Re: [Discuss] Local ISP Recommendations?

[Daniel Hagerty]

David Kramer  writes:

> I'm getting now.  In researching it though, about half the articles
> say it should be fine, and half the articles point out how it's super
> dangerous and you can end up having your mail sent to someone else's
> server if your IP address gets assigned to them.
>
> I would love to get your opinions (or even better, facts) on how
> dangerous it would be to run a web and mail server on a dynamic IP. I
> think Matt was asking about that too.



Way, way back when I was on comcast residential service (Oct 13,
2001 to be precise), I had a mail server hanging off my dynamic address.
Delightfully, comcast managed to blow away their DHCP database one
night.  It made the globe, being a wide area outage, which was
"mistakenly" reported as an act of god kind of thing.

Anyway:

A) The guy who got my previous address had an SMTP server that, as near
as I could tell, would blackhole incoming mail.

B) The guy who had held what was now my legitimate dhcp address was
paying no attention to dhcp, so that I had to outrace his arp replies
(knocking him off the net) to get my machine online with what was now
*my* address to change my dns records and successfully sink mail rather
than lose it.

Great fun!  Your luck will probably be better than that, but there you
go.


I spent 3/4 of a decade on speakeasy after that, but they went
noticeably down hill after being acquired a time or three.


I am now on comcast business service (the only viable option) and,
despite the experience above, have noting but good to say about it
(knock on copper).  Outages are few, static address is cheap enough, and
the few times I've dealt with tech support, it's been tolerable, and in
new hampshire.  I'm a quarter mile from one of media one's original head
ends, so that may count for a lot.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] xargs guide

[Daniel Hagerty]

Bill Ricker bill.n1...@gmail.com writes:

 | xargs has advantages over -exec.
 + Can take multiple files per exec if supported, e.g. 'rm', massively
 reducing the exec() overhead.
 + can work with sources of filenames other than find

You misunderstand.  You are thinking of find -exec {} ; which is
an exec per found object.

find $find_args -print0 | xargs -0 $command

is approximately

find $find_args -exec $command {} +

with some other small optimizations you can get by having this canonical
idiom open coded into find.  It saves brain cells, it doesn't obsolete
xargs.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] xargs guide

[Daniel Hagerty]

John Abreau abre...@gmail.com writes:

 When I use find(1) and xargs(1), by default I always use something like

 find . -xdev .. -print0 | xargs -0 

Newer find programs directly support this idiom with

find . -exec foo {} +
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Thin Provisioned LVM

[Daniel Hagerty]

ma...@mohawksoft.com writes:

 Again, like I said, these do not address the problems. Specifically, the
 post about sparse volumes says nothing about how to keep a ZFS pool from
 growing out of control on a sparse presented to it from a SAN. It merely
 says give ZFS whole disks, which is stupid.

What you are looking for is ATA TRIM support.  It is an ANSI T.13
standard, which should tell you that your ire with ZFS is misplaced.

*If*, and only *if* your disk abstraction supports ATA TRIM, it is
possible for filesystems to communicate with the disk abstraction about
blocks they have previously allocated, but are now free.  ZFS has the
problem, ext* has the problem, and in fact, anything that allocates
blocks on a disk abstraction has the problem.  As you yourself implied,
for many decades, leaving garbage blocks didn't matter and so there was
no way to communicate this to the disk.

Your operating system may or may not support all the needed parts,
because all of this is still bloody.  Needing to free blocks from the
spinning rust emulation is new.  The OS, ZFS, and disks I'm running can
all do TRIM, but I can't speak for yours.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Using sftp without a shell account

[Daniel Hagerty]

First off: check that the sshd on the mac isn't crashing.  OS-X will
hide this because they (re)start sshd out of launchd.  My sftp -vv trace
against a mac keeps going after yours stops.  More generally, ssh traces
are most useful from the server side.  See what you get for
/usr/sbin/sshd -dd -p 8022 and be sure to direct the client to that
alternate port.

Bill Horne b...@horne.net writes:
 I don't see an nsswitch.conf file on the machine.

os-x isn't nss based.  Apple does their own thing here, and it's
been different from release to release.  See if dscl is still there;
it is/was the direct introspection tool for all things going through
their nss-alike.  Also, double check that the unix basics really do what
you expect with:

perl -MData::Dumper -e 'print Dumper([getpwnam(billhorne)])'

for both local and ldap sourced users.  You should get something that
looks like the fields of a V7 passwd file.

