Grex Coop Conference

Item 284: Grex Town Hall -- How do we move forward? - Fall, 2010

This item is for capturing opinions and ideas about how Grex can move
forward, what Grex can do to encourage more people to use the system,
and what we want Grex to provide in terms of services or applications.

Was this meant for Agora?

Looks like a good place for it to me.

Of course, it might be nice were it linked back to coop.

  
baord meeting this evening .. The GREX board meeting  will
start at 6:30 p.m.  I hope that this timing will work better. Board
meetings are open to all.  

Yes, this item was meant for agora (at the Board's request).  We wanted
to capture ideas for improving Grex on an on-going basis.  Of course,
people tend to use the item for announcements and off-topic questions,
but that's par for the course around here.  The idea of putting this
item in agora was to get it wider exposure, since most users don't read
the coop cf.

As to linking to coop, that can be done (and has: see coop item 284) if
we want to collect ideas in a place where they won't disappear with the
changing seasons (actually they don't disappear but they become harder
to find).

If you'd like to see what the previous Town Hall item was about, see
coop item 278 or the previous agora (summer item 6).  There are a lot of
discussions and ideas there.  If you'd like to continue them, feel free.
Old coop items are also good for ideas if you'd like to resurrect them
here.  You'll find that many of the current ideas have been discussed
for years and years already (with the same results).

What Grex needs to do is move beyond the discussion phase, choose some
reasonable ideas, and start implementing them.  As I've said before,
many ideas which have been proposed to date are ones we can try and then
remove or modify, if they don't work as expected.  So, keep an open
mind.

Email would be more usable if grex would dump any mails with Subject:
=?koi8-r.  At least 90% of spams recently are from Russia, and it would save
a lot of disk space not to be storing them in multiple mail accounts.  I do
get Russian mails from real people, with real subject lines, never this one.

the web page needs to be more interactive.  web email. web chat .etc 
Need to face the fact that only minimal users now access grex in any
other way.

Does that make me a "minimal user"?

I must also be minimal.  I hate web access.

  
guress i;m monimal as welll.   
  
that said, web access does need ot improve considerably, imo.
  
cli access is plenty good, but it;s rally fallen out of favor for the
majority of surfers. 
  

re #8,9, sorry but yes you guys are minimal, you guys are unix
dinosaurs.  grex can only ever be signficant again if it moves into the
modern era.

Dinosaurs take up a lot more space than a text file.

You know, if I were to sum up modern web design; minimalist, simplified,
and streamlined would be words I would use. 

Richard doesn't know what he is talking about.

I see a lot of really bloated websites.

A lot of websites need modernization.

re #13 neither does nharmon if he doesn't realize that grex will never
get new users, younger users, without a new approach, more interactive,
to its web page.

Modernization is not always an improvement.  A seed saving organization that
I belong to has its catalog on the internet now.  It shows only the first few
sentences of four entries from each page (which has dozens of entries) and
is 200K in size because of all the fancy programming and their insistence on
including a long list of all the varieties offered, on each page (instead of
a link back to a list).  Contains about .5K of useful info, then you need to
go to another page to see the rest of the entry.  A lot of the users live in
farm country and could not get broadband if they wanted it.  Dialup was taking
40 sec to load each page (with 2 pages per entry).  The fancy fonts,
backgrounds, etc. for each variety wasted a lot of this space.  Plain text
(or plain HTML) could have produced a page listing everything about 30
vegetables in 2K or so that everyone could have read.  Form over function.

re: 16
How do you suppose a whiz-bang web page is going to entice new or younger
users, when there's already an oversaturation of places to talk about whatever
you want, through the magic of PHPBB? 

I don't mean that to take a shot, but setting up a web BBS is literally as
easy as clicking "Install" and slapping a logo on top of a premade skin.

I'm saying that in the situation Grex is in, there is no reason NOT to 
overhaul the web page.  There is no status quo here to fall back on.  
Grex is either going to change to survive or it isn't.  The stats 
clearly show that very few people dial in or telnet in anymore.  Any 
improvements have to be geared toward those using the website.

Well richard, I am sure that if you would like to overhaul the webpage
and then submit your designs to the board, they will be fairly
considered. 

re #20 I didn't say that I had the expertise to do this myself.  It is 
useless to "ask for suggestions" in my opinion, when the board won't 
even consider the suggestions and then says, 'do it yourself'  This 
attitude gets grex nowhere.  Why even enter this item if nobody wants 
to change anything?

We want to move forward.  We don't have any volunteer movers at present.

FWIW, I am not on the board and have nothing to do with this item. I
just find the way you make your suggestions to be kind of obnoxious.
That is my own opinion and doesn't represent the opinions of anyone
else. 

Yes it does, slynne, it represents my opinions too.

The board is considering the suggestions you and others have made.  What
makes you think we won't?  I think updating the web pages and adding
more web apps would be a good idea.  It's not so much that there are
plenty of other places with fancy web pages to visit, but that there are
few any more who like to use the command line and probably take a look
and run away fast.  We'll never know what will work if we don't try and
I have to admit, it's more than a little frustrating to see every idea
torpedoed before it gets tried.  At this rate, we won't do anything.  We
can always ask for help in getting things done, but without a clear idea
of what we want to do, it will be frustrating for any volunteers.

re: 19
Since you've admitted that you don't have the background for doing it, I think
it's worth pointing out that overhauling Grex's web presence is not an
insubstantial amount of work. 

There has to be some compelling reason to be here, though. And from what I've
seen, that reason is largely nostalgia. With the exception of zulu, there
haven't been any names in BBS that strike me as being new. 

Years and years ago, you could have played the "Ann Arbor Flavor" card, but
that's largely gone now, and available elsewhere. 

Having a flashy web site isn't enough these days to answer:
*Who do you want to attract?
*How will you attract them?
*Why do you want to attract them?
*What unique or compelling reason will they have to stay?

And how many pieces of flair are you wearing

So, since a flashy web site isn't enough, what is?  Any suggestions?

I would rather have a simple system than a fancy one that takes time to load.

all I did was make suggestions without any mean spiritedness.  I fail to 
see why slynne thinks that is any more obnoxious than anyone else making 
suggestions.

It's because she knows you're going to shop it on M-Net to great success,
before the slow pokes here get around to discussing it in coop.

resp:30 If you really want to know...

You said: "I'm saying that in the situation Grex is in, there is no
reason NOT to overhaul the web page."

But there is a reason NOT to overhaul the web page. There might not be
anyone with the skills and the time to do it. There is a difference
between what you said and simply making a suggestion which would go a
little more like this: "It would be a very good thing to overhaul the
web page" 

Didn't we already recently overhaul the web page?

resp:33 The main Grex page is five or six years old. All of the interior
backtalk pages are at least seven years old (I think)

Which in Internet years is....a lot.  There is also a need to update
much of the information on our web site.

Grex also needs to stop this staff verification of new users.  It is 
against the principles on which grex was founded, and I believe that 
if such stats existed, you would see that new usership has dropped 
significantly since Cross put his little patch on the new user 
program.  New users don't stay around waiting for staff members to 
wave their magic wands and decide they are good enough, real enough, 
to post here.  They just go away.  

But everytime I suggest this, it hits a wall.  Staff just doesn't want 
to go there, even if there is broad user support for it.

I thought broad user support was where verification came from?

IIRC the issue with verification is this: If we don't verify, we tend to
have problem users taking the system down. If we had more staff
resources, we could probably handle this. But we don't. Still, I recall
that it was a short term solution and in the long run, if we don't make
it really easy for new people to sign up, there is no future. On the
other hand, if the system keeps being brought down by malicious people,
there is no future. 

resp:30 Well, since you asked....  Because you, Richard, stamp your 
foot every time someone questions one of your suggestions; nevermind 
the fact that they come across more as demand than otherwise.

resp:36 It's certainly not perfect.  But every time you bring this up, 
I remind you that Chad and Mickeyd were taking down Grex every chance 
they got, and we had no way to block them without putting in some kind 
of verification system.

Oh, and by the way?  You come across as a real asshole in that 
response.  Just food for thought, man.

In terms of verification, yes that was a user vote a while back, so the
users at the time agreed enough with it to approve it.  See the coop
cf for background and proposals for this (item 23 covers a lot of this
policy, there may be other items that apply).

Note that if you want to change this policy you can propose a new policy
(see Grex by-laws for how to do this).  If you're not a member (hint
hint), though, you can't vote on it.

For the restricted access for new users, yes, it is due to trying to
keep the system protected from malicious people.  It works, but I think
it may be chasing a lot of non-malicious people away.  Unfortunately,
we need something in place to help, otherwise we'll be up and down all
the time--which users complained about (rightly so), and our staff will
spend most of their time dealing with the situation.

If there is a better alternative to leaving the system open to malicious
users, let's hear it.  I'm sure we'd all like to go to a more open
system, but not at the cost of being frequently locked out due to system
downtime and/or inability to use the system (denial of service).

Richard is just frustrated that we don't have any new users because of
the verification issue.  He's right that the verification issue is a
problem.  He's wrong to insist on a solution when he is unable and
unwilling to do the work himself.  Richard, Unix programming is not an
innate talent like extreme good looks (my own contribution to the
world), or a limited resource like hydrogen.  It's an acquired skill. 
Anyone can get it, just as anyone can get the skill to drive a car.  If
you're frustrated that no one else does something you want done, there
is an alternative available to you which will get the job done, and in
the best possible way at that.  It is to do it yourself.

There are a lot of things Grex could do to attract new users.  Some of
them may be compatible with doing what it does now, the things which
keep us all here.  How about a smart phone app?  Bring back the
multi-user Unix games like Phantasia.  Acquire a bigger computer and
host video messages in place of text based messages.  Attract some
people who will make the specialty conferences interesting.  It can be
done; it was done some years ago, and we haven't devolved *that* much as
a species.

I like Grex as it is.  I'm not going to devote any resources to changing
it substantially.  I'll toss out ideas, though, if I think of any and
there is any interest.

resp:41 Small and completely off topic quibble: using hydrogen as an
example of a scarce resource might not be a good idea. It is the most
common element in the universe. 

Helium, on the other hand...

hydrogen is limited?

(ever put a helium balloon in a microwave? Star Wars, baby!)

re resp:43: Thanks!  I thought baloney was the most common element.

(Hydrogen is limited, just not as limited as anything else.)

resp:46 Yes, I guess I can't argue with that

Hydrogen is certainly common in the universe, just not on earth. Molecular
hydrogen, that is. The hydrogen in water is already burned and cannot be
recovered as molecular hydrogen unless you expend more energy than you will
get in using the hydrogen as a fuel, or whatever. 

This could all be moot soon anyway.  In coop #283 Aruba reported Grex's 
finances for the last two years as:

August 2008 balance: $6,238.21

                    
August 2010 balance: $2,717.39


At present rate of expenditure, approx. $1,750 per year, Grex will be 
lucky to see the end of next year.

Has there been any further talk of grex leaving provide.net and going 
virtual, i.e. no hardware and the software running virtually on 
somebody else's system?

To my knowledge, there is not a lot of support for a virtual Grex on
either the Board or staff, for various reasons.  I agree, it would be
good to lower our cost of co-location if we can.

Yes, we've been saying for the better part of this year that we have
a year plus a little more before we run out of money.  So for those
who said Grex has too much money as the reason they would not become
members, I'll ask again: at what bank balance will you consider Grex to
have not enough money and will become a member to help support Grex's
operations?

You have to provide a product that is worth supporting.  This item so 
far isn't an advertisement for grex.  Ideas are asked for and the very 
few who offer any are bitch slapped.  We can keep things the way they 
are and grex can quietly go away next year or we can have the courage 
to change.  

I think you need to have a viable idea to not get "bitch slapped".

I think Grex should get a million dollars. Money is very important in this
day and age, and the more money Grex has, the longer Grex will be around. If
we don't get a million dollars soon, I just don't know what could happen.

Wait... you want *me* to help get a million dollars? But I don't know anything
about having a million dollars! I'm more of an "idea guy". Stop shitting on
my awesome idea that nobody's had before!

Nailed it.

I believe Richard is conflating two things: multiple levels of 
verification of users, and the restricted shell for completely non-
verified users.

The former was agreed upon by the users.  Some form of it basically 
must be used for legal indemnity purposes no matter what.

The latter initially came as an emergency measure to stop mickeyd and 
chad from bringing Grex down, basically, every day.  There is some 
precedence for it: SDF uses a restricted shell until users go through 
some form of validation.

I'll agree that "Cross's little patch" (the restricted shell) is 
probably stopping some users from really getting involved in Grex.  
Not as many as a person like Richard would like to believe (really, 
there just aren't that many accounts being created on a daily basis, 
and TS has been keeping up with validation requests).  But at this 
point, turning away almost anyone is a problem.

But, on the other hand, unrestricted access has proven to be a 
problem, as well.

So we've got a quandry.  Unrestricted initial access - without some 
kind of barrier - is going to cause problems.  Experience has proven 
that.  However, we need to give more access to the system so that 
people have some incentive to check us out: something to pique their 
curiosity, as it were.

Let's step back for a moment and examine, from a technical 
perspective, the problem and the current setup.  Giving brand new 
users unrestricted access to Grex gives them access to too many things 
that let them muck with the system.  They can post thousands of 
messages to the BBS, or send spam, or flood another computer, or send 
endless telegram messages to other users, or exploit OpenBSD (which is 
a lot more buggy than we were led to believe when we first decided to 
use it, but that's a topic for another item) to crash the operating 
system.  And these are not hypotheticals, they're actual events that 
have happened on Grex.  Everyone who has responded in this thread has 
been a witness to them.

In order to prevent that, we must necessarily lock brand new users out 
of some services.  For instance, we don't give them instant access to 
outgoing network services: doing so has been the source of many forms 
of abuse over the past.  Forms of abuse that have nearly lost Grex its 
connection to the Internet.  That's what the current system does.

So, what's the problem with the current system?  Well, there are 
several.

For starters, it's *too* restrictive.  The set of things that new 
users can do is embarrassingly small.  I believe that it can be 
exanded significantly, without undue risk to the system.  The 
challenge here is technical; we've got to make sure that brand new 
users can't "escape" out of the restricted environment and get to an 
unrestricted shell.  It's always something of a delicate balance here; 
too many restrictions make the system uninteresting.  Too few make it 
unstable.  Adding too much into the restricted environment means more 
chances for that instability (in that someone could potentially find 
some obscure way to escape to a shell or something like that).  How 
hard it is to find something like that (and thus whether it's worth 
it) and how hard someone is likely to look are debatable.  It was my 
senes that with, e.g., Chad and Mickey, they were both very motivated 
and enjoyed the search.  The second you give access to a programming 
language interpreter or compiler, or even a text editor, you're 
essentially done.

But on the whole, I think the current restricted shell environment 
errs too far on the side of caution.  So that's one problem, and 
loosing it up can mitigate that problem to some extent.

The other problem involves the mechanics of the verification system: 
it's based on humans.  That implies a certain amount of latency is 
involved, because a human has to look at a validation request and 
manually respond to it.  If the latency is *too* great, the 
(potential) user just goes somewhere else.  I submit that any system 
involving human verifiers is going to result in too much latency.

So how does one reduce it?  Well, I think that one can automate it.  
That's effectively what SDF did: they tied into PayPal and implemented 
an instant verification system on top of their restricted shell, and 
as a result, they have a huge membership.  I think we can do the 
same....  In fact, I don't even think it's that hard.  It's just a 
Small Matter of Programming.

