From jammer at weak.org Mon Feb 3 13:51:03 2003 From: jammer at weak.org (Jon McClintock) Date: Mon, 3 Feb 2003 13:51:03 -0800 Subject: [buug] The BUUG mailing list is back online! Message-ID: <20030203215103.GC13570@weak.org> Hey folks, If you hadn't noticed, the BUUG mailing list has been out of commission for the past couple of weeks. The hard drive that contained /var and /home on weak.org died mid-January, a week after the tape drive the backups were stored on died. Anyways, it's taken me this long to get a new server setup, and acquire a replacement tape drive with which I could pull data off the tapes. The most recent working backups were from mid-December, so things may be a little off, but in general should be ok. The new weak.org should be much more reliable; it's setup with RAID-1 mirroring, and uses a much more common tape backup system... -Jon From wfhoney at pacbell.net Mon Feb 3 15:03:00 2003 From: wfhoney at pacbell.net (Bill Honeycutt) Date: Mon, 03 Feb 2003 15:03:00 -0800 Subject: [buug] The BUUG mailing list is back online! In-Reply-To: <20030203215103.GC13570@weak.org> References: <20030203215103.GC13570@weak.org> Message-ID: <3E3EF524.1060907@pacbell.net> Yes, I feel more connected now!!! Thanks for getting us back up, Jon. Jon McClintock wrote: > Hey folks, > > If you hadn't noticed, the BUUG mailing list has been out of commission > for the past couple of weeks. The hard drive that contained /var and > /home on weak.org died mid-January, a week after the tape drive the > backups were stored on died. > > Anyways, it's taken me this long to get a new server setup, and acquire > a replacement tape drive with which I could pull data off the tapes. The > most recent working backups were from mid-December, so things may be a > little off, but in general should be ok. > > The new weak.org should be much more reliable; it's setup with RAID-1 > mirroring, and uses a much more common tape backup system... > > -Jon > _______________________________________________ > Buug mailing list > Buug at weak.org > http://www.weak.org/mailman/listinfo/buug > From bferrell at baywinds.org Tue Feb 4 23:11:52 2003 From: bferrell at baywinds.org (Bruce Ferrell) Date: Tue, 04 Feb 2003 23:11:52 -0800 Subject: [buug] The BUUG mailing list is back online! References: <20030203215103.GC13570@weak.org> <3E3EF524.1060907@pacbell.net> Message-ID: <3E40B938.3040508@baywinds.org> Huzzah! Bill Honeycutt wrote: > Yes, I feel more connected now!!! > > Thanks for getting us back up, Jon. > > > Jon McClintock wrote: > >> Hey folks, >> >> If you hadn't noticed, the BUUG mailing list has been out of commission >> for the past couple of weeks. The hard drive that contained /var and >> /home on weak.org died mid-January, a week after the tape drive the >> backups were stored on died. >> >> Anyways, it's taken me this long to get a new server setup, and acquire >> a replacement tape drive with which I could pull data off the tapes. >> The most recent working backups were from mid-December, so things may >> be a >> little off, but in general should be ok. >> >> The new weak.org should be much more reliable; it's setup with RAID-1 >> mirroring, and uses a much more common tape backup system... >> >> -Jon >> _______________________________________________ >> Buug mailing list >> Buug at weak.org >> http://www.weak.org/mailman/listinfo/buug >> > > > _______________________________________________ > Buug mailing list > Buug at weak.org > http://www.weak.org/mailman/listinfo/buug > From jerry-sourceforge at theashergroup.com Fri Feb 7 18:07:33 2003 From: jerry-sourceforge at theashergroup.com (Jerry Asher) Date: Fri, 7 Feb 2003 18:07:33 -0800 (PST) Subject: [buug] Eugene Scott makes the Chronicle! Message-ID: <2517.192.168.0.64.1044670053.squirrel@theashergroup.com> http://sfgate.com/cgi-bin/article.cgi?f=/chronicle/a/2003/02/07/EB75914.DTL Congrats Eugenie on the article mentioning your fine work, but why no mention of buug? Jerry From cmsclaud at arches.uga.edu Fri Feb 7 19:17:25 2003 From: cmsclaud at arches.uga.edu (Claude Rubinson) Date: Fri, 7 Feb 2003 19:17:25 -0800 Subject: [buug] Contract work Message-ID: <20030208031725.GA13958@wagner> Following up on last night's discussion, I've decided to take the new job. But, I'm in discussions with my current company to finish up my database design work on a contract basis. They want me to come up with a schedule of how long it take to complete the project (I'd be working from home during the evenings) and propose a fee. Working full time, I believe that it would take about 3 weeks to finish up the design stage. But I'm trying to figure out how to translate that into "working from home during the evening" time. And I'm also wondering about how much to ask for. I have no idea what the market rate is for database design. Or should it be based off of what I was making while working there? Finally, does anyone have any tips or suggestions of things that should be included in the contract? Terms of delivery of payment? (We're talking about a flat fee for the whole thing.) Anything else that I'm not thinking about? Thanks, Claude From wfhoney at pacbell.net Sat Feb 8 02:15:00 2003 From: wfhoney at pacbell.net (Bill Honeycutt) Date: Sat, 08 Feb 2003 02:15:00 -0800 Subject: [buug] Contract work References: <20030208031725.GA13958@wagner> Message-ID: <3E44D8A4.5030504@pacbell.net> Claude Rubinson wrote: > > And I'm also wondering about how much to ask for. I have no idea what > the market rate is for database design. Or should it be based off of > what I was making while working there? If that's your basis, then multiply times 1.4 to 1.6 just to take care of your extra taxes and loss of benifits (self employemnt taxes are a tremendous hassle). > Terms of delivery of payment? If you can swing it, get an agreement to be paid based on milestones. If it's really a three week job, maybe that means 2 payments based on deliverables that you turn over to them. But really, Claude, payment-in-kind might make for a much more interesting story at the next BUUG meeting :-) From abhay_srivastava at infosys.com Sat Feb 8 03:14:42 2003 From: abhay_srivastava at infosys.com (Abhay Kumar Srivastava) Date: Sat, 8 Feb 2003 16:44:42 +0530 Subject: [buug] How to get the CPU frequency Message-ID: <882B7E812BE14E4BA7E86387242C8DB90259050A@kecmsg11.ad.infosys.com> Hi, I need to get the CPU frequency programmatically, how do I do that? printf("%d\n",sysconf(_SC_CLK_TCK)); printf("%d\n", CLOCKS_PER_SEC); does not