Re: Any face-to-face CLUGging on 1 to 4 August?
On Fri, 2010-07-23 at 13:27 +1200, Jim Cheetham wrote: On Fri, Jul 23, 2010 at 12:22 PM, Carl Turney c.tur...@orcon.net.nz wrote: By the way... http://clug.net.nz/index.php/Helpers Comes up with a brief script/program, instead of anything resembling a web page. clug.net.nz used to refer to the Canterbury Linux Users Group, but they lapsed the domain name by choice. It was purchased by some random US business, who seem to have (badly) copied the old content (CC-By-SA licensed) and put it on their own servers which belong to a Polish netblock. There's nothing we can do about this. I've just sent email to the WHOIS contact, but I'm not expecting a helpful response. -jim Are we going to keep clug.org.nz going... I see it's up for renewal in a month or less. And maybe do something with it? Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Seeking Linuxy hardware to rejig my life to digital convergence....
On Tue, 2010-07-20 at 10:38 +1200, C. Falconer wrote: http://www.2talk.co.nz/ South Africa - 10c/minute South African Mobile - 25c/minute (same as NZ mobiles) UK 3c/minute UK Mobile - 25c/minute (same as NZ mobiles) USA 5c/minute USA Mobile - not listed. I use asterisk, and gradwell.co.uk provide me with an IAX2 trunk to the UK and a DID on the Birmingham exchange: just gone up to GBP4/month incoming / 1p/minute outgoing. Olds use friends and family, so can ring me for free. I have no problem with ADSL - however, I have had to upgrade to the most expensive offering from voda to get the 768Kbit uplink speed. Before that, everything else had to be stopped for a decent call at 256Kbit. I'm running asterisk on my old desktop box, which is a fair bit of overkill... the power it consumes should probably be added to the cost ( I do have a soekris board and spare tdm400p, somethere on my todo list ). Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Seeking Linuxy hardware to rejig my life to digital convergence....
On Tue, 2010-07-20 at 15:14 +1200, Christopher Sawtell wrote: On 20 July 2010 08:50, C. Falconer cfalco...@totalteam.co.nz wrote: No no no! Skype is evil and nasty and CLOSED. Apart from the fact that it is proprietary software, what is evil and nasty about it? Like the fact that it uses 100% of the available CPU for no discernable reason, even when you're not using it? Or the fact that it will abuse your firewall until it can find a way around it? I have* to use it, but wouldn't recommend it to anyone. Steve *My customers demand it. I need customers. -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Seeking Linuxy hardware to rejig my life to digital convergence....
On Tue, 2010-07-20 at 16:15 +1200, Christopher Sawtell wrote: Or the fact that it will abuse your firewall until it can find a way around it? Isn't the fact that it attempts to find a way around firewalls a benefit? Remember that we want ordinary folks to be able to use it in as many situations as possible. Only in specific environments. Within any kind of business environment it's a massive security hazard, file transfer and all... I have* to use it, but wouldn't recommend it to anyone. *My customers demand it. I need customers. What would you recommend in its place? Remember that the replacement should be free of $$$ cost and installation be available on Linux, Windows, and Mac O/S X. It _must_ be as simple to install as falling off the proverbial log, so Dear Old Aunt Tillly can make it go. Well, dear old Aunt Till(l)y is no technical idiot if she's converted a PC into a fairly sophisticated communications device (: I don't use video - for reasons we discussed over a beer - so can't really comment on alternatives. In this case free comes at a real price. Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: resolution Problem Ubuntu 10.4
On Wed, 2010-06-23 at 17:15 +1200, chris wrote: On Fri, 2010-06-18 at 20:06 +1200, Nick Rout wrote: On Fri, Jun 18, 2010 at 8:03 PM, chris che...@gmail.com wrote: On Fri, 2010-06-18 at 19:29 +1200, Nick Rout wrote: On Fri, Jun 18, 2010 at 7:23 PM, Christopher Sawtell csawt...@gmail.com wrote: On 18 June 2010 19:17, Nick Rout nick.r...@gmail.com wrote: On Fri, Jun 18, 2010 at 6:54 PM, chris che...@gmail.com wrote: snip most of the X ugliness is revealed in /var/log/Xorg.0.log http://amlc.berlios.de/ It just works. IME not always. In fact there must be a change in X if it is not working now and did in a previous edition. Look for the wrong/non existent edid in the log file. snip http://en.wikipedia.org/wiki/Extended_display_identification_data After following the suggestions offered, I downloaded -compiled the script, which worked and gave me new modes etc. However, there is no edid information in the xorg.log files. Also in the preferencesmonitor gui, it only offers Default monitor, and all other options greyed out. I have after some work obtained the edid information for this monitor, a Viewsonic wms wide 22. I used the viewsonic edid.exe program on the XP partition of this box to obtain the edid information. (As an aside, this programme will not run under Vista);but I am stuck at this point as to how to get it into the system. Also, just to check there is not a hardware issue, I installed Linux mint 10, into am Asus p4, that I have hanging around. Same result, and the same limited resolutions. Further suggestions more than gratefully appreciated, as my 70 year old brain is nearly at its limit. (Moans, Oh why could I not have stayed with CPM?) regards Chris T I haven't got anything at all in my xorg config ( 10.04 ). I used to, when 1400x1050 was a weird size, but that was years ago. Do you have a VX2233wm? If so, that's a native 1920x1080 resolution. As long as you're talking to it digitally it should just work. Are you using the proprietary drivers? I must admit to doing so, but I stick with nVidia these days... http://wiki.cchtml.com/index.php/Ubuntu_Lucid_Installation_Guide provides a fair overview of all the available options. It contains the line By default there is no configuration file (xorg.conf) for X anymore, so X will try to do the right thing. so it must be offering a simpler solution! I'd go the propietary fglrx driver route, hopefully just selecting the ATI accelerated graphics driver via the Restricted Driver Manager. Good luck (: Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: resolution Problem Ubuntu 10.4
On Thu, 2010-06-24 at 11:57 +1200, chris wrote: On Wed, 2010-06-23 at 11:45 +1200, Craig Falconer wrote: chris wrote, On 06/23/2010 07:52 PM: As I needed to keep SWMBO happy I uncoupled the box from my KVM switch and set it up with the Viewsonic as a standalone system. ... Bingo, it picked up the monitor and the edid information and immediately snip switch. Novaview and Rextron ones work well. A four port PS2 switch with OSD is about $200+ A four port USB switch with OSD is about $220+ 2 port ones are available, but they don't do OSD or chaining. snip completely - probably quite similar costs. Hi Craig, what I actually did, was follow an x-org template sent by Aaron (I think) and add the preferred mode into that, so it is now working fine through the switch. Just for your info, there were two issues. One was a flaky hard drive which I have consigned null The other the Kvm switch. Also on the ubuntu forum =technical support, a number of heads have popped up with the same kvm issue, or looking for solutions. I need to read man xorg and work out how to include a driver section to finish the whole thing off. However for now working and nearly completely resolved. And SWMBO is happy. On a personal note, how is the land rover? We are still wandering around the landscape Cheers Chris Thomas A final solution is to just use remote X and a headless box. I know that 10.04 seems to have destroyed that option for some reason... X :1 -query remote ip then Ctrl-Alt-F8 and ..F7 to swap displays was so simple in a pure *nix environment. vnc is also another alternative. I do have a KVM switch lying around, but it's analog... Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
why oh why...
... cant linux get it's sound sorted out properly? I've lost mine again... I know it works as I get a 'click' when a new window opens. But playing anything at all - forget it. System says everything's fine. Gnome sound preferences widget can see both the analog stereo and the usb headset, and is allegedly outputting, at volume 100% to both. alsamixer has all sane values next to it. Just no output on either device. Can anyone point me to a decent, up to date ( this is ubuntu 9.10 ) troubleshooting guide. Or start a project to provide a sane alternative to alsa... (: Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Twisted Hop tomorrow??
Anyone up for it? I don't get out much (: Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: why oh why...
On Wed, 2010-06-16 at 11:23 +1200, Craig Falconer wrote: Steve Holdoway wrote, On 06/16/2010 09:43 AM: ... cant linux get it's sound sorted out properly? Now I have that damn nursery song in my head... over and over. Thanks, Steve. Any time, young man (: Eventually, a Microsoft solution was used to get it working. Uninstall alsa and pulse audio Install the above *reboot!* Set levels And I got my headphones and usb headset working again. But why did it break in the first place??? Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: why oh why...
On Wed, 2010-06-16 at 14:26 +1200, Robert Fisher wrote: On Wed, 2010-06-16 at 11:23 +1200, Craig Falconer wrote: Steve Holdoway wrote, On 06/16/2010 09:43 AM: ... cant linux get it's sound sorted out properly? I see there was an update to pulseaudio on Linuxmint/Ubuntu today so that will be the end of all of your problems. He he. Rob More like s/end/start/ in this case... (: Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Can't connect to mobile phone via Bluetooth
On Mon, 2010-06-14 at 17:52 +1200, Aidan Gauland wrote: I am unable to connect to my mobile phone from my netbook over Bluetooth. Here is what I tried... $ sudo hcitool scan Scanning ... [MAC address] [mobile phone model] $ sudo l2ping [MAC address] [many pings responded to] $ sudo sdptool browse [MAC address] [got channel number from here] $ sudo rfcomm bind 0 [MAC address] $ sudo rfcomm connect 0 [MAC address] 8 [Got '8' from the output of sdptool] Then my phone rings and prompts me for a pass code. I have no idea what it expects, as I have never set a pass code on either my netbook or phone. I tried , which causes the phone to display the message Verifying pass code... (on which it hangs) and rfcomm to exit with the error message Can't connect RFCOMM socket: Connection refused. If I press random buttons on my phone for a while, it finally says Invalid password. (They can't even be consistent with their software's messages.) It's a Telecom R100, if that helps. From what I remember, there were a few inconsistencies in /etc/bluetooth/hcid.conf. I was playing with a Nokia E65... options { autoinit yes; security auto; pairing multi; passkey ; } device { name %h-%d; class 0x120104; iscan enable; pscan enable; discovto 0; lm accept; lp rswitch,hold,sniff,park; } where is the magic code you need to input of the phone. Once you're paired, it doesn't ask again. Does anyone have any idea why I can not connect to my phone? Thanks, Aidan P.S. Thanks again to Steve for the Bluetooth dongle. :-) I invoke pay-forward on that... (: Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Is there such a distro?
