Last night I had several odd dreams. In my last dream, I dreamt I was working in some sort of office with my desk facing a coworker. We were sitting there and a colleague came in and started talking to my coworker something about installed packages. My coworker started typing away to figure something out when the colleague tossed in his two bits saying:
"Why don't you just rpm -qa"
This infuriated me! I jumped up and shouted:
"There's not fucking RPM in Debian, you son of a bitch!"
So the colleague ducked his head and bolted from the room and my coworker sat there flabbergasted. I sat down rubbing my jaw because I had yelled so loud I had strained it. And then I woke up.
So I guess this is just a subconcious warning: Don't make RedHat jokes about Debian systems. I get very upset, apparently.
Monday, 25 December 2006
Saturday, 23 December 2006
Postfix Cleanup
The number of users and domains being hosted on Siona has been growing for quite a while. We're now up to 29 users and 13 domains. Being an order of magnitude beyond the single-user/single-domain setup means there are some complications even though the server configuration is pretty basic.
For example, it is getting important to ensure that domains only deliver mail for a subset of the users. For a while, the domains were all just being appended to the "mydestination" attribute in the Postfix configuration which meant that a) any changes required a mail server restart and b) there was no way to separate which users where in which domains.
A while ago, new domains were being added to the "virtual_alias_domain" hash file. This is really the way to go since modifying the list of domains and modifying the valid relay recipients was easy and allowed control over who was in which domains. The process is still manual, 13 domains is not that much to manage, but it is much easier.
So the latest cleanup issue in the configuration was to move all the extra domains out of the "mydestination" attribute and into the "virtual_alias_domains" hash file where they belong. Well, it was interesting. I had to check through the logs to see which users were actually receiving mail in which domains. Not too tricky at least.
It is really unfortunate that some of the old names, like "uro.mine.nu" and "dulcea.nibble.bz" still have to be maintained. It would be nice to retire those old domains. But the cost of keeping them is way less significant then the energy required to ensure that everyone has current email addresses for all the users.
So other then moving all logical domains to virtual domains, the other change was that I changed the server to no longer relay mail on the basis of "mynetworks". The SASL authenticated SMTP is working great so there's no need to just white-list the LAN. It's cool :D I'm excited because this is the way SMTP should be! Servers only accepting mail if they are either going to deliver the mail or if the connecting user or host is authenticated! Every SMTP server should be setup like this! There are fewer and fewer excuses to accept mail from an un-authenticated connection and more and more reason to validate all mail all the time.
All-in-all, the cleaned up Postfix config is a much better setup for my current and future needs. It's good :)
For example, it is getting important to ensure that domains only deliver mail for a subset of the users. For a while, the domains were all just being appended to the "mydestination" attribute in the Postfix configuration which meant that a) any changes required a mail server restart and b) there was no way to separate which users where in which domains.
A while ago, new domains were being added to the "virtual_alias_domain" hash file. This is really the way to go since modifying the list of domains and modifying the valid relay recipients was easy and allowed control over who was in which domains. The process is still manual, 13 domains is not that much to manage, but it is much easier.
So the latest cleanup issue in the configuration was to move all the extra domains out of the "mydestination" attribute and into the "virtual_alias_domains" hash file where they belong. Well, it was interesting. I had to check through the logs to see which users were actually receiving mail in which domains. Not too tricky at least.
It is really unfortunate that some of the old names, like "uro.mine.nu" and "dulcea.nibble.bz" still have to be maintained. It would be nice to retire those old domains. But the cost of keeping them is way less significant then the energy required to ensure that everyone has current email addresses for all the users.
So other then moving all logical domains to virtual domains, the other change was that I changed the server to no longer relay mail on the basis of "mynetworks". The SASL authenticated SMTP is working great so there's no need to just white-list the LAN. It's cool :D I'm excited because this is the way SMTP should be! Servers only accepting mail if they are either going to deliver the mail or if the connecting user or host is authenticated! Every SMTP server should be setup like this! There are fewer and fewer excuses to accept mail from an un-authenticated connection and more and more reason to validate all mail all the time.
All-in-all, the cleaned up Postfix config is a much better setup for my current and future needs. It's good :)
Friday, 15 December 2006
Blogging with WordPress on Debian
It turns out that there's a nice WordPress package in Debian (testing). It is both up to date, and the package maintainer (Kai Hendry) provides some handy helper scripts.
