Talkback

Talkback:144/howell.html

[ In reference to "Virtualization made Easy" in LG#144 ]

Drag Sidious [linlamer at cox.net]

yep.

You can thank a large part of Virtualbox's robustness on it's mature underpinnings. It's one of a large number of VM solutions based on Qemu code.

Other Qemu family members...

qemu-launcer -- gui to launch and manage qemu virtualization machines

qemu -- the original

kvm kernel modules and kvm application -- turns the Linux kernel into a hypervisor, userland portion is a hacked qemu. This takes advantage of the virtualization featues of newer AMD and Intel CPUS.

Win4Linux -- commercial application for running Windows on Linux.

Kqemu -- Accelerator for Qemu. Originally closed source kernel, it's open source ransom was paid by the Win4Linux folks and is now GPL.

The performance of KVM vs Kqemu vs Virtualbox vs Vmware vs Xen (running with full virtualization. Xen's paravirtualization approach is still easily the fastest)

It's good for not only desktop stuff, like virtualbox, but it can be very good for server stuff also.

It's not up to the same level as true hypervisors-based virtualization like with Vmware ESX or Xen (although as hardware vm support matures KVM is going to be big), but if you have a need for a couple servers and you don't have any spare space.. then Qemu (with KVM or Kqemu) is your man.

For example.. Qemu has a mode of operation were you can run it headless with the -nographic switch. Instead of a GUI box it will turn your console into a serial terminal. If you configure your host environment to use the serial console and then use Lilo's serial console support then you can effectively run your servers headless.

Then use screen to launch the VM and you can have multiplexed serial consoles for all your VMs on that machine.

Then there are lots of other clever things you can do with it like use LVM logical volumes as block devices for harddrives rather then loopback files and advanced networking with switching/router/firewalling.

Talkback:130/tag.html

[ In reference to "The Monthly Troubleshooter: Installing a Printer" in LG#130 ]

Ian Chapman [ian.chapman at alft.com]

Hi,

Talking about Linux Epson stylus 660 problems. It has worked and I printed an Open office letter to my sister okay. But I was having problems with gnome type and other apps. This printer was fine under win 98 and since I have updated the HW I decided to get with modern software too. Only hick my printer may or may not work.

One of the frustrations is too many cooks and no chief. Lots of willing helper but not exactly plug and play. I have junked foomatic and ghostscript and just have cups and gutenprint and Ubuntu. All the detailed stuff about sending this that and the other to the printer is a waste of time. The printer is stuck in the middle of a job despite canning all jobs form both gnome and the Firefox type interface. Even switching off/on the printer seems to keep the job active somewhere. I exited a terminal window that I was using to send escputil stuff and the printer started up. It's really strange. Previously the gnome and Firefox interface could not detect the printer or parallel port. The color ink led was on and I even changed the ink cartridge to no avail. There was nothing wrong with the original.

Using the Firefox interface I have a choice of several drivers and no idea what to use. My printer prints the commands that it receives and does not do what the software is telling it. I am not really able to stop printing and have a clean start. Any ideas would be a great help as would be a reset button for both SW and HW.

Regards Ian.

-- 
Ian Chapman
ALFT Inc
302 Legget Drive
Kanata K2K-1Y5
Canada
613-287-0470 (227)
	

Ben Okopnik [ben at linuxgazette.net]

Hi, Ian -

You're probably unaware of this, but you sent your message in HTML format. This doubled the size of your message without any benefit in return, and will create extra work for our Mailbag editor.

Please change your mailer's settings to stop it from doing this. For more info, please see <http://expita.com/nomime.html>.

On Mon, Nov 26, 2007 at 11:22:20AM -0500, Ian Chapman wrote:

>    Hi,
> 
>              Talking about Linux Epson stylus 660 problems.  It has worked
>    and I printed an Open office letter to my sister okay.  But I was having
>    problems with gnome type and other apps.  This printer was fine under win
>    98 and since I have updated the HW I decided to get with modern software
>    too.  Only hick my printer may or may not work.
> 
>              One of the frustrations is too many cooks and no chief.  Lots of
>    willing helper but not exactly plug and play.

I agree - but I suspect that we mean different things. From what I see here, you are allowing too many different cooks in your kitchen - and this is where the problem is coming from. Rather than taking random bits of advice from here, there, and everywhere, why not try following one set of instructions from a (hopefully coherent and reputable) single source? That way, if they're wrong, you'll have learned something along the way and you'll have better judgement in selecting a better source. Picking one each from columns A, B, and C teaches you nothing and gives you no opportunity to improve the process.

