<html><center></html>STATUS updates<html></center></html>
Some links of interest:
I applied available updates to Lab46, www, irc, and mail– mostly openssl related
Debian 6.0.4 came out today
Someone, several semesters ago, subscribed with a malformed e-mail address to the unix class mailing list. This allowed them to forever receive mail, but never unsubscribe.
I finally looked into the glitch, and resolved the issue.
I had to use a hex editor on /var/lib/mailman/lists/unix/config.pck and replace every occurrence of the malformed address (ekists in the file about 5 times), saved, and the problem was resolved.
This would make for a good class exercise.
It would seem that, for whatever reason, Debian is NOT providing recent netboot files for wheezy/testing. Instead, using the daily snapshot of sid works, provided I hack the mirror's symlink for unstable and point it to wheezy, so the installer “thinks” it is installing sid, only we are plopping the desired wheezy files on there. Yeah.
Today begins my efforts to learn the dvorak keyboard layout.
While another script somewhere else may exist, I found an old script I could modify which nicely takes care of generating the necessary LDIF data for semester class groups and adding me to the individual student groups.
It is located in ~/local/attendance/etc/list/ldif and is called ldif_populate.sh. Script logic is as follows:
#!/bin/bash # # ldif_populate.sh - get the LDIF files created so the universe will work # I am *so* glad I wrote this down in the wiki # # ldapmodify -xWD "cn=admin,dc=lair,dc=bits" -f student.ldif # ldapmodify -xWD "cn=admin,dc=lair,dc=bits" -f unix.ldif # ldapmodify -xWD "cn=admin,dc=lair,dc=bits" -f cprog.ldif # ldapmodify -xWD "cn=admin,dc=lair,dc=bits" -f asm.ldif # ldapmodify -xWD "cn=admin,dc=lair,dc=bits" -f hpc.ldif # ... # SEMESTER=spring2012 cd ~/local/attendance/etc/list rm -f ldif/student.ldif for class in `/bin/ls -1 class.${SEMESTER}.* | cut -d'.' -f3 | sed -e 's/^sys.*/sys/' -e 's/^hpc[012]/hpc/'`; do echo "dn: cn=${class},ou=groups,dc=lair,dc=bits" > ldif/${class}.ldif echo "changetype: modify" >> ldif/${class}.ldif echo "add: memberUid" >> ldif/${class}.ldif for student in `cat class.${SEMESTER}.${class}* | grep '^[^A-Z]*$' | sort | uniq`; do echo "memberUid: $student" >> ldif/${class}.ldif echo "dn: cn=${student},ou=groups,dc=lair,dc=bits" > ldif/student-${student}.ldif echo "changetype: modify" >> ldif/student-${student}.ldif echo "add: memberUid" >> ldif/student-${student}.ldif echo "memberUid: wedge" >> ldif/student-${student}.ldif echo >> ldif/student-${student}.ldif done cat ldif/student-*.ldif > ldif/student.ldif rm -f ldif/student-*.ldif done exit 0
As listed in the comments at the top of the script, to actually add this data into LDAP, we need to run ldapmodify on each of the LDIF files created (we could probably concatenate all of them into a single file and then process that single file).
machine:~/local/attendance/etc/ldif$ ldapmodify -xWD "cn=admin,dc=lair,dc=bits" -f cprog.ldif Enter LDAP Password: modifying entry "cn=cprog,ou=groups,dc=lair,dc=bits" machine:~/local/attendance/etc/ldif$
Hazzah.
I fixed the split brain potential between sokraits and halfadder… took ~4 hours to resynchronize between the two.
auth1 and www has some residual damage… I had to “restore rf vm.dump” from the VM's dumpfile on NFS… so it was a few days out of date… a quick aptitude update; aptitude upgrade fixed the problem.
auth1 had another fit claiming I/O errors and all sorts of nastiness… I restored it from dump file again, it seems to be cooperating more this time.
So, keep an eye on auth1 and www for any linger data corruption issues.
I rebooted EVERYTHING, from the switches to the routers to file servers to VM servers. So we've got a nice fresh start going into the spring semester.
I discovered upon doing some updates this evening that sokraits and halfadder have been existing in their own little worlds for a little while now. This is annoying as they now both contain unique data that hasn't been updated to its peer.
I am going to reboot them tomorrow, and going to go with halfadder's data. This means I need to copy over all the Xen VM disk images to halfadder from sokraits so I do not lose any of the changes.
The VM layout is as follows:
Sokraits: auth1, irc, lab46, mail, www (updates applied to ALL machines)
Halfadder: auth2, db, gnu, lab46db, log (updates applied to ALL machines)
Hoping that the lightweight luakit browser will serve our class needs, I've trimmed down the herd to just 1 VM, gnu, beefed up its memory, and will configure all the pods to just use gnu for this semester. In addition to removing iceweasel and converting the menu to using luakit for web-related resources, I've also removed openoffice, and installed in its place abiword and siag.
Looks like I still have a logic bug in my status page… December's content was still present this month, and the previous month link points to 201101 instead of 201112… guess I'll have to fix it at some point.
The last two days DNS between juicebox and caprisun has been out… I didn't think anything of it until I tried this morning.
I had been seeing messages of:
Jan 15 08:47:49 caprisun named[15731]: zone lair.lan/IN/internal: refresh: non-authoritative answer from master 10.80.1.1#53 (source 0.0.0.0#0)
Reported by caprisun… squirrel had been doing some DNS updates on juicebox to better handle g7n.org, and it looks like in his efforts he unknowingly caused a problem for zone sharing.
Turns out the fix was rather simple… on juicebox, in /var/named/etc/named.conf:
view "internal" { match-clients { 127/8; 10.80/16; 10.81/16; 10.82/16; localnets; localhost; }; recursion yes;
I basically just had to add in “localnets;” and “localhost;” then restart named… problem resolved itself nicely, and lair.lan addresses were once again resolving from the offbyone.lan side of the universe.
Spent 3 hours in the LAIR doing some cleaning and arranging.
I took the opportunity to upgrade LAIRstation 3 to Ubuntu 11.10. Even have it on LDAP and autofs.
I also moved LAIRstations 3 and 4 onto the offbyone.lan subnet to reduce potential problems with autofs and LDAP that were experienced last semester.
I obtained a key from the gaffer district, and we returned the LAIRwall to the LAIR this afternoon.
Also finally moved my big ol' flatscreen TV to the LAIR, to be used as an instructional display at the front of the room.
As we returned the LAIRwall, it was discovered that we had taken delivery of a new batch of machines from B&G…. 10 in total, 1 GX270, 9 GX620s. A nice surprise, and a nice upgrade.
<html><center></html>
<html></center></html>