Linux Gazette... making Linux just a little more fun! Copyright © 1996-98 Specialized Systems Consultants, Inc. _________________________________________________________________ Welcome to Linux Gazette! (tm) _________________________________________________________________ Published by: Linux Journal _________________________________________________________________ Sponsored by: InfoMagic S.u.S.E. Red Hat LinuxMall Linux Resources cyclades stalker LinuxToday Our sponsors make financial contributions toward the costs of publishing Linux Gazette. If you would like to become a sponsor of LG, e-mail us at sponsor@ssc.com. Linux Gazette is a non-commercial, freely available publication and will remain that way. Show your support by using the products of our sponsors and publisher. _________________________________________________________________ Table of Contents February 1999 Issue #37 _________________________________________________________________ * The Front Page * The MailBag + Help Wanted + General Mail * More 2 Cent Tips * News Bytes + News in General + Software Announcements * The Answer Guy, by James T. Dennis * Creating A Linux Certification Program, Part 4, by Day York * Dispelling the Kernel Compiling Myth, by Jean Francois Martinez * Free Philosophy, Part I, by J. W. Pennington * Graphics Muse, by Michael J. Hammel * ispell: Spelling Checker, by Marjorie Richardson * Linux Assists in the Windows NT Installation Process, by Gilbert Ramirez * Linux Installation Primer, Part 6, by Ron Jenkins * Linux: The Software Gold Rush, by Alolita Sharma and Bob Adkins * New Release Reviews, by Larry Ayers + Comparison of BeOS-r4 and Linux * An Ode to Richard Stallman, by Stephen Adler * A True Satire , by Walt Stoneburner * Using Modules with Linux, by John Holmwood * The Wonderful World of Linux 2.2, by Joseph Pranevich * The Back Page + About This Month's Authors + Not Linux The Answer Guy _________________________________________________________________ TWDT 1 (text) TWDT 2 (HTML) are files containing the entire issue: one in text format, one in HTML. They are provided strictly as a way to save the contents as one file for later printing in the format of your choice; there is no guarantee of working links in the HTML version. _________________________________________________________________ Got any great ideas for improvements? Send your comments, criticisms, suggestions and ideas. _________________________________________________________________ This page written and maintained by the Editor of Linux Gazette, gazette@ssc.com _________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" _________________________________________________________________ The Mailbag! Write the Gazette at gazette@ssc.com Contents: * Help Wanted -- Article Ideas * General Mail _________________________________________________________________ Help Wanted -- Article Ideas _________________________________________________________________ Date: Wed, 6 Jan 1999 16:59:49 +0100 From: "W.N. Beukers", beukers@ampcometal.nl Subject: Set up Linux as server I am planning to buy a Linux version to use for a server i am setting up. The main things I want to have Linux do is ask as a proxy, a mail and a fax server. Linux will be running on a PC together with windows 95 and handles all the outgoing faxes, all e-mail communications (internal and external). Also these users have to have the possibility to to on the Internet by means of the proxy server. Last wish I have is a graphical interface to work with as I am a novice but I still want to set up this system and maintain it. What Unix version is the best, easiest (red hat, Susie, or Debian) Can you tell what I need as a basis and what additional packages I need so that I can order it. -- Wilko Beukers _________________________________________________________________ Date: Wed, 6 Jan 1999 11:17:18 -0500 From: DJ FALCIONE, falcione@bettis.gov Subject: Idea for an article I have an idea for an article. How about a primer on how to set up one's sound card to do true MIDI? I have an Ensoniq AudioPCI card and have been successful in getting it to play WAV files via the audio out port and also simulated MIDI using TIMIDITY. But I can't figure out how to get TRUE MIDI rendering like I get with the same card in Windows 95. Is this a driver issue? Thanks, -- Dean Falcione (Check out Linux Journal issue58. It has an article on Csound that discusses MIDI issues. It's on-line too at http://www.linuxjournal.com/issue58/3187.html. --Editor) _________________________________________________________________ Date: Tue, 05 Jan 1999 22:42:11 -0600 From: Romulo Rodriguez, romulorc@earthlink.net Subject: Celeron I would like to know whether Linux will have any problems with the Intel Celeron Processor. Thanks, -- R Rodriguez _________________________________________________________________ Date: Wed, 6 Jan 1999 10:33:39 -0600 From: "MARK -The Great- ZOLTON", mcz@wheat.ksu.edu Subject: Advanced Linux/Java Concepts At my university, most new programming courses are taught in Java. Because of that, I have become quite apt in programming for such an environment. However, when the time comes that I have a great idea for and application for Linux, I feel somewhat bad about programming it in Java as it is not native to the system. I feel particularly left out when it comes to gathering information from the system. For instance, I am currently working on a set of Zip disk management tools and I have begun coding the core of the application in Java. Since Java is the only language where I have any real experience programming a GUI, I plan on using the Swing widget set to make a slick GUI. Anyway, to manipulate the Zip disks, I make several calls to basic system functions like umount, mount, eject. While this is fine for simply manipulating the disk, I would also like to gather information about the disk... such as, is there a disk in the drive, is it already mounted, etc... Can you see where I'm going. Although Java can do quite a bit, Its platform independence seems to limit it. I would like to know if there is a Java package designed for use with Linux that can provide me information about the system. Or, if that does not exist, does anyone know of a simple, effective method of gathering information from the system? Maybe parsing output from other Linux utilities?? Thanks -- Mark _________________________________________________________________ Date: Wed, 6 Jan 1999 11:30:12 -0600 From: "MARK -The Great- ZOLTON", mcz@wheat.ksu.edu Subject: Getting started with programming for Linux Although I am a somewhat experienced programmer, I find myself wanting to know more about programming for Linux. I have a little C under my belt as well as C++ and a lot of Java (from university classes) and I'm just learning Perl. I am very interested in programming for Linux (specifically X), but I don't know where to start. I don't know enough C to begin fiddling around with other people's source, so I'd like a general introduction to programming for Linux (how to interact with the system, how to program a GUI using GTK, QT, etc..., and how to write Window Maker docklets). However, seeing as how I have only a little knowledge of C, if there is an introduction which provides said things along with intermediate C programming, that would be the best. Does something like this exist and would the O'Reilly X books be of any use at this stage in my development? Thanks again, -- Mark _________________________________________________________________ Date: Thu, 07 Jan 1999 01:01:58 -0600b4 From: Bob Counts, rcounts@troi.csw.net Subject: Gzip and tar files I am looking forward to reading the gazette but for right now the only machine I have is a Windows 98 that is connected to the Internet. I would like to download the Gazette but I don't have any way to expand and un-archive gzip and tar files in Windows. Is there any software that you know of that will do this. I am still in the infancy stage when it comes to Linux and I need all the help I can get. I know your magazine will help, but until I get PPP going on my Linux machine I am stuck. I think I should mention that my Linux and Windows computers are separate boxes. Thanks -- Bob Counts _________________________________________________________________ Date: Tue, 12 Jan 1999 12:58:01 +0100 From: Ottar Engstrøm, Ottar.Engstrom@lfk.mil.no Subject: Matrox Productiva G100 I am trying to configure X on my PC, XF86config asks me for several questions I can not answer. Like RAMDAC,Chipset ect on my Productiva G100 8MB AGP graphic card? I will be pleased if You could answer me. -- Ottar _________________________________________________________________ Date: Tue, 12 Jan 1999 18:01:19 +1100 From: "deves", deves@eisa.net.au Subject: EMM 386 Emulator I'm trying to find the EMM 386, can you give me any addresses for download of this emulator? As my computer needs it to play most games including the famed POKEMON game Do you think I should get this emulator, or wait for the PC game? P.S I still want those addys!!!! -- deves _________________________________________________________________ Date: Mon, 11 Jan 1999 10:53:14 -0500 From: GBE, hawk@valinet.com Subject: new user I'm new at Linux(RH5.2) and I've a question. When I download files using Netscape4.04 it puts it in my root directory. Now I guess I'm a little anal-retentive but I would like it to go in a folder called "download" or some other place. When I went to upgrade my XFree86 the install directions said that it was suppose to be in /var/tmp ??? Now I can mkdir for the folder, do I put permission on it? Do I have to link it to somewhere? Please give me commands to do this, if you can. Thanks -- Gene Euvrard _________________________________________________________________ Date: Fri, 8 Jan 1999 19:32:05 +0200 From: "Volkan Kenaroglu", volkan@sim.net.tr Subject: FTP Server I installed Debian 2.3 recently. And I want to build a FTP server. h All I need to know is how can do this :) But I never tried to do so I don't know even where to start. Please help! Any information would be appreciated. thanx Linux-mates. -- Volkan _________________________________________________________________ Date: Thu, 7 Jan 1999 23:28:18 -0800 (PST) From: Shanti Mohan, kas6719@yahoo.com Subject: Trouble on Linux This is regarding CD-record software available on Linux. When a CD is doing a actual write to the CDR, and some other user on the server tries to remove a very big file using "rm" (the file is about 400MB) the CD-record program stops writing. This also happens when a user is trying to copy amount of data on the server. Is there any solution to this problem as it means that my server is locked while write is in progress. Could you please help ? Thanks -- Shanti Mohan _________________________________________________________________ Date: Thu, 14 Jan 1999 09:30:57 +0000 From: Andreas Neukoetter, ti95neuk@de.ibm.com Subject: Idea for an article ... I'm one of the poor guys in Germany who has to use an Provider for his Web server ... instead of hosting it myself. The biggest Problem is to keep the "online"-site in sync with the "off-line"-one. Since i choose a cheap-provider i have no telnet-access to "my"-server and can't use the wget- or mirror-approach. I've written some scripts to make "crc32"-lists (in fact just sum-up the bytes since my crc32.pl just don't works) in Perl and execute it "off-line" and "online" (as a cgi ... the only way to run programs on the server). These lists are compared and different files are synced ... it works... but i don't find it satisfying :( has anybody a "better" solution ??? -- Anti _________________________________________________________________ Date: Sat, 16 Jan 1999 14:26:26 -0000 From: "Jonathan Homer", jhomer@pulsesoftware.demon.co.uk Subject: Re Telnet! Need help with the Telnet Daemon. It works perfectly accept when you connect via Windows or NT (sorry). It does as far as I can tell a Username lookup. Since NT or WIN 95 does not run such a service there is a pause of 10 seconds or so. I have not yet found the way to switch this lookup off. Can anyone help me? Thanks -- Jon _________________________________________________________________ Date: Sat, 16 Jan 1999 06:05:39 -0800 (PST) From: Steve Foster steve_p_foster@yahoo.com Subject: Xaw3d Documentation Just a short note, is there any documentation available for the wigit set, as I have used the example in LG 2(?), and fancy a crack at some other styles. -- Steve _________________________________________________________________ Date: Fri, 22 Jan 1999 19:29:55 -0500 From: "Jeffrey S. Flowers", ftn@bellsouth.net Subject: Linux in ROM The recent letters about putting Linux on a floppy is interesting to me but what I am interested in is putting Linux in ROM. I have a used 486 and what I would like to do is buy a ISA card that emulates a IDE hard drive. I've seen them advertised but to work with Linux wither a custom driver would be needed or Linux would have to be set up to use the BIOS for all disk accesses. Does anyone know of anyone doing this kind of thing? Thanks -- Jeffrey _________________________________________________________________ Date: Fri, 22 Jan 1999 10:14:45 -0600 (CST) From: Andy Kraut, opie4624@wagner.mtco.com Subject: Help Wanted -- Client 32 My High School uses Novell's Client 32 for all of their Internet connections. This means that only the main server has an IP address. Does anyone know how to make Linux (Red Hat 5.2) use the Internet over this? IPX is the only protocol in the Network settings of the Win 95 machines here. Thanks in advance, -- Andy Kraut _________________________________________________________________ Date: Wed, 27 Jan 1999 10:51:22 +030 From: "bman", biz_bman@hotmail.com Subject: A Question Please First, I like your web site, and second, I have a question. I have two 3com modems v90's one is internal "3com v90 voice" and the other is External 3com v90 .... I am using each one with a Linux System and have them connected to each others by a telephone line .... my problem is that I don't get the 56 speed that v90 should have. I get 33 or some thing like that... is there a way to tune up the modems in Linux operating systems? Thanks a lot. -- bman _________________________________________________________________ Date: Sun, 24 Jan 1999 17:10:18 -0600 From: "Aaron Becker", abecke2@uic.edu Subject: Help with AGP Riva TNT and Linux I just installed Red Hat Linux 5.2, and I don't know how to configure it to utilize my 16 MB STB Velocity 4400 AGP graphics card. That card