help, they show the same value (128) on different machines with different CPU speed. Regards, Abhay From nickmdf at tsoft.com Sat Feb 8 08:54:51 2003 From: nickmdf at tsoft.com (Nick Sophinos) Date: Sat, 8 Feb 2003 08:54:51 -0800 Subject: [buug] How to get the CPU frequency In-Reply-To: <882B7E812BE14E4BA7E86387242C8DB90259050A@kecmsg11.ad.infosys.com> Message-ID: One way is to `cat /proc/cpuinfo` and then parse the value out of that. I suspect there is a better way, though. - nick -----Original Message----- From: buug-admin at weak.org [mailto:buug-admin at weak.org]On Behalf Of Abhay Kumar Srivastava Sent: Saturday, February 08, 2003 3:15 AM To: buug at weak.org Subject: [buug] How to get the CPU frequency Hi, I need to get the CPU frequency programmatically, how do I do that? printf("%d\n",sysconf(_SC_CLK_TCK)); printf("%d\n", CLOCKS_PER_SEC); does not help, they show the same value (128) on different machines with different CPU speed. Regards, Abhay _______________________________________________ Buug mailing list Buug at weak.org http://www.weak.org/mailman/listinfo/buug From jammer at weak.org Sat Feb 8 08:55:06 2003 From: jammer at weak.org (Jon McClintock) Date: Sat, 8 Feb 2003 08:55:06 -0800 Subject: [buug] How to get the CPU frequency In-Reply-To: <882B7E812BE14E4BA7E86387242C8DB90259050A@kecmsg11.ad.infosys.com> References: <882B7E812BE14E4BA7E86387242C8DB90259050A@kecmsg11.ad.infosys.com> Message-ID: <20030208165506.GB3884@weak.org> On Sat, Feb 08, 2003 at 04:44:42PM +0530, Abhay Kumar Srivastava wrote: > I need to get the CPU frequency programmatically, how do I do that? > printf("%d\n",sysconf(_SC_CLK_TCK)); > printf("%d\n", CLOCKS_PER_SEC); > does not help, they show the same value (128) on different machines > with different CPU speed. What OS are you running on? From the looks of it, not Linux (since Linux uses an HZ value of 100 most often). One of the BSDs? -Jon From abhay_srivastava at infosys.com Mon Feb 10 00:27:22 2003 From: abhay_srivastava at infosys.com (Abhay Kumar Srivastava) Date: Mon, 10 Feb 2003 13:57:22 +0530 Subject: [buug] How to get the CPU frequency Message-ID: <882B7E812BE14E4BA7E86387242C8DB90259051A@kecmsg11.ad.infosys.com> I am using FreeBSD. I cannot find /proc/cpuinfo (it sure is present in LINUX). Moreover, I want to do it programmatically. Regards, Abhay -----Original Message----- From: Nick Sophinos [mailto:nickmdf at tsoft.com] Sent: Saturday, February 08, 2003 10:25 PM To: buug at weak.org Subject: RE: [buug] How to get the CPU frequency One way is to `cat /proc/cpuinfo` and then parse the value out of that. I suspect there is a better way, though. - nick -----Original Message----- From: buug-admin at weak.org [mailto:buug-admin at weak.org]On Behalf Of Abhay Kumar Srivastava Sent: Saturday, February 08, 2003 3:15 AM To: buug at weak.org Subject: [buug] How to get the CPU frequency Hi, I need to get the CPU frequency programmatically, how do I do that? printf("%d\n",sysconf(_SC_CLK_TCK)); printf("%d\n", CLOCKS_PER_SEC); does not help, they show the same value (128) on different machines with different CPU speed. Regards, Abhay _______________________________________________ Buug mailing list Buug at weak.org http://www.weak.org/mailman/listinfo/buug _______________________________________________ Buug mailing list Buug at weak.org http://www.weak.org/mailman/listinfo/buug From brian at planetshwoop.com Mon Feb 10 09:51:44 2003 From: brian at planetshwoop.com (Brian Sobolak) Date: Mon, 10 Feb 2003 11:51:44 -0600 (CST) Subject: [buug] How to get the CPU frequency In-Reply-To: <882B7E812BE14E4BA7E86387242C8DB90259051A@kecmsg11.ad.infosys.com> References: <882B7E812BE14E4BA7E86387242C8DB90259051A@kecmsg11.ad.infosys.com> Message-ID: <56858.4.17.250.5.1044899504.squirrel@www.planetshwoop.com> Abhay Kumar Srivastava said: > > I am using FreeBSD. I cannot find /proc/cpuinfo (it sure is present in > LINUX). > Moreover, I want to do it programmatically. > Start at questions at freebsd.org. They'll be much better able to help you than we are. brian From itz at speakeasy.org Tue Feb 11 14:09:53 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 11 Feb 2003 14:09:53 -0800 Subject: [buug] chmod g-s rxvt Message-ID: <86u1faa2q6.fsf@kronstadt.homeunix.net> Today a daily cron job told me that the sgid flag on the rxvt binary has been turned off. rxvt is normally sgid to "utmp" on Debian systems, because it logs arrivals and departures in /var/run/utmp and /var/log/wtmp which are owned by that group. And sure enough, my rxvt session of last night was not logged (although my xdm login was). I suspect foul play, but there was also a DSL outage last night which made me bring down the network interface and then back up, and reboot (among other things); and the inode change occurred around that time. So I'm wondering if it's just a bug in the system somewhere. Anyone else have this happen to them? I have checked the binary (all binaries, in fact) and its data hasn't been changed. Also, there's no "statoverride" that could have caused this. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From cmsclaud at arches.uga.edu Tue Feb 11 19:37:34 2003 From: cmsclaud at arches.uga.edu (Claude Rubinson) Date: Tue, 11 Feb 2003 19:37:34 -0800 Subject: [buug] Job Opening in Oakland Message-ID: <20030212033734.GA21820@wagner> I'm passing along a notice for a job opening for a "Microcomputer Systems Specialist I" in Oakland that I received in the mail today. It appears to be an entry level tech support/sysadmin position. Posting is available at http://www.oaklandnet.com/government/jobs/mss.html. Claude From itz at speakeasy.org Tue Feb 11 22:21:21 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 11 Feb 2003 22:21:21 -0800 Subject: [buug] test, please ignore Message-ID: <86hebarpcu.fsf@kronstadt.homeunix.