On Tue, 2010-06-01 at 20:47 +1200, Ryan McCoskrie wrote: [snip] You know Ryan, I still haven't got a clue what you're actually wanting! TBH, any linux, freebsd, Solaris, HP-UX, etc, etc, etc - they all provide a platform for you to run your applications upon. They all talk to each other in the same manner and are built on the same philosophy. Sure I'm generalising, but the differences are trivial. It's a part of the learning process to either embrace them or to learn to use a subset of them that work exactly the same on most platforms. The only real differences are the sysadmin toolkits, and if you're that way inclined, then you need to know those trivialities. Cheers, Steve. smime.p7s Description: S/MIME cryptographic signature
Re: Is there such a distro?
On Tue, 2010-06-01 at 21:20 +1200, Aidan Gauland wrote: Volker Kuhlmann wrote: Ok so can you make do without a root password, but I still don't see why I have to and remain not to be interested. Each to their own. I think you really want to disable root login (entirely) for, say, a university computer-lab. Anyone could switch to a virtual console and anonymously brute-force the root account. For personal systems, as you said, each to their own. Any system administrators care to start a cool-flame war[1]? ;-) --Aidan 1 A flame war without third-degree burns. I'd go further: read-only systems, bring your own usb stick/nfs mounts. Run it like a kiosk. Log out, reset. Steve. smime.p7s Description: S/MIME cryptographic signature
Re: Is there such a distro?
On Wed, 2010-06-02 at 08:31 +1000, Jim Cheetham wrote: On Wed, Jun 2, 2010 at 7:57 AM, Peter Glassenbury (CSSE) peter.glassenb...@canterbury.ac.nz wrote: Like Volker, I have yet to be convinced of the point of typing sudo in front of all the commands I want to run as root. When it becomes reflex, you are going to make the same mistakes as if you login as root. If you are the owner of the computer in question and you are competant, there is no reason at all not to use root all the time. Just set your uid to 0 and be done with it. I'm as serious with that comment as I am with writing passwords down, i.e. very serious. However, if you are *not* the owner (i.e. in any business context) then sudo provides a very valuable audit log experience. You have 5 admins -- which one was it that logged on as root and broke your production system? With sudo, it is much easier to track back on problems. You can use sudo to get a root shell, rather than restrict it to individual commands, if you want the flexibility. -jim I am in absolute agreement with both of these statements (although I expect you're waiting for the flame war as well Jim), until it comes to directly accessing remote systems as root - even if it is your server. Having to guess which user account to ssh into ( there are plenty of account name popularity lists around to suggest the ones *not* to use ), as well as the password massively increases security. Add a fail2ban / denyhosts and it'll take a pretty serious distributed attack to succeed. Personally, I add a vpn to the mix as well, and only use raw ssh in an emergency from specific IP addresses. That way they have to find my treehouse in Borneo before going for my servers. ( Oh what a giveaway! ) But in a shared admin environment, the sudo's audit trail gets rid of all those sloping shoulders... and we all make mistakes after all! My $0.02, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Another old SCSI request
On Wed, 2010-06-02 at 13:12 +1200, Andre Renaud wrote: Hello, A few months ago I asked on this list if anyone had any older SCSI gear. I received some responses and am now sorted on that front. However now I am on the look-out for some older SCSI differential (HVD) equipment. Either a hard disk or a tape drive would be perfect, but failing that I'd accept any HVD device at all. Does anyone have any of these floating around? Please contact me off-list if you do. I hope this isn't too far off topic - it peripherally relates to Linux via the Linux-based SCSI device we are developing. Regards, Andre I've got some low voltage diff stuff lying around that may or may not still work... -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Is there such a distro?
On Mon, 2010-05-31 at 20:58 +1200, Solor Vox wrote: On 31 May 2010 20:31, Volker Kuhlmann list0...@paradise.net.nz wrote: And it's the very first thing I always fix on those systems, as I refuse to be forced to prefix everything I do with sudo. $ sudo su - # =) sV Even though you lose the accountability of the sudo log, it still does add extra protection of not being to remotely log in as root, and there's no password, no certificate to enable it if/when you get there. Yes, I know there are other ways of doing it. All have their pros and cons... and I suppose sudo hasn't been tested by the hackers yet. After all, DNS was secure as until that happened (: I consider remote access available only as joe.bloggs, followed by sudo to be far safer than being able to ssh in as root. But then risk is a very subjective thing. Steve smime.p7s Description: S/MIME cryptographic signature
Re: Is there such a distro?
On Mon, 2010-05-31 at 22:05 +1200, Aidan Gauland wrote: Steve Holdoway wrote: Don't forget user toor! OK, this is really a BSD thing. :P Ah, the ugly viking, as an Irish cow-orker of mine used to call him (: Steve smime.p7s Description: S/MIME cryptographic signature
Re: Is there such a distro?
On Sat, 2010-05-29 at 14:38 +1200, Ryan McCoskrie wrote: On Sat, 29 May 2010 13:44:11 you wrote: On Sat, 2010-05-29 at 13:02 +1200, Ryan McCoskrie wrote: I just want a very generic distro. Whay do you mean? I'd've called most of those you mentioned 'generic', as opposed to - say - myth, voyage, etc. A distro aiming at as few surprises as possible. Most of what I have mentioned are relatively generic but all have some surprises. Fedora has become particularly annoying to upgrade and Ubuntu tries to prevent serious tinkering etc, etc. What surprises? debian, CentOS, ubuntu are all generic things. Can't comment on how bleeding edge Fed is these days. set a root password on Ubuntu and it's more like an up-to-date debian... which is good! The problem I have with what you're asking is that there are different versions of a distro for a reason. eg Ubuntu... LTS for servers, standard for desktops, xubuntu for older machines, netbook remix for... and so on. Are you after minimal, like a vanilla debian net install? No, full desktop from a disk. You'll really need a dvd for that then... Cheers, Steve smime.p7s Description: S/MIME cryptographic signature
Re: Is there such a distro?
On Sat, 2010-05-29 at 13:02 +1200, Ryan McCoskrie wrote: I just want a very generic distro. Whay do you mean? I'd've called most of those you mentioned 'generic', as opposed to - say - myth, voyage, etc. Are you after minimal, like a vanilla debian net install? Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Kmail not loading
On Sat, 2010-05-29 at 16:49 +1200, Nick Rout wrote: And PLEASE don't set your reply-to when posting to the list! Properly configured list manager should handle that! Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Blocked sight
On Tue, 2010-05-18 at 16:56 +1200, John wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I found I could not get through to the piratebay so I did a trace route on it and got this. # traceroute thepiratebay.org traceroute to thepiratebay.org (194.71.107.15), 30 hops max, 60 byte packets 1 RTA1335.home (192.168.1.1) 1.004 ms 1.469 ms 1.923 ms 2 wn-cisco-r5-lo-5.connections.net.nz (202.49.152.169) 49.764 ms 50.279 ms 52.526 ms 3 wn-sum-1-wnlan7.connections.net.nz (202.49.152.161) 53.566 ms 54.546 ms 55.002 ms 4 192.168.100.45 (192.168.100.45) 56.862 ms 58.906 ms 59.294 ms 5 p1-telstra-int-pri.connections.net.nz (202.154.157.88) 69.991 ms 70.476 ms 71.236 ms 6 * * * 7 * * * 8 * * * 9 * * * It's back... http://www.theregister.co.uk/2010/05/18/pirate_bay_injunction smime.p7s Description: S/MIME cryptographic signature
Re: Twisted Hop Evening
On Mon, 2010-05-17 at 12:47 +1200, Christopher Sawtell wrote: On 17 May 2010 12:32, Solor Vox solor...@gmail.com wrote: Are you going to have a tux on the table? =) He and I have had a wee conversation. Initially. he stated that he is feeling very shy and frightened of being exposed to public view, yet again, in a alcolhol fuelled environment. I told him to stop be so darned silly. He has therefore, very reluctantly, agreed to do his duty as a mascot. So, Yes, Tux will be on view - initially anyway, but I have compromised with him, and he will be allowed to retire to my pocket as the evening progresses. -- Sincerely etc. Christopher Sawtell That's pretty wimpy behaviour from an ex IBM stress-Tux... -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: FAQ List. (Was laptop recommendations pls)
On Tue, 2010-05-04 at 12:12 +1200, Ryan McCoskrie wrote: On Tue, 04 May 2010 11:34:04 you wrote: Hi all, A change of employment leads me into the laptop market, with gnu/linux compatibility Okay, I think someone needs to start making an FAQ list for the CLUG. I'm willing to spend some time on it if someone more experienced is willing to help. We used to run a wiki, but that sort of died. Maybe now that there are no longer regular meetings it maay be of more use. Happy to host it if there's enough interest. Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: laptop recommendations pls
Whilst agreeing that they are a solidly made lappie ( well, since they got rid of that stupid expanding keyboard! ), linux installs effortlessly on just about all hardware these days ( well Realtek RTL8111/8168 ethernet notwithstanding ) so I wouldn't single IBM out as such. Well, not for that anyway. AIX, Lotus Notes and a few other things, yes... (: Steve On Tue, 2010-05-04 at 13:46 +1200, Jerome B Newell wrote: I have to agree with Sir Christopher. Never used a Laptop until I got my thinkpad. It is truly magic and Ubuntu just works, no fuss, as usual. Respects Jerome B Newell. - Original Message - From: Paul Swafford yom...@chch.planet.co.nz To: linux-users@it.canterbury.ac.nz Sent: Tuesday, May 04, 2010 1:20 PM Subject: Re: laptop recommendations pls I second Chris' sentiment .. Tinkpads just work .. I wonder where Chris got his from ?? Cheers Paul Christopher Sawtell wrote: Only one word needed: ThinkPad Everything just works. I got an unused ex-lease Z60t for $500 a month or two ago. ThinkWiki %20http://www.thinkwiki.org/ for support -- Sincerely etc. Christopher Sawtell -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
RE: Ubuntu 10.04 LTS released
On Fri, 2010-04-30 at 14:50 +1200, Hadley Rich wrote: On Fri, 2010-04-30 at 14:44 +1200, Bryce Stenberg wrote: What is the best way to upgrade this server to 10.04 lts? `sudo do-release-upgrade` is the supported way. hads ... after a full backup (: Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
