Last night I had several odd dreams. In my last dream, I dreamt I was working in some sort of office with my desk facing a coworker. We were sitting there and a colleague came in and started talking to my coworker something about installed packages. My coworker started typing away to figure something out when the colleague tossed in his two bits saying:
"Why don't you just rpm -qa"
This infuriated me! I jumped up and shouted:
"There's not fucking RPM in Debian, you son of a bitch!"
So the colleague ducked his head and bolted from the room and my coworker sat there flabbergasted. I sat down rubbing my jaw because I had yelled so loud I had strained it. And then I woke up.
So I guess this is just a subconcious warning: Don't make RedHat jokes about Debian systems. I get very upset, apparently.
Monday, 25 December 2006
Saturday, 23 December 2006
Postfix Cleanup
The number of users and domains being hosted on Siona has been growing for quite a while. We're now up to 29 users and 13 domains. Being an order of magnitude beyond the single-user/single-domain setup means there are some complications even though the server configuration is pretty basic.
For example, it is getting important to ensure that domains only deliver mail for a subset of the users. For a while, the domains were all just being appended to the "mydestination" attribute in the Postfix configuration which meant that a) any changes required a mail server restart and b) there was no way to separate which users where in which domains.
A while ago, new domains were being added to the "virtual_alias_domain" hash file. This is really the way to go since modifying the list of domains and modifying the valid relay recipients was easy and allowed control over who was in which domains. The process is still manual, 13 domains is not that much to manage, but it is much easier.
So the latest cleanup issue in the configuration was to move all the extra domains out of the "mydestination" attribute and into the "virtual_alias_domains" hash file where they belong. Well, it was interesting. I had to check through the logs to see which users were actually receiving mail in which domains. Not too tricky at least.
It is really unfortunate that some of the old names, like "uro.mine.nu" and "dulcea.nibble.bz" still have to be maintained. It would be nice to retire those old domains. But the cost of keeping them is way less significant then the energy required to ensure that everyone has current email addresses for all the users.
So other then moving all logical domains to virtual domains, the other change was that I changed the server to no longer relay mail on the basis of "mynetworks". The SASL authenticated SMTP is working great so there's no need to just white-list the LAN. It's cool :D I'm excited because this is the way SMTP should be! Servers only accepting mail if they are either going to deliver the mail or if the connecting user or host is authenticated! Every SMTP server should be setup like this! There are fewer and fewer excuses to accept mail from an un-authenticated connection and more and more reason to validate all mail all the time.
All-in-all, the cleaned up Postfix config is a much better setup for my current and future needs. It's good :)
For example, it is getting important to ensure that domains only deliver mail for a subset of the users. For a while, the domains were all just being appended to the "mydestination" attribute in the Postfix configuration which meant that a) any changes required a mail server restart and b) there was no way to separate which users where in which domains.
A while ago, new domains were being added to the "virtual_alias_domain" hash file. This is really the way to go since modifying the list of domains and modifying the valid relay recipients was easy and allowed control over who was in which domains. The process is still manual, 13 domains is not that much to manage, but it is much easier.
So the latest cleanup issue in the configuration was to move all the extra domains out of the "mydestination" attribute and into the "virtual_alias_domains" hash file where they belong. Well, it was interesting. I had to check through the logs to see which users were actually receiving mail in which domains. Not too tricky at least.
It is really unfortunate that some of the old names, like "uro.mine.nu" and "dulcea.nibble.bz" still have to be maintained. It would be nice to retire those old domains. But the cost of keeping them is way less significant then the energy required to ensure that everyone has current email addresses for all the users.
So other then moving all logical domains to virtual domains, the other change was that I changed the server to no longer relay mail on the basis of "mynetworks". The SASL authenticated SMTP is working great so there's no need to just white-list the LAN. It's cool :D I'm excited because this is the way SMTP should be! Servers only accepting mail if they are either going to deliver the mail or if the connecting user or host is authenticated! Every SMTP server should be setup like this! There are fewer and fewer excuses to accept mail from an un-authenticated connection and more and more reason to validate all mail all the time.