 It's a Mac Mini, with a generic OS X Yosemite installation, and OS X
 Server 4.1 installed.

 There are a couple of local users, which are just administrative
 accounts. Everyone else is a network user, entered in Open DIrectory
 but not in the local machine. I'm hoping that Open Directory is close
 enough to OpenLDAP that I can transfer knowledge.

Last time I touched os-x server, the LDAP server was openldap.

Beware that the way you are trying to solve this problem isn't a way
unix historically does well.  The standard library calls (man getpwent)
for users have no notion of where the user came from, because as far as
that call is concerned, it's /etc/passwd, even when it isn't.

PAM can be argued into doing what you want.  You are likely to
bleed.  At least, that's what happens for me with every thought like I
could get pam to 

It's unlikely that apple supplies a PAM module that does what you
want.  If you're lucky, somebody wrote one.  For linux.  You get to port
it.  Bet you a nickel you run into a show stopping bug in a part of os-x
you can't fix.  (For those who like to say os-x is just freebsd, it's
just freebsd in the same that the gnu hurd is just bsd net 2).

You might consider the keep it simple stupid approach of using
ssh's AllowUser/AllowGroup settings.  OS-X does not reward veering from
the path, server more so.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Rejecting vs. bouncing with postfix

[Daniel Hagerty]

Richard Pieri richard.pi...@gmail.com writes:

 Rich Braun wrote:
 relayhost = (redacted)

 This is your problem. relayhost is where Postfix forwards (relays) mail
 when the specified recipient isn't local (read: does not exist in any of
 your local maps).

Good catch.

relay_recipient_maps.  REQUIRED for any postfix configuration with
relays set, or you are part of the problem.

The map(s) must *fully enumerate* which addresses to accept.  There
is, unfortunately, no magic here, as everbody's mail system is wildly
different (e.g. the one for my mind-numbingly simple setup is 2500 lines
long, but blessedly computer generated from my alias file, password
file, and mydomains list on the primary).
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Geoff Huston's talk at NANOG53

[Daniel Hagerty]

Tom Metro tmetro+...@gmail.com writes:

 1. I believe it was at the February BLU talk where I heard that
 http://www.blu.org/meetings/2013/02/201005-hagerty.pdf


That actually looks to be the bblisa version of the talk from 2010.
See http://www.linnaean.org/~hag/blug-ipv6-20130220.pdf, page 10, or
just skip that and go to the source matter at
http://www.nanog.org/meetings/nanog37/presentations/alain-durand.pdf.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Comcast's IPv6 deployment

[Daniel Hagerty]

Tom Metro tmetro+...@gmail.com writes:

 Ah, perfect, those sides from Comcast's IPv6 Architect explains how the
 move to IPv6 was driven by their internal needs...

I'll bet you'll find a lot of the glossed over bits in the slides
expanded on in the audio recording:

http://www.nanog.org/meeting-archives/nanog37/presentations/100million.ram

In general, nanog talks have been really good ever the years for
capturing details like this.  I haven't listened to this one.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Home Routers

[Daniel Hagerty]

Typical wireless APs are built with a 6 port, vlan capable ethernet
switch.  One is the internet port, four are the internal LAN ports,
and one connects the system on a chip, with two vlans to allow the SoC
to access both the LAN and internet networks.

The only traffic that's handled entirely by the switch in the
typical setup is traffic between the internal network ports.  Everything
else traverses the much slower SoC.  Perhaps bridged, perhaps routed,
but whatever it is, is done in software.

It's worth keeping in mind if you're pushing one of these boxes
hard.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] IPv6 Hardware

[Daniel Hagerty]

Chris O'Connell omegah...@gmail.com writes:

 I attended the BLU presentation this week.  Really interesting topic, great
 presentation!  One area that wasn't covered heavily was hardware.  I'm
 curious, what hardware (switches, routers, wireless) are people using for
 their IPv6 in their home and their offices, and why?

Thank you!

I personally don't have much that I file under hardware that does
ipv6.

I can think of my switch, my printer, the wired mp3 player box, and
a hotspot as hardware things.

My printer is old enough to drive.  The wired mp3 player isn't much
younger.  The switch is recent, and its management is ipv4 only.  It
switches v6 traffic without any trouble.  I'm not expecting to disable
v4 around here any time soon, so I can live with this.

The hotspot I bought during my local hurricane sandy outage, and
ipv6 just wasn't a priority.  It's too bad, since t-mobile is among the
furthest along mobile providers.  I don't remember if I mentioned it
during the talk, but t-mobile's v6 offering has 100% coverage, and is
impressive in that it's the largest v6 *only* deployment I know of,
where you reach the v4 net via nat64/dns64.