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Little Mary Bell had a fairy in a nut, Long Jonh Brown had the Devil in his gut; Long John Brown loved little Mary Bell And the fairy drew the Devil into the nutshell. - -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.8 iD8DBQE+SefOjKMn20M7oIcRAtkTAKCF4OSd+YfhxmAPTdPDwBFi5vqDKQCgkGNI zkyC4gHz1lkaN4UXa/fIBvw= =SYxV -----END PGP SIGNATURE----- From jerry-sourceforge at theashergroup.com Wed Feb 12 17:43:24 2003 From: jerry-sourceforge at theashergroup.com (Jerry Asher) Date: Wed, 12 Feb 2003 17:43:24 -0800 (PST) Subject: [buug] searching man pages w/i emacs (gnu/emacs os, redhat platform) Message-ID: <2412.192.168.0.64.1045100604.squirrel@theashergroup.com> I use the gnu/emacs operating system, if you know what I mean. At some point in the past few years, the implementation of this OS on the Red Hat or Linux platform changed. I think. Man pages displayed in an emacs window (m-x man rm) became displayed with bizarro characters. Characters that are *bold*. Characters that I can't search for. This bugs the hell out of me. I want to search for a switch option, but I can't because the damned hyphen is bolded. How can I search my man pages in emacs? Thanks, Jerry From itz at speakeasy.org Wed Feb 12 17:45:45 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 12 Feb 2003 17:45:45 -0800 Subject: [buug] searching man pages w/i emacs (gnu/emacs os, redhat platform) In-Reply-To: <2412.192.168.0.64.1045100604.squirrel@theashergroup.com> References: <2412.192.168.0.64.1045100604.squirrel@theashergroup.com> Message-ID: <86wuk5uf5i.fsf@kronstadt.homeunix.net> Jerry> I use the gnu/emacs operating system, if you know what I mean. Jerry> At some point in the past few years, the implementation of this Jerry> OS on the Red Hat or Linux platform changed. I think. Jerry> Man pages displayed in an emacs window (m-x man rm) became Jerry> displayed with bizarro characters. Characters that are *bold*. Jerry> Characters that I can't search for. Jerry> I want to search for a switch option, but I can't because the Jerry> damned hyphen is bolded. That sounds really strange. The face of the character should be totally irrelevant for the purpose of searching, and it is for me (Debian woody, GNU Emacs 21.3). Looks like another Red Hat botch. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From jerry-sourceforge at theashergroup.com Wed Feb 12 18:11:23 2003 From: jerry-sourceforge at theashergroup.com (Jerry Asher) Date: Wed, 12 Feb 2003 18:11:23 -0800 (PST) Subject: [buug] searching man pages w/i emacs (Oops, clarification) In-Reply-To: <86wuk5uf5i.fsf@kronstadt.homeunix.net> References: <2412.192.168.0.64.1045100604.squirrel@theashergroup.com> <86wuk5uf5i.fsf@kronstadt.homeunix.net> Message-ID: <2320.192.168.0.64.1045102283.squirrel@theashergroup.com> > Jerry> I want to search for a switch option, but I can't because the > Jerry> damned hyphen is bolded. > > That sounds really strange. The face of the character should be > totally irrelevant for the purpose of searching, and it is for me > (Debian woody, GNU Emacs 21.3). > > Looks like another Red Hat botch. I just mv'd my .emacs to foo and tried the following: m-x man bash visited the man page for bash and typed: C-s -c That search fails, even though the -c option to bash is one of the first options I see displayed. Displayed in bold. But it is not the bolding that is causing the problem. I can search for the "c". But I can't search for the hyphen. What the hell character are they displaying and why?!?! Thanks, Jerry From jerry-sourceforge at theashergroup.com Wed Feb 12 18:17:41 2003 From: jerry-sourceforge at theashergroup.com (Jerry Asher) Date: Wed, 12 Feb 2003 18:17:41 -0800 (PST) Subject: [buug] searching man pages w/i emacs (gnu/emacs os, redhat platform) In-Reply-To: <86wuk5uf5i.fsf@kronstadt.homeunix.net> References: <2412.192.168.0.64.1045100604.squirrel@theashergroup.com> <86wuk5uf5i.fsf@kronstadt.homeunix.net> Message-ID: <3587.192.168.0.64.1045102661.squirrel@theashergroup.com> > Jerry> I want to search for a switch option, but I can't because the > Jerry> damned hyphen is bolded. > > That sounds really strange. The face of the character should be > totally irrelevant for the purpose of searching, and it is for me > (Debian woody, GNU Emacs 21.3). Okay, retesting it's not the bold, it's specifically that the hypen in the man page is not a f'n hypen (ascii hex 2d), but for some reason hexl-mode shows mea b2, which is an extended ascii for a superscript 2. It displays as a hyphen though. Huh? b2 and not a hyphen? What is going on? Thanks, Jerry From itz at speakeasy.org Wed Feb 12 23:09:55 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 12 Feb 2003 23:09:55 -0800 Subject: [buug] searching man pages w/i emacs (gnu/emacs os, redhat platform) In-Reply-To: <3587.192.168.0.64.1045102661.squirrel@theashergroup.com> References: <2412.192.168.0.64.1045100604.squirrel@theashergroup.com> <86wuk5uf5i.fsf@kronstadt.homeunix.net> <3587.192.168.0.64.1045102661.squirrel@theashergroup.com> Message-ID: <86ptpwpsfw.fsf@kronstadt.homeunix.net> So, it has nothing to do with Emacs. My faith can remain unshaken :-) Jerry> Okay, retesting it's not the bold, it's specifically that the Jerry> hypen in the man page is not a f'n hypen (ascii hex 2d), but Jerry> for some reason hexl-mode shows mea b2, which is an extended Jerry> ascii for a superscript 2. It displays as a hyphen though. There's no such thing as "extended ascii". There are just many mutually incompatible character sets and many mutually incompatible ways of coding them into the 0x80-0xff space. latin-1, also known as iso-8859-1, which has the superscript 2 character in that position, is just one of them, though the most common in Linux and Unix. But even now you can cause a different one to be used by setting your locale, and a move to ISO 10646 (a superset of what is known as Unicode), is afoot, coded with the utf-8 scheme, where non-ascii characters are represented by multiple bytes in the 0x80-0xff range. Jerry> Huh? b2 and not a hyphen? What is going on? Looking at the same manpage here, I don't have that problem, either. Does RH always format manpages on the fly (as Debian now does), or does it still cache preformatted pages? If it caches, have you tried getting rid of the preformatted page and formatting it again? By hand if necessary, using something like < /usr/share/man/man1/bash.1 tbl -Tascii | eqn -Tascii | nroff -Tascii -man and varying the options to find the cause. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From jammer at weak.org Sat Feb 15 12:17:24 2003 From: jammer at weak.org (Jon McClintock) Date: Sat, 15 Feb 2003 12:17:24 -0800 Subject: [buug] Secure NFS? Message-ID: <20030215201724.GA12107@weak.org> Has anyone been successful at using NFS in a secure way? NFS seems to be the best way to export shares to the OS/X computer, but it's completely lacking in any security mechanisms. Has anyone tried tunnelling NFS over SSL or SSH? Are there other mechansims for securing NFS that I'm missing? Alternatively, does anyone have a spare PCI ethernet card? The problem is, the server with the files on it is on the public internet, and the OS/X client is on a NAT network behind the firewall. I've got the server setup to only allow NFS from the firewall's IP, but since the firewall also NATs for the (unprotected) wireless network, there's a wee hole in my security that I'd rather not have. -Jon From nick at zork.net Sat Feb 15 12:30:06 2003 From: nick at zork.net (Nick Moffitt) Date: Sat, 15 Feb 2003 12:30:06 -0800 Subject: [buug] Secure NFS? In-Reply-To: <20030215201724.GA12107@weak.org> References: <20030215201724.GA12107@weak.org> Message-ID: <20030215203006.GM8910@zork.net> begin Jon McClintock quotation: > Has anyone tried tunnelling NFS over SSL or SSH? Are there other > mechansims for securing NFS that I'm missing? http://sfs.fs.net From jammer at weak.org Sat Feb 15 15:08:40 2003 From: jammer at weak.org (Jon McClintock) Date: Sat, 15 Feb 2003 15:08:40 -0800 Subject: [buug] Secure NFS? In-Reply-To: <20030215203006.GM8910@zork.net> References: <20030215201724.GA12107@weak.org> <20030215203006.GM8910@zork.net> Message-ID: <20030215230840.GB12107@weak.org> On Sat, Feb 15, 2003 at 12:30:06PM -0800, Nick Moffitt wrote: > begin Jon McClintock quotation: > > Has anyone tried tunnelling NFS over SSL or SSH? Are there other > > mechansims for securing NFS that I'm missing? > > http://sfs.fs.net Bzzzt. Read the install notes for Darwin. The client's got serious limitations in OS/X. It basically restricts you to using a loopback Samba mount. I'm using NFS because the Darwin Samba client sucks ass in the first place. -Jon From nick at zork.net Sat Feb 15 16:57:09 2003 From: nick at zork.net (Nick Moffitt) Date: Sat, 15 Feb 2003 16:57:09 -0800 Subject: [buug] Secure NFS? In-Reply-To: <20030215230840.GB12107@weak.org> References: <20030215201724.GA12107@weak.org> <20030215203006.GM8910@zork.net> <20030215230840.GB12107@weak.org> Message-ID: <20030216005709.GN8910@zork.net> begin Jon McClintock quotation: > > http://sfs.fs.net > > Bzzzt. Read the install notes for Darwin. The client's got serious > limitations in OS/X. It basically restricts you to using a loopback > Samba mount. I'm using NFS because the Darwin Samba client sucks ass > in the first place. Ah, I'm sorry to hear that. I knew NeXTStep was still a little behind other Unixes, but I guess I didn't realize how bad it was. Ah well, that's what ten years will do to you. From itz at speakeasy.org Tue Feb 18 08:19:28 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 18 Feb 2003 08:19:28 -0800 Subject: [buug] Re: in area/keysigning? In-Reply-To: <20030218064340.GA16197@ringworld.org> References: <20030217221921.GI9472@ringworld.org> <200302172156.09804.shalehperry@attbi.com> <20030218064340.GA16197@ringworld.org> Message-ID: <86heb1a7e7.fsf@kronstadt.homeunix.net> >> where are you staying? Scott> I'll be staying in the Berkeley area, near the Ashby BART Scott> station. (within ~.5mi I guess..) You could come to the upcoming Berkeley Unix User Group meeting. http://weak.org/buug I'll take my ID and key info. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From nkj at namodn.com Tue Feb 18 10:32:29 2003 From: nkj at namodn.com (Nick Jennings) Date: Tue, 18 Feb 2003 10:32:29 -0800 Subject: [buug] Secure NFS? In-Reply-To: <20030215201724.GA12107@weak.org>; from jammer@weak.org on Sat, Feb 15, 2003 at 12:17:24PM -0800 References: <20030215201724.GA12107@weak.org> Message-ID: <20030218103229.B13054@namodn.com> On Sat, Feb 15, 2003 at 12:17:24PM -0800, Jon McClintock wrote: > Alternatively, does anyone have a spare PCI ethernet card? The problem > is, the server with the files on it is on the public internet, and the > OS/X client is on a NAT network behind the firewall. I've got the server > setup to only allow NFS from the firewall's IP, but since the firewall > also NATs for the (unprotected) wireless network, there's a wee hole in > my security that I'd rather not have. Why don't you just block NFS requests comming from the router? You shouldn't need to access NFS data from your router anyways. - Nick From wfhoney at pacbell.net Tue Feb 18 10:36:24 2003 From: wfhoney at pacbell.net (Bill Honeycutt) Date: Tue, 18 Feb 2003 10:36:24 -0800 Subject: [buug] Secure NFS? In-Reply-To: <20030218103229.B13054@namodn.com> References: <20030215201724.GA12107@weak.org> <20030218103229.B13054@namodn.com> Message-ID: <3E527D28.2090707@pacbell.net> Nick Jennings wrote: > On Sat, Feb 15, 2003 at 12:17:24PM -0800, Jon McClintock wrote: > >>Alternatively, does anyone have a spare PCI ethernet card? I have a NIC for you...will bring to the 'Rooster'. From jammer at weak.org Tue Feb 18 14:14:42 2003 From: jammer at weak.org (Jon McClintock) Date: Tue, 18 Feb 2003 14:14:42 -0800 Subject: [buug] Secure NFS? In-Reply-To: <20030218103229.B13054@namodn.com> References: <20030215201724.GA12107@weak.org> <20030218103229.B13054@namodn.com> Message-ID: <20030218221442.GA24131@weak.org> On Tue, Feb 18, 2003 at 10:32:29AM -0800, Nick Jennings wrote: > On Sat, Feb 15, 2003 at 12:17:24PM -0800, Jon McClintock wrote: > > Alternatively, does anyone have a spare PCI ethernet card? The problem > > is, the server with the files on it is on the public internet, and the > > OS/X client is on a NAT network behind the firewall. I've got the server > > setup to only allow NFS from the firewall's IP, but since the firewall > > also NATs for the (unprotected) wireless network, there's a wee hole in > > my security that I'd rather not have. > > Why don't you just block NFS requests comming from the router? You > shouldn't need to access NFS data from your router anyways. Here is my network map: ADSL router | \_______________________________________________ | | feeling.weak.org weak.org | | Wireless Wired NAT NAT Network Network weak.org is the file server. feeling.weak.org is the NAT router/firewall. The hosts that want to mount files from weak.org are on the wired NAT network. The wireless NAT network is freely accessible to anyone. Since both NAT networks present the same IP address to the outside world (and thus to the fileserver), I can't just block the IP of the router. I could block outbound NFS traffic from the wireless NAT network, but that seems kludgey. My solution is to add a second ethernet card to weak.org into the wired NAT network. It's a shame NFS is the best working network file system in OS/X, because it's crap for security. -Jon From jerry-sourceforge at theashergroup.com Tue Feb 18 14:34:05 2003 From: jerry-sourceforge at theashergroup.com (Jerry Asher) Date: Tue, 18 Feb 2003 14:34:05 -0800 (PST) Subject: [buug] Secure NFS? In-Reply-To: <20030218221442.GA24131@weak.org> References: <20030215201724.GA12107@weak.org> <20030218103229.B13054@namodn.com> <20030218221442.GA24131@weak.org> Message-ID: <2399.68.3.55.171.1045607645.squirrel@theashergroup.com> > Here is my network map: > > > ADSL router > | > \_______________________________________________ > | | > feeling.weak.org weak.org > | | > Wireless Wired > NAT NAT > Network Network > > weak.org is the file server. feeling.weak.org is the NAT > router/firewall. The hosts that want to mount files from weak.org are on > the wired NAT network. The wireless NAT network is freely accessible to > anyone. > > Since both NAT networks present the same IP address to the outside world > (and thus to the fileserver), I can't just block the IP of the router. > I could block outbound NFS traffic from the wireless NAT > network, but that seems kludgey. > > My solution is to add a second ethernet card to weak.org into the wired > NAT network. > > It's a shame NFS is the best working network file system in OS/X, > because it's crap for security. > > -Jon > _______________________________________________ > Buug mailing list > Buug at weak.org > http://www.weak.org/mailman/listinfo/buug Is feeling.weak.org running Linux? If so, would a CIPE tunnel between your wired network and weak.org suit your needs? Jerry From jel at idiom.com Tue Feb 18 16:56:41 2003 From: jel at idiom.com (John Levine) Date: Tue, 18 Feb 2003 16:56:41 -0800 Subject: [buug] buug web site bug Message-ID: <022E99DA-43A5-11D7-B65B-000393DA5060@idiom.com> The 3rd Thursday of the month of Feb, 2003, is Feb. 20, not Feb 13 as the page at http://www.weak.org/buug/ says. Will there be a meeting on the 13th? Or the 20th? cal says: February 2003 S M Tu W Th F S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Thanks, -- John. From nick at zork.net Tue Feb 18 16:59:09 2003 From: nick at zork.net (Nick Moffitt) Date: Tue, 18 Feb 2003 16:59:09 -0800 Subject: [buug] buug web site bug In-Reply-To: <022E99DA-43A5-11D7-B65B-000393DA5060@idiom.com> References: <022E99DA-43A5-11D7-B65B-000393DA5060@idiom.com> Message-ID: <20030219005909.GX17327@zork.net> begin John Levine quotation: > The 3rd Thursday of the month of Feb, 2003, is Feb. 20, not Feb 13 as > the page at > http://www.weak.org/buug/ > says. It's also spelled "Au Coquelet", not "Coquelot". From jammer at weak.org Tue Feb 18 17:29:24 2003 From: jammer at weak.org (Jon McClintock) Date: Tue, 18 Feb 2003 17:29:24 -0800 Subject: [buug] buug web site bug In-Reply-To: <022E99DA-43A5-11D7-B65B-000393DA5060@idiom.com> References: <022E99DA-43A5-11D7-B65B-000393DA5060@idiom.com> Message-ID: <20030219012924.GB24131@weak.org> On Tue, Feb 18, 2003 at 04:56:41PM -0800, John Levine wrote: > The 3rd Thursday of the month of Feb, 2003, is Feb. 20, not Feb 13 as > the page at > http://www.weak.org/buug/ > says. > > Will there be a meeting on the 13th? Or the 20th? > > cal says: > February 2003 > S M Tu W Th F S > 1 > 2 3 4 5 6 7 8 > 9 10 11 12 13 14 15 > 16 17 18 19 20 21 22 > 23 24 25 26 27 28 Whups. Sorry. The meeting is this coming Thursday, the 20th. -Jon From dieman at ringworld.org Tue Feb 18 08:51:32 2003 From: dieman at ringworld.org (Scott Dier) Date: Tue, 18 Feb 2003 10:51:32 -0600 Subject: [buug] Re: in area/keysigning? In-Reply-To: <86heb1a7e7.fsf@kronstadt.homeunix.net> References: <20030217221921.GI9472@ringworld.org> <200302172156.09804.shalehperry@attbi.com> <20030218064340.GA16197@ringworld.org> <86heb1a7e7.fsf@kronstadt.homeunix.net> Message-ID: <20030218165131.GC16197@ringworld.org> * Ian Zimmerman [021803 10:19]: > >> where are you staying? > Scott> I'll be staying in the Berkeley area, near the Ashby BART > Scott> station. (within ~.5mi I guess..) > You could come to the upcoming Berkeley Unix User Group meeting. > > http://weak.org/buug > > I'll take my ID and key info. That sounds like an excellent idea. I'll be there for the meeting and will be signing anyones key if they wish. Thanks. -- Scott Dier KC0OBS http://www.ringworld.org/ From dieman at ringworld.org Thu Feb 20 17:30:22 2003 From: dieman at ringworld.org (Scott Dier - dieman) Date: Thu, 20 Feb 2003 19:30:22 -0600 (CST) Subject: [buug] Re: in area/keysigning? In-Reply-To: <86heb1a7e7.fsf@kronstadt.homeunix.net> Message-ID: I most likely wont be there right at 7, but definately before 9. Thanks. On 18 Feb 2003, Ian Zimmerman wrote: > > >> where are you staying? > > Scott> I'll be staying in the Berkeley area, near the Ashby BART > Scott> station. (within ~.5mi I guess..) > > You could come to the upcoming Berkeley Unix User Group meeting. > > http://weak.org/buug > > I'll take my ID and key info. > > -- Scott Dier http://www.ringworld.org/ From brian at planetshwoop.com Thu Feb 20 19:54:09 2003 From: brian at planetshwoop.com (Brian Sobolak) Date: Thu, 20 Feb 2003 21:54:09 -0600 (CST) Subject: [buug] e-smith.org Message-ID: <20030220212424.A49362-100000@magenta.planetshwoop.com> Has anyone tried the e-smith.org Linux distro? I see that they've changed their name to Mitel, but still do have a free GPL'd product to use. Anyone taken it for a spin? brian -- This is how I think: http://www.planetshwoop.com/blog/ Brian Sobolak sobolak at myrealbox.com From nkj at namodn.com Fri Feb 21 09:22:16 2003 From: nkj at namodn.com (Nick Jennings) Date: Fri, 21 Feb 2003 09:22:16 -0800 Subject: [buug] e-smith.org In-Reply-To: <20030220212424.A49362-100000@magenta.planetshwoop.com>; from brian@planetshwoop.com on Thu, Feb 20, 2003 at 09:54:09PM -0600 References: <20030220212424.A49362-100000@magenta.planetshwoop.com> Message-ID: <20030221092216.B13601@namodn.com> I have never heard of this distro before, but I would be interested to know what it brings to the table. Seems at first glance to just be another Linux Distro focused on server operations. - Nick On Thu, Feb 20, 2003 at 09:54:09PM -0600, Brian Sobolak wrote: > > Has anyone tried the e-smith.org Linux distro? I see that they've changed > their name to Mitel, but still do have a free GPL'd product to use. > > Anyone taken it for a spin? > > brian > > -- > This is how I think: http://www.planetshwoop.com/blog/ > Brian Sobolak sobolak at myrealbox.com > > > _______________________________________________ > Buug mailing list > Buug at weak.org > http://www.weak.org/mailman/listinfo/buug > From jammer at weak.org Fri Feb 21 10:10:54 2003 From: jammer at weak.org (Jon McClintock) Date: Fri, 21 Feb 2003 10:10:54 -0800 Subject: [buug] Embedded