Code Question: 01/29/11

Saturday, January 29, 2011

GPG encrypt and decrypt with ssh-agent

I use ssh regularly and have ssh-agent set up.

How can I use ssh keys to gpg-encrypt a file?

Edit: It seems that this is impossible. Why? ssh can encrypt traffic, so why not also files?

From serverfault nalply

No, SSH keys are not PGP keys and serve different purpose .
You must have PGP keys in GnuPG keyring.
But - you can convert GPG keys to PGP keys (using gpgkey2ssh) and gpg-agent can take care of ssh keys (using --enable-ssh option). I believe no such tool exists for converting SSH keys to GPG keys and cannot exist.

nalply : I prefer to work in the reverse: use gpg with ssh keys, since I already have an extensive ssh infrastructure.

Kristaps : that is not possible. Just view size of SSH public key and GPG public key -> SSH key contains much less info.

nalply : Okay, some things are not possible with SSH keys but I believe that encryption **is possible** since ssh encrypts traffic. Perhaps I should have asked: How can I encrypt a file with an SSH key?

From Kristaps

How to install GNU/Linux on ADSL router to setup internet watchdog?

What model of ADSL modem/router by major market brand can be used to install some distro of Linux to setup a watchdog to initialize connection by demand in case for example of main internet connection fail? Probably using C#/mono.

From serverfault abatishchev

How about something like a Draytek 2820 or 2930 that supports 2 WAN connections with failover or can failover automatically to a 3G connection?

If you do want a DIY solution, have a look at this wiki page over at dd-wrt

abatishchev : Thanks! What is the different between dd-WRT and OpenWRT?

abatishchev : btw, my main channel is high-speed ethernet and a reserve one - low-speed adsl

From Linker3000

Postfix on linux not sending mail

For some reason my server has stopped sending mail, and I am not sure why. I am running Debian 5.0 with postfix. I remember setting it up using apt-get, and it worked fine.

Is there a config file that I need to update? Can I send a test email from the shell?

From serverfault Zed Said

Sending a test email from the shell can be accomplished with:

echo "test-body" | mailx -s "test-subject" username@example.com

You might need to apt-get mailx or so.

I'm not familiar with postfix, but maybe there's a log file in /var/log you can look at, or check /var/log/daemon.log.

From ultrasawblade
You should check your logfiles
```
/var/log/mail.log
/var/log/mail.err
/var/log/daemon.log
```
It would be good to know if your mails are queued:
```
mailq
```
If there are mails in your queue try:
```
sendmail -q
```
Check your postfix service status:
```
/etc/init.d/postfix status
```
Please check your postfix configuration:
```
postfix check
```
Edit:

Please check your dns setup:
```
nslookup www.google.de
```
Please check if you are able to ping any of the destination domains:
```
ping www.google.de
```
Zed Said : Thanks, I see TONS of emails in the queue. I am using google apps, and see these errors in the queue: delivery temporarily suspended: connect to ASPMX3.GOOGLEMAIL.com[72.14.213.27]:25: No route to host (delivery temporarily suspended: connect to ASPMX4.GOOGLEMAIL.com[209.85.229.27]:25: Connection timed out)

Andreas Rehm : Please check if your dns setup works - I've edited my post.

From Andreas Rehm

How are subdomain resolved?

Hi, quick question for you, when I enter adress like test.mysite.net, first I connect to my ISP DNS, than if not found there to .NET DNS, than to mysite DNS, what after that?

I mean, I know that test.mysite.net could be at different IP adress, but what if I want to run virtual server there? I get the same IP as mysite.net has, and how does server know wheather I want to reach for test.mysite or mysite directly, if they have same IP adress ?

From serverfault $pageUsers[$entry.posts[0].author].name

This isn't a tricky question.
It's basic DNS operations to evaluate in the order of .net -> mysite.net -> test.mysite.net, passing the request from one domain DNS server to another.

