0, wtrs.server is a shell script. If it still is, you could put echo statements in it to see at what point the error message shows up. Also, notice that below, most of the files are owned by user bin. When you start the server as root, it runs one process as root, and the other as user daemon. Again, I had adjust file ownership before I could get WT working. Try changing everything to user daemon group daemon and see what happens. If you've done a lot of things to get it working, you might want to delete the current installation and do a fresh install to start from a known point. The content of /usr/local/webtrends (Note chmod use on wtrs.startup) -rw-r--r--1 bin bin 6223 May 27 22:22 LICENSE -rw-r--r--1 root root 5736 May 27 22:23 RELEASENOTES -rw-r-1 bin bin 186 Jan 3 2001 adviews.txt -rw-r--r--1 bin bin 6 Jan 3 2001 bldnum.txt -rw-r--r--1 bin bin 7184747 Jan 3 2001 company.big -rw-r--r--1 bin bin98 Jan 3 2001 init.ini -rw-r--r--1 bin bin 10484 Jan 3 2001 keywords.ini -rwxr-xr-x1 bin bin419680 Jan 3 2001 libwt_license.so -rwxrwx---1 bin bin 4333016 Jan 3 2001 libwtrs_engine.so -rw-r--r--1 bin bin 77040 Jan 3 2001 manifest -rw-r--r--1 bin bin 998 Jan 3 2001 regions.ini -rw-r--r--1 bin bin 9833 Jan 3 2001 report.ini -rw-r--r--1 bin bin 96303 Jan 3 2001 s_title.wdb drwxrwxr-x5 bin bin 4096 Jan 3 2001 scripts -rw-r--r--1 bin bin 13473 Jan 3 2001 style.ini drwxrwxr-x2 bin bin 4096 Jan 3 2001 utils -rw-r--r--1 bin bin 339 Jan 3 2001 webtrend.ini drwxrwxr-x2 bin bin 4096 Jan 3 2001 wt_migrate -rw-r--r--1 bin bin 331 May 27 22:23 wt_remote.ini drwxrwxr-x2 bin bin 4096 Jan 3 2001 wt_script -rwxrwx---1 bin bin618048 Jan 3 2001 wt_script.bin -rw-rw-r--1 bin bin813744 Jan 3 2001 wt_script.so -rw---1 bin bin 9376 May 27 22:21 wtcfg.bin -rwxr-x---1 bin bin 2052 May 27 22:23 wtengine.server -rw-r-1 bin bin 428 Jan 3 2001 wtintra.txt -rwxr-xr-x1 bin bin182781 Jan 3 2001 wtlicense drwxrwxr-x8 bin bin 4096 May 27 22:23 wtm_wtx -rwxrwx---1 bin bin 13700 Jan 3 2001 wtrs -rwxr-x---1 bin bin 745 May 27 22:23 wtrs.server -rwxrwxrwx1 root root 1043 May 27 22:32 wtrs.startup -rw-rw-r--1 root root 1043 May 27 22:31 wtrs.startup.org -rwxrwx---1 bin bin552152 Jan 3 2001 wtrs_ui -rwxr-x---1 bin bin 1983 May 27 22:23 wtrs_ui.server drwxr-xr-x4 bin bin 4096 May 27 22:22 wwwroot debian-sd:/usr/local/webtrends$ Best regards, Soeren, -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Webtrends Reporting Server on debian - error
I've been running Webtrends on Debian. Currently at 2.0c, Debian 2.1, kernel 2.2.12. It's been awhile, but I remember having to adjust file ownership. The server starts as root and runs as user daemon. More specific information about the problem would be helpful. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Mon, 27 May 2002, Soeren Laursen wrote: Date: Mon, 27 May 2002 11:26:48 +0200 From: Soeren Laursen [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Webtrends Reporting Server on debian - error Hi, Moving some software services from Redhat 6.2 to debian 2.x and 3.x serveres. We have some problems running the Webtrends Reporting Server 1.3c on debian. It will not start at all. Converted the rpm to a deb did not helped. We started out with the .tar.gz package from webtrends. Has anybody had any luck with this software on debian at all? Best regards, Soeren Laursen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
bootpd trouble
Hello all, I'm having trouble with a bootpd server I recently migrated to a new box. The old one (potato, kernel 2.2) worked fine. Moved the data to the new box (testing, kernel 2.4) and most of the clients can get their leases. The exceptions are some printers (HP 4000's mostly) that fail. The request looks like this in tcpdump: 14:53:12.733894 0.0.0.0.bootpc 255.255.255.255.bootps: xid:0x32158 secs:20510 flags:0x8000 [|bootp] Responses from the old server look like this: 14:53:12.741519 hostname.domain.tld.bootps 255.255.255.255.bootpc: xid:0x32158 flags:0x8000 Y:printer.domain.tld S:server.doamin.tld ether 0:x:x:x:x:x sname server [|bootp] Both servers record the transaction in daemon.log. Only the new server actually sends it out. The new server never shows a response in tcpdump. I've read the dhcp mini-howto which explains about adding a host route for 255.255.255.255. Did that and still no result. Also looked through the kernel docs to see if there was a /proc setting that needed changing, but didn't see anything. A search on debian.org in the mail arcihives and bug logs didn't turn up anything. Any and all suggestions will be greatly appreciated. Ernest Johanson Web Systems Administrator Fuller Theological Seminary
Re: samba + netatalk
I am currently reading a book that has some info on configuring a Samba/Appletalk server. It's Linux Samba Server Administration by Roderick W. Smith (Sybex, ISBN 0-7821-2740-1). Haven't gotten very far into the book yet, but so far is well written and technically informed. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 27 Apr 2001, Pietro Cagnoni wrote: Date: Fri, 27 Apr 2001 12:41:07 +0200 From: Pietro Cagnoni [EMAIL PROTECTED] To: debian-user mailing list debian-user@lists.debian.org Subject: Re: samba + netatalk Liam Ward wrote: I wonder if anyone has any experience of something like this... Our office has a mixture of Windows and MacOS desktops. Packages to allow the Macs to talk to the PCs are expensive ($150 per machine) so I'm thinking of getting an old PC, putting Debian on it and setting up shared disk space using Samba and Appletalk (netatalk) simultaneously. If anyone knows of any pitfalls before I start into this I'd appreciate some pointers. i found a nice one when i had to do the same thing: if you connect your mac to the debian box fia tcp, everything is fine. if you want the shared directory to appear when you browse the network on the map, it works for a while after the netatalk daemons start, then the shared stuff disappears! the workaround i found (with a LOT of trials - a F%@£*G LOT) is to switch off and back on the promiscuous mode of the nic every minute. that's what i have in my root crontab: 0 * * * * /sbin/ifconfig eth0 -promisc /sbin/ifconfig eth0 promisc btw, this happened since i switched from slink (kernel 2.0.38) to potato (kernel 2.2.17) anyone else noticed? furthermore, i wasn't able to get the macs on a different ethernet to talk via ddp with the debian box (the router is a debian box too, with netatalk installed) but maybe it's just because i don't know really anything about ddp... again, everything is fine if you use tcp! is there a netatalk guru out there? or a FM i can R? :-) pietro. P.S - sorry for the personal mail, liam - i keep hitting the wrong buttons...
Re: apache startup script
You can use the extract function (dpkg -x) to get it. Get the package, create a directory and extract it there. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 20 Apr 2001, peanut butter wrote: Date: Fri, 20 Apr 2001 10:04:14 -0700 From: peanut butter [EMAIL PROTECTED] To: Debian Users debian-user@lists.debian.org Subject: apache startup script Hi, I felt the need to remove the apache installation I had on one of my Debian boxes to reinstall it as some things weren't making sense or as I would expect so I decided to start from scratch (with the default httpd.conf, etc.). At some point I deleted the /etc/init.d/apache wanting to refresh this as well. Now I can't get it back. Upon several attempts to re-install apache and apache-common, I get the error: Setting up apache (1.3.9-13.2) ... update-rc.d: /etc/init.d/apache: file does not exist What, do you get one copy on your first installation and that's it . . . better not lose it :) Which package should provide this? Upon the first failed installation, retrying an install immediately again or trying a Configure doesn't solve the problem so it's not a package ordering problem. -- Paul Yeatman (858) 534-9896[EMAIL PROTECTED] == ==Proudly brought to you by Mutt== ==
Re: ppp mystery
Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 14 Mar 2001, Gil Elad wrote: Date: Wed, 14 Mar 2001 15:28:31 +0200 From: Gil Elad [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: ppp mystery --=_1268914==_ Content-Type: text/plain; charset=us-ascii; format=flowed Hi everyone. I'm completely new to both Linux and Debian so please forgive my stupidity. I've been trying for the past few weeks to connect to my ISP with no success using both pppconfig and wvdial. While both succeed in getting connected at a reasonable speed (49.3 kbps) neither can get passed the authentication stage. I seem to get gibberish instead of a login prompt (a series of '[' and 'c' characters mostly) and both programs don't know what to do with it. It seemed to me at first as if there's too much noise on the line, so I tried to connect at slower speeds, but that didn't work. Attached are both the chatscript and the output from plog. The absolutely most irritating thing about this whole business, though, is that windows connects like clockwork every time at 49.2 kbps. any help at all will be appreciated. Thanks Gil Elad
Re: ppp mystery
You might want to check your ppp options file and make sure you are using hardware handshaking. The relevant option is crtscts. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 14 Mar 2001, Gil Elad wrote: Date: Wed, 14 Mar 2001 16:47:58 +0200 From: Gil Elad [EMAIL PROTECTED] To: Jimmy Richards [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: ppp mystery I've just tried CHAP with no success. The result was exactly the same. I probably should have added in my original message that Windows connects using PAP. At 06:45 14/03/2001 -0700, you wrote: Hello There, Don't know if I can help much. But I was wondering if you have tried using both 'PAP' and 'CHAP' login protocols when you tryo to connect? If you've been trying with PAP, then try CHAP and se what happens. Hope that helps somehow and good luck, Jimmy Richards On 14 Mar 2001 15:28:31 +0200, Gil Elad wrote: Hi everyone. I'm completely new to both Linux and Debian so please forgive my stupidity. I've been trying for the past few weeks to connect to my ISP with no success using both pppconfig and wvdial. While both succeed in getting connected at a reasonable speed (49.3 kbps) neither can get passed the authentication stage. I seem to get gibberish instead of a login prompt (a series of '[' and 'c' characters mostly) and both programs don't know what to do with it. It seemed to me at first as if there's too much noise on the line, so I tried to connect at slower speeds, but that didn't work. Attached are both the chatscript and the output from plog. The absolutely most irritating thing about this whole business, though, is that windows connects like clockwork every time at 49.2 kbps. any help at all will be appreciated. Thanks
Re: ppp mystery (fwd)
Sorry for the earlier message with a null body. Here's what I intended to post. You might want to check your ppp options file and make sure you are using hardware handshaking. The relevant option is crtscts. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 14 Mar 2001, Gil Elad wrote: Date: Wed, 14 Mar 2001 16:47:58 +0200 From: Gil Elad [EMAIL PROTECTED] To: Jimmy Richards [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: ppp mystery I've just tried CHAP with no success. The result was exactly the same. I probably should have added in my original message that Windows connects using PAP. At 06:45 14/03/2001 -0700, you wrote: Hello There, Don't know if I can help much. But I was wondering if you have tried using both 'PAP' and 'CHAP' login protocols when you tryo to connect? If you've been trying with PAP, then try CHAP and se what happens. Hope that helps somehow and good luck, Jimmy Richards On 14 Mar 2001 15:28:31 +0200, Gil Elad wrote: Hi everyone. I'm completely new to both Linux and Debian so please forgive my stupidity. I've been trying for the past few weeks to connect to my ISP with no success using both pppconfig and wvdial. While both succeed in getting connected at a reasonable speed (49.3 kbps) neither can get passed the authentication stage. I seem to get gibberish instead of a login prompt (a series of '[' and 'c' characters mostly) and both programs don't know what to do with it. It seemed to me at first as if there's too much noise on the line, so I tried to connect at slower speeds, but that didn't work. Attached are both the chatscript and the output from plog. The absolutely most irritating thing about this whole business, though, is that windows connects like clockwork every time at 49.2 kbps. any help at all will be appreciated. Thanks
Re: tripple booting dos/win/linux
Not sure how you would set things up with the install you have. What I have done in the past is to install DOS, then install Windows (95) on the same partition. During the install you will be asked where you want to install Windows. Choose another directory so that you don't clobber DOS. The Windows install will set up so that your boot process will be able to boot to either one. A normal boot will go to Windows. If you hit F8 right after the BIOS finishes setting up, you will get a menu, giving the options of Normal, Safe Mode, Step by Step, etc. The last item in the list is to Boot to Previous Version of DOS. Choose it and you will load DOS. Now install Linux. The Debian install process will ask you where you want to install lilo, you want Master Boot Record. It will also ask you if you have another operating system. Answer those questions and you should have a dual-boot system, linux and windows. Use the F8 key to get to DOS. If you are using NT, you will likey want to use the NT boot loader instead. There is a HOW-TO on linuxdoc.org about it. HTH, Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 25 Jan 2001, Ken Weingold wrote: On Thu, Jan 25, 2001, Saqib Shaikh wrote: hi, how is it possible to tripple boot dos/win/linux? what i have done so far is: 1. installed dos 2. changed the fs type for fat16 to xenix, and windows then installs fine since it doesn't find dos. 3. installed linux. 4. now, i can boot either windows or linux fine. 5. if i now change xenix back to fat16 i cannot boot either dos or windows. what i require is a way, in lilo.conf for example, for hiding the dos partition when windows loads and hiding the windows partition when dos loads. how is this possible? could you send a sample lilo.conf? dos is on hda1, win on hda2, linux on hda3 and swap is hda5 (extended. saqib I would highly recommend System Commander. It is a boot manager that will deal with all this seamlessly. You can even have it hide partitions, so you can install Windows with DOS already there. Right now I have running on my system: DOS 6.22, Win95 OSR2, Windows 2000, and Linux. All running just fine. -Ken
