Re: Xsecurity - how do I turn on MIT-MAGIC-COOKIE-1 and .Xauthority support?
Quoting Shachar Shemesh, from the post of Sun, 03 Feb: Ira Abramov wrote: is the RHEL-supplied Xvnc ignoring MIT-MAGIC-COOKIE because of configuration, or something missing at compile time? I believe they ignore it because their X server doesn't support it. damn... I suspected that was it :-( Time to go test their local windows Xserver and see what it DOES support. -- It's all good Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[Telux] Last Day Reminder Linux Scripting - Bash vs. Perl
This is a last-day reminder that there's going to be a presentation about Linux scripting today. More details below. Regards, Shlomi Fish On Monday 28 January 2008, Shlomi Fish wrote: Hi all! The Tel Aviv Linux club will gather again on Sunday, 3-February-2008 to hear Sagiv Barhoom's presentation about Linux Scripting - Bash vs. Perl - head to head. This presentation is given by popular demand due to input from the Welcome-to-Linux series. We will meet at 18:30 at Schreiber 008 (Computer Science building) in Tel Aviv University. More information can be found here: http://www.cs.tau.ac.il/telux/ We are looking for more presentations so if you would like to give a presentation, please let us know at [EMAIL PROTECTED] . Upcoming presentations are: * 17-February - XBMC - The Xbox Media Center. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. ___ Telux mailing list [EMAIL PROTECTED] http://hamakor.org.il/cgi-bin/mailman/listinfo/telux -- - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Xsecurity - how do I turn on MIT-MAGIC-COOKIE-1 and .Xauthority support?
Ira Abramov wrote: Time to go test their local windows Xserver and see what it DOES support. VNC on Windows behaves differently than on Linux. On Linux, it opens its own unique X server, and then exports its display using the VNC protocol. On Windows, VNC server exports the main Windows display. This means that if you want to export X11 programs running on Windows using VNC, you also have to explicitly run an X11 server. Which is good news. Cygwin has a Windows port of X.org, which, as you know, does support MIT cookies. Problem solved. Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Xsecurity - how do I turn on MIT-MAGIC-COOKIE-1 and .Xauthority support?
On Feb 3, 2008 11:15 AM, Shachar Shemesh [EMAIL PROTECTED] wrote: VNC on Windows behaves differently than on Linux. On Linux, it opens its own unique X server, and then exports its display using the VNC protocol. On Windows, VNC server exports the main Windows display. Nowadays, you have VNC servers which act as X11 clients and export whatever X11 display you point them at. Those are the VNC servers which come with GNOME and KDE as their remote desktop offerings. Here's one: http://www.karlrunge.com/x11vnc/ BTW, those kind of VNC servers only became possible (with reasonable performance) with the introduction of the DAMAGE extension, so they pretty much have to run on a modern X server - or otherwise there'll be very CPU-intensive screen polling.
Re: Xsecurity - how do I turn on MIT-MAGIC-COOKIE-1 and .Xauthority support?
On Feb 3, 2008 12:49 PM, Ilya Konstantinov [EMAIL PROTECTED] wrote: On Feb 3, 2008 11:15 AM, Shachar Shemesh [EMAIL PROTECTED] wrote: VNC on Windows behaves differently than on Linux. On Linux, it opens its own unique X server, and then exports its display using the VNC protocol. On Windows, VNC server exports the main Windows display. Nowadays, you have VNC servers which act as X11 clients and export whatever X11 display you point them at. Those are the VNC servers which come with GNOME and KDE as their remote desktop offerings. Here's one: http://www.karlrunge.com/x11vnc/ BTW, those kind of VNC servers only became possible (with reasonable performance) with the introduction of the DAMAGE extension, so they pretty much have to run on a modern X server - or otherwise there'll be very CPU-intensive screen polling. This describes a configuration more like Xvnc: http://www.karlrunge.com/x11vnc/#faq-xvfb See also the discussion there about using x11vnc from inetd for spawning new X sessions on demand in response to VNC connections.
Re: Recommended filesystem for 6TB storage
Last time I've checked the developer seems preoccupied with his 'paying job' and the project seems to be stuck. On Feb 3, 2008 5:26 AM, Amos Shapira [EMAIL PROTECTED] wrote: On Feb 2, 2008 9:01 PM, Tom Rosenfeld [EMAIL PROTECTED] wrote: I hear ZFS is available on Linux. Anyone has any experience with it there? Last time I heard it was implemented as a FUSE module (User-level file system), both because this is ideal for development and because its license doesn't allow it to be merged with the Linux kernel (GPL incompatibility). It is claimed to work well but the developer is still in the make it rock solid stage and not in the make it bloody fast stage yet. Didn't give an impression to be production-ready. --Amos -- Not gonna be king of the world if you're slave to the grind - Skid Row
Re: Xsecurity - how do I turn on MIT-MAGIC-COOKIE-1 and .Xauthority support?
