|
I have BIND (using only caching DNS functions) and Shorewall on my gateway box (yes, after all this time, I'm finally back to working on it). If I connect directly into it via SSH, I can successfully do the following:code:
code:
|
# ? Mar 21, 2008 22:14 |
|
|
# ? Apr 29, 2024 17:30 |
|
Sergeant Hobo posted:
Backwards? If you only had a bind problem, http://64.233.167.104 would work.
|
# ? Mar 21, 2008 23:48 |
|
So I'm guessing I'm missing something in Shorewall?
|
# ? Mar 22, 2008 00:05 |
|
Well you may have two problems... perhaps get things working by IP first to take BIND out of the equation. But the most obvious thing to me is that you have BIND configured to only listen on 127.0.0.1 Your other computer isn't going to be able to talk to it that way. Edit: and as for Shorewall, are you sure that IP forwarding is enabled in the kernel? Shorewall will do it for you if you have the right setting in shorewall.conf, otherwise you have to do it yourself and then set it permanently /etc/sysctl.conf. To check: code:
Alowishus fucked around with this message at 00:09 on Mar 22, 2008 |
# ? Mar 22, 2008 00:07 |
|
Alowishus posted:Edit: and as for Shorewall, are you sure that IP forwarding is enabled in the kernel? Shorewall will do it for you if you have the right setting in shorewall.conf, otherwise you have to do it yourself and then set it permanently /etc/sysctl.conf. I know I enabled IP_FORWARDING in shorewall.conf. Just to be sure, cat /proc/sys/net/ipv4/ip_forward does give back 1. quote:But the most obvious thing to me is that you have BIND configured to only listen on 127.0.0.1 Your other computer isn't going to be able to talk to it that way. OK, that makes sense. I basically need to change it to listen on both itself and the external interface then? I've never configured BIND before much less anything even remotely related to DNS.
|
# ? Mar 22, 2008 00:20 |
|
Sergeant Hobo posted:OK, that makes sense. I basically need to change it to listen on both itself and the external interface then? Anyway... change your listen-on and allow-recursion directives to include your internal IP, like: code:
Alowishus fucked around with this message at 00:38 on Mar 22, 2008 |
# ? Mar 22, 2008 00:36 |
|
OK, now when I run nslookup in Windows on the internal interface (you are right about the machine with BIND having 2 NICs), it says: "UnKnown can't find https://www.google.com: Query refused" Time to go double-check my Shorewall rules file? EDIT: Or would it be better at this point to go with something like dnsmasq? I only really chose BIND cause I thought it was "the best" for lack of a better explanation. At a glance, it almost looks like dnsmasq is going to work better for me for the scope of what I'm doing rather than DHCPD + BIND. Sergeant Hobo fucked around with this message at 01:07 on Mar 22, 2008 |
# ? Mar 22, 2008 00:52 |
|
More Ubuntu permission fun: xsane won't detect my scanner unless I am root. Naturally this is a pain in the arse. How do I allow user access to this device?
|
# ? Mar 22, 2008 02:01 |
|
I had a hardware failure about a month ago, and I finally got the replacement part installed. My problem is that it was the motherboard, I have 4 hard drives, no recollection of what order they were installed in. I had the sata cables number, but I had to pull two drives out to get data off them. I've since decided to just pull the databases off of it and do a fresh install since everything is out of date now except for them. I booted off a live cd, mounted the root partition to /mnt/root, and did a chroot /mnt/root. After I got in, I tried to run mysqldump --all-databases, and it spits out an error: code:
|
# ? Mar 22, 2008 06:36 |
|
I'm playing with chroot, but I can't seem to get it to work.code:
This is on CentOS 5.1 with kernel 2.6.18-53.1.13.el5xen. SELinux is off, so it can't be that
|
# ? Mar 22, 2008 10:54 |
|
I'm probably being too simplistic here, but try chroot /full/path/to/chroot/ /bin/bash
|
# ? Mar 22, 2008 17:30 |
|
chryst posted:I'm probably being too simplistic here, but try code:
Grey Area fucked around with this message at 18:27 on Mar 22, 2008 |
# ? Mar 22, 2008 18:20 |
|
Grey Area posted:This is on CentOS 5.1 with kernel 2.6.18-53.1.13.el5xen. SELinux is off, so it can't be that your missing the ELF loader, ld-linux*.so. (strace probably shows execve returning -1/ENOENT, man execve fills you in on the rest). Your ldd-vs-ls hints at this too.
|
# ? Mar 22, 2008 19:44 |
|
covener posted:your missing the ELF loader, ld-linux*.so. (strace probably shows execve returning -1/ENOENT, man execve fills you in on the rest). Your ldd-vs-ls hints at this too. What I'm trying to do is run do chrooted SFTP using rssh. I'm following this guide, and it even mentions that I need the ld-loader, but I managed to miss it... :facepalm: Anyway, I can now chroot as root, but when I try to SFTP in as a user with rssh as shell, it opens the root directory (i.e. /home/chroot in actuality) and I get this in /var/log/messages: code:
code:
I can navigate to the home folder just fine using sftp, but it doesn't go directly to $HOME. /home/chroot/etc/passwd: code:
|
# ? Mar 22, 2008 22:23 |
|
So I ended up trying dnsmasq and it worked. Don't know what was going on but as long as it works. Thanks for all the help.