See How Lookups Are Handled for a graphical explanation.

grawity : It's actually `.` -> `net.` -> `mysite.net.` -> `test.mysite.net.`

harrymc : @grawity: I believe this is optimized, to avoid the entire world soliciting one poor DNS master server.

dsolimano : @harrymc, you can see the DNS root servers here - http://www.root-servers.org/. Looks like we're up to around 200 physical servers backing up the 13 root server names. But yes, I believe the load on the roots tends to be intense. DNS software will often cache responses so it will know `net.`, but when the cache expires it will go back to `.` to refresh.

From harrymc

tomcat query timeout

Hi , i have a query oracle so large , and i have to represent the result in a table based in a web application. My problem is that when i want to view the data the web page give me an error, and i think that this error depends on a tomcat query timeout. I would like if is possible modify this timeout and how is possible.

Thanks a lot

From serverfault $pageUsers[$entry.posts[0].author].name

Not sure, but it might not be the case... Look for 'Reply Timeout' in this page:

http://tomcat.apache.org/connectors-doc/generic_howto/timeouts.html

From filippo

ESX Compact Flash

Hello,

I am planning on putting ESX on a compact flash media and making it bootable these will be running on high-performace servers. My question is:

Is CF a good idea and if so what CF read/write speed should I be looking for ESX specifically?

Currently looking at this for the reader:

http://www.lycom.com.tw/ST138.htm

Thanks in advance for your help.

From serverfault James Moore

You're probably better off with ESXi, as that's much closer to how it's intended to be run.

Massimo : Not if you want a service console. Which can be very, very useful. But, of course, ESXi is also free...

ErikA : IMO, anyone banking too much into ESX now is asking for trouble. ESX is going away, so we're all going to need to figure out how to live with ESXi.

gWaldo : The Service Console is indeed handy, but it's far less powerful than the VI/vSphere Client. Even if you don't spring for vCenter (where you can manage everything under one console), the Client is far more powerful than the Service Console. The only case where I've needed the Service Console was to ssh in to check /var/log.

Massimo : I disagree: there are things you can do in the SC that you *can't* do in the Client. Try manually editing a .vmx file.

gWaldo : I'll give you that, Massimo. Slipped my mind; that was a core part of our build process because of the imaging process we used...

From gWaldo
The CF will only be used to boot ESX, so it won't affect VM performance at all. It is indeed a documented and supported scenario to install and run ESX(i) this way.

James Moore : So ESX is loaded entirely into memory then?

Scott Warren : I agree with the commenter below you really want to install ESXi because ESX is going away.

Massimo : ESX isn't going away anytime soon...

Helvick : ESX 4.1 is the last major version of ESX that VMware will release. All future releases 4.whatever, 5 etc will be ESXi only, or as VMware now call it the vSphere Hypervisor. http://www.vmware.com/support/vsphere4/doc/vsp_esx41_vc41_rel_notes.html

From Massimo

ASP uploading/transferring images

I have an ASP web service, that allows to various users to put some data in a database and to upload some images. Since the users have different web sites, the web service uploads the image in a first directory in its own space, then calls an ASP web page located in the user's domain passing it the path to the image (correctly stored) as follows:

MResponseBackAsp(Session("Dominio") & "trasferisci.asp?nomefile=" & Session.SessionID & "-" & name)

So, here it comes the trouble, I receive the following message:

Microsoft VBScript runtime error '800a0005' 
Invalid procedure call or argument 
/trasferisci.asp, line 28 Si è verificato un errore nel salvataggio dell'immagine

The code relative to that line is commented:

<%  
nomeFile = Request("nomefile")

Dim lStato
Dim objHTTP
Dim strDataIn
'Randomize()

Set objHTTP = CreateObject("Microsoft.XMLHTTP") 
objHTTP.Open "GET", "http://URL/" & nomeFile, False 
objHTTP.Send 
lStato= objHTTP.Status
strDataIn= objHTTP.ResponseBody 'Binario 
Set objHTTP = Nothing 

If (lStato<>200) Or (Err.Number<>0) Then 
  problema = "Errore " & lStato & " o " & Err.Description & "."
End If

newNomeFile = right(nomeFile,len(nomeFile)-instr(nomeFile,"-"))
fileDaSalvare = Server.mapPath(Application("news_immagini") & newNomeFile)

Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
If objFSO.FileExists(fileDaSalvare) Then objFSO.DeleteFile(fileDaSalvare)
Set objFl = objFSO.CreateTextFile(fileDaSalvare, true)
objFl.Write BinaryToString(strDataIn)
objFl.Close()
Set objFl = Nothing
Set objFSO = Nothing

Function BinaryToString(Binary) 
  dim c1, c2, c3, p1, p2, p3 
  Dim L 
  c1 = 1 :  c2 = 1 : c3 = 1 
  L = LenB(Binary) 

  Do While c1<=L 
    p3 = p3 & Chr(AscB(MidB(Binary,c1,1))) 
    c1 = c1 + 1 : c3 = c3 + 1 
    if c3>300 then 
      p2 = p2 & p3 
      p3 = "" 
      c3 = 1 
      c2 = c2 + 1 
      if c2>200 then 
        p1 = p1 & p2 
        p2 = "" 
        c2 = 1 
      End If 
    End If 
  Loop 
  BinaryToString = p1 & p2 & p3 
End Function

Response.write "salvato"
%>

But the best parts come now: 1) If we call trasferisci.asp manually it works; 2) If we refresh the global.asa then it works again for a while

I read somewhere that there could be some problems whit image upload, where is the problem? Suggestions?

Thank you all folks.

PS (edit): I've posted this question here because we think that the problems are into the System, not into the code. I apologyze if it is not.

From serverfault IssamTP

The error message

Microsoft VBScript runtime error '800a0005'
Invalid procedure call or argument

while uploading files is probably related to the server. It may not support some of the newer functions of VBScript.

Maybe it has an older or outdated version of the Microsoft Data Access Components (MDAC) and/or VBScript.

By the way, shouldn't you use the
```
 Response.BinaryWrite()
```
method when writing binary data?

Also, I would issue Response.Clear() and set the right HTTP response header (according to the files MIME type): Response.ContentType = "...".

IssamTP : Thank you for your answer, we've analyzed your suggestions, but unfortunately we couldn't find the solutions. Anyway, just to be sure, we've posted the whole code of the original file "trasferisci.asp", hoping that this will help to fix.

IssamTP : The DLL version is 8.100.1051.0

splattne : okay, I see. I just don't understand why you're creating text files if you could save them as binary files. Is there a special reason? I guess the problem could be some strange strings being created from your binary content (image). Also, it could be a problem if browsers/sites use different text encodings (Windows-1252, UTF8, ...)

IssamTP : Yes, technically it would be better using ADODB.Stream, but the main web programmer says that it causes troubles with anti-virus.

From splattne

How to access NFS shares from Windows 7?

We have a group of users who run Windows and access files on a Linux box. Historically, they've been on XP and we run Samba on the Linux box. No problem.

Now we're testing Windows 7 and finding interoperability to be a huge pain between the older version of Samba (the Linux box is running Ubuntu 8.04) and Windows 7.

I'd like to use NFS instead, but the information out there on how to do this is confusing. Apparently you're supposed to install "Client for NFS" from Windows 7's "Turn Windows features on or off" dialog, but I don't see anything NFS related there. I've also seen guides which go into a huge amount of detail explaining how you need to map users between Windows and Linux, but then other places suggest that accessing NFS from Windows only requires a simple mount command or mapping a drive using server:/share syntax.

Any pointers?

From serverfault Graeme Donaldson

Under Services for NFS in windows features you need to check off client for NFS. I beleive this requires profesional or better (I don't have anything under enterprise available to verify)

Graeme Donaldson : Yeah after much frustration it seems that it's only available in Enterprise and Ultimate, despite many claims that it's available on Professional, which is part of the reason I was getting very confused. I'll install Enterprise instead of Pro and see how it goes.

From Jim B

What is the probability on AWS EC2 that I will lose my instance store data?

For the setup we are using, rolling the existing community AMI into an EBS volume and booting off that is a lot of work. The application data (including user uploaded files) is stored on an EBS volume, mounted, but all the server configuration is on instance store.