is not in the card database, unfortunately. I can start the X Window System, but, the resolution is only 320 X 200. This resolution renders X virtually unusable. I would appreciate any help anyone can give me on this subject. Please bear in mind that I am extremely inexperienced with Linux when you respond. Thanks -- Aaron _________________________________________________________________ Date: Wed, 27 Jan 1999 21:07:17 +0100 From: "Oriol Molist", omsv@mail.cotursa-hotels.com Subject: Suggestion I am a Linux user. I have setup several PCs as X-terminals, but it is quite boring and takes too much time. I want to create a script that allows the easy setup of a X-terminal with lpd and ghostscript printer support, sharing the same NFS root for all xterminals, these would allow to install a network of xterm-PCs easily. Imagine that you can have the same of windows terminal server without having to pay anything. Please if anyone is interested in helping me, send me e-mail. thanks -- Oriol Molist _________________________________________________________________ Date: Wed, 27 Jan 1999 00:18:25 -0500 (EST) From: jvu001@umaryland.edu Subject: Help: Linux, laptop, PCMCIA SCSI I have a Toshiba 220CDS laptop and it once ran Linux on a 800 MB partition, but I deleted the partition because I needed the space. I have a PCMCIA SCSI card and am thinking about getting the Iomega Jaz drive (either 1 or 2GB) and installing a Linux partition on that external drive. My question is: Is this possible? Has anyone attempted this and has successfully installed Linux on it? I'm thinking that I would have to use DOS to load the PCMCIA drivers first and then use loadlin to boot the Linux partition. Am I correct in thinking that this will work? Thanks. -- John _________________________________________________________________ Date: Tue, 26 Jan 1999 08:58:27 -0600 From: Pete Nelson, pete.nelson@ci.stpaul.mn.us Subject: Serial Headache I had been trying to set up a PPP connection from my Red Hat 5.2 box at home to various ISPs. It was so problematic, I ended up writing a script that would begin dialing and fork an xterm with a 'tail -f /var/log/messages' so I could watch it fail. I ironed out all the bugs in my chat script (Linux would be no fun if everything worked perfectly out of the box!), and pppd would connect - but it would then bomb out. The messages were always the same before pppd died : pppd[xxx]: Serial connection is not 8-bit clean. pppd[xxx]: Problem: bit 7 always 0. So it looks like a serial problem. But I haven't found a fix with 'setserial' or anything in my BIOS, or in the PPP setup. My guess is it's something incredibly simple that I'm just completely overlooking, but no one else that I know can figure it out, either. If anybody knows the answer to this problem, I'd really like to hear it ( and you can even throw in a 'DUH!' if you so desire - I'm almost positive there's a real easy answer to this! ) Thanks. -- Pete Nelson _________________________________________________________________ Date: Mon, 25 Jan 1999 14:49:53 +0800 (HKT) From: Romel Flores, rom@ncc.edu.ph Subject: (newbie question) messed up terminal tty1 of my Linux box went gaga and can't accept the enter key. It just displays the ^M when I press the enter key and ^? when I press backspace. How do I solve the problem without resetting the machine. Thanks. -- R. Flores _________________________________________________________________ Date: Fri, 29 Jan 1999 12:43:06 -0800 From: "Rick Lim", rick_lim@bctel.com Subject: PPP dialin and out from the same box I can connect to my ISP (PPP) which uses dynamic IP address. I can then turn around and configure the same serial port for a static IP (PPP) for someone to dial into the same box. But if I now try to connect to the ISP my box has the same static IP that was assigned to the port and it will not let me connect. Is there a way to PPP out dial using a static IP address and still have a PPP in dial and assign a IP from my LAN? Thanks for any help. -- Rick _________________________________________________________________ Date: Fri, 29 Jan 1999 11:13:38 -0500 From: Dean Maluski, n0ety@home.com Subject: Netscape I tried using tip to have Netscape use Mail directory. OK now I created all my sub-directories in Mail but they start with Caps so Inbox is not the same as inbox. Is there any way to make them the same? Preferably Netscape looking at inbox & not Inbox. One cool thing is now when I look at message center I have a choice of looking in Inbox or inbox, and all directories within /Mail using Netscape. -- Dean _________________________________________________________________ Date: Tue, 26 Jan 1999 22:19:36 EST From: tomf7@hotmail.com Subject: Linux So I finally got Red Hat 5.2 installed after 8 tries, now what. It seems like a fun game toy, but is it really useful? I can't get Netscape going because the server doesn't have a DNS even though I put one in for it. The xplaycd reads the CD, but no sound. The time I spend on this system doesn't make up for the cost. Linux has at least light years to go to catch up with anything that runs . -- Tom _________________________________________________________________ General Mail _________________________________________________________________ Date: Wed, 06 Jan 1999 16:43:22 +0100 From: Christian Schaller, frostking@linuxrising.com Subject: RE:Anouncements by Sun & TrollTech After seeing the latest issue of Linux Gazette I have a couple of comments. 1) I often feel that the stories covered in Linux Gazette and thereafter Linux Journal are dated, I mean these license announcements are old and heavily debated and Slashdot etc. As a Journal subscriber I for one would appreciate if the currentness of the stories covered in the gazette and the journal was more close to date of publication than today. 2) As for the articles content I have one issue I think should be brought up when the "open-source" licenses are discussed. And that is the fact that these licenses are a bigger threat to the free software community than proprietary software. Most of these licenses makes it impossible to reuse code and they undermine the success criteria that GPL/LGPL and BSD licenses gives open source software, by enabling anybody to modify or include code or complete software packages in their own software. If these types of licenses are allowed to be accepted as just as good, the best scenario we might hope for is that anybody making free software "just" have to include 20 different licenses with the software witch have to consist of 15 different patches. I hope SSC through their publications takes care not to support such a development. Sincerely, Christian Schaller (The realities of life are both LG and LJ are monthly magazines. If an announcement is made on on the 4th of the month, it won't show up in LG until the next month. For LJ, it's even longer because there's the lead time needed to get the magazine in print, etc. We could, of course, just ignore all news related issues and stick with technical articles only, but then we wouldn't be getting our opinions out there. What would be nice is if these companies would tell us 2 months in advance so we could have the stories in print in LJ at the same time the announcement is made. But this isn't likely to ever happen--insider information and all that. One of the reasons that I put the article in LG was to get it out a bit quicker than it will appear in LJ. You are not the only one that has made this particular complaint. However, I ask that you all cut us a bit of slack--we are not a daily newspaper. As to your second point, I noted that these licenses were not the same as GPL--only a step in the right direction. Thanks for writing, --Editor) _________________________________________________________________ Date: Wed, 06 Jan 1999 23:07:49 +0100 (CET) From: jfm2@club-internet.fr Subject: Destroying the Kernel Compiling Myth Once again we find an article propagating the myth of kernel compiling (the one written by a guy from India). Problem is that since 1996 benefits of this are nearly nil in a well designed distribution. I think this myth is very harmful to Linux: as long as there will be people claiming "Thou hast to recompile thee kernel" it will be impossible to attract non-hackers to Linux. That means confining Linux into a _small_ programmer's ghetto. The MIME attachment is an analysis of the benefits of compiling a 2.0 kernel. It is based on performance measures, simple maths and source reading. Quantitative analysis shows there are ways far more effective for optimizing a Linux box. I talk about them but that should be developed. The text will be part of the Independence distribution. If you think it is not acceptable for LJ to publish something that will be on a web site in a few days then publish on Linux Gazette. -- Jean Francois Martinez Project Independence: Linux for the Masses, http://www.independence.seul.org _________________________________________________________________ Date: Thu, 07 Jan 1999 23:30:20 -0500 From: Jim Heyssel, jheyssel@bellatlantic.net Subject: Make Linux Better, Yet! I am happy with your site. I am suggesting some improvements to Linux itself which would make it the enterprise software of the next decade. 1. Give Linux full journaling, unlimited file-size, and scalable multiprocessor support. Whether using ext2 with new 64-bit fs, or writing an integrated driver for making ufs, or xfs, or ntfs, it does not matter. 2. Incorporate full IPV6 support. Incorporate complete networking interfaces with NT, Novell, Mac, other UNIX systems. A lot of support is already there, but I am particularly interested in Network Directory Service type support and Domain control support with one login. 3. Fully integrated KDE desktop environment - when you install application software, it should be on the desktop and automated for dummies. Not everyone is a hacker. But everyone who uses computers for the sake of interests other than the computer itself (unlike many of us Linux geeks), should be able to download and install any application without having to read an inordinate amount of documentation or worry about configuration files (unless, of course, we enjoy that sort of thing). 4. Multi configuration automation for distinct uses - e.g. an enhancement like Red Hat's for various types of use: server, router, desktop workstation, database server, etc. 5. Software that deliberately aims at inter-operability with file formats generated by Microsoft, Apple, and other popular software applications. 6. These goals can easily be achieved in the next year and make Linux number one, with a combination of features to entice the most innovative of hackers, and most mundane of end-users. 7. Tell me where to begin. If anyone else is interested in any one of the above, I would like to collaborate. -- Jim _________________________________________________________________ Date: Mon, 18 Jan 1999 18:58:47 -0600 From: Brian Bray, ixnay@wws.net Subject: Jan, 99 article Xwindows vs. w95/98/NT first let me say that I love you :-)~ secondly in your article from Jan 199 entitled X Windows versus Windows 95/98/NT: No Contest, by Paul Gregory Cooper. he states that that... "Windows95/98/NT on the other hand is a different kettle of fish. Here the OS, GUI, WM, and desktop aren't clearly separated (as in UNIX) but are all rolled into one. Thus you have whatever choice Microsoft happen to give you, i.e. windows themes. For Microsoft this is an advantage - it stops people butting in and rewriting parts of their OS which could potentially lose them money. For instance they realized that with the old windows 2/3.1 you could simply replace MS DOS with another compatible DOS such as DR DOS from Caldera. In an ongoing court case Caldera allege that MS added code to windows to make it seem like there was a bug in DR DOS. With 9*/NT being all rolled in one there is no need to resort to such tactics. " While I agree that everything that this article states I would like to point out that users of Windows 95/8/NT can indeed change there shell to a Afterstep like interface called Litestep. http://www.multimania.com/jdubois/litestep/index.htm I have not personally ever used but know ppl who have. And it doesn't look to bad. Thanks for your time, -- Brian Bray _________________________________________________________________ Date: Fri, 15 Jan 1999 05:55:47 -0800 (PST) From: Casper Boden-Cummins, casperbc@yahoo.com Subject: X Here's a top tip: the popular X Window System is _not_ called `X Windows'. There is no such product. Instead, the man page on X says: The X Consortium requests that the following names be used when referring to this software: X X Window System X Version 11 X Window System, Version 11 X11 I'd be overjoyed if we could ditch this M$-inspired mistake! ;-) -- Casper Boden-Cummins _________________________________________________________________ Date: Thu, 21 Jan 1999 10:33:35 -0500 From: Michael Bright, mabright@us.ibm.com Subject: How about a cross platform section? This is to the Gazette as well as Linux Journal. From what I've seen in the industry, most businesses are using Linux in a heterogeneous environment. They are doing this because they don't want to jump into Linux with both feet. A lot of these are NT/Linux houses which leverage the abilities of both platforms to get the job done. This could be anything from a collection of tips to entire articles. I see NT/Linux related questions and tips in almost every issue. Maybe its time they were put in the same section. I even have an Idea for a logo or symbol, Take a Yin Yang and put a Windows emblem in the space for the white dot and a penguin for the black. The black background could be made to resemble the NT workstation package with the "edge of space" graphic and perhaps the penguin could be in an arctic scene. This idea does not have to be limited to just Linux and NT, there are connectivity issues for Apple, OS/2/Aurora, Novell and others. Thanks for your time. -- Michael _________________________________________________________________ Date: Thu, 21 Jan 1999 13:25:02 +0000 From: Me, deltax@pragma.net Subject: Quark Xpress on WinDos? Quark Xpress was originally a Mac product. I was unaware that it was ported to winferior systems.... Indeed it would be very nice to have Quark under UNIX. From what I remember using it (long time ago, old version!) it was a very nice, efficient and powerful page design software. -- Eric _________________________________________________________________ Published in Linux Gazette Issue 37, February 1999 _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Next This page written and maintained by the Editor of Linux Gazette, gazette@ssc.com Copyright © 1999 Specialized Systems Consultants, Inc. _________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" _________________________________________________________________ More 2¢ Tips! Send Linux Tips and Tricks to gazette@ssc.com _________________________________________________________________ Contents: * Re: Running Your Own Domain Over a Part Time Dialup * Boot SCSI with IDE Disk Too * TAG: ifconfig Reports TX Errors on v2.1.x Kernels * Triple booting * Searching CD-ROMs * Searching Multiple CD-ROMs * ANSWER: Does Linux have multimedia support? * ANSWER: Linux and UNIX * ANSWER: Linux and UNIX * ANSWER: Help Lotus Notes * ANSWER: Intellimouse * ANSWER: Does Linux have multimedia support? * ANSWER: IP Masquerading * ANSWER: Netscape help * ANSWER: TX errors with 2.1/2.2 kernels * ANSWER: Wheel Mouse under Linux * ANSWER: Re: I have two ideas for articles _________________________________________________________________ Re: Running Your Own Domain Over a Part Time Dialup Date: Tue, 05 Jan 1999 15:41:52 -0800 From: John Stracke, francis@netscape.com If all you need is the ability to telnet into your Linux box, there is a simpler way (assuming your ISP gives you a Web site with CGI). First, create a script on your site called "updateIP.cgi": #!