From Michael.Paoli at cal.berkeley.edu Thu Mar 2 06:27:05 2006 From: Michael.Paoli at cal.berkeley.edu (Michael Paoli) Date: Thu, 2 Mar 2006 06:27:05 -0800 Subject: [buug] S.F.: BALUG 2006-03-21: Tom Limoncelli: Time Management for System Administrators Message-ID: <1141309625.440700b9e72e1@webmail.rawbw.com> For the 2006-03-21 Bay Area Linux Users Group (BALUG) meeting, we have as guest presenter Tom Limoncelli, of Google, on: Time Management for System Administrators (and everyone else too) synopsis: Whether you use Perl, Python or Ruby, whether you use Windows, Linux or Unix, all system administrators have a problem with time management. Users interrupt you constantly with requests, your managers want you to get long-term projects done but flood you with requests for quick- fixed, and the machines you manage just never behave, causing problems at the most inopportune moments. Tom will discuss techniques he has developed over the last 15 years for dealing with these things --- all of which (and more) can be found in his new book from O'Reilly, "Time Management for System Administrators". http://www.amazon.com/exec/obidos/tg/detail/-/0596007833/tomontime-20 (The book was the #1 computer book on Amazon on Feb 10, 2006) Tom Limoncelli has over 15 years of system administration experience and has been teaching workshops on Time Management at conferences since 2003. Tom has worked for both large and small organizations, including Bell Labs and AT&T. He speaks at conferences around the world. His previous book, The Practice of System and Network Administration, is considered a standard reference in system administration. He now works at the Google NYC office. His web site is www.EverythingSysadmin.com more details here: http://lists.balug.org/pipermail/balug-announce-balug.org/2006-March/000058.html From Michael.Paoli at cal.berkeley.edu Fri Mar 3 08:42:02 2006 From: Michael.Paoli at cal.berkeley.edu (Michael Paoli) Date: Fri, 3 Mar 2006 08:42:02 -0800 Subject: [buug] Various stuff from and related to yesterday's BUUG meeting Message-ID: <1141404122.440871da6ea5f@webmail.rawbw.com> In not necessarily any particular order: CoMPare and LiNk (cmpln) utility I wrote, details, code, etc.: http://mail.pm.org/pipermail/oakland/2006-March/001795.html http://www.rawbw.com/~mp/perl/ chroot(2) and "jails", etc. >From BSD, also comes the "jail" facility, which includes use of chroot(2), and other useful stuff to make such an environment secure and perhaps also easier to set up and/or do so securely. Some, but not necessarily all, of these BSD "jail" capabilities/functionalties have also been ported to other environments, e.g.: http://www.jmcresearch.com/projects/jail/ and a quick check on Debian with apt-cache(8) search also reveals: jailer - Builds and maintains chrooted environments jailtool - Tool to build chroot-jails for daemons With a bit of searching, e.g. via Google, there's lots of data out there, ... of substantially varying quality, regarding chroot, etc. Unfortunately a lot of the information is incomplete or only partially correct, or in some cases rather to quite wrong. Like some other security areas - e.g. cryptography - many folks tend to think they know it quite well, but don't really, ... but that doesn't stop them from writing lots about it, thinking they do. To do chroot(2) well, it's probably best to carefully read and reference the relevant sections of some good UNIX/LINUX(/BSD) security books that typically devote about a chapter or so, to the topic. From that, one should be able to understand and put together a pretty good list of dos and don'ts regarding securely constructing a chroot(2) environment. (I haven't done it recently enough to well recall such a list - and besides, these things can sometimes change over time - e.g. when fundamental security constructs, files, system calls, etc. change over time for various UNIX/LINUX/BSD operating system versions/releases.) fvwm(1), X11, etc. Hmmmm, I still need to update stuff on my web pages so this stuff is more findable, ... anyway, relevant URLs and such are mentioned here: http://lists.balug.org/pipermail/balug-talk-balug.org/2005-November/003572.html Note that it's very configurable, so, for example, one can change what actions are available by various types of mouse events on window elements (sides, corners, title bar and buttons provided by fvwm) ... including potentially having no actions for those items and/or removing most or all of