What is the probability that my instance will be killed and that my instance store data will be lost?

From serverfault chrism2671

Over a long enough time line, 100%. As Amazon makes changes to their network their servers occasionally restart and will take your instances with them. This page has some great information about persisting data across restarts, specifically, the section called "Persistence Strategy 2: S3-backed Instances".

chrism2671 : This is a good article; however, this assumes that EBS itself does not have a failure rate, which seems like an unreasonable assumption. However, moving stuff onto EBS makes it much easier to save a snapshot to S3. It's food for thought; what a shame Amazon can't just guarantee it!

From Justin Scott

Email server configuration problem

I used the tool here: http://www.mailenable.com/Tools/memaillookup.asp (I'm using Mailenable on a Windows Server machine) for mail.carleadcanada.ca and I get

FAIL, Unable to determine name servers for this domain. This may be because the domain is not registered. Please see www.dnsreport.com for more information on this domain.

What do I do next? And could this have something to do with email bouncebacks I'm receiving with 554 bad reputation messages?

From serverfault FiveTools

Have you setup Reverse DNS on your server? Many email providers will drop you email if you do not have a reverse pointer. YOu might have to contact your ISP to setup this.

wikipedia explains this quite well.

BoyMars : as well as reverse dns, also look at setting up an SPF record to fix your mail-bounceproblem: http://en.wikipedia.org/wiki/Sender_Policy_Framework

From Avada Kedavra
It may be the case that you basically only have one name server for your domain.

ns1.fivetoolsoftware.com. IN A 64.79.69.82
ns2.carleadcanada.com. IN A 64.79.69.82

Both are on the same IP, so it may be recognized as only one name server, which could cause some issues as at least two name servers are typically expected.

From

Trying to create a reverse proxy and app server on one machine with virtual interface

I have a single server on which I need to replicate a two server environment for testing purposes. One of the servers is an Apache reverse proxy and the other is an app server.

What I imagine I would do is setup Apache to use eth0 and create a virtual Ethernet interface (eth1) for the app server to use. Then I would configure Apache to act as a reverse proxy for eth1 which should allow me to access the app side of things via the eth0 address.

Is this possible? or am I on the wrong path?

From serverfault ShaneC

I wouldn't do it that way: it will be difficult to assert whether your reverse proxy is actually working or whether you're hitting the final interface directly. You'll need to check the content of the data over the wire to be sure.

Why not setup a couple of VMs for this instead ?

ShaneC : Never considered it.. we're actually running as a VM already. While I could request a new VM that would take forever. Running VMs on a VM just seems.. odd?

Stephane : Well, it's usually not even possible: you'd need an emulator instead of an hypervisor to do it and performances would be very bad. But maybe you can have a look at user-mode linux (http://user-mode-linux.sourceforge.net/): it probably can help you with that.

From Stephane

Raid 10 read speed does not scale with disk addition

We have 2 Dell boxes with the Perc H700 Raid Controller. One box has 6 x 600G disks configured as a single Raid 10 volume The other box has 12 x 600G disks configured as a single Raid 10 volume

I did a simple dd test by writing a file 2 x size of RAM ..I also avoided linux OS caching effects by writing another file the size of RAM before reading the original file I wrote.

I got similar write speeds in both boxes (about 350 -400MB/s)

I got a read speed of 590MB/s on the 6 disk box and 723 MB/sec on the 12 disk box.

I was curious if the doubling of disks should result in an approximate doubling of read speeds.

From serverfault RaidFan

I guess you are reaching the speed limit of either your controllers hardware and/or the PCI Express connection.

RaidFan : Thanks..that makes sense..so..the only way to get linear scaling is to have additional controllers. In this case..the 723MB/s seems to max out given the 6Gb/s interface speed.

RaidFan : Would adding a second controller help double throughput ?

TomTom : Only with software raid - hardly any raid controller I know of supports split controller raid arrays. Getting a proper controller would help - 12 drives should be on a SAS setup.