The more software-y things around here that do it without trouble
include win-XP, a few macs, linux + freebsd boxes, old cisco boxes I use
for lab gear, some apple ios stuff, and my wireless AP running third
party firmware.  The AP's stock firmware claimed v6 support, but I had
no interest in running it.

Work's juniper boxes claim not to have any trouble with it, but I'm
not likely to test that.  They'll have other work to be doing.  Several
of work's printers claim to support it.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] nfs hard links

[Daniel Hagerty]

Edward Ned Harvey (blu) b...@nedharvey.com writes:

 Can you hard link a NFS mounted file to another NFS mounted file on the same 
 NFS system?

In general, the way to answer questions about capability with an RPC
protocol is to find the .x file used by the RPC protocol compiler,
rpcgen.

On my system, that's /usr/include/rpcsvc/nfs_prot.x .  In it, you
will find:

program NFS_PROGRAM {
version NFS_VERSION {
[...]
nfsstat
NFSPROC_LINK(linkargs) = 12;

nfsstat
NFSPROC_SYMLINK(symlinkargs) = 13;

where this is the NFSv2 spec (#define NFS_VERSION 2 in a nearby
header).  The rest of the spec hints further that these do what you
think.  If still in doubt, NFS is rfc defined.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] nfs hard links

[Daniel Hagerty]

Bill Bogstad bogs...@pobox.com writes:

 Which as of the 1995 version 3 RFC, clearly defines LINK and SYMLINK
 protocol commands.   Unfortunately, it also documents that some
 servers might not support LINK or even SYMLINK and introduces a FSINFO
 command that a client can use to determine ahead of time if a server
 supports these or other features.   So the real answer is it depends
 on your local implementation.   See

Yes, well, there's always room for that :)

I still have un-fond memories of a certain platform whose
implementation of nfsv3 mknod() was panic().
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Wake-inLAN

[Daniel Hagerty]

Jerry Feldman g...@blu.org writes:

 (I changed the subject on this to specifically reply to Dan.
 My motherboard purportedly supports WOL but there is no indication in
 the BIOS. I was never was able to get it to work. I set up port 9 on my
 router to allow that to pass. It has been a couple of years since I
 played with it. The mother board is a Tyan Thunder n6650 Rev. 1.0

Well, wol *is* fiddly, since one of the computers involved isn't
playing by the usual rules :)

You have to send a magic packet such that the sleeping host actually
receives it.  Lack of arp/ndp entries, and switching, can both get in
the way of the send and receive it bit, since the host isn't running
to participate in the usual requisites.  Sending to an ethernet
broadcast address can cut a lot of this out, but precludes direct wide
area operation.

And since it *is* fiddly and somewhat unusual, there's plenty of
latitude for you vendor to have blown it.  Lack of indication in the
bios certainly isn't a good sign.  All I can tell you is that it works
reliably for me, and that the preceding paragraph outlines the issues I
saw along the way for what I'm doing with it.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Home NAS redux

[Daniel Hagerty]

Mark Woodward ma...@mohawksoft.com writes:

 (non-laptop) hardware? I know you can use hdparm for the disk
 spindown, but does Wake-On-Lan really work?

Yes, it does; I have two machines I use it with on a regular basis.
One is a mac, the other is a generic pc from 2005 or so.

The mac in particular gets woken up on a regular basis by remote
programs.  It's not generally known, but the WoL standard wakeup packet
embeds in UDP without any trouble.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Getting OS/HW details?

[Daniel Hagerty]

Noah Friedman friedman aaat splode dawt com maintains a shell
script that is basically GNU autoconf's hosttype detection logic,
standalone.  It doesn't need root, but in some obscure situations may
require a C compiler.

It is certainly thermonuclear overkill for your situation, but will
offer plenty of hints at technique if you really do feel the need to
trim it down.

ftp://ftp.splode.com/pub/users/friedman/inits/init-7.4.tar.gz contains a
copy in init-7.4/bin/hosttype .
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] I'm looking for a lightweight nntp client

[Daniel Hagerty]

Lightweight would be a shell script that uses netcat for the post.

