LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/LG/issue17/answer.html

2308 lines
86 KiB
HTML
Raw Permalink Blame History

<!--startcut ======================================================= -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<title>The Answer Guy Issue 17</title>
</head>
<BODY BGCOLOR="EEE1CC" TEXT="#000000" LINK="#0000FF" VLINK="0020F0" ALINK=
"FF0000">
<!--endcut ========================================================= -->
<H4>&quot;Linux Gazette...<I>making Linux just a little more fun!</I>&quot;
</H4>
<P> <hr> <P>
<!-- =============================================================== -->
<center>
<H1><A NAME="answer">
<img src="../gx/ans.gif" alt="" border=0 align=middle>
The Answer Guy
<img src="../gx/ans.gif" alt="" border=0 align=middle>
</A></H1> <BR>
<H4>By James T. Dennis
<a href="mailto:jimd@starshine.org">jimd@starshine.org</a><BR>
Starshine Technical Services, <A HREF="http://www.starshine.org/">
http://www.starshine.org/</A> </H4>
</center>
<p><hr><p>
<H3>Contents:</H3>
<ul>
<li><a HREF="./answer.html#fs">fs's</a>
<li><a HREF="./answer.html#unix">Linux/Unix Emulator</a>
<li><a HREF="./answer.html#vidX">Using X With 2 Monitors and 2 Video
Cards</a>
B
<li><a HREF="./answer.html#host">Virtual Hosting</a>
<li><a HREF="./answer.html#response">Response from Weitse Venema</a>
<li><a HREF="./answer.html#file">Automatic File Transfer</a>
<li><a HREF="./answer.html#ftpd">Installing wu-ftpd on a Linux Box</a>
<li><a HREF="./answer.html#boot">Trying to Boot a Laptop</a>
<li><a HREF="./answer.html#zmode">zmodem Reply</a>
<li><a HREF="./answer.html#start">StartX</a>
<li><a HREF="./answer.html#imap">IMAP and Linux</a>
<li><a HREF="./answer.html#imap2">IMAP Again</a>
<li><a HREF="./answer.html#uucp">UUCP Questions</a>
<li><a HREF="./answer.html#flops">Using MS-DOS Floppies</a>
<li><a HREF="./answer.html#inetd">inetd Questions</a>
<li><a HREF="./answer.html#modem">Navas Modem FAQ</a>
<li><a HREF="./answer.html#modem2">Setting Up a Modem</a>
<li><a HREF="./answer.html#userid">User Identification</a>
<li><a HREF="./answer.html#duplic">Duplicating a Linux Installed HD</a>
</ul>
<p><hr><p>
<!--================================================================-->
<a name="fs"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
fs's
</h3>
<P><B>
From: Aaron M. Lee <a
href="mailto:aaron@shifty.adosea.com">aaron@shifty.adosea.com</a><br>
<p>Howdy Jim,
My name's Aaron and I am sysadmin Cybercom Corp., an ISP in
College Station, TX. We run nothing but Linux, and have been involved w/
a lot of hacking and development on a number of projects. I have an
unusual problem and have exhausted my resources for finding an answer- so
i thought you might be able to help me out, if you've got the time.
Anyway, here goes...
<p>I've got a scsi disk I was running under Sparclinux that has 3
partitions, 1 Sun wholedisk label, 2 ext2. That machine had a heart
attack, and we don't have any spare Hypersparcs around- but I _really_
need to be able to mount that drive to get some stuff off of it. I compiled
in UFS fs support w/ Sun disklabel support into the kernel of an i386 Linux
box, but the when I try to mount it, it complains that /dev/sd** isn't a
valid block device, w/ either the '-t ufs' or '-t ext2' options. Also,
fdisk thinks the fs is toast, and complains that the blocks don't end
in physical boundaries (which is probably the case for an fdisk that
doesn't know about Sun disklabels), and can't even tell that the
partitions are ext2 (it thinks one of them is AIX!). Any ideas?
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Consider the nascent state of Sparc support for Linux
I'm not terribly surprised that you're having problems.
You seem to be asking:
"How do I get Linux/Intel to see the fs on
this disk?"
<p> However I'm going to step back from the that question
and ask the broader question:
"How do you recover the (important) data off of
that disk in a usable form?"
<p> Then I'll step back even further and ask:
"How important is that data? (what is its
recovery worth to you)?"
<p> ... and<br>
"What were the disaster plans, and why
are those plans inadequate for this
situation?"
<p> If you are like most ISP's out there -- you have not
disaster or recovery plans, and little or no backup
strategy. Your boss essentially asks you to running
back and forth on the high wire at top speed -- without
a net.
<p> As a professional sysadmin you must resist the pressure
to perform in this manner -- or at least you owe it to
yourself to carefully spell out the risks.
<p> In this case you had a piece of equipment that was
unique the Sparc system -- so that any failure of
any of its components would result in the lack of
access to all data on that system.
<p> Your question makes it clear that you didn't have
sufficiently recent backups of the data on that
system (otherwise the obvious solution would be
to restore the data to some other system and
reformat the drive in question).
<p> My advice would be to rent (or even borrow) a
SPARC system for a couple of days (a week is a
common minimum rental period) -- and install
the disk into that.
<p> Before going to the expense of renting a system
(or buying a used one) you might want to ensure
that the drive is readable at the lowest physical
level. Try the dd command on that device. Something
like:
<pre> dd if=/dev/sda | od | less
</pre>
<p> ... should let you know if the hardware is operational.
If that doesn't work -- double and triple-check all of the
cabling, SCSI ID settings, termination and other hardware
compatibility issues. (You may be having some weird problem
with a SCSI II differential drive connecting to an
incompatible controller -- if this is an Adaptec 1542B
-- be sure to break it in half before throwing it away
to save someone else the temptation (the 1542C series is
fine but the B series is *BAD*)).
<p> Once you are reasonably confident that the hardware
is talking to your system I'd suggest doing a direct,
bitwise, dump of the disk to a tape drive. Just use a
command like:
<pre> dd if=/dev/sda of=/dev/st0
</pre>
<p> ... if you don't have a sufficiently large tape drive
(or at least a sufficiently large spare hard disk) *and
can't get one* than consider looking for a better
employer.
<p> Once you have a tape backup you can always get back
to where you are now. This might not seem so great
(since you're clearly not where you'd like to be) but
it might be infinitely preferable to where you'll be
if you have a catastrophic failure on mounting/fsck'ing
that disk.
<p> For the broader problem (the organizational ones rather
Than the technical ones) -- you need to review
the requirements and expectations of your employer --
and match those against the resources that are being
provided.
<p> If they require/expect reliable access to their data --
they must provide resources towards that end. The most
often overlooked resource (in this case) is sysadmin
time and training. You need the time to develop
disaster/recovery plans -- and the resources to test
them. (You'd be truly horrified at the number of sites
that religiously "do backups" but have an entire staff that
has never restored a single file from those).
<p> Many organizations can't (or won't) afford a full spare
system -- particularly of their expensive Sparc stations.
They consider any system that's sitting on a shelf to be a
"waste." -- This is a perfectly valid point of view.
However -- if the production servers and systems are
contributing anything to the companies bottom line --
there should be a calculable cost for down time. If that's
the case then there is a basis for comparison to the costs of
rentals, and the costs of "spare" systems.
<p> Organizations that have been informed of this risks and
costs (by there IS staff) and continue to be unwilling or
unable to provide the necessary resources will probably
fail.
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
Thanks in advance for any possible help,
--Aaron
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
It's often the case that I respond with things that
I suspect my customer don't want to hear.
The loss of this data (or the time lost to recovering
it) is an opportunity to learn and plan -- you may
prevent the loss of much more important information
down the road if you now start planning for the
inevitable hardware and system failures.
<p><hr><p>
<!--================================================================-->
<a name="unix"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Linux/Unix Emulator
</h3>
<P><B>
From:Steven W., <a href="mailto:steven@gator.net">steven@gator.net</a><br>
<p> Can you help me? Do you know of a Unix (preferably Linux) emulator
that runs under Windows95?
<p> -- Steven.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Short Answer:
I don't know of one.
<p> Longer Answer:
<p> This is a tough question because it really doesn't
*mean* anything. An emulator is a piece of software
that provide equivalent functionality to other software
or hardware. Hopefully this software is indistinguishable
from the "real" thing in all ways that count.
<p> (Usually this isn't the case -- most VT100
terminal emulation packages have bugs in them
-- and that is one of the least complicated
and most widespread cases of emulation in the
world).
<p> A Unix "emulator" that ran under Win '95 would probably not be
of much use. However I have to ask what set of features
you want emulated?
<p> Do you want a Unix-like command shell (like
Korn or Bash)? This would give you some of the
"feel" of Unix.
<p> Do you want a program that emulates one of the
GUI's that's common on Unix? There are X Windows
"display servers" (sort of like "emulators") that
run under NT and '95. Quarterdeck's eXpertise
would be the first I would try.
<p> Do you want a program that allows you to run
some Unix programs under Win '95? There are
DOS, OS/2, and Windows (16 and 32 bit) ports of
many popular Unix programs -- including most of
the GNU utilities. Thus bash, perl, awk, sed,
vi, emacs, tar, and hundreds of other utilities
can be had -- most of them for free.