/bin/bash echo $REMOTE_ADDR >latestIP and another called "telnet.cgi": #!/bin/bash echo Location: telnet://`cat latestIP` echo (Don't forget to make the CGI scripts executable.) Set up a cron job that will do "lynx -source http://www.example.com/~foo/updateIP.cgi >/dev/null 2>&1" every 15 minutes (or whatever). (Replace http://www.example.com/~foo/ with the URL of your site, of course.) Now you can set yourself a bookmark for "http://www.example.com/~foo/telnet.cgi"; when you go to it, your browser will be redirected to the telnet: URL and will (should) fire up a telnet session. No need to pay somebody for Dynamic DNS or a domain name. If your ISP doesn't support CGI, you can probably hack up something with FTP instead. -- John (Francis) Stracke _________________________________________________________________ Boot SCSI with IDE Disk Too Date: Wed, 6 Jan 1999 11:08:18 -0500 From: "DJ Delorie"dj@delorie.com Another way to make it boot SCSI first is to install the IDE drive on the *secondary* IDE controller, not the primary. Whether this works or not depends on the BIOS and the SCSI card. -- DJ _________________________________________________________________ TAG: ifconfig Reports TX Errors on v2.1.x Kernels Date: Wed, 6 Jan 1999 16:42:49 +0100 From: Michel van de Ven, michelv@unit4.nl my 0.02 euro: This is a problem with the net-tools used. The /proc/net format changed during 2.1.x development and old net-tools just can't grok it. The 2.1.x Documentation/Changes file states version and location of the net-tools you need to get correct results: for 2.2.0-pre4 it's v1.49. It's generally a Good Thing to check Changes after patching the kernel tree. There are more things you need to consider when running a 2.[12].x kernel on a 2.0.x distribution, and Changes has the details. Linux Gazette is a useful piece of work. Thanks! -- Michel van de Ven _________________________________________________________________ Triple booting Date: Mon, 11 Jan 1999 12:22:14 +1000 From: "peter deVries", brisbane@cox.com.au I read your article about booting linux and NT. I have a triple booting solution for you. I read this in the Jan99 PC@uthority so I can't claim the credit on this much I recently saw a suggestion for triple booting NTFS, FAT32 and linux. Well here's a quick tip: Linux can be put into the NT boot menu. To do so, run lilo to create a boot sector of your linux partition, then run: dd if=/dev/hdc1 of=/dev/hda/bootsect.lnx bs=512 count=1 Replace /dev/hdc1 with your linux partition and /dev/hda/ with your mountpoint of your "C:" drive under NT. This copies your linux boot sector to a file which NT reads as C:\BOOTSECT.LNX. Then append C:\boot.ini with c:\bootsect.lnx="linux" Reboot, and linux should work off the NT boot menu. this is the article I saw word for word and found that it didn't work so here is a version that does. I did this before converting Win98 to FAT32 First make sure that the "C:\"partition is mounted mount -t msdos /dev/hda1 /mnt/win98 then reference it /mnt/win98 in the place of the /dev/hda1, so the line should look like this dd if=/dev/hdc1 of=/mnt/win98/bootsect.lnx bs=512 count=1 I found that is worked. -- Peter deVries _________________________________________________________________ Searching CD-ROMs Date: Tue, 12 Jan 1999 19:18:15 +0200 From: Reuben Sumner, rasumner@iname.com Here is a two cent tip that I have been meaning to submit for a long long time now. If you have a large stack of CD-ROMS, finding where a particular file lies can be a time consuming task. My solution uses the locate program and associated utilities to build up a database of the CDs' contents that allows for rapid searching. First we need to create the database, the following script does the trick nicely. #!/bin/bash onedisk() { mount /mnt/cdrom find /mnt/cdrom -maxdepth 7 -print | sed "s;^/mnt/cdrom;$1;" > $1.find eject -u cdrom } echo Enter name of disk in device: read diskname while [ -n "$diskname" ]; do onedisk $diskname echo Enter name of next disk or Enter if done: read diskname done echo OK, preparing cds.db cat *.find | sort -f | /usr/lib/findutils/frcode > cds.db echo Done... Start with no CD mounted. Run the script. It will ask for a label for the CD, a short name like "sunsite1" is best. It will then quickly scan the CD, eject it and prompt for another. When you have exhausted your collection just hit enter at the prompt. A file called cds.db will be done. To make it simple to use copy cds.db to /var/lib (or anywhere else, that is where locatedb is on my system). Now create an alias like alias cdlocate="locate -d /var/lib/cds.db" Now if I type "cdlocate lyx" I get debian20_contrib/debian/hamm/contrib/binary-i386/text/lyx_0.12.0.final-0.1.deb debian20_contrib/debian/hamm/contrib/binary-m68k/text/lyx_0.12.0.final-0.1.deb debian20_contrib/debian/hamm/contrib/source/text/lyx_0.12.0.final-0.1.diff.gz debian20_contrib/debian/hamm/contrib/source/text/lyx_0.12.0.final-0.1.dsc debian20_contrib/debian/hamm/contrib/source/text/lyx_0.12.0.final.orig.tar.gz lsa3/apps/wp/lyx-0.12.0-linux-elf-x86-libc5-bin.tar.gz lsa3/apps/wp/lyx-0.12.0.lsm lsa3/apps/wp/lyx-0.12.0.tar.gz lsa4/docs/french/www.linux-france.com/lgazette/issue-28/gx/lyx lsa4/powertools/i386/lyx-0.12.0-1.i386.rpm lsa4/powertools/SRPMS/lyx-0.12.0-1.src.rpm openlinux12/col/install/RPMS/lyx-0.11.32-1.i386.rpm openlinux12/col/sources/SRPMS/lyx-0.11.32-1.src.rpm suse53/suse/contents/lyx In order to prevent locate from warning you that the database is old try touch -t 010100002020 /var/lib/cds.db to set the modification date to January 1 2020. -- Reuben _________________________________________________________________ Searching Multiple CD-ROM Date: Fri, 15 Jan 1999 19:55:51 +0100 (CET) From: JL Hopital, cdti94@magic.fr My English is terrible,so feel free to correct if you decide to publish... Hello,i am a French linuxer and here is my two cent tips. If you have many CD-ROMs and want to retrieve this_file_I'm_sure_i_have_but_can't_remember_where, it can helps. It consist of 2 small scripts using gnu utilities: updatedb and locate. Normally 'updatedb' run every night, creating a database for all the mounted file systems and 'locate' is used to query this system-wide database.But you can tell them where are the files to index and where to put the database.That's what my scripts does: The first script (addcd.sh) create a database for the cd actually mounted.You must run it once for every cdrom. The second ( cdlocate.sh ) search in the databases created by addcd.sh and display the cdname and full path of the files matching the pattern you give in parameter. So you can search for unmounted files ! To use: * create a directory and copy in it the 2 scripts mkdir /home/cdroms cp addcd.sh cdlocate.sh /home/cdroms * mount the first cdrom you want to index mount /mnt/cdrom ( if your mount point is different , you must adapt the script ) * run addcd.sh with a fully descriptive name for this cdrom as parameter (this description will be used as part of the database name ,don't use space): ./addcd.sh Linux.Toolkit.Disk1.Oct.1996 It will take some time to updatedb to create the databases specially if the cdrom contain many files. * umount the cdrom and go to step 2 for all the cdroms you want or every time you've got a new one(I have more than 70 databases created this way). * you can now use cdlocate.sh,to retrieve files ./cdlocate.sh '*gimp*rpm' Beware that locate's regular expressions have some peculiarities, 'man locate' will explain. Hope this help and happy linuxing ! ---Cut here------------------------------ # addcd.sh # Author: Jose-Luc.Hopital@ac-creteil.fr # Create a filename's database in $DATABASEHOME for the cd mounted # at $MOUNTPOINT # Example usage: addcd.sh Linux.Toolkit.Disk3.Oct.1996 # to search the databases use cdlocate.sh CDNAME=$1 test "$CDNAME" = "" && { echo Usage:$0 name_of_cdrom ; exit 1 ; } # the mount point for the cd-ROM MOUNTPOINT=/mnt/cdrom # where to put the database DATABASEHOME=/home/cdroms updatedb --localpaths=$MOUNTPOINT --output=$DATABASEHOME/$CDNAME.updatedb && \ echo Database added for $CDNAME ---Cut here-------------------------------- # cdlocate.sh # Author : Jose-Luc.Hopital@ac-creteil.fr # Usage $0 pattern # search regular expression in $1 in the database's found in $DATABASEHOME # to add a database for a new cd-rom , use addcd.sh test "$*" = "" && { echo Usage:$0 pattern ; exit 1 ; } DATABASEHOME=/home/cdroms cd $DATABASEHOME # get ride of locate warning:more than 8 days old touch *.updatedb CDROMLIST=`ls *.updatedb` for CDROM in $CDROMLIST do CDROMNAME=`basename $CDROM .updatedb` locate --database=$DATABASEHOME/$CDROM $@ |sed 's/^/'$CDROMNAME:'/' done _________________________________________________________________ Tips in the following section are answers to questions printed in the Mail Bag column of previous issues. _________________________________________________________________ ANSWER: Re: Does Linux have multimedia support? Date: Mon, 11 Jan 1999 15:08:23 -0600 From: Mike Hammel, mjhammel@graphics-muse.org Don Cramer wrote: I was wondering if Linux now has, or will support any of the multimedia formats supported by Windows, such as AVI, JPG, WAV, MOV, etc? Yes, all of these are supported in various ways. Animated formats (AVI, MOV, animated GIFs, etc) are supported through the xanim program, along with a host of other tools (xanim just has the widest range of animation format support). Xanim also has support for playing some types of audio embedded in the video file (such as audio that accompanies an AVI file). Sound formats (WAV, AU, etc) are supported via the "sox" program (that plays these formats) and the Linux sound drivers (which you can get either in the Linux distributions or a commercial version which supports a wide range of sound cards and is available from 4Front Technologies for about $20US). Static formats for graphics images (JPEG, GIF, TIFF, TGA, etc) are supported by lots of tools: the GIMP (GNU Image Manipulation Program, which is similar to Photoshop), xv (which is like LView), ImageMagick and NetPBM (which are both a collection of graphics viewer/manipulation tools). There are lots of tools for viewing/listening to multimedia files. You can try the Linux Multimedia Pages (I've forgotten the URL but I think its listed on SSC's Resources pages) and my Linux Graphics pages at www.graphics-muse.org/linux.html. Multimedia on Linux is probably not quite what you're used to on Windows as far as how you use them, but the support for most of the well known and well used formats is available. What you can't do (at least I doubt you can) is run multimedia programs from CDs that are Windows specific programs. Those programs won't run (well, they might under WINE but I've never tried them) but their support files may be readable by some of the Linux/Unix programs I've mentioned above. -- Michael J. Hammel, The Graphics Muse _________________________________________________________________ ANSWER: Re: Linux and UNIX Date: Wed, 06 Jan 1999 11:48:17 -0800 From: Drew Bloechl, cheezh@mindless.com The distinction between Linux and UNIX is, at this point, only in name. UNIX is a trademark of the X/Open Group and requires a fee for branding a product as a flavor of UNIX. Some vendors have considered getting UNIX certification for their particular brand of Linux, but I haven't heard of any of them actually doing it. Linux does, however, support the POSIX standards and others required for the UNIX branding, so it could be considered a flavor of UNIX even if it isn't quite official. -- Drew _________________________________________________________________ ANSWER: Linux and UNIX Date: 06 Jan 1999 09:44:02 -0600 From: Omegaman, omegam@cmq.com you asked: I am a 2nd year computer science student. I have looked everywhere for the answer and found only basic answers. My question is what exactly is the difference between Linux and UNIX, excluding size and speed. I would appreciate it if you could just send me a few of the differences. For all intents and purposes Linux *is* Unix -- ie. it is another unix variant. UNIX is not a single operating system, anyway. It is now a brand managed by the Open Group. That means that Operating System vendors (or Linux distribution vendors) may apply for Unix certification and branding. They pay money and TOG runs a bunch of tests and basically says, "ok, that's unix." Of course, there are other relevant standards, such as POSIX. No standard fully covers the differences between branded or unbranded Unix implementations. My question to you is, which unix variant are you referring to? There are so many, Solaris, HP-UX, Digital Unix, AIX, SCO, and BSDI, to name some common ones. SCO is sometimes thought of as the main UNIX as it is the direct descendent of AT&T's original System V source. Of course, the BSD (Berkeley) derived variations play a pivotal role in Unix history as well. All of the Unix variant's mentioned above including Linux incorporate functionality and ideas from both primary Unix flavors as well as incorporating their own ideas. System V (SCO) style unix, for example, has a different boot structure than BSD. Most recent Linux distributions use System V style boot scripts. But Linux systems also incorporate BSD style printing mechanisms. The GNU command-line tools used on Linux systems are much enhanced and extended versions of their System V and BSD counterparts. GNU ls has many more options than what many unix vendors may ship. To further confuse the issue, GNU tools can be used to replace vendor-supplied commands if desired. Are we having fun yet? Your best bet is to read up on Unix history to understand why unix (small u) is not one Operating System but a family of Operating Systems with similar characteristics. Filesystem structure and permissions, basic commands, process sheduling, boot method and dozens upon dozens of other characteristics add up to define an OS as "unix". Linux falls quite handily into this family despite the lack of (expensive and arguably meaningless) Open Group unix branding. See Unix Guru Universe for some more info http://www.ugu.com/ Also see the geek-girl site for some more history and info http://www.geek-girl.com/unix.html -- Omegaman _________________________________________________________________ ANSWER: Re: Help Lotus Notes Date: Wed, 06 Jan 1999 10:07:34 GMT From: Anthony E. Greene, agreene@pobox.com In your letter to Linux Gazette #36, you wrote: I have a Linux box, with SuSE, and a Lotus Notes server. I want to e-mail the status of my workstation to another user that belongs to the Notes Network. Does anybody know how to do that, or just the concepts to do this? Just pipe the output of a command to mail. For instance, I have a cron job that mails a weekly status report to the members of my workgroup. This helps remind the boss that the Linux box is stable and doing useful work. Assuming you want to do something simple like uptime, the command line would look like: /usr/bin/uptime | /bin/mail -s "Uptime Report" me@my.address The script I run is a little more complex because it gathers statistics from various logs: #!