RE: Ubuntu 10.04 LTS released
What's in your /etc/apt/sources.list? To use NZ reporitories, the primary is nz.archive.ubuntu.com. However, there is another one at nz2.archive.ubuntu.com. I use the latter ( as we're both on voda ) so my entries look sort of like... deb http://nz2.archive.ubuntu.com/ubuntu/ karmic main restricted deb-src http://nz2.archive.ubuntu.com/ubuntu/ karmic main restricted Worth trying the other one (: Cheers, Steve On Fri, 2010-04-30 at 15:57 +1200, Bryce Stenberg wrote: What is the best way to upgrade this server to 10.04 lts? `sudo do-release-upgrade` is the supported way. Try this page for more detail: http://www.ubuntu.com/getubuntu/upgrading Read the page - tried the update... # do-release-upgrade Checking for a new ubuntu release Failed Upgrade tool signature Done Upgrade tool Done downloading Failed to fetch Fetching the upgrade failed. There may be a network problem. My network seems to be working - I'm connected to server with SSH, I can ping www.ubuntu.com. I googled and see that each time I run 'do-release-upgrade' it puts a 4587520 byte file in a /tmp subdirectory called 'lucid.tar.gz'... but the details that followed were lost on me. This machine is just a bare bones install currently with not much in the way of applications installed. Is on LVM on RAID if that could affect it? Anyone care to hazard a guess as to why this might not be working for me, or where to look for solution? Thanks, Bryce Stenberg. DISCLAIMER: If you have received this email in error, please notify us immediately by reply email, facsimile or collect telephone call to +64 3 9641200 and destroy the original. Please refer to full DISCLAIMER at http://www.hrnz.co.nz/eDisclaimer.htm -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: serious X problem
On Tue, 2010-04-27 at 14:07 +1200, Nick Rout wrote: The other thing to try is xvinfo and see what it says. I'm sure there's a mandriva 2010.0 available. That'd be my startng point... Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Stopping disk I/O from massively slowing down the desktop - any suggestions?
On Sat, 2010-04-24 at 18:04 +1200, Phill Coxon wrote: On Sat, 2010-04-24 at 17:52 +1200, Wayne Rooney wrote: Bugger. Perhaps someone else has a fix for it. Seagate? :) Out of interest - did you find that your drive has gotten worse over time or has it been fairly consistent with the IO issue? I've been using this drive for about 3 years and it really only seems to have been the last 3-4 months that I've noticed it on a regular basis. Could this have anything to do with this??? http://www.greengecko.co.nz/node/21 Steve smime.p7s Description: S/MIME cryptographic signature
Re: connecting 2 boxes
On Sat, 2010-04-17 at 20:38 +1200, Barry wrote: and I have internet connection as this email testifies. ping works both ways OK, so you have a network. Now you need to set up some services to use it! What are you trying to achieve? If you'retrying to access the internet from the other macine then... ( as root / sudo ) 1. Set the default gaeteway from the one not connected to be the one that is connected ( assuming gateway is 10.0.0.1 ) route add default gw 10.0.0.1 2. Enable IP forwarding on the gateway machine. echo 1 /proc/sys/net/ipv4/ip_forward hth, Steve smime.p7s Description: S/MIME cryptographic signature
Re: connecting 2 boxes
On Sun, 2010-04-18 at 11:08 +1200, Ross Drummond wrote: On Sunday 18 April 2010, you wrote: I interpreted Barry's words to mean: I have got it to go, thanks folks. I have been talking with Barry on the phone. We cannot determine what the problem is, ifconfig and route are set up OK. Firewalls are turned off, one box can see and communicate with the other but the other is blind. I can not figure out the cause. Chris you may have to give on-site support. I will be in Christchurch on Wednesday and have offered to have a on-site look if Barry is still stuck. Cheers Ross Drummond From 10.0.0.2, nmap 10.0.0.1 and vice versa may well help. Steve smime.p7s Description: S/MIME cryptographic signature
Re: Connecting to a Thompson WiFi router.
On Wed, 2010-04-14 at 17:54 +1200, Christopher Sawtell wrote: Anyway what device would the list wisdom recommend? I use a d-link dsl-604t. No frills, no whistles. Just works. However, I may have a different outlook on wireless security than most: I assume it's going to be broken, and protect sensitive data accordingly. Because of this, I only use WEP. Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: grepping the access log for hacker evidence
On Thu, 2010-04-15 at 12:08 +1200, Paul Swafford wrote: Hi there! basically what I'd like is to extract date / time / ip address from the log where a user has made a failed attempt. This is what I have tried... but its a bit too much info .. grep authentication failure /var/log/secure | awk '{print $0- $1 - $2 -- $12 - $14 - $15}' | cut -b7- | sort | uniq -c hack.log Any hints / tips ? .. thanks in advance Paul Which logs? I don't use secure, but it would be best to look for specific ( eg ssh, http ) hacks. Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature
Re: Bluetooth dongles
On Sat, 2010-04-10 at 12:55 +1200, Aidan Gauland wrote: Hello again, First of all, thanks to everyone's advice and opinions (and silliness) on netbooks. Next, are most USB Bluetooth dongles Linux-friendly, or do I have to be careful about which one I choose? Thanks, Aidan Gauland No you don't. Also,last time I bought one, I got half a dozen, as they're small and easy to lose. So far, I've lost... none. So if you're after one, let me know. I only payed a few US dollars for them. Steve
Re: md RAID
On Fri, 2010-04-09 at 09:16 +1200, Solor Vox wrote: Hey all, I'm going to warn you beforehand and say that this message is technical and academic discussions of the inner-workings of md-RAID and file systems. If you haven't had your morning coffee or don't want a headache, please stop reading now. :) If you're still here, I've been trying to work out the optimal chunk size, stripe width, and stride for a 6TB RAID-5 array I'm building. For hardware, I've got 4x1.5TB Samsung SATA2 drives. I'm going to use Linux md in RAID-5 configuration. Primary use for this box is HD video and DVD storage. So for argument's sake, lets say that of the usable 4.5TB, 4TB is for large 8GB and up files. I also plan on either ext4 or xfs. One last thing to get out of the way is meaning of all the block sizes. Unfortunately, people tend to use “block size” to mean many different things. So to prevent this, I'm going to use the following. Stride – number of bytes written to disk before moving to next in array. Stripe width – stride size * data disks in array, so 3 in my case. Chunk size – File system “block size” or bytes per inode. Page size – Linux kernel cache page size, almost always 4KB on x86 hardware Now comes the fun part, picking the correct values for creating the array and file-system. The arguments for this are very academic and very specific for intended use. Typically most people try for “position” optimization by picking a FS chunk size that matches the RAID stripe width. By matching the array, you reduce the number of read/writes to access each file. While this works in theory, you can't ensure that the stripe is written perfectly across the array. And unless your chunk size matches your page size, the operation isn't atomic anyway. The other method is “transfer” optimization where you make the FS chunk sizes smaller ensuring that files are broken up across the array. The theory here is that using more then one drive at a time to read the file will increase transfer performance. This however increases the number of read/write operations needed for the same size file with larger chunks. Things get even more fun when LVM is thrown into the mix. As LVM will create a physical volume that contains logical volumes. The FS is then put on the LV so trying to align the FS to the array no longer makes sense. You can set the metasize for PV so it is aligned with the array. So the assumption here is that the FS should be aligned with the PV. While this all may seem like a bit much, getting it right can mean an extra 30-50MB/s or more from the array. So, has anyone done this type of optimization? I'd really rather not spend a week(s) testing different values as 6TB arrays can take several hours to build. Cheers, sV Just to throw a bit more into the mix... 1. I wouldn't touch ext4 for this. 2. What about reiser4? 3. PARTITIONING! Having just lived through it, watch out for the newer ( WD only?? ) disks with 4kB sectors but don't report it. That brought throughput down to 1MB/sec. 4. If your primary intention is performance ( rather than getting the best of all worlds ), why not RAID10? IMO disks are too cheap to worry with RAID5. ( 1.5TB is certainly the sweet spot pricewise, but most mobos have 6 SATA slots ) I would certainly do some basic testing, as the best answer will depend on the hardware you choose, and the mix of sizes of the files you wish to serve. I have had poor performance from some mobos and SATA ( ATI Technologies Inc SB700/SB800 SATA Controller as an example ) drivers, so some research is a good idea. Enjoy your weekend! Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: md RAID
On Fri, 2010-04-09 at 09:47 +1200, Hadley Rich wrote: On Fri, 2010-04-09 at 09:39 +1200, Craig Falconer wrote: Another variable here is fsck time. We found jfs to have the most consistent fsck times (not the shortest, but never the longest) However that was for backup drives with lots of files. JFS is my favourite. I note that most* of these NAS boxes use xfs, although that is the only file system that has completely blown up in my face in the last 10 years! Steve * OK, I've only seen about half a dozen of them (: -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: md RAID
On Fri, 2010-04-09 at 10:33 +1200, Solor Vox wrote: writes a lot, then RAID10 is better. However, RAID5 has better cost/GB ratio (N-1 vs N/2 for RAID10) and greatly out performs RAID10 on reads. You state this as fact... I find it strange, both from theory and experience. A random, fairly recent article ( yeah, it's not brilliant, but... ) http://www.myhostnews.com/2008/09/optimizing-raid-performance-bencmarks/ suggests that, while RAID 5 may be fastest with sequential reads, greatly is an exaggeration of the difference. As I said before, you need to suck it and see with your own hardware setup, and loading ( things like memory available for caching may make a huge difference for example ). Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
RE: Moving /var - problem with /var/lock and /var/run?