<p> Do you want to run pre-compiled Unix binaries
under Win '95? This would be a very odd request
since there are dozens of implementations of
Unix for the PC platform and hundreds for other
architectures (ranging from Unicos on Cray super-
computers to Minix and Coherent on XT's and 286's).
Binary compatibility has playing only a tiny role
in the overall Unix picture. I suspect that
supporting iBCS (a standard for Unix binaries on
intel processors -- PC's) under Win '95 would be a
major technical challenge (and probably never
provide truly satisfying results).
<p> *note*: One of the papers presented at Usenix in
Anaheim a couple of months ago discussed the
feasibility of implementing an improved Unix
subsystem under NT -- whose claim of POSIX support
as proven to be almost completely useless in the
real world. Please feel free to get a copy of
the Usenix proceeding if you want the gory details
on that. It might be construed as a "Unix emulation"
for Windows NT -- and it might even be applicable to
Win '95 -- with enough work.
<p> If you're willing to run your Windows programs
under Unix there's hope. WABI currently supports
a variety of 16-bit Windows programs under Linux
(and a different version support them under Solaris).
Also work is continuing on the WINE project -- and
some people have reported some success in running
Windows 3.1 in "standard mode" under dosemu (the
Linux PC BIOS emulator). The next version of WABI
is expect to support (at least some) 32-bit Windows
programs.
<p> My suggestion -- if this is of any real importance to you --
is that you either boot between Unix and DOS/Windows or that
you configure a separate machine as a Unix host -- put it in
a corner -- and using your Win '95 system as a terminal,
telnet/k95 client and/or an X Windows "terminal" (display
server).
<p> By running any combination of these programs on your Windows
box and connecting to your Linux/Unix system you won't have
to settle for "emulation." You'll have the real thing --
from both sides. In fact one Linux system can serve as the
"Unix emulation adapter" for about as many DOS and Windows
systems as you care to connect to it.
<p> (I have one system at a client site that has about 32Mb
of RAM and 3Gb -- it's shared by about 300 shell and
POP mail users. Granted only about 20 or 30 of them are
ever shelled at any given time but it's no where near it's
capacity).
<p> I hope this gives you some idea why your question is
a little non-sensical. Operating systems can be viewed
from three sides -- user interface (UI), applications
programming interface (API), and supported hardware
(architecture).
<p> Emulating one OS under another might refer to emulating
the UI, or the API or both. Usually emulation of the
hardware support is not feasible (i.e. we can't run DOS
device drivers to provide Linux hardware support).
<p> If one implemented the full set of Unix system calls
in a Win '95 program that provided a set of "drivers"
to translate a set of Unix like hardware abstractions
into calls to the Windows device drivers -- and one
ported a reasonable selection of software to run under
this "WinUnix kernel" -- one could call that "Unix emulation."
<p> However it would be more accurate to say that you had
implemented a new version of Unix on a virtual machine
which you hosted under Windows.
<p> Oddly enough this is quite similar to what the Lucent
(Formerly Bell Labs?) Inferno package does. Inferno
seems to have evolved out of the Plan 9 research project
-- which apparently was Dennis Ritchie's pet project for
a number of years. I really don't know enough about
the background of this package -- but I have a CD
(distributed to attendees of the aforementioned Usenix
conference) which has demo copies of Inferno for several
"virtual machine" platforms (including Windows and Linux).
<p> Inferno is also available as a "native" OS for a couple
of platforms (where it includes it's own device drivers
and is compiled as direct machine code for a machine's
platform).
<p> One reason I mention Inferno is that I've heard that
it offers features and semantics that are very similar
to those that are common in Unix. I've heard it described
as a logical outgrowth of Unix that eschews some of the
accumulation of idiosyncrasies that has plagued Unix.
<p> One of these days I'll have to learn more about that.
<P><B>
<img align=bottom alt=" " src="../gx/ques.gif">
I have Windows95 and Linux on my system, on separate partitions, I
can't afford special equipment for having them on separate machines.
I really like Linux, and Xwindows, mostly because of their great
security features. (I could let anybody use my computer without
worrying about them getting into my personal files). Windows95's
pseudo-multi-user system sucks really bad. So, mainly, this is why I
like Linux. I also like the way it looks. Anyways, I would just run
Linux but my problem is that Xwindows doesn't have advanced support
for my video card, so the best I can get is 640x480x16colors and I
just can't deal with that. Maybe I'm spoiled. The guy I wrote on
the Xwin development team told me that they were working on better
support for my card, though. (Aliance Pro-Motion). But, meanwhile,
I can't deal with that LOW resolution. The big top-it-off problem is
that I don't know of anyway to have Linux running _while_ Win95 is
running, if there even is a way. If there was, it would be great,
but as it is I have to constantly reboot and I don't' like it. So
this is how I came to the point of asking for an emulator. Maybe
that's not what I need after all. So what can I do? Or does the
means for what I want not exist yet?
<p>-- Steven.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
If you prefer the existing Linux/X applications and
user interface -- and the crux of the problem is support
for your video hardware -- focus on that. It's a simpler
problem -- and probably offers a simpler solution.
<p> There are basically three ways to deal with a lack of
XFree86 support for your video card:
<ul>
<li> Help write an XFree86 driver
(I'm not a coder either -- but I do occasionally
beat the bushes and offer bribes to coder
friends)
<li> Look for Metro-X or other (probably commercial)
support. (A copy of Metro-X comes with Red Hat
4.1 for about $50 -- so this is not outrageously
expensive).
<li> Replace the video card. There are plenty of
really good video cards that are supported by
XFree86. Number 9, and Matrox have good track
records. Some of the 2Mb PCI cards are only
about $100 (US).
</ul>
<p> Be sure to contact the manufacturer to ask for a
driver. Point out that they may be able to make
small changes to an existing XFree86 driver. You
can even offer to help them find a volunteer
(where you post to the comp.os.linux.dev...sys.
newsgroup and one or two of the developer's mailing
lists -- and offer some support). Just offering to
do some of the "legwork" maybe be a significant
contribution.
<p> This is an opportunity to be a "Linux-Activist."
<p>--
Jim
<p><hr><p>
<!--================================================================-->
<a name="vidX"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Using X with 2 Monitors and 2 Video Cards
</h3>
<P><B>
From:Charles A. Barrasso<a
href="mailto:charles@blitz.com">charles@blitz.com</a><br>
I was wondering how I would go about using X with 2 monitors and 2
video cards? I am currently using XFree86 window manager. I know you
can do this with the MetroX window manager but that costs money :(.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I'm sure I gave a lengthy answer to this fairly recently.
Maybe it will appear in this month's issue (or maybe
I answered it on a newsgroup somewhere).
<p> In any event, the short answer is: You don't.
<p> The PC architecture doesn't support using multiple
VGA/EGA cards concurrently. I don't think XFree86 can
work with CGA cards (and who'd want to!). You might
be able to get a Hercules compatible Monochrome Graphics
Adapter (MGA) to work concurrently with a VGA card (since
they don't use overlapping address spaces). I don't know
if this is the method that Metro-X supports.
<p> There are specialized video adapters (typically very expensive
-- formerly in the $3000+ range) that can co-exist with
VGA cards. Two sets of initials that I vaguely recall are
TIGA and DGIS. Considering that you seem unwilling to
pay $100 (tops) for a copy of Metro-X I think these --
even if you can still find any of them -- are way out of
your price league.
<p> Another, reasonable, alternative is to connect a whole
Xterminal or another whole system and run X on that. You
can then remotely display your windows on that about as
easily as you could set them to display on the local
server.
<p> (I know -- you might not get some cool window manager
to let you drag windows from one display server to another
-- a trick which I've seen done with Macs under MacOS and
with Suns and SGI's. But I've never set one of those up
anyway -- so I couldn't begin to help you there).
<p> You might double check with the Metro-X people to see
what specific hardware is required/supported by their
multiple display feature and then check with the XFree86.org
to see if anyone has any drivers for one of those supported
configurations.
<p> As a snide note I find your phrase "that costs money :("
to be mildly offensive. First the cost of an additional
monitor has got to be at least 3 times the price of
a copy of Metro-X. Second "free" software is not about
"not having to pay money."
<p> I'm not trying to sell you a copy of Metro-X here. I
don't use it -- and I specifically choose videos cards
that are supported by XFree86 when I buy my equipments.
<p> Likewise I don't recommend Linux to my customers because
it "doesn't cost them anything." In fact it does cost
them the time it takes me to install, configure and maintain
it -- which goes for about $95/hr currently. I recommend
Linux because it is a better tool for many jobs -- and because
the benefits of it's being "free" -- in the GNU sense of the
term -- are an assurance that no one can "have them over a
barrel" for upgrades or additional "licensing" fees. They are
always *free* to deploy Linux on as many systems as they want,
have as many users and/or processes as they want on any system,
make their own modifications to the vast majority of tools
on the system or hire any consultants they want to make the
customizations they need.
<p> I'm sorry to be so "political" here -- but complaining
that Metro-X "costs money" and asking me for a way to
get around that just cost me about $50 worth of my time.