them (e.g. just have a solid frame that does nothing and no other window decorations). Likewise with the function key combinations and the like - one can redefine and/or take away any and/or all of their fvwm functionality. Similarly for mouse events on the root window, those can be redefined and/or disabled too. Of course lots of fvwm information can also be found here: http://www.fvwm.org/ fvwm isn't necessarily the only window manager that is so highly configurable, but it is also a relatively light-weight window manager. It's not nearly as bloated or resource intensive as the typical Gnome or KDE X11 environment. With LINUX, one can also add/remove/enable/disable virtual consoles, so, for example, if one wanted, one could configure the system to have precisely and only one virtual console. If one wants/needs to disable and similar functionality from xfree86 or other X servers, there are probably possible ways to do that (e.g. change the code, or perhaps possibly remap certain keys or key combinations). UNIX/LINUX/BSD/... passwords and their hash algorithms and security, etc. the end of crypt() passwords ... please?: http://www.usenix.org/publications/login/2003-12/pdfs/perrine.pdf password protection for modern operating systems: http://www.usenix.org/publications/login/2004-06/pdfs/alexander.pdf The above I think I mentioned, and may have also posted about some while back. As a public service, USENIX makes their ;login: issues more than one year old available to the public (newer editions are available only to members). Anyway, the two ;login: articles above were the ones I had in mind regarding password hash types used and their relative strengths/algorithms, and precomputation of many, most, or all possible crypt(3) password hashes - along with at least one corresponding cleartext password for each. From Michael.Paoli at cal.berkeley.edu Sun Mar 5 12:29:08 2006 From: Michael.Paoli at cal.berkeley.edu (Michael Paoli) Date: Sun, 5 Mar 2006 12:29:08 -0800 Subject: [buug] (S.F.) free systems: Dell OptiPlex, models: GX110, GX1 and GX400 Message-ID: <1141590548.440b4a1475660@webmail.rawbw.com> Well, when I originally sent this to BUUG and BAD (and also two other lists), it was held, pending moderator approval. I guess the list defaults didn't like the number of To: addresses. Anyway, it never got approved (or rejected) by the moderator(s) for BUUG and BAD, so, I include it below. (I included all the To:'s, rather than Bcc:'s or such, so as to hopefully avoid having lots of duplicate forwardings to various non-profit and charitable group contacts in the area and such). Anyway, a few update notes, then the main information further below. Not all of the systems include Microsoft licenses sticker thingies (of those that do, all I've noticed so far seem to be for Windows 2000 Professional). If one, or one's group must have, or prefers units with such licenses, or doesn't care or prefers not to have them, please specify, so I can try to shuffle units about such that those that need or prefer such license may have opportunity to get them (and those that don't want them may avoid having those nasty stickers on their machines). There are some other models included in the mix, e.g. Dell OptiPlex GX1. If one, or one's group/organization can't make use of certain models, or other models, please let me know that, so I can avoid providing someone with system(s) they couldn't make use of anyway. I've gotten a fair number of requests - not sure exactly how the balance will work out between requests and available systems, but if you're interested or potentially interested, drop me an e-mail note as instructed in the earlier e-mail included below. Also, even if we run out at the present time, there are likely to be more in the future - and possibly the near-term future (which may or may not be more of the same models). ----- Forwarded message from Michael Paoli ----- Date: Fri, 10 Feb 2006 07:30:09 -0800 From: Michael Paoli Reply-To: Michael Paoli Subject: (S.F.) free systems: Dell OptiPlex, models: GX110, GX1 and GX400 To: buug at weak.org, balug-talk-balug.org at lists.balug.org, bad at bad.debian.net, oakland at pm.org, cpsr at cpsr.org, info at streettech.org, donations at waldenhouse.org, rperez at stanhtonysf.org, mitch at onlinepolicy.org, otxwest at yahoo.com, donations at sfgoodwill.org, computerdonations at glide.org, everybodywins at excessaccess.com, ccciowii at aol.com, accrc at accrc.org, mar at