Re: Redhat to Debian: migrating a multi-user server
I have seen a situation where a system that began on Slackware was migrated to Debian years ago. Several Debian upgrades have been done since then. There are user ids between 500 and 100 and there hasn't been any problems. Hopefully this isn't an accident going somewhere to happen. One idea might be to do a search and replace on the passwd file, placing a 1 (or 2, etc) in front of the existing user id. That would necessitate changing the ids on the user's files. I had a similar situation and wrote a Perl script to read the passwd file and change the ownership, permissions, etc. It would need to be tweaked a little, but if you want I can send it to you. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 14 Dec 2000, B. Dragoo wrote: Date: Thu, 14 Dec 2000 14:06:26 -0800 (PST) From: B. Dragoo [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Redhat to Debian: migrating a multi-user server This is not a Which is better, Red Hat or Debian? question, but a very specific question about a distro migration of one specific box. I've done a lot of research on this, and have found no answers particular enough to my situation. The box in question is still running RH 5.2 (with all security patches, of course), and has had a very active user base of about 175 shell accounts since it went online in October of 1998. It has had very impressive uptime and performance records. However, it's been a rather large headache to keep current, given Red Hat's bugginess and lack of an update tool. [I know that RH 7.0 has an update agent, and I thought for about two seconds about upgrading this box to 7.0 just for that tool. But I tested that tool, and it is absolutely _horrible_; it's nothing like as easy/reliable/effective as apt-get, and RH 7.0 is much buggier than my box currently is anyway.] Now, to the migration: I'm actually migrating the whole system to a different machine, so I don't have the problem of having to change the distros on the same machine on the fly. In fact, I've already got the new box up and running with an up-to-date Debian potato; it's just waiting for the users. Most of the user migration is therefore very easy. Just tar up the $HOME directories and /var/spool/mail, and copy them to the new box, etc.. My main issue is getting user accounts over. It would be very easy to copy the lines from my passwd, shadow, and group files over to the potato box, but I'm concerned about the fact that RH begins uids with 500, while Debian begins with 1000. If I copied accounts directly from passwd file to passwd file, I'd end up with a bunch of Debian users with uids between 500 and 700. I've already tested this with several user accounts, and it seemed to work fine; I'm just worried about things breaking down the road. My questions, then, are these: is there anything about this situation that will make Debian break? Are there debianized packages that rely on having normal (i.e., non-system user) uids above 1000? Is there anything else about the migration of users that I need to be worried about? I want this to be a very smooth transition that takes place at 3am some night; ideally, the less attentive users won't even know that the change has taken place. Thanks, Belloc __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/
Re: Redhat to Debian: migrating a multi-user server
The system uses the underlying user ids to identify files rather than the user names. Run ls -ln to see the ids instead of the names. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 15 Dec 2000, B. Dragoo wrote: Date: Fri, 15 Dec 2000 10:37:59 -0800 (PST) From: B. Dragoo [EMAIL PROTECTED] To: Ernest Johanson [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: Redhat to Debian: migrating a multi-user server --- Ernest Johanson [EMAIL PROTECTED] wrote: [snip] One idea might be to do a search and replace on the passwd file, placing a 1 (or 2, etc) in front of the existing user id. That would necessitate changing the ids on the user's files. I had a similar situation and wrote a Perl script to read the passwd file and change the ownership, permissions, etc. It would need to be tweaked a little, but if you want I can send it to you. I would love to take a look at your script. But I have one question: why do the IDs on the users' files need to be changed? It seems that files are owned and permissioned to user _names_ not uids. If for example a file is owned by a user named luser, after debianizing his redhat uid from 550 to 1550, that file would still be owned by the same username, even though his uid has changed, and nothing further would have to be done. Am I wrong? Thanks for your response, Belloc __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/
Re: OT: Perl or PHP
There are a number of factors to consider here. One is the kind of web applications you are developing. For simple things (like a web form submission) plain cgi works fine, is quick and easy to do. More complex interactivity will require embeded code in HTML, databases, etc. Another angle to consider is how much existing code is there that you can leverage in your projects. There are tradeoffs to consider between flexibility and simplicity. Most of the time, increasing flexiblity means increasing complexity: the trick is to find the right balance for your situation. There are Perl modules that will allow you to embed code in your web pages. There is tons of code for PHP, Python and Perl available. You might visit the main web sites for these languages and have a look at tutorials, sample code, existing applications. Perhaps in light of your technical background and potential projects one will seem more appropriate. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 7 Dec 2000, D-Man wrote: Date: Thu, 7 Dec 2000 23:34:14 -0500 From: D-Man [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: OT: Perl or PHP I would recommend not using Perl. Perl can let you do lots of complex text manipulation really easily, but it is a nightmare to debug, let alone maintain. It does too much magic with a lack of data types and automagic variables. I would recommend Python if you want to do CGI scripting. But as someone else said, you might want PHP instead of CGI scripting. -D On Tue, 05 Dec 2000 04:27:02 [EMAIL PROTECTED] wrote: | hi. sorry for the off-topic post. i'm embarking on a journey to be a web | developer and would like to know if i should use mod.perl or mod.php for cgi? | i've searched and read alot of faqs and so far they're all just howtos. the | only conclusion i can come up with is with php u can use it directly with | html | (plus also call it from html code) whereas with perl the only way u can use | it | is to call it from your html code. | | am i right with that assumption? | |
Re: Debian apache woes
Except I suck at it. I'm running debian potato (I run woody at home but I wouldn't trust it on a server till it's distributed officially) and apache 1.3.9. (I know, it is old, but it's the latest version in potato as far as I can see.) Keep trying. It really does get better. I'm having the following problems: 1) The worst: Despite having umask 022 in /etc/.profile and everyone's personal .profiles, newly created directories are randomly getting bad perms. This is bad because most of my users don't know what the hell permissions are, having none (except in very limited cases) in windows. I just taught my two main cronies about chmod 755 and 644 (for regular web files), but this shit can't keep happening. (For FTPed files, I set up a umask in the wu-ftpd ftpaccess file to set things at 644 which seemed to work.) Randomly getting bad perms? That sounds strange. Is there a pattern to the permissions? Do the users who get the bad perms always get the same ones? Do whatever you can to reproduce the problem so that you can see it happening and not just rely on the users' input. Eliminate as many variables as you can and often the solution will present itself. Make sure the file in /etc is named profile, not .profile. Woud it be possible to consider changing ftp servers? I have used proftpd and have seen that the configuration process is much easier than wu-ftp. 2) Periodically and randomly people alert me I can't FTP. This seems to occassionally clear up or people just tell me I'm not having a problem anymore. Since I can FTP fine, and can test the files I put there via FTP, I really can't see what the problem is for these people. Are they being stupid? I don't know, because it's now happened to two different people. Does the machine have more than one network interface? If so, do an nslookup and see what your DNS reports back. Check to see if you always get the same IP address first (assuming more than one) or it reports them in a different order with each lookup. If the ftp server listens to a particular IP address, ftp to the IP address and see what haapens. 3) After having CGI scripts forbidden for a while I finally found the umpteenth place where I had to put an ExecCGI in the apache config files and now every CGI script on the page (one for using finger to return e-mail addresses of people put into the search thing via a second page frame, and one for a message board) is run and returns internal errors. The error in /etc/logs/apache/error.log is that there is a premature ending of headers. Check the script to make sure that before it sends any output back to the client that it sends a header first. In Perl, the statement looks like so: print Content-type: text/html\n\n; The two newlines are essential. I am not usually this stupid. Honestly. I run my own machine virtually error-free. Apache is simply the bane of my fucking existance. Please give me ANY input you can. I'm going away for a semester and my co-admin thought this would be fine until everything simultaneously decided to break this week. :P Don't let the pressure get to you. Try to give yourself some space. Remember that computers are relentlessly logical, even if it's a logic not obvious at the time. A patient, disciplined approach of assessing what you know about a problem, reducing it to the simplest possible form and then proceeding to ask questions and try out different hypotheses will often lead to the answer. And when it doesn't, then you have valuable input to post a question to the list. Murphy's law will never be repealed. Ernest Johanson Web Systems Administrator Fuller Theological Seminary
Re: Log rotation error
Eileen, See the README.Debian doc in /usr/doc/mysql-server. It explains how to set up a password for non-interactive access. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 1 Dec 2000, Eileen Orbell wrote: Date: Fri, 01 Dec 2000 09:09:13 -0500 From: Eileen Orbell [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Log rotation error Hi All I have this error emailed to me daily from root. Does anyone know how I can repair this? I recall I had this when I used RH but can not remember how to fix it? Thanks errors occured while rotating /var/log/mysql.err /usr/bin/mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user: '[EMAIL PROTECTED]' (Using password: NO)' error running postrotate script Eileen Orbell Software Internet Applications Capitol College mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Don't Fear the Penguin.
Re: is there anyone using cucipop?
From the error messages from makevpopdb, is it possible that the libdb2 pacakge is not installed? Some of the features of cucipop require it. HTH, Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 30 Nov 2000, martin wrote: Date: Thu, 30 Nov 2000 10:52:39 +0100 From: martin [EMAIL PROTECTED] To: Debian Users debian-user@lists.debian.org Subject: is there anyone using cucipop? dear friends, i allready asked once, but i am afraid, my mail got lost somewhere...? so here again: i am trying to set up cucipop on a newly installed potato system. only trouble is, it dosent't like to run in APOP-mode, which would be very important here. the makevpopdb program complains about makedb2: Can't create /etc/mail/vpop.db and if compiled from source it says it even dosen't know about db2... all this behaviour has been documented in some quite old bug-reports, but i cant find any solution to it. can someone please just give a statemant on the status or tell me how to work around the problem? thanks my system: mars 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown Package: cucipop Status: install ok installed Priority: optional Section: non-free/net Installed-Size: 199 Maintainer: Debian QA Group debian-qa@lists.debian.org Version: 1.31-13 Provides: pop3-server Depends: netbase, libc6 (=3D 2.1), libpam0g Conflicts: pop3-server, qpopper Conffiles: /etc/init.d/cucipop e304a9a6f13d6ff1a6f208a038f236b8 /etc/pam.d/cucipop 4b2506a7954690dad5e15341e0ef47f9 Description: Cubic Circle's POP3 daemon A fast, robust implementation of the RFC1939 POP3 protocol, It does not use temporary files, it works reliably over NFS, and it includes an option to defeat leave mail on server clients. Cucipop can run from inetd or as a standalone daemon (the default). Desired=3DUnknown/Install/Remove/Purge/Hold | Status=3DNot/Installed/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=3D(none)/Hold/Reinst-required/X=3Dboth-problems (Status,Err: upperc= ase=3Dbad) ||/ Name VersionDescription +++-=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D-=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D-=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D ii cucipop1.31-13Cubic Circle's POP3 daemon pn cyrus-pop3dnone (no description available) pn ipopd none (no description available) un pop2-servernone (no description available) un pop3-servernone (no description available) un popclient none (no description available) rc poppassd 1.2-11 Password change server for Eudora and NUP= OP pn qpoppernone (no description available) --=20 Cynapsis Kommunikationsagentur GmbH Dipl.-Ing. Martin Lorenz Application Research, Engineering Tel: +49 251 48265 24 Fax: 48 Rothenburg 14-16 D-48143 Muenster =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Die Welt hat genug f=FCr jedermanns Not=20 aber nicht f=FCr jedermanns Gier!
