*NIX

recovery after mkfs

Thu, 29 Jul 2010 22:51:03 +0000

Ok, I wasnt thinking and did a mkfs instead of a fsck (that'll teach me for not checking what my fingers do). Whats the best way to go about recovery? I dont have a similar sized HDD else i'd just try and copy what I could with the tools I've used before. Can a mkfs (ext3) be reversed?

edit:
well wiki says this:

Quote

There is no chance of file recovery after file system format.

so I guess there is no standard way to recover from this. I'm running photorec to see what it can get back.

Apache on fedora, help please :)

Tue, 13 Jul 2010 09:33:34 +0000

Hey !

So I am going to run a website on fedora. Got apache installed and its online.
I used to run the website on windows Xp earlier and it worked fine. But now when I have
placed all the folders in /var/www/html it just brings me a "You don't have permission to access / on this server." error.
When my html folder is empty it brings my to the fedora test page, so I know its working but somehow whenever I place
something in the html map it gives me that error...

What's wrong ?

ext2/ext3

Mon, 12 Jul 2010 18:02:19 +0000

"The maximum file size for ext2/ext3 is actually dependent on the choice of blocksize and hardware architecture"

Why are the maximum file size and file system size dependent on the block size?

It appears that 4KB is the standard block size in x86; however, ext4 supports larger files and larger file systems with the same block size of 4KB.

Does anyone know the origin of this limitation in ext2/ext3 and/or how they overcame it in ext4?

sparc64 + linux

Wed, 07 Jul 2010 06:08:53 +0000

well ive tried debian stable like 2 weeks ago which was debian 504 which was pretty much depricated being 2.6.26 kernel (2 years old and counting) no ext4 support so i tried debian testing but like when i tried gentoo whenever i use a weekly release cd i get random errors. like when i tried debian testing some one broke parted as it couldnt part a sun disklabel it just messed it up, made all the parts like 1/2 the size indicated so id end up from supposed to being like 100mb /boot, 2gb swap, then like 34gb for /. (36gb drive) end up being 100mb 14gb free space, 14gb /, 1gb free space, 1gb swap. and as i had debain stable working just fine, it was specific to testing obviously. so the question is anyone have any suggestions on how to get a weekly release cd working?

edit: its for my newish sun ultra60 2x360mhz ultrasparc II's with 4mbl2 per, and 1796mb of ram with dual 36gb scsi drives, dual ethernet nic's fiber optic card, usb, sound, video card (not the one that takes up both slots) so i was planning on using it on a dailyish basis so i want to be able to run programs newer than 2 years old :p

LDAP Anyone ?

Sat, 03 Jul 2010 08:50:33 +0000

So,

I just finished setting up another DSEE7 Ldap server at the home lab to stay current with the enterprise so to speak.
Outside of work/production networks,

Does anyone else here run LDAP servers @ home?

Aside from that, who admins ldap servers and what do you run?

btw, anyone use likewise enterprise in prod ?

Screen flickering using new distros

Tue, 22 Jun 2010 20:37:28 +0000

I'm wondering if anybody else has been experiencing constant and unpredictable screen flickering using these two (x86) distributions. My video-card is an AGP-based ATI Radeon 9800 pro and I'm almost convinced this is relevant to the issue. Maybe the video driver that these distros use just doesn't like my video card. The screen blanking at random intervals and these intervals are short so I can't these much faster distributions on my main-machine. Anyone else experience this problem?

*NIX SSH based "BBS" (Free Shell Server)

Sun, 20 Jun 2010 22:08:59 +0000

So
in another Forum Frog asked how to go about creating a "BBS"
(This first Post is an Overview)

Well a modern similar related concept of this is a modern shell server deployment.

( You may have encountered various free shell sites such as metawire (now defunct) and SDF, (Still going )

Both of which have/had their own enclosed communities within the realm of a live server offering up terms .

While of course a classic BBS is telephony only with a community encapsulated off the net, these days its a bit pricy
to run telephone lines etc .

The closest thing to text only shell content that comes to mind is a Free shell service. Want community isolation ?
Use localhost only text based services. (ie for example a web server that only listens and serves content on the localhost)

With internet laws becoming even more draconian , one could even encourage the use of such a shell server with ssh over TOR
anonymity apps .

(Keep in mind however, TOR isn't always safe either )

So with only a modest sign up web page facing the internet and ssh only public login access,

One could grant access to user accounts with a custom written menu driven shell script set as a system shell that vaguely resembles an old school "BBS"

Thus the "BBS" becomes more of a complete Unix system merged with BBS like shell scripts .

limiting actual shell access is probably a good idea.