/bin/bash # # Script: wsr (Weekl;y Status Report) # # Purpose: Summarize the relevant activity of the server for the past week. # # Author: Anthony E. Greene agreene@pobox.com # echo " " echo "Uptime" echo "------" /usr/bin/uptime echo " " echo "Mail Transactions" echo "-----------------" MAILSENT=`/bin/grep -c "stat=Sent" /var/log/maillog.1` MAILRCVD=`/bin/grep -c "from=" /var/log/maillog.1` MAILCOUNT=$[$MAILSENT+MAILRCVD] MAILRATE=$[$MAILCOUNT/24/7] echo "$MAILCOUNT ($MAILRATE transactions per hour)" echo " " echo "Web Documents Served" echo "--------------------" WEBCOUNT=`/bin/grep -c " 200 " /var/log/httpd/access_log.1` WEBRATE=$[$WEBCOUNT/7] echo "$WEBCOUNT ($WEBRATE transactions per day)" echo " " # End of Script The cron job is: /usr/local/sbin/wsr | /bin/mail -s "Weekly Status Report" staff The "staff" email address is a sendmail alias that points to the actual email addresses of the members of the workgroup. As long as outgoing mail works, this will do what you need. -- Anthony E. Greene _________________________________________________________________ ANSWER: Re: Intellimouse Date: Wed, 06 Jan 1999 11:53:15 -0800 From: Drew Bloechl, cheezh@mindless.com There's a program called imwheel that supposedly does this in XFree86, although I haven't tried it myself. Its homepage is http://solaris1.mysolution.com/~jcatki/imwheel/ and the freshmeat appindex for it is http://freshmeat.net/appindex/1998/08/15/903164189.html -- Drew _________________________________________________________________ ANSWER: Re: Does Linux have multimedia support? Date: Wed, 06 Jan 1999 12:03:26 -0800 From: Drew Bloechl, cheezh@mindless.com Well, the short answer is "yes." :) There are a number of Linux applications that can view and/or edit these types of files. The Gimp ( http://www.gimp.org/ ) can edit almost every graphics format known to man, and could be considered a good alternative to Photoshop. You can see quite a few others at http://core.freshmeat.net/appindex/x11/graphics.html In regards to the video formats, XAnim ( http://xanim.va.pubnix.com/ ) can view most of these without any problem. As for sounds, there are a plethora of programs for doing almost anything you could think of that involve sounds. For starters, take a look at http://core.freshmeat.net/appindex/console/sound.html and http://core.freshmeat.net/appindex/x11/sound.html for a few of the available sound apps. Have fun. -- Drew _________________________________________________________________ ANSWER: Re: IP Masquerading Date: Wed, 06 Jan 1999 12:08:58 -0800 From: Drew Bloechl, cheezh@mindless.com There's another HOWTO at http://eunuchs.org/linux/ip_masq/ip_masq_content.html I haven't tried setting up IPMasq myself, so I'm not sure how much this good this will do, but I hope it helps a bit. -- Drew _________________________________________________________________ ANSWER: Re: Netscape help Date: Wed, 06 Jan 1999 12:16:45 -0800 From: Drew Bloechl, cheezh@mindless.com This one's pretty easy. If you're lucky, your settings are only corrupted. This is fixed by removing the ".netscape" (or just "netscape", without a leading dot, I'm not sure which offhand) directory from affected users' home directories. If Communicator itself is broken, you can remove the /usr/local/netscape directory and reinstall Netscape from the .tar.gz file that I assume you downloaded. If you installed it from an RPM or some other sort of package, I would read the manpage for the package manager and remove it using rpm or dpkg or what have you. Good luck. -- Drew _________________________________________________________________ ANSWER: TX errors with 2.1/2.2 kernels Date: Wed, 6 Jan 1999 17:33:23 -0800 (PST) From: David, david@kalifornia.com I noticed in your mailbag several letters talking about errors on network devices. The correct answer is to upgrade the net-tools package. The format of many /proc files has changed. In particular, those used by ifconfig. I recommend browsing through linux/Documentation/Changes for everyone. I would even suggest it be mandatory reading. =) -- David _________________________________________________________________ ANSWER: Wheel Mouse under Linux Date: Fri, 08 Jan 1999 20:46:58 +0100 From: "Torben D. Jensen", tdj@hco.kol.ou.dk This appeared in Jan '99 issue: From: James Jackson Does anybody know how to enable the wheel on an Intellimouse under Linux? (Red Hat 5.2) I am sending this to gazette as well, because it might be of general interest. Look at http://www.inria.fr/koala/colas/mouse-wheel-scroll/ He might be able to help you. -- Torben _________________________________________________________________ ANSWER: Re: I have two ideas for articles Date: Mon, 25 Jan 1999 17:04:58 +0100 (CET) From: Gerd Bavendiek, bav@rw.sni.de You wanted to get rid of "Start" in fvwm95. Edit your .fvwm95rc like this: *FvwmTaskBarAutoStick # here I changed Start to Linux *FvwmTaskBarStartName Linux *FvwmTaskBarStartMenu StartMenu *FvwmTaskBarStartIcon mini-exp.xpm *FvwmTaskBarShowTips You might want to have a look at an article I wrote a few months ago: http://www.ssc.com/lg/issue21/fvwm.html Regarding the virtual desktop issue, have a look into your /etc/X11/XF86Config. In the screen section look for the keyword virtual. Change it to Virtual 0 0 to switch off the virtual screen. -- Gerd _________________________________________________________________ Published in Linux Gazette Issue 37, February 1999 _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next _________________________________________________________________ This page maintained by the Editor of Linux Gazette, gazette@ssc.com Copyright © 1999 Specialized Systems Consultants, Inc. _________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" _________________________________________________________________ News Bytes Contents: * News in General * Software Announcements _________________________________________________________________ News in General _________________________________________________________________ March 1999 Linux Journal The March issue of Linux Journal will be hitting the newsstands February 11. This issue focuses on Internationalization and Emerging Markets with articles on multilinual Emacs, printing messages in different languages, autonomous automobiles in Italy and mediated reality. This last is the second part of Dr. Steve Mann's series on wearable computers. Linux Journal now has articles that appear "Strictly On-Line". Check out the Table of Contents at http://www.linuxjournal.com/issue59/index.html for articles in this issue as well as links to the on-line articles. To subscribe to Linux Journal, go to http://www.linuxjournal.com/ljsubsorder.html. _________________________________________________________________ Australian Linux Community Offering Date: Thu, 24 Dec 1998 01:00:31 -0800 OzSearch extends its offer to the Australian Linux community to LG Australian readers as well: OzSearch Internet Guide, an all-Australian web directory, recently released its new web site. The site is intended to offer a starting point for any complete search for Australian web sites. In addition to successfully running Linux Red Hat 5.2 (where 100+ days of uptime are common), the site is powered by Apache v1.3.3 with ModPerl and MySQL. Stress tests have indicated that this configuration scales exceptionally well. To give back to the Linux community, OzSearch is currently seeking to help sponsor an Australian-based Linux users group. Please provide your group's information to Kris Duggan (kduggan@ozsearch.com.au). OzSearch can be found at http://www.ozsearch.com.au For more information: Kris Duggan, President of OzSearch Internet Guide, kduggan@ozsearch.com.au _________________________________________________________________ The Bazaar Date: Thu, 07 Jan 1999 09:55:07 -0400 A major free and open source software event is a convention entitled the Bazaar. It will have over 5,000 attendees and 100 vendors. The speaker list includes major free software developers and advocates like Eric Raymond, Richard Stallman, and Alan Cox. The Bazaar is the first convention of its kind to ever be held in New York city and we are very excited for the Bazaar's maiden voyage. It will be opening on March 13th and continuing through the 15th at the Jacob Javits Center in Manhattan. For more information: Eddie Park, Assistant Director eddie@inlimine.org, http://www.thebazaar.org/ _________________________________________________________________ Update on USENIX events (40562) Date: Wed, 27 Jan 1999 09:25:58 -0800 (PST) Full tutorial and technical session programs, and online registration, are now available at http://www.usenix.org/events/ for the following: NORDU99 - 1st Nordic Europen/USENIX Conference, February 9-12, 1999, Stockholm, Sweden OSDI: 3rd Symposium on Operating Systems Design and Implementation, February 22-25, 1999, New Orleans, Louisiana 1st Conference on Network Administration, April 7-10, 1999, Santa Clara, California ----Co-located and sharing two days of tutorials with: 1st Workshop on Intrusion Detection and Network Monitoring, April 9-12, 1999, Santa Clara, California COOTS: 5th Conference on Object-Oriented Technologies and Systems, May 3-7, 1999, San Diego, California Workshop on Embedded SyStems, March 29-31, 1999, Cambridge, Massachusetts LISA '99--13th Systems Administration Conference, November 7-12, 1999, Seattle, Washington Tcl/Tk: 7th USENIX Tcl/Tk Conference, February 14-18, 2000, Austin, Texas For more information: http://www.usenix.org/events/, _________________________________________________________________ UNIX Internet Service Administrator Wanted Job at Cincinnati Bell, Cincinnati, Ohio. Administration of Linux servers and development. Position Profile: * Maintain all of the IP applications developed or utilized in Internet * Operations as a member of the Internet Operations team. * Work with Director - Internet Service Operations or Director * Internet Service Development and others to develop procedures and guidelines for implementation and management of applications as they relate to the Internet and the Internet Operations team. * Responsible for working with the Internet Operations team, Internet Development group, internal and external information providers, and others as appropriate to maintain and integrate IP applications. * Responsible for performing all common Unix System Admin tasks for the server environment. * Responsible for cross-training other members of the Internet Services in the domain area of expertise of the position to broaden the knowledge base within the team. * Report to the Director Internet Service Operations or Direct or Internet Service Development as assigned. Business Impact: This position will work closely with the Internet Services team to provide support for the growing number of IP applications within the Internet Access product. Will have a direct impact on the customer's perception of the quality of the Internet Access product as well as the quality of any IP services within the Internet Access product. Process and Technical Knowledge: * Experience with the Solaris and Linux Unix operating systems (BSDI and NT a plus). * Experience with the Apache, Netscape Enterprise, Netscape Intern et Suite of servers, Lotus Domino, or other commercial grade web servers. * Experience SMTP/POP, IMAP and Majordomo servers for UNIX operating systems. * Experience with NNTP servers for UNIX operating systems. * Experience with streaming media servers utilizing IP Multicast technologies. * Working knowledge of load balancing methodology, packet shaping and other load and service management solutions and technologies * Experience with the installation and maintenance of enterprise archives and backup systems. * Software development skills in Perl, Java, xTML varients or other web and internet application supporting languages required. HTML(and varients) and CGI competency a must. * Experience using application performance monitoring tools to detect, diagnose problems and determine source. * Good customer contact skills. * Good teaming skills. For more information: Kendra Childress, kchildress@cinbell.com _________________________________________________________________ Linux Links StarOffice 5.0 Personal Edfition Report: http://macarlo.com/ World's Smallest Computer Runs Linux: http://wearables.stanford.edu/ _________________________________________________________________ Software Announcements _________________________________________________________________ UNIX CD Bookshelf Released Date: Mon, 11 Jan 1999 15:32:04 -0800 (PST) The recently