Re: Frozen message in exim
Depending on how exim is set up, you may be able to view the message header and body (as separate files) in /var/spool/exim/input. If ther are a large number of directories (0-9, a-b, A-Z) then the message and header will be in the directory with the same letter as the last letter in the first block of characters in the message id (13kqJX in this case). ^ Normally exim -Mrm will delete messages still in the queue. But there are times when it won't. In that case I go to the /var/spool/input directory and delete the header and the message. Not sure if there is another way but I looked and couldn't find it. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 30 Nov 2000, Daniel de los Reyes wrote: Date: Thu, 30 Nov 2000 19:03:24 +0100 From: Daniel de los Reyes [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Frozen message in exim I have this is exim's log: 2000-11-30 18:08:01 Start queue run: pid=2778 2000-11-30 18:08:01 13kqJX-UX-00 Message is frozen 2000-11-30 18:08:01 End queue run: pid=2778 2000-11-30 18:38:01 Start queue run: pid=577 2000-11-30 18:38:01 13kqJX-UX-00 Message is frozen 2000-11-30 18:38:01 End queue run: pid=577 I have this frozen message lying arround since I installed Potato some months ago. Why can this be? Is there a way to know something about the message? How do I get rid of it? -- __ Daniel de los Reyes S2-Selling Soluciones Valencia Spain e-mail: [EMAIL PROTECTED] Powered by Debian GNU-Linux 2.2r0 __
Re: apache, perl, 403 forbidden, help? (SOLVED...kinda)
Herb, There's a typo in your document header in the perl script. It has to have 2 newlines at the end. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sun, 26 Nov 2000, Herbert Ho wrote: Date: Sun, 26 Nov 2000 14:49:42 -0600 From: Herbert Ho [EMAIL PROTECTED] To: Ernest Johanson [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: apache, perl, 403 forbidden, help? (SOLVED...kinda) thanks for everyone's help so far. it works...a little bit more. =) the problem i found is that there is already a Directory directive for the public_html/ directories in access.conf. this seems to either be read last (thus overrriding changes made in other files) or conflict w/ changes made in other files. so it now is able to run the perl script. but it still doesn't work entirely. the problem i have now is i get a '500 internal server error' from my browser. checking the error.log shows Premature end of script headers: /home/herb/public_html/init/test.pl the problem is a similar script works on a working http server my university runs (so i can't get the httpd.conf file to compare). here's the simple script. hopefully you can punch a hole in it for me: #!/usr/bin/perl -w print Content-type: text/html\n\; print EOF; htmlbody hi /body/html EOF also, here's the relative modification from my access.conf that made apache want to run it: DirectoryMatch ^/home/.*/public_html AddHandler cgi-script .pl .cgi Options ExecCGI Indexes SymLinksIfOwnerMatch AllowOverride None /DirectoryMatch thanks in advance, herb On Wed, Nov 22, 2000 at 01:47:38PM -0800, Ernest Johanson wrote: Herbert, A few things to check: 1. Remove the quotes in your Directory statement, i.e. Directory / instead of Directory /. 2. Make sure the directory you are trying to execute cgis in is under your DocmentRoot if you're using a Directory / statement. If what you want is to serve pages and execute cgis from your user directory (typically outside the DocumentRoot), then read up on the UserDir directive in the apache docs. 3. Check your access.conf file to make sure there isn't already some directives configured for the path your directory is in. The default configuration in Debian has something for public_html that you may need to edit. 4. Be sure to restart the server after making changes. HTH, Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 21 Nov 2000, Herbert Ho wrote: Date: Tue, 21 Nov 2000 15:55:26 -0600 From: Herbert Ho [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: apache, perl, 403 forbidden, help? hi all. i can't get apache to execute a perl/cgi script. *box: potato/sparc, installed apache-perl and its dependencies. *error: 403 forbidden in web browser. this in error log: Options ExecCGI is off in this directory: /home/herb/public_html/init/login.pl i tired everything in the faq and manual to little success. things i've tried: 1) i've added the handler and options directives to my srm.conf: AddHandler cgi-script .cgi .pl Directory / Options +All +ExecCGI /Directory i know +All and +ExecCGI are redudant and this is not secure, but i'm desperate. =) 2) i tried pointing the directory to the exact directory where i'm executing the script (i.e. / - /home/herb/public_html/init, my script resides in init/) to no avail. 3) i tried replacing the Directory directive w/ ScriptAlias ~herb/public_html/init /home/herb/public_html/init again, no effect. 4) installing the 'apache' package instead of 'apache-perl'. it makes me download the script. permissions look correct. all parents of the script directory are at least o+rx. i am able to execute scripts ok in /usr/lib/cgi-bin/ (ScriptAlias'ed to cgi-bin/), but not elsewhere. HELP? any is appreicated... herbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: apache, perl, 403 forbidden, help?
Herbert, A few things to check: 1. Remove the quotes in your Directory statement, i.e. Directory / instead of Directory /. 2. Make sure the directory you are trying to execute cgis in is under your DocmentRoot if you're using a Directory / statement. If what you want is to serve pages and execute cgis from your user directory (typically outside the DocumentRoot), then read up on the UserDir directive in the apache docs. 3. Check your access.conf file to make sure there isn't already some directives configured for the path your directory is in. The default configuration in Debian has something for public_html that you may need to edit. 4. Be sure to restart the server after making changes. HTH, Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 21 Nov 2000, Herbert Ho wrote: Date: Tue, 21 Nov 2000 15:55:26 -0600 From: Herbert Ho [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: apache, perl, 403 forbidden, help? hi all. i can't get apache to execute a perl/cgi script. *box: potato/sparc, installed apache-perl and its dependencies. *error: 403 forbidden in web browser. this in error log: Options ExecCGI is off in this directory: /home/herb/public_html/init/login.pl i tired everything in the faq and manual to little success. things i've tried: 1) i've added the handler and options directives to my srm.conf: AddHandler cgi-script .cgi .pl Directory / Options +All +ExecCGI /Directory i know +All and +ExecCGI are redudant and this is not secure, but i'm desperate. =) 2) i tried pointing the directory to the exact directory where i'm executing the script (i.e. / - /home/herb/public_html/init, my script resides in init/) to no avail. 3) i tried replacing the Directory directive w/ ScriptAlias ~herb/public_html/init /home/herb/public_html/init again, no effect. 4) installing the 'apache' package instead of 'apache-perl'. it makes me download the script. permissions look correct. all parents of the script directory are at least o+rx. i am able to execute scripts ok in /usr/lib/cgi-bin/ (ScriptAlias'ed to cgi-bin/), but not elsewhere. HELP? any is appreicated... herbert
Re: Sendmail account setup
The script is at http://devil.research.at/. Its main purpose is to enable/disable and edit vacation messages. If you speak Perl it would not be difficult to get it to do other things. It uses ftp to contact the mail server host though, using the user's username and password. With a shell of /bin/false, that could be a problem depending on the ftp server config. Proftpd can deal with it, keeping security issues in mind. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 3 Nov 2000, Christopher Clark wrote: Date: Fri, 03 Nov 2000 09:36:54 + From: Christopher Clark [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Sendmail account setup re your post in Debian users You can assign the users a shell of /bin/false, which will prevent normal logins to the machine. Users won't be able to directly set forwarding either though, so you might need a way for them to do that. Somewhere I have seen a CGI script that would administer forwarding through a web page, but I don't remember where right now. If that's of interest, let me know and I'll see if I can pull it up. Sorry to be a nuisance but I would be very interested in that script as well. If there is any chance. regards Chris
Re: Sendmail account setup
You can assign the users a shell of /bin/false, which will prevent normal logins to the machine. Users won't be able to directly set forwarding either though, so you might need a way for them to do that. Somewhere I have seen a CGI script that would administer forwarding through a web page, but I don't remember where right now. If that's of interest, let me know and I'll see if I can pull it up. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 1 Nov 2000, Jay Kelly wrote: Date: Wed, 01 Nov 2000 09:51:54 -0800 From: Jay Kelly [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Sendmail account setup Hello All, I have a question on Sendmail. I would like to give out email accounts but do not want to give them a debian account. All I want them to have access to is email. Can this be done? Now when I add a new email account I have to use adduser which creates a home directory. What are ISP's using? Thanks in advance for your help and time
Re: Apache with Servlet support
I have set up the Apache JServ (v. 1.1.2) with the debian Apache package (1.3.9, potato). The jserv distibution comes with a configure script that was easy to use. It asks you for parameters, and placed everything where it needed to go. The instructions say you *have* to use the jsdk2.0, solaris version. I am also using an IBM version of the JDK (1.1.8) in /usr/local, and not the Debian jdk package. Don't think that makes a difference, but thought I should mention it. I might have had to tweak a line or two in a conf file (don't remember for sure at the moment) but it was no big deal to get it running and try the examples. Haven't been able to compile a servlet yet, but don't think it's a problem with the install. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 19 Sep 2000, Sven Burgener wrote: Date: Tue, 19 Sep 2000 19:28:53 +0200 From: Sven Burgener [EMAIL PROTECTED] To: Debian Users debian-user@lists.debian.org Subject: Apache with Servlet support Hello I'd simply like to know how easy it is to run Apache with Servlet support under Debian. Has anyone experiences with this? I am trying to compile Apache with Servlet support (JServ) and am having troubles with it. I use JDK and Sun's JSDK. (Intentionally not posting errors now) Anyone experiences with that setup? Sven -- The best way to escape from a problem is to solve it.
Unidentified subject!
I have set up the Apache JServ (v. 1.1.2) with the debian Apache package (1.3.9, potato). The jserv distibution comes with a configure script that was easy to use. It asks you for parameters, and placed everything where it needed to go. The instructions say you *have* to use the jsdk2.0, solaris version. I am also using an IBM version of the JDK (1.1.8) in /usr/local, and not the Debian jdk package. Don't think that makes a difference, but thought I should mention it. I might have had to tweak a line or two in a conf file (don't remember for sure at the moment) but it was no big deal to get it running and try the examples. Haven't been able to compile a servlet yet, but don't think it's a problem with the install. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 19 Sep 2000, Sven Burgener wrote: Date: Tue, 19 Sep 2000 19:28:53 +0200 From: Sven Burgener [EMAIL PROTECTED] To: Debian Users debian-user@lists.debian.org Subject: Apache with Servlet support Hello I'd simply like to know how easy it is to run Apache with Servlet support under Debian. Has anyone experiences with this? I am trying to compile Apache with Servlet support (JServ) and am having troubles with it. I use JDK and Sun's JSDK. (Intentionally not posting errors now) Anyone experiences with that setup? Sven -- The best way to escape from a problem is to solve it.