From SvenW
Try using different block sizes with dd. You're probably hitting an IOPS limit in your controller or driver.

Also try using hdparm -t for read tests.

From diq

How can I prohibit a user (of a specific db) to see other database names in SQL Server 2008 Management Studio?

I hope the user can only see his own database name when connecting the database using SQL Server Management Studio, is it possible?

From serverfault silent

I don't think it's possible - but why does it matter? Don't give their login any rights to anything besides their own database and they can't make queries or do anything else where they shouldn't.

/Edit - I knew that my knowledge is only good up through SQL 2005 - as LukeR says below, this is now possible with SQL 2008, so there you go.

Farseeker : It can matter if the database names are, say, the names of your other clients and your other clients wish to have their identities kept private. That said, if that's the case then you should have been aware of that from the start when using MSSQL

LukeR : It's also possible with 2005 http://msdn.microsoft.com/en-us/library/ms189077%28v=SQL.90%29.aspx

From mfinni
You need to change the VIEW ANY DATABASE permission. By default it is granted to the public role, which is why all users can see all DBs.

From LukeR

Could bayimg.com be used as a CDN?

I was recently pondering what I would do if I had a highly-trafficked web site but no money for a CDN. Has anyone looked into using bayimg.com as their (free) CDN?

From serverfault Ian Lotinsky

CloudFare just launched, providing a free CDN to the masses. This will be a much better option.

From Ian Lotinsky

Vitualization in HP-UX

Hi, I have an powerfull server with hp-ux, I received a request to install a new software(that software only run under windows server), I have no available windows servers in this moments, but i have several resources available in the HP-UX server.

Then my question is: Is possible virtualize a windows server 2003 in an HP-UX Server. Using for example virtualbox(That is free, but i don´t know if supports HP-UX.

Thanks a lot, I really aprreciated your recomendations.

From serverfault Mak

Doing some quick Googling, it appears that under nPartitions on Itanium, you can run Windows, presumably the IA64 architecture. That's not virtualization in the sense of VMware, but if your hardware is Itanium, look into that.

Idle wondering - how do IT and the business manage to get themselves into a box like this? The business buys software without even bothering to find out if the capacity is there? If this request is only for fact-finding, and the business didn't already buy the software, then my apologies, that's not the situation you're in.

Mak : Thanks, the software will be purchased, And if is imposible virtualize in HP-uX(that is my question), then a new windows server will be purchased too.

mfinni : As I said, the answer to your question is "yes" if you're running on Itanium and you can buy and run Windows 2003 or 2008 IA64, and if your application will run on Windows 2003 or 2008 IA64. So, what is your HP hardware?

mfinni : You marked this as the answer, which is great - but I'm still curious. Is your HPUX machine Itanium-based, and will your software run on Windows IA64?

Mak : uhmmm, no my machine is not itanium-based.. then the only solution(because there is not a virtualization solution in the sense of VMWARE) is purchase a windows server, for this software and possible other software too. Thanks for your time

From mfinni

How can I deny directory browsing in the case of start->run->my_server_ip?

We have a W2K3 Server, with certain directories shared on a couple of different drives. Both drives (C and D) have the default admin shares in place.

When any domain user is logged in, that user can Start->Run->server_ip and view a list of all shared folders.

Can I keep this from happening?

I'd like only domain admins to see this.

This probably reveals that I've got many other things wrong already, but it's my start point.

Advice?

From serverfault Ducain

You're looking for Access Based Enumeration. Download from Microsoft for Server 2003 SP1 or R2.

Once installed you can either globally enable it; or enable it on the Properties of individual shared folders.

Ducain : I suppose I have a deeper problem, though this will definitely help. In our case, I can't get the access perms to work. I have edited a share, first removing all access groups. Then I added Domain Admins to the group. I then logged in as an AD user belonging only to Domain Users, and could access the folder. Gah!

Chris S : "Then I added Domain Admins to the group." - ?? Is this share permissions or NTFS permissions? They're separate and both have to be configured correctly.