On Feb 3, 2008 11:15 AM, Shachar Shemesh [EMAIL PROTECTED] wrote: VNC on Windows behaves differently than on Linux. On Linux, it opens its own unique X server, and then exports its display using the VNC protocol. On Windows, VNC server exports the main Windows display. their client is a windows machine, then an unimaginately-named linux machine xserver runs Xvnc for 12 users, and from there they dispatch jobs to a cluster of CPU machines via a dispatcher whose name I forgot. The target machines already mount the same homedirs, so of course I have the MIT and XDM cookies in the .Xauthority at the far end as well. The problem is an interactive job tries to spawn at the target node but Xvnc ignores the xauth mechanism and blocks the client (and as I said - xhost + works but is too permissive) They just moved to that VNC setup because they are trying to stop using a local Xserver on the windows. they are surprised to discover vnc is slower, even though I explain the plusses and minuses. The local server is a commercial one, I was told they triend the local X from Cygwin with bad results but never gave me a full explanation. I'll have to either test the current cygwin-xorg and see if it's better for thזm, or test their propriatery/commercial Xserver-for-windows for any sort of MIT cookie support. Quoting Ilya Konstantinov, from the post of Sun, 03 Feb: Nowadays, you have VNC servers which act as X11 clients and export whatever X11 display you point them at. Those are the VNC servers which come with GNOME and KDE as their remote desktop offerings. I'm not going to run 12 full xorgs on the machine. Xvnc does the correct job, just misses support for some of the security models (supports only xhost, basically) See also the discussion there about using x11vnc from inetd for spawning new X sessions on demand in response to VNC connections. that means I lose sessions on disconnect, AS WELL as get sluggy GUI reactions. that's less useful than a local Xsserver on the windows. -- Target of opportunity Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[HAIFUX Lecture] Git isn't a VCS
Tomorrow (Monday), 4th of February, at 18:30 the Haifa Linux Club, will gather to Ohad Lutzky's (my!) lecture about Git isn't a VCS Git isn't a version control system. No fancy acronym, that's just what Linus says. Still, he wrote it and uses it to keep track of versions of the kernel. This presentation will be one big usage example of git. Knowledge in other VCSs (cvs, subversion, others) is recommended, but optional. Also recommended but optional is viewing Linus's talk on motivation for writing (and using) git: http://www.youtube.com/watch?v=4XpnKHJAok8 == We meet in Taub building, room 6. For location instructions see: http://www.haifux.org/where.html Attendance is free, and you are all invited! == Future Lectures: A lightning talks session about crawlersEverybody! 11/2/08 Tapping into the Fountain of CPUs---On Operating System Support for Programmable Devices Muli Ben-Yehuda 25/2/08 We are always interested in hearing your talks and ideas. If you wish to give a talk, hold a discussion, or just plan some event haifux might be interested in, please contact us at [EMAIL PROTECTED] -- Orr Dunkelman, [EMAIL PROTECTED] Any human thing supposed to be complete, must for that reason infallibly be faulty -- Herman Melville, Moby Dick. GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA (This key will never sign Emails, only other PGP keys. The key corresponds to [EMAIL PROTECTED]) = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [HAIFUX Lecture] Git isn't a VCS
Ahm... Small typo (cut and paste mistake actually) On Feb 3, 2008 1:45 PM, Orr Dunkelman [EMAIL PROTECTED] wrote: Ohad Lutzky's (my!) lecture about Ohad Lutzky is not me (nor me him). Sorry for the confusion. -- Orr Dunkelman, [EMAIL PROTECTED] Any human thing supposed to be complete, must for that reason infallibly be faulty -- Herman Melville, Moby Dick. GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA (This key will never sign Emails, only other PGP keys. The key corresponds to [EMAIL PROTECTED])
Re: [HAIFUX Lecture] Git isn't a VCS
On 03/02/2008, Orr Dunkelman [EMAIL PROTECTED] wrote: Tomorrow (Monday), 4th of February, at 18:30 the Haifa Linux Club, will gather to Ohad Lutzky's (my!) lecture about Git isn't a VCS Git isn't a version control system. No fancy acronym, that's just what Linus says. Still, he wrote it and uses it to keep track of versions of the kernel. This presentation will be one big usage example of git. Knowledge in other VCSs (cvs, subversion, others) is recommended, but optional. Also recommended but optional is viewing Linus's talk on motivation for writing (and using) git: http://www.youtube.com/watch?v=4XpnKHJAok8 == We meet in Taub building, room 6. For location instructions see: http://www.haifux.org/where.html Attendance is free, and you are all invited! == Future Lectures: A lightning talks session about crawlersEverybody! 11/2/08 Tapping into the Fountain of CPUs---On Operating System Support for Programmable Devices Muli Ben-Yehuda 25/2/08 We are always interested in hearing your talks and ideas. If you wish to give a talk, hold a discussion, or just plan some event haifux might be interested in, please contact us at [EMAIL PROTECTED] I have a replacement lecture tomorrow at 18:00 but as soon as it lets out I'll see if you guys are still there... Save some coffee for me... Dotan Cohen http://what-is-what.com http://gibberish.co.il א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