All-in-all, the cleaned up Postfix config is a much better setup for my current and future needs. It's good :)
Friday, 15 December 2006
Blogging with WordPress on Debian
It turns out that there's a nice WordPress package in Debian (testing). It is both up to date, and the package maintainer (Kai Hendry) provides some handy helper scripts.
WordPress provides a handy sample Apache config that was easy to add to the installation on Siona. That took care of that. Then, there's a helper script called "setup-mysql". The way the installation works is that once you get the base install going, you can then just setup a server alias for each blog you want to create and then re-run setup-mysql passing it the FQDN of the server alias. Voila! Multiple blogs right out of the box! No fuss, no muss.
Very nice and I have to admit, I'm very impressed with WordPress as well. It very nicely handles creating a personal site. You basically have blog posts and simple pages. The blog posts are categorized, archived, can allow user comments, etc and those (usually) go on your main page. You can also write pages and those would just link off the main page. Oh, and you can add random links to other blogs and sites. WordPress has tons of themes and plugins available so you can tweak your look and feel the way you want.
Anyhow, enough raving! WordPress is very nice and the installation on Debian works great for creating multiple blogs for any number of friends/family/pets/whatever.
WordPress provides a handy sample Apache config that was easy to add to the installation on Siona. That took care of that. Then, there's a helper script called "setup-mysql". The way the installation works is that once you get the base install going, you can then just setup a server alias for each blog you want to create and then re-run setup-mysql passing it the FQDN of the server alias. Voila! Multiple blogs right out of the box! No fuss, no muss.
Very nice and I have to admit, I'm very impressed with WordPress as well. It very nicely handles creating a personal site. You basically have blog posts and simple pages. The blog posts are categorized, archived, can allow user comments, etc and those (usually) go on your main page. You can also write pages and those would just link off the main page. Oh, and you can add random links to other blogs and sites. WordPress has tons of themes and plugins available so you can tweak your look and feel the way you want.
Anyhow, enough raving! WordPress is very nice and the installation on Debian works great for creating multiple blogs for any number of friends/family/pets/whatever.
Wednesday, 13 December 2006
DD-WRT: Router Firmware Minus the Suck
So far I've tried the default Linksys firmware and OpenWRT. I think we all agree the Linksys firmware is hobbled and frustrating. For example, it limits you to 10 port forwarding rules, there is no signal strength tweaking, and there is some arbitrarily low maximum number of IP connections (I think around 500). All this means Linksys can neither forward all the ports I need nor let me run all the applications I want (specifically bittorrent will use a lot of connections).
OpenWRT was also hobbled but in different ways. The web interface was useless as tits on a bull, the community apparently rejects the idea that you can get port forwarding to work, and updating the software apparently bricks the router. Now the lack of web interface wasn't really a show stopper for me and in fact, I was pretty happy with straight terminal access. It was really the dead router that convinced me to dump OpenWRT.
Now DD-WRT has only had one problem so far. During installation, the router didn't come up properly. As per a comment for the v23rc2 installation, you have to do the manufacturer reset (hold the reset button and power-cycle) once DD-WRT is uploaded.
Otherwise, it's been great! The web-interface is *way* nicer then the Linksys web-interface. It supports an arbitrary number of forwarded ports, shows *way* more status information, let's you tweak up the max number of IP connections, and even lets you tune the wireless power levels.
We will see how long this experiment works for us, so far I'm optimistic.
OpenWRT was also hobbled but in different ways. The web interface was useless as tits on a bull, the community apparently rejects the idea that you can get port forwarding to work, and updating the software apparently bricks the router. Now the lack of web interface wasn't really a show stopper for me and in fact, I was pretty happy with straight terminal access. It was really the dead router that convinced me to dump OpenWRT.
Now DD-WRT has only had one problem so far. During installation, the router didn't come up properly. As per a comment for the v23rc2 installation, you have to do the manufacturer reset (hold the reset button and power-cycle) once DD-WRT is uploaded.
Otherwise, it's been great! The web-interface is *way* nicer then the Linksys web-interface. It supports an arbitrary number of forwarded ports, shows *way* more status information, let's you tweak up the max number of IP connections, and even lets you tune the wireless power levels.
We will see how long this experiment works for us, so far I'm optimistic.
Tuesday, 12 December 2006
Where are My Files?