released "UNIX CD Bookshelf" contains six O'Reilly books plus the software from "UNIX Power Tools" -- all on a convenient CD-ROM. A bonus hard copy book of the bestselling "UNIX in a Nutshell: System V Edition", is also included. The six included books, purchased separately, would retail for $175.70, but "The Unix CD Bookshelf" package retails for only $69.95. The CD-ROM contains the complete text of: * UNIX in a Nutshell: System V Edition * UNIX Power Tools, 2nd Edition (with software) * Learning the UNIX Operating System, 4th Edition * Learning the vi Editor, 5th Edition * sed & awk, 2nd Edition * Learning the Korn Shell Formatted in HTML, "The UNIX CD Bookshelf" can be read by any Web browser. The books are fully searchable and cross-referenced. In addition to individual indexes for each book, a master index for the entire library is provided. A free sample chapter, Chapter 2: UNIX Commands from "Unix in a Nutshell", is available at: http://www.oreilly.com/catalog/unixcd/chapter/index.html For more information: http://www.oreilly.com/catalog/unixcd/ _________________________________________________________________ ISS Ships Industry's First, Integrated Network and Host-Based Intrusion Detection Solution Date: Fri, 8 Jan 1999 17:18:51 -0700 ISS Ships Industry's First, Integrated Network and Host-Based Intrusion Detection Solution ATLANTA, Ga. - January 7, 1999 - Internet Security Systems (Nasdaq: ISSX), the leading provider of adaptive network security solutions, today announced the worldwide availability of RealSecure 3.0, a solution that combines both network- and system-based intrusion detection and response capabilities to form a single enterprise threat management system. By adding host-based intrusion detection capabilities to RealSecure, customers can have the best of both worlds: fast detection of attacks at the network level stopping security breaches before damage is done, as well as identifying unauthorized access attempts at the system level. For more information: Nicki Kopelson, nickik@connectpr.com _________________________________________________________________ Corel Computer Launches the NetWinder Group Server Ottawa, Canada=97January 13, 1999, Corel Computer, a division of Corel Corporation, today announced the availability of the NetWinder Group Server, the latest addition to their family of NetWinder thin servers. The NetWinder Group Server offers departmental workgroups and small businesses a wide range of Internet/intranet services in an easy-to-use, affordable package. Based on the StrongARM=AE RISC microprocessor and the Linux operating system, the NetWinder product family delivers powerful, cost-effective desktop and server solutions. The NetWinder Group Server with 32 MB RAM carries a suggested retail price of US $979 for the diskless version, US $1,339 with 2 GB hard drive, US $1,629 with 4 GB hard drive and US $1,839 with 6 GB hard drive. Prices subject to change without notice. Dealers may sell for less. The NetWinder Group Server provides a full suite of Internet/intranet services, including: * Web Publishing, with integrated support for HTTP/1.1, Common Gateway Interface (CGI) and Perl scripting * HTML Page Authoring, enabling individual users to create and edit their own Web page * E-mail Services, including automatic forwarding of messages and mail filter creation * Public and private threaded discussion, allowing workgroup communication and collaboration * Document indexing and searching, including a powerful search system to quickly locate documents on the NetWinder Group Server * Cross-Platform File Sharing and Transfer between the NetWinder Group Server and users of Windows NT=AE, Windows=AE 95 and Apple=AE platforms * Document Management enables users to organize documents into categories and assign searchable properties, such as keywords, to facilitate information access For more information: http://www.corelcomputer.com/ _________________________________________________________________ PHT Releases TurboLinux 3.0.1 OAKLAND, Calif - January 18, 1999 - TurboLinux v3.0.1, the first version of the popular Linux distribution to be sold as a boxed set, is available today. TL 3.0.1 will offer a comprehensive installation guide and manual, is priced at $49.95 and can be ordered at http://www.turbolinux.com/orders/. TurboLinux, the most popular distribution in Japan, if not Asia, has begun a large transition into the U.S. Market. Pacific HiTech (PHT) has been a major part of the Linux community for years, previously acting as the distributor for RedHat and still as the Japanese distributor for all major Linux distributions. PHT recently opened it's new US offices in Oakland, CA and is working on more focused Linux products, beginning with TurboLinux Server, slated for release in the first half of '99, followed by other releases, including TurboLinux 4.0 in early summer '99. For more information: Justin Ryan, CEO, Senior WebMaster - PCHelp, http://computers.iwz.com/, webmaster@computers.iwz.com _________________________________________________________________ Informix/Linux LAS VEGAS, NV-Informix Partner Forum-January 19, 1999-Informix Corporation (NASDAQ: IFMX), the technology leader in enterprise database-powered solutions and award winning Linux vendor, today announced the overwhelming success of its holiday Linux promotion and ongoing Linux program. International distribution of Informix products on Linux has exceeded expectations with more than 175,000 copies of Informix databases on Linux distributed over the last six months. In response to this overwhelming demand, Informix has increased the global availability of its market-leading Linux portfolio through two strategic alliances with leading Linux distributors Red Hat Software and SuSE. These distribution channel alliances give the company even greater penetration into the rapidly growing worldwide Linux community and make access to Informix products even easier for Linux enthusiasts and business users. These alliances make Informix's Linux products available for download from both vendors' Web sites and demonstrate Informix's unmatched commitment to the Linux platform. A free development copy of Informix's database is bundled with SuSE's new 6.0 release of Linux. Available in Germany today, SuSE 6.0 will be stocked on U.S. retail shelves for a price of $49.95 by the end of January. The product bundle is currently available from the SuSE FTP site. Informix users will need to register the product online with Informix (http://www.informix.com/register4suse), to receive the free development license. Informix Dynamic Server, Linux Edition Suite is available for download from the Red Hat Web site (http://www.redhat.com). Informix users will need to register the product online at the Red Hat web site, to receive the free 30-day license. For more information: http://www.informix.com/ _________________________________________________________________ FASTLANE UNVEILS Xni NETWORK ANALYZER FOR LINUX Date: Thu, 14 Jan 1999 17:07:39 -0600 SUNNYVALE, CAFastlane Software Systems, Inc. announces the release of its Xni network analysis, security and accounting package on the Linux platform. Xni is a comprehensive, easy-to-use, software-only solution that monitors every conversation between hosts in real time, producing a concise graphical view of network usage and traffic flow without the heavy resource drain and limitations of SNMP/ARMON tools or the dedicated hardware typically required of network analyzers. Compact data format permits 7-day, 24-hour reporting. For administrators concerned with tracking DNS performance, Xni uses DNS/Yellow Pages to closely monitor DNS/BIND entries for all hosts it sees and reports all devices that have no DNS entry or result in a timeout. Xni can identify the activity of all network hosts in real time or over time. Applications can be tracked either individually or in groups. The system can be configured to monitor traffic and respond to alarms in intervals as small as one second. Findings are presented as an easy-to-read combination of graphs, charts and lists. On-the fly HTML reporting permits access with a standard browser Xni features on-the-fly HTML reporting that allows administrators to create reports on network traffic usage and view them from any machine using a standard browser. For more information: Fastlane Software Systems, http://www.xni.com/ _________________________________________________________________ Applix Announces Applixware for Linux On the Power PC Platform and Bundling Deal With LinuxPPC Inc. Date: Tue, 19 Jan 1999 09:30:26 -0500 WESTBORO, Mass.--(BUSINESS WIRE)--Jan. 19, 1999--Applix Inc., a leader in front office business solutions, today announced support for a new platform for its market leading suite of decision support applications. Applixware, Applix's integrated office suite, will run on Apple's Power PC based computers running the Linux operating system. In addition, Applix will be selling the product with a bundled version of LinuxPPC's Linux operating system. Applixware is a graphical suite running natively under Linux and includes Applix Words, Applix Graphics, Applix Presents, Applix Spreadsheets, Applix Mail, Applix Data, Applix HTML Author and Applix Builder, a visual, object oriented, rapid application development tool that provides full programmability and customization for the suite. LinuxPPC Inc., headquartered in Madison, WI, distributes the leading Linux distribution for the PowerPC platform. LinuxPPC has been working closely with Applix to raise awareness of the suite's availability on the platform, and has recently announced that the operating system will run on Apple's successful iMac product. For more information: Applix, Inc., http://www.applix.com/ _________________________________________________________________ Bascom Announces OpenLinux-based K-12 Application Bundle for Third-largest OEM (ICS) Orem, UT, January 18, 1998, BASCOM today announced the availability of its Internet Communications Server (ICS), an educational software/hardware solution developed for the OpenLinux OS from Caldera Systems Inc. Having successfully deployed ICS at key regional sites, BASCOM will now make it available to K-12 schools through the third largest hardware OEM and accompanying reseller channels. BASCOM's use of OpenLinux provides the education vertical market with its first Linux-specific application. While providing a secure and easily transportable platform for future alliances, BASCOM's decision to use OpenLinux was based on the unique needs of the education community: needs that fell directly under Caldera Systems' focus on Linux-based business solutions: stable, proven, tested and supported. For more information: BASCOM Global Internet Services, Inc., http://www.bascom.com/, info@bascom.com Caldera Systems Inc., http://www.calderasystems.com , linux@calderasystems.com _________________________________________________________________ Servertec today announced the availability of a new release of iServer, a small, fast, scalable and easy to administer platform independent Web/Application Server written entirely in Java Date: Sat, 30 Jan 99 175420+0500 Kearny, NJ. - January 26, 1999 - Servertec today announced the availability of a new release of iServer, a small, fast, scalable and easy to administer platform independent Web/Application Server written entirely in JavaTM. iServer is the perfect Web Server for serving static Web pages and a powerful Application Server for generating dynamic, data driving Web pages using Java Servlets, iScript, Common Gateway Interface (CGI) and Server Side Includes (SSI). iServer provides a rich environment for building and deploying cross platform Web-based business critical Internet and Extranet applications. iServer is also a robust, scalable platform that individuals, work groups and corporations can use to establish a Web presence. iServer preview release is available for free at http://www.servertec.com/ (connect-time charges may apply). For more information: Servertec, http://www.servertec.com/ Manuel J. Goyenechea, goya@servertec.com _________________________________________________________________ Published in Linux Gazette Issue 37, February 1999 _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next _________________________________________________________________ This page written and maintained by the Editor of Linux Gazette, gazette@ssc.com Copyright © 1999 Specialized Systems Consultants, Inc. _________________________________________________________________ "The Linux Gazette...making Linux just a little more fun!" _________________________________________________________________ (?) The Answer Guy (!) By James T. Dennis, linux-questions-only@ssc.com Starshine Technical Services, http://www.starshine.org/ _________________________________________________________________ Contents: (!)Greetings From Jim Dennis (?)serial port settings --or-- Another Damn WinModem (?)Simplified Security? --or-- Simple Security Tips (?)eterm quickie + general commment (linux SUPERGRAN) (?)nr_files and nr_inodes --or-- Max Open Files and Inodes: Use The Entries under /proc (?)setting up an ISP to serve email (?)Getting my new linux box to run the ftp server (?)setting up an ISP to serve email --or-- Setting up ISP Mail Services (?)[Fwd: rsh on 2.0.34] --or-- More on: 'rsh' as 'root' Denied (?)procmail --or-- 'procmail' to Get Mail via POP-3? No. 