|
Grex > Helpers > #137: Grex System Announcements - Winter 2004/2005 |  |
|
| Author |
Message |
| 25 new of 219 responses total. |
twenex
|
|
response 83 of 219:
| 
Jan 2 14:15 UTC 2005 |
"Correctness" to me would imply "stability", among other things. Why write
neat code if it borks?
|
naftee
|
|
response 84 of 219:
|
Jan 2 19:37 UTC 2005 |
Write us some beat code that norks, twenex.
|
gelinas
|
|
response 85 of 219:
|
Jan 3 00:25 UTC 2005 |
The file-table filled up, so no more files could be opened. I had to cycle
the power to log on.
|
charcat
|
|
response 86 of 219:
|
Jan 3 02:52 UTC 2005 |
Just now I couldn't use backtalk, I switched to dial up and got in but things
are hanging severly.
|
keesan
|
|
response 87 of 219:
|
Jan 3 04:06 UTC 2005 |
I am dialed in and bbs (picospan) works fine. Charcat I got your mails.
|
gelinas
|
|
response 88 of 219:
|
Jan 3 04:52 UTC 2005 |
We have turned off the delivery of mail while we move the spool files out of
/var and onto a different partition.
You will see a variety of error messages, because many things use /var for
temporary space, until we get this problem resolved. For example, vi saves
files to /var/tmp/vi.recover to allow the recovery of changes made but not
yet committed should the something crash while a user is editting a file. So
users of vi will see a message like
Error: Recovery file: No space left on device
Modifications not recoverable if the session fails
when they begin to edit a file. For now, ignore the error reports and go on
with what you were doing.
|
gelinas
|
|
response 89 of 219:
|
Jan 3 05:38 UTC 2005 |
STeve freed up some space in /var, so we've turned mail on again. Some time
later today (i.e., after sunrise, 3 January 2005), we'll take grex down while
we move the mail spool files to a different partition.
|
kalbaugh
|
|
response 90 of 219:
|
Jan 3 15:24 UTC 2005 |
What happened to all my files?!!!
|
albaugh
|
|
response 91 of 219:
|
Jan 3 15:48 UTC 2005 |
My files have returned just as mysteriously as they disappeared, and my mail
has been restored too. :-)
|
gull
|
|
response 92 of 219:
|
Jan 3 20:08 UTC 2005 |
Re resp:82: I agree with you for the most part...however, a system
hitting its maximum open file limit falls more into the
'misconfiguration' category than the 'stability' category. You have to
remember that very, very few systems these days have the number of users
logging on simultaneously that Grex does. It's not surprising that the
default, shipping configuration of OpenBSD needs a little tweaking.
Most OpenBSD systems are used as network firewalls or the like.
|
twenex
|
|
response 93 of 219:
|
Jan 3 20:09 UTC 2005 |
Fair enough.
|
steve
|
|
response 94 of 219:
|
Jan 3 23:13 UTC 2005 |
User mail files now live in their own partition, meaning that we have
lots of space for them now. We're at about 14% utilitzation at the moment.
There are still more things to do with mail but I think things are going
ok now.
Also removed about 24,000 entries in the mail spool that were some form
of mail bombing.
|
twenex
|
|
response 95 of 219:
|
Jan 3 23:29 UTC 2005 |
Like, yay. Thanks!
|
mfp
|
|
response 96 of 219:
|
Jan 3 23:35 UTC 2005 |
http://www.jewsforjesus.org/
|
janc
|
|
response 97 of 219:
|
Jan 4 02:44 UTC 2005 |
I had allocated a disk partition for mail (/var/mail) but I had left it
commented out in /etc/fstab (because normally during development we don't want
to mount the production mail directory). I forgot to uncomment it, so the
separate partition was never mounted and the mail, instead, all ended up on
the /var disk partition, which was never intended to be big enough to hold
it. Oops.
Thanks to the staffers who figured this out and copied things into the
proper mail partition.
Grex shouldn't be hitting it's maximum open file limit. When I built Grex's
kernel, I just took the default size and doubled it. Obviously this didn't
do the job. I need to review what limits exist and how they are configured
to fine tune this. Ideally things should be set up so that no one user can
consume all the system's resources.
|
janc
|
|
response 98 of 219:
|
Jan 4 04:08 UTC 2005 |
By the way, Grex's web pages (including backtalk) are now accessible with teh
"https" protocol.
So you can run backtalk at "https://www.grex.org/cgi-bin/backtalk"
We don't have a real certificate (those cost more money than Grex can
afford), so it's just a crappy self-issued certificate. However, you should
be able to tell your browser to accept it and not have to worry about it.
Even with the crappy certificate you'll be improving the security of your
connection to Grex substantially. (With the old "http" protocol you password
was sent over the net in the clear with each connection.) I recommend this
for all users.
|
aruba
|
|
response 99 of 219:
|
Jan 4 16:40 UTC 2005 |
I'll be sending out paper receipts to people who donated to Grex last year
and would like a receipt for tax purposes. So if you'd like a receipt for
your donations, let me know.
|
tsty
|
|
response 100 of 219:
|
Jan 5 00:02 UTC 2005 |
thank janc and the others who made this new system and made the transition
so smooth. stunning! applause!! applause!!
|
jep
|
|
response 101 of 219:
|
Jan 5 03:30 UTC 2005 |
re resp:98: I notice I get a constant stream of pop-ups:
Security Information
This page contains both secure and nonsecure
items.
Do you want to display the nonsecure items?
Is this because the Backtalk buttons are accessible only via "http"?
I'd really like a fix if possible.
Thanks!
|
janc
|
|
response 102 of 219:
|
Jan 5 04:18 UTC 2005 |
Hmmm...interesting. I haven't looked at the code, but yes, very likely the
buttons are being fetched from a plain http URL. However, the buttons are
not in a directory where authentication is required either, so your password
is not being sent in the http requests for the buttons. So why in the world
would we want to encrypt those requests? There's nothing secret about
backtalk buttons. Encrypting them just adds extra overhead on Grex and on
your browser. So I can't think of any sensible reason to encrypt button
requests except to make your silly browser happy. (By the way, what silly
browser is that anyway?) I should probably do it to make silly browser's
happy. Sigh.
|
mooncat
|
|
response 103 of 219:
|
Jan 5 15:39 UTC 2005 |
It's happened to me a couple times, I'm using Internet Exploder... er,
Explorer. ;) Not my fault, it's the only thing work offers and
downloads are not allowed.
|
twenex
|
|
response 104 of 219:
|
Jan 5 15:43 UTC 2005 |
I prefer the term "Exploiter", though the way things are going we might get
a bit less exploitation soon.
|
blaise
|
|
response 105 of 219:
|
Jan 5 17:13 UTC 2005 |
Personally, I prefer "Insecure Explorer".
|
albaugh
|
|
response 106 of 219:
|
Jan 5 17:50 UTC 2005 |
> the way things are going we might get a bit less exploitation soon
Something developing on the MS front?
|
twenex
|
|
response 107 of 219:
|
Jan 5 17:55 UTC 2005 |
No, but Firefox is picking up momentum. A US university (for example) (was
it Princeton?) - just sent an email to all its staff and students urging them
to drop IE for Firefox, because IE is so insecure.
|