A lot of people bring up things like web interface and other bulletin 
board software and the like.  These are all really good ideas; I agree 
with essentially all of them.  Grex does need to modernize (and at the 
same time streamline) its web interface.  I did a lot of work in that 
area a year or so ago; just trying to clean up the HTML.  I agree with 
Richard that some web based tools for things like real-time chat would 
be cool.  Certainly, backtalk needs (at least) a facelift.

But I don't think that any of these are the ANSWER that people are 
looking for.  Because people don't really want chat and conferencing; 
that stuff exists elsewhere, and is done better than Grex could ever 
do it.  Grex may have been a pioneer in a lot of ways, but it didn't 
retain the leading edge over time.  Blogs exist elsewhere.  If Grex is 
going to survive, it's got to be different, and its got to be 
compelling.  I think it needs to find a niche that its good at and 
really embrace that.  I'm not sure what that is, though.

Excellent summary.  

SDF offers 600MB of space (for email and webpage etc.) including images in
your page, for $36 one-time payment.  Grex offers 1MB without images.

Just because some applications and services are available elsewhere or
even that someone else does the same service better, does not mean that
we can't offer the same thing here.  Other places offer unix accounts,
e-mail, etc.  I don't see a reason why we couldn't encourage users to do
their communication in a different environment if they so choose (which
implies that our current environment/apps will remain for those who
want to continue doing what they are currently doing).  Part of what
attracts people to a particular site is the community that exists there.
If we could encourage more sub-communities to exist here, that might
help.

I think the PayPal automation idea for verification deserves some
serious discussion as does the idea of allowing a little more
functionality into the restricted shell.

On the restricted user accounts as a defense against vandals:

My theory: There are two different types of hostile users.
The everyday type is interested in using Grex to go annoy people
somewhere else.  
The special ones are interested in screwing with the Grex community.
 
This is total speculation on my part, but I wonder if we need a 
2-tier defense system controlled by a switch.
 
Under Alert Code Yellow, normal conditions, newbies should be 
allowed access to party (especially), BBS, and maybe some other 
stuff which can't upset the outside world too much.

Alert Code Orange would be the status we have run on for the 
last couple of years, with pretty much everything locked down.
We'd save that for when a party hostile to Grex was actively
after us.

"Orange" might have to force users who newuser'd under "Yellow" 
to validate.   Otherwise the malicious anti-Grex person might 
just stockpile IDs under Condition Yellow.

This all sounds like work.  :-(   But locking newbies out of party
has pretty much killed the party community.


 

 My theory: There are two different types of hostile users.

There's also a third kind.  These are the people who go to Zingerman's
and pay $9 for coleslaw with bacon bits then tell everyone they had
an equisite Appalachian salad.  And anyone whom hasn't partaken of this
health elixir is not qualified in Grex governance.

re resp:47: My point was lost.  It was that Unix programming does not
need to be a limited resource.  Anyone can acquire the skill.  Richard
can contribute to Grex if he wants to see changes.  

re resp:50: When I feel like my contribution is not mainly adding to a
big pile of money being accumulated for no apparent purpose, then I will
contribute to Grex as I used to do in the past.  I was not aware Grex
was below the $3,000 mark.  I was not aware it was below the $6,000
line.  I refused to send more when it was at around $4,700.  It climbed
much higher after that.  No one missed the money I didn't send.

I'll go on record now.  If Grex hits $1,000 I will pay for a membership,
provided I can afford one.

The mission doesn't need money as much as it needs volunteers, imo

Thanks, John.  That gives us some idea of the elasticity of demand.
Otherwise we are just gambling that people will step up when needed,
which from what I've seen recently, isn't a good bet.

Anyway, if you or others are interested, we're trying to give the board
some authority to set the dues, as well as lower the dues to make
becoming a member easier.  

Also being proposed are changes to the size of Grex's board and to the
size of the quorum needed.

Now or very soon would be a good time to get a membership so you can
vote on those proposals.

Yes we need volunteers, but we will need the money to pay the bills at
a minimum.  With lower dues, it will take many more members to reach
the point of breakeven on our bills, I expect.  So, we're likely to
continue trending down in bank balance for a while yet.  Bear in mind,
any capital expenditures are unplanned for at this point, so we aren't
expecting to use our cash for any huge purchases.  And we'd like to 
keep some cash in reserve for unplanned events.

So, back to volunteers, who is volunteering to help grex?  

If no new ideas are workable and this place is soon to be unviable 
financially, maybe the time has come to accept it.  Next year will be 
Grex's 20th anniversary.  Grex opened to the public on July 18, 1991.  
The board could always vote that July 18, 2011, the twentieth birthday 
of Grex, is when it ends.  Spend the time between now and then 
celebrating everything Grex has been for two decades. Have a big 
blowout party that day and by midnight on 7/18/11, Grex goes offline.  
There would be one more board meeting after that to formally dissolve 
the corporation and donate whatever money is left to charity.

Grex would be going out on its own terms, rather than continue to die a 
slow death and just disappear one day.  Twenty years I am sure is a lot 
longer than any of the founders, or anyone else, thought grex would 
last.  All things end, it doesn't have to be a big deal.  It is just 
better that when something does end, that it ends with peace and 
acceptance.  Maybe it is the end for Grex.  If it is, lets just do it 
right.

Don't knock good ideas from those that can't or won't implement them. Yes,
I know that most people only like their OWN ideas (which be definition are
good), but it is more useful to put all good ideas on the table for
consideration, regardless of the source.

re resp:61: I agree but don't have time to give.

Grex does not seem dead to me.

Re: #59  I love it when Tod talks about hostility and coleslaw in the same 
sentence. So much anger channeled through cabbage. ;-)

resp:65 FWIW, explaining to someone who is demanding that his ideas be
implemented that the reason they aren't being implemented is because no
one has the time or inclination to carry them out is not the same thing
as knocking the idea or saying that it isnt a good idea. 

re #69 don't interpret someone *SUGGESTING* an idea as the same thing 
as *DEMANDING* an idea.  Please.  A suggestion is just that, a 
suggestion.

I am also suggesting that Grex get a million dollars. 

The fact that I'm insisting that not having a million dollars is proof
positive that the sky is falling, and that my awesome idea would have saved
everything if you'd only do what I say, doesn't change the fact that I'm not
*demanding* anything. Why, the mere implication is absurd!

richard, seriously, twinkie has you pegged in this regard. I am willing
to accept that you don't intend to sound as obnoxious as you do. But you
sound pretty demanding to me most of the time. 

re #71, 72 thats bs. someone suggesting an idea, with enthusiasm, is 
not being obnoxious.  Neither of you are helping grex by over-reacting 
to such posts.  

I don't know why you're lumping me in there. 

I am very enthusiastic about Grex getting a million dollars. I'm being quite
helpful, in fact, and here you go, shooting down my wonderful idea!

And believe you me, I'm not being obnoxious when I tell you that's wrong.
WRONG, WRONG, WRONG!

I've seen a lot of good suggestions, by the way, and am trying to keep
an open mind about which ones we can reasonably do.  Keep entering them
as you think of them.  It's getting agreement and the implementation
that take time (and Grex is known to move slowly on both counts). We
are working on some ideas even now (such a determining feasibility and
who could do things).  Enthusiasm is needed more than ever, along with
a sense of urgency about getting things accomplished quickly that will
help improve Grex before it's too late (and I don't think it's too late
yet).

Hey, it'd be great if we'd get a million dollars and there probably
are ways to do that legally (e.g. a grant).  twinkie, do you have
any line on how we could go about it?

I'll help Grex when I get back from Afghanistan next month.

  
got an email faorm a newly validated newuser, rust, wheo said (and approved
the posting of his email):
  
> Thanks. Been here before. For years and years. But, I kinda let the account
lapse having my Debian boxen available.
>
> Grex is HIGHLY useful for checking what robots see, text only browsing with
lynx, checking yer DNS from someplace else, all kinds of things that only a
remote connection can offer. But, since I farmed out hosting to another
company instead of doing it myself (and paying outrageous prices for
dedicated connections)... it just isn't what I used to do.
>
> Heck, I remember when you guys used to cry for parts. I guess I can toss
those 30 pin RAM modules now.
>  
... thoight yu;d all like to know ...
  

Re 77: Thanks, sounds good, Dan!
 
Re 78: Several more things to add to the list of "what can you do on grex?"
I'm glad to see a former user come back.  We need more people like that, as
well as new users.

  
r e 79 ... proactive validatoin at werk.
  

Carried over from the Treasurer's Report item, where folks where asking
about using Google for e-mail:

What is the advantage of using GMail for "@cyberspace.org" instead of
"@gmail.com"?  I can see the advantage for an organisation, but what is
the advantage for a user?

I think some people really like the cyberspace.org address.  

I can't imagine how anyone would have Grex as his/her primary email 
address.  If Google mail goes down it's for minutes.  If Grex's machine 
died, well, you could be missing a whole lot of mail for a very long time.  
We're simply not an enterprise email system.

re #81
 What is the advantage of using GMail for "@cyberspace.org" instead of
 "@gmail.com"?  

I guess you could ask current Grexers if they would use @cyberspace.org
if given a worthy email system.

re resp:75: I urge you to keep it open, Kent.  It's a little encouraging
to know someone thinks something is going on.  It might be much more so
to know what it is.  We're all used to feeling like part of the crowd,
not being outsiders looking in on the cool kids.

Grex has the advantage of being a shell account and also having spamassassin
so you can tailor your spam filtering, extract text from attached garbage,
etc.  I use it for freecycle and friends, but for anything that would cause
a problem if it got lost I use other addresses which are less convenient to
use.

Most items on the welcome menu do not work returning unhelpful error messages.
Hyperlinks in Grex help system go to http even for pages that actually reside
within Grex, resulting in broken links because new users cannot go HTTP. 
These are elementary things, not rocket science, and they are repelling to
bump into.

Aside:  Whether to use absolute or relative links is always an
interesting question.  The value of the former is that they can be
easily copied from one place to another.  The value of the latter is
that they *can't* be easily copied from one place to another.  

Yes, the web site needs some help with broken links, out of date
information, etc.  And the welcome menu should give better messages if
they aren't helpful.  The easier we make things the better off we'll be
and the happier our users will be.  To appear to be going concern we
need to keep up with issues like these, though we all understand that we
are volunteer run.  Sounds to me like we need to go through several
systems on here (including the web site) and make sure things are still
working and making sense (a never-ending task, it seems).

What is the process for becoming a volunteer?  (I am an easy rider here but
I could technically help)

Wow, thanks for being willing to jump in and help!

  
tnx   yecril71pl ... how;s the weathre over there?
  
Domain:   piekna-gts.2a.pl 
IP Address:   217.153.90.242 
ISP:   GTS Polska Sp. z o.o. 
Organization:   Connected by GTS Poland 
Region:   Warsaw (PL) 
  
glasd to hear from ffiernds acorss the puddle.
  

I sent an e-mail to Christopher and we'll see if he responds.

1. would someone be interested in merging this script with the Grex 
page: http://arbornet.org/~veek/whofingerpeek.cgi

It does who, finger username, and peeks the party.log, via a web 
interface - I've used the Grex home page as a template. Someone on 
staff is working on something for finger but it isn't ready as yet. It 
has a change time of Dec 09 (ls -c -lt).. I'm taking suggestions (color 
changes, open() instead of backticks, limited-runs/minute, 
finger-timeout, etc)

2. Would anyone be interested in a script to add a home page template 
to their home dir? I have created my home-page: 
http://www.grex.org/~veek/ (nothing fancy, but i thought this might be 
useful since ppl can just copy it and modify it - i could do a tutorial 
on this)

3. Tutorial on: 1. No typing password, ssh login. 2. Editing web 
templates. 3. Maybe even a script to populate said template..

Hey, nice veek!

thanks :p , most of the hard work was done by the guy (remmers, me 
thinks) who did the main website - the layout and design are super. I 
just knocked out some of his content to make place for that form in the 
center. I'll make it nicer but I think it's pretty safe as is (no .plan 
reading for now).

  
re 93   ... vkewl ... couple thoghts ...
  
might want to add a 'select action' notation above the 'action' boxe.
  
reverse, left/rightr, the  submit and lognin id box (first thisndgs first?)
  
and above the looginid box, add 'enter loginid here' directoin.
  
consider alloweing more than 8 chars in logind box ... also, will this work
with a completyly quaiflied identificatoin, such as  mary@cyberspace.org  ?
  
.. assuming more tha 8 chars are alloewed.
  
any particular reaosn the loginid box has a default value ... it;s ok, of
course, just wondering.
  

Re #96: 
1. "select action" - mm.. actually what I could do is create a box like 
so:
------------------------------
1.click here: to select Finger
2.click here: to select Who

I'll prettify that box so it looks nice.

2. "submit" "login" position - ha! that was carefully thought out. Out 
of 3 actions, 2 don't require the login field so I placed it away

3. Oo forgot about @whatevers.. hmm.. validating email addresses 
properly is pretty hard. Simple @cyberspace.org i can easily do. Right 
now it won't - I only allow UNIX id's.. ^[a-zA-Z][a-zA-Z0-9-_.]{1,7}$

4. thought it might be easier to process.. i should have said something 
like: enter loginid to finger, but that's more stuff to bkspace

  
werkx for me .. ayuway, it;s a greate feature.
  

I cannot respond by e-mail because e-mail does not work for free riders, not
even to staff.
The answer is in my pine scratch pad; I guess the staff can read it, and if
not, I shall file it in my home dir, or in /tmp.

Email's opt-in.

What does he (or anyone) have to do to opt in?  Send an e-mail to staff
and request e-mail access?

might make a lot of sense to display a message when a newuser logs in 
stating what features are enabled/disabled/pending.
something like: 

To validate your account, type: 'validate'
For E-mail access, run:         'e-validate'
To enable CGI scripts, run:     'cgi-validate'
To create your Home-page, run:  'myhomepage -c'

For more help, browse: http://cyberspace.org/newbie.xhtml
etc etc..

Yeah, that would work better than e-mailing from an account you can't
e-mail from ;)  

Is local email also disabled now?

resp:101 Good question.  I don't think that was the OP's problem, though;
his account was not validated properly, and he was in the "newpeople" group. 
He should be okay now.

resp:102 That's a good idea.

resp:104 No.

Thanks for fixing it.

  
re 105 .. not validated properly,  ?????????????   what besideds the 
  validate commmaned is requiterred? 
  

It looked like he pre-dated the validate command.  I ran 'validate' on him.

  
ahhhhhh .. good . . tnx
  .

http://m-net.arbornet.org/~veek/flyer/

I'm trying to create a CSS flyer so people can take print outs of it and
 post it up on boards (both IRL and on the net). It appears to render 
nicely in Opera even in print preview, but when I print to a post-script
 file it's all wonky.. 

Could someone test on their computer/printer? I'm on Linux and I checked
 in Konqueror - web rendering seems to be perfect, BUT print-preview
comes  up weird.. could someone check it out and stuff and if someone
knows  css.. clue me in..

resp:111 It looks good when I view it in print preview except that it
doesn't all fit on one page

ugh!

I also need to know what's wrong and what browser/OS.

  
re 109 .... i emailed your info...
  