WordPress provides a handy sample Apache config that was easy to add to the installation on Siona. That took care of that. Then, there's a helper script called "setup-mysql". The way the installation works is that once you get the base install going, you can then just setup a server alias for each blog you want to create and then re-run setup-mysql passing it the FQDN of the server alias. Voila! Multiple blogs right out of the box! No fuss, no muss.
Very nice and I have to admit, I'm very impressed with WordPress as well. It very nicely handles creating a personal site. You basically have blog posts and simple pages. The blog posts are categorized, archived, can allow user comments, etc and those (usually) go on your main page. You can also write pages and those would just link off the main page. Oh, and you can add random links to other blogs and sites. WordPress has tons of themes and plugins available so you can tweak your look and feel the way you want.
Anyhow, enough raving! WordPress is very nice and the installation on Debian works great for creating multiple blogs for any number of friends/family/pets/whatever.
WordPress provides a handy sample Apache config that was easy to add to the installation on Siona. That took care of that. Then, there's a helper script called "setup-mysql". The way the installation works is that once you get the base install going, you can then just setup a server alias for each blog you want to create and then re-run setup-mysql passing it the FQDN of the server alias. Voila! Multiple blogs right out of the box! No fuss, no muss.
Very nice and I have to admit, I'm very impressed with WordPress as well. It very nicely handles creating a personal site. You basically have blog posts and simple pages. The blog posts are categorized, archived, can allow user comments, etc and those (usually) go on your main page. You can also write pages and those would just link off the main page. Oh, and you can add random links to other blogs and sites. WordPress has tons of themes and plugins available so you can tweak your look and feel the way you want.
Anyhow, enough raving! WordPress is very nice and the installation on Debian works great for creating multiple blogs for any number of friends/family/pets/whatever.
Wednesday, 13 December 2006
DD-WRT: Router Firmware Minus the Suck
So far I've tried the default Linksys firmware and OpenWRT. I think we all agree the Linksys firmware is hobbled and frustrating. For example, it limits you to 10 port forwarding rules, there is no signal strength tweaking, and there is some arbitrarily low maximum number of IP connections (I think around 500). All this means Linksys can neither forward all the ports I need nor let me run all the applications I want (specifically bittorrent will use a lot of connections).
OpenWRT was also hobbled but in different ways. The web interface was useless as tits on a bull, the community apparently rejects the idea that you can get port forwarding to work, and updating the software apparently bricks the router. Now the lack of web interface wasn't really a show stopper for me and in fact, I was pretty happy with straight terminal access. It was really the dead router that convinced me to dump OpenWRT.
Now DD-WRT has only had one problem so far. During installation, the router didn't come up properly. As per a comment for the v23rc2 installation, you have to do the manufacturer reset (hold the reset button and power-cycle) once DD-WRT is uploaded.
Otherwise, it's been great! The web-interface is *way* nicer then the Linksys web-interface. It supports an arbitrary number of forwarded ports, shows *way* more status information, let's you tweak up the max number of IP connections, and even lets you tune the wireless power levels.
We will see how long this experiment works for us, so far I'm optimistic.
OpenWRT was also hobbled but in different ways. The web interface was useless as tits on a bull, the community apparently rejects the idea that you can get port forwarding to work, and updating the software apparently bricks the router. Now the lack of web interface wasn't really a show stopper for me and in fact, I was pretty happy with straight terminal access. It was really the dead router that convinced me to dump OpenWRT.
Now DD-WRT has only had one problem so far. During installation, the router didn't come up properly. As per a comment for the v23rc2 installation, you have to do the manufacturer reset (hold the reset button and power-cycle) once DD-WRT is uploaded.
Otherwise, it's been great! The web-interface is *way* nicer then the Linksys web-interface. It supports an arbitrary number of forwarded ports, shows *way* more status information, let's you tweak up the max number of IP connections, and even lets you tune the wireless power levels.
We will see how long this experiment works for us, so far I'm optimistic.
Tuesday, 12 December 2006
Where are My Files?
Couple tidbits over the last four weeks: I "upgraded" to Edgy Efy at home and the Nibble installed Joomla and have tried using that as our portal.