Ducain : Sorry - I'm an app developer being forced to check out server management stuff (don't get me started). To clarify, I removed all groups from the share permissions, and then added the Domain Admin group. Should this not limit access to this folder to only users signed in that belong to the group Domain Admins?

Ducain : I'm marking this as the answer because technically this would address the exact question I asked. I have other issues going on, but not regarding this question it seems.

Izzy : @Duncain - as Chris S mentioned, there are Share permissions, and then Security permissions - different tabs on the folder. Usually, you need to set Share permissions to Everyone [Full Access], and then set who can access it in the Security permissions tab

Chris S : @Ducain, sounds like you've got it correct. Izzy has the 'normal' procedure, but in your case you want Share Permissions set to Domain Admins = FA, and nothing else. If user who is not a member of Domain Admins can still see the folder (with ABE turned on) you've got something else going on. If they can actually access the contents of the folder then something is seriously f---ed up (like "Everyone" is a member of the Domain Admin group); if this is the case, double/triple check the members of the Domain Admins group.

From Chris S
This probably reveals that I've got many other things wrong already, but it's my start point.

Actually, it doesn't. Without Access-based Enumeration, all authenticated users will see a list of all shares when looking at \\fileserver. That's the way it works. Whether or not they can open a shared folder and view any of the contents depends on the ACLs that you set - but everyone should be able to see all the non-hidden shares. That's why they make hidden shares (\\fileserver\$Sharename) - in case you want to hide them.

Ducain : Thanks, cleared that up for me.

Tubs : Yes, to "hide" a share, you needs a sharename with a $ at the end. The admin shares are C$ and D$ so thats why they can't see them.

From mfinni

Sent emails never reach destination. ESM Message Tracking Center shows nothing after "Submitted to Categorizer"

A couple of users (out of 150) are experiencing an issue where they send out emails or message invitations, but they are never received by the recipients. When i go into Exchange System Monitor, and into the Message History for the email, it shows the status just stops after "SMTP: Message Submitted to Categorizer". the message just seems to disappear after this. It's only for a few users, and only on occasional emails.

details about our network, Exchange 2003, McAfee Virus Scanning on the computers (but email scanning is disabled), and we have an IronPort device doing email spam filtering, but i don't even see the emails showing in the message tracking on the IronPort, so it isn't even making it that far.

From serverfault

I've never seen messages "die" after being submitted to the Categorizer but I have to ask, what directories are you excluding from scanning on the Exchange server?

: i don't see anything specifically being excluded, but i'm not the one who set up the scanner. though, from what i can see, the only thing enabled in the virusscan console is "On-Delivery Email Scanner", which i thought only scanned incoming items, not outgoing (I could be wrong about that though)

joeqwerty : Take a look here to make sure that any file system or real time av scanners have the appropriate directories excluded on the Exchange server: http://support.microsoft.com/kb/823166

From joeqwerty

IE8 installation via Group Policy Objects installs even if user has IE8

When I try to deploy IE8 group policy to users that already have IE8 installed the group policy object uninstalls and then re-installs IE8.

Is there anyway to prevent this?

From serverfault Ishmael

Its kinda an Achilles heel of doing GPO installs in my experience. The GPO looks to see if it installed the program yet or not, it doesn't care if the program is installed already. Its kinda a feature really since it lets you control exactly what application and version is installed.

Depending on how you handle things deploying IE8 through WSUS may work better since then Windows updates checks and compares the available downloads and only downloads what it needs.

Mitch : Agreed on WSUS. It handles all Microsoft updates like a champ, including the browsers.

Ishmael : You can't use the IEAK IE8 with WSUS.

Shial : Maybe not, but the original question never said IEAK was involved.

alharaka : How else are you installing customized MSI's for IE8? That is the only way I know. If you are not customizing, why try to even use IEAK? Let WU handle the updates.

From Shial
In order to prevent your IE8 policy operating on computers that already have IE8, you need some way of scoping your policy so that such a population is outside of the scope of your policy.

You can do this by
- Scoping the policy to a group which you are adding only objects without IE8
- Use a WMI filter in the policy which checks for an entry that only IE8 machines have, if the item exists fail the policy
:

Ishmael : thx I created a WMI filter that only installs IE8 if the user does not have IE8 or greater.