With modern day virtualization and segmented OS instances, one can both offer a Freeshell/BBS like service with the added security layer of virtualization.

This is where my favorite *NIX OS comes in . Solaris 10.

So you have a Solaris 10 host (Full blown server)

On the Global zone, you enable resource pools and the Fair Share Scheduler to better control system resources.

Then you have a whole array of public / private facing zones.

The tricky catch being that each zone has multiple network "interfaces" allowing for private
back end communication .

Each zone has hard and soft resource limits set so the system never becomes completely overloaded (in theory)

Zone specifics:

Global zone
Verboten. No one can log into it directly from a public IP. (must be accessed via console or some other non public facing secure measure)
The global zone is used solely to monitor system resources and other zones.
(or internal private NFS server for auto_home use on zones )

ssh login zone
Sole purpose is to be the front end portal for ssh logins and front line login available on both public/private facing networks

TOR/SQUID zone

public/private facing zone that runs as a TOR relay and/or TOR exit node (get a legal department if you run a TOR exit node lol )

private web server zone

Host all web based content with no direct shell access to the general free shell public internally

public web server zone

all public facing web content externally

mysql db zone (private)

mysql server zone

mysql db zone (public)

mysql server zone

IRCD zone (private)

zone that hosts IRC comms internally (not public facing for extra security)

Fileserver/FTP zone

depending on your model, a private or public

Identity management ?

There is a few ways to go about doing this. You could either

run an internal private facing LDAP server zone ( and be extra vigilant on security )

or propagate /etc/passwd , /etc/shadow copies between zones (a bit more secure but prone to error and other problems)

Administration ?

Use RBAC profiles or conversely limit su - to a specific group one must login to . These concepts could be used both on zones and global .

Just a high level overview of how to setup a "BBS" like secure shell server with zones.

Sun Ultra 10

Wed, 02 Jun 2010 08:24:39 +0000

I got this machine a few years ago for <$100 on eBay. I haven't booted the machine in over a year and I wanted to load a new operating system(new to me that is), so now it's running freebsd 8.0. It was a pain in the ass to get set up but once I did, I liked it very much. The only problem I'm having so far is a dead mouse cursor in my console. My mouse works fine when I'm in X-windows but I would like the mouse to work with my console(or to gtfo my screen). I have a sun ball-mouse that connects to the sun keyboard that came with when I bought the system. The mouse was a pain to get working from the start as I had to modify xorg.conf to use /dev/cuau3(instead of /dev/sysmouse) and a protocol called 'mousesystems' for the mouse to work properly. Now that it does, I could care less about the console mouse problem except that it obscures whatever character ends up under the cursor. Maybe somebody knows a trick to fix this?

Here's some pics for fun:

wicd or me?

Sun, 30 May 2010 16:07:12 +0000

This is a fairly noobish question so go easy. My wireless card (Rosewill RNX N300) used to work perfectly fine with BT4 pre final however now that I have BT4 Final, wicd can't find any wireless networks. I've checked iwconfig and it recognizes that I have a wireless connection, and to make sure the card was being recognized I used the lspci command. Everything seems to check out alright, so is this just wicd's issue or am I missing something extremely obvious here? I'd love to be able to throw this ethernet cable back in my dresser drawer

Can Ubuntu boot & run from a flash drive

Thu, 13 May 2010 02:24:26 +0000

I need to know this before I start onto this - will Ubuntu boot ok from a bootable flash drive? I know how to make the drive bootable, that's not a problem.

Anyone who knows, post it.

GREX System to Terminate Dialins

Sun, 09 May 2010 05:31:22 +0000

Moderators: if anyone thinks this is inappropriate or in the wrong topic (UNIX was the most related thing I could think of), feel free to delete/move.

As per the co-op thread, the GREX system admins are considering dropping their last two modem lines for system access.

For those who don't know, the GREX system is a public access machine in Ann Arbor, MI operating on similar principles as the SDF. Not too many people use the dialins anymore, and with the usage statistics the admins have collected, it's really hard to see a justification in keeping the lines in service. GREX holds special meaning for me as it was my first introduction to UNIX, back when it ran SunOS 4 on really ancient Sun hardware. Nothing like popping up the Windows 95 telnet terminal in class to check your e-mail, and having the teacher freak out because a student had a black window with green "hacker text" open!