6Message from yecril71pl on ttyp6 at 4:27 EST ...
Thanks for validating me, I can send e-mail now.
oo
EOF (yecril71pl)
Telegram from yecril71pl on ttyp6 at 4:29 EST ...
Thanks for validating me, I can send e-mail now.
EOF (yecril71pl)
  

In print preview for Firefox 3.6.12 on WinXP it looks okay, but it flows
to a second page in portrait format.  I didn't try to print it.  The
content will require review if we go with this flyer.  We want to be
sure we're accurate in how we describe Grex and that all the links work.

I'm not sure if the web-based newuser is working correctly yet or not.
Last I heard, it failed part way through the account generation process.
Did that get fixed?  Can people use the web newuser page successfully?

1. any chance of getting CGI - SuExec+Apache installed?? It's easy on 
Linux.. simple apt-get. I need it for scripting.
2. tsty: could you activate/validate the volunteers account?
3. What SDF is doing is:
ARPA members have immediate access to:
 600mb total / 20000 files 
 access to multiple subdomains                              (mkhomepg
 -a)

Could we do the same?? "total" 600MB NOT 600MB/user.. instead of stating
 that we give xMB/user fixed, could we give both values..

In Firefox 3.6.12 on Mac OSX it runs over to two pages at 100% scale, 
but is all on 1 page at 95%. Prints OK too, then. However the Sercices" 
box and the graphic coflcit. I'd make the graphic smaller and expand the 
width of the "Services", or even not space them, to reduce the overall 
length.

http://m-net.arbornet.org/~veek/index.cgi

hey, hey check this out :) it's not working perfectly and needs more 
features (also i need to re-edit content) BUT

1. look at that file-dir thing on the right! also, you can click on 
those links and view the contents of the file!

What i'm thinking is EVENTUALLY (that's my home-dir for now) ordinary 
voluntary mice can edit "content" in a browser and submit it. Now! If 
you ran that on the main cyberspace website ANYBODY can edit code and 
fix things :)

And it's rock solid secure (once i do some thingies to it)! What I'm 
saying is lynne can put in her password over https (different from the 
system password - we could prolly make it the same thing too) and act 
as web-mistress!

2. Right now it doesn't do much, 'cept view files.. - it was for the 
volunteers page - for them to view crud.

3. You will also be able to view content umm.. like right now those 
tags aren't being interpreted but in the future volunteers can right 
tiny text files like poetry and have it appear.

(it's basiclly like a crummy MIS.. :p)

anyway.. it was easy to do.. i just bummed some programs :) but i'm 
formally registering this project and the grex-flyers project!! no one 
else should work on this urmm.. (that's a request naturally..)

(it's still in a very elementary stage..) You can do stuff like:
http://m-net.arbornet.org/~veek/index.cgi?
entry=/../../../../../../../../../../../../etc/motd

but it's read only and only has perms what i have

there are these guys on SDF.. whom i'm yet to meet.. who fought with smj
 (the head of SDF) and they got kicked out etc.. would it be in bad
taste  to invite them over? they started their own server or some such
nonsense  - everybody seems to think this place is "dead".. oh Grex it's
dead..  jeeze! what are we, ghosts?

Boo!  :)

Anywho, as I've been ranting about for the last several months, we need
to be more responsive and get things fixed.  Maybe it's a bit of the
broken window theory of community, but when there too many indications
that no one is minding the store, so to speak, it does look like the
place is dead.  The lights are on but no one is home.  It doesn't need
to be that way and there's no time like the present to start fixing
things that are broken or just plain inaccurate.  But it takes effort
and time and cooperation, three quantities that are always in short
supply, it seems.  I'm glad to see ideas such as those veek has entered.
Now if we could get that "Get a Free Account" link to go to Grex...

[rit]      psulliva nope.. i'm just learning stuff and it look like an 
interesting project
[psulliva] ah 
[psulliva] when did you get your account? 
[rit]      dunno a while back
[rit]                                 
<no message sent>
[psulliva] i tried to create one a while back and i could never 
           get verified 
[rit]      heh, yeah they suck at verification
[rit]      arbornet's not too bad at that.. cyberspace is the pits
[psulliva] yeah, thats a great way to get lots of users :/ 
[psulliva] i wanted the free php and sql 

err i;m rit btw

[psulliva] yeah, arbornet's 'newuser' login doesnt work for creating 
           an account 
[psulliva] frustrating trying to get into these services and 
           theres no way in, but theyre both pushing advert like mad 
[psulliva] anycase, gotta run, be back in a bit 
<psulliva@iceland goes AFK>

The web newuser didn't work for me yesterday when I tried it (it thought
that tcsh and vi were invalid choices and that my proposed new userID
already existed although it did not appear to already exist).  I've
notified staff with the specific error message, although I'm sure they
already know there are issues.

For those wishing to get an account on Grex, the command line newuser
program works.  Login in as "newuser".

Unfortunately, the sign says "Open" but the front door is sometimes
jammed.  That's not as welcoming as we need to be to attract new users
and members.

I **really** want to see this web newuser issue fixed ASAP.  

Yes, that's something I've really got to get cracking on.  :-/  I'll 
see if I can look at it tonight.

I'm trying to look at this, but at the moment, it's blocked by the 
government firewall I'm behind (no, really).

I think that encouraging people to come over from SDF is a great 
idea.  We really need to a) fix the web newuser interface, and b) 
streamline the validation/verification process.  Both tasks more or 
less fall on me; both are just a Small Matter of Programming.

Thanks, Dan. I hope you'll have a chance to look into this soon.

re #127 "streamline the validation/verification process"

Or better yet, do *away* with the validation/verification process.  I 
mean Grex survived more than a decade and a half without having to have 
that and there's not that much traffic here anyway that it can really 
be justified.

resp:129 That was a different time and we've seen that it doesn't work
anything.

that was a different time when there were a *lot* more users than there 
are now.  

yeah, but there were a lot more staff to reset the b0x. in the end it
all  b0ils down to the person willing to go to provide and do the button
 pressing :)

+it's no biggie.. the internet's like a jungle :) old trees die and new 
ones will grow.. just differently.. if cyberspace closes.. SDF's there 
and they are pretty good! they'll be the sole survivor :) bound to do 
well once the competition's been killed off

but veek don't you see that usage has gone down since the validation 
patch was put in.  If the validation patch discourages new users, which 
it does, it defeats its own purpose.

resp 134: it is as you say ducky, and I am in complete and whole hearted
 agreement that validation is a pain that does more damage than is
worth!! but.. apparently ppl don't mind paying to forestall their
inevitable  death.. +i'm not the one who has to run to provide.. ergo..
i do not feel  his pain..

i checked and there were 754 odd resh accounts..

-bash-4.0$ cat /etc/passwd|grep resh|wc -l
     745

Login: freefall                         Name: Adam Dlugaszek
Directory: /a/f/r/freefall              Shell: /usr/local/bin/newly-
validated
Last login Thu Oct 21 13:40 (EDT) on ttyp5


this was the latest new-validation... October?


Directory: /a/j/h/jherm                 Shell: /usr/local/bin/newly-
validated
Last login Thu Oct 28 15:40 (EDT) on ttyp1

resp:134 Actually, Richard, do you have any data to back that up?
Because I've been watching the user population, and it's remained
more or less the same size from before the "user validation patch"
was installed.

That said, it declined significantly in the years leading up to
putting the validation policy in place.  I attribute this to three
things:

1. Grex was frequently down for long periods, for two reasons:

   a. The efforts of anti-social types like cdalten and mickeyd to
      find and exploit security problems in OpenBSD (which we chose
      to run for its much vaunted, but ultimately way overblown
      security reputation) and in Grex's configuration, leading
      Grex to either crash or be effectively unusable.

   b. Despite much protestation about things like the necessity of
      ECC RAM during the SPARC vs. x86 debate, when the current
      Grex hardware was purchased, the buyers nickle and dimed on
      important components (like ECC RAM, hardware RAID, and some
      sort of remote console capability).  I think this was a sad
      side-effect of Grex being run by an organization that for
      nearly its entire life operated on a shoestring budget.

2. The environment on the system was so hostile, in party, BBS and
   even just for interactive users working at the command line,
   that many older users left while many newer users didn't see the
   point.

3. Grex, as a service and as a community, is generally less appealing
   than it once was.  If you want to argue endlessly about conservative
   vs liberal, republican vs democrat, atheism vs religion, pro-choice
   vs pro-life, gun control, oil, wars, and all the usual stuff,
   and you want to argue it endlessly with the same five people
   who's positions are known and extraodrinarily unlikely to change,
   then Grex is a great place to do it.  But so are thousands of
   other places.  If you want to do that using either a web interface
   dating from the late 1990s or a command line interface from the
   early 1980s, then Grex is just awesome.  But most people don't
   want to do that.  Also, the scale of problems associated with
   keeping Grex running increased in the mid-2000s to such an extent
   that it became very challenging indeed to keep Grex running.

Note that the validation patch was designed, and largely succeeded,
in addressing points 1(a) and 2.  It really has nothing to do with
1(b) or 3.

Now, Richard, what you will notice, and I will agree with you about,
is that there has been a general decline in participation in the
Grex community, as defined by the BBS and party.  But that's only
one of several communities that exist on Grex; it would be a mistake
to conflate the two or to assume that decline in one implies decline
in the other.

Richard, you've made clear that you don't like the validation policy.
Fine.  But you've also made no proposal for dealing with the problem
of electronic vandalism that, history has shown, will occur if we
get rid of it.  If you have a viable alternative, I'd be very happy
to hear about it.

resp:137 Beats me.  If no one is requesting validation, no one will get
validated.  A lot of people just don't bother requesting.

Somebody, it might have been Dan, suggested validating via a micro-payment 
like through PayPal. Couple that with a manual validation method for 
people who are unable to use PayPal (ie. other country, or under 18), and 
I think that would fit our needs.

Yes, that was me.  I never said the system was perfect.  I'm starting to look
into doing it now.

We're in luck: the Board added PayPal verification as an acceptable form
of identification a few years back (see item 23 in coop).  So, what we
are talking about then is an automated way of verification.  You can
already be verified via PayPal, though it is a manual process of the
treasurer checking the PayPal account to see who has paid via a verified
PayPal account.  If we do implement this, we'd need to make sure that
there are good records kept so that the treasurer and the verifiers are
in the "loop".  The verification policy doesn't say anything about the
amount of money, so there may be micro-payments for verification only,
and payments for memberships to tell apart and handle.  

This response has been erased.

Can't you just do automatic verification.  Say you have to provide a 
valid email address, a link is then automatically sent there that you 
have to click on to validate.  Then the system notes that email and ip 
and in the future automatically rejects any other newuser request that 
ever comes from those details.  No humans or human judgement is 
involved.  You have a valid email, you get in.     

E-mail isn't in the current list of acceptable forms of ID for
verification.  PayPal has pre-validated accounts, where you link a
credit card or bank account to the PayPal account and they make sure
it's real.  So, that gives use more confidence that the person with the
PayPal account is real and gives us a better audit trail if there are
issues.

To allow e-mail verification of the type you suggest would require more
Board actions and potentially a member vote (although it appears that
PayPal verification was added only via a Board vote).  We certainly can
discuss this at an upcoming meeting.

I would be concerned that someone using a fake name could create a
free e-mail account and get verified, cause problems, and we'd have no
recourse to identify them if the govt. came calling.

resp:144 What's the point?  Kent understood exactly what I was getting at
in resp:142.  There's no humans involved there, either (other than the
person getting an account).

As a matter of fact, we talked about doing this at a board meeting in, I
think, 2008.  It just hasn't been done yet.

I'd think email verification is preferable to paypal.  Grex is a non-
profit site and need not be in the business of encouraging or requiring 
prospective new users to use a corporate site, PayPal, that has no 
ownership stake here.  Why solicit hits for PayPal unless Paypal is 
paying Grex to do that?

Grex staff also doesn't need to get into storing personal information 
about users.  Email verification obviously isn't foolproof as kent 
points out, but if it is done with Grex blocking future new user 
requests from both that email address *and* the ip address it came 
from, it at least makes it more difficult.

We already know that the likes of Chad will give fake email addresses; they
did it to get around the *current* validation scheme.  Richard, are you
willing to clean up after another attack from Chad or someone like him?

My suspicion is that your real objection to the validation scheme is that I
put it into place.

Oh, yes, and it's really not about paypal per se.  Any service that did
something similar, but could track a user down to a human being, would do just
as well.

Grex already stores personal information about users.  It has since its
inception.

Trying to block on email address and IP address is a) useless when one
considers something like tor and how trivial it is to create a throw-away
email account, and b) more invasive for legitimate users who want multiple
accounts than what we're currently doing.

No I object to the validation scheme based on what it is, not that you 
came up with it.  And re #150 I think limiting users to one login is 
okay, who needs multiple logins here these days anyway?

The overriding point is that grex does not and should not be in any way 
encouraging or promoting use of outside commercial services.  Doing so 
would just outsiders question grex's mission and whether grex is being 
paid off by these commercial services to encourage its users to sign up 
there in order to validate here.

In fact I believe that Grex encouraging validating via a micro-payment 
through PayPal is essentially promoting use of a for-profit service and 
could be a violation of the rules for a 501(3)(c).  This sort of thing 
could threaten Grex's tax status.    

Oh, God, Richard.  You better get right on the phone to The Red Cross, 
Kiva and a host of other charitable non-profits and let them know about 
this right away.  

resp:151 What if a user *wants* multiple logins?  Why should we restrict
that? Have you *really* thought this through?

Don't all online bbses, forums, etc "argue endlessly about [one or more 
of] conservative vs liberal, republican vs democrat, atheism vs 
religion, pro-choice vs pro-life, gun control, oil, wars, and all the 
usual stuff"?

I can not think of a single other forum I participate in that allows
political or religious arguments. So no, not all. But I'm sure many do.

resp:155 That's my point.  Grex is no longer unique; it's now a small fish
in a very, very big pond.

Last I looked at the Puppy Linux chat area two people were discussing 
marijuana.  Some linux forums have a 'general' area where people talk 
about anything they like.  SDF has a general forum.

If we can get the PayPal verification system working, would we also
credit their micropayment after we've assured ourselves the account
is okay?  Any payment could be considered a donation and stated as
such several times during the verification process, if we cannot do a
credit.  What is the smallest payment you can make via PayPal?

I see where PayPal offers micropayments and that might actually save
some fees as the rates are lower than if you send a small payment via
regular PayPal (the example I saw was that usually a $1 payment would
incur a 33c fee, but with micropayments the fee would be lower, 10c).
The problem with this is it requires a new PayPal account and is geared
more for merchants selling digital downloads.  Plus, somebody in the
transaction (Grex or the user) loses those fees if you give money back
(and the credit transaction might incur a fee as well) unless PayPal
refunds the fees.

Eh, I'd say ask them to donate either two or six dollars.  Then you really
could make them members; if they let the membership lapse, that'd be their
decision.

Okay, then we should make it clear that using PayPal as a verification
method means making a donation for membership.  That's one way to get
members :) I have a feeling that verification is a side benefit of
PayPal anyway, since you usually get there for the purpose of paying for
a membership.

You know what, perhaps we should reconsider the whole paid membership.
Maybe being a verified person is all we should require to be a member.
If we did that, I think people would still donate to the organization.
In fact, some might feel more inclined to donate after receiving "free"
services (principle of reciprocity and all that).