In the case of the former, discussing all the problems I'm having would constitute an all-out rant. It is really a shame but I've just had problems with the last two releases of Kubuntu. Maybe it's just Kubuntu and not Ubuntu in general, but it's really feeling like "the distro of the week". You know, there's things you like about the distro, it gets lots of press, it seems lively, but there's just too many annoying problems that whatever comes out next week may just be better.
Anyhow, rather then just dig in and rant, let me just say that one problem I've fixed is to do with Konqueror not displaying files. Specifically, if I browsed to the root of the file system, I could only see home, media, data (for music and video), and windows. Not etc, var, or other folders that are useful.
It turns out that if there is a file called ".hidden" in a folder with one file (or folder) name per line, then Konqueror will not display those folders. Some dimwit thought that this would "simplify things" for "the average user". I'm sorry, but obfuscating the file system is not the answer. As it is, "the average user" pretty well sticks to "Documents" and their Desktop. No hiding of folders necessary. That seems like a Finder-esque thing to do. And though I love and respect Apple's OS X for its many fine features, Finder is a dreadful bug-ridden horror not deserving of emulation.
So in summary, if you're in Kubuntu (or maybe KDE on any system) and can't see a bunch of folders you know exist, just rm .hidden and you'll be good to go.
And then on to other news. The Nibble has been trying to setup Joomla for our portal site. We need some blogging ability, news feed aggregation, and some static pages for HOWTOs. We installed Joomla 1.5 beta which has several bugs we ran into right away (the "poll" feature doesn't strip backslashes properly, for example) and it's a little to abstract/complex of a system for our needs. We could really figure out how to just do what we wanted (blog, aggregate, static pages) and then theme it and be done. Time to move on. It seems like WordPress has all the features we need (and not much more) so we'll give that a try next.
Okay, back to work for me.
In the case of the former, discussing all the problems I'm having would constitute an all-out rant. It is really a shame but I've just had problems with the last two releases of Kubuntu. Maybe it's just Kubuntu and not Ubuntu in general, but it's really feeling like "the distro of the week". You know, there's things you like about the distro, it gets lots of press, it seems lively, but there's just too many annoying problems that whatever comes out next week may just be better.
Anyhow, rather then just dig in and rant, let me just say that one problem I've fixed is to do with Konqueror not displaying files. Specifically, if I browsed to the root of the file system, I could only see home, media, data (for music and video), and windows. Not etc, var, or other folders that are useful.
It turns out that if there is a file called ".hidden" in a folder with one file (or folder) name per line, then Konqueror will not display those folders. Some dimwit thought that this would "simplify things" for "the average user". I'm sorry, but obfuscating the file system is not the answer. As it is, "the average user" pretty well sticks to "Documents" and their Desktop. No hiding of folders necessary. That seems like a Finder-esque thing to do. And though I love and respect Apple's OS X for its many fine features, Finder is a dreadful bug-ridden horror not deserving of emulation.
So in summary, if you're in Kubuntu (or maybe KDE on any system) and can't see a bunch of folders you know exist, just rm .hidden and you'll be good to go.
And then on to other news. The Nibble has been trying to setup Joomla for our portal site. We need some blogging ability, news feed aggregation, and some static pages for HOWTOs. We installed Joomla 1.5 beta which has several bugs we ran into right away (the "poll" feature doesn't strip backslashes properly, for example) and it's a little to abstract/complex of a system for our needs. We could really figure out how to just do what we wanted (blog, aggregate, static pages) and then theme it and be done. Time to move on. It seems like WordPress has all the features we need (and not much more) so we'll give that a try next.
Okay, back to work for me.
Friday, 17 November 2006
Bricking a Router
I bricked my router yesterday.
That's the short version. The long version? Well it's a sordid story that starts many weeks ago when I decided to install OpenWRT on my Linksys WRT54G v3 router.
Initially, I was happy! The web interface for OpenWRT is a little useless and the documentation (and mbm on the forums) said that setting up port forwarding to work both outside *and* inside the LAN was "impossible" (it's not, iptables works great) so I quickly got used to using SSH for managing the router's setup and firewall rules.
