<WRAP round centeralign box>STATUS updates</WRAP>

======TODO======

  * the formular plugin is giving me errors, need to figure this out (email assignment form)
  * update grade not-z scripts to handle/be aware of winter terms
  * update system page for (new)www
  * <del>redo DSLAB tweedledee/tweedledum with squeeze</del> rebuilt tweedledee, tweedledum on the way
    * rebuild DSLAB www, irc, auth as squeeze VMs
  * load balance/replicate www/wiki content between LAIR and DSLAB
  * adapt LAIR irc and lab46 to use self-contained kernels (how to do this?)
  * update system page for db
  * migrate nfs1/nfs2 system page to current wiki
  * update nfs1/nfs2 to squeeze
  * flake* multiseat page

======URLs======

Some links of interest:

  * [[http://www.llvm.org/|LLVM]]
  * [[http://www.reocities.com/harpin_floh/glglobe_page.html|GLglobe]]
  * [[http://www.heavens-above.com/|Heavens Above]]
  * http://wiki.debian.org/kristian_jerpetjoen
  * http://www.webupd8.org/2010/11/alternative-to-200-lines-kernel-patch.html
  * http://myproxylists.com/nix-brute-force
  * [[haas/docs/plan9|My Plan9 Documentation page]]
  * [[haas/system/sokraits_halfadder.offbyone.lan|The Sokraits/Halfadder System Documentation page]]
  * http://www.egghelp.org/commands/channels.htm
  * http://stackoverflow.com/questions/470617/get-current-date-and-time-in-php
  * http://www.rjsystems.nl/en/2100.php
  * [[http://bitsavers.trailing-edge.com/pdf/|BitSavers]]
  * [[http://mir.aculo.us/2010/06/04/making-an-ipad-html5-app-making-it-really-fast/|Time Zone HTML5 app]]
  * http://toic.org/2009/01/18/reverse-ssh-port-forwarding/
  * Divergent Thinking
    * http://en.wikipedia.org/wiki/Divergent_thinking
    * http://faculty.washington.edu/ezent/imdt.htm
  * https://help.ubuntu.com/community/Installation/QemuEmulator
  * Socket Programming
    * http://www.linuxhowtos.org/C_C++/socket.htm
    * http://www.few.vu.nl/~jms/socket-info.html
    * http://www.lowtek.com/sockets/
    * http://www.tenouk.com/Module40.html
    * http://www.tenouk.com/Module42.html
    * http://www.tenouk.com/Module43a.html
  * ALIX
    * http://markshroyer.com/guides/router/
    * http://markshroyer.com/2010/12/openbsd-alix-via-ubuntu/
    * http://www.martinmellor.com/freebies/pinouts/IDE44_2_5_pinout.htm (IDE 44-pin pin-out)
  * BeagleBoard
    * http://elinux.org/BeagleBoardDebian
  * Xen
    * http://www.tumfatig.net/20110125/running-openbsd-on-xen/ (OpenBSD HVM)
    * https://wiki.debian.org/Xen
  * http://www.mydigitallife.info/fix-gmail-imap-invalid-credentials-or-web-login-requires-failure-error/
  * http://manoharvanga.com/hackme/
  * http://chneukirchen.github.com/sabotage/
  * http://www.linusakesson.net/programming/pipelogic/index.php
  * Free Data Structures eBook: http://dotnetslackers.com/Community/files/folders/data-structures-and-algorithms/entry30283.aspx
  * Polyphasic Sleep and Napping
    * http://priceonomics.com/the-nasa-studies-on-napping/
    * http://www.opinionspost.com/longevity-greek-island-way/
    * http://io9.com/the-science-behind-power-naps-and-why-theyre-so-damne-1401366016
  * Brain Hacks
    * http://www.cracked.com/article_20166_5-brain-hacks-that-give-you-mind-blowing-powers.html?wa_user1=4&wa_user2=Science&wa_user3=article&wa_user4=recommended
  * BASH sockets
    * http://hacktux.com/bash/socket
    * http://terminallinux.org/p/69/
  * Debian Jessie daily builds (June 25th): http://d-i.debian.org/daily-images/amd64/20140625-00:18/netboot/gtk/debian-installer/amd64/
======Other Days======

======July 2nd, 2014======
=====dokuwiki update=====
Seems there was some sort of ACL vulnerability, I manually patched it.

