From bryan@stansell.org Sat Nov 1 05:38:17 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hA1DcH9W026575 for ; Sat, 1 Nov 2003 05:38:17 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hA1DcHF8026574 for users@conserver.com; Sat, 1 Nov 2003 05:38:17 -0800 (PST) Date: Sat, 1 Nov 2003 05:38:17 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031101133817.GC21896@underdog.stansell.org> References: <20031031182329.GA15713@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Subject: access control problem (was Re: conserver-8.0.5 is available) X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Nov 2003 13:38:18 -0000 On Fri, Oct 31, 2003 at 06:14:01PM -0500, Michael Dolan wrote: > Recently upgraded to 8.0.4 (and now 8.0.5) from 7.2.7 and cannot get > acls for host access control to work properly. Configured with > --with-trustrevdns and specifying the domain names in conserver.cf, > but only get error (and refused connections). FQDN and IPaddrs work > fine. The conserver host can reverse lookup the FQDN properly. well, sounds like you're doing the right thing. --with-trustrevdns is necessary for it to work at all. if you run in debug mode and grep out all the messages with AccType, we'd be able to see what it's doing and why it isn't allowing the connection (a bit better). i do realize there's a problem with the logic used, and maybe that's the issue. if you have a 'rejected' acl, that happen to match, after the domain acl, the reject acl will be processed before the domain acl and you'd get rejected. things need to be adjusted so that all acls are processed in order - i goofed and didn't realize the impact when removing the reverse dns trust bits and then adding them back. but, the debug info would tell us what's going on. but From mtdolan@twinight.org Mon Nov 3 15:22:58 2003 Received: from dawn.twinight.org (dawn.twinight.org [65.39.69.132]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hA3NMw9W014398; Mon, 3 Nov 2003 15:22:58 -0800 (PST) Received: by dawn.twinight.org (Postfix, from userid 2016) id C9A2A10CD3; Mon, 3 Nov 2003 18:22:57 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by dawn.twinight.org (Postfix) with SMTP id C0DCBB387; Mon, 3 Nov 2003 18:22:57 -0500 (EST) Date: Mon, 3 Nov 2003 18:22:57 -0500 (EST) From: Michael Dolan To: Bryan Stansell In-Reply-To: <20031101133817.GC21896@underdog.stansell.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: users@conserver.com Subject: Re: access control problem X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Nov 2003 23:22:59 -0000 Bryan, A reverse lookup on the connecting IP shows the FQDN as host.mydomain.com. Here's the debug output (grep'd for AccType)... [Mon Nov 3 17:09:04 2003] conserver (15751): DEBUG: [access.c:147] AccType(): ip=172.16.72.207 [Mon Nov 3 17:09:04 2003] conserver (15751): DEBUG: [access.c:152] AccType(): who=127.0.0.1, tr ust=a [Mon Nov 3 17:09:04 2003] conserver (15751): DEBUG: [access.c:152] AccType(): who=mydomain.com, trust=a [Mon Nov 3 17:09:05 2003] conserver (15751): ERROR: AccType(): gethostbyname(mydomain.com): hos t lookup error [Mon Nov 3 17:09:05 2003] conserver (15751): DEBUG: [access.c:152] AccType(): who=newdomain.com , trust=a [Mon Nov 3 17:09:06 2003] conserver (15751): ERROR: AccType(): gethostbyname(newdomain.com): ho st lookup error For grins, here's the access entry... access * { allowed 127.0.0.1 ; allowed mydomain.com ; allowed newdomain.com ; } Using shortname, fqdn, ipaddress/mask, and exact ip all work. I've also tried the entries all behind one 'allowed'. -dolan On Sat, 1 Nov 2003, Bryan Stansell wrote: > Date: Sat, 1 Nov 2003 05:38:17 -0800 > From: Bryan Stansell > To: users@conserver.com > Subject: access control problem (was Re: conserver-8.0.5 is available) > > On Fri, Oct 31, 2003 at 06:14:01PM -0500, Michael Dolan wrote: > > Recently upgraded to 8.0.4 (and now 8.0.5) from 7.2.7 and cannot get > > acls for host access control to work properly. Configured with > > --with-trustrevdns and specifying the domain names in conserver.cf, > > but only get error (and refused connections). FQDN and IPaddrs work > > fine. The conserver host can reverse lookup the FQDN properly. > > well, sounds like you're doing the right thing. --with-trustrevdns > is necessary for it to work at all. if you run in debug mode and grep > out all the messages with AccType, we'd be able to see what it's doing > and why it isn't allowing the connection (a bit better). > > i do realize there's a problem with the logic used, and maybe that's the > issue. if you have a 'rejected' acl, that happen to match, after the > domain acl, the reject acl will be processed before the domain acl and > you'd get rejected. things need to be adjusted so that all acls are > processed in order - i goofed and didn't realize the impact when > removing the reverse dns trust bits and then adding them back. > > but, the debug info would tell us what's going on. > > but > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From bryan@stansell.org Tue Nov 4 05:50:16 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hA4DoD9W020289 for ; Tue, 4 Nov 2003 05:50:15 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hA4DoDxF020288 for users@conserver.com; Tue, 4 Nov 2003 05:50:13 -0800 (PST) Date: Tue, 4 Nov 2003 05:50:13 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031104135013.GA20177@underdog.stansell.org> References: <20031101133817.GC21896@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Subject: Re: access control problem X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Nov 2003 13:50:16 -0000 On Mon, Nov 03, 2003 at 06:22:57PM -0500, Michael Dolan wrote: > Using shortname, fqdn, ipaddress/mask, and exact ip all work. I've > also tried the entries all behind one 'allowed'. well, i don't see any messages coming from the debug line that's inside the '#if TRUST_REVERSE_DNS' section. you might want to try and do a 'make clean' and then another 'make', in case something didn't get re-compiled (access.c, really). what i'm looking for is a debug line from AccType() mentioning 'name='. another thing we can try is adding this: CONDDEBUG((1, "AccType(): TRD w=%s, t=%c", pACtmp->pcwho, pACtmp->ctrust)); between lines 218 and 219 of access.c (just after the for loop on 218). that will make sure we get a debug statement from that set of code no matter what (assuming it gets compiled in and the access list isn't NULL). if you don't see that or a gethostbyaddr() error, the code isn't getting compiled in. heck, to really make sure it's getting compiled in, add CONDDEBUG((1, "AccType(): WE TRUST REVERSE DNS")); just after the comments at line 210 of access.c. then compile that sucker, run it, and grep out AccType() debug messages. i think i'll add a 'trustrevdns' message in the 'options:' list of the -V output too...just because. anyway, let me know how it goes and what you see. this really should be working with the access list you have. Bryan From mtdolan@twinight.org Tue Nov 4 07:44:59 2003 Received: from dawn.twinight.org (dawn.twinight.org [65.39.69.132]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hA4Fix9W020605; Tue, 4 Nov 2003 07:44:59 -0800 (PST) Received: by dawn.twinight.org (Postfix, from userid 2016) id 1BBB810CCC; Tue, 4 Nov 2003 10:44:59 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by dawn.twinight.org (Postfix) with SMTP id 11FD8B387; Tue, 4 Nov 2003 10:44:59 -0500 (EST) Date: Tue, 4 Nov 2003 10:44:58 -0500 (EST) From: Michael Dolan To: Bryan Stansell In-Reply-To: <20031104135013.GA20177@underdog.stansell.