Heck -- I'll go double or nothing -- send my your postal
address and I'll buy you a copy of RedHat 4.1. That comes
with a license for one installation of Metro-X and only
costs about $50. I'll even cover the shipping and handling.
<p> (Please call them first to make sure that it really does
support your intended hardware configuration).
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
Thanks for the time,
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
No problem. (I did say "mildly" didn't I).
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="host"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Virtual Hosting
</h3>
<P><B>
From: Wietse Venema <a
href="mailto:wietse@wzv.win.tue.nl">wietse@szv.sin.tue.nl</a><br>
tcpd has supported virtual hosting for more than two years. Below
is a fragment from the hosts_access(5) manual page.
</B>
<p><B> Wietse
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Thanks for the quick response. I'll have to play with
that. I suppose a custom "virtual finderd" would
be a good experiment.
<p> Do you know where there are any working examples of this
and the twist option posted to the 'net? I fight with
some of these and don't seem to get the right results.
<p> What I'd like is an example that drops someone into a
chroot'd jail as "nobody" or "guest" and running a
copy of lynx if they are from one address -- but
lets them log in a a normal user if they are from an
internal address. (We'll assume a good anti-spoofing
packet-filter on the router(s)).
<p> Did you ever add the chrootuid functionality to tcpd?
<p> How would you feel about an option to combine the
hosts.allow and hosts.deny into just tcpd.conf?
<p> (I know I can already put all the ALLOW and DENY
directives in a single file -- and I'm not much of a
programmer but even *I* could patch my own copy to
change the filename -- I'm just talking about the
general case).
<p> SERVER ENDPOINT PATTERNS<br>
In order to distinguish clients by the network address
that they connect to, use patterns of the form:
<pre>
process_name@host_pattern : client_list ...
</pre>
<p> (which is what he said one to me when I suggested merging
his chrootuid code with tcpd).
<p> I've blind copied Wietse on this (Hi!). I doubt he has
time to read the Linux Gazette.
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="response"</a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Response from Weitse Venema
</h3>
<P><B>
From:Wietse Venema, <a href="mailto:wietse@wzv.win.tue.nl">wietse@wzv.win.tue.nl</a><br>
Do you know where there are any working examples of this
and the twist option posted to the 'net? I fight with
some of these and don't seem to get the right results.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Use "twist" to run a service that depends on destination address:
fingerd@host1: ALL: twist /some/where/fingerd-for-host1
<P><B>
<img align=bottom alt=" " src="../gx/ques.gif">
What I'd like is an example that drops someone into a
chroot'd jail as "nobody" or "guest" and running a
copy of lynx if they are from one address -- but
lets them log in a a normal user if they are from an
internal address. (We'll assume a good anti-spoofing
packet-filter on the router(s)).
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I have a little program called chrootuid that you could use.
<P><B>
<img align=bottom alt=" " src="../gx/ques.gif">
Did you ever add the chrootuid functionality to tcpd?
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I would do that if there was a performance problem. Two small
programs really is more secure than a bigger one.
<P><B>
<img align=bottom alt=" " src="../gx/ques.gif">
How would you feel about an option to combine the
hosts.allow and hosts.deny into just tcpd.conf?
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
What about compatibility with 1 million installations world-wide?
<P><B>
<img align=bottom alt=" " src="../gx/ques.gif">
(I know I can already put all the ALLOW and DENY
directives in a single file -- and I'm not much of a
programmer but even *I* could patch my own copy to
change the filename -- I'm just talking about the
general case).
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
This is because the language evolved over time. Compatibility can
become a pain in the rear.
<p>--
Weitse
<p><hr><p>
<!--================================================================-->
<a name="file"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Automatic File Transfer
</h3>
<P><B>
From:Kenneth Ng, <a href="mailto:kenng@kpmg.com">kenng@kpmg.com</a><br>
In Linux Gazette, there is a mention of how to transfer files
automatically using ftp.
Here is how:
<pre>
#!/bin/csh
ftp -n remote.site << !
user joe blow
binary
put newfile
quit
!
</pre>
</B>
<p><B>And that's it. Granted ssh is better. But sometimes you have to go
somewhere that
only supports ftp.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
That's one of several ways. Another is to use ncftp
-- which supports things like a "redial" option to keep
trying a busy server until it gets through. ncftp also has
a more advanced macro facility than the standard .netrc (FTP).
<p> You can also use various Perl and Python libraries (or classes)
to open ftp sessions and control them. You could use 'expect'
to spawn and control the ftp program.
<p> All of these methods are more flexible and much more robust
than using the standard ftp client with redirection ("here"
document or otherwise).
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="ftpd"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Installing wu-ftpd on a Linux Box
</h3>
<P><B>
From: Stephen P. Smith, <a href="mailto:ischis@evergreen.com">ischis@evergreen.com</a><br>
I just installed wu-ftpd on my linux box. I have version 2.4.
I can login under one of my accounts on the system and everything
works just fine.
</B>
<p><B>If I try an anonymous ftp session, the email password is rejected.
what are the possible sources of failure?
where should i be going for more help? :-)
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Do you have a user named 'ftp' in the /etc/passwd file?
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
done.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
wu-ftpd takes that as a hint to allow *anonymous* FTP.
If you do have one -- or need to create one -- be sure that
the password for it is "starred out." wu-ftpd will not
authenticate against the system password that's defined for a
a user named "ftp."
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
done.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
You should also set the shell to something like /bin/false or
/bin/sync (make sure that /bin/false is really a binary and
*not* a shell script -- there are security problems -- involve
IFS (inter-field separators) if you use a shell script in the
/etc/passwd shell field).
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
done.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
There is an FAQ for anonymous FTP (that's not Linux specific).
There is also a How-To for FTP -- that is more Linux oriented.
If you search Yahoo! on "wu-ftp" you'll find the web pages
at Washington University (where it was created) and at
academ.com -- a consulting service that's taken over development
of the current beta's.
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>Guess I will just have to do it the hard
way. Will tell you what I find (just in
case you want to know.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
What does your /etc/ftpaccess file look like?
<p> Did you compile a different path for the ftpaccess file
(like /usr/local/etc/)?
<p> What authentication libraries are you using (old
fashioned DES hashes in the /etc/passwd, shadow,
shadow with MD5 hashes -- like FreeBSD's default,
or the new PAM stuff)?
<p> Is this invoked through inetd.conf with tcpd
(the TCP Wrappers)? If so, what does your /var/log/messages
say after a login failure? (Hint: use the command:
'tail -f /var/log/messages > /dev/tty7 &' to leave a continuously
updated copy of the messages file sitting on one of your
-- normally unused -- virtual consoles).
<p>
One trick I've used to debug inetd launched programs (like
ftpd and telnetd) is to wedge a copy of strace into the
loop. Change the reference to wu.ftpd to trace.ftpd --
create a shell or perl script named trace.ftpd that consists
of something like:
<pre>
#! /bin/sh
exec strace -o /tmp/ftpd.strace /usr/sbin/wu.ftpd
</pre>
<p> ... and then inspect the strace file for clues about
what failed. (This is handy for finding out that the
program couldn't find a particular library or configuration
file -- or some weird permissions problems, etc).
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="boot"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Trying to Boot a Laptop
</h3>
<P><B>
From: Yash Khemani, <a href="mailto:khemani@plexstar.com">khemani@plexstar.com</a><br>
I've got a Toshiba satellite pro 415cs notebook computer on which I've
installed RedHat 4.1. RedHat 4.1 was installed on a jaz disk connected
via an Adaptec slimscsi pcmcia adapter. the installation went
successfully, i believe, up until the lilo boot disk creation. i
specified that i wanted lilo on a floppy - so that nothing would be
written to the internal ide drive and also so that i could take the
installation and run it at another such laptop. after rebooting, i
tried booting from the lilo floppy that was created, but i get nothing
but continuous streams of 0 1 0 1 0 1...
</B>
<p><B>i am guessing that the lilo floppy does not have on it the pcmcia
drivers. what is the solution at this point to run RedHat on this
machine?
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
You've got the right idea.
The 1010101010101... from LILO is a dead giveaway that
your kernel is located on some device that cannot be
accessed via the BIOS.
<p> There are a couple of ways to solve the problem.
I'd suggest LOADLIN.EXE.
<p> LOADLIN.EXE is a DOS program (which you might have
guessed by the name) -- which can load a Linux kernel
(stored as a DOS file) and pass it parameters (like
LILO does). Basically LOADLIN loads a kernel (Linux or
FreeBSD -- possibly others) which then "kicks" DOS
"out from under it." In other words -- it's a one-way
trip. The only way back to DOS is to reboot (or
run dosemu ;-) .
<p> LOADLIN is VCPI compatible -- meaning that it can run
from a DOS command prompt even when you have a memory
manager (like QEMM) loaded. You can also set LOADLIN
as your "shell" in the CONFIG.SYS. That's particularly
handy if you're using any of the later versions of DOS
that support a multi-boot CONFIG.SYS (or you're using the
MBOOT.SYS driver that provided multi-boot features in
older versions of DOS).
<p> To use LOADLIN you may have to create a REALBIOS.INT
file (a map of the interrupt vectors that are set by
your hardware -- before any drivers are loaded).