E.g., take the instructions from the article you're citing. You clearly have not followed the advice in there - which I happen to have written - since you're just guessing at which driver you should use. I gave specific instructions and even URLs for figuring that out. So, what is the point and the nature of your complaint? I fail to see it.

If you go back and follow the specific instructions in that article and they fail to work, feel free to come back and say something; I, for one, would be glad of the error report - and grateful enough to help you with resolving the problem.

>    I have junked foomatic and
>    ghostscript and just have cups and gutenprint and Ubuntu.   All the
>    detailed stuff about sending this that and the other to the printer is a
>    waste of time.  

I'm afraid that you're not qualified to judge that, but thanks for your opinion.

>    The printer is stuck in the middle of a job despite
>    canning all jobs form both gnome and the Firefox type interface.  Even
>    switching off/on the printer seems to keep the job active somewhere.  

Trying random things will create random results, yes.

>              Using the Firefox interface I have a choice of several drivers
>    and no idea what to use.  

Perhaps following the instructions - e.g.,

[...] be sure to take a look at http://linuxprinting.org/suggested.html
and to search their database
(http://linuxprinting.org/printer_list.cgi?make=Anyone) for a specific
printer's rating, before making your final decision.

>    My printer prints the commands that it receives
>    and does not do what the software is telling it.  I am not really able to
>    stop printing and have a clean start.  Any ideas would be a great help as
>    would be a reset button for both SW and HW.

Given your explanation, above, I'd look for multiple print servers running at the same time, and perhaps check '/var/spool' to see if there's anything untoward or unexpected is living there.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

Ian Chapman [ian.chapman at alft.com]

Many thanks Ben for the fast reply. I will certainly look more carefully into what you said. On the other hand I only want to print not spend all night getting a printer education. Regards Ian in plain text.

Ben Okopnik [ben at linuxgazette.net]

On Mon, Nov 26, 2007 at 03:27:13PM -0500, Ian Chapman wrote:

> 
> Many thanks Ben for the fast reply.  I will certainly look more carefully
> into what you said.  On the other hand I only want to print not spend all
> night getting a printer education.  Regards Ian in plain text.

You're welcome, Ian in plain text. [grin]

Unfortunately, the whole "plug-and-pray" thing isn't as reliable as Micr0s0ft would have you believe. True, there are a number of peripherals that work fine with their products - but that's also true under Linux. The difference is, things that don't work under Linux can usually be made to work with a bit of research. Under Wind0ws, if it doesn't work, you're simply screwed no matter how much research you do. Given that this is usually happening after you've already paid lots of money for both the OS and the driver (or, as is the case for most of the world, after stealing both and exposing yourself to legal sanctions as well as being morally in the wrong), that's not a dynamic that I find tolerable in my world. Spending a little time learning to make things work carries neither a legal nor a moral burden - so that's the path I choose.

I don't have a problem with those who choose to use something else, but getting a free OS, free programs, and free support and then complaining about everything not being perfect - as opposed to, say, lending a hand in getting it to be better - seems to me like failing to acknowledge a debt. You might want to think about that.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

Ian Chapman [ichapman at videotron.ca]

Hi Ben, Ian in plain text I hope. I had to add myself to the group lp and now I can print the text file

head -60 /home/stanley82/Artwork/PCB_elements.fp/Trig_HS.fp > /dev/lp0

Going into System administration printing add printer (gnome cups ad) and something is detected on the parallel port but it does not know what. I can tell it to use the parallel port and select Epson color stylus 660 but I do not know where to find the driver (escp2-660 I believe) and i since the printer was not detected it may not be a good thing to press on.

So I have got as far as...

At this point, the basic printer test (i.e., dumping text to the device)
should be working fine. Install your choice of queue manager (e.g.,
CUPS, 'lpr', 'lprng', etc.) and the appropriate
filters/drivers/definition files for your printer (Gnome-Print,
'hp-ppd', 'linuxprinting.org-ppds', etc.). You're ready to go! ... 

Gutenprint - Top Quality Printer Drivers
A very high quality package of printer drivers for Ghostscript and
CUPS, mainly for Epson inkjet printers, but also for inkjets from
Canon and HP, dye sublimation photo printers, and PCL laser printers.