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: users@conserver.com Subject: Re: access control problem X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Nov 2003 15:45:01 -0000 > anyway, let me know how it goes and what you see. this really should be > working with the access list you have. Yeah, that is what I thought too ;) I've added the debug lines, made clean, made and tested... ./conserver -V cons-server:/local/tools/conserver% ./sbin/conserver -V conserver: conserver.com version 8.0.5 conserver: default access type `r' conserver: default escape sequence `^Ec' conserver: default configuration in `/local/tools/conserver/etc/conserver.cf' conserver: default password in `/local/tools/conserver/etc/conserver.passwd' conserver: default logfile is `/var/log/conserver' conserver: default pidfile is `/var/run/conserver.pid' conserver: default limit is 16 members per group conserver: default primary port referenced as `782' conserver: default secondary base port referenced as `0' conserver: options: openssl conserver: openssl version: OpenSSL 0.9.7c 30 Sep 2003 conserver: built with `./configure --prefix=/local/tools/conserver --with-regex --with-port=782 --with-openssl=/export/software/conserver/openssl --with-master=console --with-trustrevdns' And the results performing the same test as before: conserver started as "conserver -dvD" [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:147] AccType(): ip=172.16.72.207 [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:152] AccType(): who=127.0.0.1, trust=a [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [util.c:324] AllocString(): 0x136620 created string #25 [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:121] AddrCmp(): host=95b348cf(95b348cf/ffffffff) acl=7f000001(7f000001/ffffffff) [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:152] AccType(): who=mydomain.com, trust=a [Tue Nov 4 09:38:10 2003] conserver (29275): ERROR: AccType(): gethostbyname(mydomain.com): host lookup error [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:152] AccType(): who=newdomain.com, trust=a [Tue Nov 4 09:38:10 2003] conserver (29275): ERROR: AccType(): gethostbyname(newdomain.com): host lookup error [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:152] AccType(): who=other.newdomain.com, trust=a [Tue Nov 4 09:38:10 2003] conserver (29275): ERROR: AccType(): gethostbyname(other.newdomain.com): host lookup error [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:211] AccType(): WE TRUST REVERSE DNS [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:220] AccType(): TRD w=127.0.0.1, t=a [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:220] AccType(): TRD w=mydomain.com, t=a [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:220] AccType(): TRD w=newdomain.com, t=a [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [access.c:220] AccType(): TRD w=other.newdomain.com, t=a [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [util.c:324] AllocString(): 0x136640 created string #26 [Tue Nov 4 09:38:10 2003] conserver (29275): DEBUG: [util.c:298] DestroyString(): 0x129798 string destroyed (count==25) From George.Lenzer@cpl.org Mon Nov 10 13:38:27 2003 Received: from sxsrv2.clevnet.org (mailsrv.clevnet.org [66.213.13.38]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAALcQ9W025637 for ; Mon, 10 Nov 2003 13:38:27 -0800 (PST) Received: from conversion-daemon.sxsrv2.clevnet.org by sxsrv2.clevnet.org (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)) id <0HO500G01NSXCN@sxsrv2.clevnet.org> (original mail from George.Lenzer@cpl.org) for users@conserver.com; Mon, 10 Nov 2003 16:32:17 -0500 (EST) Received: from NTSRV0.cpl.org ([10.0.3.127]) by sxsrv2.clevnet.org (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)) with ESMTP id <0HO500GXINTT5Q@sxsrv2.clevnet.org> for users@conserver.com; Mon, 10 Nov 2003 16:32:17 -0500 (EST) Date: Mon, 10 Nov 2003 16:38:23 -0500 From: George Lenzer To: users@conserver.com Message-id: <1068500303.30546.52.camel@0000s035.cpl.org> MIME-version: 1.0 X-Mailer: Ximian Evolution 1.4.0 Content-type: text/plain Content-transfer-encoding: 7BIT X-Mailman-Approved-At: Mon, 10 Nov 2003 14:35:24 -0800 Subject: New to Conserver X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Nov 2003 21:38:28 -0000 Hopefully I am posting in the right place. My organization has run into a situation where we are looking for an alternative to the DEC Polycenter product to monitor consoles with our DEC 90Ms. From what I gather, it looks as if Conserver may be the answer. I've downloaded the source code and compiled it (on a Linux x86 box) and successfully ran the 'make test'. I also copied the sample conserver.cf file to /usr/local/etc and edited it to reflect the terminal server we'd like to monitor. However, I am a little confused about how conserver actually gets configured to talk to the DEC 90M. Here is what I have in my conserver.cf file for out terminal server (90aut1 on 10.0.1.250): console 90aut1 { master localhost; type host; host 10.0.1.250; port 1; } I was unsure of what context the 'port' option was meant. Is it the physical port on the 90M, or a TCP port that the 90M should be configured for? Has anyone else had experience using DEC 90Ms? And... if this isn't the right place to ask, where should I ask. Alas, Google searches haven't turned up much that is useful in regard to terminal servers like the 90M. We aren't interested in going to multiple serial ports. Thanks, George From bryan@stansell.org Mon Nov 10 15:44:09 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAANi79W026004 for ; Mon, 10 Nov 2003 15:44:09 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hAANi79t026003 for users@conserver.com; Mon, 10 Nov 2003 15:44:07 -0800 (PST) Date: Mon, 10 Nov 2003 15:44:07 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031110234406.GA25981@underdog.stansell.org> References: <1068500303.30546.52.camel@0000s035.cpl.