To do this you use a program (REALBIOS.EXE) to create
a special boot floppy, then you boot off that floppy
(which records the interrupt vector table in a file)
-- reboot back off your DOS system and run the second
stage of the REALBIOS.EXE.
<p> This little song and dance may be necessary for each
hardware configuration. (However you can save and
copy each of the REALBIOS.INT files if you have a
couple of configurations that you switch between --
say, with a docking station and without).
<p> With LOADLIN you could create a DOS bootable floppy,
with a copy of LOADLIN.EXE and a kernel (and the
REALBIOS.INT -- if it exists). All of that will
just barely fit on a 1.44M floppy.
<p> Another way to do this would be to create a
normal DOS directory on your laptop's IDE drive --
let's call it C:\LINUX (just to be creative).
<p> Then you'd put your LOADLIN.EXE and as many different
kernels as you liked in that directory -- and maybe
a batch file (maybe it could be called LINUX.BAT) to
call LOADLIN with your preferred parameters. Here's a
typical LINUX.BAT:
<pre>
@ECHO OFF
ECHO "About to load Linux -- this is a one-way trip!"
PAUSE
LOADLIN lnx2029.krn root=/dev/sda1 ro
</pre>
<p> (where LNX2029.KRN might be a copy of the Linux-2.0.29
kernel -- with a suitable DOS name).
<p> I'd also recommend another batch file (SINGLE.BAT) that
loads Linux in single-user mode (for fixing things when
they are broken). That would replace the LOADLIN line
in the LINUX.BAT with a line like:
<pre> LOADLIN lnx2029.krn single root=/dev/sda ro
</pre>
<p> Another way to do all of this is to simply dd a
properly configured kernel to a floppy. You use the
rdev command to patch the root device flags in the
kernel and dump it to a floppy. This works because
a Linux kernel is designed to work as a boot image.
The only problem with this approach is that it doesn't
allow you to pass any parameters to your kernel (to
force single user mode, to select an alternate root
device/filesystem, or whatever).
<p> For other people who have a DOS system and want to
try Linux -- but don't want to "commit" to it with
a "whole" hard drive -- I recommend DOSLINUX.
<p> A while back there was a small distribution called
MiniLinux (and another called XDenu) which could
install entirely within a normal DOS partition --
using the UMSDOS filesystem. Unfortunately MiniLinux
has not been maintained -- so it's stuck with a 1.2
kernel and libraries.
<p> There were several iterations of a distribution called
DILINUX (DI= "Drop In") -- which appears to have eventually
evolved into DOSLINUX. The most recent DOSLINUX seems was
uploaded to the Incoming at Sunsite within the last two
weeks -- it includes a 2.0.29 kernel.
<p> The point MiniLinux and DOSLINUX is to allow one to install
a copy of Linux on a DOS system as though it were a DOS
program. DOSLINUX comes as about 10Mb of compressed
files -- and installs in about 20-30Mb of DOS file space.
It includes Lynx, Minicom, and a suite of other utilities
and applications.
<p> All in all this is a quick and painless way to try Linux.
So, if you have a DOS using friend who's sitting on the fence,
give them a copy of DOSLINUX and show them how easy it is.
<p><img align=bottom alt=" " src="../gx/ques.gif">
<P><B>
thanks!<br>
yash
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
You're welcome.
(Oh -- you might want to get those shift keys fixed --
e.e. cummings might sue for "look and feel")
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="zmode"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
zmodem Reply
</h3>
From: Donald Harter Jr., <a href="mailto:harter@mufn.org">harter@mufn.org</a><br>
I saw your post about zmodem in the Linux Gazette. I can't answer the
readers question, but maybe this will help. My access to the internet is a
dial in account(no slip, no ppp). I access the freenets. I can't use
zmodem to transfer files from the internet and freeenets to my pc. I can
use kermit though. It seems that there are some control characters involved
in zmodem that prevent it from being used with my type of connection. I saw
a some information about this on one of the freenets. They suggested using
telix and another related protocol. I tried that, but it didn't work
either. Kermit is set up to run slow. You can get kermit to go faster in
certain circumstances by executing its "FAST" macro. I can download data at
about 700cps with the "FAST" macro of kermit. Unfortunately kermit hangs up
the line for me so I have to "kill -9 kermitpid" to exit it. That problem
can probably be eliminated with the right compile options. In certain cases
I can't use the "FAST" macro when uploading.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I'm familiar with C-Kermit. In fact I may have an
article in the June issue of SysAdmin magazine on that very
topic.
<p> The main points of my article are that C-Kermit is a
telnet and rlogin client as well as a serial communications
program -- and that it is a scripting language that's
available on just about every platform around.
<p> I know about Telix' support for the kermit transfer protocol.
It sucks. On my main system I get about 1900 cps for
ZMODEM transfers -- about 2200 for kermit FAST (between
a copy of C-Kermit 5A(188) and 6.0.192 and about 70 cps
(yes -- seventy!) between a copy of C-Kermit and Telix'
internal kermit.
<p> Other than that I've always liked Telix. Minicom has
nice ncurses and color -- but is not nearly as featureful
or stable as either Telix for DOS or any version of C-Kermit.
<p> Your line hangups probably have to do with your settings for
carrier-watch. Try SET CARRIER-WATCH OFF or ON and see if
it still "hangs" your line. I suspect that its actually just
doing read() or write() calls in "blocking" mode. You might
have to SET FLOW-CONTROL NONE, too. There are lots of
C-Kermit settings. If you continue to have trouble -- post
a message to the comp.protocols.kermit.misc newsgroup
(preferred) or send a message to kermit-support@columbia.edu.
<p> When I first started using C-Kermit (all of about two months
ago) my initial questions where answered by Frank da Cruz
himself (he's the creator of the Kermit protocol and the
technical lead of the Kermit project at Columbia University).
(That was before he knew that I'm a "journalist" -- O.K.
quit laughing!). Frank is also quite active in the newsgroup.
I think he provides about 70 or 80 per cent of the technical
support for the project.
<p> Oh yeah! If you're using C-Kermit you should get the
_Using_C-Kermit_ book. It was written by Frank da Cruz and
Christine Gianone -- and is the principal source of funding
for the Kermit project. From what I gather a copy of the
book is your license to use the software.
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="start"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
StartX
</h3>
<P> <B>
From: Robert Rambo, <a href="mailto:robert.rambo@yale.edu">robert.rambo@yale.edu</a><br>
Hi, I was wondering if you can help me out. When I use the command
'startx -- -bpp16' to change the color depth, the windows in X are much
bigger than the monitor display. So, nothing fits properly and
everything has become larger. But the color depth has changed
correctly. I use FVWM as my display manager. Is there some way to fix
this problem?
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
If using the 16 bit plan (16bpp) mode to increase
your color depth -- that suggests that selecting this
mode is causing the server to use a lower resolution.
<p> That is completely reasonable. If you have a 2Mb video
card and you run it in 1024x768x256 or 1024x768x16 --
then you try to run it with twice as many colors --
the video RAM has to come from somewhere. So it
bumps you down to 800x600 or 640x480. These are just
examples. I don't deal with graphics much so I'd have
to play with a calculator to figure the actual maximum
modes that various amounts of video RAM could support.
<p> There are alot of settings in the XConfig file. You
may be able to tweak them to do much more with your
existing video card. As I've said before -- XConfig
files are still magic to me. They shifted from blackest
night to a sort of charcoal gray -- but I can't do them
justice in a little article hear. Pretty much I'd have
to lay hands on it -- and mess with it for a couple of
hours (and I'm definitely not the best one for that job).
<p> If you haven't upgraded to a newer XFree86 (3.2?) then
this would be a good time to try that. The newer one
is much easier to configure and supports a better selection
of hardware -- to a better degree than the older versions.
I haven't heard of any serious bugs or problems with
the upgrades.
<p> You may also want to consider one of the commercial servers.
Definitely check with them in advance to be absolutely certain
that your hardware is supported before you buy. Ask around in
the newsgroups for opinions about your combination of hardware.
It may be that the XFree86 supports you particular card better
than Metro-X or whatever.
<p> You may also want to look at beefing up your video hardware.
As I've said -- I don't know the exact figures -- but I'd
say that you probably need a 4Mb card for anything like
16bpp at 1024x768. You should be able to look up the
supported modes in your card's documentation or on the
manufacturer's web site or BBS.
<B><P><img align=bottom alt=" " src="../gx/ques.gif">
Also, is there some way to change the color depth
setting to start X with a depth of 16 every time. I do not use the XDM
manager to initiate an X session.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Yes -- it's somewhere in that XConfig file. I don't
remember the exact line. I really wish a bona fide GUI
X wiz would sign up for some of this "Answer Guy" service.
<p> It doesn't matter whether you use xdm or not. If you
put the desired mode in the XConfig file. However --
since you don't you could just write your own wrapper
script, alias or shell function to call 'startx' with
the -- -bpp16 options. You could even re-write 'startx'
(it is just a shell script). That may seem like cheating --
but it may be easier than fighting your way through the
XConfig file (do you get the impression that I just don't
like that thing -- it is better than a WIN.INI or a
SYSTEM.INI -- but not be much).