Unsolved (was: Asterisk question)
A while back I asked about asterisk dialing out on a Zap group, and adding a random extension to the top of the group. I then said that I did a reboot and the problem was resolved. Well, it was only partially resolved. If asterisk is run immediately after a reboot, everything is ok. If I connect to it using asterisk -r and run module reload, the problem appears. If I stop asterisk, and run it again, the problem disappears again. I have not yet checked whether it is the asterisk -r or the reload that cause the problem to appear. Either way, this does not appear to be a configuration problem (unless there is some strange config order problem). Help? Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Unsolved (was: Asterisk question)
On Feb 3, 2008 6:19 PM, Shachar Shemesh [EMAIL PROTECTED] wrote: A while back I asked about asterisk dialing out on a Zap group, and adding a random extension to the top of the group. I then said that I did a reboot and the problem was resolved. Well, it was only partially resolved. If asterisk is run immediately after a reboot, everything is ok. If I connect to it using asterisk -r and run module reload, the problem appears. If I stop asterisk, and run it again, the problem disappears again. I have not yet checked whether it is the asterisk -r or the reload that cause the problem to appear. Either way, this does not appear to be a configuration problem (unless there is some strange config order problem). Help? try to run asterisk with -d (for debug). Secondly, I found out that many times Asterisk have order issues inside a configuration, that is, if you place one parameter prior to different, it will change the way it works, and so does the order of a comma for example... Shachar Ido -- http://ik.homelinux.org/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
AD Integration/Replacement?
A(nother) client of mine is fighting the old fight of central directory
management. Situation went quickly downhill yesterday when their Active
Directory server's hardware died. I've been originally asked to come
help them integrate it with Linux but instead tomorrow it will be an
emergency fire fight and maybe a different approach should be
considered.
The comapny has a Gnu/Linux-based product and development nodes, but
most of the tech staff was decided to run on windows machines (don't
ask). The question now is whether I help them disjoin their machines
from the disfunct 2003 server's domain and help them work with a bunch
of standalone XPs and a Samba server, or could I use the Samba as a PDC
and build a second one as BDC? I know Samba is capable of that, but I
have never heard about a real world case where that works, and if it
works well.
Also, if a Samba machine is a direcotry server, can I get the rest of
the Gnu/Linux nodes on the LAN authenticate against that somehow or do I
have to synchronise that to a YP map? what's the best way of
synchronising a password change to both the yp master as well as the
Samba's internal DB? I always just change password for both on the
commandline but in a real world environment I suppose there should be a
web interface maybe to do that? should I look at SWAT?
Thanks,
Ira.
--
«({-- In Stereo where available --})»
Ira Abramov
http://ira.abramov.org/email/
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
Re: Unsolved (was: Asterisk question)
On Sun, Feb 03, 2008 at 06:19:25PM +0200, Shachar Shemesh wrote: A while back I asked about asterisk dialing out on a Zap group, and adding a random extension to the top of the group. I then said that I did a reboot and the problem was resolved. Well, it was only partially resolved. If asterisk is run immediately after a reboot, everything is ok. If I connect to it using asterisk -r and run module reload, the problem appears. If I stop asterisk, and run it again, the problem disappears again. Hmmm... what version of asterisk is it? This reminds me of a bug that was fixed very early in 1.4 and also in later 1.2 . In any case, this description suggests that we should not rely too much on whatever is written in the config files and check what is actually happening. So could you please provide a trace (verbose lever 3)? It will save some unnecessary speculations. -- Tzafrir Cohen | [EMAIL PROTECTED] | VIM is http://tzafrir.org.il || a Mutt's [EMAIL PROTECTED] || best ICQ# 16849754 || friend = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: AD Integration/Replacement?
of standalone XPs and a Samba server, or could I use the Samba as a PDC and build a second one as BDC? I know Samba is capable of that, but I have never heard about a real world case where that works, and if it works well. I was told back in 2000 by huji sysadmin that they have NT machines authenticate against a samba server running as a PDC. However, I don't know how much of hackery that took to do, but then again, it was 7 years ago.. --yuval signature.asc Description: This is a digitally signed message part.
Re: AD Integration/Replacement?