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1068500303.30546.52.camel@0000s035.cpl.org> User-Agent: Mutt/1.4.1i Subject: Re: New to Conserver X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Nov 2003 23:44:10 -0000 On Mon, Nov 10, 2003 at 04:38:23PM -0500, George Lenzer wrote: > Hopefully I am posting in the right place. My organization has run into yep. > a situation where we are looking for an alternative to the DEC > Polycenter product to monitor consoles with our DEC 90Ms. From what I > gather, it looks as if Conserver may be the answer. I've downloaded the could be...or, should i say, hope so (dunno what Polycenter is, but sounds promising). > console 90aut1 { > master localhost; > type host; > host 10.0.1.250; > port 1; > } > > I was unsure of what context the 'port' option was meant. Is it the > physical port on the 90M, or a TCP port that the 90M should be > configured for? it's the tcp port the 90M should be listening on. the idea is it makes a socket connection to 'host' on tcp/ip port 'port'. so, looks like you're quite close. if you can telnet to 10.0.1.250 on a certain port and talk to the console, you should be able to just point conserver at it and it should work. then you can think about the 'logfile' and 'timestamp' options. ;-) i hope this helped. if there's anything i can do to help more, let me know. and perhaps someone on the list is using a 90M and can send you any useful pointers. Bryan From gregb_ka6max@hotmail.com Tue Nov 11 07:33:56 2003 Received: from hotmail.com (law12-f85.law12.hotmail.com [64.4.19.85]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hABFXu9W005050 for ; Tue, 11 Nov 2003 07:33:56 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 11 Nov 2003 07:33:55 -0800 Received: from 24.165.8.28 by lw12fd.law12.hotmail.msn.com with HTTP; Tue, 11 Nov 2003 15:33:55 GMT X-Originating-IP: [24.165.8.28] X-Originating-Email: [gregb_ka6max@hotmail.com] From: "Greg Brown" To: George.Lenzer@cpl.org, users@conserver.com Date: Tue, 11 Nov 2003 07:33:55 -0800 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 11 Nov 2003 15:33:55.0662 (UTC) FILETIME=[37BC36E0:01C3A869] Cc: Subject: Re: New to Conserver X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2003 15:33:57 -0000 George, >From what I know about 90Ms, the console port being serial port 1 means that status messages about loads and comm problems "print" out port 1. In our setup, we literally have a serial printer connected to port 1 on all 90Ms in the field. The printer zips out a line every time the RouteAbout router is rebooted. It also zips out several lines when the 90M is getting it's boot load from the MOP or tftp server. When I get into work today I will check on the default TCP ports associated with each serial port. That is what Brian was talking about. You have to set the "access" mode of each serial port to "remote" and either know the default TCP port for each serial port, or assign them TCP port numbers. That way, Conserver can attach itself to each serial port that you have defined as a console port for each Vax or Alpha you are monitoring/controlling. Vaxes are very chatty things. They will fill up the hard disk of your Conserver machine very quickly. Although I am using Conserver to monitor Unix machines, I have set aside an entire disk as a /log volume just for Conserver logs. Also, I have a cron job that throws away all files older than 80 days on the /log volume. If someone else does not beat me to it, I should have the information on the remote TCP ports to you in another email this morning. Greg Brown CSC, San Diego >From: George Lenzer >To: users@conserver.com >Subject: New to Conserver >Date: Mon, 10 Nov 2003 16:38:23 -0500 > >Hopefully I am posting in the right place. My organization has run into >a situation where we are looking for an alternative to the DEC >Polycenter product to monitor consoles with our DEC 90Ms. From what I >gather, it looks as if Conserver may be the answer. I've downloaded the >source code and compiled it (on a Linux x86 box) and successfully ran >the 'make test'. I also copied the sample conserver.cf file to >/usr/local/etc and edited it to reflect the terminal server we'd like to >monitor. However, I am a little confused about how conserver actually >gets configured to talk to the DEC 90M. Here is what I have in my >conserver.cf file for out terminal server (90aut1 on 10.0.1.250): > >console 90aut1 { > master localhost; > type host; > host 10.0.1.250; > port 1; >} > >I was unsure of what context the 'port' option was meant. Is it the >physical port on the 90M, or a TCP port that the 90M should be >configured for? > >Has anyone else had experience using DEC 90Ms? And... if this isn't the >right place to ask, where should I ask. Alas, Google searches haven't >turned up much that is useful in regard to terminal servers like the >90M. We aren't interested in going to multiple serial ports. > >Thanks, >George > >_______________________________________________ >users mailing list >users@conserver.com >https://www.conserver.com/mailman/listinfo/users _________________________________________________________________ Concerned that messages may bounce because your Hotmail account is over limit? Get Hotmail Extra Storage! http://join.msn.com/?PAGE=features/es From George.Lenzer@cpl.org Tue Nov 11 08:35:11 2003 Received: from sxsrv2.clevnet.org (mailsrv.clevnet.org [66.213.13.38]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hABGZA9W005247 for ; Tue, 11 Nov 2003 08:35:11 -0800 (PST) Received: from conversion-daemon.sxsrv2.clevnet.org by sxsrv2.clevnet.org (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)) id <0HO700I013MH07@sxsrv2.clevnet.org> (original mail from George.Lenzer@cpl.org) for users@conserver.com; Tue, 11 Nov 2003 11:29:02 -0500 (EST) Received: from NTSRV0.cpl.org ([10.0.3.127]) by sxsrv2.clevnet.org (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)) with ESMTP id <0HO700G664GEE9@sxsrv2.clevnet.org> for users@conserver.com; Tue, 11 Nov 2003 11:29:02 -0500 (EST) Date: Tue, 11 Nov 2003 11:35:09 -0500 From: George Lenzer To: users@conserver.com Message-id: <1068568509.882.5.camel@0000s035.cpl.org> MIME-version: 1.0 X-Mailer: Ximian Evolution 1.4.0 Content-type: text/plain Content-transfer-encoding: 7BIT Subject: conserver.com site down? X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2003 16:35:12 -0000 I tried hitting it from work and from home, but it seems to be