Apache and ssi
I am configuring Apache (1.3.9) for server-side includes, but don't want them to be able to execute cgi scripts. Things are working fine (a litte too fine, actually). Included documents are parsed and included, but if I try the following: !--#include virtual=/cgi-bin/whatever.cgi -- then the output of the script is placed into the document. From the docs, I thought that IncludesNOEXEC should disable cgi execution. The #exec element does not work, but #include does. Anyone know why this is so? Thanks in advance for the help. Ernest Johanson Web Systems Administrator Fuller Theological Seminary
Re: Proftpd situations
Take a look in the docs at the DefaultServer directive. I'm not quite sure how proftpd determines what the primary address is, but I had a similar problem with a server here. I defined a Virtual Host for one of the addresses and let the main configuration handle the other one. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 6 Sep 2000 [EMAIL PROTECTED] wrote: Date: Wed, 06 Sep 2000 14:27:55 -0700 (PDT) From: [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Proftpd situations Howdy, all, There may be a simple answer to this, but it sure is baffling me. We just had a new DSL circuit installed here at work. Our ISDN is still active and that is what all the clients are currently still hooked up to. The Potato server I have set up is currently serving ftp services via the LAN. The ISDN router simply forwards all ftp packets to the server. There is a second NIC in the server which has been dormant waiting for the new DSL circuit. The DSL router is configured in bridging mode because the server will be the firewall/router via ipchains. (It will also be an IMAP server using IMP) Here is the oddity: I ifconfig'd the second NIC, connected it to the new router (bridge) and was able to download just fine. The problem is that the proftpd stopped accepting ftp connections. As soon as I did an ifdown on the second NIC, ftp connections work fine. ifup the second NIC, ftp connections stop working, just like that. Is proftpd concerned about who is local or something like that when I ifup the 2nd NIC? Incidentally, I don't want to just give out the new IP address for people to download from via ftp, I want all of our customers to use the ftp.*.com address. And I don't want to have our ISP update the DNS yet as I'm going out of town soon for 3 weeks and I want to change as little as possible until I get back. TIA for any help. :) :) Cheers. Matthew Thompson https://mattyt.net/webmail [EMAIL PROTECTED] http://www.oz.net/~mattyt Seriousness is the only refuge of the shallow. --Oscar Wilde
Re: ProFTPd and NIS problems in Woody
Not sure about woody since I'm not running it, but one thing to check is whether the proftpd.conf fine contains the PersistentPassword directive. It needs to be set to off to recognize NIS accounts. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 12 Jul 2000, Pedro I. Sanchez wrote: Date: Wed, 12 Jul 2000 10:37:55 + From: Pedro I. Sanchez [EMAIL PROTECTED] To: debian-user debian-user@lists.debian.org Subject: ProFTPd and NIS problems in Woody Hello, ProFTPd doesn't recognize NIS accounts and says (Login failed): Can't find user in the log file. It works fine with local (non NIS) accounts. This has been reported as bug #62197 which is over 90 days old already. Does anyone know of a workaround (other than scraping ProFTpd which is what I am about to do)? Thank you, -- Pedro
Re: Filtering Email in Pine
To be able to select messages and perform commands on them choose the enable-aggregate-command-set option in the config section. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 29 Jun 2000, Nitebirdz wrote: Date: Thu, 29 Jun 2000 14:17:17 -0500 (CDT) From: Nitebirdz [EMAIL PROTECTED] To: Philippe [EMAIL PROTECTED] Cc: adam.edgar [EMAIL PROTECTED], debian-user@lists.debian.org Subject: Re: Filtering Email in Pine On Wed, 28 Jun 2000, Philippe wrote: Hi Adam, it takes just seconds to filter mail in Pine. From main menu, type S for setup. Then R for rules. Then F for filter. Then A for add. Give the rule a nickname by replacing the no value set in the menu. Put the Debian user list address on the Cc: line. At the bottom, choose the Folder you want it moved to. Exit. You're half-way done! Repeat to set another rule for which From: is the Debian address while Cc: is unspecified. That's it. pine is great. I've never used mutt. What's good about it? It may be a rhetorical question, but just in case... some people like the fact that mutt automatically shows all the messages in threads news-style, which makes it a lot easier to read messages from the mailing lists. I found a workaround to do something similar in pine though by sorting the messages according to the subject line and the date, so that all messages on the same topic are bundled together. I also like pine better. ;-) I got another question for you though. How do you select say all messages in a certain folder in pine? Or perhaps from message 1 to message 45, in order to save them, delete them... whatever. - Nitebirdz http://www.linuxnovice.org Tips, articles, news, links...
Re: S L O W mailserver
One way you could do this is to run tcpdump set to record packets with either a source or destination adress of the ISP's mail server. Then check your mail. The whole conversation will be recorded with timestamps. Use tee to pipe the output to a file. On Fri, 16 Jun 2000, Jaye Inabnit ke6sls wrote: Date: Fri, 16 Jun 2000 09:42:00 -0700 From: Jaye Inabnit ke6sls [EMAIL PROTECTED] To: debian help debian-user@lists.debian.org Subject: S L O W mailserver Hello, I have a really slow mail server problem. The guy says it shouldn't be slow but it is. I know he is running Red Hat on all his boxes on this ISP and don't know which mailserver he uses for POP3. My question is, can I some how trace all tcp/ip traffic to a file when I click on my mail icon in KDE? Would be nice to start the file just prior to hitting the button, then end the file folllowing the last message so I can show him the times down to the second from the actual start of the session to the end of the session. TIA -- Jaye:-} M.J. Inabnit, KE6SLS e-mail [EMAIL PROTECTED] 707-442-6579 h/m 707-441-7096 p http://www.qsl.net/ke6slsICQ# 12741145 This mail composed with kmail on kde on X on linux warped by debian If it's stupid, but works, it ain't stupid.
Re: Apache and perl cgi problem
I have already set the ScritpAlias and it work fine. What directory is your ScriptAlias set to? Now I'd like to have under the public_html dir of one user (my user) a directory tree wicht contain one entry for every project I am working on. Is this directory under the directory named in the ScriptAlias directive? The problem is that I cannot execupe some perl cgi, Netscape give me this error --- You don't have permission to access /~gianluca/effeesse/p.pl on this server. This is exactly the error that occurs when the directory is not enabled for executing scripts. The script have the correct attributes and the directory is accessible (I can get the html file and also run the php3 script) The php scripts are enabled by a different directive so they could be executing when cgi scripts don't.
Re: Apache and perl cgi problem
Now I'd like to have under the public_html dir of one user (my user) a directory tree wicht contain one entry for every project I am working on. Is this directory under the directory named in the ScriptAlias directive? No, but as I understand from the apache documentation, I can have only one directory in the ScriptAlias directive, or am I wrong ? You can have mulitple ScriptAlias directives. You will need set one for the directory containing your project dirs. Be aware of the security implications of this if your web server is open to the Internet.
Re: About Centralizing Passwords
You can configure your machines to consult local files first, then NIS by editing the file /etc/nsswitch.conf. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On 8 Jun 2000, M. Tavasti wrote: Date: 08 Jun 2000 08:22:22 +0300 From: M. Tavasti [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: About Centralizing Passwords Benjamin Hudgens [EMAIL PROTECTED] writes: Is there a client/server protocol that supports centralizing password AND session information other than NIS. If I'm not mistaken, NIS requires that you STILL edit the password file and specify user dirs.. etc. Perhaps I'm reading this wrong.. Yes, you are reading wrong. With NIS you get full passwd,group, alias, ... entries, just like they were local. I consider safety beeing only problem in NIS. And all machines jammed totally if NIS server is down, even logging in as root (local account)... -- M. Tavasti / [EMAIL PROTECTED] / +358-40-5078254 Poista s?hk?postiosoitteesta molemmat x-kirjaimet Remove x-letters from my e-mail address
Re: apache question
Thanks for this post. This is a change I needed to make. If you are running a recent version of apache, the cron job can be fixed by editing cron.conf in /etc/apache. Set the variable APACHE_CHOWN_LOGFILES to 0. Be default it is 1. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 25 May 2000, Ethan Benson wrote: Date: Thu, 25 May 2000 20:07:10 -0800 From: Ethan Benson [EMAIL PROTECTED] To: Ian Zimmerman [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: apache question --sGwo475CiIwWEjLI Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable On Thu, May 25, 2000 at 08:25:08PM -0700, Ian Zimmerman wrote: =20 Ethan however one thing you should do on a debian system is chown Ethan /var/www to root and make sure its not group writable. also Ethan chown /var/log/apache/* to root.adm and make sure the Ethan permissions are 640 or 644. (you have to fix the apache cron Ethan jobs to not undo this change) =20 Ethan for some insane reason debian leaves the www-root owned by Ethan www-data.www-data (the same user debian runs apache as) along Ethan with the logs. this is totally wrong as the web server user Ethan should NOT own files or have any write permission to anything. Ethan if it does then all it takes is one of those unprivileged child Ethan processes to be exploited and your web site can be replaced and Ethan your logs can be removed. bad bad bad. =20
Re: Routing Issues
Have you configured the Linux box to do address translation for the Windows machines? If not then you will need to get that going first. There is an IP-Masquerade HOWTO available that explains what to do. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 22 Apr 2000, Andrew Stephen wrote: Date: Sat, 22 Apr 2000 15:28:09 +0800 From: Andrew Stephen [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Routing Issues This is a multi-part message in MIME format. --=_NextPart_000_00B4_01BFAC6F.5D634F40 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Good day, I have just installed Debian after being a RedHat user for a number of = year and have come across a small problem. In the past I have always used two or three linux machines at home and = never with a Windows machine. Having just re-established a permanent = connection to the net again, I am needing to connect my two Windows = machine's through my linux box to allow me to connect the the net. All = I really want to achieve is to be able to use a web browser and telnet = from Windows machines to the net via the Linux box. I am having problems get the Windows machine to see the internet through = my Linux box. Any suggestion would be greatly appreciated or if I can be = pointed in the right direction Here are some details that may help. The Windows Machines have an IP address of 192.168.0.101 and = 192.168.0.102 and the Linix Box has an IP address of 192.168.0.100, I = have been assigned an IP address of 203.59.141.242 by my ISP for PPP = connection. Regards, Andrew Stephen --=_NextPart_000_00B4_01BFAC6F.5D634F40 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META content=3Dtext/html; charset=3Diso-8859-1 = http-equiv=3DContent-Type META content=3DMSHTML 5.00.2014.210 name=3DGENERATOR STYLE/STYLE /HEAD BODY bgColor=3D#ff DIVFONT face=3DArial size=3D2 DIVFONT face=3DArial size=3D2Good day,/FONT/DIV DIVnbsp;/DIV DIVFONT face=3DArial size=3D2I have just installed Debian after = being a RedHat=20 user for a number of year and have come across a small = problem./FONT/DIV DIVnbsp;/DIV DIVFONT face=3DArial size=3D2In the past I have always used two or = three linux=20 machines at home and never with a Windows machine.nbsp; Having just=20 re-established a permanent connection to the net again, I am needing to = connect=20 my two Windows machine's through my linux box to allow me to connect the = the=20 net.nbsp; All I really want to achieve is to be able to use a web = browser and=20 telnet from Windows machines to the net via the Linux box./FONT/DIV DIVnbsp;/DIV DIVFONT face=3DArial size=3D2I am having problems get the Windows = machine to see=20 the internet through my Linux box. Any suggestionnbsp;would be greatly=20 appreciated or if I can be pointed in the right direction/FONT/DIV DIVnbsp;/DIV DIVHere are some details that may help./DIV DIVnbsp;/DIV DIVThe Windows Machines have an IP address of 192.168.0.101 and = 192.168.0.102=20 and the Linix Box has an IP address of 192.168.0.100, I have been = assigned an IP=20 address of 203.59.141.242 by my ISP for PPP connection./DIV DIVnbsp;/DIV DIVRegards,/DIV DIVAndrew Stephen/DIV DIVnbsp;/DIV DIVnbsp;/DIV/FONT/DIV/BODY/HTML --=_NextPart_000_00B4_01BFAC6F.5D634F40--
kernel troubles
I am setting up a Dell PowerEdge 1300, PIII/500 machine for a server. It has an AIC 7890 SCSI controller, 512M of memory. When I complile a 2.2.12 kernel, I get LILO Loading Linux Uncompressing Linux... Ok, booting the kernel. And there it stops. It boots fine off of a 2.0.38 kernel from the install disks. I started with slink off a CD, and upgraded to frozen (of 4/6/00). I don't think this is a lilo problem, but wonder if there is something going on with the compiling of the kernel. No modules, compiled as 686, bzImage. Any ideas? Ernest Johanson Web Systems Administrator Fuller Theological Seminary
Re: Limiting user access in ftp, ssh, samba, etc... 'passwords'
The proftpd docs say that the daemon does a chroot operation after login to restrict the user to a particular directory. The web site is at www.proftpd.net. I am not sure how this compares to running a program under the chroot command. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sun, 26 Mar 2000, Pollywog wrote: Date: Sun, 26 Mar 2000 20:20:15 - (UTC) From: Pollywog [EMAIL PROTECTED] To: debian-user list debian-user@lists.debian.org Subject: Re: Limiting user access in ftp, ssh, samba, etc... 'passwords' On 26-Mar-2000 19:16:30 Ernest Johanson wrote: You can tell proftpd to allow logins without a valid shell. It can also set a default root directory for users so they can't see anything above that point. Is this what is called chroot? -- Andrew
Re: Limiting user access in ftp, ssh, samba, etc... 'passwords'
You can tell proftpd to allow logins without a valid shell. It can also set a default root directory for users so they can't see anything above that point. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 25 Mar 2000, Adam Shand wrote: Date: Sat, 25 Mar 2000 17:51:06 -0900 (AKST) From: Adam Shand [EMAIL PROTECTED] To: Damon Muller [EMAIL PROTECTED] Cc: debian-user@lists.debian.org, recipient list not shown: ; Subject: Re: Limiting user access in ftp, ssh, samba, etc... 'passwords' I want to have easy freedom in limiting user access. I have killed telnetd, and only sshd. I want to allow some users access through ssh, some through ftpd, and some through samba. How can I turn off user access through ssh, but keep their account, and allow them access through ftp? Can I allow users access to shares through samba, and allow them to ftp in, but not ssh or telnet? i'm not sure what you're options are for samba as i haven't used it for a long time ... for ssh you have two ways. give them a shell which is useless (/bin/false or /bin/true or make your own, eg. /usr/local/bin/nossh). then when they log in they will be immediately logged out again. the other option is to use the AllowGroups option in the sshd_config file. create a group called ssh, and add it to the AllowGroups option and then only people in the ssh group will be able to log in. for ftp pretty much the only way to do this is via their shell. ftp will only allow people to login whose shell is listed in /etc/shells. give users you don't want to have ftp access a shell like /bin/false or /usr/local/bin/noftp and make sure that shell never gets added to /etc/shells. more advanced ftp daemons like proftpd or ncftpd may have other options allowing you to do this via groups like ssh but i've never investigated it. adam.