compumentor.org (S.F.) free systems: Dell OptiPlex, models: GX110, GX1 and GX400 A group at my employer has some computer systems to give away. Preference would probably be to non-profits (e.g. 501(c)3 or 501(c)(7)) and/or accredited educational institutions, but most any semi-reasonable cause, purpose or person to give/provide them for is also likely potential candidate if interested. Relevant details: The systems: Dell OptiPlex, models: GX110, GX1 and GX400 Note that the GX400 systems may be rather/quite incomplete systems (they may be missing essential components). All models are without monitor, operating system and software, and except possibly for GX400 systems, include a (wiped clean) hard drive, and should be ready to use systems with addition of operating system, monitor, keyboard and mouse. I believe they also all come with some Microsoft operating system license, but they don't include the operating system, software, or media. They don't include shipping/packing materials (they're not boxed). I think there are roughly 25 to 30 systems total, and I think it runs roughly mostly GX110 systems, a fair number of GX1 systems, and some GX400 systems. I probably can't provide individual machine specifications. They probably include at least the minimum hardware specifications on the systems themselves that Dell would have originally shipped them with - not sure what (if anything) beyond that they may have or likely have, and precise specifications/configuration may possibly vary from system to system. Pickup - pickup would need to be arranged for in advance, may be limited to "business hours", and location is South of Market Area (SOMA), San Francisco (not too far from 5th & Mission). Some advance lead time and scheduling for pickups would be required - and more lead time may be required for larger quantity pickups. If you know a group in the area that may be interested, feel free to pass this on to them. For more details, if you're interested to arrange pickup, etc., drop me an e-mail note at my work address. You can get determine my work address via: $ echo 'cnbyvzvp (ng) jryyfsnetb.pbz' | tr '[A-Za-z]' '[N-ZA-Mn-za-m]' * Please include: (S.F.) free systems: Dell OptiPlex, models: GX110, GX1 and GX400 in the Subject line of any e-mail. references/excerpts: http://support.dell.com/support/edocs/systems/ban%5Fgx1/ http://support.dell.com/support/edocs/systems/opgx400/ http://support.dell.com/support/edocs/systems/opgx110/ http://www.dell.com/ *caesar(6), rot13(6), if you have problems translating that into my correct work e-mail address, drop me a reply to this e-mail and I'll e-mail that to you. From Michael.Paoli at cal.berkeley.edu Fri Mar 17 19:24:39 2006 From: Michael.Paoli at cal.berkeley.edu (Michael Paoli) Date: Fri, 17 Mar 2006 19:24:39 -0800 Subject: [buug] Reminder: S.F.: BALUG 2006-03-21: Tom Limoncelli: Time Management for System Administrators Message-ID: <1142652279.441b7d77ab764@webmail.rawbw.com> Just a brief reminder: in San Francisco for the 2006-03-21 Bay Area Linux Users Group (BALUG) meeting, we have as guest presenter Tom Limoncelli, of Google, on: Time Management for System Administrators (and everyone else too) Tom Limoncelli is the author of the new book from O'Reilly, "Time Management for System Administrators" (The book was the #1 computer book on Amazon on Feb 10, 2006) and is also co-author of the book "The Practice of System and Network Administration" from Addison-Wesley more details on the meeting, presentation, etc. here: http://lists.balug.org/pipermail/balug-announce-balug.org/2006-March/000058.html From sababeach at cfl.rr.com Fri Mar 24 13:59:08 2006 From: sababeach at cfl.rr.com (sababeach at cfl.rr.com) Date: Fri, 24 Mar 2006 13:59:08 Subject: [buug] Package for OE, IN, AR, PU, AP, IC Message-ID: First timer. Thought some of you might be interested in the results of my software project. If you need to perform the traditional business functions of Order Entry, Invoicing, Accounts Receivable, Purchasing, Accounts Payable, and Inventory Control I invite you to stop by www.sababeach.net (66.240.125.18) and run my toolbox for distributors. If you want to try it out on your own desktop or server you can download the toolbox for either FreeBSD or Linux. The toolbox has been running as an application server since 2002 on several intranet servers, as an application package since 2003 on many desktops, and as an application service since 2005 on my Internet server. tim