On Fri, 2010-04-09 at 10:57 +1200, Bryce Stenberg wrote: -Original Message- From: Wayne Rooney [mailto:wroo...@ihug.co.nz] I don't think your /etc/fstab is quite right. Can you post the file so we can see it. Fstab: # /etc/fstab: static file system information. # # Use 'blkid -o value -s UUID' to print the universally unique identifier # for a device; this may be used with UUID= as a more robust way to name # devices that works even if disks are added and removed. See fstab(5). # # file system mount point type options dump pass proc/proc procdefaults0 0 /dev/mapper/grp--a-root / ext3errors=remount-ro 0 1 ## this is the row I added... /dev/mapper/grp--b-third /var ext3defaults 0 2 LABEL=BootPart/boot ext2defaults0 2 /dev/mapper/grp--b-second /home ext3defaults0 2 UUID=12f9e615-f44d-4392-bd81-457927f82142 noneswapsw 0 0 /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0 /dev/sde1 /media/usbdrive autorw,user,exec0 0 Cheers, Bryce. FOUND IT! Was confused as I'v been mounting /var separately since it was split away from /usr way back in the dark ages. The last colum in fstab is marked pass. This defines in what order partitions are mounted. You must mount /var in the first pass, as software needs it there immediately. So change the root and /var pass values to 0 and all should be well. Once that is changed, there's no need for any of these weird /.var, symbolic liks, etc solutions. hth, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
RE: Moving /var - problem with /var/lock and /var/run?
On Fri, 2010-04-09 at 11:10 +1200, Hadley Rich wrote: On Fri, 2010-04-09 at 11:03 +1200, Steve Holdoway wrote: The last colum in fstab is marked pass. This defines in what order partitions are mounted. You must mount /var in the first pass, as software needs it there immediately. So change the root and /var pass values to 0 and all should be well. I don't know if it might be used to define what order they are mounted in, but I believe the official use it what order to fsck partitions in. / should be 1 and other partitions should be 1 or 0 if you don't want them checked. From the man page; The sixth field, (fs_passno), is used by the fsck(8) program to determine the order in which filesystem checks are done at reboot time. The root filesystem should be specified with a fs_passno of 1, and other filesystems should have a fs_passno of 2. Filesystems within a drive will be checked sequentially, but filesystems on different drives will be checked at the same time to utilize parallelism available in the hardware. If the sixth field is not present or zero, a value of zero is returned and fsck will assume that the filesystem does not need to be checked. hads I thought it was both, but am happy to stand/sit corrected (: Cheers, Steve. -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: md RAID
On Fri, 2010-04-09 at 11:21 +1200, Solor Vox wrote: On 9 April 2010 11:07, Craig Falconer cfalco...@totalteam.co.nz wrote: Nice - I saw somewhere that the likelyhood of losing a second drive increases exponentially once one has failed or started erroring. One way to reduce that risk is to assemble the raid on drives of different brands/models or different production runs. Then again... that seagate firmware bug last year affected many models/sizes -- Craig Falconer Good point Craig, also that using linux md raid allows you to use any controller you want. So if you controller dies you can still get your data off any machine with room for the drives. Plus, RAID5 software can actually be FASTER on software since the CRC parity is done on the processor vs slower raid controller board. (I've read some controllers can off-load that to CPU but that's not supported well in Linux) And, software RAID can do cool stuff like odd number of RAID10 disks. :) sV Only if you're careful. Many BIOSes will recognise raid controllers with fake ( aka Windows ) raid functionality, and automagically install support for it. So be real careful what raid support you install in your kernel, and which modules you blacklist. Steve. -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
RE: Moving /var - problem with /var/lock and /var/run?
On Fri, 2010-04-09 at 12:06 +1200, Bryce Stenberg wrote: -Original Message- From: Steve Holdoway [mailto:st...@greengecko.co.nz] The last colum in fstab is marked pass. This defines in what order partitions are mounted. You must mount /var in the first pass, as software needs it there immediately. So change the root and /var pass values to 0 and all should be well. Thanks Steve, I set it to '1' to force it to be checked (as per Hadley's comment) and it appears to have booted up fine without errors. Cheers everyone, Bryce Stenberg. Well, that's not quite what Hads said. Filesystems are checked when marked as dirty, and every x mounts ( see tune2fs for for details on how to manipulate this and annoy sysadmins on ext2/3?4 file systems ). The fsck stuff is performed in passes so that ( for example ) dependencies like /var/www can be set up to be mounted after /var. As I suspected, this field also affects the order in which the file systems are mounted even if fsck is not required. By changing the / and /var pass values to be the same, you ensured there was no dependency between the two, and both were mounted at the same time, ensuring the availability of /var when necessary. Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: Netbook opinions?
On Thu, 2010-04-08 at 15:47 +1200, Aidan Gauland wrote: Steve Holdoway wrote: I've got an older Acer One, with just an 8GB SSD+SD. It works fine ( currently running the pre-release Ubuntu 10.10 happily ), although the SSD has been replaced once, and write performance does seem rather slow. Does anyone else have any experiences with or opinions of the Acer Aspire One? I am now considering that one (as well as the Eee), because of the keyboard and it seems to be more Debian-friendly; that is I don't have to use a netbook-specific distro to alleviate hardware and driver woes. I really don't know why we need specific drivers for something as simple as network chipsets. Weren't the OSI and TCP/IP layer models supposed to avoid this problem? Or do these problems exist in only one layer? Or is it just a delusion? Thanks, Aidan TBH the ubuntu network stuff is more about best use of a limited display area than different drivers. I can switch between full-blown gnome desktop and netbook on login. Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: Netbook opinions?
On Thu, 2010-04-08 at 15:55 +1200, Steve Holdoway wrote: TBH the ubuntu network stuff is more about best use of a limited display area than different drivers. I can switch between full-blown gnome desktop and netbook on login. Steve Sorry, s/network/netbook/ -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: Netbook opinions?
On Wed, 2010-04-07 at 07:11 +1200, Aidan Gauland wrote: Hello, I have a birthday coming up, and up for grabs is a netbook. I have heard good things about the Eee PC family from CLUGers a while ago, so I would like to hear any opinions on this model in particular: http://www.enetcomputers.co.nz/ProductDetails.asp?ProductCode=ASUS103. (For the impatient and those confined by an over-restrictive firewall, it is listed as an Asus EeePC 1005HA). Any recommendations of or opinions on other models or families would be welcome, as well. Thanks, Aidan I've got an older Acer One, with just an 8GB SSD+SD. It works fine ( currently running the pre-release Ubuntu 10.10 happily ), although the SSD has been replaced once, and write performance does seem rather slow. Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: Netbook opinions?
On Wed, 2010-04-07 at 12:19 +1200, Robert Fisher wrote: ( currently running the pre-release Ubuntu 10.10 happily ), 10.04 ? Good catch! Yes, I'm not wishing the whole year away yet! Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
Re: Print large image across multiple sheets
On Mon, 2010-03-29 at 23:06 +1300, Roy Britten wrote: Can't you do this with postscript... - anymap - ps - play with ghostscript / output to lpr? eg pngtopnm myimage.png | pnmtops -dpi 300 myimage.ps Tried, with and without -equalpixels. Got a corrupt or incorrectly encoded .ps with no usable image. Who'd have thunk it was this hard? I might have to give up and ask a Mac user for help. Thanks for the suggestions, Roy. If it's a huge image, are you running out of resources Roy??