|
# ? Mar 23, 2008 01:02 |
|
Recently when I insert my fancy pants Sandisk EXTREME III SDHC card I am getting ugly errors like this:code:
I don't normally use this card in any other computer but I just plugged it into a macbook (with the same card reader, I only have one that does sdhc) a few times and it mounted fine each time. Is this some ominous sign that my card is about to fail? Please say no and don't be lying.
|
# ? Mar 23, 2008 04:51 |
|
Kaluza-Klein posted:Recently when I insert my fancy pants Sandisk EXTREME III SDHC card I am getting ugly errors like this:
|
# ? Mar 23, 2008 05:03 |
|
waffle iron posted:I would copy all the data off of the drive and use fsck on it or badblocks. Badblocks came back clean, but fsck.msdos does not: code:
Or is it safe/better to format the card with mkfs.vfat?
|
# ? Mar 23, 2008 06:05 |
|
Sergeant Hobo posted:So I ended up trying dnsmasq and it worked. Don't know what was going on but as long as it works. Thanks for all the help.
|
# ? Mar 23, 2008 17:32 |
|
Can someone verify real quick the proper way to chroot into a system? Is it such: mount -t proc proc /chroot/proc mount --bind /dev /chroot/dev chroot /chroot /bin/bash
|
# ? Mar 23, 2008 17:46 |
|
Alowishus posted:Awesome... simplicity wins! Sorry it was such a process. No problem, it was mostly learning for me. I (re-)learned the KISS principle so yeah.
|
# ? Mar 23, 2008 17:48 |
|
Kaluza-Klein posted:Or is it safe/better to format the card with mkfs.vfat?
|
# ? Mar 23, 2008 18:45 |
|
Ashex posted:Can someone verify real quick the proper way to chroot into a system? You're doing it all fancy like, I do it this way: code:
|
# ? Mar 23, 2008 20:33 |
|
Ferg posted:You're doing it all fancy like, I do it this way: That's how I tried it earlier (back a few posts about mysql) and got a bunch of errors. I'm going to try a proper chroot with mounting proc and all the other crap so it's completely functional. When I did it your way I was able to run everything else, so I got the dpkg selections so I could rebuild the system.
|
# ? Mar 23, 2008 20:40 |
|
OK, I've been running my laptop here through my newly Shorewalled gateway box and things have been fine (aside from a slight slowness which could probably be attributed to running the gateway with a 2.0 GHz Athlon XP and 512 MB of RAM but I digress). I'm about ready to take the plunge and go straight for Squid and its accompanying documentation (which will happen tomorrow when I've gotten adequate sleep). Anyone have any helpful hints prior to me doing this? Anything especially troubling to look out for, etc?
|
# ? Mar 24, 2008 02:10 |
|
I'm currently running some version of Kubuntu on my spare desktop PC that I only use as a file dump/SMB box/torrent&usenet machine and I was thinking about putting some kind of server distro on there because I don't need a GUI actually. I want it to run SABNZBD, some torrent client (most likely Torrentflux but maybe Rtorrent&screen) and some other stuff like a DAAPD (for iTunes), SMB and AMP (which I'll need for Torrentflux anyway). Will the latest Debian release be plenty enough or would I be better off going with the server version of Ubuntu ? I'm mostly concerned about the quality and choice in the official/semi-official repositories even though I somewhat know how to compile my own stuff should I need to.
|
# ? Mar 24, 2008 13:32 |
|
I'm having some trouble using IPtables with CentOS 5. I'd like to use the firewall but it seems when I turn it on I can't access internal web pages. (This server is running Cacti/Nagios) so when I try and open their web interfaces I cannot establish the connection. Here are the Iptables rules code:
Edit: I figured it out, I wasn't saving the file with code:
Twlight fucked around with this message at 17:44 on Mar 24, 2008 |
# ? Mar 24, 2008 17:36 |
|
rookieone posted:I'm currently running some version of Kubuntu on my spare desktop PC that I only use as a file dump/SMB box/torrent&usenet machine and I was thinking about putting some kind of server distro on there because I don't need a GUI actually. Why reinstall? Just turn off the X server so it doesn't start. And you should look at torrentflux-b4rt for all that. code:
And having the latest and greatest of everything is heavily overrated, as long as your system is up to date you should be fine. Especially for what you're doing. Now if you're running a system older then 6.06, you should probably upgrade. If you do, just get Ubuntu Server edition.
|
# ? Mar 24, 2008 18:21 |
|
Ashex posted:Why reinstall? Just turn off the X server so it doesn't start. And you should look at torrentflux-b4rt for all that. If you're running a console/server system though, stick to security updates, and otherwise don't roll forward until things are well tested, or you really need them.
