From sage-members-owner Wed Jan 12 16:06:33 2000 Received: by usenix.usenix.ORG (8.9.3/8.9.3) id QAA22999 for sage-members-outgoing; Wed, 12 Jan 2000 16:06:33 -0800 (PST) Received: from blacksun.kewltech.com (root@lanning.vip.best.com [206.86.88.192]) by usenix.usenix.ORG (8.9.3/8.9.3) with ESMTP id QAA22989 for ; Wed, 12 Jan 2000 16:06:20 -0800 (PST) Received: (from lanning@localhost) by blacksun.kewltech.com (Sendmail 8.9.3) id QAA17839; [Wed, 12 Jan 2000 16:06:12 -0800] From: Robert Hajime Lanning Message-Id: <200001130006.QAA17839@blacksun.kewltech.com> Subject: Re: Performance Computing (was Unix Review) closing down ... To: Marino_Duregon@mentorg.com (Duregon, Marino) Date: Wed, 12 Jan 100 16:06:11 -0800 (PST) Cc: sage-members@usenix.org In-Reply-To: <0B30C465AF9FD311BB6B00508B449DEE384244@svr-orw-exc-01.wv.mentorg.com> from "Duregon, Marino" at Jan 12, 0 01:27:42 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.ORG Precedence: bulk Well they kindof shot themselves in the foot when they changed from Unix Review. ---- As written by Duregon, Marino: > > Hello all, > > just got in the mail my January 2000 issue of Performance Computing > (formerly known as Unix Review) and read with disbelief that > "For a variety of business reasons, Miller Freeman has decided to > discontinue the publication of this magazine. Thus, with this issue > we bid you, our faithful reader, farewell, and extend to you our > gratitude for the support and additional insight that you have > provided to us over these many years." > > Pretty sad. After the printed version of Byte (a new, online version, > is available at byte.com ) here's another staple of computing history > that is closing down. I wonder if they are consolidating operations and > folding into the 'SysAdmin' magazine. > > What do you guys think ? > > Marino > > > --- > Marino Duregon, Mentor Graphics Corp.| email: marino_duregon@mentorg.com > 8005 SW Boeckman Rd. - E2322 | phone: (503) 685-4796 > Wilsonville, OR 97070-7777 | AIM: mduregon99 > > -- /* Robert Hajime Lanning lanning@lanning.cc ** Trade: Unix Systems Administrator (Senior level) */ #include From sage-members-owner Wed Jan 12 22:59:33 2000 Received: by usenix.usenix.ORG (8.9.3/8.9.3) id WAA06555 for sage-members-outgoing; Wed, 12 Jan 2000 22:59:33 -0800 (PST) Received: from blacksun.kewltech.com (root@lanning.vip.best.com [206.86.88.192]) by usenix.usenix.ORG (8.9.3/8.9.3) with ESMTP id WAA06546 for ; Wed, 12 Jan 2000 22:59:26 -0800 (PST) Received: (from lanning@localhost) by blacksun.kewltech.com (Sendmail 8.9.3) id WAA18423; [Wed, 12 Jan 2000 22:59:03 -0800] From: Robert Hajime Lanning Message-Id: <200001130659.WAA18423@blacksun.kewltech.com> Subject: Re: Performance Computing (was Unix Review) closing down ... To: mark@vielle.datasys.net Date: Wed, 12 Jan 100 22:59:03 -0800 (PST) Cc: extasia@mindspring.com, sage-members@usenix.org In-Reply-To: <200001130232.VAA31128@vielle.datasys.net> from "Mark R. Lindsey" at Jan 12, 0 09:32:15 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.ORG Precedence: bulk You're talking about having REAL editors. :) ---- As written by Mark R. Lindsey: > > : At 2000/01/12/13:27 -0800 Duregon, Marino wrote: > : > "For a variety of business reasons, Miller Freeman has decided to > : > discontinue the publication of [Performance Computing]. Thus, with > : > this issue we bid you, our faithful reader, farewell, and extend to > : > you our gratitude for the support and additional insight that you > : > have provided to us over these many years." > > David said: > : My guess: the Web has made this sort of publication less important > : than it used to be. > > I'm not specifically arguing with you, because you're probably right. > But that begs another question: > > Where can you go on the web to find that collection and quality of writers > and advertisers? Most of the material on the web is of relatively low > quality compared to printed matter. > > I tend to think that the web makes middlemen like magazine publishers > even *more* important. More than ever, we need experienced people > willing to sift through the poorly-written cruft to find interesting > articles for us.(*) > > Obviously, I'm disappointed to see them go. Please post any suggestions > on similarly valuable sources. I'd also be interested to learn where the > regular writers from Unix Review start publishing, because I've learned > a good bit from them. > > > > > > (*) Ganesan, Ravi: ``The Messyware Advantage: The precipitous rise > of the middleman.'', Communications of the ACM, November, 1999. > > > > > -- /* Robert Hajime Lanning lanning@lanning.cc ** Trade: Unix Systems Administrator (Senior level) */ #include From sage-members-owner Thu Feb 3 07:45:05 2000 Received: by usenix.usenix.ORG (8.9.3/8.9.3) id HAA00978 for sage-members-outgoing; Thu, 3 Feb 2000 07:45:05 -0800 (PST) Received: from vidar.mbt.washington.edu (vidar.mbt.washington.edu [128.95.231.94]) by usenix.usenix.ORG (8.9.3/8.9.3) with ESMTP id HAA00909 for ; Thu, 3 Feb 2000 07:44:57 -0800 (PST) Received: (from hal@localhost) by vidar.mbt.washington.edu (8.9.3/8.9.3) id HAA255228 for sage-members@usenix.org; Thu, 3 Feb 2000 07:44:57 -0800 (PST) From: Hal Miller Message-Id: <200002031544.HAA255228@vidar.mbt.washington.edu> Subject: volunteer solicited To: sage-members@usenix.org Date: Thu, 3 Feb 100 07:44:56 -0800 (PST) X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.ORG Precedence: bulk G'day folks, Anyone interested in shepherding this for us? Please contact Lillian directly, and cc me so I can keep tabs on it. Thanks! Lillian Gracz writes: > From: "Lillian Gracz" > To: > Subject: Requesting assistance > > To whom it may concern, > > I am a student enrolled in a computer science master's degree program at > Illinois Institute of Technology and a technology coordinator at Seward > Communication Arts Academy, a Chicago Public School. I am writing to you in > the dual role of student and teacher. As the final step to complete my > degree, I must create and develop a computer-based project for my students. > Since there is an emphasis for students to explore career choices, I have > made this the focus of my project. > > My students will choose a career that interests them, to research via the > Internet. I would like your assistance in creating a two-way communication > between students and members of your professional organization. It is my > intent that the students may grasp an understanding of the career > opportunities and learn the requirements and goals which must be reached > that they may have employment opportunities. > > I have created an Internet bulletin board, a forum for questions and answers > to be shared. There are two methods in which your members can participate. > They may directly participate via the bulletin board at > http://www.bulletinboards.com/view.cfm?comcode=Seward (the password is > "career") or I can send the e-mail questions to them. They can reply to me > via e-mail, and I will post their answer to the bulletin board. > > I hope you or someone in your organization will take the opportunity to view > the Seward Communication Arts Academy Career Bulletin Board. The password > is "career". If you believe you can be of help to tomorrows" professionals, > please send me the name and e-mail address of your contact person. The > participating students are at the stage of their life where the cultivation > of their interest may guide them to become successful future employees who > will, one day, provide great benefits to our country. > > What has made America great has been our innovative thinking. To keep our > future strong tomorrows" employees must continue to be the best trained in > the world. It is with help, such as yours, that our future can be assured. > If you have any questions you may call me between 8:00AM and 2:00PM CST at > 773-535-5805 or e-mail me at graclil@charlie.iit.edu. > > Thanking you in advance for you time and consideration, > > > Sincerely, > > > > Lillian R. Gracz > Technology Coordinator -- | Hal Miller (HAM10) System Administrator | halm@usenix.org Member, SAGE | | Department of Molecular Biotechnology | hal@cellworks.mbt.washington.edu | | University of Washington | hal@sage.org | | Box 357730 | voice: +1(206) 221-5279 | | Seattle, Washington 98195-7367 | fax: +1(206) 685-7301 | |Member, The System Administrators Guild of Australia - http://sage-au.org.au | From MAILER-DAEMON@mail.alcyonis.fr Thu Mar 23 11:38:32 2000 Return-Path: <> Received: from magnolia.wanadoo.fr (smtp-rt-11.wanadoo.fr [193.252.19.62] (may be forged)) by mail.alcyonis.fr (8.9.1a/8.9.1) with ESMTP id LAA01507 for ; Thu, 23 Mar 2000 11:38:31 GMT Date: Thu, 23 Mar 2000 11:38:31 GMT Received: from amyris.wanadoo.fr (193.252.19.150) by magnolia.wanadoo.fr; 23 Mar 2000 11:39:56 +0100 Received: from microsoft.com (164.138.13.106) by amyris.wanadoo.fr; 23 Mar 2000 11:39:54 +0100 Message-ID: <38d9f47b38e50591@amyris.wanadoo.fr> (added by amyris.wanadoo.fr) To: Status: O bande de cons on veut des rideaux !!!!!!!!!!!!!!!! ---- The only distingishing thing is the Return-Path: being <>. I suspect the attacker is using a program that connects to our SMTP server and sends "MAIL FROM: <>", which sendmail happily accepts. We upgraded to 8.10.0 and the problem appears to remain. Reading the cf/README file for 8.10.0 suggests a rule for headers. SO I added the following : LOCAL_RULESETS HReturn-Path: $>CheckReturnPath SCheckReturnPath R< $+ @ $+ > $@ OK R$* $#error $: 553 Header Error However this does not do what I expect, which is to REJECT messages where the Return-Path is the null address. Not being a sendmail macro guru, I'm lost how to prevent this attack. BTW we have contacted wanadoo.fr and they have closed the account. But we expect he'll try another temporary account with another provider tomorrow. Its sendmail's acceptance of the null address that really worries me. Is it a security hole for denial of service / mail flooding? -- Anthony C Howe 1489 Ch. des Collines, 06110 Le Cannet, France +33 (0)6 1189 7378 (p) +33 (0)4 9346 8901 (f) ICQ# 7116561 mailto:achowe@snert.com http://www.snert.com/ From sage-members-owner@usenix.org Thu Oct 19 15:30:59 2000 Received: (from majordomo@localhost) by usenix.org (8.11.0/8.11.0) id e9JMPem28592 for sage-members-outgoing; Thu, 19 Oct 2000 15:25:40 -0700 (PDT) Received: (from palmer@localhost) by usenix.org (8.11.0/8.11.0) id e9JMPen28587 for sage-members@usenix.org; Thu, 19 Oct 2000 15:25:40 -0700 (PDT) Received: from rosevax.ep.frco.com ([63.78.171.3]) by usenix.org (8.11.0/8.11.0) with ESMTP id e9JM8jt28385 for ; Thu, 19 Oct 2000 15:08:45 -0700 (PDT) Received: from endeavor.ep.frco.com (endeavor [155.177.145.87]) by rosevax.ep.frco.com (8.9.3/8.9.3-rosevax-2) with ESMTP id RAA11301 for ; Thu, 19 Oct 2000 17:06:56 -0500 (CDT) Received: (from donna@localhost) by endeavor.ep.frco.com (8.8.8+Sun/SMI-SVR4-jay5) id RAA02480; Thu, 19 Oct 2000 17:08:23 -0500 (CDT) From: donna@ep.frco.com (Donna L Butler) Message-Id: <200010192208.RAA02480@endeavor.ep.frco.com> Subject: Help Requested To: sage-members@usenix.org Date: Thu, 19 Oct 100 17:08:23 -0500 (CDT) Cc: timmori@endeavor.ep.frco.com X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-sage-members@usenix.org Precedence: bulk I am wondering if anyone is using any sort of virus scan software for Unix. It isn't completely necessary to scan Unix files; I mainly want to scan NT files that are stored on Unix servers. I have attempted to implement Mcafees' "Virus Scan for Unix (uvscan)". It works great, its just that it changes the file ctime, which in turn causes Legato to backed up every file every night....arghhh!!!! I have made numerous attempts at making the Mcafee folks address the issue....but they refuse to respond. So now I need to look for some other method. Thanks in advance Donna Butler _\\|//_ (' 0-0 ') +------------------------------o00--(_)--00o-------------------------+ Donna L. Butler Sr. Systems Administrator Rosemount Inc. RMD Desktop Services Voice: (612) 949-5175 8200 W. Market Blvd. donna@Rosemount.COM Fax: (612) 949-7570 Chanhassen, MN 55317 +--------------------------------------------------------------------+ From sage-members-owner@usenix.org Tue Feb 20 10:11:55 2001 Received: (from majordomo@localhost) by usenix.org (8.11.0/8.11.0) id f1KI86913600 for sage-members-outgoing; Tue, 20 Feb 2001 10:08:06 -0800 (PST) Received: (from jrl@localhost) by usenix.org (8.11.0/8.11.0) id f1KI85I13595 for sage-members@usenix.org; Tue, 20 Feb 2001 10:08:05 -0800 (PST) Received: from rosevax.ep.frco.com (fisherrose-bh.frco.com [206.242.150.66]) by usenix.org (8.11.0/8.11.0) with ESMTP id f1KHAE913079 for ; Tue, 20 Feb 2001 09:10:14 -0800 (PST) Received: from endeavor.ep.frco.com (endeavor [155.177.145.87]) by rosevax.ep.frco.com (8.9.3/8.9.3-rosevax-2) with ESMTP id LAA13387 for ; Tue, 20 Feb 2001 11:07:50 -0600 (CST) Received: (from donna@localhost) by endeavor.ep.frco.com (8.8.8+Sun/SMI-SVR4-jay5) id LAA03000; Tue, 20 Feb 2001 11:09:48 -0600 (CST) From: donna@ep.frco.com (Donna L Butler) Message-Id: <200102201709.LAA03000@endeavor.ep.frco.com> Subject: Password History To: sage-members@usenix.org Date: Tue, 20 Feb 101 11:09:47 -0600 (CST) X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-sage-members@usenix.org Precedence: bulk I am being forced to implement password history on my Solaris systems. I have looked at a few freeware packages such as "anlpasswd" and "npasswd" but they seem a bit complicated for me. I thought if I could write a wrapper to the passwd program, I would have it made. I would have it prompt for the old and new password, then check against a database of old passwords, then if all is well it would execute the "real" password command with the input as arguments. Here comes my questions: 1) If I write a simple csh or sh wrapper, how can I hide the input so folks can't see what is being typed in? 2) Can I deliver the old and new passwords to 'passwd' as arguments or with some type of redirect? I tried a number of things and couldnt get this to work. 3) Better yet; does anyone have another solution for me, or at least have a Solaris compiled version of "anlpasswd" or some other tool. Thanks in advance for your help ------------------------------------------------------------------------- Donna L. Butler Sr. Systems Administrator Rosemount Inc. RMD Desktop Services Voice: (952) 949-5175 8200 W. Market Blvd. donna@Rosemount.COM Fax: (952) 949-7570 Chanhassen, MN 55317 ------------------------------------------------------------------------- From sage-members-owner@usenix.org Wed Jan 2 02:41:38 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02AfEh5005069 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 02:41:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02AfDGC005067 for sage-members-0utGoign; Wed, 2 Jan 2008 02:41:13 -0800 (PST) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.152]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02AeKII005042 for ; Wed, 2 Jan 2008 02:40:47 -0800 (PST) Received: by fg-out-1718.google.com with SMTP id 22so2770100fge.23 for ; Wed, 02 Jan 2008 02:40:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; bh=hu17pvKzObexvTBUgcJ0bQ+3uo63GdpWROT7dAfqr8k=; b=aQ4lRZXapIR9wecTqZa4uHYKFRu0U/d+2JIgWEpU7UtEn5QyJyk7iSnlQQkpe/Za5DR2xRH36nsVWVM18b0CUgqWqa7RMMhYCuuaRM1ranG5lzM1z8biOO5Be0113SD2SGjDln/5eSM6T9UE9zzrEXpa8p57rxTVI2Z9B5VgyMY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=NAKhIfhLEIQ2H6a8zFSZDwAoedjE1ik3n/TQ5kBXYIBssxk4EsPHFVDELjnxOPoW3pdaBv59auTyyN5s740H2m14JbQTxVYOUUZ2DvwzxIhJwU9o35q2QqXkcehE9teenNIQcTu9YO4MorZKX03mDSQ9psuwuGakZaD50E2CIys= Received: by 10.86.72.15 with SMTP id u15mr14356649fga.11.1199270420172; Wed, 02 Jan 2008 02:40:20 -0800 (PST) Received: from ?10.39.253.111? ( [213.205.51.111]) by mx.google.com with ESMTPS id 4sm11549023fge.8.2008.01.02.02.40.18 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 02 Jan 2008 02:40:19 -0800 (PST) Message-ID: <477B6A11.1030700@gmail.com> Date: Wed, 02 Jan 2008 11:40:17 +0100 From: Marco Marongiu User-Agent: Thunderbird 2.0.0.6 (X11/20071022) MIME-Version: 1.0 To: SAGE mailing list Subject: [SAGE] Limiting outbound connections with a reverse proxy? Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=17% Sender: owner-sage-members@usenix.org Precedence: bulk Hello there, and happy new year wherever you are! We have a service that (just now) they say can't handle more than 10 connections per second. And they can't change it. On the other side there is a service consumer that is multi-istanciated, multi-threaded and batch-oriented. And when the batch starts it tries to open far more than 10 connections per second. Resource-limiting the service has made it looping and duplicating requests (yes, it is a bug; we are looking into it with developers and vendor support, but in the meanwhile we are having backlog that needs to be worked on), making the problem bigger rather than solving it. I know this kind of problems should be faced by development teams in advance instead of let them fall at the sysadmin level. But here we go. I thought that a possible solution could be putting a reverse proxy between the two, so that the proxy accepts and enqueues the requests and forwards them to the service at no more than 10 per second. I had a look at Pound (http://www.apsis.ch/pound/index_html), but it seems it can't do any resource limit on the outbound traffic. I'll keep researching about that, but if in the meanwhile someone could point us to a reverse proxy that can do that -or even a completely different solution that I didn't consider-, that could be great. Ciao and thanks --Marco From sage-members-owner@usenix.org Wed Jan 2 09:00:06 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02GxaVF014665 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 08:59:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02Gxap5014664 for sage-members-0utGoign; Wed, 2 Jan 2008 08:59:36 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02GwW6w014621 for ; Wed, 2 Jan 2008 08:58:58 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 366927CC03A; Wed, 2 Jan 2008 11:58:32 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 20714-07-3; Wed, 2 Jan 2008 11:58:27 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id 7C8F77CC00D; Wed, 2 Jan 2008 11:58:26 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m02GwPbW089505; Wed, 2 Jan 2008 11:58:25 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <477B6A11.1030700@gmail.com> References: <477B6A11.1030700@gmail.com> Date: Wed, 2 Jan 2008 10:55:06 -0600 To: Marco Marongiu , SAGE mailing list From: Brad Knowles Subject: Re: [SAGE] Limiting outbound connections with a reverse proxy? Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-3.337 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=-0.951, BAYES_00=-2.599, BIZ_TLD=2.013] X-Spam-Score: -3.337 X-Spam-Level: X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=16% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, Marco Marongiu wrote: > I thought that a possible solution could be putting a reverse proxy > between the two, so that the proxy accepts and enqueues the requests and > forwards them to the service at no more than 10 per second. > > I had a look at Pound (http://www.apsis.ch/pound/index_html), but it > seems it can't do any resource limit on the outbound traffic. You don't tell us what kind of service you're talking about, but from your mention of Pound, I'm assuming that this is a web problem? Certainly, setting up a proxy of some sort that can take advantage of connection caching, etc... would seem to be a way to improve your performance, and depending on the nature of the application, I would think that even squid, apache, or other web servers could be set up in this kind of role. I'm not sure of the exact nature of the application you're talking about, but for example Yahoo! provides some information on setting up a PHP-based proxy for their AJAX web services tools, see . And squid apparently does have a way to limit the number of simultaneous connections from a client, see . But with just five minutes of Googling, I'm not finding anything else that would appear to be obviously related to what it seems like you're talking about. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 2 09:46:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02HkTDL016240 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 09:46:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02HkTha016239 for sage-members-0utGoign; Wed, 2 Jan 2008 09:46:29 -0800 (PST) Received: from [131.106.3.31] (tripp.usenix.org [131.106.3.31]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02Hk3WW016193 for ; Wed, 2 Jan 2008 09:46:03 -0800 (PST) Mime-Version: 1.0 (Apple Message framework v753) In-Reply-To: <477B6A11.1030700@gmail.com> References: <477B6A11.1030700@gmail.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Tony Del Porto Subject: Re: [SAGE] Limiting outbound connections with a reverse proxy? Date: Wed, 2 Jan 2008 09:46:03 -0800 To: SAGE mailing list X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 2, 2008, at 2:40 AM, Marco Marongiu wrote: > Hello there, and happy new year wherever you are! > > We have a service that (just now) they say can't handle more than 10 > connections per second. And they can't change it. > > On the other side there is a service consumer that is multi- > istanciated, > multi-threaded and batch-oriented. And when the batch starts it > tries to > open far more than 10 connections per second. > ... > I'll keep researching about that, but if in the meanwhile someone > could > point us to a reverse proxy that can do that -or even a completely > different solution that I didn't consider-, that could be great. I hate recommending things I haven't tried, but, one thing you might look into is pf's max-src-conn-rate. It is designed to throttle connections that exceed connections/time. The limited documentation is here: http://www.openbsd.org/faq/pf/filter.html (scroll down to Stateful Tracking Options) There is also the just-released "The Book of PF" from No Starch Press which has a couple pages on using max-src-conn-rate. pf requires a recent *BSD. One application might be a bridge in front of your application server(s) that just limits the connection rate. HTH, Tony Tony Del Porto SysAdmin USENIX Association 2560 9th Street, Suite 215, Berkeley CA 94710 510 528 8649 x16 desk | 510 932 3393 mobile tony@usenix.org | www.usenix.org | www.sage.org http://www.usenix.org/about/tonyd.gpgkey From sage-members-owner@usenix.org Wed Jan 2 10:44:24 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02IiKCm018522 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 10:44:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02IiKUq018521 for sage-members-0utGoign; Wed, 2 Jan 2008 10:44:20 -0800 (PST) Received: from smtp.dejazzd.com (outlb3.dejazzd.com [66.109.229.70]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02IhejB018465 for ; Wed, 2 Jan 2008 10:44:05 -0800 (PST) MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-disposition: inline Content-type: text/plain; charset=us-ascii Received: from dejazzd.com ([127.0.0.1]) by jcs-out-02.dejazzd.com (Sun Java(tm) System Messaging Server 6.3-4.01 (built Aug 3 2007; 32bit)) with ESMTP id <0JU100HV35CICKA0@jcs-out-02.dejazzd.com> for sage-members@sage.org; Wed, 02 Jan 2008 13:43:30 -0500 (EST) Received: from [10.199.5.224] by jcs-out-02.dejazzd.com (mshttpd); Wed, 02 Jan 2008 13:43:30 -0500 From: "a42n8k9 dejazzd.com" To: sage-members Message-id: Date: Wed, 02 Jan 2008 13:43:30 -0500 X-Mailer: Sun Java(tm) System Messenger Express 6.3-4.01 (built Aug 3 2007; 32bit) Content-language: en Subject: [SAGE] choosing the proper max SMTP message size X-Accept-Language: en X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=26% Sender: owner-sage-members@usenix.org Precedence: bulk Good afternoon,I currently have the situation where legitimate attachments are being rejected due to the message size. The other side of the conundrum is that our users (and their correspondents) are not very technical and often have difficulty with FTP which results in help desk calls, etc. I should also add that we have also experienced size-creep over the years. We started with 2M size, then 3, then 5, then 6, 8, 10, etc. I believe that our servers can continue to handle the increased attachments as they really don't happen all that often. It's just that I have been asked to come up with a permanent solution so we don't have the problem or help desk calls any more.I'm curious about what most sites set the max SMTP message size to and how problems like this have been overcome or worked around.Thanks,- Bennett From sage-members-owner@usenix.org Wed Jan 2 10:55:05 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02Isq6n019245 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 10:54:53 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02IsqPn019244 for sage-members-0utGoign; Wed, 2 Jan 2008 10:54:52 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02IsISU019215 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 10:54:39 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02IsIWP019214 for sage-members@usenix.org; Wed, 2 Jan 2008 10:54:18 -0800 (PST) Received: from mail.frii.com (phobos04.frii.com [216.17.128.164]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02Fv9Aa012768 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 07:57:34 -0800 (PST) Received: from [10.10.130.4] (fw01-e3.ftc.frii.net [216.17.230.109]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.frii.com (FRII) with ESMTP id 75EFA67BC9; Wed, 2 Jan 2008 08:56:56 -0700 (MST) In-Reply-To: <477B6A11.1030700@gmail.com> References: <477B6A11.1030700@gmail.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: multipart/alternative; boundary=Apple-Mail-6--208600701 Message-Id: Cc: SAGE mailing list From: Neil Neely Subject: Re: [SAGE] Limiting outbound connections with a reverse proxy? Date: Wed, 2 Jan 2008 08:56:54 -0700 To: Marco Marongiu X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk --Apple-Mail-6--208600701 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Depending on the extent of the bugs this might or might not be useful - but you could use firewall rules to limit the number of connections allowed in (or out, depending on what would make more sense for you). Depending on your OS you will have different options available to you, but on FreeBSD with IPFW you'd look at doing something like this: From man ipfw: To limit the number of connections a user can open you can use the fol- lowing type of rules: ipfw add allow tcp from my-net/24 to any setup limit src- addr 10 ipfw add allow tcp from any to me setup limit src-addr 4 The former (assuming it runs on a gateway) will allow each host on a /24 network to open at most 10 TCP connections. The latter can be placed on a server to make sure that a single client does not use more than 4 simultaneous connections. Neil Neely Senior Systems Engineer FRII neil@frii.com On Jan 2, 2008, at 3:40 AM, Marco Marongiu wrote: > Hello there, and happy new year wherever you are! > > We have a service that (just now) they say can't handle more than 10 > connections per second. And they can't change it. > > On the other side there is a service consumer that is multi- > istanciated, > multi-threaded and batch-oriented. And when the batch starts it > tries to > open far more than 10 connections per second. > > Resource-limiting the service has made it looping and duplicating > requests (yes, it is a bug; we are looking into it with developers and > vendor support, but in the meanwhile we are having backlog that > needs to > be worked on), making the problem bigger rather than solving it. > > I know this kind of problems should be faced by development teams in > advance instead of let them fall at the sysadmin level. But here we > go. > > I thought that a possible solution could be putting a reverse proxy > between the two, so that the proxy accepts and enqueues the > requests and > forwards them to the service at no more than 10 per second. > > I had a look at Pound (http://www.apsis.ch/pound/index_html), but it > seems it can't do any resource limit on the outbound traffic. > > I'll keep researching about that, but if in the meanwhile someone > could > point us to a reverse proxy that can do that -or even a completely > different solution that I didn't consider-, that could be great. > > Ciao and thanks > --Marco --Apple-Mail-6--208600701 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=ISO-8859-1

