Courtesy of Daniel, one excellent Exim cheatsheet.
Archive for the ‘Technical’ Category
Everything about Exim
Wednesday, November 29th, 2006Microsysinternals releases Process Monitor
Friday, November 10th, 2006Take Filemon and Regmon, combine them one program (apparently rewriting from scratch), and then change the license to make a previously invaluable sysadmin toolset potentially require payment. Thanks, Microsoft.
Periods in run-parts
Tuesday, October 31st, 2006Repeat after me, Debian/Ubuntu sysadmins. You cannot use the period (.) character in /etc/foo.d directories. Can't can't can't.
Why? Well, man runparts says:
If the --lsbsysinit option is not given then the names must consist
entirely of upper and lower case letters, digits, underscores, and
hyphens.
So, you can't have files named "vhost.foo.co.nz" in your /etc/logrotate.d directory, and you can't have files named "awstats-foo.co.nz" in your /etc/cron.d directory.
As much of a big deal is made of Halloween, and as many groups of kids I saw walking the streets about 7:45, we only had one person knock on the door trick-or-treating. And we managed to successfully pretend we weren't here, sitting in the lounge watching Torchwood. (I keep waiting for the Doctor to turn up.)
Cheap server
Tuesday, October 31st, 2006Ubuntu Edgy released, foibles and all
Sunday, October 29th, 2006I got a birthday present on Friday in the form of a new Ubuntu release, Edgy Eft. I downloaded the 6.10 ISO and promptly burned the 6.06 ISO to CD, only noticing when I got it home. Oh well, several hundred megs of downloads later...
Some notes:
- Due to a change in Python packaging policy, python2.4-module packages are deprecated in favour of python-module packages that have an X-Python-Version field in their control file.
- If you get a black screen & crash testing the beta NVIDIA driver, you probably need to edit /etc/modules and remove the eeprom driver. Found on the official NVIDIA Linux forum.
Beryl, the community Compiz fork, is, well, "a little over the top". After figuring out the settings to subdue it a little bit, I've got it usable. The settings dialog could do with a lot of love however, so anyone who is interested in UI and has free time (unfortunately I only currently hit one out of two) might like to volunteer to help.
I leave with a little laugh (courtesy of Jorge Bernal):
Exipick, and importing Apache certificates into IIS
Thursday, October 12th, 2006Greig's cool find of the day:
Exim comes with a script called exipick, which lets you see just the parts of the mail queue that match a particular pattern. ie. we want to get notified of messages that are queued on a backup MX, but aren't just bounces to fake addresses that will eventually time out:
exipick '!$local_error_message'
Which makes looking at mail queues much easier:
root@elston:~# exipick | wc -l 96 root@elston:~# exipick '!$local_error_message' | wc -l 0
My find is a little less interesting, and a little more "just googled it", but if you have certificates in Apache crt/key format, and you want to import them into IIS, you can
do so with openssl:
/etc/ssl/site.net.nz# openssl pkcs12 -export -out site.p12 -inkey site.key -in site.crt
Read more at Michael's meanderings, including about the useful SSLDiag utility.
Windows utilities you didn't know about: dsacls.exe
Wednesday, October 11th, 2006If you set permissions to lock yourself out of an object in Active Directory (or your co-worker does it for you - hi Pete!) then you can use the support tool ADSIEDIT to fix it.
Unless you've done something really difficult, like set DENY permission to "NT AUTHORITY\Authenticated Users".
The error was "An invalid directory name was passed" trying to change the properties on the object, which was also showing as a note, and not a container.
A suggestion to update the schema and clear the cache didn't work; what did work eventually, was this gem of a command line, suggested but not entirely correctly spelt out by knowledge base article 300444:
dsacls "CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=SITE NAME ,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN" /I:T /R "NT AUTHORITY\Authenticated Users"
And they say Windows isn't a CLI OS.
After using /R to remove the ACL, you can use /S to set it back to its inherited-from-parent ACL.
Ubuntu PPTP in Universe
Sunday, October 1st, 2006Thanks to the efforts of the tireless ajmitch (does he ever sleep?), not only is my network-manager-pptp package mostly finished, it's also going to be available in the universe repository for Ubuntu Edgy.
Until it shows up online, you can grab and test it here:
Test early, test often.
Ubuntu New Zealand Local Community Team (re-)launched
Friday, September 22nd, 2006Ever since the birth of computers, enthusiasts and fans around the world have collected together in garages, universities and pubs to talk about their interest, learn from each other and help promote their interest. Combine this with the huge popularity of Ubuntu, and you get the Ubuntu Local Community (LoCo) project.
A LoCo team is formed to help groups of Ubuntu fans and enthusiasts in a particular region to help advocate, promote, translate, develop and otherwise improve Ubuntu.
With the support of Jono Bacon, the Ubuntu Community Manager, and the awesome Australian Team, we're launching a New Zealand team for Ubuntu (http://ubuntu-nz.org/).
What's involved?
What would you like to be involved? Activities other teams have engaged in include, but are not limited to:
- development & coaching new, interested contributors
- regional customisation
- translations
- advocacy, both virtually and locally
- CD & merchandise distribution
- IRC support (or just hanging out)
There are no set goals for the team yet - it's entirely up to you, the new members, to decide as a group what we should do. There are many, many ways to ContributeToUbuntu!
Involvement in a LoCo is an easy way to get involved with the global Ubuntu community for non-developers and developers alike. There are people involved from many teams within Ubuntu who can help you gain useful skills for further involvement if you are keen!
How can I get involved?
Join our mailing list (https://lists.ubuntu.com/mailman/listinfo/ubuntu-nz) and our IRC channel (#ubuntu-nz on Freenode, or irc://irc.freenode.org:6667/#ubuntu-nz)
More details are available from the website: http://ubuntu-nz.org/
Software Freedom Day - all over!
Friday, September 22nd, 2006Thanks to everyone who helped out with WLUG's Software Freedom Day event. There is a good writeup and some pictures online at the SFD website.
On a personal note, I'd like to thank Ian and Bruce, who did most of the work on the day, as well as Bruce's family for their support and penguin suit wearing. Also, Michael, Rod and Ron for their help on the day. It was unfortunate that the sterling efforts of a number of individuals was sullied by the actions of another member on the day, who is being officially reprimanded for his behaviour. (And it's also unfortunate we were buried on page D7 in the Waikato Times, while front page, above the fold, was an article about our local furries.)
t this point I should also announce I am not standing for re-election on the WLUG committee next year. I've been secretary since we founded officially four years ago, through three presidents, vice-presidents and treasurers, and over 10 general committee members. It's been a great way to contribute to the open source community and I really hope that someone new and fresh gets involved.
Fear not, I'll still be involved; my current goal is relaunching the Ubuntu NZ local community team.
Subscribe with a news reader (RSS)
Have new updates sent by e-mail