====lib/exe/ajax.php====
<code>
257 //    $NS = $INPUT->post->str('ns');
258     $NS = getNS($image);
</code>

====inc/template.php====
<code>
1430 function tpl_mediaFileDetails($image, $rev) {
1431 //    global $AUTH, $NS, $conf, $DEL, $lang;
1432     /** @var Input $INPUT */
1433     global $conf, $DEL, $lang;
</code>

<code>
1438     if($rev && !file_exists(mediaFN($image, $rev))) $rev = false;
1439 //    if(isset($NS) && getNS($image) != $NS) return;
1440     $ns = getNS($image);                                                             
</code>

<code>
1475     if($opened_tab == 'view') {
1476 //        media_tab_view($image, $NS, $AUTH, $rev);
1477         media_tab_view($image, $ns, null, $rev);
1478 
1479     } elseif($opened_tab == 'edit' && !$removed) {
1480 //        media_tab_edit($image, $NS, $AUTH);
1481         media_tab_edit($image, $ns);
1482 
1483     } elseif($opened_tab == 'history' && $conf['mediarevisions']) {
1484 //        media_tab_history($image, $NS, $AUTH);
1485         media_tab_history($image, $ns);                                              
1486     }
</code>

=====fix vim cursor keys on OpenBSD=====
  * http://vim.wikia.com/wiki/Fix_broken_arrow_key_navigation_in_insert_mode

Essentially:

<code>
:set term=builtin_ansi
</code>

=====apt configuration=====

I wanted a small installation footprint, so I disabled the installation of recommended packages by default.

To do so, create/edit **/etc/apt/apt.conf.d/99_norecommends**, and put in the following:

<code>
APT::Install-Recommends "false";
APT::AutoRemove::RecommendsImportant "false";
APT::AutoRemove::SuggestsImportant "false";
</code>

This can also post-remove previously installed recommended packages. Run **aptitude**' type 'g', type 'g' again, should take care of business.

There are also some options that can be set in **aptitude** proper, via its console gui (options->preferences):

  * Uncheck (was already) "Install recommended packages automatically"
  * Check "Automatically upgrade installed packages"
  * Check "Remove obsolete packages files after downloading new package lists"

Useful URLs:
  * http://askubuntu.com/questions/351085/how-to-remove-recommended-and-suggested-dependencies-of-uninstalled-packages
  * http://askubuntu.com/questions/223811/how-to-apt-get-install-with-only-minimal-components-necessary-for-an-application

======July 9th, 2014======

=====nfs2 disk failure=====
Looks like one of the disks in nfs is generating errors and needs to be replaced.

=====sokraits=====
Getting sokraits up and running as a viable VM server. Some links:

  * http://blog.smartlogicsolutions.com/2009/06/04/mount-options-to-improve-ext4-file-system-performance/
  * http://www.gossamer-threads.com/lists/drbd/users/24675
  * http://www.gossamer-threads.com/lists/drbd/users/25233
  * http://www.drbd.org/users-guide/s-first-time-up.html

======July 14th, 2014======
=====nullmailer=====
Starting my manual deployment of nullmailer on lab46; if successful, this will become the base of a new and updated lair-mail package (targeting jessie).

  * /usr/local is where it is deployed
  * I am using user **mail** as the old debian package did
  * for now I manually launched **nullmailer-send -d** from a shell as user **mail**, we'll see if things happen.

======July 16th, 2014======
=====pam common-auth elimination of successful login "error"=====
An annoyance which has been plaguing me (and apparently many people) for years I've finally resolved, in the **/etc/pam.d/common-auth** file, which now contains the following:

<code>
auth sufficient pam_ldap.so
auth sufficient pam_unix.so nullok_secure try_first_pass
auth required pam_deny.so
</code>

Helpful URL: http://serverfault.com/questions/454625/pam-ldap-so-before-pam-unix-so-is-it-ever-possible

Lots of good updates to apply to the **lair-ldap** package.

======July 18th, 2014======
=====brutes=====
I added country IP ranges to the brutes table on capri, in an attempt to reduce the number of brute force password attacks. China, Russia, Ukraine, Romania, Israel... others as observations identify. I should rig up a means of obtaining updated lists of IP ranges per country as well so as to maintain accuracy.

For now, though, I hope to realize a tangible reduction in SSH brute force attempts. We'll see.

Site with useful info: http://www.ipdeny.com/ipblocks/


^  [[haas/status/status_201406|Previous Month]]  |  ^  [[:haas:status|Current Month]]  |  ^  [[haas/status/status_201408|Next Month]]  |