Depending on the = extent of the bugs this might or might not be useful - but you could use = firewall rules to limit the number of connections allowed in (or out, = depending on what would make more sense for you). =A0 Depending on your = OS you will have different options available to you, but on FreeBSD with = IPFW you'd look at doing something like this:

=46rom man = ipfw:
=A0=A0 =A0 To limit the number of connections a = user can open you can use the fol-
=A0=A0 =A0 lowing type of = rules:

=A0=A0 = =A0 =A0 =A0 =A0 ipfw add allow tcp from my-net/24 to any setup limit = src-addr 10
=A0=A0 =A0 =A0 =A0 =A0 ipfw add allow tcp from any = to me setup limit src-addr 4

=A0=A0 =A0 The former = (assuming it runs on a gateway) will allow each host on a = /24
=A0=A0 =A0 network to open at most 10 TCP connections. = =A0The latter can be placed on
=A0=A0 =A0 a server to make = sure that a single client does not use more than 4
=A0=A0 =A0 = simultaneous connections.




Neil = Neely
Senior Systems Engineer
FRII

On Jan = 2, 2008, at 3:40 AM, Marco Marongiu wrote:

Hello there, and happy new year wherever you = are!

We have a service that (just now) they say can't = handle more than 10
connections per second. And = they can't change it.
On the other side there is a = service consumer that is multi-istanciated,
open far more than 10 connections per = second.

Resource-limiting the service has made it looping = and duplicating
requests (yes, it is a bug; we = are looking into it with developers and
vendor = support, but in the meanwhile we are having backlog that needs = to
be worked on), making the problem bigger rather = than solving it.

I know this kind of problems should be faced by = development teams in
advance instead of let them = fall at the sysadmin level. But here we go.

I thought = that a possible solution could be putting a reverse proxy
between the two, so that the proxy accepts and = enqueues the requests and
forwards them = to the service at no more than 10 per second.

I had a = look at Pound (http://www.apsis.ch/pound/in= dex_html), but it
seems it can't do any = resource limit on the outbound traffic.

I'll keep = researching about that, but if in the meanwhile someone could
point us to a reverse proxy that can do that -or = even a completely
different solution that I didn't = consider-, that could be great.

Ciao and thanks
--Marco

= --Apple-Mail-6--208600701-- From sage-members-owner@usenix.org Wed Jan 2 11:04:09 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02J49OL020628 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 11:04:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02J49WZ020627 for sage-members-0utGoign; Wed, 2 Jan 2008 11:04:09 -0800 (PST) Received: from authusersmtp.mail.cornell.edu (granite2.mail.cornell.edu [128.253.83.142]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02J3Sbh020529 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 2 Jan 2008 11:03:54 -0800 (PST) Received: from jwh2-3.cit.cornell.edu (jwh2-3.cit.cornell.edu [128.253.64.161]) (authenticated bits=0) by authusersmtp.mail.cornell.edu (8.13.1/8.12.10) with ESMTP id m02J3Kd6004339 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 2 Jan 2008 14:03:21 -0500 (EST) Message-ID: <477BDFF7.6090008@cornell.edu> Date: Wed, 02 Jan 2008 14:03:19 -0500 From: Jim Howell Reply-To: jwh2@cornell.edu Organization: Cornell University CIT Systems & Operations Messaging Group User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: "a42n8k9 dejazzd.com" CC: sage-members Subject: Re: [SAGE] choosing the proper max SMTP message size References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=1% Sender: owner-sage-members@usenix.org Precedence: bulk Hi, We accept up to 50MB mailfiles during prime shift (weekdays 8am-6pm) and up to 100MB during non-primeshift times). Jim a42n8k9 dejazzd.com wrote: > Good afternoon,I currently have the situation where legitimate attachments are being rejected due to the message size. The other side of the conundrum is that our users (and their correspondents) are not very technical and often have difficulty with FTP which results in help desk calls, etc. I should also add that we have also experienced size-creep over the years. We started with 2M size, then 3, then 5, then 6, 8, 10, etc. I believe that our servers can continue to handle the increased attachments as they really don't happen all that often. It's just that I have been asked to come up with a permanent solution so we don't have the problem or help desk calls any more.I'm curious about what most sites set the max SMTP message size to and how problems like this have been overcome or worked around.Thanks,- Bennett > -- Jim Howell Cornell University CIT Messaging Systems Manager email: jwh2@cornell.edu phone: 607-255-9369 From sage-members-owner@usenix.org Wed Jan 2 11:07:54 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02J7f6A021280 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 11:07:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02J7fR2021277 for sage-members-0utGoign; Wed, 2 Jan 2008 11:07:41 -0800 (PST) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.159]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02J6cQN021102 for ; Wed, 2 Jan 2008 11:07:04 -0800 (PST) Received: by fg-out-1718.google.com with SMTP id 22so2843216fge.23 for ; Wed, 02 Jan 2008 11:06:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=U1dTdigt2HpKDDFR7BMGVzGZBmk3h5IuRyCzsUwDTPI=; b=EKQGGsfJNe4slHedTDWxSfHphNDPwti8t/LD5XAIy/wt6RR7pYcoPEwQifY6nwEtpYb68yTaKkW0DEA+A5w7tinkQf2XS69lTl7ho3d528Zl8mBOOFdoC/RlIo7ljBTKr/mBpg6+qOq5jFrN386WsPCLUxpJ0Z+o33T5/xu8u3k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=ibvFFyPYwwh+Z/3nhg8iq9hIFJpRhrV1bY2UGLB8MTs7piuaDuqC1RlB/3TJc9Ag+uVxTDfkU13XmVm/cFHN5Qv9jrycMzxGBdapqBhhWWduNKQpzz7xHgDl0hqpT+BIn9WXHw1PlRUO0Ukl5iy/FvPywh+fT7HpIbJx3znSyQQ= Received: by 10.86.28.5 with SMTP id b5mr6032831fgb.76.1199300798197; Wed, 02 Jan 2008 11:06:38 -0800 (PST) Received: from ?192.168.1.2? ( [217.133.8.17]) by mx.google.com with ESMTPS id v23sm20657836fkd.1.2008.01.02.11.06.35 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 02 Jan 2008 11:06:37 -0800 (PST) Message-ID: <477BE0B7.9040500@gmail.com> Date: Wed, 02 Jan 2008 20:06:31 +0100 From: Marco Marongiu User-Agent: Thunderbird 2.0.0.6 (X11/20071022) MIME-Version: 1.0 To: Brad Knowles CC: SAGE mailing list Subject: Re: [SAGE] Limiting outbound connections with a reverse proxy? References: <477B6A11.1030700@gmail.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=17% Sender: owner-sage-members@usenix.org Precedence: bulk Hello Brad & * Brad Knowles wrote: > You don't tell us what kind of service you're talking about, but from > your mention of Pound, I'm assuming that this is a web problem? Right, sorry. We are talking of a web service (SOAP) sitting on a Solaris host, and a consumer running on Linux. Therefore, iptables could be an option on the source machine, but on the target it wouldn´t. Nor ipfw would be on both. > Certainly, setting up a proxy of some sort that can take advantage of > connection caching, etc... would seem to be a way to improve your > performance, and depending on the nature of the application, I would > think that even squid, apache, or other web servers could be set up in > this kind of role. Actually it´s not performance what we are looking for at the moment: it´s to feed the web service with nothing more that it can handle, that is: 10 connections per second at maximum. Therefore, the proxy (or whatever it will be) needs to accept N connections per second, and dispatch them at a maximum rate of 10 conn/sec, enqueing the exceeding ones until they can be dispatched, possibly using a FIFO policy. > And squid apparently does have a way to limit the number of simultaneous > connections from a client, see > . That´s not the case unfortunately. What we want to limit are the outbound connections from the proxy to the service, and enqueue the exceeding ones. Returning a `connection refused´ error would disrupt the service. > But with just five minutes of Googling, I'm not finding anything else > that would appear to be obviously related to what it seems like you're > talking about. Is it clearer now? Thanks a lot to everybody --Marco -- Marco Marongiu System Administrator - Technical Writer - Perl Programmer From sage-members-owner@usenix.org Wed Jan 2 11:20:07 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JK6rm023834 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 11:20:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02JK6Vi023832 for sage-members-0utGoign; Wed, 2 Jan 2008 11:20:06 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.238]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JJQuH023706 for ; Wed, 2 Jan 2008 11:19:52 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so2327216wxc.26 for ; Wed, 02 Jan 2008 11:19:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=ct9snxwkCL7ja0/ZAAbPMlhLSMrCwVGPlDY+Kmpx0sM=; b=fAcCwom59GOrcCcvJz7dE6b88gUziLRJFchkvkVJG+m3ydnc1NnJ4S3KdKYdhArEda5VufgC/z5Z+0hgtztMk+9lohBqtJy4KLgkzrhZ1+0sC6nHOOzJlq2SRUzFV4bA5iK56Y0iPM588JaZ8NFy0CyVdpeMbWTuNau2hhbdMR4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NZTo1GzcC8yK0vqRCjItXfX3OYlLk19WO3xvdheI5cH1lnh0voCfC5j0irpOf02tcUPlu+FXYfwgks2A5zcLlGoWrx3oneNq5oLg0BqbKnDFf/BP/rQckX5vxEl9c037a0xV65ry8FE/C36RD6/+8L3wKy6NOWhvDM5J7pRxo7s= Received: by 10.142.240.9 with SMTP id n9mr4197393wfh.136.1199301561680; Wed, 02 Jan 2008 11:19:21 -0800 (PST) Received: by 10.142.72.20 with HTTP; Wed, 2 Jan 2008 11:19:21 -0800 (PST) Message-ID: Date: Wed, 2 Jan 2008 11:19:21 -0800 From: "Kurt Buff" To: "a42n8k9 dejazzd.com" Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: sage-members In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=15% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 2, 2008 10:43 AM, a42n8k9 dejazzd.com wrote: > Good afternoon,I currently have the situation where legitimate attachments are being > rejected due to the message size. The other side of the conundrum is that our users > (and their correspondents) are not very technical and often have difficulty with FTP which > results in help desk calls, etc. I should also add that we have also experienced size-creep > over the years. We started with 2M size, then 3, then 5, then 6, 8, 10, etc. I believe that > our servers can continue to handle the increased attachments as they really don't happen > all that often. It's just that I have been asked to come up with a permanent solution so we > don't have the problem or help desk calls any more.I'm curious about what most sites set > the max SMTP message size to and how problems like this have been overcome or > worked around.Thanks,- Bennett Well, I'd say that the limit (10mbyte) at my place of work is as large as you should go. Actually, I'd like to get it down further, but lacking a file-transfer facility (which should be remedied soon, if I can find the time for that project) I would suffer a lynching in the attempt. I'll be putting up something web-based, as opposed to a straight FTP server, though, to satisfy the less-technically-inclined. I can't remember what the various commercial email providers' limits are (hotmail, AOL, google, yahoo, etc.) but I don't think they're much larger, and should be a useful comparison/justification. Kurt From sage-members-owner@usenix.org Wed Jan 2 11:30:25 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JUCoM025968 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 11:30:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02JUCIJ025967 for sage-members-0utGoign; Wed, 2 Jan 2008 11:30:12 -0800 (PST) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.228]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JTXlm025832 for ; Wed, 2 Jan 2008 11:29:58 -0800 (PST) Received: by nz-out-0506.google.com with SMTP id m7so1265093nzf.29 for ; Wed, 02 Jan 2008 11:29:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; bh=6Qqsha+K741klpSKyDkx/qVtqTL4ClagjNbG6aks+fs=; b=gXidqaGVcl5OaxfDVfGR6j8Ph/O+s3dRC0PJPvzGeY00E9sSEqU6uHzqJHySgwZelYANZPY07uPa7v8ozV4j0iW+yk2IRj0zTZotdv7rT2sBQ9uzFCbdYftWRmSWXT8cyKhVGdb1OWNiRfXk6EFYI1qHnLf5rKpIgQDyCPCYtDs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=Y0UhRtiz+2b4cKb2isounz1h/SYx1oG/AXwopdReaNRL5z3GbgqilpRUEpqnO1lzAgOCidEUcJ6bL3hDsvP1pwVWHP0CKovwfOBVzORW9GyrA8hRPLL0ZZgE8GVSpFLPRwtvfNKLdWP2fjlMQ0TOJh0KgE+kxAuYv9r/VNcM3tA= Received: by 10.143.34.11 with SMTP id m11mr4194622wfj.222.1199302168153; Wed, 02 Jan 2008 11:29:28 -0800 (PST) Received: from ?192.168.1.100? ( [76.189.216.143]) by mx.google.com with ESMTPS id a38sm19091411rnc.6.2008.01.02.11.29.26 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 02 Jan 2008 11:29:27 -0800 (PST) Message-ID: <477BE614.3010000@gmail.com> Date: Wed, 02 Jan 2008 14:29:24 -0500 From: Jim Ankenbrandt User-Agent: Thunderbird 1.5.0.14 (Windows/20071210) MIME-Version: 1.0 To: SAGE mailing list Subject: [SAGE] Change control and patching for Linux Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk I work for a bank in the American mid-west. Our data security group has handed down a ruling that we need to begin a routine patching process. Joy. By routine they mean a log of patches considered, reasons they where rejected or passed, and a defined process to follow when installing the patches. This will be subject to audit by the Fed's and our internal groups. Our environment is that we are running Red Hat Linux supporting Oracle 10g RAC clusters. The problem is that by the time we start a migration from the certification cluster, test cluster, disaster recovery cluster, to production cluster patches may have been outdated. What with change windows, meetings with DBA's and sign offs it may take close to a month to complete this path. Up2date is too blunt a tool, we cannot have different levels on different clusters. We are considering installing yum and defining our own repositories, but any experience or group insight would be welcome Jim Ankenbrandt From sage-members-owner@usenix.org Wed Jan 2 11:36:02 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JZtf2027280 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 11:35:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02JZsuv027277 for sage-members-0utGoign; Wed, 2 Jan 2008 11:35:54 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JZf7h027233 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 11:35:41 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02JZfrq027232 for sage-members@usenix.org; Wed, 2 Jan 2008 11:35:41 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.176]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JX8pG026649 for ; Wed, 2 Jan 2008 11:33:33 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so10052592pyb.10 for ; Wed, 02 Jan 2008 11:33:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=l6fvei4YNsJJtqKHfWyLkaD02+Om6PJDg0l6uWM8O80=; b=DP/m3WszxRG58yXuKraHmz8HqHVFRabwiPb8XISZikRHZHx1y7qxFrfw/dcWPPoT35s/KvtTAg8UKk2e1ug3XQ5rFqqr1CKoT4sKIzJ5KthL3RN2R8sb5XkMT9zZ7orODZTijmMlC4TVTH+8NnuHwuhCwE4tG79huit6khqkGUc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=iULTHgdmBZsnUOr7V4smNRx2IWluLOrViMwhp5l+JO79MMUZ6lyczWAw78FibZFG0VYULsrkR6vUTGf0MK5rmrmzgrLARzAfEG83jV+QeG2ou6Ds3w8rNEb78+9/uKKre/XmxJvv8A47OWH6bMatG9Piz0U0qAMT9uXcxBvm70I= Received: by 10.64.150.18 with SMTP id x18mr30330005qbd.0.1199302387871; Wed, 02 Jan 2008 11:33:07 -0800 (PST) Received: by 10.65.96.18 with HTTP; Wed, 2 Jan 2008 11:33:07 -0800 (PST) Message-ID: Date: Wed, 2 Jan 2008 11:33:07 -0800 From: "Gary Richardson" To: "a42n8k9 dejazzd.com" Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: sage-members In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_12241_17635150.1199302387865" References: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=13% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_12241_17635150.1199302387865 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline My feeling is that modern servers and software can handle large messages sizes easily. Bandwidth typically isn't a problem either, unless you're trying to cut bandwidth costs. Even then, mail servers accept the message before they calculate the size, so the message has already been transfered once. The bigger issue I have experienced is that mail clients don't handle large attachments well. Outlook is crashy to begin with, but opening a message with a 100MB attachment is painful. Pulling a 10mb+ attachment from an IMAP server into Mail.app isn't smooth either. About the only mail client I've used that handles large attachments will is gmail (or any other webmail client for that matter). I suppose that doesn't count either, since it's really just a webpage. On Jan 2, 2008 10:43 AM, a42n8k9 dejazzd.com wrote: > Good afternoon,I currently have the situation where legitimate attachments > are being rejected due to the message size. The other side of the conundrum > is that our users (and their correspondents) are not very technical and > often have difficulty with FTP which results in help desk calls, etc. I > should also add that we have also experienced size-creep over the years. We > started with 2M size, then 3, then 5, then 6, 8, 10, etc. I believe that our > servers can continue to handle the increased attachments as they really > don't happen all that often. It's just that I have been asked to come up > with a permanent solution so we don't have the problem or help desk calls > any more.I'm curious about what most sites set the max SMTP message size > to and how problems like this have been overcome or worked around.Thanks,- > Bennett > ------=_Part_12241_17635150.1199302387865 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline My feeling is that modern servers and software can handle large messages sizes easily. Bandwidth typically isn't a problem either, unless you're trying to cut bandwidth costs. Even then, mail servers  accept the message before they calculate the size, so the message has already been transfered once.

The bigger issue I have experienced is that mail clients don't handle large attachments well. Outlook is crashy to begin with, but opening a message with a 100MB attachment is painful. Pulling a 10mb+ attachment from an IMAP server into Mail.app isn't smooth either. About the only mail client I've used that handles large attachments will is gmail (or any other webmail client for that matter). I suppose that doesn't count either, since it's really just a webpage.

