Archive

Archive for January, 2005

Democracy in Style

2005-01-31 Comments off

For the second time in less than two months, a new democracy has shown us old western democracies how an election shoudl be performed. Admittedly, the Iraquis had a lot of help in getting to where they are in the democratic process, but the people in Iraq rose to the calling of the first democratic election there in memory with flying colours.

Like Ukraine did before them at the end of last year, the people in Iraq have expressed a will to have their voices heard, and done it in a way that puts western democracies to shame. We have our comfortable suburban school polling stations, a few minutes away from our homes, and we manage to get less than half the eligible voters out to perform our right to vote. In Iraq, they had the threat of terrorists, murderers, and fearmongers, with several polling stations actually bombed, and still near 90% of the voters turned out.

Congratulations Iraq and I hope that the future in your country is prosperous and free.

Categories: Editorial

Client and Staff FTP Server

2005-01-28 Comments off

Today I added an FTP site to our public web server on FreeBSD. It has it’s own volume on disk, it’s own special user, automatic 7-day expiry of files, and automatic weekly password changes. I did it all on a running multi-site webserver on FreeBSD, including adding disks, creating a raid set, mounting the new disks, adding users, installing expect, a scripting tool, writing scripts for cleanup and password rotation, and I did it without interrupting service on the web server or rebooting.

FreeBSD rocks.

Categories: Other Work Stuff

Virtual NLD

2005-01-25 Comments off

Recently I installed Ubuntu Linux on my home computer. Before that it was running SuSE Linux Professional. SuSE is a KDE distribution and Ubuntu is a Gnome distro. I’ve followed Gnome for a long time, and I like it’s style and simplicity. I don’t like the disorganized feeling I get from KDE, but since we’re a Novell shop and SuSE is Novell’s distro, I have been running that and using KDE.

I also follow what’s going on with the former Ximian people, and there are some interesting developments coming from that directction, including Mono, an open-source impmementation of .NET and C# for Linux and Windows, and Beagle, which is a realtime indexing and searching system for Gnome. I’m particularly interested in Beagle, because it takes something I loved about BeOS, namely dynamic near-instantaneous search capability, and extends it to the next level. I know I would use that every day for the way I work, so I really want a system that will run it easily. Since it is Gnome-integrated and mono-based, I have been considering switching to a Gnome-based distribution.

My Ubuntu installation at home showed me that I can happily work in a Gnome environment, so I’m ready to pick a Gnome distro for my laptop. Up pops Novell Linux Desktop into the radar. It supports both Gnome and KDE, but with better Gnome support than SLP, and Nat Friedman, the former Ximian Novell guy who is one of the main hackers working on Beagle, runs it. There’s also a red carpet channel for NLD that installs Beagle for you! Wow. NLD here I come.

First, I’m installing it in a virtual machine in Engineering before I commit my laptop.

Categories: Neat Geek Stuff

Odds and Ends Today

2005-01-24 Comments off

Today is a day for many small tasks. I created some documentation for GroupWise MailSaver, as flash movies using Wink, which is a free screen-capture and flash movie maker written for making screen demos.

I made some backups of my VMWare virtual machines, that I use for lab work and development. My GroupWise plugin, MailSaver is written in MS Visual Basic 6, but I don’t run Windows on my laptop to support a VB development environment, and I’ve also been known to blow up my workstation, so I have a VB6 development environment set up in Windows 2000 on a virtual machine that I run in VMWare. I also have a few NetWare server virtual machines and a NetWare administration Windows 2000 virtual machine that I use in Engineering so that I don’t have to hog half a dozen boxes to do development work with Novell’s DirXML.

I did a purchase order to Programmers Paradise for VMWare GSX Server for use in Engineering and another copy of VMWare Workstation for Bart’s machine, so that he can access his old NT4 environment after he gets upgraded to NLD or Windows XP.

I configured a couple of more servers to backup with our rsync backup solution to the big giant storage array. Now we have about 10 or 12 servers backing up nightly to it using rsync, with no major hiccoughs.

I also took delivery of a bunch of security tokens today that will be part of our multi-factor athentication system for web-based access to our internal Intranet. I have to still integrate them into our enterprise eDirectory. That’ll wait for tomorrow.

Categories: Other Work Stuff

Fun with Apache and mod_auth_ldap

2005-01-21 Comments off

We do disk-to-disk backups using rsync from our servers to a big storage server that I’ve blogged about before. I want my network administrators to have web-based access to the backups on the storage server so that they can do quick restores of a handful of files whenever necessary without having to do anything extensive. To do that I’ve set up Apache2 with mod_auth_ldap, and I’ve pointed the module to a pair of our eDirectory servers running nldap.nlm.