Re: IPFWADM Problems
What does your routing table look like? If the default route is not set, that could explain your problem. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 3 Mar 2000, Chris Brown wrote: Date: Fri, 3 Mar 2000 18:09:29 -0500 From: Chris Brown [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: IPFWADM Problems Hello all, I have a Debian system running kernel 2.0.38 that is supposed to be acting as a router between two networks. For the past many months, we've had our nameserver doing the routing because it was far less flaky. We've fixed the problems in the hardware, finally, and would like to go back to using the first box. However, now we have some problems. Enabling IP Forwarding in the kernel does not allow packets to be routed between interfaces. I don't have any more information on this, that's all there is. From net-0 I can ping the net-0 side of the router, but I can't ping the net-1 side of the router. Both network cards are hooked up and configured correctly. Enabling IP Firewalling, flushing all the rules, and setting default policy to accept also has no setting. Once again, no error messages anywhere - the box obviously thinks this is right. I must have missed something. To make matters a bit weirder, IPX route happily between the interfaces. It's only IP that is causeing problems. Any help would be appreciated. CBrown * Chris Brown [EMAIL PROTECTED] !!! HELP FIGHT SPAM !!! Join; www.cauce.org See; spam.abuse.net, spamsucks.com, www.cm.org
Re: cron.daily isn't
I had a similar experience recently on the alpha platform. If I added something to the crontab file, it didn't run. I had to stop and start the cron daemon to get the new entry to run. Reloading didn't do it. This is on frozen. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 29 Feb 2000 kmself@ix.netcom.com wrote: Date: Tue, 29 Feb 2000 10:33:01 -0800 From: kmself@ix.netcom.com To: debian-user debian-user@lists.debian.org Subject: cron.daily isn't I seem to have a problem with my anacron. In particular, cron.daily scripts don't appear to run when advertised, or more troubling, at all. Both cron and at are doing fine. Anyone else had similar experiences? Managing local news is getting to be a real PITA. -- Karsten M. Self (kmself@ix.netcom.com) What part of Gestalt don't you understand? Scope out Scoop: http://scoop.kuro5hin.org/ Nothin' rusty about Kuro5hin: http://www.kuro5hin.org/
Re: devices compatible list
One of the best sources for this would be the Linux Documentation Project. One source is http://www.cc.gatech.edu/linux/LDP/. Have a look at the Hardware Compatibility HOW-TO. Also the Ethernet HOW-TO. Those documents contain links to other sites that will give you lots of info. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 22 Feb 2000, Bret Rice wrote: Date: Tue, 22 Feb 2000 20:24:10 -0800 From: Bret Rice [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: devices compatible list Would appreciate a direct to a list of devices which are conmpatible with Debian. My particular interest at the moment is 3Com 509 vs 905 cards. thanks for the info, Bret
Re: spice (fwd)
Have a look at http://fides.fe.uni-lj.si/~spice/welcome.html. There isn't a debian pacakge, but you may want to have a look. No source, just binary, and I have a hunch it is compiled for slink. I couldn't get it to run on potato. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 19 Feb 2000, Hamish Moffatt wrote: Date: Sat, 19 Feb 2000 15:26:31 +1100 From: Hamish Moffatt [EMAIL PROTECTED] To: [EMAIL PROTECTED], debian-user@lists.debian.org Subject: Re: spice (fwd) On Thu, Feb 10, 2000 at 03:19:08PM +, Suresh Kumar.R wrote: Is a debian version of spice available? Pl send a cc of the mail to [EMAIL PROTECTED] No, as there are some copyright/license problems with spice. You may wish to try 'acs', Al's Circuit Simulator, which is similar but better (faster, etc). Hamish -- Hamish Moffatt VK3SB. CCs of replies on mailing lists are welcome.
Re: Routing Problem
It looks to me like you need to set up the slink box to masqeurade for your 192.168.2 network. The machines on the other side of your linux machine have no idea what to do with a source address from your private network. There is a how-to and kernel docs on this. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 17 Feb 2000, Simon Law wrote: Date: Thu, 17 Feb 2000 20:10:47 -0500 From: Simon Law [EMAIL PROTECTED] To: Debian User debian-user@lists.debian.org Subject: Routing Problem -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I seem to have a problem. The problem is this: I have two computers, one of them a Windows 98 box and one of them a slink box. I am running on a residence network and they allow me only one IP. It is 129.97.35.30 and it has to go through a gateway at 129.97.35.1 to get to the outside world. When I set up my Windows box as 192.168.2.2, then I can ping 192.168.2.1, 129.97.35.30 and 129.97.35.1 from it. However, I can't ping anyone else on 129.97.35.*, nor can I get to the outside world. If I ping from my slink box, though, I'm perfectly fine. I have already RTFM'd through the NET3-HOWTO and the Firewall-HOWTO. Any suggestions would be most helpful. For your reference, I have attached the output to both ifconfig and route. Thanks in advance, Simon. - -- - -- ifconfig loLink encap:Local Loopback inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0 UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1 RX packets:403 errors:0 dropped:0 overruns:0 frame:0 TX packets:403 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 eth0 Link encap:Ethernet HWaddr 00:A0:C9:6F:72:E6 inet addr:129.97.35.30 Bcast:129.97.35.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:8362 errors:0 dropped:0 overruns:0 frame:0 TX packets:303 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 Interrupt:10 Base address:0x300 eth1 Link encap:Ethernet HWaddr 00:80:C8:16:52:BF inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:425 errors:0 dropped:0 overruns:0 frame:0 TX packets:25 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 Interrupt:11 Base address:0x340 - -- - -- route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 129.97.35.0 0.0.0.0 255.255.255.0 U 0 0 18 eth0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 2 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 5 lo 0.0.0.0 129.97.35.1 0.0.0.0 UG1 0 5 eth0 -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.1 for non-commercial use http://www.pgp.com iQA/AwUBOKycF5aW8HTyHmHCEQJPIgCgtKlk23xOQjqVup11wdDxjzaVzuwAnj+P 9BpxzlwXPGeKsXvbNeNetLlt =vKse -END PGP SIGNATURE-
Looking for virus scanning solutions
Does anyone know of virus scanning software that will scan incoming email, web pages, etc. and run on Debian Linux? If it would run on the Alpha platform so much the better. I have looked at Trend Micro's Virus Wall, but it is hard-wired to Red Hat, and since we have all Debian systems here I would like to keep it that way. The McAfee Virus Scan program works for email attachments, but I need more that that. Ideally, I would also like for the software to automatically update the virus signatures. Thanks in advance for any and all suggestions. Please cc me since I am reading the digest. Ernest Johanson Web Systems Administrator Fuller Theological Seminary
replacement for secure-su
Does anyone know what happened to the secure-su package, and whether there is a replacement? I couldn't find it in unstable, and the search function on debian.org is down right now. Any help greatly appreciated. Please cc me as I am getting the digest. Thanks in advance. Ernest Johanson Web Systems Administrator Fuller Theological Seminary
Re: ICMP error
I recently had this problem with a misconfigured printer on our network. Turned out that the subnet mask was improperly set. Once that was fixed, the messages stopped. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 23 Nov 1999, Colin Watson wrote: Date: Tue, 23 Nov 1999 22:15:51 + From: Colin Watson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: ICMP error Vicente Torres wrote: I receive hundreds of times pro day the following message on my text screens: 193.152.56.57 sent an invalid ICMP error to a broadcast ?Can I do anything to avoid receiving this message? I had the same problem, due to an apparently misconfigured LANManager server on this network. I used a firewall to filter it out: ipchains -A input -j DENY -p icmp -s 131.111.212.123 ... on 2.1.101 or 2.2 kernels, or: iptables -A INPUT -j DROP -p icmp -s 131.111.212.123 ... on 2.3 kernels. (Can't remember what you need for 2.0 and = 2.1.101 kernels (ipfwadm), sorry.) -- Colin Watson [EMAIL PROTECTED] Trinity College, Cambridge, and Computer Science [riva.ucam.org]
Re: Fixing the Master Boot Record
On Mon, 1 Nov 1999, Bryan K. Walton wrote: perform the upgrade, I need to boot up the computer with this diskette in the floppy drive. When I do that however, the computer gives me an error message saying that there is an invalid system disk in the floppy drive. Do you have an operating system on the floppy? The bios upgrade program may only be the acutal appication to upgrade the bios Ernest Johanson Web Systems Administrator Fuller Theological Seminary
Re: how to remove a broken package
Charles, dpkg --purge should do what you want. There is also dpkg --remove-reinstreq (I've never had to use it though). Also check to be sure you are root when running dpkg. Sometimes the devil is in the details. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 8 Oct 1999, Charles Lewis wrote: Date: Fri, 8 Oct 1999 11:31:54 -0500 From: Charles Lewis [EMAIL PROTECTED] To: debian-user debian-user@lists.debian.org Subject: how to remove a broken package *sigh* Surely, this can't be such a difficult question to answer. I hate to be a pain, but I don't know where else to turn, and I would rather be flamed than ignored. I need to know how to remove a broken package. Specifically, I'm having problems removing apache squid. I get the following errors: Removing squid ... dpkg: error processing squid (--remove): subprocess pre-removal script returned error exit status 1 dpkg: error while cleaning up: subprocess post-installation script returned error exit status 1 Removing apache ... dpkg: error processing apache (--remove): subprocess pre-removal script returned error exit status 1 Errors were encountered while processing: squid apache How can I get force the removal of these? I've read the man page, and none of the options that look like they _might_ work, do not. What else can I do? === Charles Lewis, Director of Administrative Computing Southwestern Adventist University, Keene, TX (817)556-4720 [EMAIL PROTECTED] FAX (360)397-7952 ===
Re: LILO on second drive?
No idea about installing an MBR on a slave drive, but why not put the additional configuration in your lilo.conf and boot from your master drive? That way you can control the boot process from the lilo prompt with out having to go into the BIOS. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 2 Oct 1999, EVCom Support wrote: Date: Sat, 02 Oct 1999 17:45:25 -0400 From: EVCom Support [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: LILO on second drive? Greetings all, Having read various docs, etc on Lilo, and having never used it before (Always had Linux on it's own primary drive, etc) I would like to use lilo to make a slave drive bootable (kinda tired of using boot floppies). Now, my BIOS supports booting from any drive letter, so even tho I have OS's installed on /dev/hda I can tell the bios to boot drive , /hdb1 and basically ignore the existance of /dev/hda alltogether. The problem is that lilo refuses to install a master boot record, etc, because it correctly detects that it is being asked to do so on a secondary drive. Basically I would like to be able to force lilo to do what I want, and make the secondary drive completely bootable so I can just switch my bios between booting drive 0 and drive 1 at will. When I boot drive D at this time, I get a lilo prompt that looks similar to this: F1: linux F2: F3: linux F3 default. The machine then locks up. Any suggestions? Todd Todd Suess Technical Support Night Manager Evolution Communications, Inc. 800.496.4736/561.624.7570 Email- [EMAIL PROTECTED] Support Hours- Monday through Friday 6am to Midnight Saturday and Sunday 8:30 to Midnight Be sure to visit EvCom.net at Booth 1388 for 'Everything Internet' at Internet World '99 in New York City, October 4-8, 1999.