down. Anyone else having problems getting to it? From m.d.t.evans@qmul.ac.uk Tue Nov 11 08:49:55 2003 Received: from mail2.qmul.ac.uk (mail2.qmul.ac.uk [138.37.6.6]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hABGns9W005323 for ; Tue, 11 Nov 2003 08:49:55 -0800 (PST) Received: from smtp.qmul.ac.uk ([138.37.6.40]) by mail2.qmul.ac.uk with esmtp (Exim 4.14) id 1AJbiC-00065U-TT for users@conserver.com; Tue, 11 Nov 2003 16:49:52 +0000 Received: from mdte.css.qmul.ac.uk ([138.37.8.140]) by smtp.qmul.ac.uk with asmtp (TLSv1:DES-CBC3-SHA:168) (Exim 3.35 #5) id 1AJbiB-0006aG-00 for users@conserver.com; Tue, 11 Nov 2003 16:49:51 +0000 From: Martin Evans To: users@conserver.com Content-Type: multipart/mixed; boundary="=-0b5c8LLKSmYzFTs9jLkr" Message-Id: <1068569392.5832.54.camel@mdte> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 (1.4.5-7) Date: Tue, 11 Nov 2003 16:49:52 +0000 X-Sender-Host-Address: 138.37.8.140 X-QM-Scan-VirusCheck: clean Subject: fedora-core-1 RPM spec file. X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2003 16:49:56 -0000 --=-0b5c8LLKSmYzFTs9jLkr Content-Type: text/plain Content-Transfer-Encoding: 7bit Hi, To get 8.0.5 to build from the tarball (and generate RPMS) with rpmbuild -ta on fedora-core-1, I needed to change the RPM spec file. If you are interested, then I've attached the modified file. I don't know if this spec file is suitable for other rpm based distros (redhat or otherwise). Kind regards, Martin. -- -- Dr MDT Evans, Computing Services, Queen Mary, University of London --=-0b5c8LLKSmYzFTs9jLkr Content-Disposition: attachment; filename=conserver.spec Content-Type: text/plain; name=conserver.spec; charset=UTF-8 Content-Transfer-Encoding: 7bit # # rpm spec file for conserver, but I don't think it'll work on any # platform that doesn't have red hat rpm >= 4.0.2 installed. # %define pkg conserver %define ver 8.0.5 # define the name of the machine on which the main conserver # daemon will be running if you don't want to use the default # hostname (console) %define master console # what red hat (or other distibution) version are you running? %define distver fc Summary: Serial console server daemon/client Name: %{pkg} Version: %{ver} Release: 1.%{distver} Copyright: distributable Group: System Environment/Daemons URL: http://www.conserver.com/ Source: http://www.conserver.com/%{pkg}-%{ver}.tar.gz BuildRoot: %{_tmppath}/%{pkg}-buildroot Prefix: %{_prefix} %description Conserver is an application that allows multiple users to watch a serial console at the same time. It can log the data, allows users to take write-access of a console (one at a time), and has a variety of bells and whistles to accentuate that basic functionality. %prep %{__rm} -rf %{buildroot} %setup -q %build # we don't want to install the solaris conserver.rc file f="conserver/Makefile.in" %{__mv} $f $f.orig %{__sed} -e 's/^.*conserver\.rc.*$//' < $f.orig > $f %configure --with-master=%{master} make %install %{makeinstall} # put commented copies of the sample configure files in the # system configuration directory %{__mkdir_p} %{buildroot}/%{_sysconfdir} %{__sed} -e 's/^/#/' \ < conserver.cf/conserver.cf \ > %{buildroot}/%{_sysconfdir}/conserver.cf %{__sed} -e 's/^/#/' \ < conserver.cf/conserver.passwd \ > %{buildroot}/%{_sysconfdir}/conserver.passwd # install copy of init script %{__mkdir_p} %{buildroot}/%{_initrddir} %{__cp} contrib/redhat-rpm/conserver.init %{buildroot}/%{_initrddir}/conserver %clean %{__rm} -rf %{buildroot} %post if [ -x %{_initrddir}/conserver ]; then /sbin/chkconfig --add conserver fi # make sure /etc/services has a conserver entry if ! egrep '\' /etc/services > /dev/null 2>&1 ; then echo "console 782/tcp conserver" >> /etc/services fi %preun if [ "$1" = 0 ]; then if [ -x %{_initrddir}/conserver ]; then %{_initrddir}/conserver stop /sbin/chkconfig --del conserver fi fi %files %defattr(-,root,root) %doc CHANGES FAQ INSTALL README conserver.cf %config(noreplace) %{_sysconfdir}/conserver.cf %config(noreplace) %{_sysconfdir}/conserver.passwd %attr(555,root,root) %{_initrddir}/conserver %{prefix}/bin/console %{prefix}/share/man/man1/console.1.gz %{prefix}/share/man/man8/conserver.8.gz %{prefix}/share/man/man5/conserver.cf.5.gz %{prefix}/share/man/man5/conserver.passwd.5.gz %{prefix}/share/examples/conserver/conserver.cf %{prefix}/share/examples/conserver/conserver.passwd %{prefix}/sbin/conserver --=-0b5c8LLKSmYzFTs9jLkr-- From woods@proven.weird.com Tue Nov 11 13:31:08 2003 Received: from proven.weird.com (proven.weird.com [204.92.254.15]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hABLV79W006048 for ; Tue, 11 Nov 2003 13:31:08 -0800 (PST) Received: from localhost (2430 bytes) by proven.weird.com via sendmail with STDIO (sender: ) (ident using UNIX) id for ; (dest:remote)(R=bind_hosts)(T=inet_zone_bind_smtp) Tue, 11 Nov 2003 16:31:07 -0500 (EST) (Smail-3.2.0.116-Pre 2003-Jun-18 #14 built 2003-Oct-15) Message-Id: Date: Tue, 11 Nov 2003 16:31:07 -0500 (EST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Face: ; j3Eth2XV8h1Yfu*uL{<:dQ$#E[DB0gemGZJ"J#4fH*][ lz; @-iwMv_u\6uIEKR0KY"=MzoQH#CrqBN`nG_5B@rrM8,f~Gr&h5a\= To: users@conserver.com (ConServer Users Mailing List) In-Reply-To: <20031110234406.GA25981@underdog.stansell.org> References: <1068500303.30546.52.camel@0000s035.cpl.org> <20031110234406.GA25981@underdog.stansell.org> X-Mailer: VM 7.07 under Emacs 21.3.1 Organization: Planix, Inc.; Toronto, Ontario; Canada Subject: Re: New to Conserver X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list Reply-To: ConServer Users Mailing List List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2003 21:31:09 -0000 [ On Monday, November 10, 2003 at 15:44:07 (-0800), Bryan Stansell wrote: ] > Subject: Re: New to Conserver > > it's the tcp port the 90M should be listening on. the idea is it makes > a socket connection to 'host' on tcp/ip port 'port'. so, looks like > you're quite close. if you can telnet to 10.0.1.250 on a certain port > and talk to the console, you should be able to just point conserver at > it and it should work. then you can think about the 'logfile' and > 'timestamp' options. ;-) The DECserver 90M is much the same as the 32-port DECserver 900TM and the 8-port 90TL units that I have (and also similar to the 90L+). The 90M is nice in that it also has a 10baseT RJ45 on the front for its network connection and as well it has FlashRAM to boot from. The 90TL has no FlashRAM and only the 10baseT BNC connector (though luckily I have a DEChub 900 backplane :-) I'd love to have a 90M, in a multistack chassis or with a little DEChub-90, for my office! ;-) They run DECserver NAS and its telnet listeners are on ports 2001 and up. They require a port access password ("access" by default) to connect and thus the "chat" patches I submitted. Port#1 is usually the console of the terminal server itself (to which you would normally attach an RS-232 terminal for direct access) and so when you "telnet decserver 2001" and enter the port access password you will connect to Port#2. -- Greg A. Woods +1 416 218-0098 VE3TCP RoboHack Planix, Inc. Secrets of the Weird From bryan@stansell.org Tue Nov 11 17:14:32 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAC1EW9W006823 for ; Tue, 11 Nov 2003 17:14:32 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hAC1EWIa006822 for users@conserver.com; Tue, 11 Nov 2003 17:14:32 -0800 (PST) Date: Tue, 11 Nov 2003 17:14:32 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031112011432.GC6635@underdog.stansell.org> References: <1068568509.882.5.camel@0000s035.cpl.