|
Toiletbrush posted:If I want external clients or spammers to prevent using my SMTP server as relay, while being able to send from localhost to any host I want under any source address, I just need to set mynetworks_style=host, right?
|
# ¿ Mar 10, 2008 01:19 |
|
|
# ¿ May 10, 2024 03:33 |
|
Well you may have two problems... perhaps get things working by IP first to take BIND out of the equation. But the most obvious thing to me is that you have BIND configured to only listen on 127.0.0.1 Your other computer isn't going to be able to talk to it that way. Edit: and as for Shorewall, are you sure that IP forwarding is enabled in the kernel? Shorewall will do it for you if you have the right setting in shorewall.conf, otherwise you have to do it yourself and then set it permanently /etc/sysctl.conf. To check: code:
Alowishus fucked around with this message at 00:09 on Mar 22, 2008 |
# ¿ Mar 22, 2008 00:07 |
|
Sergeant Hobo posted:OK, that makes sense. I basically need to change it to listen on both itself and the external interface then? Anyway... change your listen-on and allow-recursion directives to include your internal IP, like: code:
Alowishus fucked around with this message at 00:38 on Mar 22, 2008 |
# ¿ Mar 22, 2008 00:36 |
|
Sergeant Hobo posted:So I ended up trying dnsmasq and it worked. Don't know what was going on but as long as it works. Thanks for all the help.
|
# ¿ Mar 23, 2008 17:32 |
|
Kidane posted:Secondly, and this one is really stupid but -- I just installed postfix and I in the process of configuring it but I noticed it's not listening on ports 110 or 143. Do I need to install a separate POP or IMAP server? [1] In a default Postfix install, its local component is doing the delivery, and that's where your .forward magic is happening. If your goal is to deliver everything to procmail anyway, you can reconfigure Postfix to use procmail directly and skip the extra .forward step. It's up to you, but thought I'd mention it... check the "mailbox_command" directive in main.cf if you're interested.
|
# ¿ Mar 25, 2008 16:52 |
|
Snozzberry Smoothie posted:I'd like some help with SSH. I want to give SCP access to a co-worker so that she can access her files on the Debian servers from home, but I'm a little concerned about security. How can I configure SSH on her account so that she cannot browse outside of her home directory? Logging into her account, I can go to the parent directory, and while most of the files have access denied, she can still view directories. What files are you concerned about? If it's other users' homes, you can stop that by ensuring all directories under /home are 700, though this could potentially break Apache or any other daemon that serves content out of users homes (a workaround to this is to add Apache's user to each person's group). If it's general configuration stuff under /etc, you may not have a choice. If it's private configuration stuff under /etc such as passwords in config files or SSL keys, you should probably take a deeper look at your permissions setup. Of course you can always use FTP since it's easier to chroot, and if security is critical that can be done over SSL.
|
# ¿ Mar 26, 2008 03:17 |
|
Well to be fair, Snozzberry isn't using it as a protective shield from hackers... he just wants to give a user scp access without the potential for casual poking around. Seems like the script he found will do the trick... Surely it'd be a different story on a shared hosting server with shell access. Edit: I think the built-in OpenSSH functionality comes in 4.8 when it's released.
|
# ¿ Mar 26, 2008 16:20 |
|
rugbert posted:Hey Alowishus, have any suggestions for adding search functionality behind zope?
|
# ¿ Mar 26, 2008 21:03 |
|
rugbert posted:Our clients want a search feature on their web page and our web guy is out for a while. So now Im in charge of website maintenance too :\ I was thinking of just telling them to use the Google Enterprise search app. Or ht://dig or one of sixteen other open source crawlers.
|
# ¿ Mar 27, 2008 17:29 |
|
rugbert posted:actually we cant use web crawlers so Im gunna have to do some back end stuff, could you point me into the right direction? Docs here in the Zope book.
|
# ¿ Mar 27, 2008 23:26 |
|
Feral Integral posted:find /Music -name *.mp3 | scp user@backupserver:~/music Second problem is that your MP3 files probably have spaces in them, so you'll need to account for that with find. Third problem is that you're only piping a big chunk of text to scp... it doesn't know that it's supposed to be a list of files to copy. You need xargs for this. Here's what it should look like: code:
Rsync is still probably the better approach but thought I'd help with the method you were trying too. Do realize that this will effectively "flatten" any directory structure you had in your /Music folder when it reaches the backup server.
|
# ¿ Mar 30, 2008 18:41 |
|
rugbert posted:the zope site is retarded. the server we inherited doesnt have zcatalog installed. But I cant find a link to download it anywhere, ive searched all over their CVS to no avail. Were you expecting some sort of external utility? It should just be available as an object in the "Select type to add..." dropdown in the ZMI.