Re: Berolist
You might also take a look at mailman. I also had problems with Berolist. One advantage is that it has both web-based and command line tools for configuration. Also has far more features than Berolist. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 29 Sep 1999, Ben Messinger wrote: Date: Wed, 29 Sep 1999 00:18:27 -0700 From: Ben Messinger [EMAIL PROTECTED] To: Matt Kopishke [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: Berolist Matt Kopishke wrote: I am trying to configure Berolist under Slink. snip ### I have tried every thing I can think of, I also have tried smartlist, Majordomo, and mailman with out any luck, all thought I had Majordomo running while back on a different install. I have yet to find a easy list server to set up, maybe it's my bad luck but every one else say they don't have problems like I do... -Matt- Matt, I wasted a lot of time trying to get Berolist working and finally went to smartlist. I couldn't keep Berolist from seg-faulting. I even compiled my own and it still was seg-faulting. Smartlist was harder to configure than Berolist, but easier than Majordomo and is working well. -Ben -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Ben Messinger [EMAIL PROTECTED] This email contains no tyops. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Re: video modes for X11
Paul, Your display may be running at a lower pixel depth than you're used to seeing. Check the Screen section of your XF86Config that applies to your x server. If your server recognizes the DefaultColorDepth parameter you can set your default depth that way, otherwise you can use startx -- -bpp depth with whatever depth you want to start with. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 25 Sep 1999, Paul Harris wrote: Date: Sat, 25 Sep 1999 15:13:07 +0800 (WST) From: Paul Harris [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: video modes for X11 hi, my lovely 17 monitor has a grainy-liney appearance when in 1280x1024 mode, however its perfectly clear under windows. i have the .ini file that windows uses but am unsure how to set up the x11 modelines... can anyone help? thanks, Paul If you can't make it good, make it look good. Bill Gates, 1995
Oracle Web Server on Linx
Has anyone had experience running the Oracle Web Application Server on Debian? I got the download, installed it and all processes come up except the administrative web server run fine, which refuses to run. The only variation I'm aware of from the docs is that they say kernel 2.0.34 and I have 2.2.12 on that machine. I can provide more details if anyone has some idea about this. BTW, anyone know what's going on with Oracle? We tried to buy the product, and were told that the Online Store is pulling all references to Linux. Sounds strange. Ernest Johanson Web Systems Administrator Fuller Theological Seminary
Re: Can't Log into FTPD
You might want to check your /etc/inetd.conf file. If the line for ftpd is commented out, remove the comment character and restart inetd. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 7 Sep 1999, Harlan Crystal wrote: Date: Tue, 7 Sep 1999 04:24:00 -0400 From: Harlan Crystal [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Can't Log into FTPD I'm currently using the most updated unstable. Whenever I attempt to FTP into my machine, it won't authorize me to log in. Even when I ftp localhost, using my username/pw, it denies access. I've removed and reinstalled the ftpd package 3 or 4 times.. and its the same. nothing in the man page said anything about this problem. any suggestions? - harlan
Re: where is what?
There is a program called grep to search text files. There is also an rgrep that will search directories recursively. You can do searches on the Packages file that is at the base directory of each distribution. In this case searching for what may not have found something, but searching for text, string, search, etc. would do it. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sun, 5 Sep 1999, Jim Foltz wrote: Date: Sun, 5 Sep 1999 12:19:31 -0400 From: Jim Foltz [EMAIL PROTECTED] To: Keith Harbaugh [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: where is what? You're not thinking of whatis, are you? On Sun, Sep 05, 1999 at 06:23:57AM +, Keith Harbaugh wrote: `what' was an old unix program which would access certain identifying lines within text files, allowing easy reading of key parts of files without having to use a pager or editor. I used the search features of the debian web site's Package page, searching on `what', but to no avail (the first search yielded the empty set, the second search more than would fit on a page, but all that was not the right what) (eh, what?). So, two questions: 1) where (i.e., in what package) is the program `what' to be found? 2) how could I effectively use the web pages search, or some other search capability, to have answered that question without bothering the debian mailing lists? -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null -- Jim Foltz [EMAIL PROTECTED] [EMAIL PROTECTED] ACORN techie http://www.acorn.net AOL/IM Jim Foltz
Re: Apple LaserWriter IINT
Andrew, How are you going to connect to the LaserWriter? I have one connected to a Mac that I print to using some software called lpDaemon. The daemon is quite old, but it works on my system. The only other way I know of is to use the serial port on the printer. I've not done that on Linux, but wouldn't think it to be a problem. It is a Postscript printer. One thing on the IINT: you can only switch between the serial port and the AppleTalk port a limited number of times (around 100 or so I think). The eprom or whatever in there gives out after that. The NTX doesn't have that issue. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 3 Sep 1999, Richard E. Hawkins wrote: Date: Fri, 03 Sep 1999 09:05:32 -0500 From: Richard E. Hawkins [EMAIL PROTECTED] To: Andrew Clark [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: Apple LaserWriter IINT Anyone had any success getting a Apple LaserWriter IINT working with linux? Was that one of the non-postscript printers? If so, ignore this :) If not, just use it as a garden variety printer. Now If only i could figure out the pins to swap on the cable to use my original DeskWriter as an original DeskJet . . . --
Re: kernel 2.2.12
I just upgraded a potato system to 2.2.12 due to the 2.2.11 memory leak. The release notes say that the .12 kernel won't compile with gcc 2.95. I have gcc 2.91.66-2 on that system and it compiled ok, a few warnings but no errors. System came up with no problem and no memory leak. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On 30 Aug 1999, Laurent Martelli wrote: Date: 30 Aug 1999 20:01:58 +0200 From: Laurent Martelli [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Re: kernel 2.2.12 Stavros == Stavros [EMAIL PROTECTED] writes: Stavros On Mon, 30 Aug 1999, William Ono wrote: On Mon, 30 Aug 1999, Stavros wrote: have anyone faced any problems compiling the 2.2.12 kernel on potato? I'm sitting at a potato system running 2.2.12 right now, so it works just fine for me.. Was there a specific problem you were having? Stavros i get alot of errors like this In file included from Stavros init/main.c:26: /usr/src/linux/include/asm/io.h: In Stavros function `virt_to_phys': Stavros /usr/src/linux/include/asm/io.h:112: `PAGE_OFFSET_RAW' Stavros undeclared (first use in this function) and then the Stavros compile proccess stops. (make: *** [init/main.o] Error 1) Did you 'make dep' ? I had something similar when trying to compile 2.2.11. I downloaded the whole 2.2.12, unpacked it in a fresh new directory, and it compiled fine. -- Laurent Martelli [EMAIL PROTECTED]
Re: setting up .Xresources
The X man page has the info. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 27 Aug 1999, Mark Wagnon wrote: Date: Fri, 27 Aug 1999 18:46:17 + From: Mark Wagnon [EMAIL PROTECTED] To: debian-user@lists.debian.org debian-user@lists.debian.org Subject: setting up .Xresources Can someone point me to some documentation on how to set up my .Xresources? Syntax, etc? tia -- ( __ _ Mark Wagnon ) Debian GNU/ -o) / / (_)__ __ __ Chula Vista, CA ( /\\/ /__/ / _ \/ // /\ \/ / [EMAIL PROTECTED] ) www.debian.org _\_v/_/_//_/\_,_/ /_/\_\
Re: How convert PC text to UNIX ascii
An easy way to find whether a file is in Debian is to do a zgrep on the Contents-i386.gz file (assuming Intel platform). You may need to pipe the output into whatever pager you like. The output will tell you what package the file is in (e.g. dos2unix is in sysutils). If you're getting Debian over the network, the file is not too big, 1.3M or so. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 28 Aug 1999, [iso-8859-1] Andr? Bell wrote: Date: Sat, 28 Aug 1999 01:31:17 -0700 From: [iso-8859-1] Andr? Bell [EMAIL PROTECTED] To: Seth R Arnold [EMAIL PROTECTED], debian-user@lists.debian.org Subject: Re: How convert PC text to UNIX ascii The way to get rid of those ^M characters is to either transfer the files using ascii mode in ftp, or use the dtox program or dos2unix program or :%s/^V^M//g in vi, or a sed script or write a program or .. half a million ways to do the same thing (would recode do it? :) Thanks Seth, that's exactly the info I was looking for. My linux pc is not yet networked to my pc so I'm forced to transfer small via floppy for now. I will do a search for dtox and dos2unix. Looks like neither are a part of debian so I searched the net for them. Here's one solution from http://ume.med.ucalgary.ca/usenet/Linux/0053.html: save as dos2unix - #!/bin/sh sed 's/^M//' $1 --- save as unix2dos - #!/bin/sh sed 's/$/^M/' $1 --- Note that the `^M' has to be produced by pressing `Ctrl-V Ctrl-M' in vi, or `Ctrl-QCtrl-M' in emacs. Then you can do, e.g., `dos2unix unixfile dosfile' and `unix2dos unixfile dosfile'. - end -- Those look like perl scripts. If so it's just that I'm unfamiliar with the SED command that is throwing me off. I'll try each as a perl script anyways just to be sure. Andre p.s. Here is aother solution: cat filename | sed 's/^M//' -- I tried this one, it didn't convert the file, it ran the file (all of the print commands printed to screen. Afterwards I typed perl filename and same issue exists. I even tried this command and piped it with to create anew file still the same error message :(
Re: Page length using a2ps
Saadi, Do a search in the a2ps info document for --lines-per-page. You might be specifying an incorrect font-size parameter. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 26 Aug 1999, Jor-el wrote: Date: Thu, 26 Aug 1999 23:46:55 -0500 (CDT) From: Jor-el [EMAIL PROTECTED] To: Debian User List debian-user@lists.debian.org Subject: Page length using a2ps Hi, I have a text document that is formatted with page length = 68 rather than the 65 which is the default for a2ps. However, whenever I try to format the text using a2ps into a 68 lines per page document (using the --lines-per-page option), it doesnt seem to make a difference : I still get a postscript document with 65 pages. What am I doing wrong? Thanks, Jor-el He who is intoxicated with wine will be sober again in the course of the night, but he who is intoxicated by the cupbearer will not recover his senses until the day of judgement. -- Saadi
Re: Files: Debian-to-dos.
Vitux, You can use unix2dos, in the sysutils pacakge. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 26 Aug 1999 [EMAIL PROTECTED] wrote: Date: Thu, 26 Aug 1999 15:30:43 +0200 From: [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: Files: Debian-to-dos. Is there a way to save a linux-file to a dos-diskette in a dos-readable way? (Say I wanted to show you guys a config-file or something when I'm mailing from an NT-box, not wanting to type the whole thing, or I wanted to take a file from f. x. StarOffice with me to work...) Please don't flame a pitiful 'nix newbie. I'm really trying to learn, and I already love the efficiency of linux compared to my horrible WinNT box at work (breaks down several times a day...) Regards Vitux Error is human; complete disaster takes a computer
Re: Apache-SSL suppresses inlime images?
Well, I'm not sure but again I have a question. What about things like MinSpareServers, MaxSpareServers and KeepAlive? If there aren't enough spare children running, then some requests may drop. Subsequent requests find some graphics in the local cache and then request the ones that didn't make it last time. Dunno, but take a look. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 20 Aug 1999, Ralf G. R. Bergs wrote: Date: Fri, 20 Aug 1999 22:12:49 +0200 From: Ralf G. R. Bergs [EMAIL PROTECTED] To: Ernest Johanson [EMAIL PROTECTED], [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Re: Apache-SSL suppresses inlime images? Hi Guys, strange, I must have somehow missed your messages on the mailing list... Anyway, here we go... On Fri, 20 Aug 1999 15:42:52 -0400 (EDT), [EMAIL PROTECTED] wrote: Don't know that I have an answer, but a question. How are standard port 80 connections being made to Apache-SSL? By default it runs on port 443. Here's a few excerpts from my httpd.conf: === 8x Port 80 BindAddress * ServerName my externally visible hostname UseCanonicalName off # SSL-- Listen 80 Listen 443 SSLDisable VirtualHost my externally visible hostname:443 SSLEnable /VirtualHost VirtualHost internal hostname:443 SSLEnable /VirtualHost === 8x Do you see anything that looks fishy? Or anything that's missing? The only thing I've seen like this is when a page accessed via https contains full URLs (http://whatever;). The ssl server views those elements as insecure and refuses to load them. Not the same as your situation, but perhaps a clue. I don't think this is helpful in my situation. There aren't any absolute URLs in my web pages. And remember that pressing reload a couple of times finally gives me all the inline graphics I expect. It sounds like the answer because if you don't listen on port 80 you don't log anything. The way I always do it is to use VirtualHost directives and specify the port: VirtualHost ssl.foo.com:443 VirtualHost www.foo.com:80 As you see above this is exactly how I'm doing it. Ok, any other ideas? Thanks for your help so far. Ralf -- Sign the EU petition against SPAM: L I N U X .~. http://www.politik-digital.de/spam/The Choice /V\ of a GNU /( )\ Generation ^^-^^
Re: Apache-SSL suppresses inlime images?