On Jan 2, 2008 10:43 AM, a42n8k9 dejazzd.com <a42n8k9@dejazzd.com> wrote:
Good afternoon,I currently have the situation where legitimate attachments are being rejected due to the message size.  The other side of the conundrum is that our users (and their correspondents) are not very technical and often have difficulty with FTP which results in help desk calls, etc.  I should also add that we have also experienced size-creep over the years.  We started with 2M size, then 3, then 5, then 6, 8, 10, etc. I believe that our servers can continue to handle the increased attachments as they really don't happen all that often.  It's just that I have been asked to come up with a permanent solution so we don't have the problem or help desk calls any more.I'm curious about what most sites set the max SMTP message size to and how problems like this have been overcome or worked around.Thanks,- Bennett

------=_Part_12241_17635150.1199302387865-- From sage-members-owner@usenix.org Wed Jan 2 11:50:35 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JoN04000147 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 11:50:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02JoNfq000145 for sage-members-0utGoign; Wed, 2 Jan 2008 11:50:23 -0800 (PST) Received: from cc0eb005.schwab.com (cc0eb005.schwab.com [162.93.253.117]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02JngFH029993 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 2 Jan 2008 11:50:08 -0800 (PST) Received: from nap0445cdc.us.global.schwab.com (nap0445cdc.nt.schwab.com [10.100.120.136]) by cc0eb005.schwab.com (Switch-3.2.4/Switch-3.2.4) with SMTP id m02JnWnl004529; Wed, 2 Jan 2008 14:49:34 -0500 Received: from s0743cdc.cdc.schwab.com (s0743cdc.cdc.schwab.com [162.93.239.70]) by cc0eb005.schwab.com (Switch-3.2.4/Switch-3.2.4) with ESMTP id m02JnWQT004520; Wed, 2 Jan 2008 14:49:32 -0500 Received: ( Schwab Email ) by sendmail.cf s0743cdc with ESMTP id m02JnRVW026992; Wed, 2 Jan 2008 14:49:30 -0500 Received: from nex2004cdc.us.global.schwab.com ([10.100.8.27]) by nex1121sfo.us.global.schwab.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 2 Jan 2008 11:49:26 -0800 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] Change control and patching for Linux Date: Wed, 2 Jan 2008 12:49:25 -0700 Message-ID: In-Reply-To: <477BE614.3010000@gmail.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] Change control and patching for Linux thread-index: AchNd1A1TzFR35vFTwqc62PECVw9DgAAC/lw References: <477BE614.3010000@gmail.com> From: "Carlson, Scott" To: "Jim Ankenbrandt" , "SAGE mailing list" X-OriginalArrivalTime: 02 Jan 2008 19:49:26.0416 (UTC) FILETIME=[94936100:01C84D78] X-CFilter-Loop: Reflected X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id m02JoLFG000136 Sender: owner-sage-members@usenix.org Precedence: bulk Jim, The important thing to consider with your response to your security team is that you need to define a "process", not come to a technology decision. I work for a large financial and we have not defined technology solutions as part of our process, we have defined criticality and timelines. For instance Criticality 1 Patches - Must be applied within 7 days Criticality 2 patches - Must be applied within 30 days Criticality 3 patches - Must be applied quarterly, and are included in patch "clusters" that are certified by our engineering team (Yum based) We then have a quarterly patch process that hits every device (exceptions can apply) applies the quarterly patch cluster to every device in production & development, following a very similar methodology to what you've outlined below. Related to criticality 1 patches (like the patch Tuesday critical stuff), every time that we have a device that is important enough to apply "right now", it expected that the patch will just get applied and that technology owners are responsible for making sure an environment won't break - and they have 7 days. It's all about management will, imho, it's not about technology solutions.... Actual patching is the easy part. Scott -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Jim Ankenbrandt Sent: Wednesday, January 02, 2008 12:29 PM To: SAGE mailing list Subject: [SAGE] Change control and patching for Linux I work for a bank in the American mid-west. Our data security group has handed down a ruling that we need to begin a routine patching process. Joy. By routine they mean a log of patches considered, reasons they where rejected or passed, and a defined process to follow when installing the patches. This will be subject to audit by the Fed's and our internal groups. Our environment is that we are running Red Hat Linux supporting Oracle 10g RAC clusters. The problem is that by the time we start a migration from the certification cluster, test cluster, disaster recovery cluster, to production cluster patches may have been outdated. What with change windows, meetings with DBA's and sign offs it may take close to a month to complete this path. Up2date is too blunt a tool, we cannot have different levels on different clusters. We are considering installing yum and defining our own repositories, but any experience or group insight would be welcome Jim Ankenbrandt From sage-members-owner@usenix.org Wed Jan 2 12:07:56 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02K7ZNQ003063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 12:07:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02K7ZLR003062 for sage-members-0utGoign; Wed, 2 Jan 2008 12:07:35 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.190]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02K6qTb002986 for ; Wed, 2 Jan 2008 12:06:58 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so5235585rvb.59 for ; Wed, 02 Jan 2008 12:06:52 -0800 (PST) Received: by 10.141.68.12 with SMTP id v12mr7613770rvk.111.1199303992103; Wed, 02 Jan 2008 11:59:52 -0800 (PST) Received: by 10.65.145.11 with HTTP; Wed, 2 Jan 2008 11:59:51 -0800 (PST) Message-ID: <2a5241e00801021159n21359fd6w1c5deb4996a4d585@mail.gmail.com> Date: Wed, 2 Jan 2008 11:59:51 -0800 From: "Danny Howard" To: "Marco Marongiu" Subject: Re: [SAGE] Limiting outbound connections with a reverse proxy? Cc: "Brad Knowles" , "SAGE mailing list" In-Reply-To: <477BE0B7.9040500@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Disposition: inline References: <477B6A11.1030700@gmail.com> <477BE0B7.9040500@gmail.com> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id m02K7XTb003056 Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, Marco Marongiu wrote: [ . . . ] > We are talking of a web service (SOAP) sitting on a Solaris host, and a > consumer running on Linux. > > Therefore, iptables could be an option on the source machine, but on the > target it wouldn´t. Nor ipfw would be on both. [ . . . ] > Actually it´s not performance what we are looking for at the moment: > it´s to feed the web service with nothing more that it can handle, that > is: 10 connections per second at maximum. > > Therefore, the proxy (or whatever it will be) needs to accept N > connections per second, and dispatch them at a maximum rate of 10 > conn/sec, enqueing the exceeding ones until they can be dispatched, > possibly using a FIFO policy. [ . . . ] > What we want to limit are the > outbound connections from the proxy to the service, and enqueue the > exceeding ones. Returning a `connection refused´ error would disrupt the > service. Marco, It doesn't sound like any of the conventional tools are going to work for you; this really is a dev / vendor issue and you really want to push back on them. That said, what you are describing is basically a web application server gateway doohickey. I'd maybe look into Apache using mod_proxy and see if there's some module that can buffer HTTP requests, and then feed them to the proxy back-end. I'm not sure of Pound's capabilities: I heard of one shop that put Pound in front of lighthttpd in order to manage the incoming requests. If it looks like Pound can only do it going outbound, I'd suggest thinking "reverse proxy" and simply think backwards to see if that gets you there. You may also be able to quickly hack up a connection-queueing proxy yourself in Python using what seems to be a wide variety of web programming frameworks. I don't know enough to advise you in that direction, except that if you did end up "writing a custom proxy" then your employers definitely need to give you a bonus, and or the nicer office. Good luck!! Cheers, -danny -- http://dannyman.toldme.com From sage-members-owner@usenix.org Wed Jan 2 12:16:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02KGZJA004380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 12:16:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02KGZFT004379 for sage-members-0utGoign; Wed, 2 Jan 2008 12:16:35 -0800 (PST) Received: from blister.quadium.net (BLISTER.QUADIUM.NET [69.55.236.109]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02KGE71004364 for ; Wed, 2 Jan 2008 12:16:19 -0800 (PST) Received: from blister.quadium.net (blister.quadium.net [69.55.236.109]) by blister.quadium.net (Postfix) with ESMTP id 1FA442E1BF; Wed, 2 Jan 2008 12:10:19 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=simple; d=quadium.net; q=dns; s=blister; b= d04EB86/U+ujd1ohX1tX8DRqSJyfYb/+3LT/wltT9GKu63AdvabTfpuID2BMHXy2 kyiP6xSu5CgKRkH4RmbvhclZqvItxxpd1hbh9v1qZHnOVQfySK9S3xnc1dANDOju xs3lww+fm90B4YT8tPgmeIxH0wlE+ZFuLk5yMPsiHuM= DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=quadium.net; h=to:cc: subject:references:from:date:in-reply-to:message-id: mime-version:content-type; q=dns/txt; s=blister; bh=JpxskmwIBX5j ToUWwNKpjgB17JE=; b=Q+G0dnnWvzoG+ymozuCHqPLtOSf6bPTwNSMmayL3O6uu +sLhkhsFEJDvuoZP1MxBoo3eox9b2fxPK4J0bXmZaILFCNQgybEPUJSMvEIxGLCD gt4talpm1k7JFcwLX8mzEeEvAiO7MYTD+r3N1r03CswU6HWY+L9jJIzbbmpi58I= Received: from fester.quadium.net (blister.quadium.net [69.55.236.109]) by blister.quadium.net (Postfix) with ESMTP id BB8CE2E1BA; Wed, 2 Jan 2008 12:10:18 -0800 (PST) Received: by fester.quadium.net (Postfix, from userid 1000) id 819081175D; Wed, 2 Jan 2008 15:10:20 -0500 (EST) To: "a42n8k9 dejazzd.com" Cc: sage-members Subject: Re: [SAGE] choosing the proper max SMTP message size References: From: Tim Howe Date: Wed, 02 Jan 2008 15:10:20 -0500 In-Reply-To: (a42n8k's message of "Wed, 02 Jan 2008 13:43:30 -0500") Message-ID: <87r6h0q98z.fsf@quadium.net> User-Agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.4.17 (Jumbo Shrimp, linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk "a42n8k9 dejazzd.com" writes: > The other side of the conundrum is that our users (and their > correspondents) are not very technical and often have difficulty > with FTP which results in help desk calls, etc. [...] > I'm curious about what most sites set the max SMTP message size to > and how problems like this have been overcome or worked around. Ran into this before myself. If the problems users are running into are issues with NAT/routers/firewalls, perhaps look into SFTP. User interfaces are available such as Filezilla and WinSCP. It's still somewhat "technical" in that users still need a username and hostname, but you can set up key-based authentication, and it eliminates the nonsense about ports and passive mode and anonymous and so forth. Bonus: it's encrypted. Another option would be WebDAV. Windows and Mac OS are supposed to be able to just mount it and show it as a normal folder... very seamless. You could run it through HTTPS to get the security. Apache can do this out-of-the-box I think. Not sure, as I've only used the Subversion module built on top of it. It's frustrating... there isn't really any reason documents shouldn't be sent back and forth. Except that users don't just send back and forth but then it spreads out to a whole network of correspondents and some get trimmed and variations of the document are created and not tracked and .... At least Microsoft has single storage of duplicated attachments (although I haven't heard how intelligent it is, e.g., if the same document is attached to a different message rather than forwarded). If only the message store didn't fall apart given a slight breeze. Cheers Tim -- But is [the U.S.A.] Christian? This is not a matter of angels dancing on the heads of pins. Christ was pretty specific about what he had in mind for his followers. What if we chose some simple criterion -- say, giving aid to the poorest people -- as a reasonable proxy for Christian behavior? After all, in the days before his crucifixion, when Jesus summed up his message for his disciples, he said the way you could tell the righteous from the damned was by whether they'd fed the hungry, slaked the thirsty, clothed the naked, welcomed the stranger, and visited the prisoner. What would we find then? -- Bill McKibben, The Christian paradox: How a faithful nation gets Jesus wrong From sage-members-owner@usenix.org Wed Jan 2 12:37:56 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02KbNwe005412 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 12:37:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02KbNis005411 for sage-members-0utGoign; Wed, 2 Jan 2008 12:37:23 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.190]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02KaJqB005376 for ; Wed, 2 Jan 2008 12:37:09 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so5244406rvb.59 for ; Wed, 02 Jan 2008 12:36:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=hGpsFR0QXvhp0DGMBTb1UGxiBiopVnAvVOhWT2UF1AM=; b=up5ZMHz/T9urZUgcuNFpws+xDwEUCzDEZA7S9Iqqgb05h6LyKllpls+IkcWOPUOmKzonKKXfPJ3TBEJyGpUwXUK/USAosNYvneRNo6znXS1LkxXWm7Nb50+zDdumOu2Gv1EFEzWkMlSvgL6R4PoPJCz2wJ100m14+uAZatf96OY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=u0cuxDo9cAkZxChyoZTCYW9H/XnvbBXJhhs92X6zayXzpd4lQ2i1ZN/37OchLkci8zrY396Yg3EjWLiurp2Yp8F/AMG9uENTetf1m8EcpSwb2tBYR2S1TQJUygsytVtP8XcxGYOAlQKP3YO4ZI3JWanyuIfEpZpq7/zGrdyiwIg= Received: by 10.141.87.13 with SMTP id p13mr7637707rvl.55.1199306179581; Wed, 02 Jan 2008 12:36:19 -0800 (PST) Received: from ?192.168.1.100? ( [76.189.216.143]) by mx.google.com with ESMTPS id a44sm18953055rne.12.2008.01.02.12.36.18 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 02 Jan 2008 12:36:18 -0800 (PST) Message-ID: <477BF5C1.6000807@gmail.com> Date: Wed, 02 Jan 2008 15:36:17 -0500 From: Jim Ankenbrandt User-Agent: Thunderbird 1.5.0.14 (Windows/20071210) MIME-Version: 1.0 To: "Carlson, Scott" CC: SAGE mailing list Subject: Re: [SAGE] Change control and patching for Linux References: <477BE614.3010000@gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk True. That is great input on scheduling.. The problem with our process is that a patch has to be placed in certification, wait, then test, wait, then there has to be a change control meeting for DR, 1 day, patch, then 2 days, then we can do production as long as it is not in the monthend freeze, is a Saturday and the DBA's agree ( :( ). This process can be streamlined but, patching something Oracle touches ( God forbid the kernel, etc ) slows the process down. If it is critical, there is a process to shortcut this, but there has to be crash or failure of some kind. The technology question is how to apply the same patch bundle to five servers in the window provided ( typically 2 am to 6 am Saturday night ) and make sure it is the same bundle applied to the prior 3 clusters, and is consistent. Scripting would be nice. Carlson, Scott wrote: > Jim, > > The important thing to consider with your response to your security team > is that you need to define a "process", not come to a technology > decision. > > I work for a large financial and we have not defined technology > solutions as part of our process, we have defined criticality and > timelines. > > For instance > > > Criticality 1 Patches - Must be applied within 7 days > Criticality 2 patches - Must be applied within 30 days > Criticality 3 patches - Must be applied quarterly, and are included in > patch "clusters" that are certified by our engineering team (Yum based) > > We then have a quarterly patch process that hits every device > (exceptions can apply) applies the quarterly patch cluster to every > device in production & development, following a very similar methodology > to what you've outlined below. > > Related to criticality 1 patches (like the patch Tuesday critical > stuff), every time that we have a device that is important enough to > apply "right now", it expected that the patch will just get applied and > that technology owners are responsible for making sure an environment > won't break - and they have 7 days. > > It's all about management will, imho, it's not about technology > solutions.... Actual patching is the easy part. > > Scott > > -----Original Message----- > From: owner-sage-members@usenix.org > [mailto:owner-sage-members@usenix.org] On Behalf Of Jim Ankenbrandt > Sent: Wednesday, January 02, 2008 12:29 PM > To: SAGE mailing list > Subject: [SAGE] Change control and patching for Linux > > I work for a bank in the American mid-west. Our data security group has > handed down a ruling that we need to begin a routine patching process. > Joy. By routine they mean a log of patches considered, reasons they > where rejected or passed, and a defined process to follow when > installing the patches. This will be subject to audit by the Fed's and > our internal groups. > > Our environment is that we are running Red Hat Linux supporting Oracle > 10g RAC clusters. The problem is that by the time we start a migration > from the certification cluster, test cluster, disaster recovery cluster, > to production cluster patches may have been outdated. What with change > windows, meetings with DBA's and sign offs it may take close to a month > to complete this path. Up2date is too blunt a tool, we cannot have > different levels on different clusters. We are considering installing > yum and defining our own repositories, but any experience or group > insight would be welcome > > Jim Ankenbrandt > From sage-members-owner@usenix.org Wed Jan 2 13:07:20 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02L7JLC006794 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 13:07:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02L7JXx006793 for sage-members-0utGoign; Wed, 2 Jan 2008 13:07:19 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02L7HUX006786 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 13:07:17 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02L7Htl006785 for sage-members@usenix.org; Wed, 2 Jan 2008 13:07:17 -0800 (PST) Received: from hapkido.dreamhost.com (postfix@hapkido.dreamhost.com [66.33.216.122]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02KlBfD006038 for ; Wed, 2 Jan 2008 12:47:36 -0800 (PST) Received: from randymail-a6.g.dreamhost.com (sd-green-bigip-177.dreamhost.com [208.97.132.177]) by hapkido.dreamhost.com (Postfix) with ESMTP id 7382F179BDB for ; Wed, 2 Jan 2008 12:47:00 -0800 (PST) Received: from arthur.fastenal.com (fn00.fastenal.com [205.243.112.50]) by randymail-a6.g.dreamhost.com (Postfix) with ESMTP id 0F12E175E44 for ; Wed, 2 Jan 2008 12:46:21 -0800 (PST) Message-ID: <477BF817.3040209@the-hendersons.org> Date: Wed, 02 Jan 2008 14:46:15 -0600 From: Chris Henderson User-Agent: Thunderbird 2.0.0.9 (X11/20071115) MIME-Version: 1.0 Cc: SAGE mailing list Subject: Re: [SAGE] Change control and patching for Linux References: <477BE614.3010000@gmail.com> <477BF5C1.6000807@gmail.com> In-Reply-To: <477BF5C1.6000807@gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=24% Sender: owner-sage-members@usenix.org Precedence: bulk Since you are using Red Hat, you might want to look into their RHN Satellite Server product. You can clone a channel such that it will remain static, then subscribe the servers to that channel. You can also take a snapshot of the profile of a server before you up2date it, which makes rollback easier. --Chris Henderson On 01/02/2008 02:36 PM, Jim Ankenbrandt wrote: > True. That is great input on scheduling.. The problem with our > process is that a patch has to be placed in certification, wait, then > test, wait, then there has to be a change control meeting for DR, 1 > day, patch, then 2 days, then we can do production as long as it is > not in the monthend freeze, is a Saturday and the DBA's agree ( :( > ). This process can be streamlined but, patching something Oracle > touches ( God forbid the kernel, etc ) slows the process down. If it > is critical, there is a process to shortcut this, but there has to be > crash or failure of some kind. > The technology question is how to apply the same patch bundle to five > servers in the window provided ( typically 2 am to 6 am Saturday night > ) and make sure it is the same bundle applied to the prior 3 > clusters, and is consistent. > Scripting would be nice. > > Carlson, Scott wrote: >> Jim, >> >> The important thing to consider with your response to your security team >> is that you need to define a "process", not come to a technology >> decision. >> >> I work for a large financial and we have not defined technology >> solutions as part of our process, we have defined criticality and >> timelines. >> >> For instance >> >> >> Criticality 1 Patches - Must be applied within 7 days >> Criticality 2 patches - Must be applied within 30 days >> Criticality 3 patches - Must be applied quarterly, and are included in >> patch "clusters" that are certified by our engineering team (Yum based) >> >> We then have a quarterly patch process that hits every device >> (exceptions can apply) applies the quarterly patch cluster to every >> device in production & development, following a very similar methodology >> to what you've outlined below. >> >> Related to criticality 1 patches (like the patch Tuesday critical >> stuff), every time that we have a device that is important enough to >> apply "right now", it expected that the patch will just get applied and >> that technology owners are responsible for making sure an environment >> won't break - and they have 7 days. >> >> It's all about management will, imho, it's not about technology >> solutions.... Actual patching is the easy part. >> >> Scott >> >> -----Original Message----- >> From: owner-sage-members@usenix.org >> [mailto:owner-sage-members@usenix.org] On Behalf Of Jim Ankenbrandt >> Sent: Wednesday, January 02, 2008 12:29 PM >> To: SAGE mailing list >> Subject: [SAGE] Change control and patching for Linux >> >> I work for a bank in the American mid-west. Our data security group has >> handed down a ruling that we need to begin a routine patching >> process. Joy. By routine they mean a log of patches considered, >> reasons they >> where rejected or passed, and a defined process to follow when >> installing the patches. This will be subject to audit by the Fed's and >> our internal groups. >> >> Our environment is that we are running Red Hat Linux supporting Oracle >> 10g RAC clusters. The problem is that by the time we start a migration >> from the certification cluster, test cluster, disaster recovery cluster, >> to production cluster patches may have been outdated. What with change >> windows, meetings with DBA's and sign offs it may take close to a month >> to complete this path. Up2date is too blunt a tool, we cannot have >> different levels on different clusters. We are considering installing >> yum and defining our own repositories, but any experience or group >> insight would be welcome >> >> Jim Ankenbrandt >> > From sage-members-owner@usenix.org Wed Jan 2 14:10:58 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02MAwxx008871 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 14:10:58 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m02MAwEn008870 for sage-members-0utGoign; Wed, 2 Jan 2008 14:10:58 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.180]) by usenix.org (8.13.6/8.13.6) with ESMTP id m02MAbOS008853 for ; Wed, 2 Jan 2008 14:10:43 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so10117304pyb.10 for ; Wed, 02 Jan 2008 14:10:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=8vZRvfFytcpfWKrozVIaKmSsoO5P71Kzilml9dl5vmI=; b=LDzux7hfvKnIAURPIITs33AAuda8DRjIQqFaMoIXRincBGy9XIutyR7bYgShV7QZSklfadWRce81yH0RflSCzXx74AI4FVzBbi4OyPIVajFqBfu6Rwbh8Iv4qxmPg8Kk2TK4nfYYNZB0xT1kP42Mq4Yu1MKXXBWtPxmlZHDcU50= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=XjaxcoXPmQjkYP3aUGtHrnVHFR8yVKk2NDcH6kpAiVX5p7L3XvXh1ol+e62twfjav0OFNskAymIlnRZ1wRVBZVDcPOMBAReol12UKX0mI18rDhU5OnCNGEIuKo+u8ZYPUs+GsEYaZLeYUDsuN/Ez3bBlgBejGxRrRUnLQb1Q0U0= Received: by 10.115.106.7 with SMTP id i7mr14759826wam.18.1199308211526; Wed, 02 Jan 2008 13:10:11 -0800 (PST) Received: by 10.114.75.3 with HTTP; Wed, 2 Jan 2008 13:10:11 -0800 (PST) Message-ID: Date: Wed, 2 Jan 2008 16:10:11 -0500 From: "Tom Limoncelli" To: "Tim Howe" Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: "a42n8k9 dejazzd.com" , sage-members In-Reply-To: <87r6h0q98z.fsf@quadium.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87r6h0q98z.fsf@quadium.net> X-Google-Sender-Auth: 05849171bb07f0fa X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=2 Fuz1=2 Fuz2=2 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk I used to be very fascist about setting size limits on attachments. I've changed my mind when I realized: Email is the "file system" for people that aren't geeks. IMAP is NFS for your mom. The problem is that increasing the size limit isn't much about changing a setting in postfix or sendmail, but one must re-engineer their entire system. More bandwidth, much, much, larger disks on the server. Demand that the maker of your email client add features that are "big attachment-aware" i.e. don't download an attachment until it is needed, especially if you have road warriers with limited download speed/time. (Gmail does attachment uploading in the background, which I think is pretty cool.) Email systems should de-dup attachments. There's no reason to store the same 50G file multiple times. Even better would be for email systems to store the attachment in a hidden URL and replace the attachment with a link to that URL. (I think Frank Wojcik was the first to propose this idea). Then all sorts of problems go away. Tom From sage-members-owner@usenix.org Wed Jan 2 16:07:47 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0307k2n012247 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 16:07:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0307k9H012246 for sage-members-0utGoign; Wed, 2 Jan 2008 16:07:46 -0800 (PST) Received: from mailgw.mcs.anl.gov (mailgw.mcs.anl.gov [140.221.9.4]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03077rl012239 for ; Wed, 2 Jan 2008 16:07:32 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mailgw.mcs.anl.gov (Postfix) with ESMTP id B5C27348004; Wed, 2 Jan 2008 18:06:59 -0600 (CST) Received: from ubik.topaz.mcs.anl.gov (c-24-15-231-177.hsd1.il.comcast.net [24.15.231.177]) by mailgw.mcs.anl.gov (Postfix) with ESMTP id 9BB26348003; Wed, 2 Jan 2008 18:06:57 -0600 (CST) From: Narayan Desai To: Jim Ankenbrandt Cc: SAGE mailing list Subject: Re: [SAGE] Change control and patching for Linux References: <477BE614.3010000@gmail.com> <477BF5C1.6000807@gmail.com> Date: Wed, 02 Jan 2008 18:06:57 -0600 In-Reply-To: <477BF5C1.6000807@gmail.com> (Jim Ankenbrandt's message of "Wed, 02 Jan 2008 15:36:17 -0500") Message-ID: <87prwjydpa.fsf@mcs.anl.gov> User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/23.0.0 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at mailgw.mcs.anl.gov X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 02 Jan 2008 15:36:17 -0500 Jim Ankenbrandt wrote: Jim> True. That is great input on scheduling.. The problem with our Jim> process is that a patch has to be placed in certification, wait, then Jim> test, wait, then there has to be a change control meeting for DR, 1 Jim> day, patch, then 2 days, then we can do production as long as it is Jim> not in the monthend freeze, is a Saturday and the DBA's agree ( :( ). Jim> This process can be streamlined but, patching something Oracle touches Jim> ( God forbid the kernel, etc ) slows the process down. If it is Jim> critical, there is a process to shortcut this, but there has to be Jim> crash or failure of some kind. Jim> The technology question is how to apply the same patch bundle to five Jim> servers in the window provided ( typically 2 am to 6 am Saturday night Jim> ) and make sure it is the same bundle applied to the prior 3 Jim> clusters, and is consistent. Jim> Scripting would be nice. We have a similar issue on one of our production clusters that we use bcfg2 on. (In the interests of full disclosure, bcfg2 is one of my pet projects) In our case, changes can't be made while user jobs are running. Basically we batch them up, and then deploy them out during the maintenance window. This handily either applying the changes to the production repository at any point and running clients in dry-run mode outside of the maintenance window, or using svn commits to batch the changes and applying them to the repository during the maintenance window. Bcfg2 should support what you are describing using multiple servers, each serving a repository corresponding to the three states you've described (dev/test/prod). Feel free to contact me off list and I can walk you through how it would be setup. -nld From sage-members-owner@usenix.org Wed Jan 2 19:29:14 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033T1n9017291 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 19:29:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m033T1tt017290 for sage-members-0utGoign; Wed, 2 Jan 2008 19:29:01 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033S86Z017223 for ; Wed, 2 Jan 2008 19:28:34 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id D64A715BBA3; Wed, 2 Jan 2008 22:28:07 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 22220-02; Wed, 2 Jan 2008 22:28:03 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id 8731A15BBA8; Wed, 2 Jan 2008 22:28:03 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m033Rw3r019675; Wed, 2 Jan 2008 22:28:03 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <477BE0B7.9040500@gmail.com> References: <477B6A11.1030700@gmail.com> <477BE0B7.9040500@gmail.com> Date: Wed, 2 Jan 2008 21:02:22 -0600 To: Marco Marongiu , Brad Knowles From: Brad Knowles Subject: Re: [SAGE] Limiting outbound connections with a reverse proxy? Cc: SAGE mailing list Content-Type: text/plain; charset="iso-8859-1" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.027 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.372, BAYES_00=-2.599] X-Spam-Score: -4.027 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=17% Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id m033Sx6Z017271 Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, Marco Marongiu wrote: > Therefore, iptables could be an option on the source machine, but on the > target it wouldn´t. Nor ipfw would be on both. Right, but you could also have firewall rules on the proxy server, too. > Therefore, the proxy (or whatever it will be) needs to accept N > connections per second, and dispatch them at a maximum rate of 10 > conn/sec, enqueing the exceeding ones until they can be dispatched, > possibly using a FIFO policy. That is a conundrum. I guess you could always write your own application-specific proxy for this sort of thing. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 2 19:29:16 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033T3Oj017300 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 19:29:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m033T3EU017299 for sage-members-0utGoign; Wed, 2 Jan 2008 19:29:03 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033S75I017221 for ; Wed, 2 Jan 2008 19:28:34 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id 4FE7215BBCD; Wed, 2 Jan 2008 22:28:06 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 20940-09; Wed, 2 Jan 2008 22:28:02 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id 5366B15BBA3; Wed, 2 Jan 2008 22:28:02 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m033Rw3p019675; Wed, 2 Jan 2008 22:28:01 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Wed, 2 Jan 2008 21:00:12 -0600 To: "a42n8k9 dejazzd.com" , sage-members From: Brad Knowles Subject: Re: [SAGE] choosing the proper max SMTP message size Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.027 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.372, BAYES_00=-2.599] X-Spam-Score: -4.027 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=17% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, a42n8k9 dejazzd.com wrote: > It's just that > I have been asked to come up with a permanent solution so we don't have > the problem or help desk calls any more. There is no permanent solution. Whatever is just big enough today will not be big enough tomorrow, and whatever is way too big today may be just big enough tomorrow. This number will keep going up so long as morons keep treating e-mail as a transport mechanism for 500MB PowerPoint slides that have to be sent to every single employee in the company -- all 100,000 of them. > I'm curious about what most > sites set the max SMTP message size to and how problems like this have > been overcome or worked around. When I was the Sr. Internet Mail Admin for AOL, we started out at 2MB. By the time I left more than two years later, it was 10MB. And the number kept getting bigger and bigger. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 2 19:29:16 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033T35O017301 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 19:29:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m033T3CR017298 for sage-members-0utGoign; Wed, 2 Jan 2008 19:29:03 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033S9a6017224 for ; Wed, 2 Jan 2008 19:28:34 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id F0F9E15BBD6; Wed, 2 Jan 2008 22:28:08 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 22641-01; Wed, 2 Jan 2008 22:28:06 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id C0DF815BB92; Wed, 2 Jan 2008 22:28:05 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m033Rw3v019675; Wed, 2 Jan 2008 22:28:05 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Wed, 2 Jan 2008 21:27:49 -0600 To: "Gary Richardson" , "a42n8k9 dejazzd.com" From: Brad Knowles Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: sage-members Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.029 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.370, BAYES_00=-2.599] X-Spam-Score: -4.029 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=17% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, Gary Richardson wrote: > My feeling is that modern servers and software can handle large messages > sizes easily. On individual messages, sure. But a 500MB attachment being sent to all 100,000 people in the company? Okay, so I actually only personally ever saw someone sending a 50MB attachment to all 1000 people in the company, but that's still an instantaneous growth of 50GB of disk space, which is a *huge* chunk of work to do in a very short time. Oh, and then there was the guy who was sending his entire CD and DVD collection by e-mail to another person outside of the company, in chunks of 500-700MB each. > Bandwidth typically isn't a problem either, unless you're > trying to cut bandwidth costs. Many companies have small remote offices that might be connected back to the main office via MPLS or fractional T-1, and only have 64Kbps or 128Kbps available to them at any one point in time. Smaller companies may have xDSL for their remote offices, but when you start talking about large numbers of copies of gargantuan-size messages, there is no amount of bandwidth they could reasonably have that would be sufficient. > Even then, mail servers accept the > message before they calculate the size, so the message has already > been transfered once. Modern MTAs and clients will tell the remote end how large the message is before they attempt to send it, as part of the standard ESMTP extensions. So, you can at least reduce the bandwidth cost for those things where you know beforehand that the message would fail before being completed. > The bigger issue I have experienced is that mail clients don't handle > large attachments well. Outlook is crashy to begin with, but opening a > message with a 100MB attachment is painful. Back in 1999, I was seeing people casually sending around messages using Outlook with 50MB+ PowerPoint slide attachments. These usually had lots of unnecessary and worthless audo and video crap embedded, and were frequently done for things like explaining the vision, mission, and product plan of the company to the customers. Those messages would, in turn, be sent by upper management to all the employees of the company, and yes each and every person *MUST* have a private copy sitting in their personal mailbox, they weren't allowed to put this stuff up on any kind of internal webserver or anything. Note that this was for the largest ISP in Belgium, and all those users had direct 100Mbps connections to the company backbone where the servers were connected. It was not uncommon for the primary mail server for all of our hundreds of thousands (and later, million+) customers to be taken down for extended periods of time (in some cases, hours), just to try to clean up the latest instance of this kind of crap. > Pulling a 10mb+ attachment > from an IMAP server into Mail.app isn't smooth either. I knew there was a reason why I still liked POP3. ;) > About the only > mail client I've used that handles large attachments will is gmail (or > any other webmail client for that matter). I suppose that doesn't > count either, since it's really just a webpage. Yeah, doesn't count. You still have to store all that crap on the server. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 2 19:29:20 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033T75m017307 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 19:29:08 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m033T7Zg017306 for sage-members-0utGoign; Wed, 2 Jan 2008 19:29:07 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033SEXD017228 for ; Wed, 2 Jan 2008 19:28:34 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id BBADE15BB92; Wed, 2 Jan 2008 22:28:13 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 21282-07; Wed, 2 Jan 2008 22:28:08 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id 405AB15BBA8; Wed, 2 Jan 2008 22:28:08 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m033Rw3x019675; Wed, 2 Jan 2008 22:28:06 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <87r6h0q98z.fsf@quadium.net> References: <87r6h0q98z.fsf@quadium.net> Date: Wed, 2 Jan 2008 21:24:17 -0600 To: Tim Howe , "a42n8k9 dejazzd.com" From: Brad Knowles Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: sage-members Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.029 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.370, BAYES_00=-2.599] X-Spam-Score: -4.029 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=17% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, Tim Howe wrote: > At least Microsoft has single storage of duplicated attachments > (although I haven't heard how intelligent it is, e.g., if the same > document is attached to a different message rather than forwarded). I think it only does that on message receipt. So, if you send a message to ten people, and then send another copy of the exact same message (with the exact same attachments) to ten other people, you still get multiple copies stored. I have recently interviewed with a company that is doing long-term message archiving & handling e-discovery for their clients (think financial trading firms that have seven year storage requirements), and they have a special process they've developed to go in and actively harvest all those extra copies of the same attachment and coalesce those into just one copy with multiple links. Nick Christenson and I had looked into doing the same kind of thing back in 2000, for the invited talk that I presented at LISA that year. But we couldn't make a good case for it, since disk capacities are continuing to increase at unbelievable rates but disk I/O throughput is not, and you'd be trading space for additional I/O operations, which would be exactly the reverse of what you'd want to do for a scalable e-mail system. But this company I interviewed with sees this as a way to reduce help desk calls from all these customers who've signed contracts for X amount of storage for Y number of years, and they need to keep the information archived while also reducing their disk quota problems. Nick and I hadn't seen the cost of the customer support side of this issue, so it didn't figure into our equations. > If only the message store didn't fall apart given a slight breeze. Indeed. ;( -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 2 19:29:21 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033T8aj017310 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 19:29:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m033T8tC017309 for sage-members-0utGoign; Wed, 2 Jan 2008 19:29:08 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033SB8e017227 for ; Wed, 2 Jan 2008 19:28:34 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id 93A0F15BBD3; Wed, 2 Jan 2008 22:28:10 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 20048-10; Wed, 2 Jan 2008 22:28:04 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id 5217215BBB7; Wed, 2 Jan 2008 22:28:04 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m033Rw3t019675; Wed, 2 Jan 2008 22:28:04 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <477BE614.3010000@gmail.com> References: <477BE614.3010000@gmail.com> Date: Wed, 2 Jan 2008 21:07:03 -0600 To: Jim Ankenbrandt , SAGE mailing list From: Brad Knowles Subject: Re: [SAGE] Change control and patching for Linux Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.028 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.371, BAYES_00=-2.599] X-Spam-Score: -4.028 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=17% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, Jim Ankenbrandt wrote: > We are considering installing yum and defining our own repositories, but > any experience or group insight would be welcome You can't do this sort of thing without running your own repository. We did that at AOL for all patches to HP-UX on the production servers. The OS support guys would qualify the patches internally (getting them direct from HP, after HP had put them through their own custom qualification service that they built for us), and would make them available on the internal repo. From there, they would go through a "normal" QA process, and then finally out onto production. There were dedicated people who did nothing but these tasks, and did them across all machines for all workgroups, and where certain workgroups had their own dependancies and couldn't necessarily just take the standard QA'ed patches from the repo, they would go through the extra steps necessary to make sure that everything would actually work correctly before pushing them out. I don't see any other way to do this process on a large scale, at least not in an environment where everything absolutely positively must be on the precise same revision of each and every patch in existence. The other way is to design the system so that you can have variability in what versions of what patches are running where, and build the application so that it can handle those kinds of situations. I think that's the sort of thing that Google and Yahoo! do, as opposed to the way we used to do things when I was at AOL. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 2 19:37:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033bhQF018311 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Jan 2008 19:37:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m033bhUh018309 for sage-members-0utGoign; Wed, 2 Jan 2008 19:37:43 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m033b3uO018232 for ; Wed, 2 Jan 2008 19:37:29 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 4747B7CC0AF; Wed, 2 Jan 2008 22:37:03 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 05074-02; Wed, 2 Jan 2008 22:37:00 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id C750B7CC0A5; Wed, 2 Jan 2008 22:37:00 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m033axvj019954; Wed, 2 Jan 2008 22:37:00 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <87r6h0q98z.fsf@quadium.net> Date: Wed, 2 Jan 2008 21:28:32 -0600 To: "Tom Limoncelli" , "Tim Howe" From: Brad Knowles Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: "a42n8k9 dejazzd.com" , sage-members Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.343 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.056, BAYES_00=-2.599] X-Spam-Score: -4.343 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=16% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/2/08, Tom Limoncelli wrote: > Email systems should de-dup attachments. There's no reason to store > the same 50G file multiple times. Even better would be for email > systems to store the attachment in a hidden URL and replace the > attachment with a link to that URL. (I think Frank Wojcik was the > first to propose this idea). Then all sorts of problems go away. AOL stored the attachment(s) separately from the "body" of the message, since the mid-90s. Multiple attachments to a single message would be stored as a single blob, however. What they didn't do was de-dup the attachment system, although they had tried it -- at the time, they found that this created "hot spots" that would cause performance to go into the toilet, and the system just couldn't survive that kind of performance hit. Ironically, Mailman can do this sort of thing -- strip attachments from messages that are posted to the list and store them on the server, and replace the attachment in the message with an URL back to the file. I think a lot of "mail big files" type of solutions work the same way. I don't know whether or not they do any de-duplication, however. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Thu Jan 3 04:45:01 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03Cineq011103 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 04:44:49 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m03Cim1r011102 for sage-members-0utGoign; Thu, 3 Jan 2008 04:44:49 -0800 (PST) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.183]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03Ci3ZH011081 for ; Thu, 3 Jan 2008 04:44:28 -0800 (PST) Received: by wa-out-1112.google.com with SMTP id j4so13611710wah.1 for ; Thu, 03 Jan 2008 04:43:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=eLpoP3OojLcXYpntTLTMjuSBaetKjU92cHSGjBOvdg4=; b=A8x+LgGkDnxOj4IYn8ubnl+0+xC0aEyzCWGRhyrTgIC96TcgjfSOOCFTYyZKmCwDK4D411i0ziGUCkxPZ5J+ZXEVKYdIjwfGF+RYnJTHn0PqDGGYr4fXnMQZLlQrl5hslU5FcHejD15GiealQxbDtluZ8xj1XskhWRgb8u4mzMo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=F1D7oEWDNEIiqS0qNAc+J0/mjPFX7kYJtIFjPTAMYCVReOdxLQm3VCA8Mewwe+qDNv68ZvfayPH5Oh5AGQeotTo2nKwpxKCipBFygzrP21JG9hKkjzQSMfuRdCKYPyzpPbyWiczW4HNMLr4Zcsrbb/gFFo6DK0SuD3FXswCY1wM= Received: by 10.114.52.1 with SMTP id z1mr317269waz.123.1199360657223; Thu, 03 Jan 2008 03:44:17 -0800 (PST) Received: by 10.114.75.3 with HTTP; Thu, 3 Jan 2008 03:44:17 -0800 (PST) Message-ID: Date: Thu, 3 Jan 2008 06:44:17 -0500 From: "Tom Limoncelli" To: "Brad Knowles" Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: "a42n8k9 dejazzd.com" , sage-members In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: X-Google-Sender-Auth: 191fe022da45eba8 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 2, 2008 10:00 PM, Brad Knowles wrote: > On 1/2/08, a42n8k9 dejazzd.com wrote: > > > It's just that > > I have been asked to come up with a permanent solution so we don't have > > the problem or help desk calls any more. > > There is no permanent solution. Whatever is just big enough today > will not be big enough tomorrow, and whatever is way too big today > may be just big enough tomorrow. A "permanent solution" might be "buy XX more disk space each quarter, and add YY more disk space for every 10 new users we hire". Make it part of the budget process, not a surprise to management when you require more disk space. Tom From sage-members-owner@usenix.org Thu Jan 3 07:11:13 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03FB1DN015401 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 07:11:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m03FB0ag015400 for sage-members-0utGoign; Thu, 3 Jan 2008 07:11:01 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03FAXpI015382 for ; Thu, 3 Jan 2008 07:10:58 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id 53E893AE29; Thu, 3 Jan 2008 10:10:21 -0500 (EST) Date: Thu, 3 Jan 2008 10:10:22 -0500 From: Neil Watson To: SAGE mailing list Subject: [SAGE] zenoss versus nagios Message-ID: <20080103151022.GB2316@watson-wilson.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-11-01) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk I'm beginning to plan a migration from an old Nagios 1 server to perhaps Nagios 3. It appears that much has changed from version 1 to 3 meaning that at least some of the configurations will have to be altered or even created anew. Last summer I helped to write a comparison on monitoring systems. In that paper Nagios was a front running but Zenoss came out on top. Now I'm considering migrating to Zenoss instead of Nagios 3. Does anyone here have practical experience with Zenoss? How does it compare with Nagios? Is it worth switching to? -- Neil Watson | Debian Linux System Administrator | Uptime 4 days http://watson-wilson.ca From sage-members-owner@usenix.org Thu Jan 3 08:59:37 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03Gxaq1019435 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 08:59:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m03GxaJT019434 for sage-members-0utGoign; Thu, 3 Jan 2008 08:59:36 -0800 (PST) Received: from absinthe.tinho.net (absinthe.tinho.net [166.84.5.228]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03GwiDt019394 for ; Thu, 3 Jan 2008 08:59:14 -0800 (PST) Received: by absinthe.tinho.net (Postfix, from userid 126) id 1339133D40; Thu, 3 Jan 2008 11:58:38 -0500 (EST) Received: from absinthe.tinho.net (localhost [127.0.0.1]) by absinthe.tinho.net (Postfix) with ESMTP id 113C833C9E; Thu, 3 Jan 2008 11:58:38 -0500 (EST) From: dan@geer.org To: "Tom Limoncelli" cc: sage-members Subject: Re: [SAGE] choosing the proper max SMTP message size In-Reply-To: Your message of "Wed, 02 Jan 2008 16:10:11 EST." Date: Thu, 03 Jan 2008 11:58:38 -0500 Message-Id: <20080103165838.1339133D40@absinthe.tinho.net> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk "Tom Limoncelli" writes: -+---------------------- | Email is the "file system" for people that aren't geeks. | IMAP is NFS for your mom. | You got that right, buddy, not to mention The biggest example of Gresham's Law in my career. --dan From sage-members-owner@usenix.org Thu Jan 3 09:36:07 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03Ha7Mq020826 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 09:36:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m03Ha7HW020825 for sage-members-0utGoign; Thu, 3 Jan 2008 09:36:07 -0800 (PST) Received: from mcs.anl.gov (cliff.mcs.anl.gov [140.221.9.17]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03HZR57020805 for ; Thu, 3 Jan 2008 09:35:53 -0800 (PST) Received: from mcs.anl.gov (harley.mcs.anl.gov [140.221.11.69]) by mcs.anl.gov (8.11.6/8.9.3) with ESMTP id m03HYv8243384; Thu, 3 Jan 2008 11:34:57 -0600 Message-Id: <200801031734.m03HYv8243384@mcs.anl.gov> To: dan@geer.org From: rackow@anl.gov cc: "Tom Limoncelli" , sage-members , rackow@mcs.anl.gov Subject: Re: [SAGE] choosing the proper max SMTP message size In-reply-to: Your message of "Thu, 03 Jan 2008 11:58:38 EST." <20080103165838.1339133D40@absinthe.tinho.net> Date: Thu, 03 Jan 2008 11:34:57 -0600 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk dan@geer.org made the following keystrokes: > >"Tom Limoncelli" writes: >-+---------------------- > | Email is the "file system" for people that aren't geeks. > | IMAP is NFS for your mom. > | > >You got that right, buddy, not to mention The biggest example >of Gresham's Law in my career. Probably a good example of Moore's Law as well. From sage-members-owner@usenix.org Thu Jan 3 10:48:21 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03Im7QQ023679 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 10:48:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m03Im6uK023678 for sage-members-0utGoign; Thu, 3 Jan 2008 10:48:06 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.182]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03IlYWe023648 for ; Thu, 3 Jan 2008 10:47:40 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so10628135pyb.10 for ; Thu, 03 Jan 2008 10:47:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=Dq+xc9fT1n0gS7TETWHRLFX4v9zjsBM74rLCJAI2wmw=; b=X7hE2KSOeMHRH9u//EhWkkTe5hKvrdLdBrhDtLC8NlSSbHK0tUlF1TaZ0W/soSd8CUQE1MYRl0fymVTgkgZ/DSHswzuphYFuMGUo/KrRElvD893NpKZYMI7pUsG9iQAJFHq0X7qKsEvag0tlmhv1J4K4xAXg14v2oZ/ZRrKSn7Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=kf4Jfz9ntR7+FCFPGTC3uTkXcGyl/8Jw13u3sIKYYFDWPU61IjtuPV7d0hjC7fF1btPOnM2c73KURoUQYReWTx0J9zfnmt4H7BojVWMrqC0hICdahtGM6psrhmYxYF1nzjid8oyYtuDU2nSZeci0EoE/NtXlDaMdjH2njZ5QWjU= Received: by 10.64.150.18 with SMTP id x18mr32959980qbd.0.1199386054037; Thu, 03 Jan 2008 10:47:34 -0800 (PST) Received: by 10.64.183.18 with HTTP; Thu, 3 Jan 2008 10:47:33 -0800 (PST) Message-ID: Date: Thu, 3 Jan 2008 10:47:33 -0800 From: "Paul Lathrop" To: "Neil Watson" Subject: Re: [SAGE] zenoss versus nagios Cc: "SAGE mailing list" In-Reply-To: <20080103151022.GB2316@watson-wilson.