Re: Print large image across multiple sheets
On Sun, 2010-03-28 at 19:15 +1300, Roy Britten wrote: I have a largish (~12000 pixels square) image that I want to print at a defined scale across multiple sheets. I'm comfortable using Image Magick to split the image into appropriately-sized chunks, but am at a bit of a loss when it comes to forcing 300dpi at printing time. It would be wonderful if someone has already produced a tool that takes an image and paginates it into, say, PDFs at a defined resolution. My google-fu has failed to find such a tool. Suggestions? Cheers, Roy. Can't you do this with postscript... - anymap - ps - play with ghostscript / output to lpr? eg pngtopnm myimage.png | pnmtops -dpi 300 myimage.ps -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: Reducing log file noise
On Mon, 2010-03-29 at 11:39 +1300, Tom Munro Glass wrote: On Mon, 29 Mar 2010 11:25:12 Solor Vox wrote: I'd suggest using a udev rule that runs simple script to enable/disable your tty. All you'd need to do is match your modem in a udev rule and call a script to change your inittab. That way it only runs if/when the modem is plugged-in. Cheers, sV This sounds like a good solution - could you possibly give me a pointer on how to write the udev rule, because I haven't done this before? When the modem is plugged in the device is /dev/ttyACM0, and the driver module is cdc_acm. You need the device ID - lsusb to list. http://www.reactivated.net/writing_udev_rules.html Will this run as root, because the script would need to patch /etc/inittab and then call 'telinit q'? No... the udev rule is instead of, not to enable inittab. If you really need the always up testing functionality, then maybe look at DJB's daemon tools. Tom I can't believe I've just recommended some of Dan's software. Off for a lie down! Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: horse and webshell
On Wed, 2010-03-24 at 12:07 +1300, Tom Smith wrote: I followed this link but only got this.. must be just my system right?? Secure Connection Failed shell.clug.org.nz uses an invalid security certificate. The certificate is not trusted because it is self signed. The certificate is only valid for shell.clug.net.nz The certificate expired on 24/05/09 13:59. (Error code: sec_error_expired_issuer_certificate) * This could be a problem with the server's configuration, or it could be someone trying to impersonate the server. * If you have connected to this server successfully in the past, the error may be temporary, and you can try again later. Or you can add an exception… Well, it could do with renewing, but I'd create an exception. This is one of my annoyances with these certs, as they provide 2 functions at the same time, and firefox goes over the top on one of them! 1. The connection is encrypted. 2. The issuer is validated. In this case, it's only really function 1 that's necessary. To pass function 2 costs money and/or real grief in insalling certificate authorities, intermediate files, and loads of other bumpf. /soapbox Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: horse and webshell
On Tue, 2010-03-23 at 08:25 +1300, C. Falconer wrote: Hi all - with respect to horse, how many of the current users make use of the webshell running on port 443? If that makes no sense, https://shell.clug.org.nz/ Logs don't tell me who uses which mechanism for connecting. I want to run openvpn on port 443, and if noone uses webshell it can go away. Bother cablemodems with only one IP address. ... it's usual to run openvpn over udp, so shouldn't clash??? Mind you I have used it over 22/tcp to take advantage of QoS stuff to improve latency. Steve
Re: Hi I need a disk for ubuntu 9.10
On Sun, 2010-03-21 at 13:37 -0700, Patelkhana Mohan Rao wrote: Can anybody help in sparing ubuntu9.10 disk pl. mohan Cue Wesley... -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: Monthly drinks
On Mon, 2010-03-15 at 18:46 +1300, yuri wrote: But it is St Paddy's day (on the 17th I mean)! Does that mean we want a different date? No! We decided on 17th so let's stick to it. I moved appointments around to make it this time. What time are most folks turning up at the twisted hop? Yuri I'm up for a fairly early one... -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: ssh testing
On Thu, 2010-03-11 at 21:38 +1300, Robert Fisher wrote: Steve Holdoway wrote: yup, getting a response now (: Steve If you're going to leave port 22 open, then I'd install something like denyhosts, and disable root login over ssh. If you're taking a lappie with you then installing certificates would allow you to disable passowrd logins completely. Good advice (I did not know about denyhosts but now I think I have it set up OK - I have done some tests here.) If you are still there tonight before I go to bed you might like to try again - you should be denied. Rob no - still being prompted for a password...
Re: ssh testing
On Fri, 2010-03-12 at 00:56 +1300, Hadley Rich wrote: On Thu, 2010-03-11 at 21:55 +1300, Steve Holdoway wrote: no - still being prompted for a password... A denied or not allowed user will still get prompted for a password, it will just never work. hads Denyhosts adds addresses to /etc/hosts.deny. This will drop the connection before password requests iirc. Steve
Re: ssh testing
On Fri, 2010-03-12 at 10:24 +1300, Jim Cheetham wrote: On Thu, Mar 11, 2010 at 9:55 PM, Steve Holdoway st...@greengecko.co.nz wrote: no - still being prompted for a password... Steve, I hope you're testing with ssh -v so you can see all the methods the ssh server is advertising. Rob, I hope you've set PasswordAuthentication no in /etc/ssh/sshd_config (and restarted sshd). I also hope that you have whitelisted places you know you might be connecting from in /etc/hosts.allow :-) Hads, you're right that a connection attempt denied by sshd can move on to the next authentication method, which often means that you get asked for a password. However, denyhosts logs IP addresses in /etc/hosts.deny, and sshd is usually compiled to look at tcpwrappers, so people who have failed to login too many times will eventually get no ACK from sshd at all. -jim I'm as risk averse as the next person - probably more than some having fought hackers since the interweb was invented in my role as a sysadm. However... For a couple of weeks away, I wouldn't bother with the obscurity bit in that way, rather just disable root login so they have to guess the user account and password before denyhosts closes them out. This is a pretty huge block for any prospective hacker, especially if you chose your login carefully off the bottom of the common account names list. In fact, outside a corporate environment, I'd say it's all you need(*). Yes, some may say that you need to take distributed hack attempts into account but... well, risk is a subjective viewpoint, and mine is that it's an acceptable one to take - even more so if you use a dynamic dns service and can persuade your router to acquire a new IP address on a regular basis. The bit about password authentication is ok if you're going to use your own lappie, but if you're going to borrow a pc to check stuff, then carrying around your private key is going to be a real pain. Use of internet cafes brings up a new list of potential security issues, of course. BTW, if you are taking a lappie with you, then I'd set OpenVPN up and restrict the ssh server to listen only on that subnet. Cheers, Steve (*) at the moment! -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: ssh testing
On Fri, 2010-03-12 at 11:17 +1300, Jim Cheetham wrote: s, and a key is around 700 typeable characters ... set up keys, not passwords! ... or passphrases, not passwords? -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: UBUNTU 9.10 Server Install - LVM problem?
On Fri, 2010-03-12 at 11:41 +1300, Bryce Stenberg wrote: Hi, I've already posed my problem on the UbuntuForums (http://ubuntuforums.org/showthread.php?t=1426826 ) but thought I'd post here also as responses are much quicker and I'd like to proceed with this install before next week... I'm installing Ubuntu 9.10 server 64bit on a new machine. I've manually partitioned the drives so I can use LVM. I created some logical volumes under LVM. I think the installer was meant to let me specify file system and mount point for these volumes but it didn't and I can't see way to make it do it either. So I've formatted the logical volumes with ext3 from the command line but I can't see how to tell the installer that this is where I want the root file system. Does anyone know if there is a command I can run or file to edit that can tell the installer to now put the root file system on /dev/sda5 (the logical volume I just formatted) so as the installation can proceed? Regards, Bryce Stenberg. Not done this on 9.10, but with all (older) debian'esque services I've set up with LVM, you need to partition manually, and the options you need can be hidden off the bottom of the screen, expecially if you're in text mode. But you can set it all up from this point in the installation, although it's extremely tedious. As Jim mentioned, there is loads of jargon with logical and physical volumes and groups but it does make sense, sorta. It's all based on the (old?) HP implementation, which is really handy if you used to administer HP-UX servers (: Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
RE: UBUNTU 9.10 Server Install - LVM problem?
On Fri, 2010-03-12 at 13:25 +1300, Bryce Stenberg wrote: I'm using LVM's for there ability to take almost instant 'snapshots' of volumes to then utilize in full backups of the system including live databases (after appropriate freezing/blocking of database and flush of buffers etc to disk ready for snapshot). Thanks, Bryce. I wouldn't do that with the backups personally. If you're after backing up important production databases, then I'd look at replicating them ( to another machine preferably ) as a frist line of defence. Also whilst over there, cold backups have no effect on live systems performance... and no matter how cumbersome they are, I reckon they should always be a part of your backup strategy (: Just my $0.02... Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: UBUNTU 9.10 Server Install - LVM problem?
On Fri, 2010-03-12 at 18:19 +1300, Jim Cheetham wrote: On Fri, Mar 12, 2010 at 1:34 PM, Steve Holdoway st...@greengecko.co.nz wrote: I wouldn't do that with the backups personally. If you're after backing up important production databases, then I'd look at replicating them ( to another machine preferably ) as a frist line of defence. Replication gives you defence from hardware failure, the same way that RAID does. But it has nothing whatsoever to do with being a backup in the data sense. Except ... whilst over there, cold backups have no effect on live systems performance... The only effect that they have is to push back on your replication system :-) As long as the primary doesn't get excess load while waiting for the replicant to come back up, you're in business. Well, it just extends the list of changes to be made. No different to adding rows to a table. and no matter how cumbersome they are, I reckon they should always be a part of your backup strategy (: Sure, but effectively that's what a snapshot is; if a full cold backup takes say 1 hour, with LVM snapshotting you can reduce that to a couple of seconds. Surely that's worth investigating? If you can grab a snapshot that quickly (it'll still take an hour to actually back up from there, but the DB doesn't have to know), and your production system can handle being read-only for a second or so, you can dispense with the need for a replicant in the first place. I disagree. LVM doesn't magically invent performance, which it must do to provide the 'virtual' instant backup you're talking about. The server still suffers. If this isn't a problem, then this is not really relevant. The big difference between this setup and what I'm recommending is that you've moved the whole of your non production oriented services away from the production server, which means that it can do what it needs to - support the live services. The replicated database can then be secured with minimal effect on this database or server. -jim
Re: ssh testing
On Thu, 2010-03-11 at 20:16 +1300, Robert Fisher wrote: Steve Holdoway wrote: Getting no response from that ssh on port 22 on that ip address from Diamond Harbour... ): Steve Could you try again please Steve - PC was off for a little while. Rob yup, getting a response now (: Steve
Re: ssh testing
On Thu, 2010-03-11 at 20:35 +1300, Steve Holdoway wrote: On Thu, 2010-03-11 at 20:16 +1300, Robert Fisher wrote: Steve Holdoway wrote: Getting no response from that ssh on port 22 on that ip address from Diamond Harbour... ): Steve Could you try again please Steve - PC was off for a little while. Rob yup, getting a response now (: Steve If you're going to leave port 22 open, then I'd install something like denyhosts, and disable root login over ssh. If you're taking a lappie with you then installing certificates would allow you to disable passowrd logins completely. Steve
Re: ssh testing
On Thu, 2010-03-11 at 20:00 +1300, Robert Fisher wrote: I am going on holiday soon and want to have ssh access to my desktop PC at home. I have tested from another PC at home and it works fine... rob...@dell-d410:~$ ssh 192.168.10.13 rob...@192.168.10.13's password: rob...@beast:~$ logout Connection to 192.168.10.13 closed. On my IPCop box I have port forwarded port 22 to 192.168.10.13 (I am sure I have done this before) If I try from the same PC to our static home IP address I get rob...@dell-d410:~$ ssh 60.234.134.181 rob...@60.234.134.181's password: Permission denied, please try again. rob...@60.234.134.181's password: Should I be able to do this? (Connect to a local machine using our home external address) If someone is able tonight we could perhaps change my password and test it from outside. Getting no response from that ssh on port 22 on that ip address from Diamond Harbour... ): Steve
is the list admin out there somewhere...?