<p>
--
Jim Dennis,
<p><hr><p>
<!--================================================================-->
<a name="imap"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
IMAP and Linux
</h3>
<P> <B>
From: Brian Moore, <a
href="mailto:bem@thorin.cmc.net">bem@thorin.cmc.net</a><br>
Being a big IMAP fan (and glad to see it finally getting recognition:
Netscrape 4 and IE4 will both support it), your answer left a lot out.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Will these support the real features (storing and
organizing folders on the server side)?
<p> I heard that NS "Communicator" (the next release
Netscape's Navigator series is apparently going to
come with a name change) supports IMAP -- but it's
possible to implement this support as just a variant
of POP -- get all the message and immediately
expunge all of them from the server.
<p> It seems that this is how Eric S. Raymond's 'fetchmail'
treating IMAP mail boxes -- as of about 2.5 (it seems
that he's up to 3.x now)
<P><img align=bottom alt=" " src="../gx/ques.gif">
<B>The easiest IMAP server to install is certainly the University of
Washington server. It works, handles nearly every mailbox format around
and is very stable. It's also written by the guy in charge of the IMAP
spec itself, Mark Crispin.
As for clients, there is always Pine, which knows how to do IMAP quite
well. This is part of most Linux distributions as well.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I did mention pine. However it's not my personal favorite.
Do you know of a way to integrate IMAP with emacs mh-e/Gnus
(or any mh compatible folder management system)?
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>For GUI clients there is ML, which is a nice client, but requires Motif
and can be slow as sin over a modem when you have a large mailbox.
That's available in source at
http://www-CAMIS.Stanford.EDU/projects/imap/ml
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I thought I mentioned that one as well -- but it's
a blur to me.
<p> I personally avoid GUI's like the plague. I'm
typing this from my laptop, through a null modem link
to my machine in the other room.
<p> I run emacs under screen -- so I can use mh-e for most
mail, Gnus for netnews and for some of my mailing lists
(it can show news folders as though they were threaded
news groups). screen allows me to detach my session from
my terminal so I can log out, take off with the laptop,
and re-attach to the same session later (via modem or when
I get back home).
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>Asking on the mailing list about static linked linux versions will get
you one (and enough nagging may get them to actually put one of the
current version up).
ML is really the nicest mail client I have ever used.
As for pop daemons with UIDL support, go for qpopper from qualcomm.
ftp.qualcomm.com somewhere. Has UIDL and works fine.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
O.K. I'll at that to my list.
<p> Does that one also support APOP's authentication
mechanism (which I gather prevents disclosing your
password over an untrusted network by using something
like an MD5 hash of your password concatenated with
a date and time string -- or something like that)?
<p> Does qpopper allow you to maintain a POP user account
file that's separate from your /etc/passwd file?
<p> Do you know of an IMAP server that supports these
sorts of features (secure authentication and separate
user base)?
<p> (I know this probably seems like a switch -- the
so called "Answer Guy" asking all the questions --
but hey -- I've got to get my answers from *somewhere*)
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="imap2"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
More IMAP
</H3><P> <B>
From: Graham Todd, <a href="mailto:gtodd@yorku.ca">gtodd@yorku.ca</a>
<br>
PINE - one of the easiest to use mail clients around - does IMAP just
fine. You can read mail from multiple servers and mailboxes and save
it locally or in remote folders on the servers - which is what IMAP is
all about: Internet Message Access Protocol = flexible and
configurable *access* to mail servers without having to pop and fetch
messages all over the place (but still having the ability save locally
if you want).
</B>
<p><B>The Netscape's Communicator 4.0b2 thing does too but there are so many
other ugly bits that I'm not gonna bite.
</B>
<p><B>Jeez pretty soon with this fancy new IMAP stuff you'll be able to do
almost as much as you can right now with emacs and ange-ftp (which I
use regularly to access remote mail folders and boxes with out having
to login - it's all set up in .netrc).
Of course the answer is almost always "emacs" .... BTW Linux
makes a GREAT program loader for emacs ;-)
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Seems kind of kludgey. Besides -- does that
give you the main feature that's driving the creation
of the IMAP/ACAP standards? Does it let you
store your mail on a server and replicate that to
a couple of different machines (say your desktop and
your laptop) so you can read and respond to mail "offline"
and from *either* system?
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
Yeah, more or less. If you save the mail on your server to local
folders or make a local folder be /me@other.mail.host:/usr/spool/me.
Using ange-ftp to me seem exactly like IMAP in Pine or Netscape
communicator 4.0b2. Though apparently IMAP will update folders across
hosts so that only that mail deleted locally (while offline) will get
deleted on the remote host on the next login etc. etc. I don't know
much about IMAP's technical standard either but find I get equal mail
management capability from ange-ftp/VM. (equal to Pine and
Communicator so far).
</B>
<p><B>WARNING: In a week or so when I get time I'm gonna ask you a tricky
question about emacs and xemacs.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Feel free. Of course I do know a bit more about emacs
than I do about X -- so you may not like my answer much.
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
Heh heh OK...
(comp.emacs.xemacs is silent on this). Emacs running as emacs -nw in
a tty (i.e console or an xterm) runs fine and lets me use all the job
control commands (suspend/fg etc) but with Xemacs job control won't
work unless I'm running as root. That is if I'm running "xemacs" or
"xemacs -nw" in an xterm or at the console and do C-z and then once
I'm done in the shell I do "fg", xemacs comes back but the keyboard
seems to be bound to the tty/console settings (Ctrl-z Ctrl-s Ctrl-q
etc all respond as if I were in a dumb terminal). The only recourse
is to Ctrl-z back out and kill xemacs. This does not happen if I run
xemacs setuid root (impractical/scary) or as root (scary). Something
somewhere that requires root permission or suid to reset the tty
characteristics doesn't have it in xemacs - but does in emacs...
My only response so far has been that "you'll have to
rebuild/recompile your xemacs" - but surely this wrong. Does anything
more obvious occur to you? I feel it must be something simple in my
set up (RH Linux 2.0.29). Of course if I could get this fixed I'd
start feeling more comfortable not having GNU-Emacs on my machine ;-)
which may not be an outcome you would favour.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I once had a problem similar to this one -- suspending
minicom would suspend the task and lock me out of it.
It seemed that the ownership of the tty was being
changed.
<p> So -- the question comes up -- what permissions are set on
your /dev/tty* nodes. It seems that most Linux distributions
are set up to have the login process chown the these to to the
current user (and something seems to restore them during or after
logout).
<p> I don't know enough about the internals of this process.
I did do a couple of experiments with the 'script' command
and 'strace' using commands like:
<pre> strace -o /tmp/strace.script /usr/bin/script</pre>
<p> ... and eyeballing the trace file. This shows how the
script command (which uses a psuedo tty -- or pty) searches
for an available device.
<p> I then did a simple 'chown 600 /dev/ttyp*' as root
(this leaves a bunch of /dev/ttyq* and /dev/ttyr nodes
available). The 'script' command then reports that
the system is "out of pty's."
<p> Obviously the script command on my system don't
do a very thorough search for pty's. It effectively
only looks at the first page of them.
<p> The next test I ran was to add a new line to my
/etc/services file (which I called stracetel) -- and
a new line to me /etc/inetd.conf that referred to it.
<p> This line looks like this:
<pre>
stracetel stream tcp nowait root /usr/sbin/tcpd \
/usr/bin/strace -o /root/tmp/t.strace /usr/sbin/in.telnetd
</pre>
<p> ... all on one line, of course.
<p> Then I connected to that with the command:
<pre> telnet localhost stracetel</pre>
<p> This gives me an strace of how telnetd handles the
allocation and preparation of a pty. Here, as I suspected,
I saw chown() and chmod() calls after telnetd did it's
search through to list of pty's to find the first one.
<p> Basically both programs (and probably most other
pty clients) attempt to open each pty until one returns
a valid file descriptor or handle. (It might be nice
if there was a system call or a daemon that would allow
programs to just say "give me a pty" -- rather than forcing
a flurry of failed open attempts -- but that's probably too
much to ask for.
<p> There result of these experiments suggests that there
are many ways of handling pty's -- and some of them may
have to be set as compile time options for your system.
<p> It may be that you just need to make all the pty's
mode 666 (which they are on my system) or you might
chgrp them to a group like tty or pty, make them mode
660 and make all the pty using programs on your system
SGID.
<p> I've noticed that all of my pty's are 666 root.root
(my tty's root.tty and ttyS*'s are root.uucp all are
mode 660 and all programs that need to open them are
either root run (getty) or SGID as appropriate).
<p> Some of the policies for ownership and permissions are
set my your distribution. Red Hat 2.x is *old* and
some of these policies may have changed in the 3.03 and
4.1 releases. Mine is a 3.03 with *lots* of patches,
updated RPM's and manually installed tarballs.
<p> Frankly I don't know *all* of the security implications
of having your /dev/tty* set to mode 666. Obviously
normal attempt to open any of these while they're in
use return errors (due to the kernel locking mechanisms).
Other attempts to access them (through shell redirection,
for example) seem to block on I/O. I suspect that a
program that improperly opened it's tty (failed to
set the "exclusive" flag on the open call) would be
vulnerable.