(Converted from a rpm package by alien version 8.65.)

Best Regards Ian.

Ben Okopnik [ben at linuxgazette.net]

On Mon, Nov 26, 2007 at 10:03:00PM -0500, Ian Chapman wrote:

>    Hi Ben, Ian in plain text I hope.  I had to add myself to the group lp and
>    now I can print the text file
>    head -60 /home/stanley82/Artwork/PCB_elements.fp/Trig_HS.fp > /dev/lp0
>    which is a really good start.  I did it a couple of times.
> 
>        Going into System administration printing add printer (gnome cups ad)
>    and something is detected on the parallel port but it does not know what. 
>    I can tell it to use the parallel port and select Epson color stylus 660
>    but I do not know where to find the driver (escp2-660 I believe) and i 
>    since the printer was not detected it may not be a good thing to press on.

A printer driver just defines a set of codes that are sent to the printer to get it to perform specific actions. If you pick the wrong one, nothing bad will happen: the printer simply will not do what it's supposed to do, at which point you can try another driver.

The URLs I recommended list the specific driver needed for a given printer. I.e., the Epson 660 listing (http://linuxprinting.org/show_printer.cgi?recnum=Epson-Stylus_Color_660) gives the following info:

    Epson Stylus Color 660
    Color inkjet printer, max. 1440x720 dpi, works Perfectly
    Recommended driver: gutenprint (Home page, driver for: x86 32 bit, x86 64 bit, How to install)
    Generic instructions for: CUPS, LPD, LPRng, PPR, PDQ, no spooler

>        My packet manager tells me ...
>    Gutenprint - Top Quality Printer Drivers
>    A very high quality package of printer drivers for Ghostscript and
>    CUPS, mainly for Epson inkjet printers, but also for inkjets from
>    Canon and HP, dye sublimation photo printers, and PCL laser printers.
> 
>    (Converted from a rpm package by alien version 8.65.)
> 
>        So I would be really pleased to receive another push in the back.

Install that package, and use the recommended driver in your CUPS configuration. I find their web interface quite easy to use.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

Ian Chapman [ichapman at videotron.ca]

[[[ Alas, Ian isn't in plain text in the original, but I've cleaned it up for publication. -- Kat ]]]

On Tue, 2007-27-11 at 16:00 -0500, Ben Okopnik wrote:

> On Mon, Nov 26, 2007 at 10:03:00PM -0500, Ian Chapman wrote:
> >    Hi Ben, Ian in plain text I hope.  I had to add myself to the group lp and
> >    now I can print the text file
> >    head -60 /home/stanley82/Artwork/PCB_elements.fp/Trig_HS.fp > /dev/lp0
> >    which is a really good start.  I did it a couple of times.
> > 
> >        Going into System administration printing add printer (gnome cups ad)
> >    and something is detected on the parallel port but it does not know what. 
> >    I can tell it to use the parallel port and select Epson color stylus 660
> >    but I do not know where to find the driver (escp2-660 I believe) and i 
> >    since the printer was not detected it may not be a good thing to press on.
> 
> A printer driver just defines a set of codes that are sent to the
> printer to get it to perform specific actions. If you pick the wrong
> one, nothing bad will happen: the printer simply will not do what it's
> supposed to do, at which point you can try another driver.
> 
> The URLs I recommended list the specific driver needed for a given
> printer. I.e., the Epson 660 listing
> (http://linuxprinting.org/show_printer.cgi?recnum=Epson-Stylus_Color_660)
> gives the following info:
> 
> ``
>     Epson Stylus Color 660
>     Color inkjet printer, max. 1440x720 dpi, works Perfectly
>     Recommended driver: gutenprint (Home page, driver for: x86 32 bit, x86 64 bit, How to install)
>     Generic instructions for: CUPS, LPD, LPRng, PPR, PDQ, no spooler

Hi Ben, thanks again. I've been through most of this stuff. I junked all my printers and made a new one using the web interface as the gnome interface asks me to find a driver and I do not know were to look. Printing a test page results in lots of top left only on other wise empty pages. It was fine using your head

(head
-60 /home/stanley82/Artwork/PCB_elements.fp/Trig_HS.fp > /dev/lp0
) 

PCL 4
PCL 5
PCL 5c
PCL 5e
PCL 6/PCL XL  ;

ZjStream

IPP Printer or printer on cUPS server (IPP)

Many thanks for your patience

plane text Ian.