Hmm.  That's interesting.  I kind of like that....

I was wondering, if someone wants to create a conference - what is the 
procedure to do so? (I'm not planning such a thing, but if we have 
newusers from the 'reverse engineering' community, they will need a 
conference - in fact they may need multiple conferences.) Would that be 
okay?? 

Yeah, that's fine.  I think they just request it from the conference admin.

One huge question is will we get enough donations to support the current
cost of running Grex and provide for system maintenance & replacement?
That holds true whether we have membership fees or not.  The main issue,
as I see it, is not that we have dues for membership, as membership
essentially only gives you the right to vote and has not been tied to
user classes, as far as I know.  Nor is membership expensive, so it's
not a matter of dollars ($6 will allow you to vote in the upcoming
election!).

Rather, it is that we need to "provide a system worth supporting" as
several people have said.

While making memberships free would certainly mean more members, would
they be involved in the governance of Grex?  What is their stake in the
system?

Here are some things, in no particular order and not complete, that I
see we need to do beyond the current level of support we give Grex:

   We need to find services to offer that agree with Grex's mission and
   meet people's "worth supporting" criterion (and not worry so much if
   we can compete with large commercial organizations).

   We need to be responsive to users' and members' issues and fix the
   "broken windows" of the system.

   We need to keep our current services up to date and working as
   expected.

   We need to disseminate accurate and helpful information about our
   system.

   We need to add and maintain new services that are useful to users.

   We need to publicize our existence and services and be able to
   provide good service when people come here, including getting an
   account to even try out the system.

   We need to actively recruit new members.

   We need to appreciate the members we currently have.

   We need to actively encourage current members to continue their
   memberships.

   We need to encourage new volunteers to help.

   We need to mentor and encourage new staff and ensure that we will
   have staff members available to maintain the system.

   We need to plan for Grex's future.

We do some of these things currently, just not enough and not fast
enough.  Some of these things we don't do at all.

These are not merely a matter of the Board voting to do things.  Grex
needs the time and effort of knowledgeable, motivated people to do the
work of making these changes.  

We need users to be involved and willing to govern the system by
becoming members (whatever that cost).  That includes coming up with
good ideas and participating in elections and member votes, things that
generally take a small amount of effort and investment--but potentially
have a big impact.

I see some of this occurring, which is a positive sign.  But we need
still more involvement and effort.  

What are you willing to do to help?

If you currently do not support Grex with a donation & membership, what
would make Grex "worth supporting" to you?  If we made those changes, is
that really enough for you to make that donation, get a membership and
be involved in the governance of Grex?  If not, why not?

If you are currently a member (thank you very much!) what will keep you
supporting Grex?

Re resp:165, resp:166 - It's been a long time since anyone requested a
new conference, so I think the procedure has kind of been forgotten.  

The policy has always been that if you want a new conference you ask for
it in Coop, allow a few days for user input into the proposal, and if
you still want it after that, you get it (regardless whether people
thought it was a good idea or not).  In earlier Coops there was a new
conference proposals item for that purpose, but I can't seem to find one
in the current edition - but see item:coop9,18 for an example conference
proposal item.

New conference proposals are pretty rare nowadays.  Maybe the waiting
period no longer serves a useful purpose.

I don't see a problem with that procedure. I somewhat think there should
be a procedure for getting rid of some conferences though.

I think we should at least restart some of the older and cruftier conferences.
For instance, the "micros" conference; really, when was the last time someone
called a desktop computer a "microcomputer"?  Restarting the systems (nee
jellyware) conference resulted in a flurry of new activity for a few months,
though that's tappered off now; I sort of look at doing some selective
conference pruning as a way of repairing some of the more glaringly broken
windows on Grex.

resp:167 I think the thing that's likely to keep me interested is if Grex
remains an interesting place technically.  While the technology has gotten
kind of boring in the last few years, I think the idea of it remains
sufficiently compelling that I stick around to poke at things and see where
it can be taken.  The place definitely needs a facelift.

There are bbses, forums and mailing lists for all kinds of obsolete
technology. I belong to one for pendulum clocks - improving their timekeeping
is its major thrust (they use atomic clocks to measure how well they are
doing). Maybe have a conference for obsolete computers?

Sure.  But don't make that the main source for information about modern PCs.

hmm.. i just checked and Arbornet has no restricted shell. It's pretty 
much took a few seconds to get an account. (and there was very little 
text to read too)

For whatever reason, they don't seem to have the same problems we do 
with people attacking the server as soon as they get an account.  I 
don't know quite why that is, but I suspect that some of it is that 
it's just easier to push people's buttons on Grex, and the 
personalities that have been most disruptive over the past few years 
seem to get a kick out of doing that.

they have a slow fuse but when it gets lit they tend to annihilate - 
like with taking chad to court.. I bet they would have. we need more of 
that and less of validate is what i'm thinking - less pussyfooting 
around and more of aggressive action once it crosses a certain point. 
(also it helps that tonster's got m-net is in his backyard or 
somethin.. so easy to fix) we really need to nuke validate BUT then we 
need someone bullheaded enough that if there's trouble.. lawyers.. mm.. 
what we need is someone with a JD.. 

i read that there are lawyers that sort off dog patients footsteps 
(accident victims).. i was seriously wondering.. is that true? is it 
likely that if i gooled someone and approcached them, they'd be willing 
to help for free? what's the probability of it working out (roughly)

resp:175 The probability of such a thing is roughly zero.

We took action in the form of asking Chad to stop and locking account 
after account.  We talked about talking to law enforcement about him, 
but it didn't happen.  M-Net asked him to leave, and he did for a 
while, but then came back.

What sort of gets me is that the people who are saying we should do 
away with validation and so on are missing several points.

One is that Grex has always done some level of validation; from the 
time this place has been connected to the Internet, there's been an 
identity verification requirement to access more than just basic 
Internet services (e.g., do hostname lookups).  Not only is there 
precedent for this sort of thing, but member votes were taken back in 
the day and so on.  I don't think this is going to change any time 
soon.

The other is that people seem to have forgotten just what a mess Grex 
was for a couple of years prior to putting the current scheme into 
place.  Some people were howling for action (some who are now 
suggesting we get rid of validation).  Grex would be down or unusable 
for weeks or months at a time.  It was a sad situation....  What we 
got out of validation was some modicum of stability.  We put a speed 
bump in the road to getting to an unrestricted shell that set the bar 
high enough that the ankle biters got bored and stopped trying.  Now, 
we're talking about streamlining things further, but I don't think we 
should remove the speed bump: experience has shown us that without it, 
we get taken down.  And it wasn't just Chad: spammers were using Grex 
like it was going out of style and our ISP nearly shut us down several 
times as a result unless we took some action.  People regularly 
uploaded flooders and IRC bouncers and all sorts of stuff.  While the 
latter isn't particularly harmful, I don't think, the number of times 
I saw `udp.pl' in home directories was astounding.  Basically, the 
bottom line is that Grex was regularly being used as a platform to 
either attack, or attempt to attack, other systems elsewhere on the 
Internet.  We slowly narrowed things down further and further until 
brand new users got basically no access to the network at all, then 
they started attacking Grex itself.

Another issue is that of staff time and availability.  Grex's staff is 
much smaller than it used to be, and folks generally have way less 
time than they did previously.  It may be sad, but it's reality, and 
it begs the question, if we let people get on with no road blocks 
again, then who's going to clean up the resulting messes?  The 
spammers and crackers aren't going to pony up a couple of bucks to get 
to the shell when they can pay the same amount of money to rent a 
botnet for a few minutes (and send out an order of magnitude more 
email and/or flood packets).  If it cuts down on the amount of time I 
*have* to spend to keep Grex up and running, that's a good thing and I 
can use the limited time I have to play with Grex to do more 
interesting stuff, like improve software or services.

Finally, I believe that some of the conclusions people have drawn 
about validation are flawed.  It's true that introduction of the 
restricted shell roughly corresponded to a general decline in usage of 
the BBS and party, but correlation is not causation and, as I've 
posted before, the restricted shell came as a result of abuse of Grex, 
the BBS and party: I claim it was largely this abuse that caused the 
decline, not the validation speed bump.  There is less activity on 
Grex now than there was years ago, it's true, but I'd say that the 
level of actual, real discussion hasn't changed that much since the 
restricted shell got put in.  It's easy to mistake turbulent and/or 
destructive activity as just "activity"; when it goes away, things 
seem to slow down a lot (because they do) but what's there instead is 
what people are actually actively engaged in, not just observations 
about damage to the system.

It's easy to point a finger at the restricted shell, but look at what 
else is going on.  I mean, for how many *years* did the web site say 
that Grex was running on a Sun after we had transitioned to the 
OpenBSD machine?  How many dead links are still there?

Arbornet may not have a restricted shell, but SDF does, yet they get 
new users all the time.  Most of what I'm proposing is modelled on 
what they do.  It works there; why can't it work here?  I think it can.

I think that Grex's problems are a combination of technical and 
social, but the validation issue is somewhat separate.  Here are some 
technical things that I think could help out, if people were so 
inclined:

a) Update the web site.  Hey, we need a webmaster!  Anyone want to 
volunteer?  What's there now isn't terrible (I went through and 
converted almost all of the web pages to XHTML and cleaned up a lot of 
cruft a few years ago, but it's actually quite a large job).  
Specifically, if someone were so inclined, they could check out the 
web site from the Subversion repository (svn co /var/svn/trunk/grex) 
and make updates to the XHTML and CSS and send a patch.  A consistent 
look and feel across all pages would be great.  Making the CSS more 
generic would also be great (e.g., using relative percentages for 
things like widths instead of hardcoded numbers of pixels).  Pruning 
and/or updating dead links.  Making more of the content correspond to 
reality (e.g., the FAQs and so on).  Just proof-read the pages and 
look for grammar and spelling mistakes.

b) There are a lot of scripts in grexsoft that date from the Suns.  
Update these and make them reflect reality.  A lot of shell scripts 
are legitimately better written as Perl scripts.  Remove SunOS-isms 
(no, really).  A lot of scripts can just be straight-up deleted.

c) I think most of the C programs are good to go at this point, but 
verify this and clean things up as needed.  Someone who could write 
regression and/or unit tests for some of this stuff would be awesome.

d) Grex runs a few non-trivial software packages that need serious 
cleanups.  At this point, the big three are backtalk, fronttalk and 
party.  The former two need some serious work: backtalk needs some 
serious updates to make it compliant with web standards and make sure 
the HTML it generates is valid, etc.  The user interface(s) probably 
needs an overhaul.  Fronttalk is written in a pretty clean style, but 
is basically Perl 4, uses a lot of global variables, etc.  Cleaning 
that up would probably make it faster and fix some latent bugs.  Party 
has lots of legacy cruft that could be stripped out, again making it 
cleaner and probably a little faster.

Anyone who wants to work on this stuff is welcome; pretty much 
everything is in the subversion repository.  Anyone who wants can 
check it out and start making changes.  Send me diffs.

I didn't have much interest in that when sending money meant -- solely
-- that Grex would have the money and I wouldn't.  Grex had six thousand
dollars in the bank at one point, and no intention to use any of it for
anything.  Why would anyone send money under those circumstances?

If Grex needs money to pay the bills, I can send some.  If it needs to
purchase something, I will help.  (I did when it bought the current
computer.)

If it needs money because the bales are settling and getting
uncomfortable to sit on, though, I'm just not interested.

This response has been erased.

Dan, 
1. I'm not for a milli-second blaming you for implementing validation. 
It was, in an absolute sense, the only thing that could have been done 
at that point of time!
2. I don't see a correspondence between validation and a decline in 
Grex. Grex was already in decline long before validation!

(I'm NOT! blaming you for 'validate' - just get that out of your head -
at least as far as i'm concerned! Chad was a bit too much! also, agree 
with almost all of the above - mail spammers, bots - arbornet has some 
ass running udp.pl)
----------

What I'm asking is this:
1. could we bring back no-validation AND if trouble returns, put it 
back in place quickly? Far as I know, it should be fairly simple to 
switch between the two? 
2. What is the worst that would happen if we reinstated no-validation - 
Grex goes down? Would the person running to provide (that would be TS i 
think, but remmers also does that) be willing to do so? 

Try to see it from my point of view.. I abuse my Linux box doing all 
sorts of crazy things.. i don't think twice about powering off whenever 
i feel like etc.. and nothing ever goes wrong.. so i'm wondering wth?? 
We have like 5 users..

3. The web thing and scripts I think i can handle and I'll do so :) <g>
Anyway 1,2 can wait me thinks till we finish with the web-site.. (and 
till we get CGI/MySQL for shrimp users)

But what I don't get is, what's the point of turning it off?  It's not 
like there are hordes of new users clamouring to get accounts on Grex; 
until Grex has something to offer those people, they're not going to 
come here, regardless of whether they have to go through validation.

You could argue that what they come for is the shell, but I haven't 
seen any evidence of that.

Especially since there are fewer people trying to get accounts, we
should be as welcoming as we can be, including making it as easy to
get an account as possible, without forgetting the issues we've seen
recently.  We need a higher percentage of the people trying us out to
become regular users.  This wasn't always so in the past, when there
were thousands of people trying Grex and a few hanging around to use it.
Locking people in a maze of twisty passages is not my idea of a good
welcome, even though it may be seen as necessary.

One way to entice new users is to upgrade Backtalk or move to other 
conferencing software.  These days people don't want to participate in 
conferencing/bbs's unless they can upload graphics and show pictures 
and video in their messages.  

Could also re-open the Grex store and start selling those Grex logo 
boxer shorts again.  After all what better publicity can you get than 
your logo on boxer shorts  :)  (and no I'm not making this up, Grex 
once had a store and in fact sold boxer shorts)

Ha!  That's a neat idea.  Unfortunately, I'm told our last inventory
of products ended up being disposed of after traveling to Europe where
they wouldn't sell, either.  Maybe times are different and if we limited
ourselves to very few items we'd do okay?  But we probably don't want to
repeat history if things won't sell.  What do others think?

I'd consider buying a Grex t-shirt and/or a mug or something.

resp:180 1. from what I've seen on SDF, people are always asking for 
MySQL and CGI. One guy I spoke to suggested it might be for testing 
purposes since he was completely clueless. But he did pay for arpa or 
whatever..
2. People need a friendly push when it comes to such things.. like
sample  scripts tailor made for Grex (a sample home-page with some
random cute  girl/or guys, pic and a wall and crud like that). Then they
get ideas  like Oo let me try that.. a decent home page is something no
one offers..  which is weird because look at Facebook :) 3. We have so
far never tried getting things going in a well organised  manner.. ads,
and features together.

I haven't used newuser for a very long time, but it occurs to me that it 
would be easier to use if it didn't ask questions but instead set up a 
"standard" account, and then offer the user to make other choices by 
checking boxes on a choice page (like Setup in Alpine).

Oo! yup! good idea! Actually i was thinking a cool cgi form or a shell 
script.. and it could build his home-page and .plan simultaneously. I 
could template that so it looks very nice (the home-page). The home-page
 could also double as a resume so ppl looking for jobs. .. you know,
free- email.. resume on the web.. cool-domain-name.. some
work-experience with  cyberspace.. it would be pretty useful to ppl!

