Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-15 Thread Michael Stevens

On Sun, Jan 14, 2001 at 11:26:28PM -0500, Mark Rogaski wrote:
 It's also sheer idiocy to pipe arbitrary code from an untrusted, unverified
 source directly to the shell.

How is it less secure than downloading a tar file and typing ./configure?

Admittedly you *could* check several meg of source for trojans, but I
don't believe you *do*.

Michael



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-15 Thread David H. Adler

On Mon, Jan 15, 2001 at 10:42:34AM +, Steve Mynott wrote:
 "David H. Adler" [EMAIL PROTECTED] writes:
  
  Oh, you're much too kind.  My redhat box is disintigrating before my
  very eyes.  root partition filled up for no reason and, thus I looked
  at the partition table:
  
  /
  /boot
  /home
  
  With home being the largest.
  
  What *were* they thinking when they configured this?
 
 I don't think you can really blame the distribution (which allows you
 to partition the disk how you want) for someone partitioning the disk
 wrongly.

Except that the box came to me like this.  I intend to rectify this in
a bit by scaping red hat off with a large trowel and installing
something useful, but I'm still trying to figure out why *anyone*
would partition it this way... :-/

dha

-- 
David H. Adler - [EMAIL PROTECTED] - http://www.panix.com/~dha/
There are 6 billion people in the world, and only 30 billion of those
are Canadians   - Headline in the Toronto Globe and Mail



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-14 Thread Steve Mynott

David Cantrell [EMAIL PROTECTED] writes:

 Yeah, I know, but then I compile plenty of stuff from scratch rather than
 rely on RPMs.  The real reason I haven't switched is because it's really

The drawback with 'make install' from source is that it doesn't write a
database of files owned by that source package which is the great
advantage of binary packages.  So you can't use do 'make uninstall' to
cleanly remove the program if you don't like or use it.  This is
basically what the *BSD ports system does.

It should be possible to write some wrapper for GNU configure to add a
'make uninstall' to the Makefile.  In the absence of this I usually
type 'script' to log whats installed at the 'make install' stage..

 *nasty* trying to switch from one distro to another without a) losing
 valuable config data and b) ending up with a ton of unused junk on the disk

The way to handle UNIX configuration files is like software and use
RCS.  On every system you can then type one command 'locate ,v' to see
all your local changes.  You can then systematically port config
changes to the new distribution.

 which is nigh-on impossible to tell apart from stuff that's in use.

It's a one liner to display files that haven't been used in the last
three months using 'find -atime'.  Other advantage of binary package
managers is you can then go ahead and delete large chunks of your OS
that you never use and it should warn you if it breaks other stuff.

-- 
1024/D9C69DF9 steve mynott [EMAIL PROTECTED]

if we knew what it was we were doing, it would not be called research,
would it?  - albert einstein



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-14 Thread Paul Makepeace

On Sun, Jan 14, 2001 at 05:01:55AM +, Shevek wrote:
 I had always committed to the nature of Unix being that one does end up
 with a pile of stuff on disk which one doesn't use.

for i in etc usr; do
find /$i -mount -type f -atime +60 | perl -lne unlink;
done

:-)

 The point is that this
 doesn't matter.

There are some downsides: if you have have old binaries that
have slipped out of the upgrade/patch cycle you are looking at
a potential security risk. I have thought in the past "1GB is
*bound* to be a big enough /usr!" and when I hit 85% utilisation
have to look at upgrading my disk, faffing with extra mounts
or a suffering performance hit. Or clearing it all up.

 I bet you have libc5 and libc6 installed...

# dpkg -l | grep libc[56]
ii  libc6  2.2-1  GNU C Library: Shared libraries and Timezone
[snip other shit]
#

Paul



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-14 Thread David H. Adler

On Sat, Jan 13, 2001 at 05:19:18PM -0600, Paul Makepeace wrote:
 On Sat, Jan 13, 2001 at 03:05:48PM +, Michael Stevens wrote:
  start type="holy_war"
  Or, more sensibly, debian.
  
  apt-get install foo
 
 It continues to amaze me that people still use Red Hat. It's
 just a pile of marketing driven crap.

Oh, you're much too kind.  My redhat box is disintigrating before my
very eyes.  root partition filled up for no reason and, thus I looked
at the partition table:

/
/boot
/home

With home being the largest.

What *were* they thinking when they configured this?

dha, g.