Karl-Heinz Herrmann [kh1 at khherrmann.de]

On Wed, 28 Nov 2007 08:00:22 -0500 Ian Chapman <ichapman@videotron.ca> wrote:

> On Tue, 2007-27-11 at 16:00 -0500, Ben Okopnik wrote:
> 
> > On Mon, Nov 26, 2007 at 10:03:00PM -0500, Ian Chapman wrote:
> > >    Hi Ben, Ian in plain text I hope.  I had to add myself to the
> > > group lp and now I can print the text file
> > >    head -60 /home/stanley82/Artwork/PCB_elements.fp/Trig_HS.fp
> > > > /dev/lp0 which is a really good start.  I did it a couple of
> > > > times.

Thats printing a text file only -- which is good to test if kernel drivers, cables etc. are ok. Once this is established it wont help much further.

> ) from a terminal window.  Now the printer is stuck in the middle of a
> long long test page.  Going into gnome printer properties these are

start a terminal/console and check with "ps aux" which process looks like its doing the data pushing to lp0. If you can't see the full commandlines try "ps auxww" -- might have lp0 in the line, might look as simple as a "cat" command. Then you can at least stop the data transmission to the printer.

> the drivers which do not look at all like what I was expecting.
> 
> PCL 4
> PCL 5
> PCL 5c
> PCL 5e
> PCL 6/PCL XL  ;I'm using this one
> ZjStream

As far as I know PCL is HPish while Epson uses a quite different printing language (ESCP? ). So checkout where your epson drivers are....

Here a "locate gutenprint" says:

/usr/lib/gutenprint/5.0.0.99.1/modules/print-escp2.la

from skimming through all the old (and mostly not necessary) included old mail I do not really see that you actually tried to configure your cups system by using the *CUPS CONFIG WEBPAGE*

It might or might not work with gnome/kde/XYZ frontends. But please try to go through the webpage:

http://localhost:631/

this talks directly to cups and you can add new printers. Dont choose a "detected new printer" if that failed earlier, but just go to "add printer", interface like "lpt1" and then choose the manufacturer (epson) then I get a huge list of printers including the Stylus color 660.

If that really still has no option for your Stylus ---

http://openprinting.org/show_printer.cgi?recnum=Epson-Stylus_Color_660

actually says "gutenprint" without any further details WHICH gutenprint driver.....

checking available ubuntu packages....
 
$ apt-cache search gutenprint
cupsys-driver-gutenprint - printer drivers for CUPS
foomatic-db - OpenPrinting printer support - database
foomatic-db-engine - OpenPrinting printer support - programs
gimp-print - print plugin for the GIMP
gutenprint-doc - users' guide for Gutenprint and CUPS
libgutenprint-dev - development files for the Gutenprint printer driver library
libgutenprint-doc - documentation for the Gutenprint printer driver library
libgutenprint2 - runtime for the Gutenprint printer driver library
libgutenprintui2-1 - runtime for the Gutenprint printer driver user interface library
libgutenprintui2-dev - development files for the Gutenprint printer driver user interface library
cupsys-driver-gimpprint - printer drivers for CUPS
escputil - maintenance utility for Epson Stylus printers
foomatic-db-gimp-print - OpenPrinting printer support - database for Gimp-Print printer drivers
foomatic-db-gutenprint - OpenPrinting printer support - database for Gutenprint printer drivers
ijsgimpprint - printer drivers for CUPS
ijsgutenprint - inkjet server - Ghostscript driver for Gutenprint

read the install instructions (probably use alien to convert the package).

 alien -t gutenprint-5.0.1-1lsb3.1.i486.rpm 
 tar -tvzf gutenprint-5.0.1.tgz | grep Epson | wc

./opt/gutenprint/ppds/Epson/Epson-Stylus_Color_660-gutenprint.5.0-en.ppd.gz
./opt/gutenprint/ppds/Epson/Epson-Stylus_Color_660-gutenprint.5.0.sim-en.ppd.gz

K.-H.

Karl-Heinz Herrmann [kh1 at khherrmann.de]

On Wed, 28 Nov 2007 23:12:33 -0500 Ian Chapman <ichapman@videotron.ca> wrote:

> REPEAT THIS TIME USING lpt1 in place of Epson parallel port and it was

DO NOT use the the "preconfigured" "LPT1 (Epson)".

Use Add-printer, give its names, tell the webpage it's on parallel 1 -- nothing else.