'fetchmail' (?)Linux Diagnostic Tool --or-- Hardware Info Under Linux: MSD.EXE Clone? (?)X terminals via serial links? --or-- X Windows Over a Serial Line (Null Modem) (?)copy of Microsoft Office --or-- Free Copy of MS Office for Linux? It isn't April Yet! (?)diald modem settings E71 --or-- Using "odd" modem settings (?)Further answers to questions? --or-- Sometimes Short of the Question (?)Steven Hancock: ps to gif --or-- More on: Automated PostScript (ps) to GIF Conversion (?)"Routing and Subnetting 101" Linux Gazzette 1/1/99 --or-- Re: Routing and Subnetting for Classes (?)Partitioning my new Linux box... --or-- Disk Partitioning: Review (?)Curious modem hangup... --or-- PPP Disconnects (?)ifconfig reports TX errors on v2.1.x kernels --or-- 'ifconfig': TX errors (?)System clock is too fast... --or-- Ahh ... The Toils of Time (?)you are the man --or-- The Complaint Department: Typos and Grammatical Errors (?)you are the man --or-- The Complaint Department: Typos and Grammatical Errors (?)you are the man --or-- The Complaint Department: Typos and Grammatical Errors (?)modem disconnect problem? (?)modem problems under linux --or-- X Prevents/Kills Modem Connection (?)I want my 10 GIGS!!! --or-- Ultra-DMA and the 8.4Gb IDE Disk Limit (?)LTT submission (?)Is it possible to run Debian on 4 MB? --or-- Low Memory Installation (?)Better resolution (laptop LCD) --or-- Higher Resolution X on a Laptop (?)you are the man (?)I want my 10 GIGS!!! --or-- Ultra-DMA and the 8.4Gb IDE Disk Limit (?)Dos (?)Low Level Formatting (?)Bad Sectors in my HDD --or-- Removing Bad Sectors (?)Help --or-- Netscape Communicator: "Improper DNS Type"? (?)Communicator and PGP on Linux --or-- NS Communicator (Mail) and PGP (?)Uh, where'd my "man" go? --or-- 'fsck' Breaks 'man' Pages? (?)Custom Install --or-- Unable to Open Console: After "Custom" Install (?)Securing a modem dial-out line. (?)Why can I only login as root? --or-- Another "No Login" Problem (?)RAM (?)I used gzip in bad way... help! --or-- Accidental Deletion (?)TCP patch for SACK? (RFC 2018) --or-- TCP/IP SACK Support: When? Now! (?)you are the man ____________________________________________________ (!) Greetings from Jim Dennis Well, the 2.2 kernel is finally out. Indeed the 2.2.1 patch has also made its way onto the scene (you just knew they'd find something worth fixing in the first week). If you're considering upgrading you'll want to look through the list of required/suggested package upgrades to go with that. Although most code in userspace isn't affected much by kernel changes there are always some utilities and applications that will be. Of course, you can install a new kernel right along side your existing one --- and reboot between them with glee. Remember LILO is a multi-boot utility as well as a boot loader --- so you can easily add new entries to it. Thus upgrade will be much easier than the migration from 1.2 to 2.0 (when the structure of many /proc interfaces changed --- breaking the 'ps' related utilities). That's good since there are probably close to ten times more Linux users now. Of course the faint-hearted can just wait for their friendly distribution maintainer to put out an all new version with the 2.2.x kernel and all the new utilities pre-built. However, what would the fun be in that. To learn more about upgrading your kernel look LinuxHQ (http://www.linuxhq.com/). They have about a half dozen links to pages on the subject (particularly with lists of requisite package upgrades and links to the tar.gz files and even one site that has links to the requisite RPMs). After you upgrade you'll want to keep you eyes on those sites, checking back over the next couple of months. There will probably be other packages that are found "wanting" (unready for 2.2). If you get that all installed, read all my rantings for this month and are still bored --- take a look at the "Linux Tips & Tricks" site (http://www.patoche.org/LTT/) and considering adding your own suggestions to the mix. I added a couple myself. I also suggested to the site maintainer that he link to LG's "2-cent Tips" and to the Linux-Tips HOWTO (http://metalab.unc.edu/LDP/HOWTO/Tips-HOWTO.html). While we're on the subject of "tips" here's one for you budding shell scripters and programmers out there: If you have to use /tmp --- do it safely. Sure, you script is running on a single-user workstation now. But eventually you'll use it on a multi-user machine or someone will copy it. There are all sorts of nasty tricks people can play on you involving symlinks in /tmp. Here's one way: TMPD=/tmp/$0$$$(date +%s) ## get a (hopefully unique) name ## use any reasonable method for this. OMASK=$(umask) umask 077 || exit 1 mkdir $TMPD || exit 1 trap 'rm -fr $TMPD; exit' 0 umask $OMASK ... this should either successfully make a safe, private directory under /tmp (and you use $TMPD for the rest of your temporary file operations --- using whatever names you want) or it should fail. There should be no race condition since the new directory should be made with the appropriate permissions in a single system call (and my strace output under Linux/bash confirms that). The part to be careful of is the 'trap' clause. That should automatically remove the temp directory and files on exit (normal or in response to any trappable signals). (If you use a kill -KILL on that script while it's running --- it won't get a chance to clean up after itself, but a normal [Ctrl]-[C] and most other kill signals should be fine. I still suggest using your own private ~/tmp directory whenever that's feasible (but not if your $HOME is served over NFS). I'll be teaching a class in shell scripting at Mission College (Santa Clara, CA) starting tomorrow. That should be interesting. ____________________________________________________ (?) Another Damn WinModem From Mark F. Johnson on Mon, 04 Jan 1999 (?) Greetings Honorable Answer Guru, I have been helping a friend of mine set up RedHat Linux on his system (dual-boot with Windows98). He has a Diamond Supra PCI Voice modem, which is set up on Com 3 but has an IRQ of 11. (I know, I know, it's bizarre, but that's the way it is.) His modem works fine in Windows, but Linux wants to assign it IRQ 4, of course. The modem is apparently configured to use IRQ 11 and the IRQ can't be changed in Windows. I have tried using the "setserial" command and was successful with changing the IRQ, but the modem still won't initialize, and rebooting the system resets the IRQ to the default. I've only been into Linux for about a month, so I'm no expert in the fine art of script writing. I am willing to try, if someone like yourself might give me a starting point and head me off in the right direction. Any ideas/suggestions wil be greatly appreciated. (!) Last I heard the Diamond/Supra PCI modems were of the "winmodem" variety. They don't work under MS-DOS, or Linux (only under Windows --- probably only under Win '95 and Win '98, maybe they have an NT driver, too). So you should probably return it. Then go back through last year's "Answer Guy" and search for the word modem. Almost ever problem that has been reported about any internal modem as been that it was a winmodem. Hopeless! (If Diamond claims it is not --- then boot from a plain old DOS floppy and get it to to dial the phone using an old shareware copy of Telix, Procomm, QModem, or any other MS-DOS program. If that works, there's hope. Otherwise BURN IT!) (If it really isn't a winmodem then try disabling "plug and play" in your BIOS and/or play with the pciutils package (available at Linux sites --- search http://www.freshmeat.net for that). ____________________________ (?) Modem Recommendations From Mark F. Johnson on Fri, 08 Jan 1999 (?) Greetings Once Again Honorable Guru, You were, of course, right on target with your previous assesment of my modem woes in regards to what was indeed a WinModem. I had my friend go to the same dealer from whom I bought my modem, an A_Open FM-56. He bought an installed what was supposedly the same modem, but again, no joy. Come to find out that A_Open's current line of PCI modems, including both FM-56 models, are all WinModems. The DOJ may be on to something afterall. To make a long and boring story short, my friend is going to buy an external modem. To save time and continued harassment of your Honorable self, may I implore you to recommend a moden that will work equally well with Windows and Linux? Much appreciation for your assistance. (!) Any external modem should be O.K. --- I use an older Zyxel 28.8 --- and I've had good luck with the old Practical Peripherals 28.8 fax modems. However, the model change so fast, and the companies merge and die so often that this is another of those areas where look at the latest Hardware-HOWTO and a poll of your favorite users group, newsgroup or mailing list is probably your best bet. (I like U.S Robotics Courier series --- but they are expensive. I detest their less-expensive "Sportster" series --- too cheap). ____________________________ (?) Happy "True"-Modem Customer From Mark F. Johnson on Wed, 13 Jan 1999 (?) Greetings Once Again Honorable Answer Guru, Just wanted to drop you a line and thank you for your wise and profound advice. My friend's modem dilemma has been solved. He ended up with a Zoom external 56k that set up easy and works like a charm. Best of all, it was just under $90. Who needs Winmodems? Again, much thanks. M. (!) Glad I could help. That is a pretty good price. Now I'll be flooded with requests about where to get them... ____________________________________________________ (?) Simple Security Tips From John Radcliffe on Mon, 04 Jan 1999 (?) One thing that might make Linux more attractive for the Desktop market is some clarification of security issues. While I don't consider myself an expert on desktop computer matters, people keep coming to me for assistance and advice so I must not be completely obtuse on the subject. Still I do not understand all that I read regarding Linux security. (!) I agree. I'll be giving a talk on this subject: 13 Tips for Securing your Linux System from Common Threats ... at the Silicon Valley Linux Users Group (http://www.svlug.org) this week. If I get my act together I'll set up some web pages with some version of the content of my slides and notes at http://www.starshine.org/linux/security/tips.html (I've put a placeholder there until my notes are presentable). If you're in the Silicon Valley (San Jose, California) area --- come to the meeting. (?) I would like to put together a simplified security guide for people who are not providing internet content or services, but wish to use a web browser from the Linux desktop. But I do not want to give bad advice through my lack of understanding. (!) The best advice is to disable all local services (deactivate inetd, sendmail, and the local httpd) Do a 'netstat -na' command to see what ports are "active" on your system. If it reports anything in "listen" mode on any port --- you've still got some networking service listening. It's a bit more complicated than that. I'll go into more detail a bit later. (?) One thing which I do not understand is how crackers gain access through SUID root programs. From a look at 'rootshell' and 'bugtraq' there seem to be innumerable ways to do this, and new ones seem to be found daily. Apparently even 'secure shell' isn't immune to exploitation. Rather than have the average desktop user try to keep current with all of these, would it be safe to say that if Telnet, Shell, and Login are commented out in /etc/inetd (and file permissions are correct as per the Linux Security HOWTO) that the desktop users machine would be safe from this type of attack? (!) To exploit a bug in an SUID program (whether it's owned/run as 'root' or any other user) the attacker must first gain "shell" access or must otherwise trick some service into executing the program. It must also be able to supply that SUID program with some sort of degenerate data (usually input or environment values --- though some exploits occur through signals, shell aliases, etc). If you are assuming a desktop system which is "owned by" the operator --- that is that you expect any person at the console to have "root" access --- then your primary threat vectors are network/remote exploits (disable services) and trojan horses (or --- very rarely under Linux --- viruses). In other words if I can already attain root by rebooting into single user mode, I don't need to exploit a bug in some SUID binary to 'get root.' If I get to a shell prompt remotely --- you've already lost (there are too many opportunities for me to violate too many security policies --- so you focus, in the common case for client workstations should be on prevent remote access to shell services and remote execution of any code. You are correct regarding 'secure shell' or 'ssh' as it's more commonly known. This does nothing to protect a system from SUID bugs nor from trojan horses. That's not its purpose. The purpose of ssh is to allow secure remote access --- which is very difficult to spoof, hijack, sniff, or otherwise compromise. ssh is a cryptographically strong version of 'rsh' 'rlogin' and 'rcp'. It uses RSA public key cryptography to perform mutual host authentication, and to establish a one-time session key. It then uses IDEA or some similar (user/admin configurable) symmetrical key encryption to protect the contents of the session from sniffing. Since the potential attacker should not be able to properly encrypt any packets (no access to the session key) --- this also prevent the attacker from injecting any forged packets into the communications stream (a process referred to as "session hijacking"). There are a number of other encryption packages available for Linux. They operate over various protocols, serving different needs and providing different features and applications. For example SSL is a set of protocols that are most commonly used for securing web pages and communications between browsers and web servers (primarily submission of form's data to CGI scripts). SSL is used because it is commonly built into the most popular web browsers. There is a suite of other SSL applications such as ssltelnet and sslftp (these are client/server packages --- so your intended host sites must install the appropriate daemons before your clients will be able to use these protocols). I did post a rather lengthy message on free crypto tools recently --- giving a pretty large list of the tools, though almost no "HOWTO" coverage of them. The idea was to provide lots of pointers to the web sites where more info on these tools (and the tools themselves) could be found. Naturally, due to the continuing disgrace of U.S. federal government regulations --- which consititute an obvious and despicable subversion of our Bill of Rights --- we are unable to freely provide our crypto software to the world at large. So free nations elsewhere are required to provide these. (Please write to your congress critter to let them know that this is a major votiing issue for all software enthusiasts --- and follow up by endorsing candidates to recognize the freedom of speech extends to the expression of practical mathematics through the art of computer programming.) I normally avoid politics in my column. However, this is one issue on which I cannot be silent. The sheer pettiness of these regulations (they didn't have the guts to pass them as laws --- they are "regulations" enacted without direct congressional action but clearly with plenty of underhanded political support) is astounding! The notion that a computer program can be arbitrarily classified as a "munition" and thus fall under export control