From edusysadmin

Backplane Degraded on Dell Poweredge 2950 but non-critical?

My dell PE 2950 is today telling me that the Backplane is running in degraded mode but that the warning is non-critical.

My question is, what is the actual problem here? How can i find out? The openmanage tool is a bit vague to say the least!

Is there another bit of diagnostic i can run?

Also there is a yellow blinking light on one of the hard drive bays but the openmanage tool says all hard drives are fine. So what the dickins is going on here then?!

Any help very gratefully received!

From serverfault audiopleb

From OpenManage:
- Which Controller/backplane component is "Degraded"? (System - Storage - controller name)
- Checks logs in System - Logs (tab) - Hardware and Alert
If you can reboot your server, there is a Diagnostic CD Live from Dell.

audiopleb : On Connector 0 and connector 1 there is a warning triangle next to "Enclosure (Backplane)"

audiopleb : The log says Storage Drive 4: Drive slot sensor for storage, drive fault was asserted.

lg : So the problem is disk in slot #4.

audiopleb : But the openmanage software says all the disks are fine!

lg : Do you upgrade backplane and controller firmware and drivers? Then, if your server is covered by warranty, you can call Dell Support and explain your problem.

audiopleb : The server is out of warranty but that's cool, i think it is the HDD and i need a spare anyway so it's no problem ordering one. It's just a ambiguous error report in that it identifies the backplane as being the fault when as you say it probably is the HDD. I'll know for sure when the HDD turns up though! Thanks for your assistance and help!

From lg

How do you run Smokeping on Nginx?

I've recently switched my Apache web server to Nginx and everything is working great.

The only thing I can't get running, which worked on Apache, is Smokeping (http://oss.oetiker.ch/smokeping/).

Afaik Smokeping is run by a single .cgi script and Nginx can't run those.

Does anyone know how to get Smokeping running on Nginx? Maybe there is a way to convert/run Smokeping as FastCGI?

From serverfault Daniel Johansson

I can't say about making Smokeping use FastCGI, but if that doesn't work out then Nginx can talk CGI via FastCGI: http://wiki.nginx.org/Fcgiwrap

Docunext : Yep, an fcgi2cgi wrapper would work fine; there are perl and c versions out there.

Daniel Johansson : Thanks, I solved it another way which also works well. http://wiki.nginx.org/ThttpdCGI Smokeping running in the minimal thttpd server and proxy from Nginx.

From Martin F

What is the best way to setup faxing in a local network?

Is there a way to setup simple faxing, as simple as emailing a document?. Also to multiple contacts at once and to predefined mailing lists.

Please let me know a good client / server.

Free / Opensource, preferred.

Thanks

From serverfault saint

The Asterisk open-source telephony server could do it, with some plugins. Or Hylafax, which appears to be quite popular too.

I've no experience with either solution, but both are open-source, free and well-known. You'll still need a modem to actually send and receive the faxes.

Other options are web services that provide fax2email and email2fax. Hundreds of those around, but none-free for obvious reasons.

saint : Does it work with a simple modem.

John Gardeniers : +1 for HylaFAX, which is trivial to set up and works with any standard modem. Asterisk however would be just about the ultimate in overkill.

saint : after trying to install hylafax, which is not much of a trouble. But getting modem to work on linux is a pain in the ass.

From Martijn Heemels
For a Fax Server you could use HylaFax, with a web interface like AvantFax, you could also use un the client side JHylaFAX that is an open source and platform independent client for HylaFAX.

From aleroot
Depending on your volume and users you may find it easier to just outsource it to a service such as myfax,efax, etc. They can do number porting in some situations and offer a lot of features that you may find helpful.

From PHLiGHT

IMAP server that saves space on identical attachments

Looking for IMAP server that can detect duplicate attachments across mailboxes and would not waste space on them.

So, if 4 local mailboxes receive the same attachment I would like it to be stored only once on the file system.

Open source preferred.