Then this ILL ask with a pure manufacturer list, choose epson, the list of availabpe printers in the "model" windo is on the next page then.

K.-H.

Karl-Heinz Herrmann [kh1 at khherrmann.de]

Oh -- sorry didn't read far enough.. .-/

On Wed, 28 Nov 2007 23:12:33 -0500 Ian Chapman <ichapman@videotron.ca> wrote:

so congrats to have gotten through that particular tricky spot in the interface.

> Head clean does not work I'll look into that later so many thanks for
> all the  help from yourself and Ben.  Regards Ian.

have a look at that escputil pack -- might contain cleaning routines etc.

And remembering my last inkjet from a few years back -- an early espon stylus -- you can use button-combination on the printer to trigger cleainng.

K.-H.

Ben Okopnik [ben at linuxgazette.net]

Hi, Ian -

I have added TAG back to the list of recipients again; please make certain that you're CCing TAG on an all these exchanges in the future. The only way that we get "paid" for doing this is by publishing the discussions in the Linux Gazette, where the rest of the community gets to benefit from them. Several of us do offer private support and tutoring, but those are not free.

On Thu, Nov 29, 2007 at 09:27:10PM -0500, Ian Chapman wrote:

>    Hi Ben,
>    Ian again in plain text.  I had an e-mail for your co-frere Karl.  

I'm assuming you mean Karl-Heinz.

>    My
>    problem was that I was selecting the parallel port for epson.  This gives
>    me a choice of six or so IBMish drivers.  When I selected LPT #1 I only
>    had to follow my nose.  I guess this is a cups feature non-desire?

Well, since you were printing to /dev/lp0 (as I recall), then - yes, "LPT1:" would be the equivalent. However, your nose should not be required - the choices from that point forward should be obvious. "Epson" for a manufacturer, and "Stylus 660 + gutenprint"... doesn't seem like it could get much simpler than that.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

Ian Chapman [ichapman at videotron.ca]

[[[ This one was in plain text, though. Thank you, Ian! -- Kat ]]]

On Fri, 2007-30-11 at 09:10 -0500, Ben Okopnik wrote:

> Hi, Ian -
> 
> I have added TAG back to the list of recipients again; please make
> certain that you're CCing TAG on an all these exchanges in the future.
> The only way that we get "paid" for doing this is by publishing the
> discussions in the Linux Gazette, where the rest of the community gets
> to benefit from them. Several of us do offer private support and
> tutoring, but those are not free.
> 
> On Thu, Nov 29, 2007 at 09:27:10PM -0500, Ian Chapman wrote:
> >    Hi Ben,
> >    Ian again in plain text.  I had an e-mail for your co-frere Karl.  
> 
> I'm assuming you mean Karl-Heinz.

Correct

> 
> >    My
> >    problem was that I was selecting the parallel port for epson.  This gives
> >    me a choice of six or so IBMish drivers.  When I selected LPT #1 I only
> >    had to follow my nose.  I guess this is a cups feature non-desire?
> 
> Well, since you were printing to /dev/lp0 (as I recall), then - yes,
> "LPT1:" would be the equivalent. However, your nose should not be
> required - the choices from that point forward should be obvious.
> "Epson" for a manufacturer, and "Stylus 660 + gutenprint"... doesn't
> seem like it could get much simpler than that.

I went wrong on the first sniff Parallel Epson triggered me not LPT #1. Once in Parallel Epson it's wrong. The only way out is to junk and re-start printer installation. There is no BACK one step that I could see. Once LPT #1 it like you said is obvious. I also read that Epson financed gutenprint and/or cups to do some driver work. It struck me at the time as great that they would have a special branch for Epson. What is a parallel Epson port for? Why does Karl suggest that this branch leads you to IBMish drivers?

Karl-Heinz Herrmann [kh1 at khherrmann.de]

On Fri, 30 Nov 2007 22:57:18 -0500 Ian Chapman <ichapman@videotron.ca> wrote:

>  What
> is a parallel Epson port for?  Why does Karl suggest that this branch
> leads you to IBMish drivers?

I'm not quite sure what that branch is meant to do.... from the available driver selection it probably should read:

ANCIENT GENERIC DRIVERS (EPSON MATRIX, PCL capable printers)

Occasionally cups actually told me on the start page that I've a new printer and installing that DID work out well. But more often than not it can't detect them properly and doesn't show actual new ones or wrong ones. Going through the "interface, manufacturer, model" on the other hand works most of the time very well.

k.-H.