Systems Conference - Free Exhibits Pass Registration Message-ID: <20030221181054.GA5410@weak.org> Hey guys, Anyone interested in checking out the exhibits at the upcoming Embedded Systems Conference? It's April 23-25 at Moscone. Register for free (up through March 25) at: http://embedded.com/esc/ -Jon From brian at planetshwoop.com Fri Feb 21 10:15:55 2003 From: brian at planetshwoop.com (Brian Sobolak) Date: Fri, 21 Feb 2003 12:15:55 -0600 (CST) Subject: [buug] e-smith.org In-Reply-To: <20030221092216.B13601@namodn.com> References: <20030220212424.A49362-100000@magenta.planetshwoop.com> <20030221092216.B13601@namodn.com> Message-ID: <46335.4.17.250.5.1045851355.squirrel@www.planetshwoop.com> Nick Jennings said: > I have never heard of this distro before, but I would be interested to > know what it brings to the table. Seems at first glance to just be > another Linux Distro focused on server operations. > The appeal for me is that you can manage all of the services through a web interface. It seems like an open-source version of a Cobalt Cube - you can get in through the shell if you want to, but the majority of the interfaces are managed through the web. I'm going to setup a box for a departmental email, FTP, web, file server, etc. I'll be the only IT guy, and I'll need something simple that I could train a non-IT person to use while I go on vacation. A Cube would be perfect, but it costs money. This seems free (I could run it on a spare desktop) and get the same benefits. brian -- Brian Sobolak http://www.planetshwoop.com/ From nkj at namodn.com Fri Feb 21 10:32:05 2003 From: nkj at namodn.com (Nick Jennings) Date: Fri, 21 Feb 2003 10:32:05 -0800 Subject: [buug] e-smith.org In-Reply-To: <46335.4.17.250.5.1045851355.squirrel@www.planetshwoop.com>; from brian@planetshwoop.com on Fri, Feb 21, 2003 at 12:15:55PM -0600 References: <20030220212424.A49362-100000@magenta.planetshwoop.com> <20030221092216.B13601@namodn.com> <46335.4.17.250.5.1045851355.squirrel@www.planetshwoop.com> Message-ID: <20030221103205.D13601@namodn.com> On Fri, Feb 21, 2003 at 12:15:55PM -0600, Brian Sobolak wrote: > > Nick Jennings said: > > I have never heard of this distro before, but I would be interested to > > know what it brings to the table. Seems at first glance to just be > > another Linux Distro focused on server operations. > > The appeal for me is that you can manage all of the services through a web > interface. Ah, I see. I skimmed over the details on the website, they don't mention a web-interface (or maybe I missed it), though they do explain their templating system pretty thoroughly. Do you know if they are using a webmin derivative or is their web-GUI completely custom developed? It would be cool to see some screenshots of the web interface. - Nick From itz at speakeasy.org Fri Feb 21 12:24:44 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 21 Feb 2003 12:24:44 -0800 Subject: [buug] GnuPG interface? Message-ID: <86bs15z8j7.fsf@kronstadt.homeunix.net> For the first time, I tried to use an interface (gpa) to do the signing last night. I was dismayed to find it didn't work (Debian bug #181936). I think it has to do something with an command incompatibility between GnuPG 1.0.x and 1.2.x (I remember I had to upgrade mailcrypt after that change, too). What, if anything, do people use, and does it work with 1.2? -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From rick at linuxmafia.com Fri Feb 21 12:37:46 2003 From: rick at linuxmafia.com (Rick Moen) Date: Fri, 21 Feb 2003 12:37:46 -0800 Subject: [buug] GnuPG interface? In-Reply-To: <86bs15z8j7.fsf@kronstadt.homeunix.net> References: <86bs15z8j7.fsf@kronstadt.homeunix.net> Message-ID: <20030221203746.GD5497@linuxmafia.com> Quoting Ian Zimmerman (itz at speakeasy.org): > What, if anything, do people use, and does it work with 1.2? I use the gpg manpage. Intensively. Every single time. -- Cheers, "My file system's got no nodes!" Rick Moen "How does it shell?" rick at linuxmafia.com From ted at parvu.net Fri Feb 21 13:45:42 2003 From: ted at parvu.net (Ted Parvu) Date: Fri, 21 Feb 2003 13:45:42 -0800 Subject: [buug] GnuPG interface? In-Reply-To: <20030221203746.GD5497@linuxmafia.com> References: <86bs15z8j7.fsf@kronstadt.homeunix.net> <20030221203746.GD5497@linuxmafia.com> Message-ID: <20030221214542.GC23059@shadow.parvu.net> On Fri, Feb 21, 2003 at 12:37:46PM -0800, Rick Moen wrote: > Quoting Ian Zimmerman (itz at speakeasy.org): > > > What, if anything, do people use, and does it work with 1.2? > > I use the gpg manpage. > Intensively. > Every single time. > Bah, who needs the man page when you have the source code! :^) Myself, I still use PGP 7.1 but I suppose I should look to moving to gpg, but I just can't bring myself to do it. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- WAR IS GOOD FREEDOM IS SLAVERY IGNORANCE IS STRENGTH From itz at speakeasy.org Wed Feb 26 11:20:17 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 26 Feb 2003 11:20:17 -0800 Subject: [buug] GnuPG interface? In-Reply-To: <86bs15z8j7.fsf@kronstadt.homeunix.net> References: <86bs15z8j7.fsf@kronstadt.homeunix.net> Message-ID: <86y942c0i6.fsf@kronstadt.homeunix.net> Ian> For the first time, I tried to use an interface (gpa) to do the Ian> signing last night. I was dismayed to find it didn't work Ian> (Debian bug #181936). I think it has to do something with an Ian> command incompatibility between GnuPG 1.0.x and 1.2.x (I remember Ian> I had to upgrade mailcrypt after that change, too). Ian> What, if anything, do people use, and does it work with 1.2? It turns out the current version of gpa (gtk 2.x based) works fine, and I can recommend it. It is stuck in Debian unstable because of libc like everything else, so I had to build it myself. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From itz at speakeasy.org Wed Feb 26 17:06:17 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 26 Feb 2003 17:06:17 -0800 Subject: [buug] checking a pid Message-ID: <86lm02v8fq.fsf@kronstadt.homeunix.net> How does one check in general if a number is a pid of a living process, under BSD? The old saw kill(pid, 0) only works for my own processes - it will fail for other users' processes whether or not pid is alive. Under Linux, I solved this by stat'ing /proc// . What is the BSD way? -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From jan at caustic.org Wed Feb 26 17:14:18 2003 From: jan at caustic.org (f.johan.beisser) Date: Wed, 26 Feb 2003 17:14:18 -0800 (PST) Subject: [buug] checking a pid In-Reply-To: <86lm02v8fq.fsf@kronstadt.homeunix.net> Message-ID: <20030226170827.D63914-100000@pogo.caustic.org> On 26 Feb 2003, Ian Zimmerman wrote: > Under Linux, I solved this by stat'ing /proc// . > What is the BSD way? ps -axjw | grep foo | awk '{print $3}' the "j" flag is handy. -------/ f. johan beisser /--------------------------------------+ http://caustic.org/~jan jan at caustic.org "Champagne for my real friends, real pain for my sham friends." -- Tom Waits From itz at speakeasy.org Wed Feb 26 20:55:42 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 26 Feb 2003 20:55:42 -0800 Subject: [buug] checking a pid In-Reply-To: <20030226170827.D63914-100000@pogo.caustic.org> References: <20030226170827.D63914-100000@pogo.caustic.org> Message-ID: <86y9429vap.fsf@kronstadt.homeunix.net> itz> Under Linux, I solved this by stat'ing /proc// . What is itz> the BSD way? jan> ps -axjw | grep foo | awk '{print $3}' jan> the "j" flag is handy. Well, I need this in a C program, not as something I type into the shell. Setting up that full pipeline wouldn't be completely trivial. But yes, after firing off my question I thought about just forking a ps process and checking its exit status. Fortunately I only need to do this once; if it was in a loop, this solution wouldn't satisfy. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From harpo at thebackrow.net Wed Feb 26 21:11:54 2003 From: harpo at thebackrow.net (Will Lowe) Date: Wed, 26 Feb 2003 21:11:54 -0800 Subject: [buug] checking a pid In-Reply-To: <86y9429vap.fsf@kronstadt.homeunix.net> References: <20030226170827.D63914-100000@pogo.caustic.org> <86y9429vap.fsf@kronstadt.homeunix.net> Message-ID: <20030227051154.GA30623@thebackrow.net> > Well, I need this in a C program, not as something I type into the > shell. Setting up that full pipeline wouldn't be completely trivial. From "man 2 kill": SYNOPSIS #include #include int kill(pid_t pid, int sig); If sig is 0, then no signal is sent, but error checking is still per- formed. ... so basically, if you kill(pid, 0) and it doesn't return an error, pid is still running. -- thanks, Will From itz at speakeasy.org Wed Feb 26 21:24:44 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 26 Feb 2003 21:24:44 -0800 Subject: [buug] checking a pid In-Reply-To: <20030227051154.GA30623@thebackrow.net> References: <20030226170827.D63914-100000@pogo.caustic.org> <86y9429vap.fsf@kronstadt.homeunix.net> <20030227051154.GA30623@thebackrow.net> Message-ID: <86u1eq9tyb.fsf@kronstadt.homeunix.net> Will> From "man 2 kill": Will> SYNOPSIS #include #include Will> int kill(pid_t pid, int sig); Will> Will> If sig is 0, then no signal is sent, but error checking is still Will> per- formed. Will> ... so basically, if you kill(pid, 0) and it doesn't return an Will> error, pid is still running. No. Read my original article, again. Then perhaps read the kernel source. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From sneakums at zork.net Thu Feb 27 03:05:01 2003 From: sneakums at zork.net (Sean Neakums) Date: Thu, 27 Feb 2003 11:05:01 +0000 Subject: [buug] checking a pid In-Reply-To: <86lm02v8fq.fsf@kronstadt.homeunix.net> (Ian Zimmerman's message of "26 Feb 2003 17:06:17 -0800") References: <86lm02v8fq.fsf@kronstadt.homeunix.net> Message-ID: <6uof4y6l2a.fsf@zork.zork.net> commence Ian Zimmerman quotation: > How does one check in general if a number is a pid of a living > process, under BSD? The old saw kill(pid, 0) only works for my own > processes - it will fail for other users' processes whether or not pid > is alive. But if kill returns non-zero, and the process exists and is not owned by you, errno will be set to EPERM, whereas if the process does not exist errno will be set to ESRCH. So it is still possible to use this method to check for the existence of a process, regardless of its owner. For example: #include #include #include #include int main (int argc, char* argv[]) { int pid = atoi (argv[1]); if ((kill (pid, 0) == 0) || (errno == EPERM)) { printf ("Yes.\n"); } else { printf ("No.\n"); } exit (0); } -- / | [|] Sean Neakums | Size *does* matter. [|] | That's why I use Emacs. \ | From itz at speakeasy.org Thu Feb 27 10:54:05 2003 From: itz at speakeasy.org (Ian Zimmerman) Date: 27 Feb 2003 10:54:05 -0800 Subject: [buug] checking a pid In-Reply-To: <6uof4y6l2a.fsf@zork.zork.net> References: <86lm02v8fq.fsf@kronstadt.homeunix.net> <6uof4y6l2a.fsf@zork.zork.net> Message-ID: <86smu9mu5u.fsf@kronstadt.homeunix.net> itz> How does one check in general if a number is a pid of a living itz> process, under BSD? The old saw kill(pid, 0) only works for my itz> own processes - it will fail for other users' processes whether itz> or not pid is alive. Sean> But if kill returns non-zero, and the process exists and is not Sean> owned by you, errno will be set to EPERM, whereas if the process Sean> does not exist errno will be set to ESRCH. So it is still Sean> possible to use this method to check for the existence of a Sean> process, regardless of its owner. Ahhh, true! The answer I was looking for. Thanks. -- Ian Zimmerman, Oakland, California, U.S.A. if (sizeof(signed) > sizeof(unsigned) + 4) { delete this; } GPG: 433BA087 9C0F 194F 203A 63F7 B1B8 6E5A 8CA3 27DB 433B A087 From nkj at namodn.com Fri Feb 28 11:04:41 2003 From: nkj at namodn.com (Nick Jennings) Date: Fri, 28 Feb 2003 11:04:41 -0800 Subject: [buug] Apache2 Virtual Hosts Message-ID: <20030228190441.GB23403@namodn.com> Hi All, I am wondering if anyone has experience with Apache2, more specifically name-based virtual hosts? I've done this allot with Apache 1.3 in the past, but thought I'd give Apache2 a try. It seems they've got lots of the configuration split out into specerate files, including vhosts/Vhosts.conf to which I've placed the following lines: ################# Named VirtualHosts NameVirtualHost * ServerName DocumentRoot /var/www/ ServerName nick. DocumentRoot /var/www/nick. I've made sure the directories exist, and are readable by the http daemon. When I go to the URL I get a 403 Forbidden. The only relevant entry in the error_log: [Fri Feb 28 10:57:09 2003] [error] [client 127.0.0.1] client denied by server configuration: /var/www// If I disable virtualhosts, I am able to access the files with no issues, so I am certain it's not a permissions problem. Any help would be great. - Nick From wfhoney at pacbell.net Fri Feb 28 13:21:25 2003 From: wfhoney at pacbell.net (Honeycutt) Date: Fri, 28 Feb 2003 13:21:25 -0800 Subject: [buug] Apache2 Virtual