Great minds think alike.  Yes, this has already been suggested in the
previous town hall item, but it bears repeating.  I've also brought it
up with the Board in the last couple months.  It might make the most
sense to have the web newuser be the simple, straightforward one and the
command line new user be the one with all the questions.  Presumably,
most people won't use the command line if they are coming in through the
web.  And if they do use a command line, they can probably change their
settings.  Do those sound like reasonable assumptions?

Another thing that we could do is provide opportunities (links) for web
users to verify or validate and/or become members at the end of the
newuser session.  Then they wouldn't need to search for information on
what to do later.  The web newuser may do this already, but I haven't
been able to get through a complete session with it recently to see if
it does.

I've streamlined newuser and it only asks a few basic questions now; 
it no longer asks about things like backspace characters or terminal 
types.  It now only asks questions about the person itself.  We can 
reduce those further.  For instance, do we really need people's phone 
numbers and addresses?  Probably not.  I'm not sure that's a huge 
hurdle, though.

It strikes me that newuser has to ask some questions just to set up 
the account: desired login name, the user's real name, an email 
address.  I'm not sure what the set of reasonable questions is, 
however.

The long web newuser says phone number and/or e-mail address is in case
there are problems and for checking that the person is who they say they
are when they want a password changed (or similar).  It's optional and
can be set up so only root can see the information.  So, it's probably
okay to continue to collect that information if people want to enter it,
with the usual notes about how it will be used.

We obviously need a valid login name that does not conflict with one
already used on the system and a password.  The real name field on the
long web newuser page says it's not required to be a real name.  So,
people can give themselves a descriptive name if they want.  That's
fairly traditional on unix systems.  Changing it from the web, however,
may be something we want to set up so people who enter something they
don't like can modify it.  But that would likely not be on a set up an
account page. If we don't have a "manage my account" page we probably
should.

We don't have an account management page and we definitely should.

I'm not so sure about asking for phone number, though.  Email address, 
definitely, but I think it is extraordinarily unlikely that someone 
would get a phone call, at least from me.  That said, I don't think it 
hurts anything to ask for it, but I think realistically it's not going 
to be used.

I suppose it depends on the urgency of the problem as to whether we need
a phone number.  I agree that an e-mail address would be less intrusive.
Unfortunately some people change their e-mail address frequently. Since
a phone number is optional, those who do not want to be contacted that
way can leave it out.

I'm wondering if it would help us be a better system if we did an
annual survey of users and members and see if there are issues or ideas
they want fixed or implemented?  Of course, nothing prevents anyone
from sending in ideas and issues at any time, including here in the
agora or coop conferences or in an e-mail to staff and board.

Being something of a minimalist, I'd personally prefer a newuser that's
short and sweet.  I'll think about what I'd like to see newuser say/ask
and post it.

Maybe discussion of newuser deserves its own item, particularly if we're
going to have go-rounds about what it should say and ask, to avoid
swamping the Grex Town Hall.  I'm glad we actually have a new newuser
to discuss, that does some sensible things that bring it more into line
with current practices on the web - specifically the email verification
and the captcha thing.

 I'd personally prefer a newuser that's
 short and sweet

Shirley Temple hasn't logged into this system but remmers is holding out

Well, short then.  It doesn't have to be "sweet", although it should
exude an aura of friendliness.

Do we still give out those "Wizard in Training" docs?  It's on our
web page (on the newuser page).  If not, then we should probably
fix that page (though it is a nice touch if we give out something
tangible to new members).  If we do, then we're okay.

  
as  soon as the web-newuer problem is fixed i wiell start a campaign on the
web wehre i travel. 
 
as of this moemnt... only (!!) ssh/telnet  newuser works right.
  

The "Wizard in Training" documents do still exist, I believe, but are
ridiculously out of date.  A good project would be for someone to update them
to reflect the state of Grex post 1999.

Okay, then, we need a volunteer to update the "Wizard in Training" docs.
Is anyone interested in helping with this?

I got to do website and home-dir-web-templates; flyer is complete 
(unless anyone thinks differently :p)

Hey Dan, I suppose you'll be wanting all the web-patches in one go? Or 
do you want them trickled.. I finished the CSS template(tables has to 
be added).. it's much cleaner and err.. bigger than the current 
template..

here's a sample page (it looks exactly like the original):
http://m-net.arbornet.org/~veek/confs.xhtml
http://m-net.arbornet.org/~veek/style/services.css
Is this okay?? the text is black BUT it's so much easier to read! Also, 
light orange links - i like color sprinkled about.. just a teensy bit.. 
+while reading long docs it provides visual checkpoints.. vs having 
everything swimmming in a green sea..

I'll add a cheat-sheet and new-stuff later.. (i'll do corrections once 
the color thingy and css is okayed)

http://cyberspace.org/confs.xhtml
this is the original..

Veek, the easiest is to put a patch in your directory on Grex and then send
an email to staff@grex.org.

regarding home-page CGI/web-images/bandwidth-limits - shall I say this
is  waived for members (web-images/BW)? And that CGI is temporarily not 
available - pending installation??

Personally, I don't understand why any of that stuff is restricted.  
CGI, maybe (just because it puts a burden on Grex, and could be an 
attack vector for outside users) but the rest seems pretty legit.

"Attack Vector" is, I think, the key concept.  If it's no longer a
problem, then we should be able to open up scripting.

Images have been under discussion for a while.  It's probably time to
open that up, as well.

Oo! super! now we are talking <g> :) thanks :)

resp:206 Right.  We should look into suEXEC and suPHP for user access to
creating server-side dynamic content.  M-Net does it; I don't see why we
can't, too.

Thanks for getting this figured out!  I'm hopeful, as veek points out,
that people looking for CGI and PHP services will come here and
support us.  If we get this set up, we'll need to set up an example
account that we can show off--maybe the volunteers account :)
 
Another idea is to get our web page set up to show announcements.  While
we can put announcements in the MOTD and in the conferences, having them
on the main Grex web page would show people we are here minding the
store.  

That's a good idea.  Btw: someone needs to start recording these tasks.
We're going to start forgetting soon; I am, anyway.

Maybe a central document or database would work?  The trouble is, items
like the Town Hall item can generate a lot of ideas, but not all of
them make it to the status of a "task" to be done.  Do we have an issue
tracker db?  If so, we could enter tasks like these there.  Or we could
enter a coop item with a to-do list.

A frozen item in coop would work best.  From my point of view, any way.
:)

Okay, the next question then is who should control it?

Another option would be to use the (existing) RT database. 
https://grex.org/helpdesk/

All staff *should* have accounts on it, I think.

I'd volunteer, but I've recently gotten a new "hearing aid."  Every
fifteen to thirty seconds, it makes a loud and obnoxious noise, never
the same one twice.  So every time I start to form a coherent thought,
it goes off, and I forget what I was thinking about.

Gack, Joe, that sounds annoying. I hope you are able to get it resolved.
Maybe they need to adjust them or something.

RT won't work for me due to not being staff, but if staff can enter the
tasks when they get to the point of needing doing, we should be okay.
Will RT message people once an issue gets so old?

I believe you can configure it to do that, but I've never tried.
I can create you an RT account, if you like.

I looked at their web page and they say something about guest accounts
or similar, but if you want to give me a regular account I'll take a
look at how we've got it set up.  At least, if we enter issues as
issues and staff members have a chance to look at them and comment
(like I've seen in most helpdesk software) maybe that will take care
of some of the back and forth.

Here's something that looks interesting, if we were thinking of doing
some sort of training or providing tutorials:

  http://moodle.org/

It also has forum facilities in addition to other facilities for
education.  It's free software, and there is commercial support
available.

Of course, we probably don't need anything quite so complex to provide
a tutorial.  And things like slideshows can be produced other ways and
presented in other ways.

Just something to think about if we want to add some educational
materials to Grex, such as Unix skills or programming languages
instruction.

resp:216 I've created accounts for you and Denise (the only two board
members who didn't have RT accounts).  Pending the results of the current
election, I'll add anyone else as needed.

I've created queues for "grex-staff-tasks" and "cyberspace-board-tasks". 
Board and Grex staff are members of the former; board along is members of the
latter.

Thank you, Dan!

Here's another idea.  It's just getting started so no idea of how viable
it is in the longer term, but for those who like text-based applications:
 
 http://www.flatpress.org/home/
 
(A text file-based blogging system that does not require a database)

that's neat!

we might also want to look into HTTP compression for apache.. browsers 
can request compressed data if the server supports it. Apache does: 
mod_deflate and mod_gzip.

Okay, so several of us were talking about getting users access to
MySQL and PostgreSQL, both of which are installed here on Grex.  I had
mentioned that the Board discussed such access months back and the
comment I heard from staff members was that any such usage needed to
be part of the quota system, potenially necessitating a complex setup
to make sure the size of db files got counted under the right quotas.
One way to implement this sort of setup is to run multiple db servers,
each pointing to a db in a single user's home directory.  It sounds
complicated and potentially resource intensive.

Dan asked who said that, and at this point I don't recall, only that a
couple staff appeared to agree that was the way to go. I never heard
anything more about it after that.

Personally, I think it would probably work just fine if we had one
central db and allowed users to have accounts on that and to create
tables there under their user ids.  That would certainly make the setup
much easier.

As to the potential for abuse, I don't see it as any different from any
other application that uses disk space.  It's something to manage.  And
if we made it by request and for validated users, we'd in theory know
who was causing issues, if any occurred.  And probably we'd have less
abuse type of issues in a requested service, as well.  There are no
guarantees, but I'm fairly tired of seeing the potential threat of abuse
holding the rest of the users back from getting the apps they'd like.
So, why don't we try this and see how it goes?

I think it would be a wonderful situation to be in where we outgrow
our current computer due to more people using the system in more ways,
rather than watch the current system die of old age.

So, anyway, what do we plan to do about database access for users?
And how about CGI access?

CGI can be given without too many complications. For MySQL, how about 
we create a separate partition of 1GB and stick everything on that 
(it's automatically quota limited to whatever the mysql-user has access 
to which should be 1GB and mysql-homedir). We could create a bunch of 
test mysql-accounts/databases for people to experiment with.. that way 
we could: 
1. allot something really quick if a newuser wants it.
2. we could start advertising it as a service.

so if a newuser arrives, he can start work straight away on a 
pre-created account. By the time his script his ready, we'll prolly 
have come to some decision on how to handle MySQL properly (in terms of 
automated scripts to create db with a "proper" name, and some kind of 
disk quota measuring mechanism and validation/whitelist)

initially, i see the test mysql-accounts as being shared by a bunch of 
users each working with his bunch of tables. eg: database name: test1, 
table veek, table cross, table foo etc.. 1GB shared by everyone..

more importantly, what Sindi pointed out, we need a duplicate rootFS 
with suitable network-config! That's an absolute priority.. if the 
server goes down, someone in 'provide' just resets the box and we boot 
up via the 2nd FS so staff can login and fix FS1. Why didn't we go with 
something like this earlier on.. any idea?? 

basically it's a normal bsd install on hda1 and dd if=/dev/hda1 
of=/dev/hda2, and then suitable grub(or whatever bootloader entries) 
entries for both hda1 and hda2..

We could have a script that runs on some interval that checks the size
of users' databases, and if the size exceeds some quota, it revokes
INSERT and CREATE permissions until the size is back under quota.

Or perhaps write a stored procedure do it instead.

Both of those ideas sound good to me, Nathan.  It's just a matter
of someone writing some code.

Seems this is a popular problem to solve:
http://www.cyberciti.biz/tips/linux-unix-setting-up-mysql-database-quotas.h
tml

This response has been erased.

#!/usr/local/bin/bash
#
# Assumes each user has 1 database, named the same as their username.

MYSQLUSER="root"                            # MySQL username
MYSQLPASS="changetherootpasswordyo"         # MySQL password
MYSQLHOST="localhost"                       # MySQL hostname or IP
EXCLUDEDB="test mysql information_schema"   # Databases to be excluded

DBQUOTA=1                                   # Database quota in MB

MYSQL="$(which mysql)"
DBS="$($MYSQL -u $MYSQLUSER -h $MYSQLHOST -p$MYSQLPASS -Bse 'show 
databases')"

for DB in $DBS
do
   if [ "$EXCLUDEDB" != "" ];
   then
      for i in $EXCLUDEDB
      do
         [ "$DB" == "$i" ] && ( continue 2; )
      done
   fi

   DBSIZE=$($MYSQL -u $MYSQLUSER -h $MYSQLHOST -p$MYSQLPASS -Bse 'SELECT 
sum(data_length+index_length)/1024/1024 FROM information_schema.TABLES 
WHERE table_schema=\"$DB\" GROUP BY table_schema')

   if [ $DBSIZE > $DBQUOTA ];
   then
      $MYSQL -u $MYSQLUSER -h $MYSQLHOST -p$MYSQLPASS -Be 'REVOKE 
INSERT, CREATE ON $DB FROM \'$DB\'@'localhost'
   fi
done

The above will check the size of every database not specifically excluded, 
and revoke the user's ability to insert rows, or create tables. It's 
pretty rough, and I had some problems with the command substitutions 
toward the end. But it might lead to something useful.

Does that process look like it could be automated safely along with
account setup in MySQL?  I assume each user needs to have their own
account set up, so any tables they create would remain separate from
other users' tables.  Since each user gets a link back to the main MySQL
db, the user should be able to add tables to their own acccount without
a problem and the quota system will control how much data they can save.
Is that your understanding?

Anyway, this is what was discussed in a prior Board meeting in terms of
keeping a quota for the DB files in addition to the regular data under a
user's home directory.

I assume postgreSQL could be set up in a similar fashion.

Nate slipped a couple responses in there (and thanks for that!).  I
was referring to #233 in my response #237.

resp:237 I don't think it would be such a great idea to symlink from 
the sqlarea into the userHomeDir.. what if the userdeletes his dbDir 
and creates another symlink? There's a whole can of worms we are 
opening up.. i think.. the moment you have a system process writing to 
a user area. I'm not saying it's a bad idea.. it's a nice solution 
because it looks cleaner..

There will always be issues. What percent of users are likely to do
something like this?

If we aren't worried about getting the DB files under the quota system,
then we could go with the monitoring solution. But I have a feeling,
running reports, reviewing them, sending messages to people, etc. will
take up just as much time as the occasional person who deletes a symlink
and then wants a link somewhere else.

This response has been erased.

I don't think we should fool around with trying to put mysql files in
home directories and such. I think we should simply put /var/db/mysql
(or wherever you want to store the files) on it's own filesystem,
readable/writable only to the mysql process user, and allow people
access to it through the mysql-client and extensions.

Just tell everyone who gets a database knows that databases are for
experimental purposes and they may become unusable from time to time due
to disk constraints. That we ask they keep their databases under a
certain size, with voluntary compliance.

If voluntary compliance ends up not working, we can try something else.

resp:242 I'm inclined to agree, though I don't think there's
necessarily anything wrong with symlinking the files to some directory
under the users's home.  I was thinking about it, and mysql itself
runs as an unprivileged user; if the user deleted his or her database,
they would only mess themselves up.  If they tried to point the
symlink elsewhere, they'd be subject to the constraints of that
other database with respect to access.  I suppose they could point
it at a random user file, but 1. few of those are writeable by the
mysql user, and 2. that wouldn't really do anything, anyway; mysql
is smart enough that it could detect that it's not one of its own
files.

But I agree with Nate.  I think we can just create databases for
users who want them, and if space becomes a problem, we address it
then.  I don't think we need to create a new database for everyone
as soon as they create an account; we could let them request it and
do it on a one-off basis, or write a tool so that a user could
request one for him or her self and get it automatically created.