Talkback:124/pfeiffer.html

[ In reference to "Migrating a Mail Server to Postfix/Cyrus/OpenLDAP" in LG#124 ]

René Pfeiffer [lynx at luchs.at]

Hello, Peter!

On Nov 28, 2007 at 1526 -0600, Peter Clark appeared and said:

> [...]
> I hope this is not an improper venue for seeking out information. If it is 20
> I apologize and will bugger off. If not, I am writing to you to ask a few
> questions about your Postfix/Cyrus/OpenLDAP article.

The Linuxgazette articles are meant to be useful, and if not then the authors usually answer any open questions or at least try to do that. We try to publish any useful answers, so this is why I sent my reply as copy to The Answer Gang list. This helps all people who have similar questions to find possible answers.

> I am not very experienced at all with OpenLDAP so that is where the thrust
> of my questions lay. I am trying to use your article and supplied
> configurations as a template and modifying as needed.

OpenLDAP isn't easy to set up, so you are in good company. This is not due to the software but to the concepts used in LDAP.

> In your tree design you show
> cn=webmail,ou=system,ou=accounts,dc=example,dc=net as a webmail account to
> do lookups but it is not referenced at all in the slapd.conf. How is that
> portion used.

slapd.conf only configures the basics of the OpenLDAP server process. You can define the directory where the LDAP tree is stored, the root account for the whole tree, the object class definitions to be used, SSL/TLS keys/certificates, indices and access rules. All this information is only used to start the server and then initialise the LDAP backend storage.

An entry such as "cn=webmail,ou=system,ou=accounts,dc=example,dc=net" is really a branch of the LDAP tree. This branch can either be a container for more branches or be an object of its own. The notation alone doesn't tell you what it is. You have to look for the object class of this entry. In my case I used "cn=webmail,ou=system,ou=accounts,dc=example,dc=net" as an example for an account object holding the password for access to the OpenLDAP server. The subsystem could connect to the OpenLDAP server, provide "cn=webmail,ou=system,ou=accounts,dc=example,dc=net" as a kind of login und authenticate with the password contained in the object referenced by "cn=webmail,ou=system,ou=accounts,dc=example,dc=net" in the tree.

That's what I meant by LDAP being a bit difficult to understand. You have branches which can be objects of classes and which can hold a variety of data. If the OpenLDAP servers sees that an object has a password attribute, it will allow a login with this password.

> I am trying to set this (your configuration) up in harmony with Daniel
> Marczisovszky's SquirrelMail plugins (ldap_abook_backend and
> ldap_prefs_backend). The ACL's and the how it fits with the tree structure
> is something I am having a hard time understanding. When I see in your ACL
> section you have:
>
> # Subtrees can be manages by tree admins
> access to dn.regex="^cn=[^,]+,ou=marketing,dc=example,dc=net$"
> 	attrs=children
> 	by dn.exact="cn=admin,ou=marketing,dc=example,dc=net" write
>
> As the article is written this doesn't seem to have a place or be
> necessary. Is this some legacy piece from your own configuration? Can it be
> removed or does something else depend on it?

This entry is an example configuration. I wanted to show how access lists can be used. This line says that the administrator using the object "cn=admin,ou=marketing,dc=example,dc=net" as login (and providing the correct password contained in its attribute) has write access to any child objects of the branch described by the regular expression "^cn=[^,]+,ou=marketing,dc=example,dc=net$". You can safely remove that 6rom your configuration. However you may add access lists for accounts that need to write to your LDAP tree. SquirrelMail will probably want to store things in the LDAP tree and thus need to have write access somewhere.

> I believe I need to add a ou=addresses for his ldap_abook_backend to
> function properly and I do not want to confuse my self with your ACL's
> and his suggested ones.

Yes, this is a good strategy. Try to have as few access lists as possible and sparingly add new ones. Too much ACLs (and RegExps) do cause confusion and misconfiguration.

Building ACLs in OpenLDAP basically boils down to the following configuration.

access to DESCRIPTION
   ATTRIBUTES
   by USER PERMISSIONS

http://www.openldap.org/doc/admin24/slapdconf2.html#Access%20Control

Don't despair when you have no clue after the first readings. I read this section a lot, believe me.

Best wishes, René.