<p> Since you're an emacs fan -- maybe you can tell me --
is there an mh-e/Gnus IMAP client?
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
No Kyle Jones (VM maintainer/author) has said maybe IMAP4 for VM
version 7. I think his idea is to make VM do it what it does well and
rely on outside packages to get the mail to it ...
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Also -- isn't there a new release of ange-ftp --
I forget the name -- but I'm sure it changed named too.
<img align=bottom alt=" " src="../gx/ques.gif">
<P><B>
Yes it's called EFS - it preserves all the functionality but is more
tightly meshed with dired - supposedly it will be easier to use EFS in
other elisp packages (I don't know why or how this would be so).
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I'll have to play with those a bit.
Can VM handle mh style folders?
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="uucp"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
UUCP Questions
</h3>
<P> <B>
From: David J. Weis, <a
href="mailto:weisd3458@uni.edu">weisd3458@uni.edu</a><br>
I had a couple minor questions on UUCP. If you have a few minutes, I'd
appreciate the help immensely. I'll tell you a little bit about what we're
doing.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Glancing ahead -- I'd guess that this would take quite a bit
more than a few minutes.
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>My company has a domain name registered (plconline.com) and two offices.
One is the branch office which is located in the city with the ISP. The
head office is kind of in the sticks in western Iowa. I've been
commissioned to find out how difficult it would be to set up the uucp so
the machine in Des Moines (the big city ;-) would grab all the domain mail
and then possibly make a subdomain like logan.plconline.com for all the
people in the main office to use email.
</B>
<p><B>This would all be running on RedHat 4 over dialup uucp. The system in Des
Moines uses uucp over tcp because it has to share the line with
masquerading, etc.
</B>
<p><B>Thanks for any advice or pointers you have.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif"><br>
Unfortunately I this question is too broad to answer
via e-mail. O'Reilly has a whole book on uucp and
there are several HOW-TO's for Taylor UUCP and
sendmail under Linux.
<p> My uucp mostly works but I haven't configured it to
run over TCP yet. I also haven't configured my
system to route to any uucp hosts within my domain.
<p> You can address mail to a uucp host through a
DNS by using the '%' operator. For example I can
get my main mail system (antares.starshine.org) to
forward mail to my laptop using an address like:
<pre> jim%mercury@starshine.org</pre>
<p> ... the DNS MX record for starshine.org routes
mail to my ISP. My ISP then spools it up in UUCP
until my machine (antares) picks it up. The
name antares is basically transparent to most of
this process.
<p> When antares gets the mail it converts the
percent sign into a "bang" (!) and spools it
for mercury (which happens to be my laptop).
<p> Obviously requiring all of your customers and
correspondents to use percent signs in their addressing
to your users is not going to work very well. It will
probably result in alot of lost mail, alot of complaints
and a constant barrage of support calls.
<p> There are two ways to make your internal mail routing
transparent to the rest of world. You can create a
master aliases list on your mail hub (the easy way) or
you can create DNS and MX entries for each of the hosts.
<p> If you'd like more help we could arrange to talk on
the phone. UUCP is difficult to set up for the first
time (nearly vertical initial learning curve). Once it's
set up it seems to be pretty low maintenance. However
my meta-carpus can't handle explaining the whole process
via e-mail (and I don't understand enough of it well to
be brief).
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="flops"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Using MS-DOS Floppies
</h3>
<P> <B>
From: Barry, <a
href="mailto:remenyi@hotmail.com">remenyi@hotmailcom</a><br>
Hi, I have a problem that I can't find the solution to:
</B>
<p><B>I run Redhat 4.1 with mtools already installed, with it, I can copy a
file to or from a dos disk in A: with mcopy etc..
But if I change the disk & do mdir, it tells gives me the listing of
what was in the last disk. The only solution is to wait hours for the
cache to expire before I can look at another disk.
</B>
<p><B>The problem occurs no matter how I access the floppy, I also tried using
dosemu, and mount, but I have the same problem. I can read and write
from the first disk that I put in with no problems, but if I change the
disk, the computer acts as if the first disk is still in the drive. It
also doesn't matter who I am loged in as eg. root has the same problem.
I also upgraded mtools to 3.3 but no change.
</B>
<p><B>Is there some way to disable the disk cache (I assume thats the problem)
for the floppy drive?
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
You probably have a problem with the "change disk" detection
circuitry on your floppy.
<p> There's a pretty good chance that you'd see the same thing
under DOS too.
<p> Unfortunately I don't know of an easy way to solve this
problem. You could try replacing the floppy ($30 or so)
the controller ($20 -- to ???) and/or the cable.
<p> If that's not feasible in your case you could try something
like a mount/sync/umount (on a temporary mount point).
This might force the system to detect the new floppy. It's
very important not to try to write anything to a floppy when the
system is confused about which floppy is in there.
<p> DOS systems that I have used -- while they were afflicted
with this problem -- sometimes severely trash the directories
on a diskette in that situation.
<p> It probably doesn't even matter if the mount, sync, umount
that I describe fails -- just so the system is forced to
"rethink" what's there. I'd consider writing a short script
to do this -- put a temporary mount point that's "user" accessible
to avoid having to be root to do this (and especially to avoid
having to create any SUID root perl scripts or write a C wrapper
or any of that jazz).
<p> Here's a sample line for your /etc/fstab:
<pre># /etc/fstab
/dev/fd0 /mnt/tmp umsdos noauto,rw,user 0 0</pre>
<p> (according to my man pages the "user" options should
imply the nosuid, nodev etc. options -- which prevent
certain other security problems).
<p> So your chdisk script might look something like:
<pre> #! /bin/sh
/bin/mount /mnt/tmp
/bin/sync
/bin/umount /mnt/tmp</pre>
<p> ... you could also just do a 'mount /mnt/tmp' or a
'mount /mnt/a' or whatever you like for your system --
and just use normal Linux commands to work with those
files. The mtools are handy sometimes -- but far from
indispensable on a Linux system with a good fstab
file.
<p> As a security note: mount must be SUID in order to
allow non-root users to mount filesystems. Since
there have been security exploits posted on mount
specifically and various other SUID files chronically,
I suggest configuring mount and umount such that they
can only be executed by members of a specific group
(like a group called "disk" or "floppy"). Then you
can add yourself and any other users who have a valid
reason to work at your console to that group. Finally
change the permissions on mount and umount to something
like:
<pre> -r-sr-x--- 1 root disk .... /bin/mount</pre>
<p> .... i.e. don't allow "other" to execute it.
<p> This also applies to all your SVGALib programs (which
should not be executed except from the console) and
as many of your other SUID programs as you can.
<p> (... it would be nice to do that to sendmail -- and
I've heard it's possible. However it's a bit trickier
than I've had time to mess with on this system).
<p> As PAM (pluggable authentication module) technology
matures you'll be able to configure your system to
dynamically assign group membership's based on
time of day and source of login (value of `tty`).
<p> This will be nice -- but it doesn't appear to be
quit ready yet.
<p>
--
Jim
<P><B>
<img align=bottom alt=" " src="../gx/ques.gif">
I just wanted to write to thank you for you response to my mail.
I did as you suggested and the problem is solved!
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Actually, you were also right about the problem occurring in DOS as
I used to have a lot of floppies go bad before I went all the way
to linux, but I didn't make the connection.
<P><B>
<img align=bottom alt=" " src="../gx/ques.gif">
Anyway, thanks again, you've made my day!
</B>
<p><B>Barry
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
You're welcome. I'm glad it wasn't something complicated.
BTW: which suggestion worked for you? Replacing one or
another componenent? Or did you just use the "mount, sync,
umount" trick?
<p> Under DOS I used to use Ctrl-C, from the COMMAND.COM A:
prompt to force disk change detection. You can use that
if you still boot this machine under DOS for some work.
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="inetd"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
inetd Questions
</h3>
<P> <B>
From: Benjamin Peikes, <a href="mailto:benp@npsa.com">benp@npsa.com</a><br>
Answer guy,<br>
I have two questions for you.
</B>
<p><B> 1) I'm using one machine with IPAliasing and was wondering if
there is a version of inetd built so that you can have different
servers spawned depending on the ip number connected to.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
That's an excellent question.
There is apparently no such feature or enhanced version of
inetd or xinetd.
<p> It also doesn't appear to be possibly to use TCP Wrapper
rules (tcpd, and the /etc/hosts.allow and /etc/hosts.deny)
to implement this sort of virtual hosting.
<p> So far it appears that all of the support for virtual hosting
is being done by specific applications. Apache and some other
web servers have support for it. The wu-ftpd's most recent
versions support it.
<p> I suspect that you could create a special version of
inetd.conf to open sockets on specific local IP addresses
and listen on those. I would implement that as a command
line option -- passing it a regex and/or list of ip addresses
to listen on after the existing command line option to
specify which configuration file to use. Then you'd load
different copies of this indetd with commands like:
<pre> /usr/sbin/inetd /etc/inetd.fred 192.168.14.0 17.18.0.0
/usr/sbin/inetd /etc/inetd.barney barneyweb
/usr/sbin/inetd /etc/inetd.wilma 192.168.2.3
</pre>
<p> (This would be something like -- all of the 192.168.14.*
address and all of the 17.18.*.* addresses are handled by
the first inetd -- all of the access to a host named
barneyweb (presumably looked up through the /etc/hosts file)
would be handled by the next inetd. and all of the accesses
to the ipalias 192.168.2.3 would be handled by the last one)
<p> This would allow one to retain the exact format of the
existing inetd files.