I think MySQL and CGI access are both pretty good ideas, and this
discussion about quotas brings up a concern of mine: there's this
knee-jerk reaction to change on Grex, to installing new software
and services, and it's starting to get really old.  Grex is not
presently a high-demand service, and I don't know that it ever will
be again.  We need to stop worrying about things that aren't problems,
and start concentrating on things that are: users using all of our
disk space on mysql databases is not a problem at the moment.  Let's
not overthink it.  Let's also not be afraid to change software
configurations around, or install new stuff.

That said, I also don't think we should go overboard putting new
services and things into place if there's no demonstrated demand
for them.  I also think we really need to fix up what we have before
we start worrying about hordes of new services.  There hasn't been
a lot of demand on Grex for MySQL and PHP; those things are cheaply
and easily available elsewhere, and Grex just isn't that interesting
for them.  Even on M-Net, which does provide access to CGI programs
and MySQL, I can probably count on my fingers the number of requests
that have come in for one or the other or both in the past few
years.  I think we *should* do them, but they're not top priority,
and other things can and should take precedence over them: things
like web newuser, and getting the content of the main grex website
updated and cleaned up.

Also, let's not light our hair on fire trying providing everything
under the sun.  Most users who want access to a database probably
want to use MySQL: I think we can get away with giving out MySQL
database access, and not worry about PostgreSQL (even though, in
my opinion, the latter is a much better piece of software).  I think
that's also useful in another context, in that we can use PostgreSQL
for our own internal production uses and give user access to MySQL
and SQLite.  Even MySQL seems like kind of a stretch to me: any
validated user on Grex can get access to SQLite if all they want
to do is play around with an SQL database.  Full-blown MySQL access
isn't necessary for, well, anything really.  At least, anything
that can be done on Grex.

This may sound somewhat contradictory, in that on one hand I'm
saying we shouldn't just say "no" and on the other, I'm sounding
like I'm saying "no," but that's not really it.  What I'm saying
is, let's not waste our most precious resources in terms of people's
time on things that may not have a substantial return on investment,
and let's prioritize and get the house in order before we move on
to grander projects.

Let's build the foundation that we're going to layer the rest on,
before we start putting the finishing touches on the molding.

http://www.grex.org/~veek/faq.xhtml
http://www.grex.org/~veek/confs.xhtml
http://www.grex.org/~veek/member.xhtml
etc..
(compare against the existing pages - erase ~veek)

They are minor alterations but important none the less. Let me know if
you like the modifications.. fonts too small, too big, list not okay

If it's overall "slightly better", ill diff it and send patches..

A lot of changes were made to the content of the FAQ in the last few days;
most of those conflict with these.  The CSS looks pretty good.  If you update
what you have with respect what's in the FAQ content-wise now, that would be
good.

I'm only pushing changes to web pages if they come packaged as svn diff's
against whatever the HEAD commit in grex/web.

And I'd like to thank Dan for keeping up with all those changes to the
web site.  It has seen quite a few corrections in the past week or so.
There's more to do, and we'd like to make it look better (it's based
on CSS so maybe that won't be too difficult).

PostgreSQL as an internal DB is fine with me.  It is a pretty darn nice
database, I think, and has gotten faster in the last couple releases.
For a long time, it's been a database that has a lot of features and has
only improved lately.

Let's try MySQL first and see how it goes.  If we go with a single DB
and let people have accounts on it by request, that should satisfy
current demand pretty well.  We can always revisit how we have it set up
later if the current setup becomes an issue.

The thing, though, about there not being much demand is that for almost
20 years now we've been saying no to things like MySQL and that pretty
much drives away the people that want it, especially if they can get
it somewhere else.  At the very least, it teaches people to stay quiet
about what they want.  So, I wouldn't use current demand as a solid
indicator.  You may find that once you start offering a service, that
more people request it, especially if we do a good job of publicizing
that we have such services (which is something we not done very well
about lately).  Some people don't even know they need a service yet, but
they might if it becomes available.

Again, I'd consider it a rousing success if we had more users than the
staff or our computer can handle.  And it will probably take multiple
services and people from multiple areas of interest to build such a
user base. We know that conferencing is getting to be a lost art, for
example, so we need to consider other options for communication and
learning.

I agree with Dan about the knee-jerk kind of reaction that often
accompanies any suggestion of something new.  Almost everyone wants
things to improve on Grex, but few want to see anything change.  It
seems a contradiction to me.  Yes, we can work on doing the things we
already do to make them better, but even that is change.  There are so
many things that need to be improved that we can't afford to focus on
just one thing, especially with a time limit staring us in the face.
But we do need to be careful how we expend our resources.  As I see it,
these are reasons why we need more involvement from our users and more
enthusiasm from our volunteers.  In the meantime, we can focus on
getting our house in order, but very soon, we need to do more.  This
will be easier if we have help.

I'd like to think that if others see an enthusiastic group of volunteers
getting things fixed, they'll be more likely to want to help rather than
be a free rider and let others pay the cost (time, effort) of getting
things to work better.  We can achieve a lot in a short period of time
if we stop saying 'no' and start asking 'why not try?' and 'what can
I do to help?'.

Nicely stated.

(Side bar:  Picospan was based on Confer II, which was based on MTS line
files.  MTS Line Files were indexed databases; the line numbers were
indexes into the database.  This arrangement allowed for some
interesting things.  Would it be possible/advisable/useful to re-write
the current conferencing software to use the sql database?)

The main page has grexergallery link which is broken. Would it be okay
to point this to the Grex Facebook page?

and i have 2 diffs and a pages.css in my homedir and i've sent mail to
staff.. could someone patch :p

Not all the links in the grexer gallery are broken.  But the vast
majority are.  I don't know about pointing to Facebook.  It's
generally not a good idea to direct people to another site since
it hurts your own in terms of viewership/readership.

resp:249 Possible yes, advisable would be dubious, and useful I don't 
really think so.  Bear in mind that most indexed files are somewhat 
different than relational databases: indexed files just give you some 
datum given a key.  The relational model is a conceptually different way
 to organize data.

resp:250 Sure.

resp:251 I'll look at it shortly.

resp:252 I think that Veek's talking about the old "grexergallery.net" 
that munkey ran; it contained pictures of grexers, but the site is long 
gone.  I believe you're referring to the Grex users' pages page, which 
lists personal web sites of Grex users.  The latter should be cleaned up
 with the dead links removed and new web sites added.  The former I
think  we have two options for: either move it to Grex, or point to
somewhere  else, like facebook.

resp:251 Veek, I don't see any mail from you to staff; where are these
patch files?

~/veek/FreeGrexServices.diff and pages.css (put in style/)

Came from 'squeak'

Ah, that picture site's been out of service for quite a while, I think.
The other day I went through all the links in the list of grexer's web
pages and that page is mostly not working. I agree, cleaning out the
broken links would work there even though it might result in not many
links remaining.  We can start over...

I'd rather see the pictures moved to grex if they are still available 
and the people who posted them still want them displayed.

Me too.

resp:255 Pushed.  Note that most of the diffs had a chunk that failed to
apply properly; all were at the end of the file, in the footer.  See
~cross/*.rej for the details.

I'm not really feeling the font, and a lot of the content still needs to be
updated.  Specifically, we need to be recommending SSH, not telnet.  And when
we talk about membership for accessing external services, we need to talk
about verification; the two really are distinct.

resp:256 By the way, one of the difficulties with just pulling the data
onto Grex is that it was backed by some custom PHP and database code.  We'll
have to get that, too; as I recall, users could upload their own files and
things. Does anyone have any ability to get in touch with munkey?  I sent her
an email about this a few years ago, but never got a response.

resp:42 about having the phantasia game available.  It is.
  > which phantasia
  /suid/games/phantasia

resp:258 ah nm, i'll do it in perl.
resp:257 the font's the same one used by the main page.. Trebuchet. You 
mean font-size? Also, I'm still working on layout (css, color, size, 
look).. the content's easy to fix but things like browser-compatibility 
are troublesome because it's relative sizes(em %) so Konq has a 
different idea of "normal" than FF. chunks, no newline at eof - will 
fix.
resp:255 'squeak' oops had to change that for IRC.. i was picking up 
flak
resp:252 it's utility that should matter.. i dislike FB but.. everyone 
else seems to like it.. broken links.. yeah, it would be best to script 
that to homedir creation/deletion..

patch plz. ~veek/latest.diff (mail sent)

resp:261 It doesn't quite pass my code review.  Please:

Rename "pgfooter" to "pagefooter" and change the CSS document accordingly.
In general, please spell out words instead of using abbreviations unless it
really is too long.

fixed. new mail sent. can i update to svn directly and save on the
mail/notify overhead? there is rollback afterall.

Not yet.  In things like, "users.xhtml", why do we have constructions
like this:

    <h2><a id="T">T</a></h2>

The "<h2>" tag can have an "id" attribute; this is better written as:

    <h2 id="T">T</h2>

There's a lot of that that needs to be cleaned up.

Also, I see a lot of tags like <u> in there; I'd rather we replaced
those with either <em> or <strong> or CSS; <u> tags are on their way
out.

1. 'cause I didn't add that :p
2. i did clean it up elsewhere (i think).
3. that page is filled with broken links and is best autogenerated by 
script.. so, if i clean up the whole thing, i'll just have to junk it 
later.
4. will fix the u - it's been depreciated in 4 and will be obsolete in 
5 but it's okay for now. none of the lists on that page render in FF so 
could we patch and i'll fix it in the next pass (day or two). tomorrow 
is monday and i'm not a CS grad. if you update something in that time, 
i don't want to spend time looking for changes.

Fix the <u>'s and let me know and I'll patch in what you've got.

cool! i am for less horrible not perfect <g>

s/am/aim

While it's true that steady incremental progress is better than perfection
that never comes, I also think that attention to detail is extremely
important.  What we're doing right now, for lack of a better term, is
refactoring the web site.  A lot of what's wrong with it is that it tried to
do too much, and in that, lots of little details are wrong.  The web site is
basically dead right now, and we're trying to bring it back to life.  But it
died the death of a thousand paper cuts through neglect and lack of updates.
We have an opportunity now to start fixing those little things, and making
the details right.

So pay attention to stuff like what's deprecated, and what's not, and also
to the little things: proper spacing, making sure that lines don't get too
long (try to keep them around 72 characters or less, so they'll look good in
a diff in a standard terminal window).  Keep things professional: no extra
blank spaces at the ends of lines and things like that.  Spell words out. 
Use proper grammar.  Don't overuse punctuation!!!  Keep things short, succinct
and correct.

Ow! Those papercuts hurt!
 
Thanks to both of you for working on the site.  As Dan has pointed out
to me at least once or twice, we have xmlwf installed to check the xml
code for issues.  Also, it's a good idea to run 'spell' or 'aspell' on
the files to look for misspelled words (and correct them).  

resp:269 i think i am following (spacing, indentation etc). 

The U tag are depreciated in HTML4, which means that when browsers 
switch to html5 we'll have a problem BUT it also means that many of the 
HTML5 tags don't work now! I know that what you are saying about not 
using depreciated tags is technically correct.. but tell me something..

faq.xhtml was patched recently but blockquotes was left as is.. when it 
encloses Unix shell commands. Strictly speaking we should be using 
code, pre, samp.. also, the list tags don't render in FF on linux..

(and i'm not blaming you and shit like that) 

My point is: 
1. the browser world is all about making compromises! U tags if left as 
is for the time being, won't kill anyone and can be fixed once we have 
a handle on the rest of the layout!
2. You yourself work in increments! (the blockquotes). It looks good in 
lynx but code/samp should be used or styles. You didn't fix it 
overnight now did you?? But somehow you expect me to fix everything in 
one go?? 

And I AM WILLING TO DO THAT! Problem is, while i spend a month fixing 
stuff in my local copy (on my home PC), you will continue to push your 
incremental patches SO when I try to sync with Grex the document will 
have changed by then, and I'll have to spend quality time staring at 
diff's.. wondering what has changed and where, and try to retype your 
work into my "old" code.. (this has happened when you made changes to 
faq.xhtml pine->Alpine. I had the whole thing ready to sync and I had 
to look at diffs to see what had changed. Finally i just redid my work 
with the "new" page.)

It makes far more sense to just patch it quickly once a substantial amt 
of work is done - and bug fix quickly. Maybe an expert in reading diffs 
will have no problem, and when you get someone like that who actually 
does some work.. then we can follow a slower patch policy..

'course i could be missing some sekret svn command to solve all this :p

or let me put it in a much simpler way.. you didn't ask for volunteers
at  a CS PhD program at Harvard. I know what you are saying about U tags
is  correct, but I think I would find it easier to work with quick
patches  and rollbacks. It's way more satisfying/gratifying in any case!
:) unless  it's a root hole.. in which case feel free to point it out
strenuously..

Hi veek.  What we've been doing is working on HTML code that has been
in place since the dawn of time.  Dan fixed it up for formatting and
made it work for xhtml a few years back. But there are still a ton of
old-style/version tags and ways of doing things in there.  And bear
in mind, too, that way back, probably a dozen people worked on the
site off and on over the years, so that probably introduced some other
inconsistencies.  Do the best you can and if you run into issues let us
all know as you have been, and maybe something can be done (or ignored).
I appreciate what you are doing to make it better!

  
w0w .. veek/squeak is a asset ... tnx
  

This response has been erased.

*tackles tsty and sits on his head* :p thanks. hey kent, those old 
pages.. are they some place i can dl?? I'll send the latest patch soon.

Since the grex web site is in SVN, I suspect you an get the really old
stuff from the repository.  Just pull an older revision of a file.

However, what I was referring to was the state of the current site.
Just about any directory off the root is likely to have seen less work
and be in an older state of development.

Note that some pages should remain with old content, such as the
original bylaws and other historical documents (e.g. lawsuit and
incorporation documents).  But that's not to say we shouldn't fix the
HTML code for those if it's out of date or out of compliance.

In terms of downloading the files, I've been tar.gz'ing a local copy of
the repository and downloading that for testing with other browsers.

patch is uploaded (~veek/latest.diff), will send mail now. (no u tag 
and other updates)

thanks kent, will do. Ah! tar.gz yeah me too! I was pondering that, but 
it's best vs rsync at least for now.
--
http://www.cyberspace.org/~veek/ if there's a problem with da patch. 

also, what kind of mail quotas do we have??

resp:271 Whoa, simmer down there, veek.  What you are describing is just
the reality of working in a shared development environment.  That's one reason
it's often easier to submit patches rapidly, with small changes in them.  When
you talk about integrating changes out of the head branch, use the tools to
help you do that automatically; svn update is a handy thing.  If there's a
conflict between something in the trunk and what you've done, then it will tell
you and you can fix the conflict.  Otherwise, it'll just merge it in
automatically.

As far as deprecated tags, it's incremental improvement.  Nothing happens over
night, but if you're digging into it, maybe it's good to fix those at the same
time.

This web stuff is not that hard; certainly, nothing one would find in the CS
PhD program at Harvard or any decent school.

resp:281 I think the max mailbox size is like 50 megs or so.

resp:280 Looking now.

resp:280 Hmm, a lot of chunks got rejected; I put most of them in
~cross/*.rej.