... I'm sorry I can't find your email address ): I've had an offlist request from bre...@wallace.net.nz to have a look at her account details. Apparently, when posting, the account is refused as not being authorised: Your message cannot be delivered to the following recipients: Recipient address: linux-users-exp...@process.it.canterbury.ac.nz Original address: linux-users@it.canterbury.ac.nz Reason: you are not allowed to use this list: linux-users-exp...@process.it.canterbury.ac.nz Action: failed Status: 5.7.1 (you are not allowed to use this list: linux-users-exp...@process.it.canterbury.ac.nz) Original-recipient: rfc822;linux-users@it.canterbury.ac.nz Final-recipient: rfc822;linux-users-exp...@process.it.canterbury.ac.nz but attempting to add it results in: Error processing the command: subscribe linux-users Brenda Wallace bre...@wallace.net.nz.. Address bre...@wallace.net.nz already subscribed to the mailing list linux-users %MAILSERV-W-ALREADYSUB, address is already subscribed to the mailing list Use the HELP command to get a list of legal MAILSERV commands. Ahh, real VMS messages. Takes me back (: Could you fix this / someone with a better memory forward it to the approprite person? Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
twitter clients?
What do people recommend? I'm sick of gtwitter crashing for no apparent reason! Ubuntu 9.10 64 bit platform... Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: twitter clients?
On Fri, 2010-03-05 at 11:35 +1300, Craig Falconer wrote: Steve Holdoway wrote, On 05/03/10 11:17: What do people recommend? I'm sick of gtwitter crashing for no apparent reason! Ubuntu 9.10 64 bit platform... nothing. Twitter is so insanely pointless. I agree, but I've got some strange customers who are asking for it... -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: twitter clients?
On Fri, 2010-03-05 at 11:35 +1300, Jim Cheetham wrote: On Fri, Mar 5, 2010 at 11:17 AM, Steve Holdoway st...@greengecko.co.nz wrote: What do people recommend? I'm sick of gtwitter crashing for no apparent reason! Ubuntu 9.10 64 bit platform... What, besides just not twittering? Or using a open platform like identi.ca? Personally I just hook it up to Pidgin, because I have that running already, and can't see the point of having multiple similar applications running. It isn't eprfect, but it's good enough. I see lots of people using TweetDeck, too. -jim I've already got skype ( hey, the customer is always right! ) plugged in to pidgin, didn't know I could go the same route with twitter. Loaded up apt, and away it went. Thanks for the pointer. Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: chroot sftp users
On Tue, 2010-03-02 at 09:19 +1300, Craig Falconer wrote: I recommend you edit /etc/apt/sources.list and change sarge to stable then do a full apt-get update apt-get dist-upgrade Woah there just one minute Craig. I really wouldn't skip a release when doing this. It's long-winded, but I'd perform a dist-upgrade to etch, then to stable if you're going that route. But, tbh, I'd do a clean install of lenny (stable) in preference. Cheers, Steve AKA Mr. Cautious (: -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Just been bitten...
... by the new Western Digital SATA disks with 4k blocksize. As they don't report this fact properly, fdisk happily partitions them starting at a 31.5kB boundary, resulting in unbelievably bad performance. The solution is here, well, well away from an automated Ubuntu install... http://community.wdc.com/t5/Desktop/Problem-with-WD-Advanced-Format-drive-in-LINUX-WD15EARS/m-p/7573#M369 Thanks WD. I like the concept of your green hardware range, but I don't really think I'll be supporting you any more. I need what little sanity I have left kept intact! Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: chroot sftp users
On Tue, 2010-03-02 at 16:10 +1300, Glenn Cogle wrote: I can't justify building a new box either. I want less servers to administer, not more. Hmmm... I want more to administer. I'm sure we could come to an arrangement (: Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: chroot sftp users
On Tue, 2010-03-02 at 17:18 +1300, Jim Cheetham wrote: On Tue, Mar 2, 2010 at 4:53 PM, Glenn Cogle gco...@gmail.com wrote: Box is backed up to tape 5 nights/week. I like backups - they help me sleep. I used to sleep because of backups ... but now I sleep because restore works. You are testing restore regularly I hope ... :-| -jim As long as you can't see through them they'll be ok (: -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: Next CLUG Social Gathering.
On Fri, 2010-02-19 at 20:04 +1300, Steve Holdoway wrote: On Fri, 2010-02-19 at 19:52 +1300, Christopher Sawtell wrote: [snip] I have an old IBM penguin that I'll try to get into the mix... Cheers, Steve OK, Chris is now the official owner of my IBM stress Tux. Hopefully to be seen at a Twisted Hop near you in the not too distant future... Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: Filesystem and replacing .. The final word??
On Mon, 2010-03-01 at 09:22 +1300, Craig Falconer wrote: Aidan Gauland wrote, On 26/02/10 21:41: I'm glad to see the labs have Emacs 23 this year. I love Emacs. Dunno why - vi is everywhere, emacs isn't. Even if you hate it, you still have to know how to use it. All I know is Cntrl-x Cntrl-c and that's plenty! Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: chroot sftp users
On Mon, 2010-03-01 at 17:27 +1300, Glenn Cogle wrote: I want to chroot my sftp users to their respective home directories, but apparently this isn't the default behaviour. My server is debian 3.1, openssh 3.8.1p1 vsftpd 2.0.3 - not exactly cutting edge, but it works. Apparently (much) later implemetations of OpenSSH (v4.9+) include facilities for chrooting sftp ssh users. I suppose my choices are (1) hack existing ssh (2) devise some workaround - perhaps using permissions (3) upgrade ssh, and probably the OS as requirements dictate (4) build a new server with later OS + ssh (5) something else I havn't thought of yet Interested in comments from those who have been here... GC Having been there very recently ( I now have chrooted sftp access working for virtualmin ), I recommend just compiling up the latest openssh from source, and using the internal sftp server. I run the original on a non-standard port, and the latest on port 22, which is quite easy, as the config files are in a dfferent place if you use defaults. It is a bit of a PITA, as the root directory have to be owned by root, permissions 755, which means that everything has to be located in (pre-created) subdirectories, which means some work to /etc/skel. However, once up and running it's something you can just forget. I would also recommend updating, as etch ( 4.0 ) was end of lifed a week ago! hth, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: Next CLUG Social Gathering.
On Fri, 2010-02-19 at 19:52 +1300, Christopher Sawtell wrote: [snip] I have an old IBM penguin that I'll try to get into the mix... Cheers, Steve
Re: Filesystem and replacing the window manager
The only workable option I can see is to use a boot USB if allowed. I know the latest 10.04 ubuntu allows for your own data area. In reality, you seem to be creating a lot of extra work for yourself. I expect the course will be hard enough without this! Steve On Tue, 2010-02-16 at 21:02 +1300, Aidan Gauland wrote: Hello, I am about to start university next week, and I do not like either KDE or GNOME, which is all that is available in Canterbury's C.S. computer labs. I would like to put my favourite window manager on my memory stick, and run it in place of the one into which I login. This raises two problems: how do I switch window managers within an X session (without terminating the X session)? And what filesystem can I put on my memory stick that is more UNIX friendly than FAT, but that does not have the ext filesystems' problem of confusing the system that mounts it when moving between systems with different UIDs? These are, of course, not huge issues, but I would like to figure this out at some point. --Aidan Gauland
Re: This years format.
On Wed, 2010-02-10 at 12:24 +1300, Nick Rout wrote: [snip] Unfortunately illness at home is going to stop me from coming into town tomorrow evening. Could someone have a pint of twisted ankle on my behalf?? Cheers, Steve
Re: Recommendations for Linux hosting companies
The problem with using a small hosting company is getting mail delivered to xtra/yahoo. So make sure whoever you choose has a reputable - in their eyes - smarthost. If you want to take pot luck, I can offer you space - debian lenny/virtualmin. Cheers, Steve On Sat, 2010-02-13 at 21:04 +1300, Solor Vox wrote: Hi guys, My apologizes if this has been asked before. I'm in search of recommendations for a Linux hosting company where I can park/buy a domain. I plan on using the domain mostly for email and maybe a wee personal web site. Virtual private servers are great, UML/xen/etc, but often a bit expensive. Shared hosting would be second choice, and last choice would be managed services. Of course google returns heaps of them, what I'm looking for is input from those of you who have good or bad experiences and which ones to avoid. Cheers, sV
Re: Where have you seen linux today?
On Sat, 2010-02-13 at 17:46 +1300, Nick Rout wrote: No choice was taken away. The government paid for licenses for every school. That didn't force the school to use MS products. It made it zero cost. Wasn't there a school in Dunedin that attempted to get the value of the licenses instead and failed? Sorry to be so vague? Steve
Re: I have a dream of promiscuous sharing...