|
# ? Mar 24, 2008 19:11 |
|
chryst posted:Latest and greatest isn't overrated for an Ubuntu desktop. Every minor release has genuine fixes and features that really do make a difference. As long as he's running at least 6.06, he's getting those fixes and features, since it is lts, and later versions are supported through 2008 at least.
|
# ? Mar 24, 2008 23:49 |
|
Ashex posted:As long as he's running at least 6.06, he's getting those fixes and features, since it is lts, and later versions are supported through 2008 at least. Not too experience with ubuntu, but are you losing some distinction between security updates, fixes, and features in an LTS release?
|
# ? Mar 25, 2008 00:45 |
|
covener posted:Not too experience with ubuntu, but are you losing some distinction between security updates, fixes, and features in an LTS release? You are correct, he will not get any new features. He will however get security updates and minor fixes. I would just do a early install of Hardy server edition and ride that for the LTS cycle. Since it doesnt sound like the current setup is worth saving and an upgrade would only take a few minutes. DISREGARD THIS - You are better off just using the tarball and installing the dependencies instead with the rate of updates SABNZBd+ is getting tehk fucked around with this message at 10:36 on Mar 25, 2008 |
# ? Mar 25, 2008 00:56 |
|
tehk posted:Also note that there is a script to make a SabNZBd+ install easy as pie since I do not think there is a package yet. There was/is a package in REVU which didn't make it in time for Hardy, sadly. Hopefully the guy will still be interested in packaging SAB for Intrepid, otherwise I might just do it myself.
|
# ? Mar 25, 2008 03:08 |
|
Edit: doublepost
maskenfreiheit fucked around with this message at 01:37 on Mar 13, 2017 |
# ? Mar 25, 2008 03:09 |
|
tehk posted:You are correct, he will not get any new features. He will however get security updates and minor fixes. I would just do a early install of Hardy server edition and ride that for the LTS cycle. Since it doesnt sound like the current setup is worth saving and an upgrade would only take a few minutes. If you're just running it as a torrent/file/usenet server, any new features aren't going to be thing you'd be interested. But I digress, the hardy release is going to have several very nice features that will benefit servers Ashex fucked around with this message at 04:31 on Mar 25, 2008 |
# ? Mar 25, 2008 04:14 |
|
I recently decided to give Linux a real shot after both Vista and XP (respectively) kicked the bucket on me. I installed Fedora 8 and am trying to get my normal workflow requirements satisfied as far as software is concerned. I am an amateur photographer and I shoot a Canon Rebel XT. F-Spot's photo importer takes it's sweet time downloading files, which is kind of an issue. The main problem though is the editing process. I found a program (UFRaw) to read the .CR2 Raw files that the camera saves photos as, but it's quite awkward to work with and is nowhere near as versatile as Photoshop's RAW editor. It also has the tendancy to load each new photo that I open with the edited settings (exposure, contrast curve, color temperature) of the last photo I edited, instead of the camera defaults, but I'm sure that's my fault. So are there any dSLR users here who know good RAW workflow editing software for Fedora?
|
# ? Mar 25, 2008 11:10 |
|
thanks for all the input guys. I was indeed planning on going with Hardy because it has the LTS but there is no server-only CD out there as far as I know, so I'd have to wait until April for the official hardy release. I suppose I could just download the beta CD and do a server install though. I know that I don't NEED to reinstall but I will be changing the HD for / and /home so I can just as well go with the latest and greatest. And since this machine isn't mission critical it's nice to be up-to-date all the time. The only thing I'm reluctant to install are the kernel revisions because I've been burnt more than once on those before. How is torrentflux-b4rt as a Newsgroups client compared to SABNZBD+ ? Does it do all the Par, unrar and delete magic or will it only download stuff ? BTW I won't install SABNZBD from a script ever since that same moron on the Ubuntu forums you linked to decided to roll his own script (v1 so to speak) incorporating a mandatory theme with injected ads (it auto-updated itself at every reboot) as part of his script. YAY !
|
# ? Mar 25, 2008 13:18 |
|
Couple miscellaneous questions regarding postfix: I need to pipe all email sent to the user jira@domain.com to a script called, oh let's say /usr/local/bin/autojira.pl. How the heck do I do this? Google hasn't really given me any insight and everything I have seen has been setting up postfix with SpamAssassin which entails piping ALL email out to a script. Secondly, and this one is really stupid but -- I just installed postfix and I in the process of configuring it but I noticed it's not listening on ports 110 or 143. Do I need to install a separate POP or IMAP server? Sorry guys, my Google-fu is lacking this morning.
|
# ? Mar 25, 2008 15:07 |
|
Welp! After creating the jira@ account in the usual manner, all I had to do was create a .forward in /home/jira containing: code:
code:
|
# ? Mar 25, 2008 15:36 |
|
|
# ? Apr 29, 2024 17:30 |
|
Hey everyone, I've been using Ubuntu for a while, and was thinking of changing to Gentoo. I used sabayon before but couldn't get my head around compiling from source (there aren't ebuilds for everything!). Could someone post a guide to compiling from source for me?
|
# ? Mar 25, 2008 15:42 |