is a slippery slope. It's only a hare's breadth from the notion that these "munitions" should entail mandatory registration and "7 day waiting periods" and ultimately be banned entirely from domestic use. It'll all start with populist phrases like: "protect the children from child pornography" and "only drug dealers and mobsters have secrets to hide from us" Anyway, back to your subject. Just commenting out three for four services is not enough. Start by commenting out everything. Then remove 'inetd' completely from your startup sequence. That's much more comprehensive. However, you may find that you "need" some of those services. For example, if you do IRC you'll find that most IRC servers want to do an "auth" call back to the the 'identd' (identification) server on your system. You can use TCP Wrappers, and only re-enable a service (with restrictions that are as tight as feasible in your /etc/hosts.allow) when you know what it is doing and why you are enabling it. That's why I'll be giving this talk. It isn't simple. ____________________________________________________ (?) eterm quickie + general commment (linux SUPERGRAN) From liam on Thu, 31 Dec 1998 Dear Answerguy, A Quickie: (please read this!) WHERE THE HELL CAN I GET THE GRAPHICAL TERMINAL ETERM??? (The new replacement for rxvt, you know, the one that supports pixmaps ....not the terminal mode of emacs, great as that is). I can't find it anywhere, it's not in the sunsite or GNU ftp archives, it's mentioned in some HOWTOS, but with no reference as to how to obtain it. Is it part of commercial X distributions only or something? yours confusedly, Liam. (!) As far as I know Eterm is the Enlightenment inspired xterm. The fastest way to find files like this these days is the Freshmeat QuickSearch feature. This lead me right to Eterm and its web home page at: http://www.tcserv.com/Eterm (?) A Comment: (linux SUPERGRAN) On a personal note, my familiy in London who know LESS THAN NOTHING about computers, got their first PC (assembled by me) for Christmas, and are all using a pleasent Linux/KDE/Netscape+Applixware combo which they aver they find much easier to use than "those funny computers at the university" (- i.e. basic win95+Novell/IE/MSOffice monstrosity). Obvoiusly I set it all up and do 100% of the sysadmin, but still even my GRAN uses it (with my sisters help!) for e-mail & browsing. They are quite pleased that it never crashes :-) On My Soapbox: (consign to /dev/null now if looks too long &or boring) Great column! Nice to see someone with the patience to answer those 'naieve' (i.e. uninformed!) newbie questions of the general form "So what's this Linux all about, can I run it on a PC ..." e.t.c. A waste of time and annoyance to old-timer hacks and busy developers it may be, but if the OS community is to get the message accros to joe public as well as relative "techies" (sys-admins, businessmen, university students like myself...) in the rapidly accelerating battle for hearts and minds; it is vital that everyone makes an effort to encourage outsiders to give it a try. There is an hightened level in media attention in OS & Linux right now which will not neccesairily last forever, and an exciting window of opportunity with the rapid development of 'user-freindly' desktop environments such as KDE and GNOME. It is all too much to ask of one poor Answerguy! Indeed it is an issue that needs attention from the OS community with hopefully a more rounded systematic approach developed: the risk of inaction is that growth of Linux in the home/light use market does not come quickly enough, and home/light users get locked into a depressing windows 2000 (NT5) "development" cycle, (if windows 2000 actually gets off the ground by 2010 that is!). Two years ago I myself was converted to the 'light side of the force'and became a newbie (perhaps I still am), and if it wasn't for an achademic UNIX familiarity, and a good freind who was my local guru and walked me through the first few weeks, I would not be e-mailing you now (although a lot has changed in two years). I have been pleased to spread Linux to four freinds since then, (walking them through their first install e.t.c), and a healthy informal Edinburgh LUG, has sprung up consisting mostly of home-users. The growth has been phenomenal as all the 'statistics' attest, but in the coming two years word-of-mouth will not be enough. (!) Glad you like it. Please feel free to do your part in the great tech support effort. Join a users group in your area. Help out at the occasional installfest. Jump into the newsgroups or onto the occasional mailing list to answer a few questions when you can. There are still some rough spots for us to go through. However, I think that we'll make it. Linux currently enjoys about 2.5 percent of the desktop market according to one of the recent surveys. So that's our next goal. We tripled our penetration into the server market last year --- I think we can at least quadruple our share of the desktop (for a total of 10%). Talk to me after the Y2K dust settles in 12 months and we'll see if we made that goal. ____________________________________________________ (?) Max Open Files and Inodes: Use The Entries under /proc From 4th Dimension Webmaster on Thu, 31 Dec 1998 (?) Hi , i have a DUAL 400MHz Pentium 2 processor which runs 400+ processes. In kernel 2.0.x i had to increase max processes in tasks.h, and nr_files and nr_inodes in fs.h. I tried kernel 2.1.131, it was much more efficient with the dual processors and everything ran more smooth, except one problem. there is no "nr_inodes" in fs.h. So when ever i hit around 400 processes , it was out of file descriptors and couldnt spawn any other processes. If you know how to over come this problem please let me know. (!) You should be able to just 'echo' the desired values into the proper nodes under the /proc filesystem. Those would be something like: /proc/sys/kernel/file-max /proc/sys/kernel/file-nr /proc/sys/kernel/inode-max /proc/sys/kernel/inode-nr ... though I just snarfed those in while running a 2.0.x. I'll need to fetch a 2.1.132 and start a new round of tests on that kernel. In any event --- the nodes should be under /proc somewhere -- and you can just use 'echo' with standard shell redirection to put new values into these at run-time. Somewhere on the 'net there is a FAQ or HOWTO that describes this and gives sample values. I think the max inodes should be about 3 times the max open files. Anyway, take a look through the Kernel mailing list FAQ at: http://www.tux.org/lkml.html ____________________________________________________ (?) setting up an ISP to serve email From chris smith on Wed, 30 Dec 1998 Jim: Thanks for your response in checking out my system with the command ps I find that there is no pop deamon running so I guess i will have to find that. (!) in.popd (and most other POP daemons such as qpopper) wouldn't show up during 'ps' unless someone was accessing the service concurrently to your running the 'ps' command. The whole point of 'inetd' is that it monitors all of the TCP/UDP ports (on all of your interfaces) and dynamically launches the services daemons (in.popd, in.ftpd, in.telnetd, etc) on demand. So, check your /etc/inetd.conf --- and make sure that inetd is running. Then try to run a POP client. Another trick is to use telnet to connect to the POP-3 port (110). You can then issue USER and PASS commands -- followed by a QUIT command. If those work then your POP daemon is responding. As with most Unix TCP services, the control messages in the protocol are implemented as a set of short commands and standardized responses. This is the way that SMTP, FTP, POP, IMAP and several others work. (There are also services that use binary and null terminated strings for their protocol elements --- those generally can't be "spoofed" or "debugged" using just plain old 'telnet'). (?) as for my comments about the dos\windows directory structures, let me clarify in dos\ windows when you go to a a folder for say Netscape, you will find all of the files(for the most part) to run that program under that folder and in directories directly under that folder ( excepting perhaps some common system .dll and autoexec.bat config.sys, and 3 or 4 other common system files,ignoring the system registry fro a while) It seems to me that the programs under linux are scattered all over the place. I understand that mostly all of the files are text based (makes sense to me for set up reasons), but why are they everywhere, and no one has been able to tell me just what the major directories mean (or represent) just why is stuff where it is? (!) First of all, "folders" are a completely different abstraction than "directories." Folders don't exist in MS-DOS. They are a Windows thing. (Terminology borrowed from the MacOS paradigm). I think that you belief that Linux and Unix files are "scattered all over the place" (a complaint you've repeated twice now) is largely a matter of your perception. As you say, some DLL's, fonts, and other elements of Windows programs are put outside of the folders and directories that are associated with them. In any event, Unix (and Linux) provide "mechanisms" --- they don't set "policy." So each programmer is free to use whatever conventions best suit their needs. Most Unix/Linux programmers follow a fairly complex set of conventions --- which have evolved over the course of about 30 years. That's ten times longer than Windows '95 has been around, and twice as long as MS-DOS. As for what the different directories "mean" --- read the FHS (filesystem hiearchy standard) which is part of the Linux Documentation Project. It sounds like you spending more time fighting the conventions than understanding or accepting them. Some of them are a bit silly (/etc for configuration files, why isn't it /conf?) and some of the file names are historical (which is why we store user account names, shells, home directories, and other info in the /etc/passwd file --- and we store password hashes in the /etc/shadow file). /usr is the home of "user space" programs and resources, while /var is the tree for /usr type files that are expected to differ between systems (things that used to be in /usr until people started trying to share /usr over NFS). /home is common on Linux and less common on other Unix platforms --- most of which use a set of fileystems like /u1, /u2, etc. /proc is a "virtual" filesystem --- a representation of the kernel's process status as a tree of nodes. This allows programs and shell scripts to access process status and other kernel data without requiring special interfaces into the kernel. The /dev directory is for "device nodes" (filenames through which programs can access and control devices). It would take a rather lengthy book to go over all of these conventions. You could read "Linux Installation and Getting Started" for some of this. Most of it is more of an "oral" tradition (carried mostly by netnews, over mailing lists, in user group meetings and at technical conferences like USENIX, SANS, and the IETF workshops. (?) there must be a philosophy behind this system I don't understand yet can you shed a little light on this?? (!) Read Peter Salus' "A Quarter Century of Unix" if you want to understand the background of Unix (and thereby the heritage of Linux). There is also another book whose title escapes me --- but it's something like: "the philosophy of Unix" --- which is more for programmers. (?) thanks chris ____________________________________________________ (?) Getting my new linux box to run the ftp server From Clay Harmon on Wed, 30 Dec 1998 I have just added an Intel Pentium Linux (Redhat 5.1) box to a heterogeneous network consisting of 2 Sun Solaris 2.5.1 workstations and 4 Win95 PCs. Everything has gone pretty much OK, only I can't establish an ftp connection from outside to my Linux box. If I try to ftp into the Linux box from the Sun stations, I get a "421 Service not available, remote server has closed connection" message. I have looked at the usual culprits, i.e. /etc/hosts.allow, and have enabled access to the ftp server for ALL. What is truly strange is that inetd "superdaemon" seems to work just fine for the finger, telnet AND rlogin services - I can access the Linux box from outside just fine using any of these, but the ftp server does not appear to be up. The only other piece of network weirdness I have noticed is that when the Linux station boots, I get an error on one of the Sysv init scripts: Executing: /etc/rc.d/rc3.d/S10network reload * route: netmask doesn't match route address * Usage: route [-nNvee] [-FC] [Address_families] List kernel routing tables * ....... and so on and then Executing: /etc/rc.d/rc3.d/S50inet restart (!) That probably is unrelated --- though you should check to make sure your routing tables are right. Are you running 'routed' or 'gated' to get your route dynamically? The reasons that I don't believe this symptom is related to your FTP problem is that it's complaining about routing and you clearly are getting packets to and from the box (otherwise you wouldn't get the service unavailable message --- and finger/telnet and rlogin wouldn't work. It also sounds like this probably isn't a TCP Wrappers problem --- since you presumably have all you services wrapped. However, you should check to make sure that your forward and reverse DNS zones are consistent --- since this classically can cause TCP wrappers to deny connections that would otherwise be allowed. (Normally tcpd is compiled with -DPARANOID enabled --- though Red Hat ships with it off, so you can explicitly use the PARANOID directive if you want -- but you don't get it unless you ask for it). In any event it seems that the most likely case is that you have a problem in your inetd.conf file --- probably a path referring to non-existent in.ftpd. Did you install in.ftpd, WU ftpd or ProFTPd? You have to install some FTP daemon in order for the dispatche (inetd) to execute it. So, make sure the package is installed. Make sure that the path listed in the /etc/inetd.conf is correct. Finally, look in /var/log/messages for any errors that inetd, tcpd, and/or in.ftpd (or its ilk) are reporting. If all of that is O.K and things still don't work --- I'd look for something weird with one of the routers (some sort of packet filtering, network address translations or IP masquerading or something like that). Incidentally, you mentioned "from outside" --- I hope you don't mean that your organization is allowing direct routable IP from the outside world (open