Ralf, Don't know that I have an answer, but a question. How are standard port 80 connections being made to Apache-SSL? By default it runs on port 443. The only thing I've seen like this is when a page accessed via https contains full URLs (http://whatever;). The ssl server views those elements as insecure and refuses to load them. Not the same as your situation, but perhaps a clue. HTH. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Thu, 19 Aug 1999, Ralf G. R. Bergs wrote: Date: Thu, 19 Aug 1999 10:54:35 +0200 From: Ralf G. R. Bergs [EMAIL PROTECTED] To: Debian GNU/Linux User Mailing List debian-user@lists.debian.org Subject: Apache-SSL suppresses inlime images? Hi, I have a very bizarre problem with Apache-SSL 1.3.3+1.29-2. Maybe one of you by chance can help me? Ok, here we go: I have a webpage that consists of static html pages, frames, inline images, and several Perl cgi scripts that dynamically create html pages. The server machine has two IP addresses: the external one visible from the Internet, and the internal one only visible from the LAN. When I access the server internally (i.e. I establish a connection to its internal IP address) I've no problems whatsoever. But when people access the machine from the Internet (talking to the external IP) it often forgets inlime images, i.e. Netscape only displays the broken image symbol. When they click reload it often shows more images, and after they've clicked a couple of times all images are there. The connection originates from the campus network and terminates in the campus network, i.e. there's no transmission problems, no network congestion. The connection is NOT a SSL connection, but a standard port-80, unencrypted http connection. I don't yet know whether things change if they use SSL because I've not yet asked them to try SSL. In the browser they're not using proxies, and by my instructions they've cleared memory and disk cache before trying to go to my page. There's NO errors in Apache's log file. The access log file does NOT show that the client tried to GET the missing images. The other images that are being displayed DO appear in the access log file. That could either mean that the client -- for whatever reason -- doesn't request them, OR that the server doesn't log and fill the request. Ok, that's bizarre, isn't it? Any ideas?! Thanks, Ralf -- Sign the EU petition against SPAM: L I N U X .~. http://www.politik-digital.de/spam/The Choice /V\ of a GNU /( )\ Generation ^^-^^
Re: Apache: unable to use authentification
Marc, Try checking the file permissions on your password file. It needs to be readable by the user the web server runs as. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 18 Aug 1999, Bart-Jan Vrielink wrote: Date: Wed, 18 Aug 1999 02:49:05 +0200 (CEST) From: Bart-Jan Vrielink [EMAIL PROTECTED] To: Marc Mongeon [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: Apache: unable to use authentification On Tue, 17 Aug 1999, Marc Mongeon wrote: You need to specify the AllowOverride AuthConfig directive for that directory in one of the main config files (e.g., /etc/apache/access.conf). I have AllowOverride All for this directory. I hoped that All would be enough :) Anyway, without AllowOverride set to either All or AuthConfig, I do get a request for usernamepassword, but this alwais fails. I tried using a plain password file, a dbm file and using PAM. All fail. I'm trying to get Apache (tried the Slink version and the current Potato version) to use authentification for some directory. Inside the directory have the following .htaccess: AuthType basic AuthName rinet AuthUserfile /etc/apache/htpasswd require user bartjan When I try to authentificate myself, I get in error.log: [Tue Aug 17 16:13:20 1999] [error] (13)Permission denied: access to /rinet/ failed for 10.2.100.11, reason: Authentication failure Passwd file was produced with htpasswd and does contain the user bartjan. I tried to authentificate myself numerous times, so mistyping the password is not the problem. auth_module is loaded in httpd.conf The systems I tested on are Slink systems, but with Potato libc6 (2.1.2-0pre2) and a few other upgrades. Kernels 2.2.5 and 2.2.6 Tot ziens, Bart-Jan
Re: confusing X problem
How old is your version of Debian? Did you install the XF86_SVGA from a debian package or compile it from source? Thanks for that info. I didn't even know that file was there, but it wouldn't matter much since mine is old and doesn't have that entry. Did I do something bad by just getting a new XF86_SVGA and not upgrading anything else?
Re: confusing X problem
The only way I know to approach a problem like this is to get the system to a known state, and then proceed with a step-by-step analysis to reduce the number of variables, and isolate the problem. I would suggest something like the following: Verify whether the current version of stable does have support for your card. If so, purge your current xserver pacakges, and reinstall them. Make sure that the package dependencies are all met during the installation, and that any packages that were not configured get configured (run dpkg --pending --configure). Gather together all the relevant docs, HOWTO's, man pages, etc. Now begin the X configuration process. At each step, read the relevant portion of the docs to verify that the correct data is entered, and that the system gives the correct response. Assuming all goes well, run it. Now observe what does or does not happen. Note the specific errors and where in the process they occur. Go back to the docs and read the relevant sections. As you attempt to resolve each error, again note what happens and try to find out why. In this way, the the potential problem areas are narrowed down and hopefully isolated. If not, it is much easier to ask someone to help when the problem has been clarified. If this sound like a lot of work, well, it is. But IMHO it is easier than trying to solve a difficult problem intuitively. Taken a step at a time, it comes together easier than it might seem. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 17 Aug 1999, Patrick Olson wrote: Date: Tue, 17 Aug 1999 09:57:26 -0700 (PDT) From: Patrick Olson [EMAIL PROTECTED] To: Ernest Johanson [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: confusing X problem How old is your version of Debian? Did you install the XF86_SVGA from a debian package or compile it from source? I started from a Debian 2.0 CD, but did not install X from there. I pointed dselect to ftp://ftp.debian.org//pub/debian/dists/stable for updating the stuff that installed off the CD and then adding X. So, I _think_ everything is up to date with dists/stable. I have tried three XF86_SVGA binaries. The first (3.3.2) came as a .deb package from somewhere under dists/stable. The other two (3.3.3, 3.3.4) were from a .tgz file pulled from a mirror of xfree86.org That brings to light the question of whether or not I can get away with downloading a server binary and dropping it on top of an older version of X. Also, I just noticed something about my monitor. The specs say, Plug and Play: 1/2B. I don't have a clue what that means, but could that have anything to do with it? It is an NEC MultiSync XV15+. I can try it with a different monitor if that might help, but I don't have any sort of specs or docs on the other one, as it just says Tangent Computer. I hope some of this information helps bring to light whatever stupid mistake I am making! As always, I appreciate all of the people who take time to help me with this. Thanks, Patrick
Re: confusing X problem
Patrick, I took a look at your files on the web. A quick check of /usr/X11R6/lib/X11/Cards indicates the following: NAME Weitek P9100 (generic) CHIPSET Weitek P9100 SERVER SVGA NOCLOCKPROBE I noticed you have a RAMDAC entry and a Clocks entry in your XF86Config. It may be that the card does not like to be probed (the commented VideoRam entry would suggest this). If you haven't already, try removing those entries and see what happens. Beyond this I'm out of ideas. Just read, read, read :-) Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sun, 15 Aug 1999, Patrick Olson wrote: Date: Sun, 15 Aug 1999 21:04:40 -0700 (PDT) From: Patrick Olson [EMAIL PROTECTED] To: Ernest Johanson [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: Re: confusing X problem You can find documentation at http://www.cc.gatech.edu/linux/LDP/. Check out the Installation and Getting Started Guide, and the X HOW-TOs. Thank you for the information. However, I have tried to make sense out of the information and still can not get anything better than 320x200 resolution. The Installation and Getting Started Guide referred to two documents which apparently did not get installed on my system: VideoModes.doc, modeDB.txt. As such, I couldn't find the information that is apparently necessary to continue. Even after all of this reading, I simply do not understand what is wrong with the configuration. There are several 800x600 mode lines for X to choose from, and the screens section has both 640x480 and 800x600 listed under each of the four color depths (8, 16, 24, 32). That led me to the device section, where everything looked OK, except that for some strange reason, VideoRam 2048 was commented out. Unfortunately, fixing that didn't change the resolution it chose. It simply makes no sense to me why it is rejecting 640x480 and 800x600 modes without giving any errors about those modes. Since I clearly don't know what I'm doing, or not doing, could someone please take a minute to point out the mistakes in my config file? By the way, my /etc/X11/XF86Config and /var/log/xdm.log are at: http://home.internetcds.com/~compman/XF86Config http://home.internetcds.com/~compman/xdm.log Thank you, Patrick Olson
Re: confusing X problem
Patrick, You can find documentation at http://www.cc.gatech.edu/linux/LDP/. Check out the Installation and Getting Started Guide, and the X HOW-TOs. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 14 Aug 1999, Patrick Olson wrote: Date: Sat, 14 Aug 1999 23:34:51 -0700 (PDT) From: Patrick Olson [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: confusing X problem I have been trying all day to get XFree86 3.3.2.3 running, but have simply had no luck getting any resolution other than 320x200. I would like it to do 800x600 with 256 (or more) colors. The video card does that just fine under Windows95, so I know the hardware is capable, although maybe not very compatible. I wasn't sure about using a lot of bandwidth on this list since the config file is about 20K, so I have put it on my ISP's server along with the output. They are at these two addresses: http://home.internetcds.com/~compman/XF86Config http://home.internetcds.com/~compman/logfile.txt I would really appreciate any help, or pointers to documentation that would help. If anyone would like me to e-mail them the config file or the output, I will be happy to. XF86Setup could not successfully switch into graphics mode with the VGA16 server; it just put a grey background on the screen and nothing else. The configuration file was originally made using xf86config, and I have made some changes to try and get 800x600 (without any success). The video card is a 2MB Diamond Viper Pro Video, and is a PCI card. I have been trying to use the SVGA X server. Please help me figure this out so I don't have to run Win95 on this computer :-) Patrick
Re: X resolution problem
Bill, Are you sure you have the correct specs for your monitor's horizontal and vertical refresh rates? If your entries are correct and you try to use a higher resolution that execeeds the specs, the Xerver will remove the invalid modes. If you enter values that exceed what the monitor can handle, the Xserver will do what you tell it, but the monitor will act strangely. The docs warn that this can severely damage your monitor (including starting a fire if it goes too far). If you have the correct specs entered, then the next step is to verify that the resolution you want to use can be done without execeeding them. I've always done this by reading the XF86Config file and editing it if necessary. You can find documentation at http://www.cc.gatech.edu/linux/LDP/. Go to the HOWTO section and look for the XFree86 HOWTO. You may also have this in /usr/doc/HOWTO if you got that package. If there is a way to use the config tools to do this, perhaps someone can post it. Hope this is helpful. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 14 Aug 1999, Bill wrote: Date: Sat, 14 Aug 1999 14:38:29 -0400 From: Bill [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: X resolution problem Hello all, I have a small problem. I've set up Slink on a very old machine that has a #9GXE64 S3 based PCI card. I have X working but only at the lowest possible resolution 640-480 using the SVGA server. If I try pushing up the resolution or using the S3 servers, I get the monitor going into sleep mode, a message that no connection could be made to the X server or out of sync message from the monitor. So far I have used XF86Setup and xf86configure to setup X, but I got no better results. The software and packages installed: Slink XFree 3.3.2.3a with vga, svga and S3 servers monitor at Dell 828FI graphics card #9GXE64 PCI Mb RAM, ATT21c498 chipset and idc2061a Can somebody tell me what I'm doing wrong or just plain give me a hand here? Thanks Bill Get your FREE web-based e-mail and newsgroup access at: http://MailAndNews.com and http://MailAndNews.co.uk Create a new mailbox, or access your existing IMAP4 or POP3 mailbox from anywhere with just a web browser.