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080103151022.GB2316@watson-wilson.ca> X-Google-Sender-Auth: 64eca185601dc895 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk Nell, I highly recommend Nagios over Zenoss. Recently I had the opportunity to deploy a monitoring architecture from scratch for a company I consult for. We did our evaluation and with all the touted features Zenoss came out on top. Deployment was much easier than Nagios, and setting up monitors was a breeze. Unfortunately as we dug deeper into Zenoss functionality we ran into a number of problems. First, the feature set as documented just doesn't seem to be there. Auto-discovery of devices never worked despite hours of attempts including digging through the source to try to figure out how it was *supposed* to work. Modeling only seems to work correctly if you are using two specific devices (Dell and HP servers). The documentation makes it sound as though Zenoss makes it easy to decouple services from devices (important when your website doesn't run on any one server, but rather uses a server farm with load balancing, etc.) Sadly, that is not the case. Any monitors that weren't already baked in were extremely difficult to deploy. There was no way of setting a monitoring schedule, and no documentation about what the schedule would be by default. Documentation of Zenoss looks good, but it turns out to be made up of screenshots and describing the obvious, rather than any attempt to describe how to use it, or practical examples on making things work. Finally, the interface, while slick-looking, was buggy and unresponsive. We might have forged forward and attempted to be good open-source citizens and help correct these issues, but there were a couple of deal breakers. First, the monitoring just didn't work. We ran several fire drills where Zenoss reported the problem but failed to notice the resolution. One time, just out of curiousity, I left it alone for 24 hours before deciding it really wasn't going to pick up the fact that the issue was resolved. Second, attempts to seek assistance from the community and developers were generally met with silence, unless the question was already an FAQ. All in all, I think the Zenoss developers spent too much time trying to make a pretty interface and the marketing folks got carried away describing features that aren't there. Nagios is clunky, it is ugly, it is a pain to configure. It also works. So far, I haven't found any other Open Source monitoring system that does monitoring at least as well as Nagios, much less better or easier. I say stick with Nagios. --Paul Lathrop On Jan 3, 2008 7:10 AM, Neil Watson wrote: > I'm beginning to plan a migration from an old Nagios 1 server to perhaps > Nagios 3. It appears that much has changed from version 1 to 3 meaning > that at least some of the configurations will have to be altered or even > created anew. Last summer I helped to write a comparison on monitoring > systems. In that paper Nagios was a front running but Zenoss came out > on top. Now I'm considering migrating to Zenoss instead of Nagios 3. > > Does anyone here have practical experience with Zenoss? How does it > compare with Nagios? Is it worth switching to? > > -- > Neil Watson | Debian Linux > System Administrator | Uptime 4 days > http://watson-wilson.ca > From sage-members-owner@usenix.org Thu Jan 3 11:08:50 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03J8bLj024603 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 11:08:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m03J8bIO024602 for sage-members-0utGoign; Thu, 3 Jan 2008 11:08:37 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.183]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03J7oSe024578 for ; Thu, 3 Jan 2008 11:08:21 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so10638734pyb.10 for ; Thu, 03 Jan 2008 11:07:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=mHDUgSLDHXdPk0thELLE1jW9PVw5+sZM9scp/qDTMgo=; b=Oo5VdxKBYQ8NGAmepbqdQntts4vuuj32/0xOe/LC7vyzdNp3ZJ7nxqthCnWdMZlYsDYUtj5zsP+DQkarvPgF3QbySzveqDB3VmlJDpIvuEw2kqh5EkWDFFC9b+9k2xI+Id5JK0Q7JSpegTWc2Vk/yk1iSIEWVa7uGQw7zerHBns= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=g7idFYJkTugFGsz9a3KeBQCRrsf+6xaMq4j/6mhhKFEunDFEDN2VTLn2kDc3IRVUjIqaeXvJfoUVbQ1v6P9xqTAHuSFdZ3RfvXRwA9tpSj5CZ+1r5e/Wbexp3LZgDx5nmHrByFSa3I2BqPbhJSN5WR+n1kusRMmVjBURVW9pBQE= Received: by 10.35.115.18 with SMTP id s18mr19548397pym.59.1199387269834; Thu, 03 Jan 2008 11:07:49 -0800 (PST) Received: by 10.35.81.8 with HTTP; Thu, 3 Jan 2008 11:07:49 -0800 (PST) Message-ID: Date: Thu, 3 Jan 2008 14:07:49 -0500 From: "Nicholas Tang" To: "Paul Lathrop" Subject: Re: [SAGE] zenoss versus nagios Cc: "Neil Watson" , "SAGE mailing list" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080103151022.GB2316@watson-wilson.ca> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk For a dissenting vote, we actually just switched from Nagios to Zenoss in '07 - maybe 6 months ago. So far, it's been very good to us. It does, however, require a lot of time to get to learn it - and there are still features that Nagios has had for years that Zenoss lacks. All in all, though, I'd give Zenoss the edge - it's got some really nice features Nagios completely lacks, and is improving at a much more rapid pace, fueled by a much larger core developer team. The thing about Zenoss is that everything is centralized - you get syslog, system check, snmpd checks, graphs, inventory, etc. all in one place, with one install. We no longer have to maintain a Cacti instance plus a Nagios instance plus inventories plus a Network monitoring instance plus a syslog parser like swatch, etc. etc. etc. It's all in one place, and because of this, you can cross-reference everything, and a config change made in one place will affect everything, rather than having to change it in a bunch of places. That's a huge advantage. Autodiscover new hosts, assign them to a group, it inherits the monitoring settings, and you immediately start collecting stats on cpu and disk and processes, both immediate (Nagios style) and long-term graphing (Cacti style). What used to be a laborious process (update inventory; update Nagios by hand; update Cacti by hand; double-check to make sure everything matches) is now mostly automated and pretty simple. Bear in mind, I say this as one of the original Netsaint (pre-Nagios) users, so I'm a big fan of it and have been using it since Netsaint 0.2 I believe. I don't say it lightly when I say that Zenoss has been an improvement, and as I mentioned, there are still a lot of things I like better about Nagios. I do, however, think that Zenoss will get those features relatively soon. Disclaimer: I hired a sys admin away from [major media company] who recently rolled out Zenoss for them across multiple locations, monitoring a few thousand servers. He spent quite a bit of time on it there and learned a lot of the quirks and ins and outs, and then was able to implement it here (one location, several hundred hosts) in short fashion. I can't vouch for someone uninitiated in Zenoss - it does take time to learn and master, but it's worth the effort in my opinion. The initial setup was quick, but of course replicating every custom check we had takes time. One note: Zenoss is not nearly as useful if you don't use snmp heavily - we run snmpd on every server and use that to monitor 99% of the stuff in the environment, and so it has been fantastic. We've been moving checks from ssh (w/ keys) based checks to snmp based checks and haven't had any real problems. If you'd like, I can ask him (said SA) to speak to you about it, or if you've got any general questions, I can forward them to him and post his response here. (He's not a member of SAGE.) Nicholas On Jan 3, 2008 1:47 PM, Paul Lathrop wrote: > Nell, > > I highly recommend Nagios over Zenoss. Recently I had the opportunity > to deploy a monitoring architecture from scratch for a company I > consult for. We did our evaluation and with all the touted features > Zenoss came out on top. Deployment was much easier than Nagios, and > setting up monitors was a breeze. Unfortunately as we dug deeper into > Zenoss functionality we ran into a number of problems. First, the > feature set as documented just doesn't seem to be there. > Auto-discovery of devices never worked despite hours of attempts > including digging through the source to try to figure out how it was > *supposed* to work. Modeling only seems to work correctly if you are > using two specific devices (Dell and HP servers). The documentation > makes it sound as though Zenoss makes it easy to decouple services > from devices (important when your website doesn't run on any one > server, but rather uses a server farm with load balancing, etc.) > Sadly, that is not the case. Any monitors that weren't already baked > in were extremely difficult to deploy. There was no way of setting a > monitoring schedule, and no documentation about what the schedule > would be by default. Documentation of Zenoss looks good, but it turns > out to be made up of screenshots and describing the obvious, rather > than any attempt to describe how to use it, or practical examples on > making things work. Finally, the interface, while slick-looking, was > buggy and unresponsive. We might have forged forward and attempted to > be good open-source citizens and help correct these issues, but there > were a couple of deal breakers. First, the monitoring just didn't > work. We ran several fire drills where Zenoss reported the problem but > failed to notice the resolution. One time, just out of curiousity, I > left it alone for 24 hours before deciding it really wasn't going to > pick up the fact that the issue was resolved. Second, attempts to seek > assistance from the community and developers were generally met with > silence, unless the question was already an FAQ. All in all, I think > the Zenoss developers spent too much time trying to make a pretty > interface and the marketing folks got carried away describing features > that aren't there. > > Nagios is clunky, it is ugly, it is a pain to configure. It also > works. So far, I haven't found any other Open Source monitoring system > that does monitoring at least as well as Nagios, much less better or > easier. I say stick with Nagios. > > --Paul Lathrop > > > On Jan 3, 2008 7:10 AM, Neil Watson wrote: > > I'm beginning to plan a migration from an old Nagios 1 server to perhaps > > Nagios 3. It appears that much has changed from version 1 to 3 meaning > > that at least some of the configurations will have to be altered or even > > created anew. Last summer I helped to write a comparison on monitoring > > systems. In that paper Nagios was a front running but Zenoss came out > > on top. Now I'm considering migrating to Zenoss instead of Nagios 3. > > > > Does anyone here have practical experience with Zenoss? How does it > > compare with Nagios? Is it worth switching to? > > > > -- > > Neil Watson | Debian Linux > > System Administrator | Uptime 4 days > > http://watson-wilson.ca > > > From sage-members-owner@usenix.org Thu Jan 3 15:20:23 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03NKBP8002977 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 15:20:11 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m03NKB3V002976 for sage-members-0utGoign; Thu, 3 Jan 2008 15:20:11 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m03NJLUh002944 for ; Thu, 3 Jan 2008 15:19:47 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 3E76E7CC025; Thu, 3 Jan 2008 18:19:19 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 05772-07; Thu, 3 Jan 2008 18:19:16 -0500 (EST) Received: from mail101.his.com (mail101.his.com [216.194.225.77]) by smtp102.his.com (Postfix) with ESMTP id E6AEB7CC10C; Thu, 3 Jan 2008 18:19:16 -0500 (EST) Received: from [192.168.1.199] (cpe-70-113-98-172.austin.res.rr.com [70.113.98.172]) (authenticated bits=0) by mail101.his.com (8.13.8/8.13.3) with ESMTP id m03NJAww041876 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 3 Jan 2008 18:19:12 -0500 (EST) (envelope-from brad@shub-internet.org) From: Brad Knowles To: Tom Limoncelli In-Reply-To: X-Mailer: iPhone Mail (3A109a) Subject: Re: [SAGE] choosing the proper max SMTP message size Content-Transfer-Encoding: 7bit References: Message-Id: <685CAB83-0591-44BC-936F-D6D1DEF01654@shub-internet.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Mime-Version: 1.0 (iPhone Mail 3A109a) Date: Thu, 3 Jan 2008 17:18:39 -0600 Cc: "a42n8k9 dejazzd.com" , sage-members X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.394 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.005, BAYES_00=-2.599] X-Spam-Score: -4.394 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=15% Sender: owner-sage-members@usenix.org Precedence: bulk That's a process solution, not a technical one. Unless you're going to allow unlimited size messages, there are still going to have to be technical measures you have to take and parameters that are going to have to be changed on a regular basis. And specifying 10% aggregate growth per month in your total disk space as your "permanent solution" isn't likely to make the bean counters or "annual budgetists" very happy. -- Brad Knowles Sent from my iPhone On Jan 3, 2008, at 5:44 AM, "Tom Limoncelli" wrote: > On Jan 2, 2008 10:00 PM, Brad Knowles wrote: >> On 1/2/08, a42n8k9 dejazzd.com wrote: >> >>> It's just >>> that >>> I have been asked to come up with a permanent solution so we don't >>> have >>> the problem or help desk calls any more. >> >> There is no permanent solution. Whatever is just big enough today >> will not be big enough tomorrow, and whatever is way too big today >> may be just big enough tomorrow. > > A "permanent solution" might be "buy XX more disk space each quarter, > and add YY more disk space for every 10 new users we hire". Make it > part of the budget process, not a surprise to management when you > require more disk space. > > Tom From sage-members-owner@usenix.org Thu Jan 3 18:02:13 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m042289u007428 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 18:02:08 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0422773007427 for sage-members-0utGoign; Thu, 3 Jan 2008 18:02:08 -0800 (PST) Received: from simq2-srv.bellnexxia.net (simq2-qfe0.srvr.bell.ca [206.47.199.152]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0421R1p007398 for ; Thu, 3 Jan 2008 18:01:53 -0800 (PST) Received: from simip10.srvr.bell.ca ([206.47.199.89]) by simmts12-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080104011229.PJIX25485.simmts12-srv.bellnexxia.net@simip10.srvr.bell.ca> for ; Thu, 3 Jan 2008 20:12:29 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAPoWfUdMRXhO/2dsb2JhbAAIqkE Received: from bas1-toronto09-1279621198.dsl.bell.ca (HELO [192.168.1.133]) ([76.69.120.78]) by alconsout.srvr.bell.ca with ESMTP; 03 Jan 2008 20:10:14 -0500 In-Reply-To: References: <20080103151022.GB2316@watson-wilson.ca> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> Cc: SAGE mailing list Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: SNMP vs. agents (was: [SAGE] zenoss versus nagios) Date: Thu, 3 Jan 2008 20:12:27 -0500 To: Nicholas Tang X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=33% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 3, 2008, at 14:07, Nicholas Tang wrote: > One note: Zenoss is not nearly as useful if you don't use snmp heavily > - we run snmpd on every server and use that to monitor 99% of the > stuff in the environment, and so it has been fantastic. We've been > moving checks from ssh (w/ keys) based checks to snmp based checks and > haven't had any real problems. On a related note: do people find SNMP or agent-based systems "better"? Or, what are the trade-offs between the two? Some things (network equipment) can only have SNMP, so that's the only way to collect resource and statistical data from them, but for Windows and Unix-y hosts, is there a difference? (I believe some FOSS monitoring software also supports Windows' WMI.) Thanks for any info / war stories. From sage-members-owner@usenix.org Thu Jan 3 19:16:02 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m043Fbk8009271 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Jan 2008 19:15:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m043FbbI009270 for sage-members-0utGoign; Thu, 3 Jan 2008 19:15:37 -0800 (PST) Received: from permanently.misplaced.net (root@permanently.misplaced.net [63.231.235.20]) by usenix.org (8.13.6/8.13.6) with ESMTP id m043Ev7N009240 for ; Thu, 3 Jan 2008 19:15:23 -0800 (PST) Received: from permanently.misplaced.net (btoneill@localhost [127.0.0.1]) by permanently.misplaced.net (8.14.1/8.13.6) with ESMTP id m042xMba025056; Thu, 3 Jan 2008 20:59:22 -0600 (CST) Received: (from btoneill@localhost) by permanently.misplaced.net (8.14.1/8.12.10/Submit) id m042xMpD025055; Thu, 3 Jan 2008 20:59:22 -0600 (CST) Date: Thu, 3 Jan 2008 20:59:22 -0600 From: "Brian T. O'Neill" To: Neil Watson Cc: SAGE mailing list Subject: Re: [SAGE] zenoss versus nagios Message-ID: <20080104025922.GA7077@permanently.misplaced.net> Mail-Followup-To: "Brian T. O'Neill" , Neil Watson , SAGE mailing list References: <20080103151022.GB2316@watson-wilson.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080103151022.GB2316@watson-wilson.ca> User-Agent: Mutt/1.4.2.3i X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (permanently.misplaced.net [127.0.0.1]); Thu, 03 Jan 2008 20:59:22 -0600 (CST) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk We use Nagios, but for different reasons... well, really for what Nagios is. Nagios isn't a monitoring system as much as it is an event reporting system. Nagios is our central notification platform used for both sending out alerts as well as graphically on flat panels around the office. Now, saying that Nagios is an event reporting system, you have to create events. We use very few canned Nagios pluggins, instead, we have written our own that are much more scalable. We also rely heavily on vendor supplied "free" monitoring software packages as in many cases, no one is better suited to report on their hardware/software then the people who wrote it. So, a brief description of what we have is as follows: Nagios server receives alerts from: * Sun Management Center * Sun StorADE * HP Insight Manager * Netapp Operations Manager (formally DFM) * Vertias Storage Foundation Management Server * Solar Winds Orion * Oracle OEM (in progress) * EMC Networker (in progress) For performance monitoring/trending/etc we use RTG to collect our data with the targetmaker package (shameless plug) to automatically discover all SNMP nodes on our network and add the proper monitoring for each device based on features supported by the devices MIBs. For instance it will poll a device, determine what version of SNMP to use (1 or 2) and then check a number of "modules" to see what it supports. For our HP boxes (both linux and NT) it will find all CPU's in the system, all disks, memory, processes, users, network interfaces, threads, temperature sensors, and a few other items. RTG then sticks all that data into a SQL (MySQL in our case) database. We then have several daemons that run and continually query the SQL database and report to Nagios on the status of things like CPU usage, disk usage, network bandwidth, network errors, temperature, just about anything that is in the database we alert on. With RTG we're able to collect at 60 second intervals. In our environment currently we're collecting and storing around 60,000 OID's (takes about 33 seconds). We're about about 2TB of data in the MySQL database... Now, for the really fun part... As we have all this data on performance of servers, what do you do with it? Well, the answer is easy, dynamic thresholds for monitoring based on historical data. We're about 50% of the way thru implementing the first stage of this. Basically, as we're a trading firm, we have two parts of teh day we care about, trading hours, and non-trading hours. We have calculated "peaks" and "averages" based on our RTG data for the different periods of the and days of the week. We now have the ability to say "oh, this server is at 94% cpu usage, is this bad? nope, it has hit 95% CPU every da for the last 2 months, so, this is normal, don't alert anyone". But, on the other hand, another server hitting 94% CPU we may say "ut oh, this box has only been hitting 70% max over the last 2 months, 94% is BAD, alert someone!". We currently have the "peaks" database working and are about to start implementing the thresholds from it. And, well, what else can you do with 2TB of performance data? Well, if you have metrics on each CPU individually (which HP Insight gives us, yay HP!) you can do fun things like create a vector for each server based on how evenly it uses all 8 cores in your server. The steeper the vector, the less evenly your app can use the 8 cores, and time to maybe consolidate. The list goes on and on :) As for management of this all, we have an in house GUI to do all the configuring of Nagios. Basically it's a SQL database that generates Nagios configs with a web frontent. We have a number of scripts that automatically populate this SQL database from other applications. So, for instance, if we add a new server, group X updates their list of servers they support, that is automatically pulled into our Nagios config appliction, which then is automatically pulled in my RTG, HP IM, Sun Management Center, or whatever other app we want to create its configs. Basically, we put a host in one place once, and all the monitoring apps pick it up from the single location. Granted this is all a high level overview, and alot more then you were probably looking for... But, it just goes to say, Nagios rocks if you use it for what it is, a reporting system of events. Brian Quoting Neil Watson (sage@watson-wilson.ca) from : > I'm beginning to plan a migration from an old Nagios 1 server to perhaps > Nagios 3. It appears that much has changed from version 1 to 3 meaning > that at least some of the configurations will have to be altered or even > created anew. Last summer I helped to write a comparison on monitoring > systems. In that paper Nagios was a front running but Zenoss came out > on top. Now I'm considering migrating to Zenoss instead of Nagios 3. > > Does anyone here have practical experience with Zenoss? How does it > compare with Nagios? Is it worth switching to? > > -- > Neil Watson | Debian Linux > System Administrator | Uptime 4 days > http://watson-wilson.ca -- btoneill@misplaced.net **************************************************************************** UNIX is simple and coherent, but it takes a genius (or at any rate a programmer) to understand and appreciate the simplicity." - Dennis Ritchie **************************************************************************** From sage-members-owner@usenix.org Fri Jan 4 04:54:59 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04CsWd3011485 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 04:54:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m04CsWQL011484 for sage-members-0utGoign; Fri, 4 Jan 2008 04:54:32 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04CrefU011443 for ; Fri, 4 Jan 2008 04:54:06 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id 166C13AE29; Fri, 4 Jan 2008 07:53:32 -0500 (EST) Date: Fri, 4 Jan 2008 07:53:32 -0500 From: Neil Watson To: SAGE mailing list Subject: Re: SNMP vs. agents (was: [SAGE] zenoss versus nagios) Message-ID: <20080104125332.GA14176@watson-wilson.ca> References: <20080103151022.GB2316@watson-wilson.ca> <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-11-01) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, Jan 03, 2008 at 08:12:27PM -0500, David Magda wrote: > On a related note: do people find SNMP or agent-based systems "better"? Or, > what are the trade-offs between the two? I think the beauty of SNMP is that it gives you a proven agent for all devices on your network. If your monitoring and alerting service uses SNMP then your setup or migration is that much easier. My only current gripe about SNMP is actually directed at the vendors who still offer little support for SNMPv3 even though its been around for years. -- Neil Watson | Debian Linux System Administrator | Uptime 4 days http://watson-wilson.ca From sage-members-owner@usenix.org Fri Jan 4 08:21:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04GLUkB021707 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 08:21:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m04GLU7M021706 for sage-members-0utGoign; Fri, 4 Jan 2008 08:21:30 -0800 (PST) Received: from ro-out-1112.google.com (ro-out-1112.google.com [72.14.202.183]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04GKmTv021677 for ; Fri, 4 Jan 2008 08:21:14 -0800 (PST) Received: by ro-out-1112.google.com with SMTP id k5so1595867rog.7 for ; Fri, 04 Jan 2008 08:20:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=7zxytMM4L5bJYqpKTQdn402VSx6eWcEgfEmYT85M55E=; b=qrjY0Y4BhLsL+VWfjUxOeQbeR7q86eVHvnKCxCacO6dCz/OxJkIe13zm8oYxm1+uWyEBi2tgmHi/37edk47v7OqTP1Xv3ejVeJxkJI29cJG20l3LKIs39+JrIWQEiwhpG9EBug+/LS1dv+qAf5y1GRKSw3ceD/WQDosctFqzO4s= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=qLnQCH8KLakBQDIzPorjs95qDtYl7/clFHfAYDD+15bjqyzI2GMM0wZ8dZ1S2knyY3cOdxjCbCsODcxJpexkkAJVz8Y5cjpT1Kiva3tfVO2pcefTCrng7px04L5WABhQou0OiTUVV57gCJ/4CKsk3/4r4pHpTNm1wuWTwMIQXLE= Received: by 10.114.191.1 with SMTP id o1mr15530091waf.66.1199462808622; Fri, 04 Jan 2008 08:06:48 -0800 (PST) Received: by 10.114.75.3 with HTTP; Fri, 4 Jan 2008 08:06:48 -0800 (PST) Message-ID: Date: Fri, 4 Jan 2008 11:06:48 -0500 From: "Tom Limoncelli" To: "Brad Knowles" Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: "a42n8k9 dejazzd.com" , sage-members In-Reply-To: <685CAB83-0591-44BC-936F-D6D1DEF01654@shub-internet.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <685CAB83-0591-44BC-936F-D6D1DEF01654@shub-internet.org> X-Google-Sender-Auth: 9aedaa4c4e05efb9 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=30% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 3, 2008 6:18 PM, Brad Knowles wrote: > That's a process solution, not a technical one. That's my area of expertise, dude! :) > Unless you're going to > allow unlimited size messages, there are still going to have to be > technical measures you have to take and parameters that are going to > have to be changed on a regular basis. > > And specifying 10% aggregate growth per month in your total disk space > as your "permanent solution" isn't likely to make the bean counters or > "annual budgetists" very happy. I've had very different experience. The bean counters I dealt with would prefer to spend less money, but know that's not possible for a growing service. The alternatives are to be able to spend a predictable amount of money, or to be surprised with sudden, emergency requests. They prefer to be able to predict things. In fact, I remember one time where promising to spend X per quarter rather than surprising the finance people made them positively giddy. In fact, all the business plans I've seen that propose "renting" disk storage were always selling to the finance people, not the technical people. Tom From sage-members-owner@usenix.org Fri Jan 4 10:10:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04IAi5V025811 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 10:10:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m04IAi6I025810 for sage-members-0utGoign; Fri, 4 Jan 2008 10:10:44 -0800 (PST) Received: from moe.nexellent.net (ns1.nexellent.net [217.147.208.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04IA3eH025764 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 4 Jan 2008 10:10:29 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by moe.nexellent.net (Postfix) with ESMTP id 46F3C249EDB for ; Fri, 4 Jan 2008 18:47:19 +0100 (CET) Received: from moe.nexellent.net ([127.0.0.1]) by localhost (moe.nexellent.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 50394-01 for ; Fri, 4 Jan 2008 18:47:19 +0100 (CET) Received: from sauron.lan.nexellent.net (sauron.lan.nexellent.net [217.147.223.208]) by moe.nexellent.net (Postfix) with ESMTP id 09CAD249EDA for ; Fri, 4 Jan 2008 18:47:18 +0100 (CET) Message-ID: <477E7126.6000405@nexellent.ch> Date: Fri, 04 Jan 2008 18:47:18 +0100 From: Roman Hochuli Organization: nexellent ag User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.9) Gecko/20071031 Thunderbird/2.0.0.9 Mnenhy/0.7.5.0 MIME-Version: 1.0 To: sage-members@sage.org Subject: [SAGE] Re: SNMP vs. agents References: <20080103151022.GB2316@watson-wilson.ca> <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> <20080104125332.GA14176@watson-wilson.ca> In-Reply-To: <20080104125332.GA14176@watson-wilson.ca> X-Enigmail-Version: 0.95.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at nexellent.net X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Hello >> On a related note: do people find SNMP or agent-based systems >> "better"? Or, what are the trade-offs between the two? Well, in my humble opinion there are both ways to consider depending on how and what you want to monitor. SNMP is nice for simple stats (routers, ethernet interfaces, disk usages, etc) but unfortunatly a lot of vendors neglect to support it good or do not support it at all. Furthermore if you start to dig deeper into monitoring of services and service level management (with the obvious following reporting behemoth) more and more specialized, agent-based tools come into action. For example: do you know an (opensource?!) SNMP-based monitoring-system which can send out a mail (handed out at a defined mailserver) and check back how fast the mail has been delivered to the test-mailbox if it is delivered at all? Most probably you will end up with a half/half solution depending on what you want or have to monitor thru all your infrastructure. > I think the beauty of SNMP is that it gives you a proven agent for all > devices on your network. Hmm. I guess I have seen too much error-prone or defective SNMP-agents to second that... :-/ -- Best regards, Roman Hochuli Operations Manager nexellent ag Saegereistrasse 29 CH-8152 Glattbrugg Phone: +41 44 562 30 40 Fax: +41 44 562 30 41 URL: www.nexellent.ch X-NCC-RegID: ch.nexellent Imagination is the one weapon in the war against reality. -- Jules de Gaultier From sage-members-owner@usenix.org Fri Jan 4 10:18:31 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04IIJJ5026241 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 10:18:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m04IIIAS026240 for sage-members-0utGoign; Fri, 4 Jan 2008 10:18:18 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04IHRKX026180 for ; Fri, 4 Jan 2008 10:17:53 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id A516D3AE29; Fri, 4 Jan 2008 13:17:19 -0500 (EST) Date: Fri, 4 Jan 2008 13:17:19 -0500 From: Neil Watson To: sage-members@sage.org Subject: Re: [SAGE] Re: SNMP vs. agents Message-ID: <20080104181719.GA26254@watson-wilson.ca> References: <20080103151022.GB2316@watson-wilson.ca> <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> <20080104125332.GA14176@watson-wilson.ca> <477E7126.6000405@nexellent.ch> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <477E7126.6000405@nexellent.ch> X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-11-01) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 04, 2008 at 06:47:18PM +0100, Roman Hochuli wrote: >> I think the beauty of SNMP is that it gives you a proven agent for all >> devices on your network. > >Hmm. I guess I have seen too much error-prone or defective SNMP-agents >to second that... :-/ Perhaps I should revise that statement to SNMP gives you a proven agent for most devices. One thing to note when choosing a monitoring and/or reporting SLA system is to clearly define your requirements. Often people try to choose the biggest super fantastic everything system which ends up taking more time to configure and maintain than they spend actually monitoring and reporting. -- Neil Watson | Debian Linux System Administrator | Uptime 5 days http://watson-wilson.ca From sage-members-owner@usenix.org Fri Jan 4 10:37:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04IbBBp027231 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 10:37:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m04IbB2A027230 for sage-members-0utGoign; Fri, 4 Jan 2008 10:37:11 -0800 (PST) Received: from slick.sigje.org (slick.sigje.org [64.125.64.90]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04IaEbl027160 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 10:36:40 -0800 (PST) Received: from sigje (helo=localhost) by slick.sigje.org with local-esmtp (Exim 4.66 (FreeBSD)) (envelope-from ) id 1JArOp-0009li-N0 for sage-members@sage.org; Fri, 04 Jan 2008 10:36:07 -0800 Date: Fri, 4 Jan 2008 10:36:07 -0800 (PST) From: Jennifer To: sage-members@sage.org Subject: [SAGE] Southern California event Message-ID: <20080104103540.E37547@slick.sigje.