Veek, and Kent, I'd recommend using subversion to download a copy of the
repository directly to the machine you are doing the work on.  This could look
something like:

% svn co svn+ssh://you@grex.org/var/svn/trunk/grex/web

Then, you can do an "svn update" in your local copy and automatically pick
up changes that have been synced to the mainline repository.

This response has been erased.

resp:285 [re: svn] Yeah, basically; it will merge whatever you have done
with whatever is in the repository.  So, suppose I make a change at the top of
a file and you make a change at the bottom.  The changes don't conflict.  Then,
I submit my change; you do an "svn update" and pull in my latest changes.  Then
my change is automatically patched into the file, and your change is
unaffected.

Suppose that the changes do conflict, though; then Subversion will tell you
there's a conflict and let you resolve it.

So it won't clobber your changes.

I think we shouldn't be underlining text at all.  <u>'s should just go away
and be replaced with emphasized or strong text.

resp:286 hmm.. well, maybe the diff will work now.. i did an update to 
the latest 1017 and then did svn diff.. it's copied: 'latest.diff' 
could you check?

it ought to work now! it gave me no errors when i did the update..

Yeah, give me a sec.

there could be a problem with the revision tags? I removed them from my 
html because svn was inserting span revision tags.. maybe if it's 
pattern matching.. it might fail

Yeah, it was the "$Id:$" tags screwing things up.  I patched in your changes
and pushed them to production.

Thanks, Dan. I was able to checkout the current web files and now can
update them easily, I think.  That will make this whole exercise much
easier!

Huzzah!

Yup, svn up works on my end.  So, we're good to go, I think.

I was wondering, what was the reason for 'validate' in the sense that.. 
when Grex was hit by Chad, what used to happen.. the box would hang 
with cpu at 98%, then someone had to go to reset the box? or call 
provide to have it rest?? So what's wrong with that..?? Provide didn't 
want to rest the box?? Or did the File-system conk-out after the 
reset?? What was the actual task that was sucking up staff time and 
causing so much inconvenience.. could someone clarify.. 

I took a look at the FS:
/dev/wd0a     1008M    115M    843M    12%    /
/dev/wd0d      492M    9.6M    458M     2%    /suid
/dev/wd0f     31.5G   15.7G   14.3G    52%    /usr
/dev/wd0g     39.4G   13.2G   24.2G    35%    /var
/dev/wd0j      9.8G    5.5G    3.9G    58%    /a
/dev/wd0k      9.8G    2.8G    6.6G    30%    /c
/dev/wd0m     15.7G    5.8M   15.0G     0%    /tmp
/dev/wd0o     19.7G    845M   17.9G     4%    /cyberspace
/dev/nnpfs0   10.6G      0B   10.6G     0%    /afs

/dev/wd0a is what is critical to getting the box to boot right?? It's 
the rootFS so if the box is not shutdown cleanly it gets corrupted and  
fsck will bitch. It's also the smallest FS at 115MB on a 1GB partition.

IF disk corruption and having to run to provide was the problem, why 
not install 2 root filesystems (mirror/duplicate - using dump/dd, /dev/
wd0a). Obviously you can only boot off one rootFS! But, lets say we 
bootup from wd0a because that's the default. Once Grex is running, 
point the bootloader to /dev/wd0b (our backup rootFS). Now chad comes 
along and crashes the box. You call provide, tell them reset please. 
They reset, and BECAUSE you've changed the boot order when Grex was 
running, it will load via the secondFS and come online.

Presto! someone remote logsin, run fsck on the broken partition and you 
are up and running!! (it works on linux, and i could try downloading 
OBSD.. and checking.. but, is that the problem?)
----------------

Or, switch to using a journal?? Right now we are using OBSD's Fast file 
system..
http://www.freebsd.org/doc/handbook/geom-gjournal.html (but that would 
take time me thinks since we are on OpenBSD right now)

also if i upload patches, could someone patch?? Or do I have to wait
till  cross gets back.. 1 month he said.. worst case scenario..

I don't remember the details of what the vandals were doing, but the
result was several days of downtime.  We've some pretty capable
sysadmins around here, and they could not find a way to keep the box or
get it back up quickly, as motivated as they were to find a solution. 
If something as simple as you've suggested would have worked, it would
have been implemented.

I've uploaded: ~veek/latest.diff could someone patch? Just to remind
you,  you should also know how to rollback :p

resp:295 What's the relative benefit of running a system that a user can
take down at will while other users are using it but that can be rebooted
easily, versus what we have now?

resp:298 It seems that much has already been applied.  Did you sync your
workspace after the last push before uploading this?

  
about  rt   here is a nearly typcial pos:
  
        from    Служба
поддержки TopShkola.ru
via RT <help@grex.org>
reply-to        help@grex.org
to      
date    Wed, Dec 15, 2010 at 10:59 AM
subject [grex.org #13747]
&#1086;&#1073;&#1088;&#1072;&#1090;&#1085;&#1072;&#1103;
&#1089;&#1074;&#1103;&#1079;&#1100; &#1089; TopShkola.ru
mailed-by       grex.org
        
hide details 10:59 AM (1 hour ago)
        

Wed Dec 15 10:59:35 2010: Request 13747 was acted upon.
Transaction: Ticket created by support@topshkola.ru
      Queue: help
    Subject: &#1086;&#1073;&#1088;&#1072;&#1090;&#1085;&#1072;&#1103;
&#1089;&#1074;&#1103;&#1079;&#1100; &#1089; TopShkola.ru
      Owner: Nobody
 Requestors: support@topshkola.ru
     Status: new
 Ticket <URL: https://www.grex.org/helpdesk/Ticket/Display.html?id=13747 >


&#1055;&#1086;&#1078;&#1072;&#1083;&#1091;&#1081;&#1089;&#1090;&#1072;,
&#1085;&#1077; &#1074;&#1099;&#1089;&#1099;&#1083;&#1072;&#1081;&#1090;&#1077;
&#1089;&#1086;&#1086;&#1073;&#1097;&#1077;&#1085;&#1080;&#1103; &#1085;&#1072;
&#1101;&#1090;&#1086;&#1090; &#1072;&#1076;&#1088;&#1077;&#1089; --
&#1086;&#1085;&#1080;
&#1072;&#1074;&#1090;&#1086;&#1084;&#1072;&#1090;&#1080;&#1095;&#1077;&#1089;&
#1082;&#1080; &#1091;&#1076;&#1072;&#1083;&#1103;&#1102;&#1090;&#1089;&#1103;.

&#1045;&#1089;&#1083;&#1080; &#1074;&#1099;
&#1093;&#1086;&#1090;&#1080;&#1090;&#1077;
&#1079;&#1072;&#1076;&#1072;&#1090;&#1100;
&#1074;&#1086;&#1087;&#1088;&#1086;&#1089; &#1080;&#1083;&#1080;
&#1074;&#1099;&#1089;&#1082;&#1072;&#1079;&#1072;&#1090;&#1100;
&#1089;&#1074;&#1086;&#1077; &#1084;&#1085;&#1077;&#1085;&#1080;&#1077;,
&#1074;&#1086;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1091;&#1081;&#1090;&
#1077;&#1089;&#1100; &#1092;&#1086;&#1088;&#1084;&#1086;&#1081; &#1085;&#1072;
&#1089;&#1090;&#1088;&#1072;&#1085;&#1080;&#1094;&#1077;
"&#1086;&#1073;&#1088;&#1072;&#1090;&#1085;&#1072;&#1103;
&#1089;&#1074;&#1103;&#1079;&#1100;"
(&#1089;&#1089;&#1099;&#1083;&#1082;&#1072; &#1074;
&#1087;&#1088;&#1072;&#1074;&#1086;&#1084;
&#1085;&#1080;&#1078;&#1085;&#1077;&#1084; &#1091;&#1075;&#1083;&#1091;
&#1085;&#1072; &#1074;&#1089;&#1077;&#1093;
&#1089;&#1090;&#1088;&#1072;&#1085;&#1080;&#1094;&#1072;&#1093;
&#1089;&#1072;&#1081;&#1090;&#1072;)

&#1057; &#1091;&#1074;&#1072;&#1078;&#1077;&#1085;&#1080;&#1077;&#1084;,
&#1089;&#1083;&#1091;&#1078;&#1073;&#1072;
&#1087;&#1086;&#1076;&#1076;&#1077;&#1088;&#1078;&#1082;&#1080;
TopShkola.ru
  
 ============================
  
and this: 
  
[grex.org #10039] ...........?
                                
        
Inbox
                X       
                                
Reply
|
Minimalist Manager via RT
 
        
show details Apr 13
        
        from    Minimalist Manager via RT <help@grex.org>
reply-to        help@grex.org
to      
date    Tue, Apr 13, 2010 at 11:50 PM
subject [grex.org #10039] ...........?
mailed-by       grex.org
        
hide details Apr 13
        

Tue Apr 13 23:50:18 2010: Request 10039 was acted upon.
Transaction: Ticket created by minimalist@highload.net.ru
      Queue: help
    Subject: ...........?
      Owner: Nobody
 Requestors: minimalist@highload.net.ru
     Status: new
 Ticket <URL: https://www.grex.org/helpdesk/Ticket/Display.html?id=10039 >


......:
       .. (info@grex.org) .. ......... .. ... .........

....... ........:
       ......... ......... .. ...... minimalist@highload.net.ru . .....
       'help' (... .......) ... ......... .......... . ..., ... ............

..... .... .... .........:
===========================================================================
This is a multi-part message in MIME format.

------=_NextPart_000_00AB_01CADB5F.DB09D070
Content-Type: text/plain;
       charset="koi8-r"
Content-Transfer-Encoding: quoted-printable

     =ED=CF=D3=CB=CF=D7=D3=CB=C1=D1 =
=D4=D2=C1=CE=D3=D0=CF=D2=D4=CE=C1=D1 =CB=CF=CD=D0=C1=CEu=D1
     "PROF =D0=C5=D2=C5=C5=DA=C4"=20
     (495)  504 70 67 =E1 =F4=E1=EB=F6=E5:
   =20
     =EB=F7=E1=F2=F4U=F2=EE=F9=E5, =E4=E1=FE=EE=F9=E5 =E9 =
0=E6U=F3=EE=F9=E5
     =D0=C5=D2=C5e=DA=C4=D9
     =D0=CF =ED=CF=D3=CB=D7=C5, =ED=EF =C9 =F2=E6

     =F7=D9=C5=DA=C4 =CD=C5=CE=C5=C4=D6=C5=D2=C1 =C4=CC=D1 =
=CF=C3=C5=CE=CB=C9 =D2=C1=C2=CF=D4 =E2=E5=F3=F0=EC=E1=F4=EE=EF!!! =
=F4=C1=CB=C5=CC=C1=D6=CE=D9=C5 =D5=D3=CC=D5=C7=C9 - =D0=CF=C4=DF=C5=CD =
=D4=D1=D6=C5=CC=CF=D7=C5=D3=CE=CF=C7=CF =C9 =
=CB=D2=D5=D0=CE=CF=C7=C1=C2=C1=D2=C9=D4=CE=CF=C7=CF =
=D0=D2=CF=CD=D9=DB=CC=C5=CE=CE=CF=C7=CF =
=CF=C2=CF=D2=D5=C4=CF=D7=C1=CE=C9=D1, =D0=C5=D2=C5-=CD=C5=DD=C5=CE=C9=C5 =
=D3=D4=C1=CE=CB=CF=D7 =C9 =D3=C5=CA=C6=CF=D7