Also, had troubles coming up with concise description for the above, and hence researching online resources, so suggestions for good keywords are also very welcome.

Best

From serverfault Unreason

Yeah, Dovecots new mailbox format called dbox can do this.

Single instance attachment storage. If multiple mailboxes/users have the same attachment, it's stored only once in disk.

Unreason : Great... err wait, the whole quote is 'dbox storage is extensible, so in future there will be other extensions. Some things that are planned: Single instance attachment storage.' Also, according to http://blog.dovecot.org/2010/07/single-instance-attachment-storage.html I think it is only in testing stage (pls correct me if I am wrong). +1 for help with keywords...

weeheavy : You're right with the 'single instance' point. This is only planned. 'testing stage' is not the right word, it seems more stable than that.

From weeheavy
On which operating system do you want to run it?

Exchange does exactly that (and not only to attachments, but to whole messages).

But implementing Exchange only to have an IMAP server would be quite overkill...

Helvick : FYI Exchange single instancing only does this within mailstores and even that has been dropped for Exchange 2010.

Massimo : Yes, I know this is applied at the database level (which should anyway be quite obvious when thinking of it); but thanks for pointing it out.

From Massimo
Cyrus IMAP can do this among many other things. But be warned, Cyrus is not as straight-forward to install as Dovecot.

Unreason : Thanks. What's the terminology for it in Cyrus? +1

Phil P : singleinstancestore. It's per email, not per attachment. It's turned on by default, but you need to be using LMTP delivery as it only does this for each recipient on a single instance of receiving a message, it does not do correlation to previously-received emails.

From Janne Pikkarainen
Bit of a different answer, but what OS? Do you have the option of something like ZFS (which I believe does dedupe)?

From Hutch

MS Sql2000 and "scheme"

I've run to a problem in which I'm not sure where to look or how to fix it. The problem is the following. We have a site with a sql2000database. A backup from this was restored to create a development enviroment. Some of the store procedures are named [owner].name (owner is not dbo and I would want to keep the same structure in both live and development enviroment)

When I try to run those store procedures without specifing the owners name I get a "could not find store procedure" error. (using the owners credentials)

But I create a new user, and a new store procedure where this new users is the owner. And then login with the new user. Then I can find the store procedure by its name.

Example:

Owner = Daniel SPTest = store procedure (name Daniel.SPTest)

Create a new user and store procedure in the database Owner New User SPTest2 = Store procedure (name New User.SPTest2) Login as New User exec SPTest2 = runs procedure

I've tried to delete the user Daniel, then creating a new user with the username Daniel. But I still recieved the same error. Is there any other table where this kind of mapping is located?

From serverfault Daniel

Create your user 'Daniel' on the server (not just for that database, but in security objects for the server) then run:
```
USE YOUR_SQL_2000DB
sp_change_users_login 'auto_fix', 'Daniel'
```
The problem (most likely) is that your database is not viewing your new 'Daniel' as the same user as the old 'Daniel'. That system sproc should repair that.

Daniel : That would probably fix the problem. I did something similar to fix the issue though. I created a new user, changed the ownership to the new user. Then deleted the old one, created a new user with the old name and then changed back the ownership and then it worked. But your solution is probably the right way to go :)

From Dave Holland

Apply software settings to all logged in user accounts

Currently using Windows Server 2008 R2

I have created custom settings for a software and I want to apply it to all users on the domain, regardless of where they sit. Is it possible to apply these settings to an OU?

The settings have to be pasted to their user folders manually as of now from the admin account, and in order that any user can log into any computer on the domain we have to log all users manually, into all computers any shortcut to doing the same ?

From serverfault rzlines

Yes, Group policies are the way to go. In 2K8R2 you have the new group policy preferences built-in which enable you to create files on user computers (of course presuming, that your users/computers all are managed in an AD domain), which sounds exactly like the thing you want to do.

You can apply group policies to OUs and with group policy preferences you can use additional targeting conditions).

The "old" solution would be to create startup scripts and associate those either via GPO as well or use the "old" user profile solution.

From

Saturday, January 29, 2011

Blog Archive