#!/bin/sh

msgid=`date +%y%m%d-%h%...@linnaean.org`

perl -pe 's/\n/\r\n/'  _EOF_ | nc localhost 119
takethis $msgid
Path: you!me
Newsgroups: linnaean.test
Message-ID: $msgid
Date: `date +%a, %d %b %Y %H:%M:%S %z`
From: Daniel Hagerty h...@linnaean.org
Subject: $1

`cat`
.
quit
_EOF_

You use it like this:

$ /tmp/post this is a subject  /tmp/body
200 perdition.linnaean.org InterNetNews server INN 2.4.6 ready
239 20121028-112...@linnaean.org
205 .
$

If all goes well, you should see a 2xx line for the server banner, a
2xx reply for the takethis, and another 2xx response for the quit.

This script uses takethis for the post; I can't imagine any news
server doesn't implement it by now.  Older ihave is possible, but a few
more lines and more room for wrong.

All of the headers are required; adjust them as needed.

The perl bit is to handle NNTP demanding MS-DOS style crlf line
endings.

It does absolutely no error checking, doesn't attempt to quote any
body line containing a sole ., and hasn't had its rabies shots.  Most
of these things could be done, but would take it over the ten minute
example.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Some Java questions

[Daniel Hagerty]

Jerry Feldman gaf.li...@gmail.com writes:

 We have an important client-related Java issue. We are trying to reproduce
 a client's problem, but they are using a very large host (96GB/8CPU) and we
 just were able to upgrade a VM to 4CPUs and 64GB for this project. I would
 like to know if there are any good run-time tuning parameters that my
 coworker can set to use more of the memory. (We are using Java SE

Run java -X; it'll dump the help for the (non-standard and subject
to change without notice) -X options.

A couple of the memory related ones I've used before include:

-Xmssizeset initial Java heap size
-Xmxsizeset maximum Java heap size
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] T-Mobile pre-paid plans

[Daniel Hagerty]

Tom Metro tmetro+...@gmail.com writes:

 Doug wrote:
 Our carrier is T-Mobile, using their pay-as-you-go, no data plan.
 ... In a year's time, we pay T-Mobile $400 for all our minutes
 (4x1000).

 If you don't use many voice minutes you can actually get by for as
 little as $100 per *year* per phone with T-Mobile. (That's the minimum
 you pay to keep the account from expiring, and it gets you a pile
 (considering voice minutes are in declining need) of minutes.)

Less.  I forget the precise details, but it's something like: once
you've given them $100, any subsequent minutes purchased will both add
to the pile, and refresh the expiration timer on any current minutes you
have, for one year.

I've given them around $130 for nearly two years of talking.  $20
for a quarter's worth of assessment, $100 to extend it all out a year,
and $10 several months ago to refresh the expiration timer.  Have about
$40 of time left, which I expect will be gone before the year is up in
December or so.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] bash output buffering

[Daniel Hagerty]

John Abreau abre...@gmail.com writes:

 On Wed, Jun 13, 2012 at 7:06 AM, Edward Ned Harvey b...@nedharvey.com wrote:

 A command inside of bash generates output every second (ping) redirected to
 a file.
 If you run the command on an interactive shell, then you can tail -f the
 file, and see the output live as it happens.
 But if you run the command inside an at script, or a cron script, you tail
 -f the file... And nothing appears for a few minutes, and then it all
 appears suddenly.

 This is bash buffering the output of ping, before redirecting to file. All
 of which is a level above the OS filesystem buffering.

 What you're describing is the difference between OS tty buffering vs
 OS filesystem buffering. This has nothing at all to do with bash; both
 occur below bash at the OS level.

 The difference is that OS filesystem buffering is block-oriented, and
 OS tty buffering is character-oriented.

Just to add something to google for, Ed is probably dealing with
stdio buffering.  setvbuf(3).  Technically libc, rather than the OS.  I
don't know if bash exposes anyway to fiddle with it, a brief google
mentioned an LD_PRELOAD hack.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Any Postfix + ipv6 people out there?

[Daniel Hagerty]

Derek Atkins de...@ihtfp.com writes:

 In either case it is most likely a postfix configuration issue, but I'm at
 a loss for how to fix it.  I added [fe80::]/10 to mynetworks, but I
 haven't been able to figure out how to get it to output more debugging to
 tell me exactly which rules are affecting the mail.

fe80:: addresses are lacking meaning without a scope indicator.  Try
[fe80::%eth0]/10 for mynetworks, rather than what you did.

That it even let you say that is probably a bug.  Scoped addressing
is a corner case, with all of the bugs that come with it.  Are you sure
you wouldn't rather be using a relatively debugged scopeless address?