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk The Southern California Linux Expo (SCALE) is hosting the 2nd annual (WIOS) mini-conference on February 8, 2008 at the Los Angeles Airport (LAX) Westin. The purpose of the conference is to encourage women of all ages to be a part of the free and open source community. Join us in sharing women's accomplishments, success stories, and advancements on being involved in Free and Open Source projects and communities. Past attendees at this event have included women in technology, teachers, and parents of young girls. Registration: https://www.socallinuxexpo.org/reg6/ > Location: Los Angeles Airport Westin 5400 West Century Boulevard Los Angeles, California 90045 Phone: (310) 216-5858 Fax: (310) 417-4545 More information is available on the web site: http://socallinuxexpo.org/scale6x/conference-info/women-in-open-source/ From sage-members-owner@usenix.org Fri Jan 4 14:56:10 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04MtjZQ012354 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 14:55:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m04MtjAj012352 for sage-members-0utGoign; Fri, 4 Jan 2008 14:55:45 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04MssEc012315 for ; Fri, 4 Jan 2008 14:55:19 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id ABF123AE29; Fri, 4 Jan 2008 17:54:34 -0500 (EST) Date: Fri, 4 Jan 2008 17:54:34 -0500 From: Neil Watson To: SAGE mailing list Subject: Re: [SAGE] zenoss versus nagios Message-ID: <20080104225434.GA3516@watson-wilson.ca> References: <20080103151022.GB2316@watson-wilson.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20080103151022.GB2316@watson-wilson.ca> X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-11-01) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk I'm going to expand this thread a bit. Has anyone kicked the tires of Opennms? -- Neil Watson | Debian Linux System Administrator | Uptime 5 days http://watson-wilson.ca From sage-members-owner@usenix.org Fri Jan 4 15:33:15 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04NXFkU014716 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 15:33:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m04NXFRl014715 for sage-members-0utGoign; Fri, 4 Jan 2008 15:33:15 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.187]) by usenix.org (8.13.6/8.13.6) with ESMTP id m04NWaob014619 for ; Fri, 4 Jan 2008 15:33:01 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so6134820rvb.59 for ; Fri, 04 Jan 2008 15:32:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; bh=RJTZ8JF1f25trt4kJwOzqEPrOCwtLykF83sNxpGZe1o=; b=qGgyGvRa6+P140bRzWMNwcuoHlG48MsIf0oR3U7hIZ+kf3EsTeIxiYLV5AFkbRG9eJe33sA4EHpc4i8vtR+W+AE89MQ7dK8QlQKve30OtTZsj3XcIYl3WNcr3BlQ9/gkBAE3rmDHucMXenNSEIls072YvSoFq8dFNotI/gj/f20= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; b=x9TdwG9oObkUcp0tKX8uspZ1WD49VK1X9Jr597/mXMdRItvm68WC0jn/9OO7ro/drlAVlJSxxCG5Z+a13jbtQAhYXEyEE7X7KkKF1C79p6B5p8F10MglOoWRmwrVMA9UJ6CQKUwwJ3Y7CIfQE9yzGhSapljoZCprxORiD9v3HEU= Received: by 10.141.185.3 with SMTP id m3mr9220419rvp.167.1199489553912; Fri, 04 Jan 2008 15:32:33 -0800 (PST) Received: from mango.nsd.org ( [152.157.64.243]) by mx.google.com with ESMTPS id l21sm5211912rvb.26.2008.01.04.15.32.32 (version=SSLv3 cipher=OTHER); Fri, 04 Jan 2008 15:32:33 -0800 (PST) Date: Fri, 4 Jan 2008 15:32:35 -0800 From: Ski Kacoroski To: Neil Watson Cc: SAGE mailing list Subject: Re: [SAGE] zenoss versus nagios vs opennms Message-ID: <20080104153235.38082c86@mango.nsd.org> In-Reply-To: <20080104225434.GA3516@watson-wilson.ca> References: <20080103151022.GB2316@watson-wilson.ca> <20080104225434.GA3516@watson-wilson.ca> X-Mailer: Claws Mail 3.2.0 (GTK+ 2.8.20; i486-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 4 Jan 2008 17:54:34 -0500 Neil Watson wrote: > I'm going to expand this thread a bit. Has anyone kicked the tires of > Opennms? > I have used OpenNMS for a few years and have a love/hate relationship with it. I like the UI and that trend graphing is built in (not an add on like Nagios). I suspect most of my problems with it are because I do not have a really good understanding for tomcat and java. One problem was that because it can take a period of time to start to collect data from a device I never knew if there was a problem or not (I needed more immediate feedback and better ways to parse the logs). Another is that is scans everything when doing auto discovery so I spent a lot of time telling it I did not care about XYZ device or interface. I also did not like editing xml files all the time to make any changes. I am planning to move to a system that I can configure with my configuration management system instead of auto discovery (probably Nagios as I have used it before). Just my two bits. cheers, ski -- "When we try to pick out anything by itself, we find it connected to the entire universe" John Muir Chris "Ski" Kacoroski, kacoroski@gmail.com, 206-501-9803 or ski98033 on most IM services and gizmo From sage-members-owner@usenix.org Fri Jan 4 23:00:03 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m056xIYP021825 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 22:59:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m056xI9w021824 for sage-members-0utGoign; Fri, 4 Jan 2008 22:59:18 -0800 (PST) Received: from zero.monsters.org (adsl-208-191-248-1.dsl.ltrkar.swbell.net [208.191.248.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m056wQBl021803 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 22:58:54 -0800 (PST) Received: from [172.16.0.25] ([172.16.0.25]) (authenticated bits=0) by zero.monsters.org (8.13.7/8.13.7) with ESMTP id m056w9Q9002576; Sat, 5 Jan 2008 00:58:17 -0600 Subject: Re: SNMP vs. agents (was: [SAGE] zenoss versus nagios) From: Stephen L Johnson To: David Magda Cc: Nicholas Tang , SAGE mailing list In-Reply-To: <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> References: <20080103151022.GB2316@watson-wilson.ca> <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> Content-Type: text/plain Date: Sat, 05 Jan 2008 00:58:09 -0600 Message-Id: <1199516289.12012.13.camel@rodan.monsters.org> Mime-Version: 1.0 X-Mailer: Evolution 2.10.3 (2.10.3-2.fc7) Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 2008-01-03 at 20:12 -0500, David Magda wrote: > On a related note: do people find SNMP or agent-based systems > "better"? Or, what are the trade-offs between the two? > > Some things (network equipment) can only have SNMP, so that's the > only way to collect resource and statistical data from them, but for > Windows and Unix-y hosts, is there a difference? (I believe some FOSS > monitoring software also supports Windows' WMI.) > > Thanks for any info / war stories. I've developed in a systems monitoring systems several years ago (http://spong.sf.net/ if interested. No longer actively supported). From a developer point of view, SNMP is good for network related data gathers. For system monitoring, I avoid SMNP agents. The problem is no consistency. I've works with most every flavor of UNIX under the sun. It seems that every vendor implement the Host MIB in their own way, or in an entirely different location in the tree (HPUX). I've always preferred to have a client running on the host so I can get consistent data know format coming into the Central monitoring system. That way I can isolate the local idiosyncrasies in location. -- Stephen L Johnson From sage-members-owner@usenix.org Fri Jan 4 23:17:31 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m057HUJs022805 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 23:17:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m057HUCE022800 for sage-members-0utGoign; Fri, 4 Jan 2008 23:17:30 -0800 (PST) Received: from zero.monsters.org (adsl-208-191-248-1.dsl.ltrkar.swbell.net [208.191.248.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m057GkNe022741 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 23:17:16 -0800 (PST) Received: from [172.16.0.25] ([172.16.0.25]) (authenticated bits=0) by zero.monsters.org (8.13.7/8.13.7) with ESMTP id m057Gghu003057; Sat, 5 Jan 2008 01:16:42 -0600 Subject: Re: [SAGE] zenoss versus nagios From: Stephen L Johnson To: Neil Watson Cc: SAGE mailing list In-Reply-To: <20080104225434.GA3516@watson-wilson.ca> References: <20080103151022.GB2316@watson-wilson.ca> <20080104225434.GA3516@watson-wilson.ca> Content-Type: text/plain Date: Sat, 05 Jan 2008 01:16:41 -0600 Message-Id: <1199517401.12012.30.camel@rodan.monsters.org> Mime-Version: 1.0 X-Mailer: Evolution 2.10.3 (2.10.3-2.fc7) Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 2008-01-04 at 17:54 -0500, Neil Watson wrote: > I'm going to expand this thread a bit. Has anyone kicked the tires of > Opennms? > I've evaluated OpenNMS for a SLA reporting project at work. OpenNMS is first and foremost a Network Monitoring system. It can autodiscovery and add new devices into to be monitored is your like. If you put your SNMP community strings (by IP addresses and/or ranges). OpenNMS will do a deep probe and findout what the device is. It has good knowledge of various work equipment, and will automatically add interfaces or services it finds to be monitored. It does know about a decent range of network services (http, ftp, ssh, telnet, smtp, snmp, etc). The downside is that is verbose on it's events. Any small new things created an event which have to acknowledge. It's excruciating when autodisovery is running. But once it's finished scanning its not so bad. It's all Java and Tomcat. Adding new monitors isn't as so straight forward as Nagios or Zenoss. And it's system monitor is limited to what your can get out of SNMP via the HOST MIB. Trending is built in. It starts charting as soon as a service starts to be monitored. It's got a very flexible notifcation and user scheme. There is fine grain permission for allow certain users or group of users access to devices/services. The latest version is much easier to setup and run. You don't to setup Tomcat anynmore in order to run the Web GUI Front-End. Once you'e grok the setup, it's too bad. Basic setup is done via editing configuration files. And it's seems to run well. Didn't have any issues except when the system ran out disk space. It found a whole lot of devices other Class B I sic'ed it on. -- Stephen L Johnson From sage-members-owner@usenix.org Sat Jan 5 00:01:02 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0580oUU006742 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 00:00:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0580ofS006741 for sage-members-0utGoign; Sat, 5 Jan 2008 00:00:50 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m057xwJf006707 for ; Sat, 5 Jan 2008 00:00:24 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id 102B915BC18; Sat, 5 Jan 2008 02:59:55 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 17503-02; Sat, 5 Jan 2008 02:59:52 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id 836C615BC22; Sat, 5 Jan 2008 02:59:52 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m057xUxA062625; Sat, 5 Jan 2008 02:59:51 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <685CAB83-0591-44BC-936F-D6D1DEF01654@shub-internet.org> Date: Sat, 5 Jan 2008 01:41:07 -0600 To: "Tom Limoncelli" , "Brad Knowles" From: Brad Knowles Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: "a42n8k9 dejazzd.com" , sage-members Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.036 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.363, BAYES_00=-2.599] X-Spam-Score: -4.036 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=20% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/4/08, Tom Limoncelli wrote: >> That's a process solution, not a technical one. > > That's my area of expertise, dude! :) That still leaves us with the technical issue of having to go in and periodically increase the maximum message size that you currently allow, unless you want to just turn off that feature and encourage people to start sending their entire Blu-Ray or HD-DVD collection by e-mail. Or maybe their entire multi-terabyte system backup images by e-mail. And if you really do want to take that step, then I would submit that you are the outlier in this case and that the OP is unlikely to want to take the same sort of solution -- along with most of the rest of us. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Sat Jan 5 00:06:02 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0585v1O007027 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 00:05:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0585uFK007023 for sage-members-0utGoign; Sat, 5 Jan 2008 00:05:57 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0585HvL006951 for ; Sat, 5 Jan 2008 00:05:42 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id EF6657CC003; Sat, 5 Jan 2008 03:05:16 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 00817-05; Sat, 5 Jan 2008 03:05:14 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id E942C7CC005; Sat, 5 Jan 2008 03:05:14 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0585A6C062930; Sat, 5 Jan 2008 03:05:13 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <1199516289.12012.13.camel@rodan.monsters.org> References: <20080103151022.GB2316@watson-wilson.ca> <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> <1199516289.12012.13.camel@rodan.monsters.org> Date: Sat, 5 Jan 2008 02:04:37 -0600 To: Stephen L Johnson , David Magda From: Brad Knowles Subject: Re: SNMP vs. agents (was: [SAGE] zenoss versus nagios) Cc: Nicholas Tang , SAGE mailing list Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.343 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.056, BAYES_00=-2.599] X-Spam-Score: -4.343 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=18% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/5/08, Stephen L Johnson wrote: > From > a developer point of view, SNMP is good for network related data > gathers. For system monitoring, I avoid SMNP agents. The problem is no > consistency. I've works with most every flavor of UNIX under the sun. It > seems that every vendor implement the Host MIB in their own way, or in > an entirely different location in the tree (HPUX). That's where I like to implement a standard SNMP agent (e.g., NetSNMP) across all possible platforms, so that you get that consistency. If you choose, you can then augment that information with a platform-specific agent, but then you'll need to adapt the monitoring & management platform for each platform-specific monitoring agent you're going to support. IMO, NetSNMP gets you the easy 80%, and the other 20% only comes with some harder work with the platform-specific agents, and is unlikely to give you a good return on your investment. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Sat Jan 5 06:31:50 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05EVikQ025439 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 06:31:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m05EViCc025438 for sage-members-0utGoign; Sat, 5 Jan 2008 06:31:44 -0800 (PST) Received: from simmts5-srv.bellnexxia.net (simmts5-qfe0.srvr.bell.ca [206.47.199.163]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05EVBaM025414 for ; Sat, 5 Jan 2008 06:31:33 -0800 (PST) Received: from simip10.srvr.bell.ca ([206.47.199.89]) by simmts5-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080105142609.MAAD1753.simmts5-srv.bellnexxia.net@simip10.srvr.bell.ca> for ; Sat, 5 Jan 2008 09:26:09 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAMkif0dMQzxW/2dsb2JhbAAIqXs Received: from bas1-toronto09-1279474774.dsl.bell.ca (HELO [192.168.1.133]) ([76.67.60.86]) by alconsout.srvr.bell.ca with ESMTP; 05 Jan 2008 09:23:52 -0500 In-Reply-To: <1199517401.12012.30.camel@rodan.monsters.org> References: <20080103151022.GB2316@watson-wilson.ca> <20080104225434.GA3516@watson-wilson.ca> <1199517401.12012.30.camel@rodan.monsters.org> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <84002011-BD53-4F06-A085-B081461CB155@ee.ryerson.ca> Cc: SAGE mailing list Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] zenoss versus nagios Date: Sat, 5 Jan 2008 09:26:07 -0500 To: Stephen L Johnson X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=23% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 5, 2008, at 02:16, Stephen L Johnson wrote: > forward as Nagios or Zenoss. And it's system monitor is limited to > what > your can get out of SNMP via the HOST MIB. Trending is built in. It Only the host MIB? So it wouldn't be possible to add MIBs or use NetSNMP's "exec" directive to modify an OID to monitor the response time of an LDAP or web server? While making sure hosts are running is good, things tend to be strung together a lot (proxy->CMS->database) and it would be useful to create dependencies between hosts and services. The older version of Nagios that I'm looking after has host dependencies, but I've always thought that host-service would be a nice addition. Haven't had a chance to look at whether anything out there (especially FOSS) does such a thing. From sage-members-owner@usenix.org Sat Jan 5 06:31:56 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05EVhkG025436 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 06:31:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m05EVhVl025434 for sage-members-0utGoign; Sat, 5 Jan 2008 06:31:43 -0800 (PST) Received: from simmts5-srv.bellnexxia.net (simmts5-qfe0.srvr.bell.ca [206.47.199.163]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05EVBaO025414 for ; Sat, 5 Jan 2008 06:31:41 -0800 (PST) Received: from simip9.srvr.bell.ca ([206.47.199.87]) by simmts8-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080105141447.NRNM5740.simmts8-srv.bellnexxia.net@simip9.srvr.bell.ca> for ; Sat, 5 Jan 2008 09:14:47 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAHcff0dMQzxW/2dsb2JhbAAIkWKYJQ Received: from bas1-toronto09-1279474774.dsl.bell.ca (HELO [192.168.1.133]) ([76.67.60.86]) by alconsout.srvr.bell.ca with ESMTP; 05 Jan 2008 09:15:13 -0500 In-Reply-To: References: <20080103151022.GB2316@watson-wilson.ca> <95B0510E-86E7-4C6C-A7B2-890643DC8FFB@ee.ryerson.ca> <1199516289.12012.13.camel@rodan.monsters.org> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <8CDB86B4-568C-4BAE-B480-8FA01D780261@ee.ryerson.ca> Cc: SAGE mailing list Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: SNMP vs. agents (was: [SAGE] zenoss versus nagios) Date: Sat, 5 Jan 2008 09:14:44 -0500 To: Brad Knowles X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=23% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 5, 2008, at 03:04, Brad Knowles wrote: > IMO, NetSNMP gets you the easy 80%, and the other 20% only comes > with some harder work with the platform-specific agents, and is > unlikely to give you a good return on your investment. From what I'm hearing it looks like SNMP gets you basic (CPU, disk, memory) resource usage monitoring for event notification and long- term trending, but there may be some things that you want to monitor that it won't cover (e.g., response time of web servers, hardware- specific metrics like fan RPM and temperature). (Net)SNMP can also check to see if processes are running (and there are the correct amount of them), but can't tell you if they're working properly. For those things a protocol-specific agent may be necessary to make sure things are working properly (or you use NetSNMP's "exec" directive to expand an existing OID). From sage-members-owner@usenix.org Sat Jan 5 07:09:32 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05F9VVF027733 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 07:09:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m05F9Vqf027732 for sage-members-0utGoign; Sat, 5 Jan 2008 07:09:31 -0800 (PST) Received: from simmts8-srv.bellnexxia.net (simmts8-srv.bellnexxia.net [206.47.199.166]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05F8oKI027713 for ; Sat, 5 Jan 2008 07:09:15 -0800 (PST) Received: from simip9.srvr.bell.ca ([206.47.199.87]) by simmts8-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080105142050.NSXO5740.simmts8-srv.bellnexxia.net@simip9.srvr.bell.ca> for ; Sat, 5 Jan 2008 09:20:50 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAGYgf0dMQzxW/2dsb2JhbAAIqgc Received: from bas1-toronto09-1279474774.dsl.bell.ca (HELO [192.168.1.133]) ([76.67.60.86]) by alconsout.srvr.bell.ca with ESMTP; 05 Jan 2008 09:21:16 -0500 In-Reply-To: References: <685CAB83-0591-44BC-936F-D6D1DEF01654@shub-internet.org> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Cc: sage-members Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] choosing the proper max SMTP message size Date: Sat, 5 Jan 2008 09:20:47 -0500 To: Brad Knowles X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=24% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 5, 2008, at 02:41, Brad Knowles wrote: > That still leaves us with the technical issue of having to go in > and periodically increase the maximum message size that you > currently allow, unless you want to just turn off that feature and > encourage people to start sending their entire Blu-Ray or HD-DVD > collection by e-mail. Or maybe their entire multi-terabyte system > backup images by e-mail. This may sound funny, but people (try to) do this. We had developers who wanted to e-mail DVD installation ISOs to other developers over oceanic links via Outlook / Exchange. They found it didn't work so well and couldn't figure out why. From sage-members-owner@usenix.org Sat Jan 5 08:01:08 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05G0eeI029737 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 08:00:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m05G0eFX029731 for sage-members-0utGoign; Sat, 5 Jan 2008 08:00:40 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05G02gu029617 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 08:00:02 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m05G02d9029612 for sage-members@usenix.org; Sat, 5 Jan 2008 08:00:02 -0800 (PST) Received: from uni11mr.unity.ncsu.edu (uni11mr.unity.ncsu.edu [152.1.224.170]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0538Bpc004053 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 4 Jan 2008 19:08:37 -0800 (PST) Received: from NCSTATEGW.fis.ncsu.edu (ncstategw.fis.ncsu.edu [152.1.243.38]) by uni11mr.unity.ncsu.edu (8.13.7/8.13.8/Nv5.2006.1109) with ESMTP id m052ijni018117 for ; Fri, 4 Jan 2008 21:44:45 -0500 (EST) Received: from NCSTATE-MTA by NCSTATEGW.fis.ncsu.edu with Novell_GroupWise; Fri, 04 Jan 2008 21:44:45 -0500 Message-Id: <477EA8C1.CA9F.0041.0@gw.fis.ncsu.edu> X-Mailer: Novell GroupWise Internet Agent 7.0.2 HP Date: Fri, 04 Jan 2008 21:44:34 -0500 From: "Bill Morris" To: Subject: Re: [SAGE] zenoss versus nagios - (Zenoss Presentation - Raleigh, NC) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=__PartBC9A8802.0__=" X-PMX-Version: 5.3.3.310218, Antispam-Engine: 2.5.2.313940, Antispam-Data: 2008.1.4.182855 X-Spam-Status: No, Hits=18% X-Spam-Level: XIIIIIIII X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=8% Sender: owner-sage-members@usenix.org Precedence: bulk This is a MIME message. If you are reading this text, you may want to consider changing to a mail reader or gateway that understands how to properly handle MIME multipart messages. --=__PartBC9A8802.0__= Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Hi Folks, I thought I would forward this to the list for anyone in my area that would like to attend: ========================== The January 2008 meeting of the Triangle Linux Users Group will be held on January 10 at Red Hat in Raleigh, NC at 7:00PM. Directions available at http://www.redhat.com/about/contact/ww/americas/raleigh.html This month's topic is Zenoss Core. Zenoss Core is an open-source network management platform which monitors your applications, servers, and network infrastructure using SNMP, syslog, polling - even custom scripts and Nagios plugins! The bells-and-whistles you get with this open-source platform, like its Ajax-based user interface and integration with Google Maps, will truly dazzle you. Come to the January meeting and see why this impressive, GPL-licensed management platform is among the top five Sourceforge downloads. Mark Turner of Zenoss will be presenting. _______________________________________________ Trilug-announce mailing list http://www.trilug.org/mailman/listinfo/trilug-announce Bill Morris Bill Morris (bill_morris@ncsu.edu) Operations and Systems Analyst Campus Novell Services Systems and Core Services Network and Systems Services North Carolina State University Campus Box 7209 B21, 2620 Hillsborough Street Raleigh, NC 27695-7209 (919) 513-1800 --=__PartBC9A8802.0__= Content-Type: text/html; charset=US-ASCII Content-Transfer-Encoding: base64 Content-Description: HTML PEhUTUw+PEhFQUQ+DQo8TUVUQSBodHRwLWVxdWl2PUNvbnRlbnQtVHlwZSBjb250ZW50PSJ0ZXh0 L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPE1FVEEgY29udGVudD0iTVNIVE1MIDYuMDAuNjAwMC4x NjU4NyIgbmFtZT1HRU5FUkFUT1I+PC9IRUFEPg0KPEJPRFkgc3R5bGU9Ik1BUkdJTjogNHB4IDRw eCAxcHg7IEZPTlQ6IDEwcHQgU2Vnb2UgVUkiPg0KPERJVj5IaSBGb2xrcyw8L0RJVj4NCjxESVY+ Jm5ic3A7PC9ESVY+DQo8RElWPiZuYnNwOyBJIHRob3VnaHQgSSB3b3VsZCBmb3J3YXJkIHRoaXMg dG8gdGhlIDwvRElWPg0KPERJVj5saXN0IGZvciBhbnlvbmUgaW4gbXkgYXJlYSB0aGF0IHdvdWxk IDwvRElWPg0KPERJVj5saWtlIHRvIGF0dGVuZDo8L0RJVj4NCjxESVY+Jm5ic3A7PC9ESVY+DQo8 RElWPj09PT09PT09PT09PT09PT09PT09PT09PT09PC9ESVY+DQo8RElWPlRoZSBKYW51YXJ5IDIw MDggbWVldGluZyBvZiB0aGUgVHJpYW5nbGUgTGludXggVXNlcnMgR3JvdXAgd2lsbCBiZTxCUj5o ZWxkIG9uIEphbnVhcnkgMTAgYXQgUmVkIEhhdCBpbiBSYWxlaWdoLCBOQyBhdCA3OjAwUE0uJm5i c3A7IERpcmVjdGlvbnM8QlI+YXZhaWxhYmxlIGF0IDxBIGhyZWY9Imh0dHA6Ly93d3cucmVkaGF0 LmNvbS9hYm91dC9jb250YWN0L3d3L2FtZXJpY2FzL3JhbGVpZ2guaHRtbCI+aHR0cDovL3d3dy5y ZWRoYXQuY29tL2Fib3V0L2NvbnRhY3Qvd3cvYW1lcmljYXMvcmFsZWlnaC5odG1sPC9BPiA8L0RJ Vj4NCjxESVY+Jm5ic3A7PC9ESVY+DQo8RElWPlRoaXMgbW9udGgncyB0b3BpYyBpcyBaZW5vc3Mg Q29yZS4gWmVub3NzIENvcmUgaXMgYW4gb3Blbi1zb3VyY2U8QlI+bmV0d29yayBtYW5hZ2VtZW50 IHBsYXRmb3JtIHdoaWNoIG1vbml0b3JzIHlvdXIgYXBwbGljYXRpb25zLCBzZXJ2ZXJzLDxCUj5h bmQgbmV0d29yayBpbmZyYXN0cnVjdHVyZSB1c2luZyBTTk1QLCBzeXNsb2csIHBvbGxpbmcgLSBl dmVuIGN1c3RvbTxCUj5zY3JpcHRzIGFuZCBOYWdpb3MgcGx1Z2lucyEgVGhlIGJlbGxzLWFuZC13 aGlzdGxlcyB5b3UgZ2V0IHdpdGggdGhpczxCUj5vcGVuLXNvdXJjZSBwbGF0Zm9ybSwgbGlrZSBp dHMgQWpheC1iYXNlZCB1c2VyIGludGVyZmFjZSBhbmQ8QlI+aW50ZWdyYXRpb24gd2l0aCBHb29n bGUgTWFwcywgd2lsbCB0cnVseSBkYXp6bGUgeW91LjwvRElWPg0KPERJVj4mbmJzcDs8L0RJVj4N CjxESVY+Q29tZSB0byB0aGUgSmFudWFyeSBtZWV0aW5nIGFuZCBzZWUgd2h5IHRoaXMgaW1wcmVz c2l2ZSwgR1BMLWxpY2Vuc2VkPEJSPm1hbmFnZW1lbnQgcGxhdGZvcm0gaXMgYW1vbmcgdGhlIHRv cCBmaXZlIFNvdXJjZWZvcmdlIGRvd25sb2Fkcy4gTWFyazxCUj5UdXJuZXIgb2YgWmVub3NzIHdp bGwgYmUgcHJlc2VudGluZy48L0RJVj4NCjxESVY+Jm5ic3A7PC9ESVY+DQo8RElWPl9fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fPEJSPlRyaWx1Zy1hbm5vdW5j ZSBtYWlsaW5nIGxpc3Q8QlI+PEEgaHJlZj0iaHR0cDovL3d3dy50cmlsdWcub3JnL21haWxtYW4v bGlzdGluZm8vdHJpbHVnLWFubm91bmNlIj5odHRwOi8vd3d3LnRyaWx1Zy5vcmcvbWFpbG1hbi9s aXN0aW5mby90cmlsdWctYW5ub3VuY2U8L0E+PC9ESVY+DQo8RElWPiZuYnNwOzwvRElWPg0KPERJ Vj5CaWxsIE1vcnJpczwvRElWPg0KPERJVj4mbmJzcDs8L0RJVj4NCjxESVY+Jm5ic3A7PC9ESVY+ DQo8RElWPkJpbGwgTW9ycmlzIChiaWxsX21vcnJpc0BuY3N1LmVkdSk8QlI+T3BlcmF0aW9ucyBh bmQgU3lzdGVtcyBBbmFseXN0PEJSPkNhbXB1cyBOb3ZlbGwgU2VydmljZXM8L0RJVj4NCjxESVY+ U3lzdGVtcyBhbmQgQ29yZSBTZXJ2aWNlczwvRElWPg0KPERJVj5OZXR3b3JrIGFuZCBTeXN0ZW1z IFNlcnZpY2VzJm5ic3A7PEJSPk5vcnRoIENhcm9saW5hIFN0YXRlIFVuaXZlcnNpdHk8QlI+Q2Ft cHVzIEJveCA3MjA5PEJSPkIyMSwgMjYyMCBIaWxsc2Jvcm91Z2ggU3RyZWV0PEJSPlJhbGVpZ2gs IE5DIDI3Njk1LTcyMDk8QlI+KDkxOSkgNTEzLTE4MDAgPC9ESVY+PC9CT0RZPjwvSFRNTD4= --=__PartBC9A8802.0__=-- From sage-members-owner@usenix.org Sat Jan 5 08:12:25 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05GCC1r000567 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jan 2008 08:12:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m05GCCQT000565 for sage-members-0utGoign; Sat, 5 Jan 2008 08:12:12 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m05GBLHh000545 for ; Sat, 5 Jan 2008 08:11:46 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 7A2C37CC037; Sat, 5 Jan 2008 11:11:10 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 07876-01; Sat, 5 Jan 2008 11:11:06 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id C84067CC03E; Sat, 5 Jan 2008 11:11:05 -0500 (EST) Received: from [192.168.1.101] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m05GB3r1087059; Sat, 5 Jan 2008 11:11:04 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <685CAB83-0591-44BC-936F-D6D1DEF01654@shub-internet.org> Date: Sat, 5 Jan 2008 10:01:49 -0600 To: David Magda , Brad Knowles From: Brad Knowles Subject: Re: [SAGE] choosing the proper max SMTP message size Cc: sage-members Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.342 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.057, BAYES_00=-2.599] X-Spam-Score: -4.342 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=18% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/5/08, David Magda wrote: > This may sound funny, but people (try to) do this. We had developers > who wanted to e-mail DVD installation ISOs to other developers over > oceanic links via Outlook / Exchange. They found it didn't work so > well and couldn't figure out why. That's why I mentioned this specific issue, although perhaps I didn't make it sound seriously enough. When I was working for the consulting company Snow BV in the Netherlands, and they had me working at a customer site just outside of Eindhoven, among other things I got into helping them do their mail systems administration for the entire company. They had about ~3500 people there at HQ, about 7000 total world-wide, with a large number of small sales offices distributed around the world, all tied back to the HQ offices via private WAN connections. Each of the small sales offices had a single primary server on-site (ancient Sun SPARC SS20 boxes -- not UltraSPARC, but the original SPARC SS20) with 4GB hard drives, and they were connected back to the HQ offices with 64Kbps or 128Kbps fractional T-1/E-1 lines. This server was used for everything -- mail, shell, web proxy, everything. We had a sales guy in the Taiwan sales office who decided to mail his entire CD and DVD collection to a customer (also in Taiwan), and he did so in chunks of 500-700MB each. Apparently giving music or video to a customer is a common sales tactic over there, and sales people think nothing of sharing their massive library of content at the drop of a hat. As you can imagine, this one tiny SS20 with 4GB total disk capacity across the entire box had a combined mail spool/user mailbox storage capacity of about 700MB in total, of which some was used for storing user mailboxes (POP3, not IMAP), leaving the machine with a variable amount of available storage on that file system, although usually somewhere in the vicinity of 500MB. So, "small" mail messages with just a 500MB attachment could potentially get through the system without too much pain, but larger mail messages would just run the entire box out of disk space on that file system and, more often than not, the machine would crash. And this would happen repeatedly, until whatever message that was larger than the machine could handle would finally get through or seven days would pass by and it would get bounced to the sender -- although he didn't have 700MB free disk space to store the message in his mailbox, and he would just re-send the message all over again. This literally wiped out the entire Taiwan sales office for days and even weeks. No one else down there could get any work done. Problem was, none of them could diagnose what was going on or how to fix it, and it took them a long time to finally decide they needed outside help and called us to help them fix their box. And this doesn't begin to discuss the cost of sending such massive messages across transatlantic WAN lines that have an exorbitant cost per kilobit transferred, and what that does to the ability to try to transfer any other content over those lines during that period of time. I don't know how many sales to other Taiwanese customers may have been affected, but each system that this company sold cost tens of millions of dollars, so if they lost just one purchase, then that lost revenue would cost way more than any salary they could possibly have paid to the entire Taiwanese sales office in an entire year, and way more than it would have cost to replace all of the mail servers/services across the entire company -- many times over. No joke. You just can't make up stuff like this. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Tue Jan 8 08:56:30 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m08GuUoW028332 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 08:56:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m08GuU50028331 for sage-members-0utGoign; Tue, 8 Jan 2008 08:56:30 -0800 (PST) Received: from out5.smtp.messagingengine.com (out5.smtp.messagingengine.com [66.111.4.29]) by usenix.org (8.13.6/8.13.6) with ESMTP id m08Gu4hR028314 for ; Tue, 8 Jan 2008 08:56:16 -0800 (PST) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id F17798474F for ; Tue, 8 Jan 2008 11:46:00 -0500 (EST) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute1.internal (MEProxy); Tue, 08 Jan 2008 11:46:01 -0500 X-Sasl-enc: jb90aouUZux3uWWr+IEIsbAB4ScW1eawhTWU2YjsO89V 1199810760 Received: from bastion (c-66-30-112-2.hsd1.ma.comcast.net [66.30.112.2]) by mail.messagingengine.com (Postfix) with ESMTP id B396711487 for ; Tue, 8 Jan 2008 11:46:00 -0500 (EST) From: seph To: sage-members@sage.org Subject: [SAGE] Sun's Java Web Console Date: Tue, 08 Jan 2008 11:46:00 -0500 Message-ID: User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=22% Sender: owner-sage-members@usenix.org Precedence: bulk I've just started playing a Sun StorageTek array. Much to my annoyance, the only way to manage it appears to require a machine hosting the Common Array Manager software. Which, at least on solaris, is a plugin for the java web console. Generally I've shied away from web consoles, preferring configuration files, version control, and change tracking. How do other people feel about sun's web console? I'd love to get a idea of how people feel about it. seph From sage-members-owner@usenix.org Tue Jan 8 17:04:17 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0913xrd018314 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 17:03:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0913xfQ018313 for sage-members-0utGoign; Tue, 8 Jan 2008 17:03:59 -0800 (PST) Received: from [131.106.3.57] (romulus.usenix.org [131.106.3.57]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0913dT5018291 for ; Tue, 8 Jan 2008 17:03:39 -0800 (PST) Mime-Version: 1.0 (Apple Message framework v752.3) Content-Transfer-Encoding: 7bit Message-Id: Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed To: sage-members@sage.org From: Anne Dickison Subject: [SAGE] Don't miss USENIX and SAGE at SCALE 6x. Date: Tue, 8 Jan 2008 17:03:37 -0800 X-Mailer: Apple Mail (2.752.3) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk Don't miss USENIX and SAGE at SCALE 6x. USENIX and SAGE will be exhibiting at the Southern California Linux Expo (SCALE 6x). The expo will take place February 8-10, 2008, at the Westin Los Angeles Airport. SCALE 6x has over 50 tutorial sessions; over 75 expo booths; BoFs; and special Friday sessions on healthcare, education, and women in open source. Find out more at http://www.socallinuxexpo.org If you're going to SCALE, please stop by booth #78 and say hello! From sage-members-owner@usenix.org Tue Jan 8 18:54:55 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m092sodD027063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 18:54:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m092snS5027061 for sage-members-0utGoign; Tue, 8 Jan 2008 18:54:49 -0800 (PST) Received: from mail.puryear-it.com (mail.puryear-it.com [68.224.217.79]) by usenix.org (8.13.6/8.13.6) with ESMTP id m092rps6027038 for ; Tue, 8 Jan 2008 18:54:16 -0800 (PST) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.puryear-it.com (Postfix) with ESMTP id 931128127 for ; Tue, 8 Jan 2008 20:53:45 -0600 (CST) X-Virus-Scanned: amavisd-new at puryear-it.com Received: from mail.puryear-it.com ([127.0.0.1]) by localhost (mail.puryear-it.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RpkxhItbfIWe for ; Tue, 8 Jan 2008 20:53:44 -0600 (CST) Received: from [192.168.0.100] (ip24-250-64-107.br.br.cox.net [24.250.64.107]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.puryear-it.com (Postfix) with ESMTP id 1BF1B810D for ; Tue, 8 Jan 2008 20:53:44 -0600 (CST) Message-ID: <4784373D.3040006@puryear-it.com> Date: Tue, 08 Jan 2008 20:53:49 -0600 From: Dustin Puryear Organization: Puryear IT, LLC User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071031 Thunderbird/2.0.0.9 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: sage-members@sage.org Subject: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ X-Enigmail-Version: 0.95.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk So, we have an internal debate at Puryear IT about how to best setup cronjobs. First, let's assume Linux here. Every UNIX flavor has some unique trick it likes to use, but Linux is a good example of several ways to do cronjobs. So, with most Linux installs, you have these options: 1. normal use of crontabs 2. creating a crontab-like entry in a file in /etc/cron.d/ 3. creating symlinks to your scripts in /etc/cron.hourly/, /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) 4. /etc/crontab for the root user being able to run cron jobs as any user, unlike /etc/cron.d/ and /etc/cron.daily/. The question here isn't one of technical correctness (they are all correct), but one of consistency both internally and, potentially, with other people messing with cronjobs on the same box. The debate started when I logged into a server and didn't see our jobs in root's crontab or as symlink under /etc/cron.daily/. They were in /etc/cron.d/. Fine. Except I never do that. I usually use a user's crontab or /etc/cron.daily/. So, immediately, we have a internal consistency issue, which could, conceivably, cause me to create a duplicate cronjob. (Let's ignore documentation and change management.) The problem I have with /etc/cron.d/ is that most people DON'T USE IT. Sure, system scripts that come with the distro often do, but, really, how many sysadmins create their cronjobs there? Not many in my experience. Yet, there is a certain cleanness to /etc/cron.d/. :) /etc/crontab has the unique benefit of letting centralize your cronjobs, but then you have a single file that everyone has to muck with. Yuck. Oh, and trouble.. So, what are your thoughts? How do you handle this? -- Puryear Information Technology, LLC Baton Rouge, LA * 225-706-8414 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices Identity Management, LDAP, and Linux Integration From sage-members-owner@usenix.org Tue Jan 8 19:25:45 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m093P9NL027946 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 19:25:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m093P8kp027945 for sage-members-0utGoign; Tue, 8 Jan 2008 19:25:08 -0800 (PST) Received: from smtpoutm.mac.com (smtpoutm.mac.com [17.148.16.83]) by usenix.org (8.13.6/8.13.6) with ESMTP id m093OGeD027914 for ; Tue, 8 Jan 2008 19:24:41 -0800 (PST) Received: from mac.com (asmtp005-s [10.150.69.68]) by smtpoutm.mac.com (Xserve/smtpout020/MantshX 4.0) with ESMTP id m093OAjZ021270; Tue, 8 Jan 2008 19:24:10 -0800 (PST) Received: from [192.168.1.104] (pool-138-88-173-24.res.east.verizon.net [138.88.173.24]) (authenticated bits=0) by mac.com (Xserve/asmtp005/MantshX 4.0) with ESMTP id m093O5Ah005329 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 8 Jan 2008 19:24:07 -0800 (PST) References: <4784373D.3040006@puryear-it.com> Message-Id: From: Mason Turner To: Dustin Puryear In-Reply-To: <4784373D.3040006@puryear-it.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes X-Mailer: iPhone Mail (3B48b) Mime-Version: 1.0 (iPhone Mail 3B48b) Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Content-Transfer-Encoding: 7bit Date: Tue, 8 Jan 2008 22:24:02 -0500 Cc: "sage-members@sage.org" X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=16% Sender: owner-sage-members@usenix.org Precedence: bulk I am a big fan of /etc/cron.d, mostly because it is a lot cleaner to manage entire files (versus edits) with configuration management tools. -- Mason Turner On Jan 8, 2008, at 9:53 PM, Dustin Puryear wrote: > So, we have an internal debate at Puryear IT about how to best setup > cronjobs. First, let's assume Linux here. Every UNIX flavor has some > unique trick it likes to use, but Linux is a good example of several > ways to do cronjobs. > > So, with most Linux installs, you have these options: > > 1. normal use of crontabs > 2. creating a crontab-like entry in a file in /etc/cron.d/ > 3. creating symlinks to your scripts in /etc/cron.hourly/, > /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) > 4. /etc/crontab for the root user being able to run cron jobs as any > user, unlike /etc/cron.d/ and /etc/cron.daily/. > > The question here isn't one of technical correctness (they are all > correct), but one of consistency both internally and, potentially, > with > other people messing with cronjobs on the same box. > > The debate started when I logged into a server and didn't see our jobs > in root's crontab or as symlink under /etc/cron.daily/. They were in > /etc/cron.d/. Fine. Except I never do that. I usually use a user's > crontab or /etc/cron.daily/. So, immediately, we have a internal > consistency issue, which could, conceivably, cause me to create a > duplicate cronjob. (Let's ignore documentation and change management.) > > The problem I have with /etc/cron.d/ is that most people DON'T USE IT. > Sure, system scripts that come with the distro often do, but, really, > how many sysadmins create their cronjobs there? Not many in my > experience. Yet, there is a certain cleanness to /etc/cron.d/. :) > > /etc/crontab has the unique benefit of letting centralize your > cronjobs, > but then you have a single file that everyone has to muck with. Yuck. > Oh, and trouble.. > > So, what are your thoughts? How do you handle this? > > -- > Puryear Information Technology, LLC > Baton Rouge, LA * 225-706-8414 > http://www.puryear-it.com > > Author, "Best Practices for Managing Linux and UNIX Servers" > http://www.puryear-it.com/pubs/linux-unix-best-practices > > Identity Management, LDAP, and Linux Integration From sage-members-owner@usenix.org Tue Jan 8 20:25:16 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m094P0Pc029526 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 20:25:00 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m094OxH0029525 for sage-members-0utGoign; Tue, 8 Jan 2008 20:24:59 -0800 (PST) Received: from smtp.swarpa.net (melfpelt.swarpa.net [70.84.200.162]) by usenix.org (8.13.6/8.13.6) with ESMTP id m094OKv1029514 for ; Tue, 8 Jan 2008 20:24:46 -0800 (PST) Received: by smtp.swarpa.net (Postfix, from userid 500) id 4666D124BCE; Tue, 8 Jan 2008 23:24:20 -0500 (EST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <18308.19564.673810.961524@melfpelt.swarpa.net> Date: Tue, 8 Jan 2008 23:24:12 -0500 To: Ok Pa - We Like To Whomp Ether Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ In-Reply-To: References: <4784373D.3040006@puryear-it.com> X-Mailer: VM 7.17 under 21.4 (patch 15) "Security Through Obscurity" XEmacs Lucid From: Josh Smift X-Attribution: JBS Organization: Evil Geniuses For A Better Tomorrow X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk MT == Mason Turner MT> I am a big fan of /etc/cron.d, mostly because it is a lot cleaner to MT> manage entire files (versus edits) with configuration management tools. This is the big win in my opinion; also with package management tools, e.g. a software package that needs a cron job as an essential part of its function can toss it into /etc/cron.d when it's installed. -Josh (irilyth@infersys.com) From sage-members-owner@usenix.org Tue Jan 8 20:33:59 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m094XcL5000089 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 20:33:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m094XcZ8000087 for sage-members-0utGoign; Tue, 8 Jan 2008 20:33:38 -0800 (PST) Received: from hs-out-2122.google.com (hs-out-0708.google.com [64.233.178.249]) by usenix.org (8.13.6/8.13.6) with ESMTP id m094Wkww029931 for ; Tue, 8 Jan 2008 20:33:12 -0800 (PST) Received: by hs-out-2122.google.com with SMTP id l65so94324hsc.7 for ; Tue, 08 Jan 2008 20:32:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=uxtgL1UnomHoQdXrbIM+zxyqdcJl+1nhcDvka3JdZ0k=; b=dV21e35qi2FtXETIKpKHClGemGjDfT+HJkqhClCErYht5AnjyfN4UH5hjZDp0ik9YynjGiLXgxKdbZ1U8YrKjiB2YFA5JHA6b9SfyhLezZX6pBmsl632kttvwZLU+2H7+bDxiJt6E9jYy8ZZ2z6Ly0TjEQXLxhzeJtbGbPSV9MU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=RR9UvTUu5wtmX9+35ghriJp0mtZWGXVUruX8cP/IvFyBciaU5updahR1BggVESVcD2vuT9X2kD/o8j4HObTI4S1jRGx74rH1ZLjFFy5ONtNvqsrmejMPrOq3WShpsRnJxQUEuXzd7lgr1ZS0JfIL7PY3etBiUJIq8bM9PEH3A70= Received: by 10.150.185.14 with SMTP id i14mr51126ybf.157.1199853163118; Tue, 08 Jan 2008 20:32:43 -0800 (PST) Received: by 10.150.218.6 with HTTP; Tue, 8 Jan 2008 20:32:43 -0800 (PST) Message-ID: <42338fbf0801082032j527f47fl2f270bf1873f8e5b@mail.gmail.com> Date: Tue, 8 Jan 2008 23:32:43 -0500 From: "Dustin J. Mitchell" To: "Dustin Puryear" Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Cc: sage-members@sage.org In-Reply-To: <4784373D.3040006@puryear-it.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <4784373D.3040006@puryear-it.com> X-Google-Sender-Auth: 8a7d7747e4e70db7 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=13% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 8, 2008 9:53 PM, Dustin Puryear wrote: > 1. normal use of crontabs > 2. creating a crontab-like entry in a file in /etc/cron.d/ > 3. creating symlinks to your scripts in /etc/cron.hourly/, > /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) > 4. /etc/crontab for the root user being able to run cron jobs as any > user, unlike /etc/cron.d/ and /etc/cron.daily/. I consistently prefer /etc/crontab. When I have a box that's doing something funny at 2:35am every morning, it's much easier to look in just one place. It's also easier to make sure that crontasks aren't stepping on one anothers' toes that way. The directories are really only useful for distro authors, who need a flexible way to add and remove tasks for particular applications. Dustin (the other Dustin) -- Storage Software Engineer http://www.zmanda.com From sage-members-owner@usenix.org Tue Jan 8 20:58:30 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m094w5GK001023 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 20:58:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m094w5Ei001022 for sage-members-0utGoign; Tue, 8 Jan 2008 20:58:05 -0800 (PST) Received: from mail845.megamailservers.com (mail845.carrierinternetsolutions.com [69.49.106.55]) by usenix.org (8.13.6/8.13.6) with ESMTP id m094vDFn001009 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 20:57:39 -0800 (PST) X-Authenticated-User: leonvs.covad.net Received: from krishna.occam.int (h-72-244-202-31.sttnwaho.dynamic.covad.net [72.244.202.31]) (authenticated bits=0) by mail845.megamailservers.com (8.13.6.20060614/8.13.1) with ESMTP id m093O8hX023952; Tue, 8 Jan 2008 22:24:10 -0500 Cc: Ok Pa - We Like To Whomp Ether Message-Id: <2A213AA9-84D3-4E59-BAD2-8097A1AB6C18@occam.com> From: Leon Towns-von Stauber To: Dustin Puryear In-Reply-To: <4784373D.3040006@puryear-it.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Date: Tue, 8 Jan 2008 19:24:37 -0800 References: <4784373D.3040006@puryear-it.com> X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=4% Sender: owner-sage-members@usenix.org Precedence: bulk > So, with most Linux installs, you have these options: > > 1. normal use of crontabs > 2. creating a crontab-like entry in a file in /etc/cron.d/ > 3. creating symlinks to your scripts in /etc/cron.hourly/, > /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) > 4. /etc/crontab for the root user being able to run cron jobs as any > user, unlike /etc/cron.d/ and /etc/cron.daily/. > > The question here isn't one of technical correctness (they are all > correct), but one of consistency both internally and, potentially, > with > other people messing with cronjobs on the same box. > > The debate started when I logged into a server and didn't see our jobs > in root's crontab or as symlink under /etc/cron.daily/. They were in > /etc/cron.d/. Fine. Except I never do that. I usually use a user's > crontab or /etc/cron.daily/. So, immediately, we have a internal > consistency issue, which could, conceivably, cause me to create a > duplicate cronjob. (Let's ignore documentation and change management.) I did the same thing recently, creating a duplicate job in the root crontab after a few years away from active Linux use, and forgetting about /etc/crontab and the /etc/cron.*/ directories. There are too many places to put the same thing. Personally, I prefer a per-user crontab. For one, it's the only thing a plain user can modify directly if he or she wants to manage jobs. In addition, I believe it's the only mechanism that works consistently on all modern UNIXen. However, the /etc/cron.*/ stuff is useful for packaged software. -------------------------------------------------------------------- Leon Towns-von Stauber http://www.occam.com/leonvs/ "We have not come to save you, but you will not die in vain!" From sage-members-owner@usenix.org Wed Jan 9 05:55:24 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09DtGjP024904 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 05:55:17 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09DtGFQ024903 for sage-members-0utGoign; Wed, 9 Jan 2008 05:55:16 -0800 (PST) Received: from bzz.taranis.org (bzz.taranis.org [38.112.190.19]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09Dsrbn024884 for ; Wed, 9 Jan 2008 05:54:58 -0800 (PST) Received: by bzz.taranis.org (Postfix, from userid 100) id A2F02555C; Wed, 9 Jan 2008 08:46:32 -0500 (EST) Date: Wed, 9 Jan 2008 08:46:32 -0500 From: Christophe Kalt To: sage-members@sage.org Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Message-ID: <20080109134632.GA603@bzz.taranis.org> Mail-Followup-To: sage-members@sage.org References: <4784373D.3040006@puryear-it.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4784373D.3040006@puryear-it.com> User-Agent: Mutt/1.4.2.1i X-Spring: flower X-Message-Flag: Outlook is a highly efficient virus delivery agent. X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 08, Dustin Puryear wrote: | So, what are your thoughts? How do you handle this? Others have already pointed out the advantage of using a directory over a single file. i've taken things a step further with a tool that is cross-platform and gives me various generic features that most cron jobs need. Most of our users have adopted it which i take as a sign that it's good/useful. Then, there's always the likes of autosys.. Anyhow, see http://web.taranis.org/shush/ From sage-members-owner@usenix.org Wed Jan 9 08:36:51 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09GaTuS000015 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 08:36:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09GaT0e000014 for sage-members-0utGoign; Wed, 9 Jan 2008 08:36:29 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09GZvxT029980 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 08:35:57 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09GZvQx029979 for sage-members@usenix.org; Wed, 9 Jan 2008 08:35:57 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.176]) by usenix.org (8.13.6/8.13.6) with ESMTP id m093itlT028620 for ; Tue, 8 Jan 2008 19:45:21 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so130406pyb.10 for ; Tue, 08 Jan 2008 19:44:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=+hcHm3zsV77KDS9wn9WuftciSUL598bOa02zZGxkpJs=; b=R0vvXgBKD+qQK9PUon5LkeIrnCnpVsBZPfJG+Qp4MGU082HDHYogv7fml8F3JPYBsdYtvlrudDTdhjmp4XEzV59XCWohhjECpaSwG3Ypzj7xWvUsulxI7OEde6ywzNJEUOijz4cqOeAElE4HzM3lM5ZqO9icj6xiquUGpwWadOg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=SMGTBKxs1yOgoLLCu72dg56vc761Rr6sG4SbVtT8Anr6L7Xl2PH5FBxsicI/4fOhJA9zSm7wutBvpSlasv6iq7/iQ8jb3doGfiPpe28T87OMfl9YJvoZ1LrzN4ImcRILCvw3Px2D/wHFXgpBaAX3FfyCuCdb7HBaUfBeOZRU0wg= Received: by 10.65.81.10 with SMTP id i10mr441949qbl.75.1199850294471; Tue, 08 Jan 2008 19:44:54 -0800 (PST) Received: by 10.65.96.18 with HTTP; Tue, 8 Jan 2008 19:44:54 -0800 (PST) Message-ID: Date: Tue, 8 Jan 2008 19:44:54 -0800 From: "Gary Richardson" To: "sage-members@sage.org" Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_2292_21967038.1199850294461" References: <4784373D.3040006@puryear-it.com> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_2292_21967038.1199850294461 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I second /etc/cron.d -- it's explicit and easy to manage. I like to have a cron.d file for each application that users crontabs so it's easier to keep track. On Jan 8, 2008 7:24 PM, Mason Turner wrote: > I am a big fan of /etc/cron.d, mostly because it is a lot cleaner to > manage entire files (versus edits) with configuration management tools. > > -- Mason Turner > > On Jan 8, 2008, at 9:53 PM, Dustin Puryear > wrote: > > > So, we have an internal debate at Puryear IT about how to best setup > > cronjobs. First, let's assume Linux here. Every UNIX flavor has some > > unique trick it likes to use, but Linux is a good example of several > > ways to do cronjobs. > > > > So, with most Linux installs, you have these options: > > > > 1. normal use of crontabs > > 2. creating a crontab-like entry in a file in /etc/cron.d/ > > 3. creating symlinks to your scripts in /etc/cron.hourly/, > > /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) > > 4. /etc/crontab for the root user being able to run cron jobs as any > > user, unlike /etc/cron.d/ and /etc/cron.daily/. > > > > The question here isn't one of technical correctness (they are all > > correct), but one of consistency both internally and, potentially, > > with > > other people messing with cronjobs on the same box. > > > > The debate started when I logged into a server and didn't see our jobs > > in root's crontab or as symlink under /etc/cron.daily/. They were in > > /etc/cron.d/. Fine. Except I never do that. I usually use a user's > > crontab or /etc/cron.daily/. So, immediately, we have a internal > > consistency issue, which could, conceivably, cause me to create a > > duplicate cronjob. (Let's ignore documentation and change management.) > > > > The problem I have with /etc/cron.d/ is that most people DON'T USE IT. > > Sure, system scripts that come with the distro often do, but, really, > > how many sysadmins create their cronjobs there? Not many in my > > experience. Yet, there is a certain cleanness to /etc/cron.d/. :) > > > > /etc/crontab has the unique benefit of letting centralize your > > cronjobs, > > but then you have a single file that everyone has to muck with. Yuck. > > Oh, and trouble.. > > > > So, what are your thoughts? How do you handle this? > > > > -- > > Puryear Information Technology, LLC > > Baton Rouge, LA * 225-706-8414 > > http://www.puryear-it.com > > > > Author, "Best Practices for Managing Linux and UNIX Servers" > > http://www.puryear-it.com/pubs/linux-unix-best-practices > > > > Identity Management, LDAP, and Linux Integration > ------=_Part_2292_21967038.1199850294461 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I second /etc/cron.d -- it's explicit and easy to manage. I like to have a cron.d file for each application that users crontabs so it's easier to keep track.