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1068568509.882.5.camel@0000s035.cpl.org> User-Agent: Mutt/1.4.1i Subject: Re: conserver.com site down? X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Nov 2003 01:14:33 -0000 On Tue, Nov 11, 2003 at 11:35:09AM -0500, George Lenzer wrote: > I tried hitting it from work and from home, but it seems to be down. > Anyone else having problems getting to it? the webserver had issues rolling it's logs, and i didn't have anything watching to make sure it was up. now there is...so, if it does happen to go down, it should be back up within 10 minutes. Bryan From selsky@columbia.edu Wed Nov 12 15:59:45 2003 Received: from lisbon.cc.columbia.edu (lisbon.cc.columbia.edu [128.59.39.12]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hACNxe9W015837 for ; Wed, 12 Nov 2003 15:59:43 -0800 (PST) Received: from lisbon.cc.columbia.edu (localhost [127.0.0.1]) by lisbon.cc.columbia.edu (8.12.10/8.12.10) with ESMTP id hACNxdMk017754 for ; Wed, 12 Nov 2003 18:59:39 -0500 (EST) Received: (from selsky@localhost) by lisbon.cc.columbia.edu (8.12.10/8.12.8/Submit) id hACNxaFt017753 for users@conserver.com; Wed, 12 Nov 2003 18:59:36 -0500 (EST) Date: Wed, 12 Nov 2003 18:59:36 -0500 From: Matt Selsky To: users@conserver.com Message-ID: <20031112235936.GA17498@columbia.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: console rw access control X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Nov 2003 23:59:47 -0000 I'm migrating from consever 7.2.x to 8.0.x and I'm having some trouble figuring out the configuration syntax for the access control that I was doing before. My 7.2.x conserver.passwd file looked like this: abc123:*passwd*:aleph *any*::any So abc123 only gets access to "aleph" and everyone else gets access to all consoles. My configuration for 8.0.x looks like this: default * { logfile /var/log/consoles/&; master localhost; type host; timestamp 1la; rw *; } console aleph { host terminalserver; port 2001; } console alfalfa { host terminalserver; port 2002; } console almond { host terminalserver; port 2003; } access * { trusted localhost; } Is there a way to negate "rw", so abc123 is denied access for all consoles except aleph? Thanks. From cfowler@outpostsentinel.com Thu Nov 13 06:17:46 2003 Received: from outpostsentinel.com (66-23-198-138.clients.speedfactory.net [66.23.198.138]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hADEHj9W022729 for ; Thu, 13 Nov 2003 06:17:46 -0800 (PST) Received: (from cfowler@localhost) by outpostsentinel.com (8.11.6/8.11.6) id hADEHhY23737 for users@conserver.com; Thu, 13 Nov 2003 09:17:43 -0500 Date: Thu, 13 Nov 2003 09:17:43 -0500 From: Christopher Fowler To: users@conserver.com Message-ID: <20031113141743.GC23582@moses.outpostsentinel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Subject: Cisco 3500-XL X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 14:17:48 -0000 I've connected a few Cisco 3500 XL devices and have noticed that pins 2 and 7 on that device are not being used. Typically those pins are DTR and DSR. Some cisco devices come with these pins enabled and some disabled. Is there a logic behind why some have them and some don't? Thanks, Chris From bryan@stansell.org Thu Nov 13 11:26:53 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hADJQqBv000388 for ; Thu, 13 Nov 2003 11:26:53 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hADJQqvN000387 for users@conserver.com; Thu, 13 Nov 2003 11:26:52 -0800 (PST) Date: Thu, 13 Nov 2003 11:26:52 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031113192652.GA368@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: conserver.com website down for maintenance X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 19:26:54 -0000 for a while, you can still connect to the ftp server. i'm planning on doing some major work on the entire system over the next 24 hours, so things will be sporadic at best. the mirror of the website can be found at http://planetmirror.com/pub/conserver/. sorry for any inconvenience and the short notice. Bryan From bryan@stansell.org Thu Nov 13 15:14:34 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hADNEYBv010964 for ; Thu, 13 Nov 2003 15:14:34 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hADNEYXB010963 for users@conserver.com; Thu, 13 Nov 2003 15:14:34 -0800 (PST) Date: Thu, 13 Nov 2003 15:14:34 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031113231434.GC10868@underdog.stansell.org> References: <20031112235936.GA17498@columbia.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031112235936.GA17498@columbia.edu> User-Agent: Mutt/1.4.1i Subject: Re: console rw access control X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 23:14:36 -0000 On Wed, Nov 12, 2003 at 06:59:36PM -0500, Matt Selsky wrote: > So abc123 only gets access to "aleph" and everyone else gets access to > all consoles. hmmm. yeah, that's a problem. such a simple case, and i didn't think about it. gack. i'm not sure what to tell you right now. to get it to work right, you'd have to list all your conserver users and build groups. ugly. the second option is to wait a bit and let me fix it. i should be able to a a "not" feature. so, you'd be able to use 'rw *;' in the default items and then use 'rw !abc123;' in the specific console (building an effective 'rw * !abc123;' option). anyway, it shouldn't be too bad to implement this, looks like, so i can send you patches when i get them, if you like. Bryan From selsky@columbia.edu Thu Nov 13 15:38:35 2003 Received: from lisbon.cc.columbia.edu (lisbon.cc.columbia.edu [128.59.39.12]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hADNcYBv011217; Thu, 13 Nov 2003 15:38:35 -0800 (PST) Received: from lisbon.cc.columbia.edu (localhost [127.0.0.1]) by lisbon.cc.columbia.edu (8.12.10/8.12.10) with ESMTP id hADNcXMk002184; Thu, 13 Nov 2003 18:38:33 -0500 (EST) Received: (from selsky@localhost) by lisbon.cc.columbia.edu (8.12.10/8.12.8/Submit) id hADNcW1i002183; Thu, 13 Nov 2003 18:38:32 -0500 (EST) Date: Thu, 13 Nov 2003 18:38:32 -0500 From: Matt Selsky To: Bryan Stansell Message-ID: <20031113233832.GB2143@columbia.edu> References: <20031112235936.GA17498@columbia.edu> <20031113231434.GC10868@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031113231434.GC10868@underdog.stansell.org> User-Agent: Mutt/1.4.1i Cc: users@conserver.com Subject: Re: console rw access control X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 23:38:36 -0000 > hmmm. yeah, that's a problem. such a simple case, and i didn't think > about it. gack. i'm not sure what to tell you right now. to get it to > work right, you'd have to list all your conserver users and build > groups. ugly. the second option is to wait a bit and let me fix it. i > should be able to a a "not" feature. so, you'd be able to use 'rw *;' > in the default items and then use 'rw !abc123;' in the specific console > (building an effective 'rw * !abc123;' option). anyway, it shouldn't be > too bad to implement this, looks like, so i can send you patches when i > get them, if you like. That would be great. Thanks again. From bryan@stansell.org Sun Nov 16 11:55:30 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAGJtUnh020975; Sun, 16 Nov 2003 11:55:30 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hAGJtUBS020974; Sun, 16 Nov 2003 11:55:30 -0800 (PST) Date: Sun, 16 Nov 2003 11:55:29 -0800 From: Bryan Stansell To: users@conserver.com, announce@conserver.com Message-ID: <20031116195529.GA20936@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Cc: Subject: conserver-8.0.6 is available X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Nov 2003 19:55:32 -0000 Anyone running 8.0.0 through 8.0.5 should really consider upgrading to 8.0.6. The reason? NULL characters in console data will cause data loss. Unfortunate, but true. The good thing is it doesn't happen very often. The really cool thing in this release is the calculation of port numbers. This way, you can specify the formula a terminal server or serial card uses to access the various ports and then use those physical port numberings (1 through n) in console definitions...and conserver will do the math of what socket to access or what device to open. The 'portbase', 'portinc', 'devicesubst' and 'execsubst' are the various items that play a role. I've given some examples (for terminal servers) in conserver.cf/conserver.cf. There are many other things added and improved. The manpages will give a little bit more detail on the specifics. Here's the complete list of changes: version 8.0.6 (Nov 16, 2003): - code was missing regarding the 'setproctitle' option - patch by Dmitry Morozovsky - fixed the order of access list checking when --with-trustrevdns is used - fixed various spelling errors - patches by Matt Selsky - added console 'idletimeout' and 'idlestring' options to trigger the sending of 'idlestring' after a lack of activity for 'idletimeout' seconds - suggested by Ian Potts - added console 'portbase' and 'portinc' options to allow specifying a formula for referencing ports - inspired by Todd Stansell - fixed problem where console 'port' option didn't take port names (manpage said it did) - added server -U option and configuration option 'unifiedlog' to allow a copy of all console activity to go to a single file - removed all sprintf() calls - added 'devicesubst' and 'execsubst' console options for doing replacements with calculated port numbers on the 'device' and 'exec' values - NULL characters in console data caused data loss because of strlen() usage - reported by Toby Gerhart - fixed a couple errors in contrib/redhat-rpm/conserver.spec - reported by Martin Evans - added capability to use '!' in user access lists to prevent a user from having access - suggested by Matt Selsky Bryan Stansell From kurt@linux.raschke.net Mon Nov 17 04:09:49 2003 Received: from mail.raschke.net (dsl093-055-229.blt1.dsl.speakeasy.net [66.93.55.229]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAHC9nnh027219 for ; Mon, 17 Nov 2003 04:09:49 -0800 (PST) Received: from linux.raschke.net (linux.raschke.net [192.168.0.3]) by mail.raschke.net (Postfix) with ESMTP id D12C75C067 for ; Mon, 17 Nov 2003 07:09:48 -0500 (EST) Received: by linux.raschke.net (Postfix, from userid 500) id 7BFC0580BF; Mon, 17 Nov 2003 07:09:48 -0500 (EST) Date: Mon, 17 Nov 2003 07:09:48 -0500 From: Kurt Raschke To: users@conserver.com Message-ID: <20031117120948.GA13666@raschke.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Subject: Trouble compiling conserver 8.0.6 on OpenBSD 3.4 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list Reply-To: kurt@raschke.net List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Nov 2003 12:09:50 -0000 I'm trying to compile conserver 8.0.6 on OpenBSD 3.4, and the build fails with the following errors: access.c: In function `AddrCmp': access.c:88: warning: passing arg 2 of `inet_aton' from incompatible pointer type *** Error code 1 Stop in /home/kurt/conserver-8.0.6/conserver. *** Error code 1 Stop in /home/kurt/conserver-8.0.6 (line 20 of Makefile). Additionally, the following warning is output by ./configure: configure: WARNING: sys/proc.h: present but cannot be compiled configure: WARNING: sys/proc.h: check for missing prerequisite headers? configure: WARNING: sys/proc.h: proceeding with the preprocessor's result configure: WARNING: ## ------------------------------------ ## configure: WARNING: ## Report this to bug-autoconf@gnu.org. ## configure: WARNING: ## ------------------------------------ ## Any suggestions as to how I can get it to compile? Incidentally, 7.2.7 compiles and runs fine, but I'd rather run 8.0.6. -Kurt From bryan@stansell.org Tue Nov 18 13:07:16 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAIL7Gnh006887 for ; Tue, 18 Nov 2003 13:07:16 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hAIL7GZD006886 for users@conserver.com; Tue, 18 Nov 2003 13:07:16 -0800 (PST) Date: Tue, 18 Nov 2003 13:07:16 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031118210716.GA6552@underdog.stansell.org> References: <20031117120948.GA13666@raschke.