|
# ¿ Apr 1, 2008 17:01 |
|
And you'll appreciate DeltaCopy for your Window rsync setup... much easier than dealing with Cygwin and you get a (clunky) GUI in the deal.
|
# ¿ Apr 8, 2008 01:07 |
|
Overture posted:I have googled the bounce messages in /var/log/mail.log to no avail. Here is an example:
|
# ¿ Apr 8, 2008 01:14 |
|
Korthing posted:Bash also provides the 'disown' command, it works similiar to nohup, but you can bg a running process and then 'disown' it from your terminal.
|
# ¿ Apr 8, 2008 16:09 |
|
Jimmy Carter posted:however, no matter what I put in for --newer-than, it still wants to download every file.
|
# ¿ Apr 10, 2008 06:52 |
|
jason posted:Is any info dumped to disk when a kernel panic occurs? One of my RHEL3 servers crashed this morning but I wasn't in the office so I couldn't read the message on the console. Anyway, this RedHat magazine article goes through the whole process... if your system was already configured then maybe you have something to work with, and if not then at least you can do the configuration so that next time it panics you will get something.
|
# ¿ Apr 11, 2008 15:08 |
|
Hmm not quite sure what's going on with that easycam website, but it doesn't look like that it's set up to distribute a source package. If you want to build it yourself it looks like you're pretty much on your own... you'll need to use a tool like 'wget' to suck down the contents of http://blognux.free.fr/sources/EasyCam2/04032006_19:49/ which appears to be the latest source update. It may still not work if the author didn't test compliation on non-x86 architectures, but I suppose it's worth a try.
|
# ¿ Apr 13, 2008 17:01 |
|
Harokey posted:What's the best file system for this set up? I had been using ext3, but It has gotten corrupted so many times now if the power goes out or something like that. Would XFS be better? How do you mean corrupted? Just that it had to go through a lengthy re-check upon boot? Or did you have actual data loss? If you're only talking about occasional power failures and your complaint with ext3 was that it took too long to do a full re-check for consistency, then yes XFS is an excellent alternative. It's no less likely to get corrupt, but it will fix itself up more quickly. If you are expecting regular power failures, then actually your best choice *is* ext3, but with the optional full data journaling turned on. This will slow your write performance somewhat, but it will cause every bit of data that gets written to the disk to be journaled, and thus make it recoverable (or reversible) without risk of corrupt files or long re-check times. As far as I know, ext3 is the only filesystem for Linux that can do full data journaling. quote:Also how should I mount it? I had just entered in the fstab, is there some better way ?
|
# ¿ Apr 16, 2008 05:35 |
|
fletcher posted:I'm a little confused on how to setup directories/permissions for apache. I'd like to login to my server as user fletch, and have all my virtual hosts in directories like ~/www/domain.com/. Apache runs as user apache group apache though, so I get a 403 no permission when I try to go to domain.com. This goes away if I chown -R apache.apache the directory, but I don't want to do that.
|
# ¿ Apr 17, 2008 00:22 |
|
calandryll posted:I am currently trying to configure CUPS on a fresh install of Hardy server. I'm trying to have my server act as a print server also. I keep getting a lot of time outs when trying to configure my printers using the web interface. Is there a command line stuff I can use for it?
|
# ¿ May 3, 2008 06:48 |
|
Twlight posted:While this is some time out, I'd figure that I should learn more about linux mail systems. I might have to build one for work at some time and having one built and running on my home pc might be something id use as well. Where should I go about learning the in/outs of a particular program? I've been reading about postfix and it seems pretty good. I'd like to get calendar integration too, but at a much lower priority, as well. Where should I begin to search? So, if you're interested in the inner workings of mail, then it's probably best to just take a clean install of something like CentOS or Ubuntu Server and start fiddling with some of the above components. However, if you're more interested in the end-product of having a functioning mail server, then throw all of the above out and just learn how to install and administer Zimbra. It's basically a turnkey mail system that puts all of the above components together for you, takes care of the integration, and slaps a very nice web interface on top.
|
# ¿ May 6, 2008 17:35 |
|
H0TSauce posted:I tracked it back to a PHP configuration option that has --without-pear set.
|
# ¿ May 6, 2008 21:39 |
|
J. Elliot Razorledgeball posted:I want to mount a samba share on startup by using fstab, but it doesn't work because the network gets brought up after fstab is run. This is on Fedora Core 7. To make sure it runs at startup, 'chkconfig netfs on'. If it still doesn't mount then yeah there may be a formatting problem in your fstab...