Couple tidbits over the last four weeks: I "upgraded" to Edgy Efy at home and the Nibble installed Joomla and have tried using that as our portal.
In the case of the former, discussing all the problems I'm having would constitute an all-out rant. It is really a shame but I've just had problems with the last two releases of Kubuntu. Maybe it's just Kubuntu and not Ubuntu in general, but it's really feeling like "the distro of the week". You know, there's things you like about the distro, it gets lots of press, it seems lively, but there's just too many annoying problems that whatever comes out next week may just be better.
Anyhow, rather then just dig in and rant, let me just say that one problem I've fixed is to do with Konqueror not displaying files. Specifically, if I browsed to the root of the file system, I could only see home, media, data (for music and video), and windows. Not etc, var, or other folders that are useful.
It turns out that if there is a file called ".hidden" in a folder with one file (or folder) name per line, then Konqueror will not display those folders. Some dimwit thought that this would "simplify things" for "the average user". I'm sorry, but obfuscating the file system is not the answer. As it is, "the average user" pretty well sticks to "Documents" and their Desktop. No hiding of folders necessary. That seems like a Finder-esque thing to do. And though I love and respect Apple's OS X for its many fine features, Finder is a dreadful bug-ridden horror not deserving of emulation.
So in summary, if you're in Kubuntu (or maybe KDE on any system) and can't see a bunch of folders you know exist, just rm .hidden and you'll be good to go.
And then on to other news. The Nibble has been trying to setup Joomla for our portal site. We need some blogging ability, news feed aggregation, and some static pages for HOWTOs. We installed Joomla 1.5 beta which has several bugs we ran into right away (the "poll" feature doesn't strip backslashes properly, for example) and it's a little to abstract/complex of a system for our needs. We could really figure out how to just do what we wanted (blog, aggregate, static pages) and then theme it and be done. Time to move on. It seems like WordPress has all the features we need (and not much more) so we'll give that a try next.
Okay, back to work for me.
In the case of the former, discussing all the problems I'm having would constitute an all-out rant. It is really a shame but I've just had problems with the last two releases of Kubuntu. Maybe it's just Kubuntu and not Ubuntu in general, but it's really feeling like "the distro of the week". You know, there's things you like about the distro, it gets lots of press, it seems lively, but there's just too many annoying problems that whatever comes out next week may just be better.
Anyhow, rather then just dig in and rant, let me just say that one problem I've fixed is to do with Konqueror not displaying files. Specifically, if I browsed to the root of the file system, I could only see home, media, data (for music and video), and windows. Not etc, var, or other folders that are useful.
It turns out that if there is a file called ".hidden" in a folder with one file (or folder) name per line, then Konqueror will not display those folders. Some dimwit thought that this would "simplify things" for "the average user". I'm sorry, but obfuscating the file system is not the answer. As it is, "the average user" pretty well sticks to "Documents" and their Desktop. No hiding of folders necessary. That seems like a Finder-esque thing to do. And though I love and respect Apple's OS X for its many fine features, Finder is a dreadful bug-ridden horror not deserving of emulation.
So in summary, if you're in Kubuntu (or maybe KDE on any system) and can't see a bunch of folders you know exist, just rm .hidden and you'll be good to go.
And then on to other news. The Nibble has been trying to setup Joomla for our portal site. We need some blogging ability, news feed aggregation, and some static pages for HOWTOs. We installed Joomla 1.5 beta which has several bugs we ran into right away (the "poll" feature doesn't strip backslashes properly, for example) and it's a little to abstract/complex of a system for our needs. We could really figure out how to just do what we wanted (blog, aggregate, static pages) and then theme it and be done. Time to move on. It seems like WordPress has all the features we need (and not much more) so we'll give that a try next.
Okay, back to work for me.
Subscribe to:
Posts (Atom)
Popular Posts
-
For anyone who's had to cleanup some mail problems with Postfix configuration (or more often with other things, like anti-spam, tied in ...
-
In the course of troubleshooting the office Jabber server the other day, I came across some interesting info about the various caches that O...
-
For everyone who uses cron, you are familiar with the job schedule form: min hr day-of-month month day-of-week <command> A problem...