On Wed, 2010-02-03 at 21:36 +1300, cy...@xnet.co.nz wrote: I watch my daughter who, (totally unlike me), is a fantastic people person. When she meets anyone, she embarks on an exploration of common ground, seeking common tastes putting aside her own to learn those of the other. But so many people have detached themselves from our community by walling themselves in a closed garden of sound. Ear Phones In, Volume Up. Tiny embedded linux devices are becoming so common, so cheap these days... ...my dream is nearly here. What I want to create is this.. An ogg music player with blue tooth that comes packed to the brim with a random selection of Creative Commons Licenced music. Jamendo would be my first port of call to find that music... http://www.jamendo.com/ The UI allows you express your liking or disliking for the current track playing. (Click up arrow or down once or several times.) Whenever you meet _anybody_ else with one of these devices, they pair immediately and promiscuously and without asking begin exchanging the highest rated tracks, deleting negatively rated tracks if space is needed. The highest mutually (A x B) rated track currently on both devices will begin playing on both devices providing an instant talking point. (If no common favoured tracks exist, the track currently being exchanged will play.) Instant Party! An app on a PC will automagically do the same. Anyone want to play with? The todo list is something like this... * Start spreading the idea and getting feedback and suggestions. (Where I'm at now). * Search for compatible/similar FOSS projects / components. * Start savanna / sourceforge site. * Define the blue tooth discovery and automatic pairing protocol. * Define implement the track exchange protocol. * Find (and purchase) suitable embedded device(s) to implement this on. - Need audio out. - enclosure battery. - display - a few keys. (maybe android, but a bit too expensive.) * Tweak an existing playback app to record preferences. * Define the preferences / checksum / path database format. I envisage making all these items as loosely coupled and redeployable as possible. It'd perhaps be nice to make the odd buck from selling the hardware... but I'm not fussed. I aim to make the protocols and implementations completely open and GPL'd. The purpose of the project is create roving and merging and splitting and spreading communities of sound. Further applications can be imagined like... * Set your player to play whatever anybody near me is playing. * Set everybodies player in 3 or more person groups to play on simultaneously on their speakers the mutually highest rated track. Instant dance party! * Bands planning on touring a location can inject their best track into the region a month or so before to drum up enthusiam. John Carter cy...@xnet.co.nz What a fabulous concept. Let me know if I can help at all... Steve
Re: Debian avahi weirdness
what does sudo ifconfig -a cat /etc/network/interfaces sudo dpkg -l | grep avahi show? On Thu, 2010-02-04 at 17:22 +1300, Roy Britten wrote: A debian server for which the previous administrator has disappeared is playing up. When bringing up networking we see something like (copied by hand; may contain typos) $ sudo ifdown eth0 $ sudo ifup eth0 ADDRCONF(NETDEV_UP): eth0: link is not ready /etc/network/if-up.d/avahi-daemon: line 9: /usr/lib/avahi/avahi-daemon-check-dns.sh: No such file or directory /etc/network/if-up.d/avahi-daemon: line 9: exec: /usr/lib/avahi/avahi-daemon-check-dns.sh: cannot execute: No such file or directory run-parts: /etc/network/if-up.d/avahi-daemon exited with return code 126 /usr/lib/avahi doesn't exist, and I can't find avahi-daemon-check-dns.sh anywhere on the system. An apt-get update was performed about a week before the issues were noticed; it's possible that the system was restarted for the first time a week after the update was applied. My google-foo has failed to find answers this time. I'm assuming (and we all know what a good idea that is...) that something dodgy happened in the latest apt-get update, and the system has been left in an inconsistent state. I've tried commenting out the offending line in etc/network/if-up.d/avahi-daemon to no avail; the result is $ sudo ifdown eth0 $ sudo ifup eth0 ADDRCONF(NETDEV_UP): eth0: link is not ready run-parts: /etc/network/if-up.d/avahi-daemon exited with return code 1 Your suggestions for regaining network access, or of places I should look for clues, are solicited.
Re: List stats
On Wed, 2010-01-06 at 17:07 +1300, Robert Fisher wrote: steve wrote: Personally, I'd try Fedora 12 first, but then I'm not into KDE at all, which may affect my perception. I just detest YaST(2) ): Hope you haven't got a Gigabyte mobo Steve Well yes I have. Why do you ask? Rob There are a number of acpi problem with their boards, leading to lockups on install.
Re: Skype on Kubuntu
On Thu, 2009-11-26 at 16:03 +1300, Vik Olliver wrote: On 26/11/09 Christopher Sawtell wrote: Has anybody got Skype ( ver. 2.1.0.47 ) video to work on (K)ubuntu Kosmic Koala ( or what ever it is that they are callling the 9.10 version - I forget ) ? Krashing Koala, I find. Hopefully the recent nvidia fixups will help. Vik :v) unlikely to help with an ATI chipset though... Cheers, Steve
Re: openvpn - client not connecting
On Thu, 2009-11-19 at 22:20 +1300, Roger Searle wrote: Thu Nov 19 19:34:33 2009 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Thu Nov 19 19:34:33 2009 TLS Error: TLS handshake failed It is a networking problem somewhere along the line. Is the OpenVPN server recognising the clients attempt to connect? Could you show the config files for bth client and server?? Cheers, Steve
Re: SMTP Problem
On Sun, 2009-10-18 at 19:28 +1300, Chris Downie wrote: Out of the blue my mail client (Opera) has stopped sending messages. I did a clean install of Mepis 8.0.1 and Opera 10 and sending just stopped. Receiving messages is fine and sending via another client (KMail) is fine so it is not the ports or firewall stopping things. My ISP say they do not require authentication to send messages. A log of an outgoing connection reveals: 18/09/2009 13:30:06 SMTP OUT : Connecting... 18/09/2009 13:30:06 SMTP IN : 220 ananke.wxnz.net ESMTP Postfix 18/09/2009 13:30:06 SMTP OUT : EHLO localhost 18/09/2009 13:30:06 SMTP IN : 250-ananke.wxnz.net 250-PIPELINING 250-SIZE 14619200 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN 18/09/2009 13:30:06 SMTP OUT : MAIL FROM:9...@xnet.co.nz 18/09/2009 13:30:06 SMTP IN : 250 2.1.0 Ok 18/09/2009 13:30:06 SMTP OUT : RCPT TO:cri...@gmail.com 18/09/2009 13:30:06 SMTP IN : 554 5.7.1 localhost: Helo command rejected: You are not me 18/09/2009 13:30:06 SMTP OUT : RSET 18/09/2009 13:30:06 SMTP IN : 250 2.0.0 Ok 18/09/2009 13:30:06 SMTP OUT : QUIT 18/09/2009 13:30:07 SMTP IN : 221 2.0.0 Bye 18/09/2009 13:30:07 SMTP IN : Disconnected Everything appears in order except the obvious: 554 5.7.1 localhost: Helo command rejected: You are not me Who do I need to be and where might I put it?? Everything in my Opera account, prefs and .ini files appear to be in order (compared to a backup). Cheers, Chris What do you have in /etc/hosts for localhost and ananke.wxnz.net?
Re: SMTP Problem
On Sun, 2009-10-18 at 20:05 +1300, Steve Holdoway wrote: Can you try to set up a mail to yourself the hard way using telnet... telnet ananke.wxnz.net 25 ehlo localhost mail from: 9...@xnet.co.nz rcpt to: 9...@xnet.co.nz quit Can you post the responses to the above commands?? Cheers, Steve
Re: SMTP Problem
On Sun, 2009-10-18 at 20:31 +1300, Chris Downie wrote: st...@greengecko.co.nz was rumoured to say: Can you try to set up a mail to yourself the hard way using telnet... telnet ananke.wxnz.net 25 ehlo localhost mail from: 9...@xnet.co.nz rcpt to: 9...@xnet.co.nz quit Can you post the responses to the above commands?? ~$ telnet ananke.wxnz.net 25 Trying 58.28.4.122... Connected to ananke.wxnz.net. Escape character is '^]'. 220 ananke.wxnz.net ESMTP Postfix ehlo localhost 250-ananke.wxnz.net 250-PIPELINING 250-SIZE 14619200 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from: 9...@xnet.co.nz 250 2.1.0 Ok rcpt to: 9...@xnet.co.nz 554 5.7.1 localhost: Helo command rejected: You are not me quit 221 2.0.0 Bye Connection closed by foreign host. As I can't even talk to smtp.wxnz.net, it's looking only to a restricted IP list, which includes yours. However, it seems to think that you're not authorised to send mail... do you need to provide any extra authentication, like logging in???
mailing list problems...