Hosts References: <20030228190441.GB23403@namodn.com> Message-ID: <3E5FD2D5.2040909@pacbell.net> Nick Jennings wrote: > I've made sure the directories exist, and are readable by the http daemon. > When I go to the URL I get a 403 Forbidden. The only relevant entry in the > error_log: > > [Fri Feb 28 10:57:09 2003] [error] [client 127.0.0.1] client denied by server configuration: /var/www// > > > If I disable virtualhosts, I am able to access the files with no issues, so I > am certain it's not a permissions problem. Nick, what's in the apache logs? Specifically, what's in 'error_log'? From nkj at namodn.com Fri Feb 28 14:12:54 2003 From: nkj at namodn.com (Nick Jennings) Date: Fri, 28 Feb 2003 14:12:54 -0800 Subject: [buug] Apache2 Virtual Hosts In-Reply-To: <3E5FD2D5.2040909@pacbell.net> References: <20030228190441.GB23403@namodn.com> <3E5FD2D5.2040909@pacbell.net> Message-ID: <20030228221254.GC566@namodn.com> That is the only error entry when I hit the machine. [Fri Feb 28 10:51:17 2003] [notice] caught SIGTERM, shutting down [Fri Feb 28 10:51:18 2003] [notice] Digest: generating secret for digest authentication ... [Fri Feb 28 10:51:18 2003] [notice] Digest: done [Fri Feb 28 10:51:19 2003] [notice] Apache-AdvancedExtranetServer/2.0.44 (Mandrake Linux/6mdk) configured -- resuming normal operations [Fri Feb 28 10:51:28 2003] [error] [client 127.0.0.1] client denied by server configuration: /var/www// [Fri Feb 28 10:57:09 2003] [error] [client 127.0.0.1] client denied by server configuration: /var/www// On Fri, Feb 28, 2003 at 01:21:25PM -0800, Honeycutt wrote: > Nick Jennings wrote: > >I've made sure the directories exist, and are readable by the http daemon. > >When I go to the URL I get a 403 Forbidden. The only relevant entry in the > >error_log: > > > >[Fri Feb 28 10:57:09 2003] [error] [client 127.0.0.1] client denied by > >server configuration: /var/www// > > > > > >If I disable virtualhosts, I am able to access the files with no issues, > >so I > >am certain it's not a permissions problem. > > Nick, what's in the apache logs? Specifically, what's in 'error_log'? > > _______________________________________________ > Buug mailing list > Buug at weak.org > http://www.weak.org/mailman/listinfo/buug > From wfhoney at pacbell.net Fri Feb 28 14:47:39 2003 From: wfhoney at pacbell.net (Bill Honeycutt) Date: Fri, 28 Feb 2003 14:47:39 -0800 Subject: [buug] Apache2 Virtual Hosts In-Reply-To: <20030228221254.GC566@namodn.com> References: <20030228190441.GB23403@namodn.com> <3E5FD2D5.2040909@pacbell.net> <20030228221254.GC566@namodn.com> Message-ID: <3E5FE70B.2090701@pacbell.net> Nick Jennings wrote: > That is the only error entry when I hit the machine. > > [Fri Feb 28 10:51:17 2003] [notice] caught SIGTERM, shutting down > [Fri Feb 28 10:51:18 2003] [notice] Digest: generating secret for digest > authentication ... > ...snip... > [Fri Feb 28 10:57:09 2003] [error] [client 127.0.0.1] client denied by > server configuration: /var/www// Nick, I just fumbled through setting up simple authentication on 1.3. I assume you've looked here... http://httpd.apache.org/docs/howto/auth.html#digestworks ...and have all the basic goodies; .htaccess (or httpd.conf equiv.), an htdigest password file, etc. Are you getting a challenge from the browesr or just a failure? From nkj at namodn.com Fri Feb 28 15:21:33 2003 From: nkj at namodn.com (Nick Jennings) Date: Fri, 28 Feb 2003 15:21:33 -0800 Subject: [buug] Apache2 Virtual Hosts In-Reply-To: <3E5FE70B.2090701@pacbell.net> References: <20030228190441.GB23403@namodn.com> <3E5FD2D5.2040909@pacbell.net> <20030228221254.GC566@namodn.com> <3E5FE70B.2090701@pacbell.net> Message-ID: <20030228232133.GE566@namodn.com> On Fri, Feb 28, 2003 at 02:47:39PM -0800, Bill Honeycutt wrote: > Nick Jennings wrote: > >That is the only error entry when I hit the machine. > > > >[Fri Feb 28 10:51:17 2003] [notice] caught SIGTERM, shutting down > >[Fri Feb 28 10:51:18 2003] [notice] Digest: generating secret for digest > >authentication ... > > ...snip... > >[Fri Feb 28 10:57:09 2003] [error] [client 127.0.0.1] client denied by > >server configuration: /var/www// > > Nick, > > I just fumbled through setting up simple authentication on 1.3. I > assume you've looked here... > > http://httpd.apache.org/docs/howto/auth.html#digestworks > > ...and have all the basic goodies; .htaccess (or httpd.conf > equiv.), an htdigest password file, etc. Are you getting a challenge > from the browesr or just a failure? I am attempting the setup for Apache2, not 1.3 and I haven't changed anything but for the Vhosts. I'm not getting any challenge from the browser at all, just the 403. - Nick From wfhoney at pacbell.net Fri Feb 28 18:54:58 2003 From: wfhoney at pacbell.net (Wm. F. Honeycutt) Date: Fri, 28 Feb 2003 18:54:58 -0800 Subject: [buug] Apache2 Virtual Hosts References: <20030228190441.GB23403@namodn.com> <3E5FD2D5.2040909@pacbell.net> <20030228221254.GC566@namodn.com> <3E5FE70B.2090701@pacbell.net> <20030228232133.GE566@namodn.com> Message-ID: <3E602102.3040505@pacbell.net> Nick Jennings wrote: > I am attempting the setup for Apache2, not 1.3 I understand. > anything but for the Vhosts. I'm not getting any challenge from the > browser at all, just the 403. 403 returned would imply that the server is trying to authenticate using htpasswd file or digest authentication. From unixjavabob at yahoo.com Fri Feb 28 20:23:24 2003 From: unixjavabob at yahoo.com (Bob Read) Date: Fri, 28 Feb 2003 20:23:24 -0800 (PST) Subject: [buug] Apache2 Virtual Hosts In-Reply-To: <3E602102.3040505@pacbell.net> Message-ID: <20030301042324.56208.qmail@web13807.mail.yahoo.com> Hi Nick, I've been defining my VirtualHosts at the tail end of httpd.conf in apache2 and that works. Bob R. --- "Wm. F. Honeycutt" wrote: > Nick Jennings wrote: > > > > I am attempting the setup for Apache2, not 1.3 > > I understand. > > > anything but for the Vhosts. I'm not getting any > challenge from the > > browser at all, just the 403. > > > 403 returned would imply that the server is trying > to authenticate using > htpasswd file or digest authentication. > > _______________________________________________ > Buug mailing list > Buug at weak.org > http://www.weak.org/mailman/listinfo/buug ===== ----------------------------------------- Bob Read Exit Code Incorporated cell (510)-703-1634 unixjavabob at yahoo.com ----------------------------------------- __________________________________________________ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/