-- 
David H. Adler - [EMAIL PROTECTED] - http://www.panix.com/~dha/
"Last year in Oregon, Summer fell on a *tuesday*.  That was it.  One
day.  Big shiny thing in the sky.  Some people thought it was a UFO."
- Randal Schwartz in comp.lang.perl.misc



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-14 Thread David H. Adler

On Sun, Jan 14, 2001 at 11:26:28PM -0500, Mark Rogaski wrote:
 An entity claiming to be David Cantrell ([EMAIL PROTECTED]) wrote:
 : 
 : It's more than cute.  It's *BRILLIANT*.  The user doesn't even have to
 : know what computer they have.  Whilst they only support a couple of
 : combinations of architecture and OS in that script, it would be pretty
 : damned trivial to have it support a few Linux distros, Solaris, *BSD
 : and MacOS X.
 : 
 
 It's also sheer idiocy to pipe arbitrary code from an untrusted, unverified
 source directly to the shell.


But it's so much fun!  Well, on someone else's shift, anyway...

:-)

dave, just kidding, in case there was some question...

-- 
David H. Adler - [EMAIL PROTECTED] - http://www.panix.com/~dha/
"You can't give a 4 to truth." - Saul Williams



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-13 Thread Michael Stevens

On Sat, Jan 13, 2001 at 02:53:57PM +, David Cantrell wrote:
  Surely, then, rpm should have the ability to install and fetch
  dependencies from the network automagically? 
 Yes it should.  It doesn't.  Which is why Helix's installer is so much
 easier to use.

start type="holy_war"
Or, more sensibly, debian.

apt-get install foo

already knows how to fetch foo from the network and install, grabbing
any required dependencies.

I even hear you can use it with rpms these days.

Michael



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-13 Thread David Cantrell

On Sat, Jan 13, 2001 at 05:19:18PM -0600, Paul Makepeace wrote:

 It continues to amaze me that people still use Red Hat. It's
 just a pile of marketing driven crap. Debian is so far superior
 it hurts watching people struggle with RPMs.

Yeah, I know, but then I compile plenty of stuff from scratch rather than
rely on RPMs.  The real reason I haven't switched is because it's really
*nasty* trying to switch from one distro to another without a) losing
valuable config data and b) ending up with a ton of unused junk on the disk
which is nigh-on impossible to tell apart from stuff that's in use.

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

  Any technology distinguishable from magic is insufficiently advanced



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-13 Thread Shevek

On Sun, 14 Jan 2001, David Cantrell wrote:

 rely on RPMs.  The real reason I haven't switched is because it's really
 *nasty* trying to switch from one distro to another without a) losing
 valuable config data and b) ending up with a ton of unused junk on the disk
 which is nigh-on impossible to tell apart from stuff that's in use.

I had always committed to the nature of Unix being that one does end up
with a pile of stuff on disk which one doesn't use. The point is that this
doesn't matter. Unless you're upgrading something every day or every week,
the junk pile-up on a production server won't do much more than double or
treble the hard disk usage of the OS, which will be small compared to the
user data, and is still in a small order of magnitude.

I bet you have libc5 and libc6 installed...

It's still smaller than win2k...

S.

--
Shevek
I am the Borg.
sub AUTOLOAD { ($s=$AUTOLOAD)=~s/.*:://; eval qq{ *$AUTOLOAD=$s
?sub {$s*{$s-1}} :sub {1}; }; goto $AUTOLOAD; } print {'4'}; 




Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread Aaron Trevena


Following  the interest in rope/pope, etc perhaps it would be an idea for
some of the more perl / oss oriented companies in london (or wherever) to
agree to take part in the project on a semi official basis - much of what
the work that the london and UK companies do is replicated because of lack
of comunications and worry over company secrets and competition.

If a handful of london companies can put together a press release saying
that they are supporting or backing the project with time, money, services
in lieu, etc then it would be a publicity coup and get the ball rolling.

A.

-- 
A HREF = "http://termisoc.org/~betty" Betty @ termisoc.org /A
"As a youngster Fred fought sea battles on the village pond using a 
complex system of signals he devised that was later adopted by the Royal 
Navy. " (this email has nothing to do with any organisation except me)






Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread Greg McCarroll

* Aaron Trevena ([EMAIL PROTECTED]) wrote:
 
 Following  the interest in rope/pope, etc perhaps it would be an idea for
 some of the more perl / oss oriented companies in london (or wherever) to
 agree to take part in the project on a semi official basis - much of what
 the work that the london and UK companies do is replicated because of lack
 of comunications and worry over company secrets and competition.
 