On Sun, Feb 03, 2008 at 09:02:05PM +0200, Ira Abramov wrote: A(nother) client of mine is fighting the old fight of central directory management. Situation went quickly downhill yesterday when their Active Directory server's hardware died. I've been originally asked to come help them integrate it with Linux but instead tomorrow it will be an emergency fire fight and maybe a different approach should be considered. ... Also, if a Samba machine is a direcotry server, can I get the rest of the Gnu/Linux nodes on the LAN authenticate against that somehow or do I have to synchronise that to a YP map? what's the best way of synchronising a password change to both the yp master as well as the Samba's internal DB? I always just change password for both on the commandline but in a real world environment I suppose there should be a web interface maybe to do that? should I look at SWAT? I have no idea if this will help, but Windows Services For UNIX (SFU), includes an NFS client and a facility for mapping YP user names and groups to Windows logons and AFAIK, vice versa. SFU is a free download from Microsoft. Geoff. -- Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED] N3OWJ/4X1GM IL Voice: (07)-7424-1667 U.S. Voice: 1-215-821-1838 Visit my 'blog at http://geoffstechno.livejournal.com/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: AD Integration/Replacement?
On Sun, Feb 03, 2008 at 10:36:03PM +0200, Yuval Hager wrote: I was told back in 2000 by huji sysadmin that they have NT machines authenticate against a samba server running as a PDC. However, I don't know how much of hackery that took to do, but then again, it was 7 years ago.. The HUJI computer science institute used a home grown authorization system, and a home grown MSGINA (graphical interface (for) network authorization), written by yours truely, around 1997. I was just told last week that as of about a year ago, it was still in use. I started with a sample provided by Microsoft and went from there. It was so old that it was one of the parts of Windows NT that were written in C, not C++. Geoff. -- Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED] N3OWJ/4X1GM IL Voice: (07)-7424-1667 U.S. Voice: 1-215-821-1838 Visit my 'blog at http://geoffstechno.livejournal.com/ To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: AD Integration/Replacement?
Possibly too late for you, but maybe you'll manage to read it ;-) On Sunday, 3 בFebruary 2008, Ira Abramov wrote: The comapny has a Gnu/Linux-based product and development nodes, but most of the tech staff was decided to run on windows machines (don't ask). The question now is whether I help them disjoin their machines from the disfunct 2003 server's domain and help them work with a bunch of standalone XPs and a Samba server, or could I use the Samba as a PDC and build a second one as BDC? I know Samba is capable of that, but I have never heard about a real world case where that works, and if it works well. 1. If we talk about not a huge organization, than the easiest setup is to make Samba a logon server for the XP's (NT4 technology before DC). 2. If you really like DC (PDC/BDC are NT4 technology), than you can use Samba with your XP's. I have tested it with an XP against Samba 3. Basically all you have to do is follow the step-by-step guidelines detailed both in their FAQ and in the Samba3-by-example (released and included in the free samba docs [Fedora]): A. Simple setup of Samba (no other DC's, no crap needed). Optionally, You may want to look at 'logon script', 'logon path', 'logon drive' B. Create a machine account for each XP (e.g: johndesk$). Machine account names always end in a '$'. C. Go to each XP and establish a trust relationship with your Samba. Follow the *illustrated* guide in the FAQ (don't remember which dialogs). NOTE: When I last had to change my Samba DC (exchange hosts), these dialogs didn't work as expected. My (possibly stupid) workaround was on the XP: * Go to the dialog and choose 'Workgroup... something' instead of 'Doamin...something' * Reboot as directed by the wonderfull OS. * Go again to the same dialog and redo the correct 'Domain...' * Reboot again... Also, if a Samba machine is a direcotry server, can I get the rest of the Gnu/Linux nodes on the LAN authenticate against that somehow or do I have to synchronise that to a YP map? what's the best way of synchronising a password change to both the yp master as well as the Samba's internal DB? I always just change password for both on the commandline but in a real world environment I suppose there should be a web interface maybe to do that? should I look at SWAT? 3. The best way (which is clearly indicated in Samba docs) is LDAP. However, in your current flaming position I suggest using the (now default) tdbsam password backend (this is what I used). When everything is back to normal and everybody work against your Samba server, you'll have enough time to setup a new LDAP server (openldap or Fedora-DS), migrate users, think about sync policy etc. 4. Samaba-4 and all the new (and unstable) work is to make Samba work in a DC-to-DC setups and to work with newer Win* flavors (2003, Vista etc.) If all you need is simple auth of XP clients with your server Samba-3 seem to be good enough. Hope it helps, -- Oron Peled Voice/Fax: +972-4-8228492 [EMAIL PROTECTED] http://www.actcom.co.il/~oron ICQ UIN: 16527398 Software is like Entropy: it's hard to grasp, weighs nothing and obeys the Second Law of Thermodynamics, i.e. it always increases -- Norman Augustine To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