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031117120948.GA13666@raschke.net> User-Agent: Mutt/1.4.1i Subject: Re: Trouble compiling conserver 8.0.6 on OpenBSD 3.4 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Nov 2003 21:07:18 -0000 On Mon, Nov 17, 2003 at 07:09:48AM -0500, Kurt Raschke wrote: > I'm trying to compile conserver 8.0.6 on OpenBSD 3.4, and the build > fails with the following errors: > Additionally, the following warning is output by ./configure: hmmm...well, hopefully the compile issue was caused by the configure warning. could you send me the config.log file? or look at it and see why sys/proc.h failed to check out. it probably needs another header (from things i found on the net), but i'm not sure what it's complaining about without looking into config.log. hopefully fixing that will fix everything, but if not, we'll have to dig further. Bryan From bryan@stansell.org Thu Nov 20 06:56:45 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAKEuinh006609; Thu, 20 Nov 2003 06:56:44 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hAKEui38006608; Thu, 20 Nov 2003 06:56:44 -0800 (PST) Date: Thu, 20 Nov 2003 06:56:44 -0800 From: Bryan Stansell To: announce@conserver.com, users@conserver.com Message-ID: <20031120145644.GB20791@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Cc: Subject: conserver-8.0.7 is available X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.2 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Nov 2003 14:56:46 -0000 There have been a couple of compilation issues (with cygwin and OpenBSD 3.4) which have been fixed. Some of the OpenBSD fixes could benefit other platforms as well, so I'm releasing 8.0.7. If you haven't had problems building 8.0.6, you don't need to upgrade to 8.0.7. There isn't any functional difference between 8.0.6 and 8.0.7. version 8.0.7 (Nov 20, 2003): - renamed util.[ch] to cutil.[ch] to prevent name conflict with system util.h, reordered some #includes, and fixed a configure test for sys/proc.h to build on OpenBSD 3.4 (and probably others) - reported by Kurt Raschke - fixed missing semi-colon for cygwin build - reported by Raymond Richmond Bryan Stansell From lepera@us.ibm.com Mon Nov 24 08:50:10 2003 Received: from e4.ny.us.ibm.com (e4.ny.us.ibm.com [32.97.182.104]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAOGo9Ab022494 for ; Mon, 24 Nov 2003 08:50:10 -0800 (PST) Received: from northrelay02.pok.ibm.com (northrelay02.pok.ibm.com [9.56.224.150]) by e4.ny.us.ibm.com (8.12.10/8.12.2) with ESMTP id hAOGo8h3530744 for ; Mon, 24 Nov 2003 11:50:08 -0500 Received: from d01ml251.pok.ibm.com (d01av02.pok.ibm.com [9.56.224.216]) by northrelay02.pok.ibm.com (8.12.9/NCO/VER6.6) with ESMTP id hAOGo4kM170300 for ; Mon, 24 Nov 2003 11:50:07 -0500 To: users@conserver.com X-Mailer: Lotus Notes Release 5.0.11 July 24, 2002 Message-ID: From: William P LePera Date: Mon, 24 Nov 2003 11:50:02 -0500 X-MIMETrack: Serialize by Router on D01ML251/01/M/IBM(Release 6.0.2CF2HF133 | November 14, 2003) at 11/24/2003 11:50:08 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Subject: Conserver logfiles X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.3 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Nov 2003 16:50:11 -0000 Hello, Can anyone tell me if conserver 7.2.x or 8.0 supports logfile wrapping, for the daemon and console log files? It looks like the files will continue to grow until cleaned manually or no more disk is available. Thanks, Bill LePera, AIX/Linux Hardware Control IBM Server Group Poughkeepsie, NY From selsky@columbia.edu Mon Nov 24 19:13:49 2003 Received: from hazelnut.cc.columbia.edu (hazelnut.cc.columbia.edu [128.59.59.162]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAP3DmAb024294 for ; Mon, 24 Nov 2003 19:13:49 -0800 (PST) Received: from hazelnut.cc.columbia.edu (localhost [127.0.0.1]) by hazelnut.cc.columbia.edu (8.12.10/8.12.10) with ESMTP id hAP3Dlom013233 for ; Mon, 24 Nov 2003 22:13:47 -0500 (EST) Received: (from selsky@localhost) by hazelnut.cc.columbia.edu (8.12.10/8.12.8/Submit) id hAP3DhZe013232 for users@conserver.com; Mon, 24 Nov 2003 22:13:43 -0500 (EST) Date: Mon, 24 Nov 2003 22:13:42 -0500 From: Matt Selsky To: users@conserver.com Message-ID: <20031125031342.GA11909@columbia.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: console -A and console down X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.3 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Nov 2003 03:13:50 -0000 I have a console that suddenly decided to go into the down state. The log the for console looks like this: [Mon Nov 24 11:30:00 2003] Mon Nov 24 11:30:00 EST 2003 [Mon Nov 24 11:30:00 2003]^M [Mon Nov 24 11:45:00 2003] Mon Nov 24 11:45:00 EST 2003 [Mon Nov 24 11:45:00 2003]^M Mon Nov 24 12:00:01 EST 2003 [Mon Nov 24 12:00:01 2003]^M [-- Console down -- Mon Nov 24 12:11:00 2003] [-- Console up -- Mon Nov 24 12:11:22 2003] [Mon Nov 24 12:11:23 2003]Password OK [-- Console down -- Mon Nov 24 12:12:18 2003] [-- Console up -- Mon Nov 24 12:12:30 2003] [Mon Nov 24 12:12:30 2003]Password OK [-- Console down -- Mon Nov 24 12:14:04 2003] [-- Console up -- Mon Nov 24 12:14:13 2003] [Mon Nov 24 12:14:14 2003]Password OK [Mon Nov 24 12:15:00 2003] Mon Nov 24 12:15:00 EST 2003 [Mon Nov 24 12:15:00 2003]^M [-- Console down -- Mon Nov 24 12:25:44 2003] [-- Console up -- Mon Nov 24 12:25:44 2003] [Mon Nov 24 12:25:45 2003]Password OK [-- Console down -- Mon Nov 24 14:25:44 2003] [-- Console up -- Mon Nov 24 14:25:45 2003] [-- Console down -- Mon Nov 24 14:25:45 2003] [-- Console up -- Mon Nov 24 14:37:16 2003] [-- Console down -- Mon Nov 24 14:37:17 2003] Each machine prints the time to the console every 15 minutes to confirm that the console is working. We are using Cisco 3620 terminal servers. Any idea why the console would suddenly go down like that? When I try to connect to the console: $ console -A foo [Enter `^Ec?' for help] [line to console is down] [replay] [no log file on this console] But there is a log file for this console. /var/log/consoles/foo exists and has data in it. The conserver.cf entry looks like this: console foo { host bar; port 2020; logfile /var/log/consoles/&; master localhost; type host; timestamp 1la; } From bryan@stansell.org Thu Nov 27 19:07:34 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAS37Y4F001178 for ; Thu, 27 Nov 2003 19:07:34 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hAS37XUJ001177 for users@conserver.com; Thu, 27 Nov 2003 19:07:33 -0800 (PST) Date: Thu, 27 Nov 2003 19:07:33 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031128030733.GL517@underdog.stansell.