     =C9 =CD=CE=CF=C7=CF=C5 =C4=D2=D5=C7=CF=C5...=20
     (495) 542 08 81=20

------=_NextPart_000_00AB_01CADB5F.DB09D070
Content-Type: text/html;
       charset="koi8-r"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Dkoi8-r" http-equiv=3DContent-Type>
<META name=3DGENERATOR content=3D"MSHTML 8.00.6001.18904">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT size=3D2 face=3DArial>
<DIV>
<TABLE style=3D"WIDTH: 695px; HEIGHT: 193px" id=3Dtable8 =
class=3DMsoNormalTable=20
border=3D0 cellSpacing=3D0 cellPadding=3D5 align=3Dcenter=20
xstyle=3D"WIDTH: 393px; HEIGHT: 362px"=20
xxstyle=3D"WIDTH: 685px; HEIGHT: 324px; mso-cellspacing: 0cm; =
mso-yfti-tbllook: 1184; mso-padding-alt: 7.5pt 7.5pt 7.5pt 7.5pt">
 <TBODY>
 <TR xxstyle=3D"mso-yfti-irow: 0; mso-yfti-firstrow: yes">
   <TD bgColor=3D#800000 height=3D70 colSpan=3D5=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; BACKGROUND: #000080; PADDING-BOTTOM: =
7.5pt; BORDER-LEFT: #f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: =
#f4f4f4">
     <DIV align=3Dcenter><FONT size=3D6 face=3DVerdana><B><I><SPAN=20
     xxstyle=3D"FONT-SIZE: 24pt; COLOR: white; FONT-FAMILY: =
'Verdana','sans-serif'; mso-bidi-font-size: 12.0pt">
     <DIV align=3Dcenter>
     <DIV align=3Dcenter><FONT size=3D6 face=3DVerdana><B><I><SPAN=20
     xxstyle=3D"FONT-SIZE: 24pt; COLOR: white; FONT-FAMILY: =
'Verdana','sans-serif'; mso-bidi-font-size: 12.0pt">
     <DIV align=3Dcenter><FONT color=3D#ffffff>
     <DIV align=3Dcenter><FONT size=3D6 face=3DVerdana><B><I><SPAN=20
     xxstyle=3D"FONT-SIZE: 24pt; COLOR: white; FONT-FAMILY: =
'Verdana','sans-serif'; mso-bidi-font-size: 12.0pt">
     <DIV align=3Dcenter><FONT color=3D#ffffff size=3D4 =
face=3DVerdana><SPAN=20
     xxstyle=3D"FONT-SIZE: 24pt; COLOR: white; mso-bidi-font-size: =
12.0pt">=ED=CF=D3=CB=CF=D7=D3=CB=C1=D1=20
     =D4=D2=C1=CE=D3=D0=CF=D2=D4=CE=C1=D1 =
=CB=CF=CD=D0=C1=CEu=D1</SPAN></FONT></DIV>
     <DIV align=3Dcenter><FONT color=3D#ffffff>"<FONT size=3D5>PROF=20
     =
=D0=C5=D2=C5=C5=DA=C4</FONT>"</FONT></DIV></SPAN></I></B></FONT></DIV></F=
ONT></DIV></SPAN></I></B></FONT></DIV></DIV></SPAN></I></B></FONT></DIV><=
/TD></TR>
 <TR xxstyle=3D"mso-yfti-irow: 1; mso-yfti-lastrow: yes">
   <TD bgColor=3D#000000 height=3D47 width=3D111 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><B><FONT=20
     face=3D"Arial Black"><FONT color=3D#ffffff =
size=3D6>(495)</FONT><FONT=20
     color=3D#ffffff size=3D6> </FONT></FONT></B></TD>
   <TD bgColor=3D#000000 height=3D47 width=3D89 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><FONT=20
     size=3D6><B><FONT color=3D#ffffff face=3D"Arial =
Black">504</FONT></B></FONT></TD>
   <TD bgColor=3D#000000 height=3D47 width=3D73 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><B><FONT=20
     color=3D#ffffff size=3D6 face=3D"Arial Black">70</FONT></B></TD>
   <TD bgColor=3D#000000 height=3D47 width=3D73 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><B><FONT=20
     color=3D#ffffff size=3D6 face=3D"Arial Black">67</FONT></B></TD>
   <TD bgColor=3D#ff0000 height=3D47 width=3D307 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent">
     <P align=3Dcenter><STRONG><FONT color=3D#ffffff size=3D4 =
face=3DVerdana>=E1=20
     =F4=E1=EB=F6=E5:</FONT></STRONG></P></TD></TR><FONT =
color=3D#ff0000 size=3D7 face=3DTahoma>
 <TR>
   <TD height=3D135 width=3D376 colSpan=3D4=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent">
     <DIV align=3Dcenter><FONT size=3D2 face=3DArial>
     <DIV align=3Dcenter><FONT face=3DTahoma><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: =
12.0pt"><STRONG></STRONG></SPAN></SPAN></FONT></DIV><FONT=20
     face=3DTahoma><B><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"></SPAN></B></FONT></DIV>
     <DIV align=3Dcenter><FONT color=3D#ff0000 size=3D2><B><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><SPAN=20
     xstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
'Arial','sans-serif'"><STRONG>
     <DIV align=3Dcenter><FONT size=3D2 face=3DArial><FONT size=3D7=20
     face=3DTahoma><STRONG><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"></SPAN></SPAN></STRONG></FONT></DIV>
     <DIV align=3Dcenter><FONT face=3DTahoma><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><FONT=20
     color=3D#000000><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><STRONG><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><SPAN=20
     xstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
'Arial','sans-serif'"><STRONG><FONT=20
     color=3D#ff0000 face=3DArial></FONT>
     <DIV align=3Dcenter><FONT size=3D3>=EB=F7=E1=F2=F4U=F2=EE=F9=E5, =
=E4=E1=FE=EE=F9=E5 =E9 0=E6U=F3=EE=F9=E5</FONT></DIV>
     <DIV align=3Dcenter><FONT face=3DArial><FONT color=3D#ff0000 =
size=3D7=20
     face=3DTahoma><STRONG><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: =
12.0pt">=D0=C5=D2=C5e=DA=C4=D9</SPAN></SPAN></STRONG></FONT></FONT></DIV>=
</STRONG></SPAN></SPAN></STRONG></SPAN></FONT></SPAN></FONT></DIV>
     <DIV align=3Dcenter><FONT face=3DTahoma><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><FONT=20
     color=3D#000000><FONT size=3D4><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><STRONG>=D0=CF</STRONG></SPAN>=20
     <SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><STRONG>=ED=CF=D3=CB=D7=C5,&nbsp;=ED=EF=20
     =C9 =
=F2=E6</STRONG></SPAN></FONT></FONT></SPAN></FONT></DIV></FONT><FONT =
size=3D2=20
     face=3DArial>
     <DIV align=3Dcenter><FONT face=3DTahoma><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: =
12.0pt"></SPAN></SPAN></FONT>&nbsp;</DIV></FONT></STRONG></SPAN></SPAN></=
B></FONT>
     <DIV align=3Dcenter><FONT color=3D#ff0000 size=3D2><B><SPAN=20
     xxstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: 'Arial','sans-serif'; =
mso-bidi-font-size: 12.0pt"><SPAN=20
     xstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
'Arial','sans-serif'"><STRONG>=F7=D9=C5=DA=C4=20
     =CD=C5=CE=C5=C4=D6=C5=D2=C1 =C4=CC=D1 =CF=C3=C5=CE=CB=C9 =
=D2=C1=C2=CF=D4=20
     =
=E2=E5=F3=F0=EC=E1=F4=EE=EF!!!</STRONG></SPAN></SPAN></B></FONT></DIV></D=
IV></FONT></TD>
   <TD bgColor=3D#008000 rowSpan=3D2 width=3D307 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><EM><FONT=20
     color=3D#ffff00 size=3D5>
     <DIV align=3Djustify>
     <DIV align=3Djustify><SPAN=20
     xstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
'Arial','sans-serif'"><FONT=20
     color=3D#ffffff><FONT size=3D3><FONT =
face=3DArial><STRONG>=F4=C1=CB=C5=CC=C1=D6=CE=D9=C5 =D5=D3=CC=D5=C7=C9=20
     -</STRONG> <FONT size=3D2>=D0=CF=C4=DF=C5=CD =
=D4=D1=D6=C5=CC=CF=D7=C5=D3=CE=CF=C7=CF =C9 =
=CB=D2=D5=D0=CE=CF=C7=C1=C2=C1=D2=C9=D4=CE=CF=C7=CF=20
     =D0=D2=CF=CD=D9=DB=CC=C5=CE=CE=CF=C7=CF =
=CF=C2=CF=D2=D5=C4=CF=D7=C1=CE=C9=D1, =D0=C5=D2=C5-=CD=C5=DD=C5=CE=C9=C5 =
=D3=D4=C1=CE=CB=CF=D7 =C9=20
     =D3=C5=CA=C6=CF=D7</FONT></FONT></FONT></FONT></SPAN></DIV>
     <DIV align=3Djustify><SPAN=20
     xstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
'Arial','sans-serif'"><FONT=20
     color=3D#ffffff size=3D3=20
face=3DArial><STRONG></STRONG></FONT></SPAN>&nbsp;</DIV>
     <DIV align=3Dright><SPAN=20
     xstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
'Arial','sans-serif'"><FONT=20
     color=3D#ffffff size=3D3=20
face=3DArial><STRONG></STRONG></FONT></SPAN>&nbsp;</DIV>
     <DIV align=3Dright><SPAN=20
     xstyle=3D"FONT-SIZE: 10pt; FONT-FAMILY: =
'Arial','sans-serif'"><FONT=20
     color=3D#ffffff size=3D3 face=3DArial><STRONG>=C9 =
=CD=CE=CF=C7=CF=C5=20
     =
=C4=D2=D5=C7=CF=C5...</STRONG></FONT></SPAN></DIV></DIV></FONT></EM></TD>=
</TR>
 <TR>
   <TD bgColor=3D#000000 width=3D111 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><FONT=20
     color=3D#ffffff size=3D6 face=3D"Arial =
Black"><STRONG>(495)</STRONG></FONT></TD>
   <TD bgColor=3D#000000 width=3D89 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><STRONG><FONT=20
     color=3D#ffffff size=3D6 face=3D"Arial =
Black">542</FONT></STRONG></TD>
   <TD bgColor=3D#000000 width=3D73 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><FONT=20
     size=3D2><B><FONT color=3D#ffffff size=3D6=20
     face=3D"Arial Black">08</FONT></B></FONT></TD>
   <TD bgColor=3D#000000 width=3D73 align=3Dmiddle=20
   xxstyle=3D"BORDER-RIGHT: #f4f4f4; PADDING-RIGHT: 7.5pt; BORDER-TOP: =
#f4f4f4; PADDING-LEFT: 7.5pt; PADDING-BOTTOM: 7.5pt; BORDER-LEFT: =
#f4f4f4; PADDING-TOP: 7.5pt; BORDER-BOTTOM: #f4f4f4; BACKGROUND-COLOR: =
transparent"><B><FONT=20
     color=3D#ffffff size=3D6=20
face=3D"Arial =
Black">81</FONT></B></TD></TR></TBODY></FONT></TABLE></DIV></FONT></DIV><=
/BODY></HTML>

------=_NextPart_000_00AB_01CADB5F.DB09D070--


===========================================================================

--
Sincerely, the Minimalist
  
minimalist my rosy red ....

That was not necessary to make the point, TS.

  
i went bac to rt just to see stuff ... some chagnes seem to be impelmaented.
  
more needed. 
  

TS!! grrr! (and re the mail, it's not necessary that I do the duplicate 
FS thingy - anyone could)

resp:299 ah! okay:
1. xyz hoses Grex - right now we got to go to provide because FFS 
doesn't journal. That's one task saved given that xyz could lie and 
sneak past validation in any case. Validation doesn't solve the lying 
problem.. (unless we insist on paypal for everyone!) I mean, nothing 
stops Chad from getting in right now! He just chooses not to!

2. Sure he could take the box down again and again, but now we can 
start banning his ips! and temporarily lock tor out! In fact we could 
nuke his whole subnet temporarily (1 month ban). With minimal downtime, 
he's not getting any reward in terms of squealing users and sysadmins 
having to run to provide.net.

3. It's easy to implement right? We need to resize a partition and 
extract 1Gb and then just dump to it. we could use diffs for stuff like 
password/shadow/group syncing. Or put in another hard disk.. 

4. Validation can now be temporary. When under attack, Grex just locks 
things up without going to provide. Then we leisurely repair the mainFS 
and unlock(remove validate) at leisure..
---

I feel it's worth a shot, but like i said, if ppl don't like it.. (i'm 
not overly optimistic about our chances without validation.. i always 
thought validation would be a temporary thing..)

+another suggestion (which i don't like), could we use fsck with the YES
 (-y) option?? and md5sum to restore files that are corrupted??

We tried all that, veek.  Banning IP addresses, tor end points,
etc.  None of it worked.

Constantly rebooting the box just for people like Chad doesn't buy
us much, and hurt us a lot (users who were doing things got denied
the service of Grex; that's not cool).  The present system raises
the bar high enough that the Chads of the world are much less
interested in bothering to attack Grex.

I really don't see why you keep bringing this up.  "Reboot when
someone crashes us" is just not an acceptable strategy.  Extra
partitions don't really help with that.  And seriously, WHY do
you want to make this change?  What's the point?  Just to get rid
of validation and resh?

resp:301 So, since RT works by people sending email to it, it can
get spam.  What's your point, exactly?

resp:306 *sigh* because perma validation will kill us.. at least that's 
what I believe. Thing is, on IRC and places like that.. it's hard enough
 getting ppl to move to a Unix shell and unless they can quickly log on.
 anyway, i won't bring this up again (ever). 

I checked out to 1019 and svn diff'd, should work now.

resp:307 I've seen no evidence that validation will kill us, and lots of
evidence that it won't.  Like, the fact that almost all other similar services
do some form of validation.

resp:307 Same errors.  Do you have the <div id="pagefooter"> stuff in your
client?

yeah! pagefooter is okay right??? i thought it was the revision tags.. 
but yeah rev tags are there as well in some of those docs.. let me 
check.. i got to sleep, tomorrow!

resp:308 yeah, but SDF is already established with a decent user-base.. 
oh well, try and see.. and you have smj constantly adding new features..
 but really it's the regulars in com(party) that keep that place running
 (chicks).

resp:311 We add a lot of new features, too; just that no one pays much
attention and we don't advertise them.  And Grex used to have a
well-established, large userbase as well: we lost that over time through
neglect.

Really, we need to fix the advertising and neglect thing before the restricted
shell.  And note that SDF has a restricted shell as well.

resp:310 Yeah, pagefooter should be there.  I don't see the Id stuff in the
rejection chunks.  I do see that it wants to change "pagefooter" back to
"footer", which is clearly wrong.

resp:312 yeah.. that's true.. Grex is way better than SDF (imo)! I like the
crowd on SDF but I dislike SDF itself.. i'd be pretty happy if they all
moved here and left smj where he is. Adverts is fixed! flyer is ready for
printing.. only the hacker.gif image may be copy-protected.. i just bummed
that from somewhere.. maybe i'll ask my younger sib to draw it..

hmm.. well i'll try and install svn-server and try to replicate stuff..

I'm working on a web page that lists the software we have installed.
Unfortunately, I can't work on it right now (later, yes) and of course,
it'll be an on-going maintenance issue if we put in which version we
have, so I'm thinking it might be best to leave that out for now.  I've
looked at a couple sites that list what we have and I didn't have time
look into what it takes to make an update (that is, it isn't always
obvious or easy to update some of those sites for our information, so
would probably call for an e-mail to the admin on those sites.  And of
course, since year's Board is not in our web site, it's hard to prove I
have the right to change things.).

s/since year's/since this year's/

(I *really* miss command-line access.)

What sort of commands are you missing on the web here?

Updating text files, like the one that contains the history of board
membership.

And if I could use svn or the like, I would have command-line access to
grex, and so wouldn't need them.

As I recall, your situation is not the easiest to fix, though if we had
a java-based SSH client on the Grex web page, you'd probably be pretty
close (though I'm still not sure if that would meet your requirements).

I suppose we could put in a web-based svn clent, too, for that matter.
If it would work to edit files, it'd be okay, again, though I'm not sure
that any allow that without downloading a file to your local machine.
The ones I've seen just let you browse/view.  If you had a secure
command line, though, you could just use svn that way.

Sounds like we might need a staff site that has the tools needed for
this kind work (or an area of our main site that is only open to staff).
This would be handy for staff who don't have their own computer handy,
as long as they can find a web-browser.  ...just some ideas.

arbornet has a java client.. you could bunny-hop??

Yeah, I was just thinking the same thing.  

Yup, hopping worked for me.  

The mindterm client is installed on Grex.

patch please ~veek/latest.diff [ i hope it works ] 

I stripped the $Id stuff out; couldn't create my own private repo to 
fool around with and verify for sure.. need more time to do that.

http://grex.org/mindterm/applet.html works, with some license accepting,
to give a commandline on grex.  There are quite a few options for this
terminal, too.

  
re 325 .. retty neat but tehereare is a starnge situation. 
  
somehow, 'it' deciceded who i was --- in advance!
  
and it was wroing
  
also it capitalized the first letter of the loginid , which of cours is not
correct.   i was able to change the logoind to muself and login though.
  
yeh, the licensing/security cert (whatever) needs to be 'accepted' but that;s
not biggie. 
  
  

So, basicaly, it works just fine and all these gripes are minor.  I
don't see where most people would be confused at all.

could someone try that patch? ~veek/latest.diff

resp:326 What kind of computer are you using at home?  It probably picked
up your login ID from that.

resp:328 I'm not going to do that while I'm in India.  Sorry.

(Though someone else can if they like.  Updating web pages is fairly easy;
sync your web client,

1. cd <wherever>/grex/web/htdocs
2. svn update
3. patch --posix < ~veek/latest.diff
   [Make sure nothing gets rejected]
4. svn status | awk '{print $2}' | xargs xmlwf
5. [look at the changes to make sure they are okay]
6. svn commit
7. ../tools/syncweb

And that's it.)

Thanks for the list of things that need to be done to make it work, Dan.

As for the Mindterm, yes, it picks up your userid from your computer
where you're running the term.  It's not a big deal.

It actually is a pretty decent terminal with a lot of options.  We
should consider putting it on the web page where more people can try
it out (hopefully without all the licensing questions).

How about S/MIME validation?  Like the new user is considered valid when they
can sign a message to Grex?

FTR, my primary purpose here is shell, especially emacs, not BBS.  I do have
a regular shell account at my alma mater but they require SSH whereas Grex
still accepts telnet, which is a great thing when all you have is some random
M$ crapware.  (Yes, I know what putty is, so save yourself that explanation.)
The rules against fiddling with open source projects are a little upsetting,
but it is still a great place to test your raw ideas :-)

Note that telnet access at Grex is in deprecated status and may go away
at any moment if staff feel the time is right.  SSH is the preferred way
to connect to Grex if you want terminal access.

If telnet goes away I will have to telnet some place else from the library
to ssh to grex.

You have several choices:

• Go to the menu of items for the Coop conference
• Go to the list of conferences
• Go to the opening screen