___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Any Postfix + ipv6 people out there?

[Daniel Hagerty]

Derek Atkins de...@ihtfp.com writes:

 Yes, I'm sure.  I need this to work for a while during a transition phase.
 Right now my ipv6 address space is over a tunnel that I do not want to use
 for general traffic, which is why I don't want to just turn on v6 for
 everything.  I'd be happy to somehow turn off link local addresses, but I
 don't know how to do that, frankly.  But honestly it should be
 straightforward to debug postfix to figure out why it's blocking my local
 hosts when they come in via v6 link-local but not when they come in via
 v6-public or via v4.

ULA (rfc4193, fd00::/8 addresses that you generate randomly, don't
need scope)?  You can't turn link local off, it's similar to I want to
run tcp without this pesky IP thing.  Unlike link-local, ULA isn't
magic no-routing, avoid selecting this address sauce.  Much like
rfc1918 in these regards.

ACL processing is a specific area that's prone to breakage when
something has a slight flub in link-local handling.  The fact that it
let you specify nonsense without complaining doesn't make me feel warm
and fuzzy about it's handling of link local being 100% sane.

Can't help you with the detailed postfix debugging, it hasn't given
me a lot of reason to get that angry with in longer than memory for that
level of detail.  The source is somewhat approachable as I remember, if
only to find out how to crank the debugging up.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] More Fun in ZFSland

[Daniel Hagerty]

Richard Pieri richard.pi...@gmail.com writes:

 I chose encrypted block devices.  Once I made the decision to encrypt
 at all it was a simple jump to encrypt everything.  It was a little
 more work for the initial setup than creating encrypted containers but
 it will be less work down the line to maintain it.

Are you familiar with zvol?  Your maintence concern makes it sound
like you may not be.  I certainly can't think of anything I've done with
mine past creation that resembles maintain.

zfs create -V 10G pool/myzvol

produces a 10 gigabyte block device in /dev/zvol/pool/myzvol (give or
take how your OS handles the details), that gets it blocks from your
zpool.


The major price is that your encrypted volume will have travel
through the zpool layer twice.  But you won't pay for encryption on your
music library.  Which way you want to pay is your call, obviously.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] BTRFS

[Daniel Hagerty]

Edward Ned Harvey b...@nedharvey.com writes:

 Anybody using btrfs in production?  I know it says all over it, not ready
 for production and so forth.  But it's like dangling a big piece of candy
 in front of a child with a sticker that says Do not eat.   ;-)

  

 I've had a somewhat bad experience, I'd like to share, and see if others
 reason, performance would grind to a halt, and some processes were
 unkillable, and stuff like that.  I suspected btrfs, but didn't have any

Unkillable processes almost always involve a kernel bug.  The major
exception I'm aware of is nfs hard mounts, and even that problem is
sometimes viewed as a design error in the typical unix vfs layer.

When you see a process that won't die, it's usually in ps's state
D: an uninteruptible short term wait (think microseconds) that
obviously isn't short term.  Ask ps for the wchan of these processes.
You might need to ask for it wider, since the symbol is frequently long
and truncating.

This symbol will point at the subsystem participating in your bug;
it may not be the responsible one, but involved.  Maybe the thing going
to sleep in the first place, maybe the thing that it was supposed to
wake it up, maybe the sleeper's caller.  Hopefully you get the idea; it
narrows down the field quite a bit.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] The RSA Keying links

[Daniel Hagerty]

Edward Ned Harvey b...@nedharvey.com writes:

 Clearly, sometime after installing your OS, after the OS has gained entropy,
 you should generate new server ssh keys.  (And re-generate any SSL/TLS keys
 that you may have previously created using openssl without sufficient
 entropy.)  The question is, how do you know when your server has gained some
 entropy?

/dev/random blocks on lack of entropy.  /dev/urandom does the best
it can with whatever's available, which is to say it will make up
plausibly random looking data that may not be random.

For state introspection, your OS will vary:
* Linux has /proc/sys/kernel/random.
* FreeBSD has a sysctl tree kern.random.
* NetBSD has an rndctl utility that will mention the state of the pool.

Read the man page for random on your respective OS for details.
Note that the BSD's won't give you the right manual page without -a or
an explicit mention of section 4, for device driver manual pages.



___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] sed and ANSI sequences

[Daniel Hagerty]

David Kramer da...@thekramers.net writes:

 You see, the color variables are actually not inside the quotes.  That
 part works fine.
 
 The problem I'm having is the ANSI color escape codes are being printed
 instead of interpreted.