Talkback:133/cherian.html

[ In reference to "Easy Shell Scripting" in LG#133 ]

Mudassar Khan [mudassar at jumpgames.co.in]

Hello, I am new one for shell programming. I want to write a shell script that.. 1) Read text file from source folder and past it in to a destination folder

2) Delete previous text file from destination folder (destination folder contain only one text file at a time)

3) And this moving of file happened on weekly basis (after completion of a week new text file copied in destination folder in weekly basis)

4) Which file will be copied in the destination folder is decided by week. If it is 1st week then p1.txt, if week 5th then p5.txt will be copied in destination folder.

5) Week will be start from any date decided by us (like 14 December on Fridays to 22 December Friday is 1st week and other weeks will be calculated by 14 December ). Please help me.

Regards, Mudassar Khan

Thomas Adam [thomas.adam22 at gmail.com]

On 06/11/2007, Mudassar Khan <mudassar@jumpgames.co.in> wrote:

> I am new one for shell programming.

And sending email, by the looks of it. Plain text only please. Don't send HTML email.

> 1)       Read text file from source folder and past it in to a destination
> folder
>
> 2)       Delete previous  text file from destination folder(destination
> folder contain only one text file at a time)

These are the same thing to me: see the mv(1) command.

> 3)       And this moving of file happened on weekly basis (after completion
> of a week new text file copied in destination folder in weekly basis  )

See cron, especially the @weekly directive for older dixie cron stuff, although most modern distros have /etc/cron.d/weekly/ and such for your use. You just drop a shell script in there, with the appropriate permissions.

> 4)       Which file will be copied in the destination folder is decided by
> week . If it is 1st week then  p1.txt  , if week 5th then p5.txt will be
> copied in destination folder.
>
> 5)       Week will be start from any date decided by us (like 14 December on
>  Fridays to 22 December Friday is 1st week  and other weeks will be
> calculated by 14 December ).

You would use date(1) for this.

Yes I am being vague, but this sounds like homework to me.

-- Thomas Adam

Talkback:137/takefuji.html

[ In reference to "Rule-based DoS attacks prevention shell script" in LG#137 ]

diana [ephrondiana at gmail.com]

Hello,

I was directed to you through talkback of the site -http://linuxgazette.net/137/takefuji.html. i got the following script from this site.but i am getting

ERROR message: "sed: -e expression #1, char 0: no previous regular 
expression Bad argument `DROP' Try `iptables -h' or 'iptables --help' 
for more information."while running that script manuall.

#!/bin/bash
rm -f ttt
touch tmp
# disabled IPs can be obtained from /etc/sysconfig/iptables
grep DROP /etc/sysconfig/iptables|awk '{print $5}' >tmp
# ------------------------ DoS attacks rule -------------------------
#identity mismatch in secure
grep Did /var/log/secure|awk '{print $12}' >>tmp
#Invalid user
grep "Invalid user" /var/log/secure|awk '{print $10}' >>tmp
# Maximum login
grep "Maximum login" /var/log/secure|awk '{print $7}'|sed 's/.*\[\(.*\)\])/\1/g' >>tmp
#
# ------------------ reduce redundant IPs from tmp file -------------
size=`/usr/bin/wc tmp|awk '{print $1}'`
i=0
while test $i -lt $size
do
      us=`sed -n 1p tmp`
      sed /$us/d tmp >tmps
      echo $us >>ttt
      cp -f tmps tmp
      size=`/usr/bin/wc tmp|awk '{print $1}'`
done
rm -f tmp tmps temp0 temp
#
# ------------------ activate detected IPs --------------------------
size=`wc ttt|awk '{print $1}'`
size=`expr $size + 1`
/sbin/iptables -F
i=1
while test $i -lt $size
do
        ip=`sed -n "$i"p ttt`
        i=`expr $i + 1`
/sbin/iptables -A INPUT -s $ip -j DROP
done   
# -----------------end of shell script test -------------------------  

Diana.K.

Ben Okopnik [ben at linuxgazette.net]

On Fri, Nov 02, 2007 at 06:49:57PM +0530, diana wrote:

>    Hello,
> 
>          I was directed to you through talkback of the site
>    -http://linuxgazette.net/137/takefuji.html. i got the following script from
>    this site.but i am getting
>    ERROR message: "sed: -e expression #1, char 0: no previous regular
>    expression Bad argument `DROP' Try `iptables -h' or 'iptables --help' for
>    more information."while running that script manuall.
>          But i am getting the output from logs as dropped ip in my
>    /etc/sysconfig/iptables.I am not sure of this error :'( .please help
>    me.......