Internet) all the way into your desktop workstations. If that's the case I'd highly reoommend a review of your security policies and an assets evaluation and risk assessment. Your company can provide reasonably safe and secure remote access to it's employees without leaving itself wide open to every cracker that want another attack launch point and portscanning slave. (?) This may or may not be related to my problem. I'm stumped. Everything else seems to work just fine - I can get out through our ISDN router to the net, Netscape works fine, and all of the other services seem to work just fine. I can use the ftp utility to access the Sun stations, and "get" files, but I would really like to be able to ftp from our PC's into the Linux box, without having to go through the complicated path of ftp'ing from PC to Solaris(put) and then from Linux to Solaris(get) to just transfer a simple file. I don't have the option currently of ftp'ing from Linux to PC, because Win95 does not have an ftp server as a standard option, so I would like to be able to ftp from PC to the Linux (put). I have the feeling there is something simple that I'm doing or not doing that would fix this problem. Thanks for your help (!) Look for your ftpd program. There are several to choose from. I think Red Hat 5.1 uses 'in.ftpd' as re-ported from the OpenBSD sources. Most Linux distributions default to the Washington University (St. Louis) WU-FTPD. I've recommended others (such as ProFTPD, BeroFTPD, and ncftpd) in previous columns. ____________________________________________________ (?) Setting up ISP Mail Services From chris smith on Tue, 29 Dec 1998 (?) James: I have been going over all the back issues of the Linux gazette (and many books and articals) looking for info on setting up a Linux(5.1) machine as an ISP to serve e-mail to customers. In a test sceneraio I hava created new accounts with passwords and sent them e-mail from an outside( through another ISP), but trying to find the info on how to retrive the e-mail is very difficult. My intent was to use POP3, and aparentaly I have to configure inetd.conf to run POP3 and allow others access to ther accounts. (!) On most distributions POP and various servers are enabled by default. Normally it's wise edit /etc/inetd.conf to disable POP and other services. When you created these accounts --- one thing you should probably do is disable user access to shell (login) services by setting their shell to /bin/false. Actually there is a problem with that, too. It gets a bit complicated by the fact that /bin/false on many Linux and other Unix systems is actually a shell script. You'd think that a shell script that does an immediate exit would be safe enough. However, 'telnetd' and some other services will propagate certain types of environment variables to the login shell. It's possible (using some shell quoting hackery) to trick /bin/false (the shell script) into executing arbitrary chunks of shell code if they aren't filtered by the telnet daemon. So, you should compile your own binary equivalent of false --- actually I wrote my own I call "denysh" as shown here: #include /* denysh * by: James T. Dennis, * Proprietor, Starshine Technical Services * * Deny a user shell access. Intended for use as * the "shell" for POP mail, FTP only and other users * who are supposed to be restricted to non interactive * use of the system. * * Usage: using vipw you can replace the "shell" field * of any user's account record in the /etc/passwd with * the full path to this binary. You can also add this * to /etc/shells and (as root) use the chsh command to * apply this (no need to edit /etc/passwd if that bothers * you). * * compile with: * gcc -static -o denysh denysh.c * * to prevent any chance for shared library (LD_PRELOAD) * exploits */ int main () { char *message= "Access Denied: Your account is not" " permitted interactive login!\n"; write (STDERR_FILENO, message, strlen(message)); exit(1); } ... just compile that and read the comments. I also recommend setting the home directories of "POP Only" users to some directory that they don't own, to which they do not have any other access, and also denying them FTP access. Of course if your customers have special needs --- for example they intend to run 'procmail' on your server, etc --- then you'll need to review your policies and make your own decisions. Of course, most sites don't secure their systems all that well. So many sites will continue to use the /bin/false, and they'll occasionally see their "POP Only" users (or people who've sniffed or stolen the passwords for their users) subvert the "/bin/false" into full interactive shell access. Of course if your system is using PAM there are ways that you can limit specific users and groups to specific services (particularly using the 'listfile' module. PAM is the default authentication model for Red Hat Inc's distribution --- and it can be installed on other systems as you like. It's also possible to limit access to services based on where the request is coming from. Thus it's pretty easy to institute a policy that allows 'telnet' and other forms of access from your local LAN while denying it to anyone whose request is coming from an "outside" system. If your going to run an ISP system you'll want to learn quite a bit more about Linux security than the average sysadmin. (Shamless plug: I'll be giving a tutorial on the subject at the upcoming LinuxWorld Expo: http://www.linuxexpo.com). (?) any Help that you can give will be much apriciated. chris ps. I got handed this job under protest saying I am willing to learn ( I come from the land of windows and dos where everything is in one directory not scattered around {what is up with that anyway} ), and I am reading everything that I can, but there are still many many holes, the local groups are some help, but the continued refference to read the man pages helps little. I hardly under stand what they are saying 1/2 the time. just venting i guess (!) I've never seen an MS-DOS or Windows system where "everything is in one directory" --- even if you consider the Win '9x "Registry" --- that is more of a "virtual file system" than a "single file" (since it has many "sub trees" and "nodes"). Indeed, you'd find (if you'd studied any operating systems beyond MS-DOS, Windows, and Unix) that the similarities between MS-DOS and Unix are somewhat greater than their differences. However, the Unix, and consequently the Linux, convention is to use relatively simple text files for configuration of almost all services. System services are almost all controlled by files under the /etc directory tree. The use of text files allows for easy repair, auditing and relatively easy automation of changes (since awk, Perl and other text processing scripts can be written to modify many settings on systems across a network. It's also possible to distribute new configuration files (including passwd and group files to update user account information) over the net. This is facilitated by having separate files for different services. (?) "in the deep end and over my head comming up for air soon I hope" (!) Well, one approach would be to just "go with the flow" --- just enable the POP daemon support in inetd and let the users access whatever other services they like. Professionally your best bet is to recommend that a consultant be placed on retainer to help you set up each new service as requested. That consultant should review your needs, show you how to install/configure the service and give you some pointers on maintaining it. It would be a good idea to have that consultant --- or better yet, a different one --- come in to do periodic systems administration and security audits. In this way you get the help you need, the services installed and configured by someone whose done it before, some training, and a direction to which you can escalate emergencies. If your boss expects you to "just do it" and expects it to all get done right and in a timely fashion, and refuses to provide you with the additional resources (consultants, training, time, leeway to mess things up, whatever) then you should definitely consider your negotiating position. (Many employers exhibit unreasonable expectations in this field. They've fallen victim to the lies of software company marketeers that have been chanting "ease of use" for the last two decades. A lot of software is only "easy to use" if you want to do it "their way" and accept whatever limitations and flaws --- particularly security flaws --- it shipped with. However, many of these managers will listen to reason --- and the really important part of a sysadmin's job is to manage the expectations of his or her users and management). ____________________________________________________ The original thread appeared in Issue 36, "'rsh' as 'root' Denied". ____________________________ (?) More on: 'rsh' as 'root' Denied From Walt Smith on Tue, 29 Dec 1998 (?) HI ! THX for the reply...... Unfortunately, I still can't - rsh wally ls as root. Tried it on slackware nicely setup w/ 2.0.30 kernel. Didn't try Red as I don't know it as well. I changed the /etc/inetd.conf to read -h starts with - shell stream tcp nowait root /usr/sbin/tcpd in.rshd -h I also tried -hl and -l /etc/services has: shell 514/tcp cmd #no passwords used (thats the actual statement including # comment above) I had hosts.equiv text of - wally.bcpl.net + (I took hosts ISP bcpl.net and added 'wally' for my pc.) (wally is aliased for same in file hosts) MESSAGE given is - permission denied I also tried renaming hosts.equiv to get it out of the loop entirely. (!) Your /etc/hosts.equiv seems to be in the wrong format. Your hosts.equiv should contain hostnames --- no "+" (plus) signs or any other data. Some versions don't seem to allow IP addresses -- just hostnames. I personally recommend that you configure such a system to give /etc/hosts files priority over DNS --- and distribute a good hosts file to all of the systems on this cluster. Running it with the -l (disable personal .rhosts files) is probably a good idea for a cluster. I'd definitely put this cluster behind a router (any Linux box with a couple of interfaces will do) and configuring a set of packet filters to limit outside access to services within the cluster. The very least you should do with your packet filters is "anti-spoofing" --- let's say your using the 192.168.10.* block of addresses (from RFC1918) for your cluster nodes. You'd put in a rule like this: ipfwadm -I -o -a deny -W $exterior_interface \ -S 192.168.10.0/24 ... (as one-line, of course) to add (-a) a "firewall" (packet filter) rule to the "incoming" (-I) table on the interface which (-W) you've named which will "deny" any packet that purports to have a source (-S) address that's supposed to be assigned to one of your internal cluster nodes. The -o in this rules specifies that any packets matching the rule ("caught by it") should generate "output" to the syslogs. You can then filter/monitor your syslog for attempts to violate your policy. This affords only a tiny measure of protection over all. However, it is better than nothing. If a group of machines will have a trust relationship based on their IP addresses --- you much ensure that your routers into that LAN segment won't blithely allow "imposter" packets through. (?) By the way, bcpl.net is Baltimore County Public Library. Their accounts are $100/year unlimited time, with ppp, telnet to sun shell $, ftp, and 5 megs for email/and/or web page !! Such a deal !!! see www.bcpl.net/~waltech/ if curious, which I doubt.... (!) I'll leave in the plug. Normally I filter out identifying information from messages before posting them to the Linux Gazette. This is to protect your privacy (and limit the amount of spam that would be sent to my correspondents). (?) Never programmed in bcpl .... thats a golden oldie, right ?? (!) Yes, it pre-dated B which was the predecessor to C. Some have argued that the next programming language in the evolution of this family should therefore be "P" --- then "L" ;) (?) I want to use rsh because I want to get a small experimental Beowulf going, and this tidbit is neglected everywhere I've checked. Did I muck something ???????????????? (!) It looks to me like you put extra stuff on your hosts.equiv lines. A "+" on a line by itself would be a "wildcard" allowing in "all" hosts (which is every bit as stupid as it sounds --- and was the default for SunOS and Solaris for many years)! I think the versions of in.rshd and the related daemons that are commonly shipped with Linux (different versions for different distributions --- most are BSD or Wietse Venama 'logdaemon' based) will ignore such wildcards. (?) THX for any help ! regards, Walt Smith ____________________________________________________ (?) 'procmail' to Get Mail via POP-3? No. 'fetchmail' From ehalm on Mon, 28 Dec 1998 (?) Hi, Looking for ways to get my mail from my POP3 account on my ISP and deliver it locally. Thanks, Ebow Halm (!) In your subject you list 'procmail' --- that is probably not the right tool for this job. The normal way to get your mail from your ISP (or any POP server) to your system is to use a mail user agent such as Netscape Communicator that directly uses this protocol. However, there's another way that's useful if you use 'elm' or 'pine' (or MH as I do). You can use any of several programs that fetch the mail from a remote POP or IMAP server and store it in your "inbox" (usually something like /var/spool/mail/$USERNAME). Currently Eric S. Raymond's 'fetchmail' is the most popular utility for this purpose. There are others with names like 'getpop' and 'popmail' --- some are simple PERL scripts. One minor complaint I have about 'fetchmail' is that it really wants to relay the mail it fetches through the local mail daemon (usually 'sendmail') --- so that it can apply any local aliasing and filtering rules to it. Since I like to centralize my mail on one server --- and prevent mail daemons from running on the client workstations and other servers on my LANs --- I need to bypass this. The easiest way is to invoke 'fetchmail' with some extra parameters to force it to pipe the messages through my preferred delivery agent (procmail). So I use a command like: fetchmail -m "/usr/bin/procmail -f - " ... note: this is only appropriate for fetching mail for a single user. Some ISP's will spool mail for an entire client domain into a single "mbox" file (this is one method of "virtual hosting" mail). They expect the client to split the mail back into the users within