 If a handful of london companies can put together a press release saying
 that they are supporting or backing the project with time, money, services
 in lieu, etc then it would be a publicity coup and get the ball rolling.
 

the first thing they could offer to do is to host the final rpms/tar.gz's

what about the actual mechanics of putting rope together? i'm assuming
we'd create a /usr/local/Rope, build the latest stable perl in there,
then configure apache for mod_perl etc and install it under there as 
well, the the other modules.

finally is it enough to simply tar.gz /usr/local/Rope and tag it
with the architecture details

we would probably need some final install program to be run, that
would handle the local details of the system - such as what user
to run apache as

comments? suggestions?

-- 
Greg McCarroll  http://www.mccarroll.uklinux.net



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread David H. Adler

On Fri, Jan 12, 2001 at 02:16:15PM +, Andy Wardley wrote:
 Said I:
  In all fairness, I have to say that mailman is an *excellent* mailing
  list manager.
 
 Said David H. Adler:
  So why haven't you reimplemented it in perl?  :)
 
 Are you sitting comfortably?   :-)
 
 Because the tools aren't yet in place to allow me to do it
 within a truly flexible and generic application framework.

[snip lengthy discussion of how to do this]

Ah.  I won't bother trying, then.  :-)

dha

-- 
David H. Adler - [EMAIL PROTECTED] - http://www.panix.com/~dha/
Also know as the first rule of finance:
"Don't run out of money".
   - Tony Bowden



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread Aaron Trevena

On Fri, 12 Jan 2001, Greg McCarroll wrote:
 what about the actual mechanics of putting rope together? i'm assuming
 we'd create a /usr/local/Rope, build the latest stable perl in there,
 then configure apache for mod_perl etc and install it under there as 
 well, the the other modules.

A directory structure that is documented and standardised accross
platforms would make life a little easier.
 
 finally is it enough to simply tar.gz /usr/local/Rope and tag it
 with the architecture details

we need *secure* skeleton / sample applications (preferably configureed
during installation or optionally not installed rather than use out of the
box p/words and users like every CMS on the market ).

 we would probably need some final install program to be run, that
 would handle the local details of the system - such as what user
 to run apache as

Configuration. Decent configuration to cope with multiple virtual domains,
specifying paths ffor core handlers, etc.

Also good guide and documentation. So that A moderately good developer
(not necessarily perl) can get the package and get started without
spending 100 quid on ora books. (of course they ought to do that anyway
but they shouldn't need to).

A.

-- 
A HREF = "http://termisoc.org/~betty" Betty @ termisoc.org /A
"As a youngster Fred fought sea battles on the village pond using a 
complex system of signals he devised that was later adopted by the Royal 
Navy. " (this email has nothing to do with any organisation except me)






Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread Steve Mynott

Greg McCarroll [EMAIL PROTECTED] writes:

 finally is it enough to simply tar.gz /usr/local/Rope and tag it
 with the architecture details

No you would want to build packages (.deb, .rpm and BSD and Solaris
packages) of rope for a "binary" type install as well as supplying a
"source" tar which works with make, make install.
 
-- 
1024/D9C69DF9 steve mynott [EMAIL PROTECTED]

as far as the laws of mathematics refer to reality, they are not certain;
as far as they are certain, they do not refer to reality. --albert einstein



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread David Cantrell

On Fri, Jan 12, 2001 at 07:06:00PM +, Steve Mynott wrote:

 No you would want to build packages (.deb, .rpm and BSD and Solaris
 packages) of rope for a "binary" type install as well as supplying a
 "source" tar which works with make, make install.

The installation method used by Helix is very nifty.

lynx -source http://go-gnome.com/ | sh

And that's it.

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david

  Any technology distinguishable from magic is insufficiently advanced



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread Paul Makepeace

On Fri, Jan 12, 2001 at 08:28:25PM +, David Cantrell wrote:
 lynx -source http://go-gnome.com/ | sh

That's cute!

If you wanted to use Perl;

# `GET http://go-gnome.com`

: )

Paul



Re: Mailman in Perl (Re: the list is dead, long live the list)

2001-01-12 Thread Aaron Trevena

On Fri, 12 Jan 2001, Paul Makepeace wrote:

 On Fri, Jan 12, 2001 at 08:28:25PM +, David Cantrell wrote:
  lynx -source http://go-gnome.com/ | sh

that would rock.

also what would be very valuable would be the ability to install from one
config for a cluster or synchronise config changes (using a version
control system of course).

A.

-- 
A HREF = "http://termisoc.org/~betty" Betty @ termisoc.org /A
"As a youngster Fred fought sea battles on the village pond using a 
complex system of signals he devised that was later adopted by the Royal 
Navy. " (this email has nothing to do with any organisation except me)