I've forwarded your request to the author; perhaps he can help you out; if not, a number of people here are pretty competent at shell scripting. The script isn't very complicated, anyway - you might want to do a bit of troubleshooting on your own (e.g., figure out which line is throwing that error.)

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

Thomas Adam [thomas.adam22 at gmail.com]

On 02/11/2007, Ben Okopnik <ben@linuxgazette.net> wrote:

> On Fri, Nov 02, 2007 at 06:49:57PM +0530, diana wrote:
> >    Hello,
> >
> >          I was directed to you through talkback of the site
> >    -http://linuxgazette.net/137/takefuji.html.i got the following script from
> >    this site.but i am getting
> >    ERROR message: "sed: -e expression #1, char 0: no previous regular
> >    expression Bad argument `DROP' Try `iptables -h' or 'iptables --help' for
> >    more information."while running that script manuall.
> >          But i am getting the output from logs as dropped ip in my
> >    /etc/sysconfig/iptables.I am not sure of this error :'( .please help
> >    me.......
>
> I've forwarded your request to the author; perhaps he can help you out;
> if not, a number of people here are pretty competent at shell scripting.
> The script isn't very complicated, anyway - you might want to do a bit
> of troubleshooting on your own (e.g., figure out which line is throwing
> that error.)

Running it as:

bash -xv ./some_file

-- Thomas Adam

Trevor Pearson [trevor at haven.demon.co.uk]

diana wrote:

> Hello,
>
>       I was directed to you through talkback of the site 
> -http://linuxgazette.net/137/takefuji.html.i got the following script 
> from this site.but i am getting
> ERROR message: "sed: -e expression #1, char 0: no previous regular 
> expression Bad argument `DROP' Try `iptables -h' or 'iptables --help' 
> for more information."while running that script manuall.
>       But i am getting the output from logs as dropped ip in my 
> /etc/sysconfig/iptables.I am not sure of this error :'( .please help 
> me.......
>

Trevor.

takefuji [takefuji at sfc.keio.ac.jp]

Dear Diana Instead of running the shell script, run every line manually in order to identify the line causing the errors. /var/log format is different depending on the log system version.

Regards,

Yoshiyasu Takefuji

Professor of Keio University

Talkback:115/okopnik.html

[ In reference to "Staying Connected" in LG#115 ]

Amit Kumar Saha [amitsaha.in at gmail.com]

Hi Ben,

The google.pl is really nice utility script, I modified it to use Mozilla Firefox

#!/usr/bin/perl -w
# Created by Ben Okopnik on Tue Feb 12 07:03:34 CST 2002
$browser = "/usr/bin/mozilla-firefox";
 
exec $browser, "http://www.google.com/advanced_search" unless @ARGV;
 
for ( @ARGV ){ s/.*/%22$&%22/ if y/ /+/; $s .= $s?"+$_":"$_"; }
 
# $ENV{LANG} = "en_US.UTF8";
exec $browser, "http://www.google.com/search?num=30&hl=en&as_qdr=all&q=$s&btnG=Google+Search"

-- 
Amit Kumar Saha
*NetBeans Community Docs
Contribution Coordinator*
me blogs@ http://amitksaha.blogspot.com
URL:http://amitsaha.in.googlepages.com

Ben Okopnik [ben at linuxgazette.net]

On Fri, Nov 02, 2007 at 11:23:43PM +0530, Amit Kumar Saha wrote:

> Hi Ben,
> 
> The google.pl is really nice utility script, I modified it to use
> Mozilla Firefox

That was the point of having a "$browser" variable. Otherwise, I'd have hard-coded it.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

Amit Kumar Saha [amitsaha.in at gmail.com]

On 11/3/07, Ben Okopnik <ben@linuxgazette.net> wrote:

> On Fri, Nov 02, 2007 at 11:23:43PM +0530, Amit Kumar Saha wrote:
> > Hi Ben,
> >
> > The google.pl is really nice utility script, I modified it to use
> > Mozilla Firefox
>
> That was the point of having a "$browser" variable. Otherwise, I'd have
> hard-coded it. 

-- 
Amit Kumar Saha
*NetBeans Community Docs
Contribution Coordinator*
me blogs@ http://amitksaha.blogspot.com
URL:http://amitsaha.in.googlepages.com