Re: ProFTP denying write
The AllowAll directive has to do with who is allowed to access the files referenced in the block. The one you want is AllowOverwrite. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 13 Aug 1999, Stephen Kelly wrote: Date: Fri, 13 Aug 1999 15:48:43 +0800 From: Stephen Kelly [EMAIL PROTECTED] To: debian-user@lists.debian.org Subject: ProFTP denying write Hi Everyone, My system is is a linux 2.2.10 kernel running potato. My proftp server is denying write to all ftp directories regardless of privilege, even after I tested it out by configuring a limit writeallowall/limit directive Anyone know of any libraries that may be brokem, or issues relating to proftd or potato that would cause this. everything else on the system seems fine. regards, Steve --- *** Stephen Kelly | Ph(08) 9360 6638 *** Webmaster, TLC | Fx(08) 9310 4929 *** Murdoch University | Mb 041 986 9804 *** Perth, WA 6150 | [EMAIL PROTECTED] ---
Re: X window resolution extremely low
Lev, One way you can check what's going on is to type Control-Alt-F1 (assuming that X was started from the first virtual terminal). You should see some info like below. You can get back to X by typing Control-Alt-F7. This should tell you what modes are available. If what you want is there, then edit the Screen section (example below) of your XF86Config that applies to your x server. If your server recognizes the DefaultColorDepth parameter you can set your default depth that way, otherwise you can use startx -- -bpp depth with whatever depth you want to start with. The first entry on the mode line will be the default. x server info -- (**) S3: Monitor ID: Goldstar1 (--) S3: Mode 1280x1024 needs hsync freq of 78.86 kHz. Deleted. (--) S3: Mode 1280x1024 needs hsync freq of 81.13 kHz. Deleted. (**) FontPath set to /usr/X11R6/lib/X11/fonts/misc/,/usr/X11R6/lib/X11/fonts/Type1/,/usr/X11R6/lib/X11/fonts/Speedo/,/usr/X 11R6/lib/X11/fonts/75dpi/,/usr/X11R6/lib/X11/fonts/100dpi/,/usr/X11R6/lib/X11/fonts/freefont/,/usr/X11R6/lib/X11/fonts/share font/ (--) S3: PCI: Trio32/64 rev 54, Linear FB @ 0xf000 (--) S3: chipset: Trio64V+ rev. 54 (--) S3: chipset driver: newmmio (--) S3: card type: PCI (--) S3: Diamond Stealth BIOS found (--) S3: videoram: 2048k (--) S3: Ramdac type: s3_trio64 (--) S3: Ramdac speed: 135 MHz (--) S3: Using Trio32/64 programmable clock (MCLK 54.886 MHz) (--) S3: Maximum allowed dot-clock: 95.000 MHz (**) S3: Mode 800x600: mode clock = 50.000 (**) S3: Using 16 bpp. Color weight: 565 (**) S3: Virtual resolution set to 800x600 (--) S3: Local bus LAW is 0xF000 (--) S3: Using a banksize of 2048k, line width of 800 (--) S3: Using a single 64x64 area at (736,601) for expanding pixmaps (--) S3: Using 16 planes of 736x709 at (0,601) aligned 8 as font cache screen section of XF86Config -- Section Screen Driver svga Device Diamond Monitor HP DefaultColorDepth 16 Subsection Display Depth 8 # Omit the Modes line for the Generic VGA device Modes 800x600 1024x768 1280x1024 ViewPort0 0 # Use Virtual 320 200 for Generic VGA EndSubsection Subsection Display Depth 16 Modes 800x600 1024x768 1280x1024 ViewPort0 0 Virtual 800 600 EndSubsection Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 6 Aug 1999, Lev Lvovsky wrote: Date: Fri, 6 Aug 1999 01:39:24 -0700 (PDT) From: Lev Lvovsky [EMAIL PROTECTED] To: debian-user@lists.debian.org Cc: debian-user@lists.debian.org Subject: X window resolution extremely low hello, I installed slink on my workstation here @ work, and I'm having problems with the resolution of X...it's horribly low. I'd say 300x240. I've run xf86setup multiple times (with different setups) to no avail. I think that hte problem may lie in the fact that it's a non-standard vid card, that's embedded on the MB. the motherboard is a SiS Slot1/Socket 370 model, and the vid card unit is a SiS620 (if I'm correct)...with, what I believe is 8MB RAM (anyway for me to check this?) I'd like to get it up to at least 8x6 @ 32bit, if not 1024x768 (16 or 32bit would be fine) any help would be appreciated! -lev
Re: Best way to check out hardware / BIOS problems?
David, If you haven't done so already, you could check to see if any video/bios shadowing is turned on in the bios. It should be off. Also whether there are any memory speed/configuration issues. Do all the memory modules have the same speed (60, 70, whatever nanoseconds)? And does the motherboard count on having two banks of memory? I had a situation once where I had one SIMM installed. Windoze ran fine, but Linux had fits. Once a second SIMM was installed, it ran fine. You might want to check to see that there is plenty of space in your swap partition. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 4 Aug 1999, David Hamilton wrote: Date: Wed, 04 Aug 1999 21:09:45 -0700 From: David Hamilton [EMAIL PROTECTED] To: Debian User List debian-user@lists.debian.org Subject: Best way to check out hardware / BIOS problems? I have two systems that crash regularly while running slink. I suspect that this is probably hardware-related, but I can't see any evidence of it in the logs. Does anyone have any suggestions for checking out these problems, preferably at a low level? The hardware is fast and reliability improves if I turn off both internal and external cache, although performance dies when I do that. The majority of the crashes seem to be related to video (Matrox Millenium I), since the X server dies a few times per day. Netscape seems to crash most often, sometimes bringing down the X server. The X server dies once for every 5-10 Netscape crashes. The video card is PCI, but is a couple of years old. There is also an ISA bus Ethernet card.\ The two systems have the same symptoms, but have different motherboards, CPUs and configurations, yet both have similar symptoms.\ Any suggestions? --dh
Re: EXIM, Help stop relaying spam
David, You can check your mail hosts for relaying at http://maps.vix.com/tsi/ar-test.html. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Tue, 3 Aug 1999, David Warnock wrote: I have turned off all relaying (but don't know how to check that it is sucessful). But it seems that I am still allowing telnet onto port 23 to issue the smtp commands to send mail from an invalid user to outside our domain. I don't want that to happen. How can I fix that?
Re: STABLE graphical FTP clients?
Try filerunner. It's in Debian. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Wed, 21 Jul 1999, Shao Zhang wrote: Date: Wed, 21 Jul 1999 11:06:33 +1000 From: Shao Zhang [EMAIL PROTECTED] To: Bryan Scaringe [EMAIL PROTECTED] Cc: debian-user@lists.debian.org, [EMAIL PROTECTED] Subject: Re: STABLE graphical FTP clients? Hi, I have these ftps on my machine, looks like xftp is what you want. shao:/home/shao$ dpkg --list | grep ftp ii cftp0.9-10 A full-screen ftp client. ii dpkg-ftp1.4.10 Ftp method for dselect. ii lftp1.1.981023-1 Sophisticated command-line FTP client progra ii lurkftp 0.99-4 monitor changes in ftp sites and opt. mirror ii ncftp 3.0beta14-2A user-friendly and full-featured FTP client ii pftp0.8.9-1Fast file transfer program (no authenticatio ii wu-ftpd-academ 2.4.2.16-13A powerful replacement for the standard ftpd ii xftp2.2-8 Athena X interface to ftp. hope this helps... Shao. On Tue, Jul 20, 1999 at 11:53:27AM -0400, Bryan Scaringe wrote: I'm trying to get an FTP client for Linux that is graphical, and supports bookmarks. Something like gFTP or IglooFTP. gFTP is *very unstable* and usually segfaults with just about any operation. I'm using the latest version, 2.0.2, but have noticed this with all other versions I have ever used. IglooFTP is somewhat more stable, but still not enough to be useful. This morning, it kept dying of a broken pipe. I had to boot to Windows and run CuteFTP to find out that the site I was uploading to was full. I can't believe that IglooFTP couldn't handle that gracefully. Any Ideas? Bryan -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null -- Shao Zhang - Running Debian 2.1 ___ _ _ Department of Communications/ __| |_ __ _ ___ |_ / |_ __ _ _ _ __ _ University of New South Wales \__ \ ' \/ _` / _ \ / /| ' \/ _` | ' \/ _` | Sydney, Australia |___/_||_\__,_\___/ /___|_||_\__,_|_||_\__, | Email: [EMAIL PROTECTED] |___/ _
Re: Security problems
You can do this with proftpd. There is a DefaultRoot directive that will chroot to a dir on a per-group basis. I have the same situation with a group of web publishers. The first step was to define a virtual host (this particular server is restricted to internal use only). Then each user is added to a new group that will have access to the particular directory. When the user logs in, the server detects which group the user is in and chroots to the DefaultRoot for that group. I have included part of the proftpd.conf file below. If you are using NIS, set PersistentPasswd off. The umask setting allows a head content developer (who is added to every publishing group) to make changes if needed. AllowOverwrite enables files to be written. By setting RequireValidShell off, I am able to maintain telnet access to the server for adminstrative purposes (our users don't have a valid shell on this machine). Hopefully this will get you going. You may need to spend some time in the docs to get the sense of what the directives are doing. If you still have questions after that, either post to the list or email me directly. I read the digest, so if you post to the list, cc me as well. --- begin conf -- VirtualHost 1.2.3.4 ServerName Publishing Server Umask 002 AllowOverwrite on RequireValidShell off # add defaults for web authors here. Order is signicant-the server takes # the first match. The main author has the top, departments are below. # The default matches anyone who is not a member of a authoring group # and logs them into the anonymous ftp dir. The order of the directory # configs is not significant. DefaultRoot /a/devel eauth ... DefaultRoot /ftp Directory /a/devel GroupOwner eauth HideGroup root /Directory ... /VirtualHost end conf -- Ernest Johanson Web Systems Administrator Fuller Theological Seminary lena wrote: Hello! I am a newbie with administrating my own Debian server, and got problems that got to do with security. I have 20 different users that got both ftp and telnet access to the server /using it for web publishing/. I would like to add they got access to their root directory and all directories below it, but not to be able to go towards the \. Also, they shouldnt have telnet access. I have looked through all documentation I have been able to find, and asked everywhere, and it seems to stay unsolved.
Re: Granting access
Mario, Check out the UserDir directive in the apache docs. You could also put a symlink in the DocumentRoot if you wanted. One issue here will be the permissions on the user's home dir. It will have to be world executable for the web server to be able to read the html directory beneath it. The .htaccess will control the web access, but there could be other ways of getting at the docs (for example, an ftp client). Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Fri, 9 Jul 1999, Mario Jorge Nunes Filipe wrote: Date: Fri, 09 Jul 1999 16:35:20 +0100 From: Mario Jorge Nunes Filipe [EMAIL PROTECTED] To: debian-user@lists.debian.org debian-user@lists.debian.org Subject: Granting access Hi I have a user arround here who has explicitly asked to have the permissions on his home directory to 0700. He wants to access some info on his home dir throug a browser (he will put it in public_html), but in a way that only he can access it. I suggested using .htaccess to ask for a password. The problem is how do i let apache go to his home dir to read the info. I don't believe this is possible, but i decided to ask anyway. Thanks -- Mario Filipe [EMAIL PROTECTED] http://neptuno.sc.uevora.pt/~mjnf
Re: gpm troubles on potato? (kbd-related?)
I had some problems similar to this on a recent potato install. On this machine, the Logitech PS/2 mouse connects to a separate mouse port instead of a standard serial port. Both kernels 2.0.36 and 2.29 had the same issue. Turned out that /dev/mouse pointed to /dev/ttyS0 when it needed to point to /dev/psaux. Resetting the /dev/mouse symlink and setting the protocol in /etc/gpm.conf to ps2 fixed it. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 12 Jun 1999, Lazarus Long wrote: Date: Sat, 12 Jun 1999 00:19:18 + From: Lazarus Long [EMAIL PROTECTED] To: debian-user@lists.debian.org Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: gpm troubles on potato? (kbd-related?) Has anyone else here been experiencing gpm troubles on potato in recent days? I've tried downgrading gpm and libs to a version which is working on another box, but that hasn't helped. This is a PS/2 style mouse, btw. Syslog reports /usr/sbin/gpm[pid]: Error in protocol whenever I move the mouse, and the keyboard locks up for a while. (I've even gone to a remote machine and remotely rebooted during these periods, not knowing it might resolve itself in time.) Is there any chance this is due to the recent changes in the kbd package? It's fairly obviously not gpm, since downgrading gpm didn't help. Being rather ill at present, I'm not trusting my own diagnostic skills like I normally would, and may have missed something obvious. Suggestions? -- PGP Public Key available on request: Type Bits/KeyIDDate User ID pub 1024/CFED2D11 1998/03/05 Lazarus Long [EMAIL PROTECTED] Key fingerprint = 98 2A 56 34 16 76 D5 21 39 93 99 EA 89 D4 B5 A2
RE: VBScripts within Apache :(
You might take a look at www.vbix.com and see if their products are what you are looking for. I've not used any of them so can't say how well they work. Ernest Johanson Web Systems Administrator Fuller Theological Seminary On Sat, 23 Jan 1999, Shaleh wrote: Date: Sat, 23 Jan 1999 12:50:34 -0500 (EST) From: Shaleh [EMAIL PROTECTED] To: Paulo Henrique Baptista de Oliveira [EMAIL PROTECTED] Cc: debian-user@lists.debian.org Subject: RE: VBScripts within Apache :( Hunt around on freshmeat.net a few ASP solutions exist there. VBScript itself though I do not believe has a non-Windows analogue, sorry. People really should learn to use portable languages. On 23-Jan-99 Paulo Henrique Baptista de Oliveira wrote: Hi Debian users, a friend of mine already installed Apache and is wondering if it has VBScript support. He has a SQL database and some ASP VBScript that access it. Have a nice day,Paulo Henrique