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Subject: Re: Conserver logfiles X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.3 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Nov 2003 03:07:35 -0000 yep, all versions just grow. i usually set things up so that files are moved to a subdirectory then conserver is sent a SIGUSR2 (if 7.2.5 or above, otherwise a SIGHUP). if anyone has a good methodology for trimming/rolling/size-restricting logfiles automatically, i'd love to hear about it. the key is it needs to be able to do things VERY quicky (as the server shouldn't really block waiting for a 500MB file get copied, compressed, or whatever) and a certain amount of data, ideally, would be retained so a reply could happen (if things roll automatically it could be quite intrusive at a major downtime, for example). so, those are the kinds of things i worry about. when it's controlled externally, folks can schedule things appropriately and just opening a bunch of files is (usually) very quick. but, like i said, ideas would be cool! Bryan On Mon, Nov 24, 2003 at 11:50:02AM -0500, William P LePera wrote: > Can anyone tell me if conserver 7.2.x or 8.0 supports logfile > wrapping, for the daemon and console log files? It looks like the > files will continue to grow until cleaned manually or no more disk is > available. From bryan@stansell.org Thu Nov 27 19:23:51 2003 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hAS3No4F001289 for ; Thu, 27 Nov 2003 19:23:50 -0800 (PST) Received: (from bryan@localhost) by underdog.stansell.org (8.12.10/8.12.10/Submit) id hAS3NorG001288 for users@conserver.com; Thu, 27 Nov 2003 19:23:50 -0800 (PST) Date: Thu, 27 Nov 2003 19:23:50 -0800 From: Bryan Stansell To: users@conserver.com Message-ID: <20031128032350.GM517@underdog.stansell.org> References: <20031125031342.GA11909@columbia.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031125031342.GA11909@columbia.edu> User-Agent: Mutt/1.4.1i Subject: Re: console -A and console down X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.3 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Nov 2003 03:23:52 -0000 On Mon, Nov 24, 2003 at 10:13:42PM -0500, Matt Selsky wrote: > Each machine prints the time to the console every 15 minutes to > confirm that the console is working. We are using Cisco 3620 terminal > servers. Any idea why the console would suddenly go down like that? are there any messages in the conserver logfile (either stdout/stderr or -L/'logfile' option)? that would be the only place there might be a clue, unless the cisco is logging something on it's console. i'd check both. > When I try to connect to the console: > > $ console -A foo > [Enter `^Ec?' for help] > [line to console is down] > [replay] > [no log file on this console] > > But there is a log file for this console. /var/log/consoles/foo exists > and has data in it. yeah, the logfile isn't accessible unless the console is up. now that you've pointed it out, that really seems wrong. personally, i think it would be useful to replay the logfile if the console is down...might help explain why it went down, or let you fix problems. i'll see if i can "fix" this. i don't *think* there's a problem (inside the code) with having the logfile open even though the console is down. there should be only a few things to adjust (i think!) to use that philosophy. Bryan From arlt@cpsc.ucalgary.ca Fri Nov 28 09:21:08 2003 Received: from fsc.cpsc.ucalgary.ca (fsc.cpsc.ucalgary.ca [136.159.2.3]) by underdog.stansell.org (8.12.10/8.12.10) with ESMTP id hASHL74F007302 for ; Fri, 28 Nov 2003 09:21:08 -0800 (PST) Received: from imgw1.cpsc.ucalgary.ca (ons-imgw1 [192.168.1.66]) by fsc.cpsc.ucalgary.ca (8.12.10/8.12.10) with ESMTP id hASHHPew015574 for ; Fri, 28 Nov 2003 10:17:25 -0700 Received: from ms257a.cpsc.ucalgary.ca (ms257a [136.159.4.248]) by imgw1.cpsc.ucalgary.ca (8.12.10/8.12.10) with ESMTP id hASHHNxY010068 for ; Fri, 28 Nov 2003 10:17:23 -0700 Received: (from arlt@localhost) by ms257a.cpsc.ucalgary.ca (8.12.6/8.12.6/Submit) id hASHHNOD015945 for users@conserver.com; Fri, 28 Nov 2003 10:17:23 -0700 (MST) Date: Fri, 28 Nov 2003 10:17:23 -0700 From: Brad Arlt To: users@conserver.com Message-ID: <20031128171723.GA15839@ms257a.cpsc.ucalgary.ca> References: <20031128030733.GL517@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031128030733.GL517@underdog.stansell.org> User-Agent: Mutt/1.4.1i X-Virus-Scanned: by amavis-milter (http://amavis.org/) X-Spam-Status: No, hits=3.3 required=6.8 X-Spam-Level: *** Subject: Re: Conserver logfiles X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.3 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Nov 2003 17:21:09 -0000 On Thu, Nov 27, 2003 at 07:07:33PM -0800, Bryan Stansell wrote: > yep, all versions just grow. i usually set things up so that files are > moved to a subdirectory then conserver is sent a SIGUSR2 (if 7.2.5 or > above, otherwise a SIGHUP). if anyone has a good methodology for > trimming/rolling/size-restricting logfiles automatically, i'd love to This is the way log rolling should happen within a server. A couple of log rolling scripts in the contrib/ directory should be used to take care of the rest :) > so, those are the kinds of things i worry about. when it's controlled > externally, folks can schedule things appropriately and just opening a > bunch of files is (usually) very quick. A program with similar restrictions as conserver, syslog-ng, tries to address the needs of some folks who would like to not roll files. Syslog-ng can use template filenames, one option in the template is portions of the date and time. Thus a LogfileTemplate=/var/log/conserv/$YEAR/$MONTH/$DAY/$HOST is possible. It doesn't eliminate partions of rolling - removing old data and compressing - but it does keep files smaller automatically. To handle some blocking issues syslog-ng uses buffers and threads with blocking I/O or asyncronous I/O. Thus I/O calls that take time can be used *and* you don't loose any data. Yes, buffers can overflow, but then you are accepting data faster than you can write to disk so you would have lost data anyway, its just a matter of which portion of the data. http://www.balabit.hu/ Samba has a log filesize limit you can set, if the log file exceeds this size (perhaps just on start or when SIGHUP is received) the log file is moved to .old and a new logfile is created. The logic is fuzzy, so the limit isn't a hard size, its more of a suggestion of a limit that gets rolled when it makes sense to do so (so not half way through a log message). Apache gives you the ability to log to named pipes allowing for a dedicated logging program to go nuts with compressing on the fly and rolling at size, or line, or time limits. ----------------------------------------------------------------------- __o Bradley Arlt Security Team Lead _ \<_ arlt@cpsc.ucalgary.ca University Of Calgary (_)/(_) Joyously Canadian Computer Science