<p> However I don't know enough about sockets programming to
know how much code this would entail. The output of
'netstat -a' on my machine here shows the system listening
on *:smtp and *:telnet (among others). I suspect that those
stars would show up different if I had a socket open to
a specific service on a specific service.
<p> This scheme might use up to many file descriptors. Another
approach would be to have a modified tcpd. This would have
to have some option where by the destination *as well as*
the source was matched in the /etc/tcpd.conf file(s).
<p> (Personally I think that tcpd should be compiled
with a change -- so that the single tcpd.conf
file is used in preference to the /etc/hosts.allow
and /etc/hosts.deny files. Current versions do
support the single conf file -- but the naming is
still screwy).
<p> I'm not sure quite how Wietse would respond to this --
possibly by repeating the question:
<p> "If you want me to add that -- what should I
take OUT?"
<p> (which is what he said one to me when I suggested merging
his chrootuid code with tcpd).
<p> I've blind copied Wietse on this (Hi!). I doubt he has
time to read the Linux Gazette.
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>2) A related problem: I have one machine running as a mail server
for several domains where the users are using pop to get their
mail. The problem is that the From: line always has the name
of the server on it. Is there a way to use IPaliasing to fix
this? Or do I have to muck around with the sendmail.conf file?
</B><P>
<p> This is becoming a common question.
<p> Here's a couple of pointers to web sites and FAQ or HOWTO
documents that deal specifically with "Virtual Mail Hosting"
<ul>
<li><a href="http://www.sinbad.wantabe.com/virtualmail">How to Set up Sendmail for Virtual Domains</a>
<li><a href="http://www.qmail.org">qmail: A Replacement for Sendmail</a>
</ul>
<p> (look for references to "virtualdomains")
<p> ... and here's one guide to Virtual Web Hosting:
<ul>
<li><a href="http://inorganic5.fdt.net/ldp/HOWTO/mini/Virtual-Web">
Virtual Web Mini-HOWTO</a>
</ul>
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>I guess the best way to do this would be to change inetd to figure
out on which interface the connection has been made on and then
pick the correct inetd.conf to reference, like
<pre>
inetd.conf.207.122.3.8
inetd.conf.207.122.3.90</pre>
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I would recommend that as a default behavior.
I suggested adding additional parameters to the
command line specifically because it could be done
without breaking any backward compatibility. The
default would be to simply work as it does now.
<p> I still suspect that this has some scalability problems
-- it might not be able to handle several hundred or several
thousand aliased addresses.
<p> I might still be useful to implement it as a variation of --
or enhancement to -- tcpd (TCP_Wrappers).
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>I think that inetd reads in the configuration file when it
starts because it needs a SIGHUP to force it to reread the conf
file. All you would have to do is make it reference the right table.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
This is also documented in the inetd man page.
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>Do you know where I could find the code? I would be interested
in looking at it?
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
The source code from inetd should be in the bundle
of sources that comes with the "NetKit"
<p> Look to:
<p><a href="ftp://ftp.inka.de/pub/comp/Linux/networking/NetTools/">ftp:..ftp.inka.de/pub/comp/Linux/networking/NetTools/</a>
<p> and mirrored at:
<p><a href="ftp://ftp.uk.linux.org/pub/linux/Networking/PROGRAMS/NetTools/>ftp://ftp.uk.linux.org/pub/linux/Networking/PROGRAMS/NetToos/</a>
<p> More information about Linux network code can be
found at:
<p><a href="ftp://sunsite.unc.edu/pub/Linux/system/network/NET-3-HOWTO">ftp://sunsite.unc.edu/pub/Linux/system/network/NET-3-HOWTO/</a>
<p> ... this includes the history of it's development and the
names of people who were active in it at various stages.
<p> If you're going to try to hack this together -- I'd suggest
a friendly posting to the comp.linux.development.system
newsgroup -- and possibly some e-mail to a couple of
carefully chosen people in the NET-3-HOWTO.
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="modem"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Navas Modem FAQ
</h3>
<P> <B>
From: John Doe
<br>
The next time you answer a modem question, you'd do well
to recommend reading of the very good Navas Modem FAQ at
<a href="http://www.aimnet.com/~jnavas/modem/faq.html">http://www.aimnet.com/~jnavas/modem/faq.html/</a>
</B><P><img align=bottom alt=" " src="../gx/ans2.gif">
Well, here's someone who wants to make a anonymous
tip to "The Answer Guy."
<p>At "John Doe's" request I looked over this site. It
does have extensive information about modems -- including
lots of press releases about which companies are acquiring
each other (3Com over US Robotics, Quarterdeck gets DataStorm).
<p>However there didn't appear to be any references to Linux,
Unix or FreeBSD.
<p>So -- if one needs information about modems in general this
looks like an excellent site to visit. However it the question
pertains specifically to using your modem with Linux -- I'd
suggest:
<a href="http://sunsite.unc.edu/LDP/HOWTO/Serial-HOWTO.html">http://sunsite.unc.edu/LDP/HOWTO/Serial-HOWTO.html</a>
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="modem2"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Setting Up a Modem
</h3>
<P> <B>
From: Yang, <a href="mailto:lftian@ms.fudan.edu.cn">lftian@ms.fudan..edu.cn</a>
</br>
I have an AT 3300 card( from Aztech) which integrates the function of
sound card and 28.8K modem. It seems that it need a special driver for its
modem function to be work. In MSDOS, there is a aztpnp.exe for that
purpose. Do you know is there any way I can get the card work (at least its
modem function) in Linux?
</B><p>
<B>Tianming Yang
</B><P><img align=bottom alt=" " src="../gx/ans2.gif">
I'm not familiar with that device. The
name of the driver suggests that this is a
Plug 'n Play (pnp) device (sometimes we use the
phrase "plug and *pray*" -- as it can be a toss
of the dice to see if they'll work as intended.
<p> My guess would be that this is a PCMCIA card
for a laptop system (which I personally pronounce
"piecemeal").
<p> Did you look in the "Hardware HOWTO" (start at
www.ssc.com, online mirror of FAQ's and HOWTO's)?
<p> Did you go to Yahoo! and do a keyword search on
the string:
<pre> linux +aztech</pre>
<p> ... (the plus sign is important there)?
<p> Since all of the real details about the configuration
of the card are determined by the manufacturer
(Aztech in this case) I would start by contacting
them.
<p> If they've never heard of Linux -- or express no
interest in supporting it -- please consider letting
them know that Linux support affects your purchasing
decisions. Also let them know that getting support
for Linux is likely to cost them very little.
<p> How to get a Linux driver for your hardware:
<p> If you are a hardware company that would like
to provide support for Linux and FreeBSD and other
operating systems -- but you don't have the
development budget -- just ask.
<p> That's right. Go to the comp.os.linux.development.system
newsgroups and explain that you'd like to provide
full documentation and a couple of units of your hardware
to a team of Linux programmers in exchange for a freely
distributable driver. Be sure to make the sources for
one of your other drivers (preferably any UNIX, DOS, or
OS/2 driver) available to them.
<p> If you don't like that approach, consider publishing the
sources to your existing drivers. If you are really in
the hardware business than the benefits of diverse OS
support should far outweigh any marginal "edge" you might
get from not letting anyone see "how you do it."
<p> (Just a suggestion for all those hardware vendors out there).
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="userid"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
User Identification
</h3><P> <B>
From: Dani Fricker, <a
href="mailto:101550.3160@CompuServe.COM">101550.3160@CompuServe.COM</a>
<br>
i need your help. for some reasons i have to identify a user on my
webserver by his/her ip-address. fact is that users logon comes from
different physical machines. that means that i have to assign something
like a virtual ip-address to a users log name. something like a reversal
masquerading.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
The IP Address of any connecting client is provided
to any CGI scripts you run, and is stored in the
server's access log (or a reverse DNS lookup of it
is stored therein -- depending on your httpd and
configuration).
<p> * Note: I suggest disabling reverse DNS
lookup on webserver wherever possible.
it generates alot of unnecessary traffic
and you can isolate, sort, and look up the
IP addresses in batches when you want to
generate statistics involving domain names.
<p> (I also tend to think that most of the
reports done on web traffic logs have about
as much rigor and resemblance to statistical
analysis as reading chicken entrails).
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>my ip-gateway connects my inner lan over two token ring network cards
(sorry, not my idea!) with the internet (lan <-> tr0 <-> tr1 <->
internet). the masquerading forward roule of ipfwadm gives me the
possibility to indicate a source and a destination address.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Oh. So all of the clients that you're interested in
are on a private LAN and going through a masquerading/NAT
server (network address translation).
<p> I would try using ident for starters. Run identd on your
Masquerade Host and make calls to the ident service from
your CGI scripts. I don't think it will work -- but it
should be worth a little info.