Then came the day that comes up regularly for any good sys admin, that is, update day. I did my little "ipkg update ; ipkg upgrade" but it choked! The device ran out of disk space. Initially, I wasn't worried. I cleared up some space and tried to finished the update. It limped a couple steps and then died. I couldn't even update to download the latest package list much less install/update any software. But the router was running. Since it was still working, I left it as-is. I was worried it would die if it was power cycled, but I was prepared to leave it on indefinitely anyhow.
Then last night, after a few drinks, the missus and I decided to rearrange the living room. So we drunkenly pushed furniture around moved movies, games, TV, stereo, etc. After the dust settled, I sat back down at my computer only to find I couldn't connect to the Internet. I could connect within the LAN so the router was switching, but definitely not routing. I couldn't connect at all to the router and it seemed to be dropping packets when I did a simple ping to it. The router was bricked.
Well, like any heavy user of the Internet, I prayed to Google to show me the way. Google spoke to me and said:
"Go here, my child, to un-brick your router."
Bearing the Word of Google, I went there where I was assured that all I needed to unbrick my router was a working firmware for the router and "any other small pointy metal object". The firmware I downloaded from Linksys (enough fucking around with OpenWRT) and for a small pointy metal object, I nabbed a bobby pin and off I went.
I read through all the instructions twice, then I pulled my router apart, shorted pins 15 and 16 as instructed, TFTP'd the firmware onto the router, and voila! The router booted! I was amazed! Like Christ turning water into wine, I had turned brick into router!
Rather then walk on water, I put the router back together, quickly configured it to a working state and that was that.
The moral of the story is: Don't brick your router. Restoring your router may make you partial to religion temporarily.
That's the short version. The long version? Well it's a sordid story that starts many weeks ago when I decided to install OpenWRT on my Linksys WRT54G v3 router.
Initially, I was happy! The web interface for OpenWRT is a little useless and the documentation (and mbm on the forums) said that setting up port forwarding to work both outside *and* inside the LAN was "impossible" (it's not, iptables works great) so I quickly got used to using SSH for managing the router's setup and firewall rules.
Then came the day that comes up regularly for any good sys admin, that is, update day. I did my little "ipkg update ; ipkg upgrade" but it choked! The device ran out of disk space. Initially, I wasn't worried. I cleared up some space and tried to finished the update. It limped a couple steps and then died. I couldn't even update to download the latest package list much less install/update any software. But the router was running. Since it was still working, I left it as-is. I was worried it would die if it was power cycled, but I was prepared to leave it on indefinitely anyhow.
Then last night, after a few drinks, the missus and I decided to rearrange the living room. So we drunkenly pushed furniture around moved movies, games, TV, stereo, etc. After the dust settled, I sat back down at my computer only to find I couldn't connect to the Internet. I could connect within the LAN so the router was switching, but definitely not routing. I couldn't connect at all to the router and it seemed to be dropping packets when I did a simple ping to it. The router was bricked.
Well, like any heavy user of the Internet, I prayed to Google to show me the way. Google spoke to me and said:
"Go here, my child, to un-brick your router."
Bearing the Word of Google, I went there where I was assured that all I needed to unbrick my router was a working firmware for the router and "any other small pointy metal object". The firmware I downloaded from Linksys (enough fucking around with OpenWRT) and for a small pointy metal object, I nabbed a bobby pin and off I went.
I read through all the instructions twice, then I pulled my router apart, shorted pins 15 and 16 as instructed, TFTP'd the firmware onto the router, and voila! The router booted! I was amazed! Like Christ turning water into wine, I had turned brick into router!
Rather then walk on water, I put the router back together, quickly configured it to a working state and that was that.
The moral of the story is: Don't brick your router. Restoring your router may make you partial to religion temporarily.
Tuesday, 31 October 2006
Rocking Out
Woohoo! I finally got my computer hooked up to the stereo. Since my computer is nearish to the stereo, all I need was a little Y connector and *bam*, we're cooking! The sound is so much better, it's awesome. And these speakers aren't even anything to write home about, they're just better the computer speakers. The trick being something different about the magnetism, I don't know. The stereo speakers just aren't supposed to be right next to the computer cause they'll mess everything up, but we should be cool as is.
Rambling, enough. Computer to stereo is awesome! Woo!
Good night!
Rambling, enough. Computer to stereo is awesome! Woo!
Good night!
Subscribe to:
Comments (Atom)