Your problem is that you aren't asking sed to print an escape,
you're asking for either 'e' or '\e', depending on which particular
example.

This works, for example:

esc=`printf '\033'`
random_escape=${esc}bar
sed -e 's/foo/'$random_escape'/'

$ echo foobaz | sh /tmp/esctest.sh |cat -v
^[barbaz

The important part is you need to generate an actual escape
somehow.  Further, this assumes that sed will pass that escape through
unmolsted, which works for me, but may not do so for you.

Here, I used printf, but you might be able to use echo, depending
on your implementation.  tr might work.

If there's a way in sed to directly specify arbitrary escapes, I
don't know what it is.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: [Discuss] Lost email?

[Daniel Hagerty]

Jack Coats j...@coats.org writes:

But in the future you might configure a 'secondary email server'.
[how to setup a secondary mail server. ]

With a really important addition for modern mail servers: You
must, must, must ensure that any mail the secondaries accepts will
deliver, without bounce, on the primary.  If b...@example.com is
non-deliverable on the primary, secondaries must reject this recipient
at SMTP layer.

If this is not true, you will generate backscatter spam, possibly
ending up on blacklists, etc, etc.

___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: tcl/tk question

[Daniel Hagerty]

Jerry Feldman g...@blu.org writes:

 tcl/tk script. All well and good. The one question I have is how can I
 detect in a script that an X server is running. Most people use putty
 from their Windows laptops, and I want the script to run in text mode if
 they have not run ssh -X (or if Exceed is not running). One method would
 be to check the $DISPLAY. But if they use Putty, the -X option would be
 set. If I run wish(1) it returns 0, but does print out a line of text,
 Application initialization failed:  that I could check and switch to
 text mode. I'm looking for a better way of testing.

As far as the usual X architecture is concerned, you don't.  You
set DISPLAY to indicate X support.  If you don't have X support, you
communicate this to apps by not setting DISPLAY.

If your users insist on doing the wrong thing, your approach will
probably work.  Other routes include using a cheap X query tool, like
xdpyinfo, xrdb, xlsclients, etc.

If I had problems with users miscommunicating X support to apps
like this, I'd try to handle it in the login environment, rather than
in a particular app.  Your app probably isn't alone in doing the wrong
thing with a bogus DISPLAY.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: IPv6 and Firewall traversal

[Daniel Hagerty]

Edward Ned Harvey b...@nedharvey.com writes:

 Second of all, the question I asked has no relation to NAT.  Does anyone
 want to re-read the OP and reply about the firewall rules and allowing of
 inbound traffic on IPv6?

I am aware of no such protocol effort in v6.

http://tools.ietf.org/html/draft-ietf-v6ops-ipv6-cpe-router-09
http://tools.ietf.org/html/draft-ietf-v6ops-cpe-simple-security-16

Per the latter:

   To avoid the need for IPv6 applications to use techniques like STUN
   for opening and maintaining dynamic filter state, something similar
   to NAT-PMP and UPnP-IGD but without actually supporting NAT could
   be deployed.  Alas, no consensus has yet emerged in the Internet
   engineering community as to what is most appropriate for
   residential IPv6 usage scenarios.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: IPv6 and Firewall traversal

[Daniel Hagerty]

Daniel Hagerty h...@linnaean.org writes:

 I am aware of no such protocol effort in v6.

In the ietf, anyway.

http://upnp.org/specs/gw/igd2/

has bits specifically directed towards ipv6.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss

Re: oracle xe question

[Daniel Hagerty]

Jerry Feldman g...@blu.org writes:

 We use oracle XE for some of our products. Normally, when XE is
 installed everything is installed in /usr/lib/oracle/xe. I want to be
 able to move the physical database (/usr/lib/oracle/xe/oradata/) to
 another HD. Certainly one way to do this is to simply move the entire
 directory and symlink oradata to the new location or simply move the
 entire xe tree.

It's been a long time, but if the combination of memory and a
quick glance at something modern is something to go by:

There is a config file in ${ORACLE_HOME}/dbs/init${ORACLE_SID}.ora .
It will have some paths in it, most critically the control_files.  The
control files, in turn, contain all the other pathnames that oracle
knows about.  You don't change paths in the (binary) control file
yourself, you let oracle do it with appropriate alter ...
statements, like alter tablespace foo rename datafile
'/path/to/original' to '/new/path'

I wouldn't be surprised if somebody has written a utility for it.

I wouldn't be suprised if you'd rather do it the unix way, as
oracle's way seems much more work without some coding support.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss