logcheck oddity
I am using stable for a small personal server. I have postfix
copying all my incoming Email to a file /var/log/mailcopy/chris.mail
as a belt and braces check I get things and to enable me to use
hypermail to create a useful archive of it.
I wanted to rotate that file using logcheck and created a file
/etc/logrotate.d/chrismail:
"/var/log/mailcopy/chris.mail" {
rotate 7
daily
create
missingok
}
That didn't do anything so logged in as root I tried logrotate -d
chrismail which said the file didn't need rotating. So I tried
logrotate -d -f chrismail which said it did everything, all the file
copying etc. and the creation of the new file ... but it didn't.
I've tried that several times with same result.
savelog, interestingly, seems to work fine. /var/log/mailcopy is
world readable and executable and owned and grouped to root.
/var/log/mailcopy/chris.mail is owned and grouped to postfixe (my
user for postfix) and owner and group rw and world r permitted.
I must be looking straight through something, I've read the excellent
man entry for logrotate backwards and forwards and can't see it and
logrotate seems to be continuing to do its duty fine by everything it
should in /var/log
Anyway any ideas?
TIA,
Chris
PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling
and Therapeutic Communities; practice, research,
teaching and consultancy.
Chris Evans & Jo-anne Carlyle
http://psyctc.org/ Email: [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: logcheck oddity -- actually logrotate oddity!
On 2 Mar 2003 at 11:27, Martin Kacerovsky wrote:
> > I wanted to rotate that file using logcheck and created a file
>
> I think you mean logrotate and not logcheck, logcheck is a tool used
> to periodic checking of log files and generating e-mail messages about
> unusual events or possible security violations.
Oh dear, mea culpa, brown paper bag on head -- I did, of course, mean
logrotate and had just been adding a few lines to logcheck.ignore
coincidentally and am clearly demeting.
> > /etc/logrotate.d/chrismail:
> >
> >
> > "/var/log/mailcopy/chris.mail" {
> > rotate 7
> > daily
> > create
> > missingok
> > }
>
> That should work fine.
I thought so too!
> > That didn't do anything so logged in as root I tried logrotate -d
> > chrismail which said the file didn't need rotating. So I tried
> > logrotate -d -f chrismail which said it did everything, all the file
> > copying etc. and the creation of the new file ... but it didn't.
> > I've tried that several times with same result.
>
> What do you mean, it didn't anything, how many days?
I've only tried it today but it said it had copied chris.mail to
chris.mail.1 and created new log file ... and it simply hadn't, not
at all, no way, nothing changed, nada ... despite running that
several times with same message sequence to console
> > savelog, interestingly, seems to work fine. /var/log/mailcopy is
> > world readable and executable and owned and grouped to root.
> > /var/log/mailcopy/chris.mail is owned and grouped to postfixe (my
> > user for postfix) and owner and group rw and world r permitted.
>
> savelog works everytimes you run it, that means rotates, compresses,
> but logrotate checks the date ... My experience with it is that after
> first day it does nothing, second day it creates .0 and third
> day begins to compress. As far as I remember...
Aha -- that would explain it. Odd that it gives those console
messages though. Now I've used savelog things may be different but I
was only using savelog as a one off from the console so I'll see what
happens when logrotate runs from cron tomorrow. Thanks.
Thanks. Look for more postings in a day or so if it doesn't improve
... or to clarify things if it does!
C
PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling
and Therapeutic Communities; practice, research,
teaching and consultancy.
Chris Evans & Jo-anne Carlyle
http://psyctc.org/ Email: [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Help with VIA EPIA-CL mini-ITX with two onboard ethernet ports
Ho hum, do hope I haven't got myself ahead of Debian hardware compatibility. Situation is that I have to replace an ageing three port firewall on my home/ADSL network. I wanted something small and quiet so have bought a little box with a VIA EPIA-CL mini-ITX motherboard which has two ethernet ports. The manual says: "LAN: dual LAN VIA VT6105 LOM 10 / 100 Base-T Ethernet VT6103 PHY" to provide the third port the suppliers had put in an SMC 1255 TX-PF PCI ethernet card. Debian stable boot disks (compact version) showed "eth0 VIA VT6102 Rhine-II at 0xc800, 00:40 rest of MAC, IRQ 12 MII PHY found at address 1, status 0x78?? [can't read own handwriting] advertising 05e1 Link " and when I took the SMC card out and rebooted I think things changed and dmesg now shows: "3c59x.c 18Feb01 Donald Becker and others ... pcnet32.c: PCI bios is present, checking for devices... via-rhine.c:v1.08b-KL1.01.1 12/14/2000 Written by Donald Becker http://www.scyld.com/network/via-rhine.html"; However, when I get to the installation of network drivers in the Debian installation sequence, I select the via-rhine drivers and offer no parameters and get: "/lib/modules/2.2.20-compact/net/via-rhine.0: init_module: Device or resource busy" ... and the rest of the failure notice. Has anyone succeeded in installing the network drivers on this motherboard? It's moderately crippling to me at the moment as the machine (silly me) hasn't got a CDROM as I've never had problems with the floppy and network installation route in the past. TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
installing cdwriter with ide-scsi
I am failing to make a new IDE CD-writer work on a good stable Debian server and feel I'm out of ideas. Reading threads on this and other lists and FAQs and HOWTOs, many dating back way before my kernel, is taking further astray I think so a big plea for help. I've given as much detail as I can below but I'm also happy for anyone who has got this working with stable and 2.4.18 kernel to ignore what follows and just lob in suggestions that I'll explore! Thanks, Chris P.S. Here's the detail on the system: Machine is K6 with a bunch of scsi and IDE drives of varying ages. Version is woody up to date with major security upgrades etc. and running kernel 2.4.18-1-k6. I've added: append="hdc=ide-scsi" and run /sbin/lilo and IDE channel 2 which was working fine with an old IDE drive that I've dumped now has only the brand new AOPEN cdwriter and finds it fine as kern.log shows: Oct 25 18:50:04 www kernel: Kernel command line: auto BOOT_IMAGE=Linux ro root=801 hdc=ide-scsi Oct 25 18:50:04 www kernel: ide1: BM-DMA at 0xf008-0xf00f, BIOS settings: hdc:pio, hdd:pio Oct 25 18:50:04 www kernel: hdc: AOPEN 52X24X52 CD-RW 1.07 20030404, ATAPI CD/DVD-ROM drive Oct 25 18:50:04 www kernel: ide-cd: ignoring drive hdc I'm invoking ide-scsi with this in /etc/modutils: # First (as per debian-user list traffic) # get the ide-cd drive not to latch onto /dev/hdc options ide-cd ignore=hdc # # # set up an alias for /dev/scd0 to load sr_mod alias scd1 sr_mod # # # Now get ide-cd followed by ide-scsi loaded before the scsi drivers pre-install sg modprobe ide-scsi pre-install sr_mod modprobe ide-scsi pre-install ide-scsimodprobe ide-cd and I ran update-modules and lsmod now shows: Module Size Used byNot tainted isofs 24064 0 (autoclean) ip_nat_irc 2336 0 (unused) ip_nat_ftp 2912 0 (unused) iptable_nat12820 2 [ip_nat_irc ip_nat_ftp] ip_conntrack_irc2432 0 (unused) ip_conntrack_ftp3168 0 (unused) ip_conntrack 12756 3 [ip_nat_irc ip_nat_ftp iptable_nat ip_conntrack_irc ip_conntrack_ftp] iptable_filter 1728 0 (autoclean) (unused) ip_tables 10368 4 [iptable_nat iptable_filter] ide-disk6560 2 (autoclean) ide-probe-mod 7968 0 (autoclean) sr_mod 11800 0 st 25812 0 (unused) sg 27940 0 smc-ultra 5024 1 83905952 0 [smc-ultra] isa-pnp27784 0 [smc-ultra] ide-scsi7424 0 ide-cd 26048 0 cdrom 27072 0 [sr_mod ide-cd] ide-mod 129036 2 [ide-disk ide-probe-mod ide-scsi ide-cd] rtc 5368 0 (autoclean) ext2 30304 6 (autoclean) sd_mod 10428 10 (autoclean) ext3 56224 0 (autoclean) jbd34840 0 (autoclean) [ext3] aic7xxx 103648 5 (autoclean) scsi_mod 84792 6 (autoclean) [sr_mod st sg ide- scsi sd_mod aic7xxx] unix 13316 101 (autoclean) (I've listed it in full as I think there may be too many ide handlers there.) The old (defective) scsi-cdwriter still loads fine and reads CDs fine but cdrecord can't see the ide one. cdrecord -scanbus shows only the true scsi devices and cdrecord -v dev=ATAPI: -scanbus gives: Cdrecord 1.10 (i686-pc-linux-gnu) Copyright (C) 1995-2001 Jörg Schilling TOC Type: 1 = CD-ROM WARNING: device not valid, trying to use default target... scsidev: 'ATAPI:' devname: 'ATAPI' scsibus: 0 target: 6 lun: 0 cdrecord: No such file or directory. Cannot open 'ATAPI'. Cannot open SCSI driver. cdrecord: For possible targets try 'cdrecord -scanbus'. Make sure you are root. cat /proc/scsi/scsi only shows the true SCSI devies cat /proc/scsi/ide-scsi/1 (the only file there) shows only a standard strapline (I guess): SCSI host adapter emulation for IDE ATAPI devices I'm baffled. PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
two ethernet ports on one PCI NIC?
I run a small postfix/ecartis Email list service (double opt in) for some charities. My firewall is due to be replaced and I'd like to go for one of these new tiny, very quiet boxes since the old things I've got do create a great racket in my study and take up space. All the tiny boxes I'm considering have one ethernet port on the motherboard but only one PCI slot. Anyone know of a reliable dual ethernet NIC for PCI that has linux drivers (Debian tested ideally)? TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
advice on a portable
Anyone spare a moment to recommend a good portable on which to run Debian? I am changing jobs to a split job and can order a portable. I do research support as well as psychotherapy (weird huh?!) and am transferring from windoze/M$ to Debian. I will have to retain a dual boot on the machine and it will need to run stats packages (R/Xlispstat under Debian) as well as TeX etc, etc. I am thinking in terms of a fairly high spec. machine with a large disc, perhaps ideally the option to put another disc in. It'll need a CDROM and ideally some SCSI connection for tape/zip/scanner. It'll also need to take a modem and ethernet connector (probably simple 10Mbit UTP cabling onto a TCP/IP Windoze NT network in at least one site). I'm not to worried at weight, would like a reliable 1-2 hours of usable battery life but shouldn't often have need of more than that. I'd like an XGA screen/graphics card but don't know how Debian/XFree compatible those are at the moment. Bear in mind that I'll be buying in the UK so smaller USA companies are probably not going to be available. Who'll put in a recommendation and/or a veto? TIA Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
New install of Hamm 2.0.10_1998-07-21
I am installing Hamm anew on a machine that I had managed to get Bo on (but only recently so I had nothing much to lose by zapping it). Everything seems to go fine. I have reinitialised all the drives with the bad block checking and done the full install. When it comes to the final reboot everything seems to run fine including checking the drives and the root filesystem says it's loaded. Then I get: INIT: version 2.75 booting INIT: No inittab file found Enter runlevel: If I enter 3 I get: INIT: Entering runlevel: 3 INIT: no more processes left in this runlevel and the machine is locked up, dead! No other consoles, no nothing. I've done the whole thing twice with the same result. The only other oddity I can see both times is that the driver installations all give a quick messages saying something like "root: no such user" before reporting the installation and its success. Any thoughts, advice, commiserations? TIA Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
Ignore: New install of Hamm 2.0.10_1998-07-21
An hour or so ago my moron self sent a message to the list that started: I am installing Hamm anew on a machine that I had managed to Scrap it -- sorry! I was being dumb and mounted a drive as /etc when I meant to mount it as /home. I presume that /etc has to be on the root drive. Things seem fine now! Sorry! Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
newbie Q2: recompiling kernel for SMP
2nd newbie question: I know I have to change one line in the makefile to get a comment hash removed to reveal smp=1 to get my kernel makefile ready to recompile the kernel for my twin pentium machine in SMP mode. The catch is that I don't want to mess this up. Please would someone tell me exactly what I need to do to get that recompile and to get the compressed kernel image (?), and put it in the right place. Machine is Debian only, ext2 and swap partitions only, no lilo complications beyond the basic. TIA again! Chris -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
newbie Q1: launching Xserver as ordinary user
I've done a clean install of Hamm and have success. (Debian is exposing all my M$ preconception and stupidities but is starting to look just about there -- hooray!) I now have startx working fine from root and X set up for my card, monitor, PS2 mouse etc. I declined to let dselect configure xdm into my startup as I prefer to launch X myself with startx. However, and this is new to me, I am now told that I can't launch the xserver except as root. The message refers to using xwrapper but I can't find that, or else it says I can use xdm, presumably from /etc/initab It deprecates using the setuid bit and I've not mastered that idea anyway so I'm happy not to use it (feeble grin) Can someone tell me how, without going through dselect again, which never sets X up properly for me, I can: a) get xwrapper or some other safe way to be able to launch an xserver as an ordinary user or, less to my liking but ... fine ... (!) b) get xdm launched properly from the init TIA Chris -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
another Xauthority problem?
I have got Debian Hamm and X up and working and am really pleased. With help from the list I have got the recompile for SMP working and got X launching. However, I still have an X problem and can't work out the answer from the archives or the doc files I've found. The problem is under fvwm but occurs under olwm too. I can launch emacs as a regular user (or su) from the window manager drop down menu but when I try to invoke it from the xterm command line I get: Xlib: connection to ":0.0" refused by server Xlib: invalid MIT-MAGIC-COOKIE-1 key emacs: cannot connect to X server :0. I've tried resetting the environment variable DISPLAY from 0.0 to 0 and to psyctc1.sghms.ac.uk (address of the machine, vague recollections from using an Xserver on an Windoze box to access X clients on Sun (or maybe it was SG?) in the past). Something very similar happens with xedit. Archive entries seem to say something about an .Xauthority file which my ordinary user account doesn't have. Same thing happens after su in xterm though. I am sure I'm getting my permissions wrong but can't find the magic key or magic cookie. Anyone put me straight?! Chris -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
can't export from shell scripts
I think I've got something very odd going on. I can export variables successfully from the prompt but not from shell scripts. I.e. typing $export silly=test shows silly=test in the environment but putting export silly=test2 in a shell script and executing it doesn't get any change into the environment. If I put echo $silly in the shell script it shows up fine echoing test2 nicely but the environment still doesn't change. Using declare -x to declare silly makes no difference. Whether the variable is already declared in the environment or not makes no difference. If I put export -p in the shell script, the listing shows silly as test2 as well as other variables already set prior to the script but rerunning env afterward shows silly back to test (or nothing if I've export -n to kill it off first!) Putting #!/bin/bash as first line of the script makes no difference. (By the way, am I right in thinking this isn't necessary, that the chmod to executable gets it executable script status and the first line would only invoke a new shell process to execute the script?) This is running Hamm, bash shell under X through xdm, new install of all that on twin 586 box with SMP=1 As far as I can see, this is causing all sorts of downstream problems like StarOffice failing with a segmentation fault complaining its environment isn't setup correctly (damn right it isn't!) I'm baffled. What am I missing? What am I doing wrong?! Chris -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
HELP! Toshiba Satellite Pro 490XCDT
Unbelievable! I get a new job -- great. I tell them I'll need a portable and they say "yes" -- great again. I go away to sort out the spec. I'll need --- and a machine arrives with my name on it before I speak to anyone, it's one I was considering and it's very high spec. --- potentially great... BUT is it Debian compatible? I've seen enough of Debian over my struggles to install it on an old tower in the last months to know I'm hooked and will want to have the portable dual boot w95 (boo, hiss but...) and Debian. Anyone know if a Toshiba Satellite Pro 490XCDT will handle Debian. My sense is that the key issue will be the video or perhaps the mouse. The WWW tells me the video is: what follows obtained from Toshiba UK on WWW S3 ViRGE/MX chipset VGA/SVGA compatible 2MB VRAM PCI Local Bus support BitBlock graphics accelerator Display 13.3" (30.7cm) diagonal display size 1024 x 768 pixel resolution Black Matrix TFT colour LCD Up to 65,536 million colours, simultaneous internal/external display mode. SVGA SVGA 640x480, 256 colours int/ext/sim @ 85Hz Non-interlaced (external) user selectable, 60Hz simultaneous mode. 640x480, 65,536 colours int/ext/sim @ 85Hz Non-interlaced (external) user selectable, 60Hz simultaneous mode. 800x600, 256 colours int/ext/sim @ 85Hz Non-interlaced (external) user selectable, 60Hz simultaneous mode. 800x600, 65,536 colours int/ext/sim @ 85Hz Non-interlaced (external) user selectable, 60Hz simultaneous mode. 1024x768, 256 colours ext/sim @ 85Hz Non-interlaced (external) user selectable, 60Hz simultaneous mode. 1024x768, 65,536 colours ext/sim @ 60Hz Non-interlaced (external) user selectable, 60Hz simultaneous mode. 1280x1024, 256 colours ext/sim @ 87Hz Interlaced (external) user selectable, 60Hz simultaneous mode. Note: Where a resolution is shown as possible with simultaneous mode but not internal mode, this will involve the use of a 'virtual desktop display' on the internal display to achieve the desired resolution on the LCD. end of Tosh stuff Anyone know? Anyone got reliable guesses? Reply to me and I'll summarise to the list if anyone wants and, if I got this way, I'll let you know! Chris (not sure whether has stupid grin or rotten egg on face)
Installing on Toshiba Satellite Pro 490XCDT
I've got Hamm installed on this machine on the /dev/hda3 (using hda2 for swap). All seems to have gone fine for the basic install judging from copying the linux image from the boot floppy to a directory on /dev/hda1 and loading it with loadlin. I've even followed the pointers from a month or so back on this list to get myself a simple short cut under Windoze95 to get me to Linux. Only oddity to date is that the same kernel on the floppy itself gets a rebooting loop. It gives the boot prompt and starts loading then reboots ... infinite loop. Loadlin with the same kernel image from the "MSDOS" mode from the C: drive works fine. I guess I can live with this but I'd like to have a bootable floppy in case Windoze kills the C:|hda1 partition and thus vapourises my boot up route. Anyone see obvious differences between floppy boot and loadlin that would tell me what I'm missing here? While I'm here: anyone any advice on best routes for getting technical information out of Toshiba? I'll clearly need it to get the X/S3Virge server right and to get PC card ethernet and modem/ISDN in the near future. From Debian and other linux info. on Tosh's of the past I've found it seems the machines are well respected but the company are not regarded as open or supportive to the linux world. Chris
HELP! how does Debian allocate scsi drives?
I have been juggling systems and removed a CDROM drive from my Debian machine. I also had to replace the motherboard but don't think that's the issue here. Now when I reboot the scsi controller sees the scsi drives on both its channels (its an Adaptec 3940 which has two channels). Debian seems to reset the controller successfully on both channels but the boot up fsck reports that three of my drives aren't there as ext2 filesystems. I'm pretty sure they're all on the same (second) channel and that that's the channel where the cdrom came out so I'd like to think the explanation is that removing the cdrom has thrown the mapping from scsi device ids to /dev mounts. I can't get into the machine to check documentation and I can't see enough detail in "Running Linux" to know if this is the case and, if so, how to fix it. However, that does read as if linux scans through the scsi devices allocating /dev/sda /dev/sdb etc sequentially rather than hard mapping to a scsi id. If so, maybe removing the cdrom has thrown the mapping and I should be able to get in as root and hack the mapping (is it in /etc/fstab?) and correct the problem. (Seems odd as it allocates cdroms and rw drives separately but ...) If not, what's happening?! I can't see that there's likely to have been a major destruction of the file system on all three drives particularly given that the controller verifies them happily! _ANY_ hints, help, thwacks over the head for stupidity gratefully received. Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
Adaptec 3940/3940W for standard Debian 1.3 install?
I am new to the list and Linux/Debian but impressed and working my way through "Running Linux" having read the 1.3 installation book. I've got a problem and two hypotheses about it but think I'd do well to tap into the list expertise already in case it will save much time and hair loss! TIA to any who step in with pertinent experience! I'm installing on a machine that had NT 3.51 on it. It's a weird box: an ASUS motherboard with twin Pentium 90MHz, 64Mb of RAM and the driver controller is an Adaptec 3940/3940W. That has two SCSI channels and worked fine under NT 3.51 (and 3.5 before that). On the first channel the machine has a 1Gb IBM drive and a Quantum XP34300 as well as a Toshiba CDROM. I think those two drives and the CDROM were seen and used fine by my first install. The odd thing is that the install also detected the three (I said it was an odd box!) disk drives on the second SCSI channel of the Adaptec but wouldn't format them, complaining about a "bad partition table" (that may not have been word perfect). I managed to get a bit more info. that seemed to say that partitions weren't falling on the heads/tracks it thought they should. The install wouldn't do anything with them. The drives are two Seagates, an ST41650 and an ST42100 and a Quantum Fireball ST4.3S. I have two hypotheses: 1) That the Debian install repartitioning software doesn't like partition information left by NT and those drives were still NTFS formatted whereas the two drives recognised and reformatted OK had been converted to FAT when I was getting enough DOS access to the CDROM to start the install off. 2) That Debian 1.3 default SCSI drivers don't work correctly (perhaps I have to tell them something as a command line parameter?) with the 3940/3940W second channel despite apparently seeing the drives that are on it. I'm low level reformatting all the drives at the Adaptec hardware level (slooo..ow) prior to reinstalling DOS, windows, adaptec DOS handlers and then restarting the install of Debian. I am planning to make sure all the drives can be DOS partitioned and formatted using the Adaptec DOS/Win3.1 drivers prior to the Debian install and I'm happy to be installing again as there were things I got wrong about the network card and as the file system/partition organisation I chose that time was daft. However, I'd hate to end up doing all this umpteen times so I'd really appreciate any advice. I'd rather not move all the drives to the first SCSI channel as the cabling is a nightmare to do and as I know this arrangement has worked. Any help out there? TIA, best wishes all, Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
installation problem
I'm having a lot of problems installing Bo. I have been sent three CDROMs, one marked 1.3 binaries, one marked source and one marked "Custom+extras". The one marked binaries and the "custom" one both seem to have the necessary to install Debian. Are there known differences? Am I right to use the binaries one? The crunch is that I seem to have got a basic install up and running at last (nothing like Linux/Debian for finding problems huh: a failed interrupt handler on my old motherboard and a loose SCSI cable after that!) My hardware is twin Pentium 90MHz, ASUS P/I-P65UP5 motherboard, built-in IDE switched off, comm, lpt & FD controllers on and on their usual ports and IRQs, Adaptec 3940 (not U, not W) and #9motion771 video. Video is forced to IRQ15 using motherboard slot allocation set-up, first Adaptec SCSI channel picks 11 with second picking 10 which seems bizarre to me but I couldn't find a more robust setting. Mouse is PS2 using IRQ 12 and keyboard is 102key in UK/British layout. I think the problem is with those last two both of which seem to have been accepted correctly by the hardware of the basic bash keyboard and mouse handling. I can see a block cursor and can move it (a little slower than I would probably chose but fine), I also get the UK keymappings as far as I can see. Now if I launch XF86Setup the VGA graphic handler gets launched but seems to default to "Microsoft" though pointing correctly to /dev/psaux. The minute I touch the mouse the cursor jumps around and the display fo the cursor coordinates moves (though I can hardly get the mouse off 0 on the vertical). I can't set anything there and using the keyboard to get to the keyboard section gets me the dropdown list of keyboards but nothing I can do from there will get me anywhere, nothing except the final ctrl-alt-backspace which crashes out of the server with the message "The program is running on a different virtual terminal. Please switch to the correct virtual terminal" in a graphics message box and "X connection to :7.0 broken (explicit kill or server shutdown). at the bottom. (I assume the latter is sensible record of my having crashed out.) Problem is that nothing I am doing is getting me an XF86Config file anywhere. Anyone tell me how to jump this little hurdle? Anyone got a working XF86Config file for a PS2 mouse and 102 key British keyboard running under simple VGA or S3? TIA, Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
Re: installation problem
On 21 Jul 98, at 20:54, Jaakko Niemi wrote: > >> Problem is that nothing I am doing is getting me an XF86Config file > >> anywhere. > > Use the textbased xf86config instead of XF86Setup. > > --j > > For the record in the archives, this was just what I needed to be pointed at and solved the 102key kbd / PS2 mouse lockup in XF86Setup. Thanks a bunch! Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
more newbie questions: un(b)locking /dev/lp1
Thanks for input on installation of XF86. Now another question. I have an HP LJ5MP attached to the Debian box via a t-switch as the bulk of my work has to continue to be from NT until I master this learning curve (feeble grin!) I got some output to the printer with a brief hack of /etc/printcap using "Running LINUX" and a HOWTO or so as my guides. Trouble was I used a longish printest and it was going to print out umpteen pages as I'd forgotten the CR/LF issue so I switched off the printer, cleared the paper jam and restarted. Now lpc etc all report the printer is offline. In the meantime I hacked up an /etc/printcap with the help of magicfilter (before I realised the Debian box couldn't see the printer was back) but the system is now reporting that the printer is offline (it's not, moving the T-switch and printing from NT shows that). cat test > /dev/lp1 as root gets a statement that /dev/lp1 doesn't exist. ls shows it does and the permissions look OK. cat test | /dev/lp1 complains of a broken pipe. I suspect that shutdown and reboot would clear this but surely there's an easier way? Anyone got the answer or some clear directions in the umpteen sources of documentation?! Anyone got a good printcap for the 5MP that will maximise sensible use of the PCL and PS modes through magicfilter and got good advice for a newbie on how to make sure the right format files (CR/LF, Unix and PS) get handled appropriately? TIA Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
XF86Config mode settings for Number 9 FX Motion 771
/dev/lp1 and printing sorted out! Now trouble is that I cannot get my combination of a number 9 FX Motion 771 card (it's an approved S3 card, fairly sure it has 4Mb RAM) to run X in 1024X768. I know it will do this as it ran NT at that resolution. I think I successfully (but not usably) ran it on 1280x1024 which is the maximum my monitor can do. Now all I'm getting is 800x600 and that's virtual as the autosynch monitor is resolutely sticking in 640*400 at 70MHz. Monitor is an Elonex rebadged Phillips Brilliance 17" I think. The pertinent modes it offers according to the manual are: M08 = 8514A 1024x768 H:35.5MHz V 87 M09 1024x768 H:48.4 V 60 M10 1024x768 H:56.0 V 70 I used XF86config to set up the configuration and have tried adapting it by hand with no joy at all. Then entry I have in /etc/X11/XF86Config for the card contains: VideoRam 4096 s3RefClk16 DACspeed 220 startx is reporting clocks of 24.93 28.32 0.00 and 0.00 which doesn't look very high, it's rejecting a number of modes as needing hsync frequencies that are not what it wants. I think the problem is that this indicates a programmable clock and it could be instructed to clock higher than this. The documentation on the card specifically says you shouldn't probe it so I can't take that line of action. Can someone tell me clock settings that I should be giving to /ect/X11/XF86Config? Ugh, Debian can have a pretty long learning curve can't it? TIA, Chris Chris Evans, Senior Lecturer in Psychotherapy, Locum Consultant to the Prudence Skynner Family Therapy Clinic, St. George's Hospital Medical School, London University [EMAIL PROTECTED]http://psyctc.sghms.ac.uk/ -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
upgrading to 2.0.35 or 2.0.36 under Hamm
I am running Hamm very happily on a machine sitting in an ISP. However, it can't access the SCSI controller and I need to fix that (very nervously). I am advised that the ncr based controller is likely to be happier with the 2.0.35 or 2.0.36 kernel, though it may still need a driver/module upgrade then. One step at a time: anyone else moved to 2.0.35/36 while retaining the rest of Hamm? I don't really want to make the move to slink until a while after it moves to be "stable" but I do need to make this move. Any advice on doing it so I can easily get back if things break: something about registering two bootable kernels using lilo? TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle Tel/fax.:(+44|0)181-671 0868 http://psyctc.org/ Email: [EMAIL PROTECTED]
odd behaviour after reboot
I have a "co-located" debian server (i386, hamm). My ISP moved
offices so the machine had to be taken down and rebooted. Now
dmesg shows:
3c59x.c:v0.99E 5/12/98 Donald Becker
http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html
loading device 'eth0'...
eth0: 3Com 3c905B Cyclone 100baseTx at 0xe400,
00:10:5a:5a:19:57, IRQ 10
8K byte-wide RAM 5:3 Rx:Tx split, autoselect/NWay
Autonegotiation interface.
Enabling bus-master transmits and whole-frame receives.
net_alias_dev_create(eth0:0): unregistered family==2
net_alias_dev_create(eth0:1): unregistered family==2
Appletalk 0.17 for Linux NET3.035
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
Appletalk 0.17 for Linux NET3.035
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
ARP: arp called for own IP address
Appletalk 0.17 for Linux NET3.035
(I've cut and pasted that in bits so don't take the numbers of lines
too seriously).
The ISP tells me initial difficulties getting the server visible were
because it was "losing the gateway". It _had_ been up and running
for 40 days and neither he nor I can think of any changes we've
made that would cause this. I've no wish to use appletalk and
checking with dselect suggests I don't have either atalk or netatalk
(?) or any of the packages that mention appletalk installed.
/etc/init.d/network is:
#! /bin/sh
ifconfig lo 127.0.0.1
route add -net 127.0.0.0
IPADDR0=195.182.181.1
IPADDR1=195.182.181.251
NETMASK=255.255.255.0
NETWORK=195.182.181.0
BROADCAST=195.182.181.255
GATEWAY=195.182.181.254
ifconfig eth0 ${IPADDR0} netmask ${NETMASK} broadcast
${BROADCAST}
ifconfig eth0:0 ${IPADDR0} netmask ${NETMASK} broadcast
${BROADCAST}
ifconfig eth0:1 ${IPADDR1} netmask ${NETMASK} broadcast
${BROADCAST}
route add -net ${NETWORK}
route add -host ${IPADDR0} dev eth0:0
route add -host ${IPADDR1} dev eth0:1
[ "${GATEWAY}" ] && route add default gw ${GATEWAY} metric 1
That was created by the ISP long ago. Anyone see what's going
wrong? Any chance it's down to things they're sending around
their new network setup?
TIA,
Chris
putting a WWW site and CGI-BIN on a CDROM?!
Apologies for cross-posting to debian-user and debian-ISP but I think you're the people I need. I run a site under Apache-SSL very happily under Debian but someone wants me to run a new site for him which would have about 450 articles (journal articles), about 4m words. He and I would want to make it searchable with a few structured text fields (the usual bibliographic ones: authors, journal, issue date, volume, issue, pages, abstract, text). I guess year and issue date would want to be searchable with gt, ge, lt, le etc. There'd be a few, a very few, graphics in the text. All that's fine for the WWW site but he rightly wants to be able to put it on a CDROM too and I agree but don't want to do any unnecessary duplication of effort. I remember there are ways of putting the CGI/perl or some other searchability, together with all the data onto a CDROM so that I could do the WWW version and transfer it easily to CDROM. Horrid bit is that the result would have to be readable from Windoze and probably from Macs as well to be commercially viable. Anyone been down this route? Any advice/thoughts? TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED]
file size limit in emacs20 on hamm
I just tried to edit a 25Mb text file in Emacs20 on a hamm system with 128Mb of RAM. I discovered that the end of the file is shown on the screen (no X, raw ssh/telnet screen) as a structured lot of question marks: ??? ??? ?? and that an incremental search doesn't find something that grep shows is there. Anyone tell me about handling large files in Emacs20? TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED]
transferring to sendmail 8.9 while still using hamm
I'm using Hamm happily (well, almost, see "LI but no LO" if you're on the debian-user list!) I want to move my sendmail on my two working machines up to 8.9 for the improved and built-in antispamming facilities there. That looks as if it will require a move to a more recent libc6, netbase and libdb (and I haven't yet worked out what they might also want!) I don't want to move over to slink yet and my real priority is not to break anything that's not broken nor to do work I don't need to do. Anyone done this and found it worked with just the upgrade to those three dependent packages? Anyone know things well enough to reassure me or to tell me to wait for slink to become the new stable? TIA, Chris
LI but no LO
I had to change the SCSI controller on my home Debian machine (had to cannibalise the Dawicontrol NCR chip card to use it on another machine urgently). I found I couldn't get the same and put in an Adaptec 2940U. The Adaptec shows me all the devices on the chain correctly. I've told its bios not to do translation and to boot from device 0 (correct place, an oldish IBM 1Gb drive). Now booting shows lilo getting through "LI" but then nothing. I assume something is going wrong in the loading of linux but I'm not sure what's likely to be wrong and how I should deal with it. I found one report of something similar in the archives but no answer there. Suggestions please! TIA!! Chris
Re: LI but no LO (contd.)
My problem is that booting from the hard disc gets LI but not LO, i.e. LILO isn't mounting linux. Two people (many thanks) suggested I instruct lilo to use linear addressing either by using the lilo -l option or putting "linear" into /etc/lilo.conf. This sounds very promising but I think the way that changing from a dawicontrol (ncr) to the Adaptec 2940U changes the perceived geometry is more serious than this. After booting in rescue mode from the resc1440.bin floppy lilo (with or without linear mode) returns: Device 0x0800: Invalid partition table, 1st entry 3D address: 1/1/0 (32) Linear address: 30/1/0 (61) -v shows it's reading /dev/sda1 (correct) for that error message so I seem to be caught in a bind that the resc floppy can mount the drive but the geometry has been changed so fundamentally I can't rewrite the bootable version of linux in a way that lilo will use. I'm back to you all again. Any suggestions? (The old controller is happily running another machine miles away and I can't find another like it around and I'd hate to ditch the money I spent on the Adaptec so ... yes, ... I too would like to do the sensible thing but can't !!) TIA, Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
Re: Debian too difficult, Red Hat?
On 15 Dec 98, at 21:59, KTB wrote: > Hi, thanks to all the people who have offered advice with configuring > X-windows. I have not been successful and am brain dead at this point. I > also tried hooking up to the internet with the same result. I chose the > debian release because I wanted to learn more about computers (I have only > used a pc off and on for the past year) and I like the philosophy behind > Debian. I am wondering if Debian is just too difficult for me at this > point. I am wondering if maybe I should try Red Hat, I have heard it is > easier to install, and then come back to Debian. Does this sound like a > logical progression to anyone? I don't have experience with either one so > I just don't know the best course to take. Thanks, Kent > I ran into more problems than anyone should with my early experiences of Debian but have learned a huge amount from persevering and using the debian-user list humbly. I found some books from O'Reilly about linux very useful but also sometimes very confusing as different linuces put files in different places. Using locate and find / -name 'wilcard pattern' helps when you've got enough system up and running. I've now installed Debian some ten times to produce three first running systems that seem pretty damn solid and I know far more about computers, operating systems and the internet than I did before and have had incomparable support from the debian-user, linux-scsi, aic7xxx lists. I'd stronly recommend staying with Debian but the one thing I've really had to learn is never to do things to deadlines: accept that some things may take a day or so just come clear in my head let alone get fixed. I'm copying this to the list as a sort of "thank you" to so many people who've helped me directly or have asked questions or answered questions other than mine which have helped me! Seasonal greetings all! Chris
Horrid question: ssh or ssl-telnet for Windoze(95)/Doz
Ugh, this is a horrid question to ask but I'll risk it. I am happily moving all my heavy internet stuff to Debian (three machines: home, old office, new ISP hosted machine). Very, very impressed with Debian. The trouble is that I can't ditch Windoze from my portable for some time yet nor do I have space on it for the doze things I need (mostly SAS & SPSS) and to put Debian on it too. I'll get space some day but . 'til then I want some secure way to get into my Debian machines from that machine when I'm away from home. Does anyone else face this? Is there a free or cheap ssh or ssl-telnet for this horrid platform or are there other ways of ensuring confidential transfers and use of the debian machines? TIA and seasonal greetings! Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
(Fwd) Cron run-parts --report /etc/cron.weekly
Why would cron do the following one day (in forty or so to date) then return to working fine the following day and since. df shows lots of free space around. Any thoughts? TIA, Chris --- Forwarded Message Follows --- Date sent: Sun, 31 Jan 1999 06:47:00 GMT From: [EMAIL PROTECTED] (Cron Daemon) To: [EMAIL PROTECTED] Subject:Cron <[EMAIL PROTECTED]> run-parts --report /etc/cron.weekly /etc/cron.weekly/apcd: Reopening apcd logfiles run-parts: /etc/cron.weekly/apcd exited with return code 1 /etc/cron.weekly/dhelp: shell-init: could not get current directory: getcwd: cannot access parent directories job-working-directory: could not get current directory: getcwd: cannot access parent directories find: cannot open current directory: Permission denied shell-init: could not get current directory: getcwd: cannot access parent directories /etc/cron.weekly/man2html: permission denied or non-existent: /usr/local/man/man* PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle Tel/fax.:(+44|0)181-671 0868 http://psyctc.org/ Email: [EMAIL PROTECTED]
how do I use UID setting?
I think this is an incredibly basic question. I want to use a cgi-bin executable behind https security (i.e. fairly secure) that will copy files uploaded using ftp (insecure) into my www document directories (not an area I want open for write access!). The issue seems to be my failure to understand the "first" chmod byte setting of the owner = user bit with chmod 4755. Apache is running as nobody according to httpd.conf (is this why I it shows using ps ax but not using ps axl?) I have a program, cp, chmod 4755 and owner chris, i.e. owned by the owner who has write permissions in the www root. However, when I execute this program after su nobody the copy reports it doesn't have the permissions to do the create side of the copy built in. Here's the listing: 1 -rwsr-xr-x 1 chris root 59 359 Feb 6 22:47 cp Here's the program: #!/bin/sh DATE=/bin/date echo Content-type: text/plain echo whoami ps axl cp -Rv /usr1/philftp/main/* /var/www/visped whoami ps axl The whoami reports "nobody" not "chris" (is that what you'd expect gurus?), the cp, which is what I want, reports insufficient permissions to create the files in the copy. If I su chris the copies take place fine and I've confirmed that file and directory permissions for the target of the copy (in the www root directories) are O.K. Someone point me to the right answer and/or the right documentation! TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle Tel/fax.:(+44|0)181-671 0868 http://psyctc.org/ Email: [EMAIL PROTECTED]
Re: how do I use UID setting?
On 6 Feb 99, at 21:40, Gerard MacNeil wrote: > On Sat, 6 Feb 1999, Chris Evans wrote: > > > 1 -rwsr-xr-x 1 chris root 59 359 Feb 6 22:47 cp > > This line means any user can execute the program 'cp' Yes, I didn't mean to leave it that way. > > > The whoami reports "nobody" not "chris" (is that what you'd expect > > gurus?), the cp, which is what I want, reports insufficient > > permissions to create the files in the copy. > > OK. So the Apache process is running as user 'nobody' (mine runs as > www-data as per the Debian distribution). > You want 'nobody' to 'cp' a file to a directory. Does 'nobody' have > permissions to write a file in the directory in question? The > observations about 'chris' are not relevant. Set the permissions of the > directory so 'nobody' can write to it. I _knew_ I shouldn't have called that program "cp"! Sorry, it made things very unclear. The crucial things I want are: 1) for the default user of apache-ssl, currently nobody to be able to execute this program, /var/www/secure-cgi-bin/cp, (I've achieved this much!) 2) for the execution of that program to use its owner's (chris's) UID and hence its owner's (chris's) permissions 3) which should give it write permission in the /var/www/root/ directory tree (something I don't want any old apache execution to have as a sort of basic protection of that tree in case I foul up and leave other holes) I have _NOT_ achieved 2) and/or 3) as far as I can see. > Do a 'su nobody -c cp SOURCE_FILE THE_DIR' as root to test. You may have > to use the full PATH to the 'cp' command. > If you check the documentation on Security, you will see that it is > recommended that Apache process run as an abstract psudeo-user like > 'www-data' (Debian install default). You spec the user in > /etc/apache/httpd.conf and you only have to make sure that the user > exists. It helps keep things straight. > It also defines precisely how the files have been written to the > directory. 'www-data' should be denied all logins. All files > written with owner 'www-data' are therefore written by the Web > Server (except for a security breach). You know where they came > from. You can check your Web Stats to verify the URL was in fact > hit. Besides, 'nobody' gets used for a bunch of other things. I really don't think I have changed the default user for apache-ssl, maybe I have. I take the logic of this and approve and will make the change but I still wouldn't want to give www-data write permission in its own root (or cgi-bin) directory structures. That sounds to me like creating an unnecessary layer of openness. The situation is that I host some pages someone else designs. He has ftp and I've arranged that he can ftp his pages into a small partition. Since ftp is essentially insecure to snooping and replay I accept that partition is insecure and can live with that. What I want is to get him then to validate himself in with name & password in an https (apache-ssl) session (i.e. essentially non-snoopable, non- replayable) so he can then initiate a copy into the httpd root structure (otherwise I'll keep having to do it for him which is going to frustrate both of us). I thought that the "setuid" byte was the way to do this, to get a program to use its owner's UID and permissions rather than those of the (lower permissions) apache user. Clearly I'm wrong or doing something wrong. Does that make things any clearer? Can anyone help? TIA Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle Tel/fax.:(+44|0)181-671 0868 http://psyctc.org/ Email: [EMAIL PROTECTED]
Re: how do I use UID setting?
Thanks very much to Gerard and several others who are helping out my newbie fumblings on this thread. I'm clearer now about setuid and might end up taking the suidperl route but for now I'm pursuing apache's own suexec: On 7 Feb 99, at 7:50, Gerard MacNeil wrote: > If I got this right this time, you want 'suexec'. This functionality > allows the default user (nobody in your case) to run a process as a > different user (ie. chris). The write privileges are then for 'chris' > The Apache docs tell you how to use it. Yes, spot on, trust me not to have reread the obvious bit of apache documentation. So I edited suexec.h and ran cc suexec.c -o suexec and I got: www:/usr/doc/apache-ssl# gcc suexec.c -o suexec suexec.c:72: sys/param.h: No such file or directory suexec.c:73: stdlib.h: No such file or directory suexec.c:74: unistd.h: No such file or directory suexec.c:75: sys/types.h: No such file or directory suexec.c:76: stdio.h: No such file or directory suexec.c:78: string.h: No such file or directory suexec.c:79: pwd.h: No such file or directory suexec.c:80: grp.h: No such file or directory suexec.c:81: time.h: No such file or directory suexec.c:82: sys/stat.h: No such file or directory locate confirms these header files are not on my system (to date I've not compiled anything). I can't use dselect to find them as I upgraded sendmail to the slink 8.9.1 version which required I updated libc and that's left dselect with a catch22 in that some package insists on a particular level of libc (if I remember rightly). Can you or anyone else point me to the right location to raid for this headers using ftp? TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle Tel/fax.:(+44|0)181-671 0868 http://psyctc.org/ Email: [EMAIL PROTECTED]
Suexec under Debian apache-ssl, was: how do I use UID setting?
To debian-user, debian-isp and apache-ssl as I think answers may be ssl and debian specific. On 7 Feb 99, at 10:01, Gerard MacNeil, having pointed me to suexec and continuing a correspondence that has been running with others' support on debian-user and debian-isp wrote: > > Ah, gcc. That's why I like Makefiles. Don't understand! > > I checked suexec.c and found the line > #include "ap_config.h" Interestingly, that's definitely not in mine. All the includes are to standard C headers and the one to suexec.h. > > Without getting into C-proramming and all that, you can take this entry to > mean that "suexec.c" and "suexec.h" MUST be in the same directory as > "ap_config.h". I did it, compiled no problem. You probably need > apache_ssl-dev to get "ap_config.h". > Taking me to the edge of my very old C knowledge but yes!... So I got the apache-dev and libc6-dev packages matching my slink libc6, installed them with dpkg and hey presto the compile worked. Then I had to work out where apache-ssl expects to find suexec if it's going to use it. That's more tricky. In httpd.h in /usr/include/apache-1.3 I find: httpd.h:#define SUEXEC_BIN HTTPD_ROOT "/sbin/suexec" That has "HTTPD_ROOT" which isn't in the apache suexec html documentation but seems to point me to /sbin as the debian location for suexec. So I put it there, chown root, chmod 4711 and restart apache-ssl. It _DOESN'T_ print a line saying it's using suexec there or anywhere else. I call a file with owner and group chris (UID=1000 = the minimum I set in suexec.h) within the directory tree of apache-ssl, not setuid, nor setgid, directory not writable by anyone else. I get: > Forbidden > > You don't have permission to access /cgi-bin/cp on this server. and error.log shows the same and the suexec log I specified in suexec.h isn't created. So I'm not invoking suexec using apache-ssl on my server. Anyone know where I'm going wrong?! Platform is i386 Debian Hamm, libc6 & libc6-dev updated to slink as I'm using sendmail 8.9.1 which forced that. Apache-ssl is out of hamm. Server running standalone (of course) with four virtual hosts, IP based, two http, two https. TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle Tel/fax.:(+44|0)181-671 0868 http://psyctc.org/ Email: [EMAIL PROTECTED]
Re: [apache-ssl] Suexec under Debian apache-ssl, was: how do I use UID setting?
On 7 Feb 99, at 18:26, Ben Laurie wrote: > Chris Evans wrote: > > httpd.h:#define SUEXEC_BIN HTTPD_ROOT "/sbin/suexec" > > > > That has "HTTPD_ROOT" which isn't in the apache suexec html > > documentation but seems to point me to /sbin as the debian > > location for suexec. So I put it there, chown root, chmod 4711 and > > restart apache-ssl. > > > > It _DOESN'T_ print a line saying it's using suexec there or > > anywhere else. > > > > I call a file with owner and group chris (UID=1000 = the minimum I > > set in suexec.h) within the directory tree of apache-ssl, not setuid, > > nor setgid, directory not writable by anyone else. > > You are not the first to be foxed by this. In fact the construct above > prepends HTTPD_ROOT to /sbin/suexec, so the place you want to put it is > in sbin/suexec under HTTPD__ROOT (which is defined somewhere else in the > headers). > Thanks Ben, So I moved suexec to /usr/local/apache/sbin/ Still no evidence that either apache-ssl (or apache if I try that) are finding it there if they put up that reassuring message about using it as they are loaded. Still no joy in it doing what I'd want but not sure I really understand the user directory issue nor really how suexec is invoked. Is there anything that suexec does if invoked from with a shell that would reassure me it's compiled right? O.K. I guess not! Anything I can do to quiz apache-ssl about its configuration and whether it's HTTPD_ROOT is where I think it is (from the apach-dev headers in /usr/include/apache-1.3)? I can't see anything the debian changelog about this. TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle Tel/fax.:(+44|0)181-671 0868 http://psyctc.org/ Email: [EMAIL PROTECTED]
scsi boot problems?
Some days back I reported I'd lost three hard discs when I look for them using linux but they are still there according to my Adapted 3940 SCSI controller. Well, I've learned something about drive name spaces in linux (separate for drives and CDROMS as I thought blowing one attractive explanation out of the way!) I've tried all sorts of things but have come back to reinstalling linux (probably needed to do this anyway). I've found the wonderful thing that alt-F4 in the resc1440 boot shows you the end of the boot up messages. (Not being able to get back at these in the event of a big disaster is a real problem: you can't pause them with ctrl-S nor can you find dmsg (?sp?) if your system is really damaged. I'd rate a scrollable review of the messages very highly on my wish list!) What I find there is about like this: <4> Detected scsi CD-ROM sr1 at scsi0, channel 0, id 3, lun 0 <6> (scsi1:0:-1:-1) Scanning channel for devices <4> (scsi0:-1:-1:-1) Bad scbptr 255 during SELTO. <4> (scsi0:-1:-1:-1) Referenced SCB 255 not valid druing SELTO <4> SCSISEQ = 0x12 SEQADDR = 0xa SSTAT0 = 0x15 SSTAT1 = 0x8a <4> scsi: detected 2 SCSI cdroms 2 SCSI disks total. The three error lines are then repeated but with SSTAT1 = 0x88 later. I get the same message whether I use channel A or B on the controller and both have the lines starting (scsi0:-1:-1:-1) which suggests to me this is something to do with that channel on the controller, as handled by linux, not something to do with the drives. Can someone point me to documentation on these things or explain them? I tried putting an old Adaptec 1540 in temporarily instead of the 3940 but that didn't admit to finding _any_ drives and it may well be dead. The firmware on the 3940 reports all the drives and claims to verify them fine so I'm puzzled here. Looks to me like something wrong with the handling of the controller by linux but I assume there's something wrong with the controller. I don't want to buy anything unnecessary or waste more time but I'd really love to get this system up and running again so any help is much appreciated. Chris
scsi boot up problems? simplifed request??
I've simplified my request. I suspect it may belong on another list (linux kernel? linux and adaptecs or linux and SCSI? are there such lists?) Desperate for any help, pointers etc.! Chris --- Modified Message Follows --- I get the following on booting system with clean resc1440.bin floppy: <4> Detected scsi CD-ROM sr1 at scsi0, channel 0, id 3, lun 0 <6> (scsi1:0:-1:-1) Scanning channel for devices <4> (scsi0:-1:-1:-1) Bad scbptr 255 during SELTO. <4> (scsi0:-1:-1:-1) Referenced SCB 255 not valid druing SELTO <4> SCSISEQ = 0x12 SEQADDR = 0xa SSTAT0 = 0x15 SSTAT1 = 0x8a <4> scsi: detected 2 SCSI cdroms 2 SCSI disks total. The three error lines are then repeated but with SSTAT1 = 0x88 later. I get the same message whether I use channel A or B on the controller and both have the lines starting (scsi0:-1:-1:-1) which suggests to me this is something to do with that channel on the controller, as handled by linux, not something to do with the drives. The controller says all the drives (four hard discs, two CDROMs) are there and that the discs verify fine. Set up worked fine under linux with 90MHz P5 motherboard before with Award BIOS, now has 300MHz K6 with later Award BIOS. Linux initialisation of the two SCSI channels appears to go fine, problem appears to be at the next stage. What are SCBS?!! What is a SELTO? What are those hex values? More to the point, where do I find out or find someone who knows?! Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
compiling 2.0.35 kernel for Hamm?
It seems I need to upgrade the 2.0.34 kernel I have for Hamm with a 2.0.35 kernel which has better support for the dawicontrol SCSI controller I've now got which uses an ncr53c875 chip. At the moment the system seems to hang from time to time and one occasion showed a scsi abort on a timeout so I think something in the ncr53c8xxx module is the problem. So how do I install 2.0.35? I have the kernel package installed and have managed to recompile and install a kernel once before so I think I can do that, what I don't know at the moment is how I'd get the 2.0.35 kernel and put it in a place where the kernel package would be able to use it for the recompile. As far as I can see Hamm only has 2.0.33 and 2.0.34. All advice gratefully received. TIA Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
ppp problem
I sent this yesterday (I think: windoze problems!), hasn't been copied back to me by majordomo so I assume it didn't get through. I have moved my debian machine home from old workplace and am trying to configure it for ppp access to my university ppp entry point. I have used pppconfig to enter the basic parameters that work for Win95 ppp access and I can see from plog (after pon) that I am getting a connection to the system and it notes the fixed address that it serves to me (which I have put in my /etc/hosts) and the host address that it uses. plog then shows a complaint: Cannot determine ethernet address for proxy ARP that was linked with a comment about not replacing existing default route for eth0 so I edited out all the eth0 lines in /etc/init.d/network leaving only the loopback lines. I rebooted and that removed the comment about not replacing the existing default route but ... I can only ping the host ip address ... every other address fails, numeric addresses just show no action at all and full names don't get resolved. I have put the numeric addresses of the DNS servers that the ppp entries for win95 use in my /etc/resolv.conf file after: domain sghms.ac.uk which was my old domain (I know my old name and ip address at the office in that old domain are unused). I think I'm failing to tell the ppp0 route or pppd (the same thing essentially?) the right default gateway and/or netmask to use. Nothing in plog, netstat, route or ifconfig that I can see are helping me, all suggest the ppp communication is working fine, the route lines look odd to me with the first line giving the host address then 0.0.0.0 with netmask 255.255.255.255 and then 0.0.0.0 and the host address with netmask 0.0.0.0 (as I remember it) but I'm out of my depth here despite looking at every man, --help, -h, doc, example and even running linux! I am sure I'm being obtuse but I'd appreciate any advice. TIA Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
transferring large files from DOS/Windoze to Debian
Is there a way to transfer large files from DOS/Windoze machines to Debian if you only have a null modem or floppies to "connect" the two? I want to download some large files for Debian (staroffice and a newer kernel source). My Debian machine is now at home and it will cost a fortune to download them at 14.4k over the 'phone but I can catch them with my NT machine at work for free and put them on my Win95 portable (conversion to Debian for this is planned!!!) with laplink. Is there a good way to transfer them from the portable to the Debian machine? I have a feeling that kermit or another protocol at each end of the null modem cable is the best answer. I can get kermit or the like for the portable and I have minicom on the Debian machine. Failing that, anything that will split files under DOS/doze in a way that they can be reassembled after floppy transfer under Debian? TIA Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
ppp problems continue! (long)
I am trying to connect a home machine to my university ppp server. The machine has an ethernet card in it which worked at its old location in the university but not where it would have seen or used the ppp server. I would like to use it for ip masquerading in due course so I've left the card in but I just want to get its own ppp working for now. Acting on advice from my last posting I have changed my /etc/init.d/network settings to put the appropriate addresses in against eth0. Launching pon I get successful dialing up and plog suggests to me partial success: pppd[533]: rcvd [IPCP ConfAck id=0x1 ] pppd[533]: Cannot determine ethernet address for proxy ARP pppd[533]: local IP address xxx.yy.zzz.ww pppd[533]: remote IP address aaa.bb.ccc.1 pppd[533]: rcvd [CCP ConfRej id=0x1] I can then ping my local address xxx.yy.zzz.ww which gets "can't reach network" before launching pon. I can ping the server address aaa.bb.ccc.1 too. ifconfig gives me: lo deleted eth0 Link encap: Ethernet HWaddr ... inet addr:xxx.yy.zzz.ww Bcast:xxx.yy.zzz.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Rx packets: 0 errors: 0 Tx packets: 0 errors: 0 ppp0Link encap:Point-to-Point Protocol inet addr:xxx.yy.zzz.ww P-t-P:aaa.bb.ccc.1 Mask:225.255.255.0 UP POINTOTPOINT RUNNING MTU:1524 Metric:1 Rx packets: 42 errors: 0 ... Tx packets: 44 errors: 0 ... Collisions: 0 Memory:6333038-6333c34 Route gives me: Kernel IP routing table Destination ... rest of headings ... but nothing beneath and I have to ^c out of it Netstat -rn gives me: Kernel IP routing table Destination Gateway ... xxx.yy.zzz.1 0.0.0.0255.255.255.255 UH 1524 0 0 ppp0 aaa. bb.ccc.0 0.0.0.0255.255.255.0 U 1500 0 0 eth0 127.0.0.00.0.0.0 255.0.0.0U 3584 00 lo 0.0.0.0xxx.yy.zzz.1 0.0.0.0 UG 1524 0 0 ppp0 I have a sense that I need to change /etc/init.d/network to bind ppp0 rather than eth0 but that didn't make any difference at all, merely removing the eth0 line in the netstat output. I am clearly doing something wrong. I suspect from the proxyARP message that it's something about the network and/or broadcast values I'm setting and that route returning nothing is a bad sign. I've read what I can get my hands on and I'm stumped. Damn windoze95 works fine with this ppp server and I'm sick of typing things across from my Debian machine to my doze machine to share this with you. HELP TIA++ Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
keyboard switchers
I have to run both an NT and my Debian box for some time at least yet. I'd like to use a switchboard switcher so I only have to have one keyboard on the very crowded desk. I have one and it used to work fine for two NT systems and for Win95 systems though I gave it up when someone told me NT tests to see if the keyboard is still there from time to time behaves very badly if it's not (sounded plausible M$ daftness but I wasn't actually convinced though I was having keyboard lock ups - they continued after I ditched the switcher. Anyone know if Linux/Debian (Hamm) gets irritated if it finds no keyboard where one was a few minutes/hours before? TIA Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
2nd question of the day: Xsecurity
I am enormously pleased to have my Email lists and WWW service now running fine on a very cheap (reconstruction job!) Debian box in my old office with SSL-telnet giving me what feels like very secure access for any work I have to do on it. I'd like to use Emacs from within X on my home machine when I do have to telnet in for work but I'm getting a refusal to give Emacs X client access to the server on the remote machine (if I've got the server/client naming the right way round). My questions are: 1) The remote machine isn't running X at the time, do I need to leave it with X running or can I assume it will launch it? (It does have a very limited VGA server up and running there.) 2) How do I set security in X so as minimise any possible holes but to give me this access? I have looked through the documentation but can't see anything pertinent. A man page suggests there is another on "Xsecurity" and the Xhost man page suggests _that_ isn't what I need. Please will someone point me at the right documentation? TIA Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
help: someone has spammed through smartlist on my debian box
/* Please excuse the cross-posting to debian-user and smartlist. I think both are likely to have useful input on this and it feels fairly urgent to me! */ I run a few not particularly large Email lists using smartlist under Hamm. I have subscription confirmation on and have been very happy with the setup. I've had problems as the medical school site which hosts my box has been abused by spammers (45k messages in 24hrs) and had big hassle with the blacklists etc. as a result. Now a spam has gone out on one of my lists last night. The name from which it comes is not on the list nor have I had copies of any attempts by this person to join (which I receive as default normally). The header shows s/he has definitely used the list: Status: U Return-Path: <[EMAIL PROTECTED]> Received: from psyctcsghms.ac.uk (psyctc [194.80.201.68]) by ribosome.sghms.ac.uk (8.8.8+Sun/8.8.8) with ESMTP id GAA15491; Fri, 20 Nov 1998 06:11:39 GMT Received: (from [EMAIL PROTECTED]) by psyctcsghms.ac.uk (8.8.8/8.8.8/Debian/GNU) id GAA21614; Fri, 20 Nov 1998 06:07:50 GMT Resent-Date: Fri, 20 Nov 1998 06:07:50 GMT From: [EMAIL PROTECTED] Message-Id: <[EMAIL PROTECTED]> Date: Fri, 20 Nov 98 03:00 ADT To: [EMAIL PROTECTED] Subject: Over 20 Joined In The Last 5 Days - Join Now & Get In near The Top! Resent-Message-ID: <"VxzYWD.A.nRF.2cQV2"@psyctc> Resent-From: [EMAIL PROTECTED] Resent-Reply-To: [EMAIL PROTECTED] X-Mailing-List: <[EMAIL PROTECTED]> archive/latest/9 X-Loop: [EMAIL PROTECTED] Precedence: list Resent-Sender: [EMAIL PROTECTED] X-list: [EMAIL PROTECTED] X-Unsub: To leave, send text 'unsubscribe' to sign-speak- [EMAIL PROTECTED] X-List-Unsubscribe: <mailto:sign-speak- [EMAIL PROTECTED]@body=unsubscribe> X-List-Administrator: [EMAIL PROTECTED] (Chris Evans) X-PMFLAGS: 33554560 0 1 P50480.CNM The stuff at the top shows something odd with the missing stop in psyctcsghms.ac.uk but the psyctc and the IP address are correct. The X-List: and other stuff at the bottom is very definitely the stuff I've put into the list that it should add to all outgoing post so s/he's definitely hacked into the list somehow. I found one other with the same body to the message but a very different header: Received: from nexus.chilenet.cl ([EMAIL PROTECTED] [200.2.98.4]) by psyctcsghms.ac.uk (8.8.8/8.8.8/Debian/GNU) with SMTP id GAA21596 for <[EMAIL PROTECTED]>; Fri, 20 Nov 1998 06:01:49 GMT From: [EMAIL PROTECTED] Received: by nexus.chilenet.cl (/\oo/\ Smail3.1.29.1 #29.17) id <[EMAIL PROTECTED]>; Thu, 19 Nov 98 04:28 ADT Message-Id: <[EMAIL PROTECTED]> Date: Fri, 20 Nov 98 02:56 ADT To: [EMAIL PROTECTED] Subject: Over 20 Joined In The Last 5 Days - Join Now & Get In near The Top! X-PMFLAGS: 33554560 0 1 P3D710.CNM I'm a bit out of my depth here but willing to do anything reasonable to minimise the risks of this happening again. Does anyone recognise the probable exploit that was used or have advice about how to do more to track down the route used and to block off this or other likely exploits? TIA, Chris
virtual hosts
I am currently using Smartlist on Debian to run some small open and very small closed lists. I am also running Apache and wu-ftpd to serve http and ftp. I like the whole combination very much now I've learned to configure it properly (wry grin!) I am planning to move everything to a machine hosted by an ISP to get out of working from within the educational system. I know that for my WWW services I can alias names to the same machine and Apache's virtual host capability will present different WWW directory trees depending on the browser depending on which name has been accessed. The ISP suggests mapping the various different host names to the different IP addresses all on the same machine. The tech man there tells me that gets round the problem of older browsers coming in to the numeric address and so hitting the www root rather than the virtual mappings. Sounds good to me and I assume you just have multiple entries in /etc/hosts. Can I do something similar with Email? In particular with Smartlist? Is there something I can do using sendmail.cf and perhaps MX records to allow the same box to collect for different names and allow procmail, sendmail, smartlist, qpopper and probably some IMAP server to treat the different names appropriately? I.e. could I have a /var/list set of subdirectories: aft atc sign-speak visped spruk being served to the addresses: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] I'm assuming I could be sensible to create unique usernames like: aft.person1 aft.person2 atc.person1 atc.person2 etc. so there should be no problems of username resolution for sendmail, IMAP and POP3. Have I got the right idea? What friendly documentation should I be reading? TIA, Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
nfs mounting
I have just tried to use NFS to mount directories on one of my Debian boxes so I can transfer things from it to another. I set /etc/exports on the first machine to show a (ro) permission on / for the second machine. I tried that with and without no_root_squash. I killed and restarted rcp.mountd between each change in /etc/exports. On the second machine I ran mount machine1:/ /nfs with and without options intr and different "block" sizes. Whatever I do the mount stays there as a foreground task but nothing appears to ls in /nfs. showmount on the first machine shows the mount each time. I'm doing something wrong clearly but there's nothing diagnostic I can see telling me what I need to change. Anyone spot the obvious?! TIA, Chris Chris Evans, R&D Consultant, Tavistock & Portman NHS Trust
Seagate DAT drive
I have just installed a Seagate STD28000N (aka ARCHIVE Python 04687-XXX Rev: 6580 according to dmesg). I only had 90m tapes to hand and wanted to try it out, tar cvf on a handful of files claimed to work but nothing else did generally returning error messages about sequential position. I am off to get some 120m tapes and have been through the man pages etc. for dds2tar, dds2index etc. but feel a bit out of my depth here. Is there a really simple idiots' guide to using DDS/DAT tape drives, something like the wonderfully clear HOWTO for jaztool? TIA Chris
kernel security?
I am just shipping off a machine to go into an ISP to act as an SMTP, POP3, IMAP, list (superlist), WWW (apacheSSL), ftp and possibly IRC server. Load won't be high but I'd like to minimise risks of this leaf positioned machine being used for spoofing and forwarding. I _think_ I'm getting my head around how to use sendmail.cf to prevent SMTP forwarding while still allowing proper list functioning. I think there are configuration options allowing IP forwarding that I should turn off in the kernel. Am I right? Anyone point me to the right info.? TIA, Chris
Log rotation and other regular jobs
I am trying to understand how log rotation and other regular tasks work. I thought I understood cron and didn't need anacron but find it's installed anyway now and it's emailing me daily, weekly & monthly reports and I've worked out that it's being called by cron from /etc/crontab ... all well and good and I think I can see . Also my direct entries into root's crontab are working fine. However, I don't really understand what's rotating my mail logs. I can see that some things are rotated by logrotate which is called daily by cron but can rotate at whatever pace is set for the log in /etc/logrotate.conf (e.g. for /var/log/wtmp) or in a file for each package in /etc/logrotate.d Trouble is that I can't see that mail logs are rotated by that (I run postfix logging to /var/log/mail.log etc.) I think they would be rotated by cron.weekly savelog using sysklogd-listfiles to give a list of logs to rotate (I'm guessing this bit). However, cron.weekly is Emailing me this: /etc/cron.weekly/sysklogd: /etc/cron.weekly/sysklogd: syslogd-listfiles: command not found /etc/cron.weekly/sysklogd: syslogd-listfiles: command not found and I think that may be because I'm running syslog-ng not sysklogd (syslog-ng is the only "sys" in ps aux output) but my mail logs are getting rotated every Sunday at a time varying from 07.37 to 08.18 to judge from the timestamps on the files. I'd really like to understand how this is happening, not least because I want to stop them being compressed and set up pflogsumm to run immediately after the rotation on the last week's log. Anyone help? TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
slow DNS lookups from firewall
I have a small home network of two Debian stable machines and two Windoze portables (boo hiss but my work and spouse's require that). I'm hitting something that's puzzling me which is that DNS lookups from the firewall machine are slow whether directly or from the Windoze machines behind while DNS lookups from the Debian server in the DMZ on my network are much faster. However, it gets to the ADSL router through the firewall machine. Firewalling is done by Shorewall 1.2 (i.e. Debian stable 'Woody' distro like everything else on the two machines) with the DMZ masqueraded whereas the Windoze machines on the local network are DNAT. Here's are some timings e.g.: FIREWALL: time host leeds.ac.uk 213.120.62.98 leeds.ac.uk A record currently not present at inh2dns02.imsnet2.btopenworld.com real0m27.379s user0m0.010s sys 0m0.000s firewall:/etc/shorewall# time host leeds.ac.uk 213.120.62.98 leeds.ac.uk A record currently not present at inh2dns02.imsnet2.btopenworld.com real0m1.040s user0m0.000s sys 0m0.010s firewall:/etc/shorewall# time host www.leeds.ac.uk 213.120.62.98 www.leeds.ac.uk A 129.11.21.9 real0m2.394s user0m0.000s sys 0m0.000s DMZ machine: time host leeds.ac.uk 213.120.62.98 leeds.ac.uk A record currently not present at inh2dns02.imsnet2.btopenworld.com real0m0.107s user0m0.020s sys 0m0.000s www:/etc# time host www.leeds.ac.uk 213.120.62.98 www.leeds.ac.uk A 129.11.21.9 real0m0.129s user0m0.010s sys 0m0.020s The Windoze machines (W2k and XPProf) are slowish in line with the firewall timings with the XP machine tolerating it and the 2k machine timing out repetedly). I'm baffled: the firewall machine has two ethernet ports on the motherboard (eth1 & eth2: via-rhine) and a PCI card (eth0: RTL8139). Shorewall maps those: eth0 -- to the ADSL router eth1 -- to the local network via a Belkin 8 port 100/1k switch eth2 -- to the DMZ The firewall is the faster of the two machines (1002 MHz Centaur VIA Nehemiah stepping 03 with 491456k RAM running 2.4.19 kernel cf 273MHz AMD-K6tm w/ MME stepping 00 and 131072k RAM running 2.4.18) Something is presumably intervening in the DNS lookups from and via the firewall by the local network that isn't intervening for the lookups the server passes through the firewall by masquerading. The shorewall rules allow domain (port 53) access to the net from the firewall, the dmz and the local network and there are no iptables complaints matching the slow lookups in /var/log/messages so I don't think I've simply misconfigured my iptables rules to disallow lookups! I'm sure likely culprits are obvious to those who know more about iptables and masquerading/DNAT than I do. Hugely appreciate suggestions and advice as this is really slowing things down to a crawl. TIA, Chris -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: slow DNS lookups from firewall
OK Another take on this: I'm trying to debug why DNS lookups from a Debian woody firewall machine have become slow over an ADSL link to British Telecom's DNS servers (router and servers not changed lately). I'm an amateur sysop but generally cope well but need some help debugging this. Machine has three ethernet ports: two are via-rhine on the board (eth1 and eth2) and one is a PCI realtek RTL8139 card. That's the one which faces the router. I'm now debugging at the basics: one wire at a time. If my /etc/interfaces only gives the one route to the router through eth0 my pings to the router give: ping: sendto: Operation not permitted ping: wrote 217.34.100.198 64 chars, ret=-1 If I take the network down, bring it back up just looking through eth1, pings are fine and fast. Am I getting near the cause of the problem or is this a red herring: is this card malfunctioning? Why would it not permit a ping? If this is the cause, presumably it's not absolute and some traffic is still getting through the card. TIA, Chris -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
multiport ethernet cards
In relation to debugging my DNS lookup woes (see other posts!) I'm going to buy a spare PCI ethernet card. Since my firewall machine is tiny and quiet, it only has one PCI slot so I'd like to get a multiport, ideally four port, card. Some time back people recommended the Intel Pro multiport cards but they were out of my price range except on Ebay (where I can now only see one two port card). I also had a recommendation for Soekris who have 2 and 4 port cards at prices I can pay and say they have linux support (see end of post for spec). Does anyone have experience of these cards with Woody or have another recommendation? TIA, Chris == info from http://www.soekris.com/ === Soekris Engineering lan1621 and lan1641 These two multiport ethernet adapters deliver excellent performance at competetive prices, and has been designed for long term availability for the embedded market. The lan1621 is a short low profile PCI board with two independent ethernet controllers, perfect for space limited systems and 2U servers. The lan1641 is a short standard profile PCI board with four independent ethernet controllers, for systems where the highest number of ports are needed. Both boards can also be used for adding additional ethernet ports to the Soekris net4501 and net4801 communication computers. Specifications: * National Semicondutor DP83816 ethernet controller chips * Texas Instruments PCI2250 PCI-PCI bridge chip * High performance PCI busmaster interface with large buffers and interrupt holdoff * Shielded RJ-45 connectors with LED's for speed and activity * 33 Mhz, 32 bit PCI 2.3 expansion cards, universal for 3.3V and 5V power and signaling * IEEE 802.3u 10 Mbps 10BaseT and 100 Mps 100BaseTX, half and full duplex * IEEE 802.3u Auto-Negotiation * IEEE 802.3x Full duplex flow control * lan1621: Two ports short low profile PCI board, power max 1.5W when 3.3V is available * lan1641: Four ports short standard PCI board, power max 2.8W when 3.3V is available * Operating temperature 0-60 0C Software: * Driver support for most operating systems, incl. FreeBSD, OpenBSD, NetBSD, Linux and Windows. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
What's sending "www 02/10/02:19.02 system check" messages
Probably a dumb question, apologies if so:
I've just transferred from Hamm to Potato and the new system is
Emailing me excellent security messages with subject line like: "www
02/10/02:19.02 system check" ("www" is hostname).
I'd like to be able to tune that to improve the ratio of really
helpful to routine messages. All I can see from the header is that
they're coming from something with user ID 0 and that leaves a fair
few options including cron but crontab -u 0 says there is no user 0!
Anyone help me?!
TIA,
Chris
--
Chris Evans <[EMAIL PROTECTED]>
Consultant Psychiatrist in Psychotherapy,
Rampton Hospital; Associate R&D Director,
Tavistock & Portman NHS Trust;
Hon. SL Institute of Psychiatry
*** My views are my own and not representative
of those institutions ***
sshd logs and possible security violation
I think this belongs on d.-user not the security or ssh lists. Thanks to people who helped point me to logcheck, I saw my first attempted login from outside today. At least, I'm pretty sure that's what I saw but I am seeking some information about what gets logged by sshd. What I see in auth.log is (consecutive lines): Feb 14 23:19:29 www sshd[438]: Did not receive ident string from xxx.yy.zzz.uu (actual number removed in case!) I think that's an usuccessful attempt to log in, am I right? Feb 14 23:49:32 www sshd[242]: Generating new 768 bit RSA key. Feb 14 23:49:33 www sshd[242]: RSA key generation complete. don't understand why sshd did that then, 30 minutes later then the next lines are me testing what happens if I try to do an illegal login: Feb 15 07:36:08 www su[1154]: + ??? root-www-data Feb 15 07:36:08 www PAM_unix[1154]: (su) session opened for user www- data by (uid=0) which looks alarming but I was slung out by shell being /usr/bin/false or by fact I didn't give right password Feb 15 07:36:08 www su[1174]: + ??? root-nobody Feb 15 07:36:08 www PAM_unix[1174]: (su) session opened for user nobody by (uid=0) ditto Feb 15 07:55:52 www sshd[1375]: Accepted password for xxx from zzz.zzz.zzz.zzz port That last line seems to be the logging of a successful login and it's very reassuringly different from the one from someone else, from an outside IP address. I had a look in the ssh documentation (which points to various dead URLs) but couldn't find anything detailed on logging messages. I don't think my programming is up to reading the source package to see if that would tell me. I'm also under the impression that sshd generates new keys when restarted and at intervals, does anyone know if that is right? TIA, Chris -- Chris Evans <[EMAIL PROTECTED]> Consultant Psychiatrist in Psychotherapy, Rampton Hospital; Associate R&D Director, Tavistock & Portman NHS Trust; Hon. SL Institute of Psychiatry *** My views are my own and not representative of those institutions ***
oddity with find -exec grep -i
Perhaps I am looking straight through things, if so, I'm sorry. I
have effectively a one liner shell script that I want to run to see
if any text (typically an Email address) is in any file named "users"
in any directory below a particular directory, easy I thought:
#!/bin/bash
/usr/bin/find /usr/lib/ecartis/lists/ -name users -print \
-exec grep --ignore-case "$1" {} \; | grep -B 1 "$1"
That little file works fine (the original has the second line all in
one but seemed best to break it for this post). The only thing is
that whether I put "--ignore-case" or "-i" it doesn't ignore case. I
have a "David.hardy" in one file. If I search for that it finds it
perfectly, but if I put "david.hardy", it doesn't. I've looked at
man and info and books and I give up and throw myself to the tender
mercies of the many gurus of this list! What am I doing wrong?!
Running Debian stable uname -r:
2.4.18-1-k6
uname -m
i586
bash:
2.05a.0(1)-release (i386-pc-linux-gnu)
TIA
Chris
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
802.11g
Back on Debian-user for a bit with some questions. Quick vote of thanks for Debian which fuels my server and firewall in a home office set up. Background: I want to use 802.11g networking at home, sadly it'll mainly be to connect in three Windoze machines, two XP, one W2k. I want to run as safe an access point as possible off one of my linux machines, probably off the firewall for now but perhaps by adding a machine behind that it in the DMZ. Three specific questions: a) are there any 802.11g PCI cards that anyone can recommend? Priority for me is the most idiot proof installation. I'm not a total idiot but these days I have so little time for system administration etc. that I am always looking for something as near to: shut down; install hardware; reboot; run dselect to load a package or do simple installation of new driver(s), preferably without having to compile myself, but if I must ..., preferably without having to recompile kernel, but if I absolutely must ...; init what I need to; tweak network settings to accommodate; sit back and enjoy. Don't suppose anyone can point to something as easy as possible and then reliable? I'd like to stay running stable with the 2.4.23 kernel if I can for now but ... b) Can anyone point me to any Debian compatible howtos for wireless that aren't too out of date, googling isn't turning up much for me at the moment? c) O'Reilly seem to have three books that might give me good basics (I do still find that reading books, even though they're always out of date by time you get them, is good for getting basics). These are: Linux Unwired 802.11 Wireless Networks: The Definitive Guide, and 802.11 Security I'll get all three if I really need them but would appreciate advice from some people who've already used Debian to set up a home access point, preferably at 802.11g level and who have given security some thought! TIA! Chris -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
rhinefet.o? (getting VT6105 LAN on motherboard working with Debian stable 3.0r2)
Hope that subject line is clear: I'm increasingly aware that the greatest poportion of good technical documentation on Debian is on list archives but that needs us all to be explicit... Has anyone got a VIA EPIA-CL mini-ITX motherboard working with its LAN on motherboard (LOM) VT6105 controller presenting one or both of the ethernet ports for use? I've tried and I'm failing and would hugely appreciate help. More technical detail below. TIA, Chris Motherboard is described at: http://www.viavpsd.com/product/epia_cl_spec.jsp?motherboardId=181 says: chipset is - VIA CLE266 North Bridge and - VIA VT8235 South Bridge and: - VIA VT6105 LOM - VT6103 10/100 Base -T 10/100 Fast Ethernet Controller. CPU is detected as "Centaur VIA Nehemiah stepping 03" Installing the supplied rhine driver module at installation fails with an error message that I've not written down but it's clear it's not a compatible driver for the hardware. I have installed a Sitecom rtl 8139too based PCI card (with some difficulty as the 2.4.* kernel install I'd selected didn't seem to offer this: a change from 2.2.*?) and that's working fine now so not just about me misunderstanding module installs. I have dragged down the LAN driver on the VIA site: http://www.viavpsd.com/product/2/2/Audio_Driver_rev3.40b.zip unzipped it, gone to LINUX directory, unzipped etc. the rhinefet module source there and tried to compile it but here I'm going beyond my competence: the Makefile clearly expects the kernel source to be laid our rather differently from the way it actually is and I'm not beyond my sphere of competence. Has someone succeeded in compiling a working module I could just use or can someone talk me through more of the problems? Or point me elsewhere? Or suggest a more appropriate list or board on which to ask? PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
via-rhine (or rhinefelt) and VT6105/VT6103 driver problems with Debian stable
I hope I can get some help on this list as I've dug myself in a hole I think. I run debian stable (3.0r2) for a small home set up on ADSL that handles Email (closed opt in!) for some charities. I've used old hardware for a firewall and a server but the firewall is dying and I replaced it with a lovely, small, near silent box with a VIA EPIA mini-ITX motherboard which has two LAN ports controlled by a VT6105 on board controller. If I stick a tried and tested realtek 8139 clone PCI card in I can have the three ports I want Having always used old hardware and never hit compatibility problems I didn't realise I was asking for trouble. The 2.4.18 kernel is the latest in the Debian stable distro and I want to stick with Debian 'cos I know and trust it, and stable 'cos of the security updates, particularly important as this is firewall. Trouble is that I think the driver I need is a via-rhine one but the one that comes with that Debian kernel won't install (the rtl one does fine!). I've tried pulling the driver (rhinefet) off the VIA motherboard site and the via-rhine off the scyld site but I'm hopelessly out of my depth now as there are clearly old and vexatious issues about the ways that different distros store the headers and source, e.g. both VIA and scyld's Makefiles and source want a modversions.h file that clearly doesn't exist in Debian .. I've tried to work round that but modprobe on the via-rhine.o I finally produced gives all sorts of unresolved symbol complaints and I know I'm out of my league here. Can anyone help? The only alternative I can see looming is to spend about a third as much as I paid for the entire machine on a totally unnecessarily fast quadport Intel card (I need three ports and only have one free PCI slot as the machine is so small). Sod, sod, sod: I'll take hardware compatibility more seriously in future won't I?! TIA, Chris P.S. Copying to debian-user for archive record if nothing else, though similar question has twice drawn blank there beforePSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: via-rhine (or rhinefelt) and VT6105/VT6103 driver problems with Debian stable
On 29 Feb 2004 at 13:28, Steven Leach wrote: > Which Via board are you running? I believe it is a CL1000 > I have two set up, a CL6000 Dual Lan for my server and an M1 as a > little desktop cube. Aha, you lucky man you! > Debian 3.0r2 had no problem with the M1 (single ethernet) using > the via-rhine driver. On the dual lan, however, only eth0 was > recognized. Yup, that's my experience now I've realised (mass of egg pulled off face and dumped in sink) that the damn LOM was switched off the BIOS on the machine - hadn't realised that this could be done in my innocence and baffled why the suppliers supplied it like that. > Upgraded to sid (possibly not necessary but I was planning on it > anyway) and compiled a 2.6.0-test11 kernel and all was good (oddly > enough what had been eth0 was now eth1 and the one that had been > previously unrecognized was now eth0). I'm very reluctant to go this way as the machine is my first line defence against the internet and so having the Debian security upgrades guaranteed adds to my capacity to sleep at night ... hence at moment I'm pursuing compiling the latest via-rhine driver module from the source code from the Scyld site with some support from Nick Jacobs (see separate posting). > Also, the current sarge/sid installers are unusable with the m1 > (never tried it with the cl6000 though) but it is no problem since you > can just dist-upgrade from Woody. The Woody installer works > flawlessly. Hm, I may end up going there I suppose as I'm reluctant to spend over 100 pounds on a quad port card when I've got the three ports I need already in principle! (Though thanks to others for excellent advice on those opitions). May come back to this yet though. Thanks Steven and everyone else, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: via-rhine (or rhinefelt) and VT6105/VT6103 driver problems with Debian stable
On 29 Feb 2004 at 6:10, Nick Jacobs wrote: > I also needed to use the via-rhine driver with > Woody. I used the one from the Scyld site. There > are some minor things to fix but basically the > Scyld driver will solve your problems. By the time I got Nick's very helpful post I had discovered that the damn LOM was switched off in the BIOS: switching it on gets me one of the two ports with the 2.4.18-bf2.4 kernel via-rhine module but not both and I do need both. So, I got the kernel-header package (so that's where modversions.h was hiding in I've probably looked through umpteen things telling me that ... but, to be fair to myself, I did search around and whatever explains this didn't leap up and hit me). I also downloaded and compiled via-rhine.c and pc-scan.c. For the former I had to hard code he location of modversions.h for the latter, the explicit -include parameter suggested on the Scyle site seemed to do the trick. I now have the two executables: via-rhine.o and pci-scan.o. I can see where I'd have to put the via-rhine one to replace the bf2.4 supplied one but the pci-scan.o file isn't there in the Debian distribution? Does that need to be modprobed in somewhere? Anyway, more serious problems: I moved supplied via-rhine.o and replaced it with new one but no joy: /lib/modules/2.4.18-bf2.4/kernel/drivers/net/via-rhine.o: kernel- module version mismatch /lib/modules/2.4.18-bf2.4/kernel/drivers/net/via-rhine.o was compiled for kernel version 2.4.18 while this kernel is version 2.4.18-bf2.4. Presumably there's something I should have done in the compilation to make sure it recorded the correct version ID? Can anyone tell me what? TIA, Chris P.S. continuing to cross-post to get this well archived, including my embarrassment about the BIOS, and thanks to everyone who's helped already. PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
how does make-dpkg (and linux/debian) map modules?
How does Debian (3.0r2 2.4.18 kernel and lilo) find its modules if you compile a tweaked kernel? I'm not getting it right and hope someone can help. TIA, Chris Long story: I've cracked via-rhine problem I had, now all I need is the get RAID- 1 mirroring of the two drives on this machine First thing you need is to have RAID1 support compiled into the kernel, not loading from modules. Seems reasonably simple, I'm using the 2.4.18-bf2.4 default kernel image at present so I've: got the kernel source: /usr/src/kernel-source-2.4.18 (bunzipped & tar -xvf etc) got the kernel headers which I'd got as kernel-headers-2.4.18-bf2.4 when I was working on the via-rhine driver issue cd /usr/src/kernel-source-2.4.18 make menuconfig (and put RAID and RAID1 into the kernel with "Y"s) make deps make-kpkg clean make-kpkg --revision=custom.1.0RAID kernel_image dpkp -i ../ ... .deb I move /lib/modules/2.4.18 to 2.4.18old as suggested during this process ... do the lilo bit and reboot ... and linux can't find modules it wants ... If I rename the old /libmodules back again: no improvement. I've looked through /usr/doc/kernel-package and the README seems to me to say that what I've done should have worked, and the README.modules talks about /usr/src/modules and doesn't seem to me to fit with the Debian directories and I'm baffled again. PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
modules after kernel make - can't get new kernel finding its modules
More explicit version of earlier request. I installed 2.4.18-bf2.4 kernel from CDROM and then completed installation onto machine from net. I want to compile the RAID code into the kernel so I can boot from a mirrored disc array. I download kernel-source2.4.18. I do: make menuconfig make dep make-kpkg clean make-kpkg --version=custom.1.0 I get deb /usr/src/kernel-image-2.4.18_custom.1.0_i386.deb dkpg -i kerne ... .deb it installs, I set up lilo and boot into it: see the RAID code operating, see the lilo label of the new image stanza, get error messages (not in dmesg so I'm hazy about the exact wording) saying modules aren't found, no network, ... log in from console, lsmod shows no modules, /lib/modules/2.4.18 seems to have much less in it than /lib/modules/2.4.18-bf2.4 What _am_ I doing wrong? I could go ahead and ignore presence of second hard disc and give up on RAID mirorring as it's belt and braces, but I can't believe that it's not pretty easy to reconfigure a new kernel and modules ... just dammed if I can see what I'm doing wrong and reading round very documents (many from the 2.0.x kernel days by look of things) and man pages is leaving me none the wiser. Sorry if this is really, really stupid but I'd love to crack it. Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: modules after kernel make - can't get new kernel finding its modules
On 1 Mar 2004 at 18:27, Martin Wood wrote: > I think this is exactly where i went wrong the other day. > > try adding : > > make modules > make modules_install > > and hopefully your modules will show up Thanks Martin. I should have said that I've tried this sequence with and without that, make modules and make modules_install both produce a lot of moving in and out of subdirectories: make -C arch/i386/lib modules_install make[1]: Entering directory `/usr/src/kernel-source- 2.4.18/arch/i386/lib' make[1]: Nothing to be done for `modules_install'. but that "Nothing to be done" message seems to be summarising the situation! I think they aren't doing more than the make dep make-kpkg clean make- kpkg --rev ... kernel_image sequence is doing. I think that all of them are simply assuming either I have the necessary modules already or that there are far fewer modules I want than I atually do want. Anyone any idea what's wrong and how I can perhaps restart the whole sequence and insist that all the modules get compiled and installed? TIA (and thanks again Martin: funny how down I get failing on these things, feeling stupid, _and_ getting no answers!) Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: how does make-dpkg (and linux/debian) map modules?
On 1 Mar 2004 at 12:25, CW Harris wrote: > What are the errors you are seeing? First one comes in the boot up after the line about setting the System Cllock and says: modprobe: modprobe: Can't locate module char-major-10-135 modprobe: modprobe: Can't locate module char-major-10-135 then (I've missed something here as I'm using ^s ^q to pause the boot messages as none of this seems to show in dmesg) I get others like: input modprobe: Can't locate module input usbkbd modprobe: Can't locate module usbkbd ... > IIRC all the module dependency should be handled automatically, that was my reading of things too... > but if something is broken maybe you need to manually do a "depmod -a"? doesnt' change things unfortunately > > If I rename the old /libmodules back again: no improvement. > > > This is all in changing from a working 2.4.18 kernel to the custom > 2.4.18 with RAID, correct? No, starting from the 2.4.18 source tree, the working install was 2.4.18-bf2.4 but I can't see a source tree for that and assume it's the same as the bf2.4 and the issue is in the modules loaded and marked loadable. OK, inspired by responses from debian-user I've tried explicitly adding another module: via-rhine as it happens: bingo, still complaints about all the other modules but that one is there now so the issue is clearly the basic configuration I started with. I had assumed that the initial make menuconfig from the source tree would start with the basic modules in. Is there a way to take the module list from the bf2.4 install kernel image and start from there? Sorry if I'm looking straight through it but I can't see it. > Did you miss any config differences in rebuilding (The easiest is to > start with the working system config and then add the changes you > want.) Indeed, I thought that starting with the 2.4.18 source would do that: clearly not. > You might also want to look into using kernel flavors (see the > "--append-to-version" discussion in kernel-package). I can see that would have been better than "--version" and I'll go over to that if I can get a basic config right now ... > This may help you while you are getting things working. Sure it will, wish I shared your confidence on "while" Thanks again, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: modules after kernel make - can't get new kernel finding its modules
On 1 Mar 2004 at 13:28, CW Harris wrote: > I thought you were using make-kpkg? It does all this for you when you > "build" the .deb package. So I thought: but it isn't! I think that's because it's picking up a .config that isn't marking the module packages for inclusion > What are the diff's between the working 2.4.18 config working 2.4.18-df2.4 > and the new one? That lots of modules aren't marked for inclusion as loadable modules or compiled in ... I assume ... but the bottom line is that I don't know, exactly what they are as I have the basic source tree of 2.4.18 from the distro and the working image from 2.4.18-bf2.4 but I don't know (do I?) what the .config is that made the 2.4.18-bf2.4 and if I could start from that I think I'd be home and dry and could just add RAID and take out quite a bit I don't need and probably add a bit of IP tracking ... trouble is, I can't see how I get that starting config for 2.4.18-bf2.4. Any idea how do I find out? Should it only be the RAID built-in? > Maybe start with the working config but I don't think the kernel-image package gives me that, or, to be more accurate, I'm sure it does but it's not in the /usr/src directory tree obviously and I'm looking for someone on the list who I'm sure does know, to tell me how I can get this ... > and do "make menuconfig" (or whatever method you like) to add the RAID > stuff, then try the make-kpkg sequence again. Yup > Note you should have a config in /boot corresponding to the > kernel-compile options (but there may be a config option to not use > it? I seem to recall there might be, but I have always had > /boot/config-2.4.xx) Don't understand this. Can you expand? > You can also read the kernel-package README.gz file if you haven't > already, to check you procedure using it, but your steps sound right > to me. I know I've looked through that several times and it's probably I've got to that point where I keep misreading the same bit ... > > TIA (and thanks again Martin: funny how down I get failing on these > > things, feeling stupid, _and_ getting no answers!) > > Don't despair. Hang in there. Thanks: appreciated! > > > > Chris > > PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling > > Take an anti-depressant PRN :> Nah, I'm a group therapist and family/systems therapist by main training so I guess I turn to the group/family PRN. Sorry if it's a pain for those who really know what they're doing: I'd offer you a free place in a group but I run them in a high secure hospital so you'd have to kill someone first to get in... Thanks again! C PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
What makes /dev/hdb1 say it's mounted/active when it isn't?
I hope this is the final stage in configuring this machine as a RAID1 mirrored, three ethernet port firewall ... but I'm not quite there yet. I've followed the guide at: http://www.cs.montana.edu/faq/faqw.admin.py?query=Convert+Root+System+ to+Software+Raid&querytype=simple&casefold=yes&req=search which had turned up on a debian list search to try to set up the RAID1 mirror of the boot/root drive. I installed to /dev/hdb1 (/dev/hda is the CDROM and perhaps I should have changed that first). Loaded 2.2.20, got 2.4.19 sources, compiled RAID1 support into the kernel (still can't get rid of one complaint about a missing character set module but don't think that's causing any real problems), made the identical /dev/hdc1 into a somewhat smaller linux autodetect RAID format partition, mounted it as 2nd drive in a RAID1 drive using: mdadm --create /dev/md0 --level=1 --raid-disks=2 missing /dev/hdc1 which worked fine, mkfs -t ext3 /dev/hdc1, mount it to /mnt1, cp -ax / /mnt, tweak /etc/fstab ... /dev/md0 mounts fine, tweak lilo conf to boot from /dev/md0, reboot -- fine, finally come to add /dev/hdb1 into the array after resetting the partition type to autodetect RAID ... .. no go, system complains that /dev/hdb1 is mounted or that an inode is active: md: can not impport hdb1, has active inodes! md: error, md_import_device() returned -16 I assume that's because the boot is still from /dev/hdb but if so, how come the howto says this should work. Seems that nothing I do can shift this and if I set the partition back to linux I find I can't mount the drive despite rebooting as I get: mount: /dev/hdb1 already mounted or /mnt1 busy /mnt1 isn't busy (I can create a completely new mount point: no difference) and mount shows that /dev/hdb1 isn't mounted. I've tried all sorts of tweaking with lilo.conf to remove any calls to /dev/hdb but either these don't change anything, or else lilo complains that it can't install to the target (e.g. /dev/md0). As usual, I've read through the docs and man pages and done some searching around but can't find any explanations. Help! Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: md: can not impport hdb1, has active inodes!
On 3 Mar 2004 at 10:40, Neil Brown wrote: > Wrong. > mkfs -t ext3 /dev/md0 > then mount /dev/md0. > Once you have included /dev/hdc1 in an array, don't touch it again - > just access the array (/dev/md0). Sorry, I was being hasty in writing the Email, that's what I did, i.e. mkfs the /dev/md0 drive. That's not the problem. > You missed a step (step 9). You have to reboot so that /dev/md0 is > your root device. Once you have done that and are happy with it, you > add in /dev/hdb1 and let it resync. Ditto: did that, no go. Thanks, C PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: md: can not impport hdb1, has active inodes!
On 2 Mar 2004 at 17:24, Cameron Moore wrote: > I've been battling the same problem using Debian testing/sarge with > SCSI devices. I followed (mostly) the same howto and have > subsequently tried many other things with no success. I'm willing to > help debug this as well if anyone has any advice. Thanks Aha, that's interesting, so it's true for Sarge too. Thanks Cameron. I do think there's a real problem here and that it needs fixing and documenting ... and I'm sure someone out there has worked out the fix... _please_! C PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: What makes /dev/hdb1 say it's mounted/active when it isn't?
On 2 Mar 2004 at 17:47, CW Harris wrote: > Shouldn't matter, as long as your BIOS can boot it (which it obviously > can). It can, but is there any possibility that's it's requiring the controller or HD to be "active" as far as the kernel is concerned? I can't see how that's the case but my grasp of the mbr and partitions has always been shakey. > > mdadm --create /dev/md0 --level=1 --raid-disks=2 missing /dev/hdc1 >^ ^ ^ ^ ^ ^ ^ > Okay, I haven't used the mdadm (I used raidtools2), but shouldn't this > be hdb1 missing? I don't think so, it's straight out of that howto (I pretty sure). I think it is reserving a first disc, unspecified, as failed, in a two disc array in which the second disc is active and is /dev/hdc1 I've tried using /etc/raidtab setting up essentially the raid1 config that's supplied but tweaking to /dev/hdb1 and /dev/hdc1 and ending with a failed-disk line: # Sample raid-1 configuration raiddev /dev/md0 raid-level 1 nr-raid-disks 2 nr-spare-disks 0 chunk-size 4 device /dev/hdc1 raid-disk 0 device /dev/hdb1 raid-disk 1 failed-disk 1 and that has the same result (I think the /etc/raidtab is spurious since, as I understand it, this is actually stored in the persistent superblock??) > > which worked fine, mkfs -t ext3 /dev/hdc1, mount it to /mnt1, > > and then shouldn't you have a working /dev/md0 to mkfs -t ext3 > /dev/md0? Sorry, me being stupid in what I wrote, indeed so. I was getting a working degraded array with one working drive and it was that I formatted. Sorry. > If above was incorrect, then hdb1 would be part of the (active) RAID? > so you can't import it again. cat /proc/mdstat doesn't show it as active: cat /proc/mdstat Personalities : [raid1] read_ahead 1024 sectors md0 : active raid1 hdc1[1] 78124928 blocks [2/1] [_U] unused devices: I read that as sayng that it's a degraded array currently with just the one drive in it, /dev/hdc1, and with space for a second. > I haven't done that much RAID, and not with mdadm. But if my comments > above are correct, maybe this is your problem? Much thanks, and I'm happy to be corrected, but I think they're not the problem though one of them was a typo of mine in the Email, fdsk'ing the raw drive not the array, that several people have noted. _ANY_ suggestions welcome: it feels so lame to just use that second drive to mirror the first with a regular cp -aux / /mnt2 or something like that, though I'm starting to think that's the time efficient option given how much time setting up this server has cost me! Cheers all, C PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: md: can not impport hdb1, has active inodes!
On 3 Mar 2004 at 12:04, Neil Brown wrote: > > > You missed a step (step 9). You have to reboot so that /dev/md0 > > > is your root device. Once you have done that and are happy with > > > it, you add in /dev/hdb1 and let it resync. > > Ditto: did that, no go. > > Sorry, I missed where you said that you rebooted. you are correct: I didn't say that, but I have done! > It sounds very odd. Well, I thought so too, but I see I'm not alone in experiencing this. > What does "cat /proc/mounts" say? Aha, didn't know that wrinkle: lovely. Mount says: /dev/md0 on / type ext3 (rw,errors=remount-ro) proc on /proc type proc (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) and cat /proc/mounts says: rootfs / rootfs rw 0 0 /dev/root / ext2 rw 0 0 proc /proc proc rw 0 0 devpts /dev/pts devpts rw 0 0 Does that "/dev/root" bit indicate anything useful? > Does your kernel use an initrd? No, at least, I haven't asked it to! > Exactly how did you tell lilo to use /dev/md0? > With >root=/dev/md0 > as an option in lilo.conf, or with >append= "root=/dev/md0" I think I've only tried the former (with and without an earlier line, before the image stanzas, saying root=/dev/hdb1) I haven't used an "append" clause anywhere. One problem is keeping in mind which of the lilo.conf tweaks installed with lilo but didn't solve the problem, and which were the ones that lilo refused to install. I'm happy to try alternatives and report effects, on or off list, of each. Many thanks, Chris > > or both or something else? > > NeilBrown > - > To unsubscribe from this list: send the line "unsubscribe linux-raid" > in the body of a message to [EMAIL PROTECTED] More majordomo > info at http://vger.kernel.org/majordomo-info.html PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: md: can not impport hdb1, has active inodes!
On 3 Mar 2004 at 2:11, Maarten J H van den Berg wrote: > Hope it's not too obvious, but... > Did you also actually _run_ lilo ? > Is fstab on /dev/md0 edited to reflect the new mountpoints ? No it's not too obvious and maybe I need to work through all the options again and document what went wrong each time but I did try to run lilo on each: some ran without complaint but didn't solve the problem, and some resulted in lilo complaining something along the lines that it was using the current boot device and that device x (a numeric representatiion, sorry, didn't note it) wasn't a device in which it could write its stuff. > Not that it helps you here, but I followed the procedure -albeit not > from the same howto[1]- multiple times with many machines. It _should_ > work... Well, it encourages me! > [1] I used a howto by the name of Boot+root+raid+llilo. Maybe see if > there are any obvious differences between the two procedures / > howtos...? Yes, found that. Mostly the differences are that the one I worked from uses mdadm and that one uses raidtools2 but I thought they said the same things really and I couldn't get either approach: mdadm or raidtools/raidtab, to work for me. One thing: I asssume that mdrecoveryd isn't holding an inode active? I _think_ I've failed just as totally after killing mdrecoveryd but can't vouch for having done that every time. Thanks Maarten, C PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
module via-rhine for woody (3.0) using both onboard LANs on a VIA-EPIA mini-ITX CL1000 motherboard
This is just a report for the archives, skip unless you've been watching this saga. As members of netdrivers, debian-users and debian-isp know, I was failing to get the three ethernet ports I need to use a VIA EPIA CL1000 working as a replacement home firewall. Since it is an internet-facing firewall, I wanted to stay with Debian stable, preferably not even going for a backports.org kernel upgrade so as to be sure that debian security upgrades would keep working for me. Thanks to a lot of people, ultimately Nick Jacobs, I have this working I'm documenting this for all three list archives as I suspect I won't be the last to have difficulties here and as the solution is fairly easy in the end, but hell to find if you can't see what's wrong, and the final product is nice to have. First thing: you must have the LANs switched on in the BIOS (not the LAN ROM: that attempts DHCP from the BIOS). Next: the driver for the dual port VT6103/6105 ethernet controller that is on this motherboard needs the via-rhine driver available from Scyld at http://www.scyld.com/network/updates.html#pci-scan thanks to Donald Becker. The via-rhine driver is in all the kernel images for woody. I started with the bf24 install, i.e. kernel 2.4.18-bf2.4. However, none of the woody kernels (except possibly the 2.4.19 which is only in the distro as source as far as I can see) are sufficiently recent to detect both LAN ports. So you have to compile your own new driver. To do this you download from scyld: via-rhine.c pci-scan.c pci-scan.h kern-compat.h or contact me and I'll send you slightly hacked ones (see below). Now (thanks Nick) you copy your kernel header module.h and version.h to wherever you're compiling your new driver and you edit them: Change the 1st line of version.h in your local copy to #define UTS_RELEASE "2.4.18-bf2.4" (replacing "2.4.18") n module.h, replace the line #include with #include "version.h" (So that it will use the local copy: for those who've never touched C hashed lines aren't comments, they're handled precompilation, references in angle brackets are sought relative to the include location the compiler is using and those just in quotes are absolute.) In via-rhine.c and pci-scan.c replace: #include wiith #include "version.h" and #include with #include "module.h" (again so that it will use the local copies). In addition, I found that I now needed to hard code the location of modversions.h so lines that had called that now refer to: "/usr/src/kernel-headers-2.4.18-bf2.4/include/linux/modversions.h" not to you compile with gcc -DMODULE -D__KERNEL__ -DEXPORT_SYMTAB -Wall \ -Wstrict-prototypes -O6 -c pci-scan.c \ -I /usr/src/kernel-headers-2.4.18-1/include gcc -DMODULE -Wall -Wstrict-prototypes -O6 -c via-rhine.c \ -I /usr/src/kernel-headers-2.4.18-1/include/ (I've used the backslashes to indicate line continuation) You get a warning both times: /kernel-headers-2.4.18-1/include In file included from module.h:297, from pci-scan.c:56: /usr/include/linux/version.h:1: warning: `UTS_RELEASE' redefined version.h:1: warning: this is the location of the previous definition but the via-rhine.o and pci-scan.o that you get are good and can be copied to where they need to be: cp *.o /lib/modules/2.4.18-bf2.4/kernel/drivers/net/ and then depmod and modprobe via-rhine should show things working fine and you can put via-rhine in /etc/modules to get it loaded at boot Clearly if you're using a different kernel, you'll have to modify some of the header locations above but this should work. Now to sort out booting from a software RAID-1 array of two drives and install shorewall and a few other things from the old machine and I'll have the robust, near silent, firewall I want! Thanks again to everyone who helped and to everyone who offered advice on multiport LAN cards: for now I think I can avoid that extra expense. Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: md: can not impport hdb1, has active inodes!
I'm splitting my response to this post into two. I'm sure that someone out there who knows about mount and /proc/mounts can clarify this bit: On 3 Mar 2004 at 12:24, Neil Brown wrote: > On Wednesday March 3, [EMAIL PROTECTED] wrote: > > Aha, didn't know that wrinkle: lovely. Mount says: > > /dev/md0 on / type ext3 (rw,errors=remount-ro) > > proc on /proc type proc (rw) > > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > > > > and cat /proc/mounts says: > > rootfs / rootfs rw 0 0 > > /dev/root / ext2 rw 0 0 > > proc /proc proc rw 0 0 > > devpts /dev/pts devpts rw 0 0 > > > > Does that "/dev/root" bit indicate anything useful? > > No, but the fact that root is actually 'ext2' even though mount (and > presumably fstab) thinks it is ext3 is a bit suspicious. I suppose that might be because the difference between ext2 and ext3, as I understand it, is just a journalling block reserved at the end of the normal ext2 space so perhaps /proc/mounts indicates all ext3 as ext2? >From a quick bit of googling, I understand that /dev/root is a label for the root mount point that's passed to the kernel as it loads, in my case, I assume that's passed to the kernel from whatever lilo has done to the mbr and that this ensures that the kernel then holds that mount open (presumably in case it needs to write something back there when it quits ... or perhaps it always writes something back there in a clean dismount ... I don't know). Can someone: a) confirm or deny my hunch that the ext2/ext3 issue is normal? b) clarify the way that lilo and the kernel interact? I wonder if it's pertinent that /proc/partitions shows this: cat /proc/partitions major minor #blocks name 9 0 78124928 md0 22 0 80043264 hdc 22 1 78125008 hdc1 364 80043264 hdb 365 80035798 hdb1 cfdisk /dev/hdb shows a single primary bootable partition occupying the entire drive of Linux raid autodetect type. For /dev/hdc I have a single primary bootable partition of the same type and some free space (to ensure that there'd be enough room on /dev/hdb1 to add it to the array). Thanks, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: md: can not impport hdb1, has active inodes!
I thought I'd got this all cracked in the early hours of this morning. I _think_ I'd been putting boot=/dev/hda1 when I tried to write the revised lilo config to the MBR and perhaps that messed up hdb. I don't know, anyway, I started again, did everything in that howto pretty much to the letter and this time, after shifting boot to /dev/hdc and rebooting, I could add /dev/hdb1. However, lilo would not let me use a raid-extra-boot line and when I rebooted, the system hung right at the start. I moved hdb1 to hda1 and started again, this time it's all worked except for boot=/dev/md0 and the raid-extra-boot. Now lilo allows these and says it's written to both MBRs, but when I reboot lilo gets to the first twenty or so of the dots after "Loading Linux" and hangs there ... resolutely. A lot of pratting around with rescuing from the installation CD (must work out how to burn a rescue boot CDROM) and I am back to being able to get everything find if I boot from boot=/dev/hdc with root=/dev/md0 ... and I think I'll give up here as I must go back to doing my real job and having a life. If anyone can tell me what might be neeeded (I haven't tried things like bios=0x80 lines) I may find the energy to try them but not if this machine has become my working firewall! So I'm left thinking there's something, perhaps idiosyncratic to some BIOS or HDs or whatever, that means some of us have real problems writing LILO boot instructions to the two drives in a RAID1 boot array. I've leflt Maarten's listing of a SuSE lilo.conf to see if anyone has ideas. Thank everyone, Chris > Neil had some interesting points, but in the meantime here's my > working lilo.conf (which was written by the SuSE installer) in case it > helps you: > > boot = /dev/hda > change-rules > reset > default = linux > disk=/dev/hda > bios=0x80 > disk=/dev/hdc > bios=0x81 > lba32 > prompt > read-only > timeout = 80 > > image = /boot/vmlinuz > label = linux > initrd = /boot/initrd > root = /dev/md0 > > > Greetings, > Maarten > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: md: can not impport hdb1, has active inodes!
On 3 Mar 2004 at 11:09, Justin Guerin wrote: > > So I'm left thinking there's something, perhaps idiosyncratic to > > some BIOS or HDs or whatever, that means some of us have real > > problems writing LILO boot instructions to the two drives in a RAID1 > > boot array. > > > One question on your kernel hang: are you loading the same kernel > successfully when you boot directly off /dev/hdc? If not, do you know > your kernel is good? Good questions Justin and I'm increasingly realising that I needed an almost forensic attitude to this and to take it much more slowly and tap into much more information that was there on the machine. However, I have no reason to believe that the kernel wasn't the right one but next time I will make sure I check carefully. > Since one of your disks is larger than the other, you might consider > using a 20 MB portion of the larger disk as a /boot partition, and > keeping it out of the raid. Booting will be very easy in that > scenario, and you can use the rest of the disk for the raid, and put > everything else on it. I am increasingly tempted to do this and there is room there (there's 936Mb as it happens: I think the first hard disc I looked after for anyone was 10Mb and it was the sole hard drive in that XT box!) My sense is that this would be simpler and I'd feel less scared of it but I'd be slightly less robust as there'd be no reserve boot point if that failed (though if it did I should be able to rescue from a boot floppy or CD I guess). I think that's not that different from continuing to have "boot=/dev/hda" (or "boot=/dev/hdc") in lilo.conf, as you note you have, I think that too is givign you a single MBR boot record. I am still being slow about this though. One thing that's very clear now is that if I let lilo (22.2) write its boot to the two drive's mbrs with the raid-extra-boot, something goes badly wrong. As I really need to finish this saga, even if I still don't really understand what was wrong, I am going to stick with my current lilo setting which seems to work which says: boot=/dev/hda However, if I do want to use that bit of spare drive to give myself the reassuring feeling that the lilo/mbr issues are being kept away from the /dev/md0 areas, then is this the right sequence: a) cfdisk to create bootable, linux type, partition /dev/hdc2 b) reboot c) mkfs -t ext3 /dev/hdc2 d) rewrite lilo.conf to instruct it to boot from /dev/hdc2, if so, does that mean simply writing "boot=/dev/hdc2"? Surely not as I think that means I need some primary boot loader to come out of one of the drive mbrs that will then point to the lilo secondary load from /dev/hdc2 (sorry, I'm sure this is dumb of me but someone take pity here please!) e) assuming that works and reboots OK f) init 1 g) stop /dev/md0 (after umount of / ?) can this be done h) cfdisk /dev/hda and take bootable off, ditto /dev/hdc i) reboot and pray j) ... ugh, no this all sounds wrong I am continuing to ask (and thanks again to Justin, Chris, Neil and Maarten for their inputs) as I do want to feel I understand this and get as safe a set up as I can for this machine, but also because I will have to return to the issues in the next month or two, hopefully while it's still fresh in my mind, to put in a replacement server behind this firewall. Hence one more question: I had been planning to put at least three drives in that in a RAID5 array and boot/root from that, now I'm rattled but would still like that redundancy. How difficult is RAID5 boot/root cf RAID1? TIA, Chris P.S. I promise to document all of this as some sort of mini-HOWTO or whatever to complement the existing ones, and to notify the authors of those where I think they might usefully be improved: clearly I owe the open source movement at least that much. PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: VT6105 LAN on motherboard working with Debian stable 3.0r2
On 7 Mar 2004 at 11:15, Stefan Bellon wrote: > I have that mainboard (but the 600 MHz Samuel 2 version) and happily > run Debian GNU/Linux on it. ...snip > So, perhaps the kernel you (the original poster) are using is too old? Turns out to be the case indeed and it's a bit of a Debian specific pain though not that difficult to solve in the end: you need at least a 2.4.19 kernel or else you have to compile the driver separately from source (which I managed once but then opted to compile the 2.4.19 kernel source which is supplied in Debian stable (=3.0r2 = Woody) though that's only there for the MIPS installations in principle. Another way would be to go for a backport from http://www.backports.org/debian/dists/woody/ Cheers, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
mail not sending message
I am having trouble getting mail to send the message I attach the script below #!/bin/bash wget http://digitalatoll.com/ rc=$? if [[ $rc != 0 ]] ; then # num...@txt.att.net SUBJECT="digitalatoll server down" # Email To ? EMAIL="9166126...@txt.att.net" # Email text/message EMAILMESSAGE="msg.txt" echo error on server! > msg.txt mail -s "$SUBJECT" -t "$EMAIL" < $EMAILMESSAGE rm msg.txt fi rm index.html
wifi cards
i building a linux server i intend on using debian 6.0.5 as the OS and i want to know what wireless pci adapters work with debian ?