Anyhow, it turns out keeping a single line up would cost between $20-40 a month, or 4-8 new paid subscription users. Subscriptions cost around $60/year. Last time I checked, GREX supports dialin speeds down to at least 1200 baud, and probably 300 as well. I thought it might be relevant to post here about the system, in case people would be interested in subscribing for a shell account in order to keep a dialin up. Since we have free long distance calling at home, I often dial in with one of my vintage machines to check e-mail or transfer files between home and school (they also support SSH/telnet logins, as well as FTP).

When it comes down to it, dialins are largely a forgotten and deprecated method of connecting to the system, especially with many free dialup services posted. While there are a few people who still use dialins with GREX, it won't be the end of the world if they go. I thought I might find some support, if any exists, in helping keep at least one line up -- I'm not actually affiliated with GREX, other than being a long-time user.

/dev/crypto opinions

Fri, 07 May 2010 17:17:28 +0000

using /dev/crypto doesn't strike me as the fastest model for encryption. Simply because I my intuition would suggest that context switching, e.i. changing your memory maps and flushing your cache to enter kernel-space would be too much overhead. Even, I would presume, if a hardware crypto device were behind /dev/crypto. What is everyone's opinions on this? Should crypto be in userspace where it doesn't necessarily cause expensive context switches or should is it best to use /dev/crypto? Perhaps there could be a hybrid approach where your crypto framework uses user-space crypto until you reach some threshold where it then starts using /dev/crypto.

in your term, caping your page-up/down

Thu, 06 May 2010 17:15:47 +0000

Does anyone know why vi and other such programs would ignore $TERMCAP?

Basically I've set $TERM to pcansi because it's the closest thing to my terminal, however the /etc/termcap entry for pcansi does not have definitions for page-up/down. I searched through /etc/termcap and didn't find an entry that I liked. When running screen it complains if $TERM is not in the /etc/termcap database. So.. I set $TERM to pcansi to get screen from complaining then I add definitions to $TERMCAP for page-up/downs. The thing is that it seems most programs ignore your $TERMCAP if $TERM is a valid entry. Any ideas on how I get screen not to complain about invalid $TERMs and have programs read my $TERMCAP at the same time? This is really bothering me :( Modifying anything on my computer isn't an option, unfortunately. For example I'm not going to add a screen.TERM entry or modify /etc/termcap.

Encrypted ZFS Backups

Thu, 29 Apr 2010 01:41:58 +0000

One of OpenSolaris's heralding features is a next-gen filesystem called ZFS. Managing ZFS backups could not be easier. All you need to run is zfs snapshot tank/dataset@backup. If you want to replicate or store that snapshot on another machine, you can run zfs send tank/dataset@backup > backup.zfs.

I'll be demoing how to use GPG2 to encrypt ZFS backups created with zfs send. Here's the commands I used to do it:

Quote

root@shawn-desktop:~# chmod A+user:shawn:full_set:fd:allow /datumz/
root@shawn-desktop:~# logout
shawn@shawn-desktop:~$ zfs create datumz/demo
shawn@shawn-desktop:~$ echo "this is a test" > /datumz/demo/testfile
shawn@shawn-desktop:~$ zfs snapshot datumz/demo@backup
shawn@shawn-desktop:~$ zfs send datumz/demo@backup | gpg2 -e -r "Shawn Webb" -o datumz_demo\@backup.zfs.gpg
Warning: using insecure memory!
shawn@shawn-desktop:~$ zfs destroy -r datumz/demo
shawn@shawn-desktop:~$ gpg2 -d datumz_demo\@backup.zfs.gpg | zfs recv datumz/demo
Warning: using insecure memory!
You need a passphrase to unlock the secret key for
user: "Shawn Webb "
4096-bit RSA key, ID F751C7BB, created 2010-04-27 (main key ID 5B242D25)
can't connect to `/home/shawn/.gnupg/S.gpg-agent': No such file or directory
Warning: using insecure memory!
gpg: encrypted with 4096-bit RSA key, ID F751C7BB, created 2010-04-27
"Shawn Webb "
shawn@shawn-desktop:~$ ls /datumz/demo/
testfile

So you can see how easy it is to manage and create snapshots and backups of ZFS datasets. I love that the backup files are never stored in plaintext. They're stored encrypted.

Originally posted on my tech blog

APT data base error.

Wed, 28 Apr 2010 22:26:44 +0000

Adept wont update for me even if i sudo apt-get or update -f. For somreason i get this error. I have attached a photo anyone that can offer help i would love a lot!!

Oh and here is another error i get when i man install firefox flash plug in...

Last thing i swear: is there a way can make it so that i dont need to enter my password for sudo commands in terminal?