I have a minor problem that I can’t figure out. If I make the users authenticate with their uid property in the AuthLDAPUrl, like this:

ldap://ldap.server.com/o=container?uid?sub

then some users can authenticate and some can’t. I checked, and some users don’t have a uid property while some do, so I followed some hints I found on Goggle, and remapped the ldap attribute “uid” to the eDirectory attribute “cn”, which everybody has and which in our eDirectory, is unique. This doesn’t help, as the users without a “uid” property still can’t authenticate. I tried pointing the AutLDAPUrl to the “cn” attribute directly, like this:

ldap://ldap.server.com/o=container?cn?sub

but when I do that, nobody can login. However, when I change the authentication attribute to the email address, like the following, and have users login with their full email address, all authorized users are able to authenticate to apache. I don’t get it.

ldap://ldap.server.com/o=container?mail?sub

Its still a work in progress.

Categories: Storage and Backup

Ubuntu Linux

2005-01-20 Comments off

I’ve been running SuSE Linux Professional (SLP) on my home machine for about a year. I forget which version it was when I started but it ended up running 9.1, and I upgraded it to 9.2 when it came out. When I did that, my USB and cdrecorder didn’t work anymore, so I turfed my root partition and reinstalled 9.1.

I’m firewalled, but I’m a bit paranoid about security especially since my home network also has a few Windows machines on it. Because of that, I always track the SuSE Security updates using YOU. Periodically, Novell releases updates for SLP which seem to break my hardware or some piece of my software. Later, another update fixes the problem. In the interim, I have a broken system.

Yesterday I ran YOU and it broke my USB devices and cdrecorder again. I got fed up and decided to do something different. I know, some of you would say SLP is not Novell’s “stable” distro, Novell Linux Desktop is, and you would be right. Since we are a Novell shop, and we run lots of Novell stuff in the back room, it would have made sense to run NLD on my home machine. However I’ve recently been playing with an old Alpha server, and the only distro I could get running on it was Debian, so I wanted to learn a little bit more about Debian-based distros.

I’ve been reading about Ubuntu Linux, as desktop-oriented Debian-based distro, on Slashdot a lot, so yesterday I downloaded the installation ISO and burned it to CD. Today I ran it and installed the Ubuntu Warty Warthog release on my HP Pavillion.

The installation went smoothly, although I was a bit afraid that I would bugger up my data partition in the process. That didn’t happen, and the system installed pretty flawlessly on my machine, preserving my data drive but overwriting my boot drive as I had intended. I run a dual-head setup, with the system’s built-in i810-based video card as the primary and a Matrox Millenium II as the secondary. This setup was not autodetected by the Ubuntu installer, so (prepare to cringe) I had to manually edit the XF86Config-4 file to get my displays configured properly. It was not too difficult, since I have been using Linux long enough to remember when you always had to edit those files manually to set up X, because graphical tools and autodetection didn’t exist.

The next challenge was multimedia. For political and patent-paranoid reasons, Ubuntu doesn’t support much in the way of multimedia files upon a standard install. The Ubuntu support wiki was useful in rectifying that, though, and I used Synaptic to install mp3 support, dvd support, and mp4/divx support. That all worked fine, except I couldn’t install xvid/divx support for gstreamer, but It didn’t matter too much because I got divx/xvid working for xine anyways.

I’ll possibly be posting more on Ubuntu as I get more into it. So far it seems like a pretty polished distro, and I’m sure I’ll have fun with it.

Categories: Neat Geek Stuff

Managing User Space

2005-01-19 Comments off

Novell GroupWise, our email platform, hosts our mail on the server. I’ve ranted about trying to manage the space before. To aid us in the effort to manage space without actually resorting to mandatory deletion of email, we’re trying to use GWCheck, which is a GroupWise statistics and maintenance tool, to generate user statistics, and then parsing the statistics for users who are over their size limit, and then delivering that information to our network administrators. The administrators can then chase after the worst offenders and get the mail cleaned up. This gives us the benefit of keeping the size under control, and also ensures that the messages get filed appropriately if they contain project information for record keeping purposes.

I generated some log files manually with GWCheck and gave them to Bart. He wrote a java program that parses the logs and emails the results. I then created a batch process that autmatically invokes GWCheck to generate the logs and then runs the java program to email the results. It works great except for one flaw: There is a bug in the GWCheck program that we are using that prevents you from saving the exact configuration we want to run and running that in batch mode. All the settings of GWCheck can be scripted in batch mode except the one that we need, which is basically the option that shows you what messages a user would have to delete to get their mailbox down to the size limit set by the administrator.

I’m going to try to find a newer version of GWCheck that works with our version of GroupWise but that allows you to save that option.

Categories: GroupWise
Follow

Get every new post delivered to your Inbox.