|
# ¿ May 10, 2008 20:11 |
|
rugbert posted:Is there a way to adopt one package management system for another? If Im going to get a laptop I should probably install Ubuntu. I hate apt-get tho, is there anyway of uninstalling it and using yum??
|
# ¿ May 15, 2008 16:54 |
|
blitrig posted:How would I go about starting KDE via SSH, log into it via VNC, do my stuff, and then shut it down again via SSH?
|
# ¿ May 22, 2008 20:51 |
|
Kenfoldsfive posted:So clearly this has been deposited somewhere other than .config, and rather than trudge through my entire /usr/src/ directory Indiana Jones-style I thought I'd ask you guys for help. My sanity will thank you.
|
# ¿ Jun 5, 2008 05:00 |
|
Grigori Rasputin posted:Any idea how I can blow these files away?
|
# ¿ Jun 5, 2008 05:03 |
|
No, software RAID in Linux on any modern CPU should have a minimal if any performance hit. TheGreenBandit, what does your disk controller layout look like? Are these SATA or IDE drives? If SATA, are they configured as AHCI? Give us more hardware details...
|
# ¿ Jun 16, 2008 21:51 |
|
You can always 'cat /proc/mdstat' to see what the RAID is up to
|
# ¿ Jun 17, 2008 01:15 |
|
Do you need local GUI, or just GUI via VNC? Remember that a headless server can run remote VNC sessions... so if possible, save your memory by not running X on the server's display. Also be sure your app works on a more recent distribution... if it's old enough to list kernel 2.2 and glibc 2.1 as its requirements, a 2.6 kernel and glibc 2.5 might piss it off. Assuming it's happy with modern distros, I'd probably try Debian. A basic install can be done from one CD, and then you can add KDE and stuff through apt. Fedora 9 is going to be tight.
|
# ¿ Jun 25, 2008 17:35 |
|
aunaturale posted:I have me a laptop at PII 187 mhz 192 MB of ram. Currently running Win XP Pro.
|
# ¿ Jul 1, 2008 07:45 |
|
I'd add DenyHosts to the equation. It's perfect if you are going to be accessing SSH from enough potentially different IPs that using tcpwrappers is impractical... you can set it so that ~3 unsuccessful login attempts from any IP will get that IP blocked automatically. That plus good passwords and you should be in excellent shape.
|
# ¿ Aug 7, 2008 07:21 |
|
trilljester posted:Also, what's the consensus here about KDE4? I've heard good and bad things about it. Mainly that 4.1.0 is not fully ready for use.
|
# ¿ Aug 18, 2008 20:29 |
|
If you're looking to do Linux related stuff in large corporate environments, CentOS is your best choice as it's just RedHat Enterprise Linux minus the support contract. Generally the networking tools are the same across distros, but if you have to get into configuring things like VLANs then the techniques become distro-specific, and knowing something RedHat-based will be most helpful.
|
# ¿ Aug 23, 2008 03:35 |
|
Steppo posted:Is using symbolic links habitually a good practice? If not, would using it in this case be an exception? I doubt that there's enough demand on these documents to create some creepily absurd CPU overhead, with links going this way and that, and it does seem to be the most secure method, shy of FIXING THE MOTHERFUCKING CODE.
|
# ¿ Sep 4, 2008 14:54 |
|
Super Sekret Way To Figure Out Distribution And Version On Most Modern Linux Installs code:
The best thing is that you don't even have to have a vague guess about your distribution, since it abstracts all the /etc/*release|version* crap. Witness: code:
|
# ¿ Oct 6, 2008 21:52 |
|
Kane posted:ADOPT ME
|
# ¿ Dec 7, 2008 18:23 |
|
StrikerJ posted:Most new graphics cards can handle hardware decoding of things like mpeg2, mpeg4 and h.264 with a very low CPU useage, but from what I understand this isn't possible in Linux because of some driver issue? Is that correct and in that case, is it something that will be fixed? quote:Is the situation the same for all the hardware makers (Nvidia, ATI, Intel)? I guess I haven't really grasped the problems Linux usually seem to have with 3d acceleration. Is it because the vendors doesn't provide any drivers or just not open source drivers?
|
# ¿ Dec 19, 2008 08:11 |
|
|
# ¿ May 10, 2024 03:33 |
|
Jo posted:I'd like to toss a liveCD onto my new machine (Euclid) and pass the extra cycles to Gauss for when I'm running gcc, digest, or rendering stuff.
|
# ¿ Jan 13, 2009 08:58 |