<p> From there you might be able to configure all the clients
on the inner LAN to use an *applications* level proxy
(squid -- formerly cached, CERN httpd, or the apache cache/
proxy server). Masquerading can be thought of as a
"network layer proxying services" while SOCKS, and similar
services -- which work with the co-operation of the client
software -- are applications layer proxies.
<p> I don't know if the private net IP address or other info
will propagate through any of these HTTP proxies.
<p> If this is *really* important to you, you could consider
writing your own "NAT Ident" service and client. I don't
know how difficult that would be -- but it seems like the
code for the identd (and the RFC 931? spec) might give you
a starting point for defining a protocol (you might want
to secure that service under TCP_Wrappers). You might want
to consider making this a TCP "Multiplexed" service --
look for info on tcpmux for details about that.
<p> The gist of tcpmux is that it allows your custom client
to talk to a daemon on TCP port 1 of the server host and
ask for a service by name (rather than relying on
"Well-Known Port Addresses"). So, if you're going to create
a new service -- it makes sense to put it under tcpmux
so you don't pick your own port number for it -- and then
have the IANA assign that port to something else that you
might want later.
<P><img align=bottom alt=" " src="../gx/ques.gif">
<B>do you see a possibility for an 'address assignment' between the two
interfaces? if you do please let me know.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I don't know of any existing way to determine the IP
address of a client on the other side of any NAT/masquerading
host -- I'm not even sure if there's any existing way to do it
for a client behind a SOCKS or TIS FWTK or other applications
level proxy.
<p> I'll be honest. With most "Answer Guy" questions I
do some Yahoo!, Alta-vista and SavvySearch queries -- and
ask around a bit (unless I already know the answer pretty
well -- which doesn't happen all that often these days).
I skipped that this time -- since I'm pretty sure that
there's nothing out there that does this.
<p> I welcome any corrections on this point. I'll be happy
to forward any refutations and corrections to Dani.
<p> All of this begs the greater question:
<p> What are you really trying to do?
<p> If you are trying to provide some form of transparent
access control to your webserver (so local users can
see special stuff without using a "name and password")
-- there are better ways available.
<p> Netscape and Internet Explorer both support a form
of client-certificate SSL -- which is supported at
the server side by the Stronghold (commercial Apache)
server.
<p> As an alternative -- I'd look at the possibility of
finding or writing a Kerberos "auth" module for
Apache (and deploying Kerberos to the clients).
This might be more involved than you're management
is willing to go for -- but writing new variations of
the indentd service might also fall into that category.
<p> IP addresses are a notoriously bad form of access
control. If you have a properly configured set of
anti-spoofing rules in the packet filters on your
router -- and you can show that no other routes exist
into your LAN -- then you can base access controls to
services (TCP/Wrappers) to about the granularity of
"from here" and "not from here." Attempting to read
more into them than that is foolhardy.
<p> Ethernet and Token Ring MAC (media access control) addresses
(sometimes erroneously called "BIA's" -- burned in addresses)
are just about as bad (most cards these days have options to
over-ride the BIA with another MAC -- usually a feature of
operating the card in "promiscuous" mode).
<p> Yet another approach to the problem might be to simply
put a web server on the internal LAN (no routing through
the NAT/masquerading host) -- and use something like
rdist to replication/mirror the content between the
appropriate document trees on the internal and exterior
web servers.
<p> Basically we'd need to know much more about your
requirements in order to give relevant recommendations.
<p>
--
Jim
<p><hr><p>
<!--================================================================-->
<a name="duplic"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Duplicating a Linux Installed HD
</h3><P> <B>
From: Mohammad A. Rezaei, <a href="mailto:rezaei@tristan.TN.CORNELL.EDU">rezaei@tristan.TN.CORNELL.EDU</a><br>
I just read your response to duplicating a hard drive using dd.
I think using dd limits the uses of this technique too much.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
I absolutely agree. I wonder where I suggested 'dd'
without expressing my misgivings.
<p> Please consider quoting little portions of my posting
when making references to them -- I write alot and
can't remember past postings without some context.
<P>
<img align=bottom alt=" " src="../gx/ques.gif">
<B>I have more than once installed/transfered entire hard drives using
tar. simply put both drives in the same machine, mount the new drive
in /mnt and do something like
<pre>
tar -c -X /tmp/excludes -f / | (cd /mnt; tar xvf -)
The file....
/tmp/excludes should contain:
/mnt
/proc
and any other non-local, mounted drives, such as nfs mount points.
</pre>
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
There are better ways to do this.
One way is to use a command like:
<pre>
find ... -xdev -type f | tar cTf - - | \
(cd ... && tar xpf - )
Another is to use:
find ... | cpio pvum /new/directory
... which I only learned after years of using
the tar | (cd ... && tar) construct.
</pre>
<p> In both of these cases you can use find parameters
to include just the files that you want. (Note:
with tar you *must* prevent find from printing any
directory names by using the -type f (or more
precisely a \! -type d clause) -- since tar will
default to tar'ing any directories named in a
recursive fashion).
<p> The -T (capital "tee") option to GNU tar means to
"Take" a list of files as an "include" list. It
is the complement to the -X option that you list.
<p> You can also pipe the output of your find through
grep -v (or egrep -v) to filter out a list of
files that you want to exclude.
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
finally, one has to install the drive onto the new machine,
boot from floppy and run lilo.
The disks don't have to be identical. the only disadvantage is having
to run lilo, but that's takes just a few minutes.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
The only message I can remember posting about 'dd'
had an extensive discussion of using tar and cpio for
copying trees.
Am I forgetting one -- or did you only get part of
my message?
<P><B><img align=bottom alt=" " src="../gx/ques.gif">
Hope this helps.
</B><P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Hopefully it will help some readers. The issues of
copying file trees and doing differential and
incremental backups is one that is not well covered in
current books on system administration.
<p> When I do a full backup I like to verify that it
was successful by extracting a table of contents or
file listing from the backup media. I then keep a
compressed copy of this. Here I use tar:
<pre>
tar tf /dev/st0 | gzip > /root/tapes.contents/.....
</pre>
<p> .... where the contents list is named something like:
<pre>
antares-X.19970408
</pre>
<p> .... which is a hostname, a volume (tape) number and a
date in YYYYMMDD format (for proper collation -- sorting).
<p> To do a differential I use something like:
<pre> find / -newer /root/tape.contents/.... \
| egrep -v "^(/tmp|/proc|/var/spool/news)" \
| tar czTf - /mnt/mo/diff.`date +%Y%m%d`.tar
</pre>
<p> ... (actually it's more complicated than that since
I build the list and compute the size -- and do some
stuff to make sure that the right volume is on the
Magneto Optical drive -- and mail nastygrams to myself
if the differential won't fit on that volume -- if the
volume is the most recent one (I don't overwrite the
most recent -- I rotate through about three generations)
-- etc).
<p> However this is the core of a differential backup.
If you wanted an incremental -- you'd supply a different
file to the -newer switch on your find command.
<p> The difference between differential and incremental is
difficult to explain briefly (I spent about a year
explaining it to customers of the Norton Backup). Think of
it this way:
<p> If you have a full -- you can just restore that.
<p> If you have a full, and a series of differentials,
you can restore the most recent full, and the
most recent differential (any older fulls or differentials
are unneeded)
<p> If you have a full and a series of incrementals you
need to restore the most recent full, and each
subsequent incremental -- in order until the most
Recent.
<p> It's possible (even sensible in some cases) to use a
hybrid of all three methods. Let's say you have a large
server that takes all day and a rack full of tapes to do a
full backup. You might be able to do differentials for
a week or two on a single tape per night. When that fills
up you might do an incremental, and then go back to
differentials. Doing this to a maximum of three incrementals
might keep your all day backup marathons down to once a month.
The restore must go through the "hierarchy" of media in the
correct order -- most recent full, each subsequent incremental
in order, and finally the most recent differential that was
done after that.
<p> (Personally, I avoid such complicated arrangements like the
plague. However they are necessary in some sites.)
<P>
-- Jim
<!--================================================================-->
<P> <hr> <P>
<center><H4>Previous "Answer Guy" Columns</H4></center>
<P>
<A HREF="../issue13/answer.html">Answer Guy #1, January 1997</A><BR>
<A HREF="../issue14/answer.html">Answer Guy #2, February 1997</A><br>
<A HREF="../issue15/answer.html">Answer Guy #3, March 1997</A><br>
<A HREF="../issue16/answer.html">Answer Guy #4, April 1997</A>
<P><HR><P>
<center><H5>Copyright &copy; 1997, James T. Dennis <BR>
Published in Issue 17 of the Linux Gazette May 1997</H5></center>
<P> <hr> <P>
<!--================================================================-->
<A HREF="./index.html"><IMG SRC="../gx/indexnew.gif" ALT="[ TABLE OF
CONTENTS ]"></A> <A HREF="../index.html"><IMG SRC="../gx/homenew.gif"
ALT="[ FRONT PAGE ]"></A>
<A HREF="lg_bytes17.html"><IMG SRC="../gx/back2.gif" ALT=" Back "></A>
<A HREF="./clueless.html"><IMG SRC="../gx/fwd.gif" ALT=" Next "></A>
<!--startcut ======================================================= -->
</body>
</html>
<!--endcut ========================================================= -->
Reference in New Issue View Git Blame Copy Permalink