I've just received, in one lump, the last few days posts to the list... 23 emails. Does the list owner read the list, and can he tell me what's happening? Cheers, Steve
Re: PHP documentation
On Thu, 2009-10-08 at 02:14 +1300, Kent Fredric wrote: For the love of sanity for yourself and your peers, do please seek out migrating to the Lastest And Greatest and Least Vulnerable PHP 5.3. You'll really thank yourself later. Given that CentOS 5 delivers 5.1.6, and even Ubuntu 9.04 only delivers 5.2.6, I beg to differ. Not much point developing code you can't deploy anywhere (: Steve
Re: Loopback server
On Thu, 2009-09-17 at 19:24 +1200, Aidan Gauland wrote: Nick Rout wrote: One must ask why - the network is the computer after all :) If you are doing this at home, do you mistrust the other users on your LAN? If you are doing it at school or similar I can understand. The answer to that is for convenience. What's the alternative? I've read about TUN/TAP and bridging, but I'm hoping a simpler method exists. Is there one? And any closed-source/proprietary options are out of the question here. Thanks anyway to those who have suggested VMware, etc. :) --Aidan I think you're making a mountain out of a molehill. The answer depends on the virtualisation software you choose. For example, using the illegal vmware server software, there are three networks that can be enabled, offering differing levels of visibility. No extra software required. It configures the client and server network iterfaces automagically. I suggested it because it requires no special kernel, and is a simple install. I'm sure xen will be the same... there's plenty of information on virtualization on howtoforge. Cheers, Steve
Re: OT: cgi and http auth (or something)
Not being familiar with python, I'd use PHP SOAP libraries, but this looks like it'll help... http://www.opensourcetutorials.com/tutorials/Server-Side-Coding/Python/python-soap-libraries/page1.html hth, Steve On Sun, 2009-09-06 at 14:55 +0900, Andrew Errington wrote: Hi all, I have written an HTML form which calls a cgi script written in Python. The Python script looks at the data in the form and produces an XML data file. Next, I have an XSLT file that operates on the XML data to make an HTML webpage (why, yes, it uses CSS too. How many more Web 2.0 acronyms can I include here?). The cgi script is hidden away in an inaccessible subdirectory, it cannot be seen, but it is executable. The final web page is intended to be visible to the world. The HTML form which submits the data is currently visible to the world. Obviously I don't want just anyone to be able to submit the form (but I don't mind if anyone can *see* the form). What is the simplest, standards-based mechanism I can use to allow only certain people to submit the form? I think it's HTTP AUTH, but I haven't found a decent howto to follow. A username/password pair is fine, or just a password would be ok. The data isn't sensitive, I just wanted to make it easy for a person to enter some data and produce a pretty web page. Also, I am not fully in control of the web server. It is currently running on a hosted service. Please could I have some tips or suggestions? Links to the world's best cgi securification page would be appreciated. Thanks, Andrew
Re: Neat, Crazy, Cool, scripts
On Thu, 2009-08-27 at 07:34 +1200, Daniel Hill wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 So I was reading over the old archive of xkcd's blag, and found this: http://blag.xkcd.com/2009/04/27/a-problem/ (read the comments lots of bash tips) just wondering if anyone know's any neat tricks and what not for linux I wrote this one the other day: WARNING THIS NEEDS ROOT AND ASKS FOR IT (VIA SUDO), IT MAY NOT DESTROY YOUR COMPUTER I'M WARNING YOU AND I HEAR BY CLAM NO RESPONSIBILITY FOR DAMAGE CAUSED it will also erase any file called speed test.txt in the current running directory code FILE=speed tests.txt; cp /dev/null $FILE; for i in `echo /dev/sd? | sed s:/dev/::g` ; do LINE=Disk:/dev/$i ; LINE=$LINE `sudo hdparm -t /dev/$i | grep Timing | awk ' {... print $11 $12 } ' `; LINE=$LINE `sudo fdisk -l /dev/$i | grep Disk /dev/$i | awk '{ print $3 $4 }' | sed s/,//g `; echo $LINE $FILE ; done /code This is just weird in a coupla ways... 1. Why use sed to remove the /dev/ of the device name, then manually put it back every time you use it? 2. Why append output to $FILE line by line when you can just redirect the output of the for loop in one go? Steve - -- python -c print \\.join([ \\x79\x71\x6Du\056vgp\x40ae\142nr\.decode(\\x72o\164\x5F_13\)[i] for i in [1, 12, 9, 5, 13, 0, 4, 3, 5, 0, 0, 8, 11, 10, 7, 11, 9, 4, 9, 13, 6, 4, 9, 2] ] ) http://www.facebook.com/YellowOnion msnim:chat?contact=yellow_oni...@hotmail.com xmpp:yellowon...@jabber.org http://last.fm/user/Yellow-Onion/ https://launchpad.net/~daniel-hill -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqVjlkACgkQGplaCYOFvyuFigCeJil8PJMYL3g8u33z/LFDF85k 4XwAni/fb8LNg5TAtEr7RlgpJiSCEmRv =VOiP -END PGP SIGNATURE-
Re: Into the echoing silence
On Wed, 2009-07-22 at 15:40 +1200, Nick Rout wrote: Is there really some point to this? Just because no one posts to the list for a couple of days doesn't mean people have to prod the server. On Wed, Jul 22, 2009 at 2:28 PM, Roy Brittenroy.brit...@gmail.com wrote: ping I have lost about half a dozen posts over the last week or so.
RE: Linux and ModBus
Apart from threadjacking, what on? On Sat, 2009-07-11 at 21:17 +1200, Julian Warwick Bethell wrote: I need Help JB Computer Services Julian Bethell PC Technician 2/96 Wainui Street Riccarton Christchurch New Zealand tel: (03) 348-5875 mobile: +64211643666 computert...@paradise.net.nz http://computertech.dyndns.biz -Original Message- From: Andrew Sands [mailto:and...@theatrix.org.nz] Sent: Saturday, July 11, 2009 10:55 AM To: linux-users@it.canterbury.ac.nz Subject: Re: Linux and ModBus On Fri, 10 Jul 2009 21:22:16 you wrote: 2009/7/10 Andrew Errington wrote: There are so many levels in the 'stack' from Linux app to actually closing a relay. Where do you want to start? I'd like to sit down with someone who's done it and pick their brain over a few beers. My shout. Yuri Yuri, When and where for the beer. Google for any of the following. Comedi Classic ladder libmodbus otherwise suggest a suitable venue for the shout regards, Andrew
Re: all quiet on the clug front
On Wed, 2009-07-08 at 13:06 +0900, Andrew Errington wrote: In my opinion the kibi-, mibi-, and gibi- prefixes are lame. I think it's better to use the conventional kilo-, mega- and giga- prefixes, since they sound good, and to actually know what you are talking about. After all, these are not the only of homonyms in the English language. Oblig. Linux content: Err, my Mepis netbook's in my bag? A As a wrinkly geek, I'm obviously only interested in real GB's, but it's only a number, so if all the marketing geeks have gone for the highest up the wall and decided to use squillions of bytes, I don't really suppose it matters as long as they all use the same value of squillion... +1 for using execrebly in a clug post. (: Steve
Re: dodgy hd
On Tue, 2009-06-16 at 19:15 +1200, Volker Kuhlmann wrote: I don't believe this thread goes on for that long. You buy a toaster with 1y warranty and after 2 months half of it stops working. Is anyone stupid enough to ask whether to return it?!?? Volker If you go through the possible reasons for the superblock to get corrupted, then the causes are not limited to a hard disk failure. Apart from potential hardware issues elsewhere, there's configuration errors - overlapping partitions, human error - dd of=/dev/sda just for a couple of examples. Sure, it's almost certainly a disk failure, but there are other possible causes. Also, given the uphill fight you often get when not speaking Microsoft to suppliers, I think this thread is perfectly justified. As it happens, Dove are a pretty level headed supplier, and I've never had problems returning failures. Steve
Re: dodgy hd
On Tue, 2009-06-16 at 20:45 +1200, Volker Kuhlmann wrote: bold_statement reason=3 glasses of fermented grape juice Any Linux user spending real dosh on M$-only products for analysing disks instead of donating that to smartmontools does not deserve a free copy of smartmontools. /bold_statement Volker (amused) PS Did I say smartmontools? Hmmm let's take this machine and have a look... Warning: device does not support Error Logging Error SMART Error Log Read failed Smartctl: SMART Error Log Read Failed Warning: device does not support Self Test Logging Error SMART Error Self-Test Log Read failed Smartctl: SMART Self Test Log Read Failed Device does not support Selective Self Tests/Logging smartctl may be the answer... in a year or two. Not now.
Re: dodgy hd
On Tue, 2009-06-16 at 22:16 +1200, Volker Kuhlmann wrote: On Tue 16 Jun 2009 21:27:10 NZST +1200, Steve Holdoway wrote: PS Did I say smartmontools? Hmmm let's take this machine and have a look... The question was regarding a 120GB hard disk drive. There are none of those that don't support smart. It became the done thing around 10GB or so. Or in other words, there are no disk drives still under warranty that don't do smart. The fundamental problem you're sidestepping is that there is no standard and no requirement for a monitoring interface on disks storage. To quote from the smartmon faq, The raw SMART attributes (temperature, power-on lifetime, and so on) are stored in vendor-specific structures. Sometime these are strange. ( ain't that the case - smartctl reports one of my servers hdd temps between 60 and 65 degrees C - all 5 of them - when none of them are more than warm to the touch! But they're constant, except for slight seasonal changes which even seem to affect data centres worldwide ) Until there is a standard and requirement, you can't *guarantee* it will work or rely on the results. It'll *probably* work, there are plenty of cases where it plain doesn't work... like my SSD here - which is certainly under warranty, and, as you mentioned USB - which will become important soon when linux becomes the first OS to support USB 3. Until that time, smartmon is a really useful tool, but it's not the sole solution you make it out to be. Steve
Re: dodgy hd
On Mon, 2009-06-15 at 21:27 +1200, Jim Cheetham wrote: On Mon, Jun 15, 2009 at 6:59 PM, Volker Kuhlmannlist0...@paradise.net.nz wrote: Any disk with bad sectors within warranty goes back to maker. Period. Agreed, I received two 750GBs about three months ago (with consecutive serial numbers, sadly) and one has failed already, been straight back to the vendor and been replaced. Please tell me they weren't wd greens. I've had a 1TB fail within 5 minutes... in fact I've had more fail this year than in the last 10. It is questionable in this case whether it's a disk failure or not... it was the file system that fell apart and that's not *guaranteed* to be the disk at fault. Steve
Re: dodgy hd
On Tue, 2009-06-16 at 07:19 +1200, Jim Cheetham wrote: SAMSUNG HD753LJ s/n S13UJ1NQB01779 was the one that failed. Failure was more than just the filesystem, I was unable to read or write to the partition table. That comment was aimed at Barry, the OP who restored his filesystem using an alternate superblock and has had no problem since...
Re: dodgy hd
On Tue, 2009-06-16 at 08:14 +1200, Jim Cheetham wrote: Ah, OK. Down here in Dunedin I was probably too busy listening to the list of school closures due to snow, and didn't check the comment trail properly :-) -jim Heh - not here... yet (: Steve
Re: Internet shortages
On Sun, 2009-06-14 at 09:57 +1200, Ryan McCoskrie wrote: Does this sound familiar to anyone? Your router, network cards and ethernet cables are all in working order and all report that they are connected to each other and the internet but you can't actually access anything online? I've just reset the router and it's all working now but I'd like to know if anyone has had this problem recently (withen the last week) and knows what it is. DNS? try using opendns servers 208.67.222.222 and 208.67.220.220 and see if that fixes it...