On Jan 8, 2008 7:24 PM, Mason Turner < mason@mac.com> wrote:
I am a big fan of /etc/cron.d, mostly because it is a lot cleaner to
manage entire files (versus edits) with configuration management tools.

-- Mason Turner

On Jan 8, 2008, at 9:53 PM, Dustin Puryear <dustin@puryear-it.com>
wrote:

> So, we have an internal debate at Puryear IT about how to best setup
> cronjobs. First, let's assume Linux here. Every UNIX flavor has some
> unique trick it likes to use, but Linux is a good example of several
> ways to do cronjobs.
>
> So, with most Linux installs, you have these options:
>
> 1. normal use of crontabs
> 2. creating a crontab-like entry in a file in /etc/cron.d/
> 3. creating symlinks to your scripts in /etc/cron.hourly/,
> /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.)
> 4. /etc/crontab for the root user being able to run cron jobs as any
> user, unlike /etc/cron.d/ and /etc/cron.daily/.
>
> The question here isn't one of technical correctness (they are all
> correct), but one of consistency both internally and, potentially,
> with
> other people messing with cronjobs on the same box.
>
> The debate started when I logged into a server and didn't see our jobs
> in root's crontab or as symlink under /etc/cron.daily/. They were in
> /etc/cron.d/. Fine. Except I never do that. I usually use a user's
> crontab or /etc/cron.daily/. So, immediately, we have a internal
> consistency issue, which could, conceivably, cause me to create a
> duplicate cronjob. (Let's ignore documentation and change management.)
>
> The problem I have with /etc/cron.d/ is that most people DON'T USE IT.
> Sure, system scripts that come with the distro often do, but, really,
> how many sysadmins create their cronjobs there? Not many in my
> experience. Yet, there is a certain cleanness to /etc/cron.d/. :)
>
> /etc/crontab has the unique benefit of letting centralize your
> cronjobs,
> but then you have a single file that everyone has to muck with. Yuck.
> Oh, and trouble..
>
> So, what are your thoughts? How do you handle this?
>
> --
> Puryear Information Technology, LLC
> Baton Rouge, LA * 225-706-8414
> http://www.puryear-it.com
>
> Author, "Best Practices for Managing Linux and UNIX Servers"
>  http://www.puryear-it.com/pubs/linux-unix-best-practices
>
> Identity Management, LDAP, and Linux Integration

------=_Part_2292_21967038.1199850294461-- From sage-members-owner@usenix.org Wed Jan 9 08:37:13 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09GauSf000057 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 08:36:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09GautA000056 for sage-members-0utGoign; Wed, 9 Jan 2008 08:36:56 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09GahXC000028 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 08:36:43 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09GahsU000026 for sage-members@usenix.org; Wed, 9 Jan 2008 08:36:43 -0800 (PST) Received: from bunrab.catwhisker.org (adsl-63-193-123-122.dsl.snfc21.pacbell.net [63.193.123.122]) by usenix.org (8.13.6/8.13.6) with ESMTP id m094Dv9f029201 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 8 Jan 2008 20:14:03 -0800 (PST) Received: from bunrab.catwhisker.org (localhost [127.0.0.1]) by bunrab.catwhisker.org (8.13.3/8.13.3) with ESMTP id m093diJp013878; Tue, 8 Jan 2008 19:39:44 -0800 (PST) (envelope-from david@bunrab.catwhisker.org) Received: (from david@localhost) by bunrab.catwhisker.org (8.13.3/8.13.1/Submit) id m093di7t013877; Tue, 8 Jan 2008 19:39:44 -0800 (PST) (envelope-from david) Date: Tue, 8 Jan 2008 19:39:44 -0800 From: David Wolfskill To: Dustin Puryear Cc: sage-members@sage.org Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Message-ID: <20080109033944.GP18635@bunrab.catwhisker.org> References: <4784373D.3040006@puryear-it.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ABASXTTJEiBwKrZs" Content-Disposition: inline In-Reply-To: <4784373D.3040006@puryear-it.com> User-Agent: Mutt/1.4.2.1i X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk --ABASXTTJEiBwKrZs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 08, 2008 at 08:53:49PM -0600, Dustin Puryear wrote: > So, we have an internal debate at Puryear IT about how to best setup > cronjobs. First, let's assume Linux here. Every UNIX flavor has some > unique trick it likes to use, but Linux is a good example of several > ways to do cronjobs. >...=20 > The problem I have with /etc/cron.d/ is that most people DON'T USE IT. > Sure, system scripts that come with the distro often do, but, really, > how many sysadmins create their cronjobs there? Not many in my > experience. Yet, there is a certain cleanness to /etc/cron.d/. :) >=20 > /etc/crontab has the unique benefit of letting centralize your cronjobs, > but then you have a single file that everyone has to muck with. Yuck. > Oh, and trouble.. >=20 > So, what are your thoughts? How do you handle this? While crontabs are handy and convenient, for anything involving system administration, I have a very strong bias in favor of techniques that are amenable to tracking changes via easily-accessed methods -- for example, by using RCS or CVS. (Caveat: I do the vast bulk of my work in FreeBSD environments, where each of RCS and CVS is part of the base system, so there is very little effort in ensuring that they are available.) Mind, there's the issue of persuading folks to actually *use* the mechanism, and to provide useful commit messages.... And although I have no personal experience with it (yet), I understand that (e.g.) cfengine can make rather constructive use of files stored in a repository (such as one maintained via CVS). Peace, david --=20 David H. Wolfskill david@catwhisker.org I submit that "conspiracy" would be an appropriate collective noun for cats. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --ABASXTTJEiBwKrZs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iEYEARECAAYFAkeEQf8ACgkQmprOCmdXAD2YEQCdHjWysk5XPmMghZud036CGRcO e4QAnj0OgwDd7c491jyNZnq7ITzGRUqI =z4Si -----END PGP SIGNATURE----- --ABASXTTJEiBwKrZs-- From sage-members-owner@usenix.org Wed Jan 9 08:37:45 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09GbiXO000155 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 08:37:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09GbiXD000153 for sage-members-0utGoign; Wed, 9 Jan 2008 08:37:44 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09GbhcV000148 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 08:37:43 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09GbhIT000145 for sage-members@usenix.org; Wed, 9 Jan 2008 08:37:43 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.177]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09DlMlH024692 for ; Wed, 9 Jan 2008 05:47:47 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so382973pyb.10 for ; Wed, 09 Jan 2008 05:47:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=JM8GuUzXfUdDbPRIorzSCEol4vZUXQkoLPKfEcsX2cs=; b=DWPsRkB65aTBoB8dQyP6C0cC+65nDN23Ouyi0bapd4ruq+quJcTfSZG7IswY+oUhtc2y0WzcEUUPn6FVzrrk27MEtiwrm6I6+dc1QKwMWlGJyEYYJhXpw2fooIQOympKo6DJUL6FK1jVz072w+mZYsRQGNztQUAOFbADF8TTRy4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=rmIx8lY3vc7GpRL2uDPAWX1Fi2mp2NiGJ9Gyi1owgwviLR0qwSMoZtDnq5/VU/JLgbsSfZA9B5kJPwQznlSE6jRkXmLjdwI0QOWsoaPp7VunxiO5ldEOIHSFL6H7pASoKLE0YKqeSaHwB8zm5Dx04E2vl+uTgYIw/0l7/uEnrzc= Received: by 10.65.219.20 with SMTP id w20mr1621230qbq.5.1199886441860; Wed, 09 Jan 2008 05:47:21 -0800 (PST) Received: by 10.65.96.18 with HTTP; Wed, 9 Jan 2008 05:47:21 -0800 (PST) Message-ID: Date: Wed, 9 Jan 2008 05:47:21 -0800 From: "Gary Richardson" To: sage-members@sage.org Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ In-Reply-To: <2A213AA9-84D3-4E59-BAD2-8097A1AB6C18@occam.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_3385_29705622.1199886441855" References: <4784373D.3040006@puryear-it.com> <2A213AA9-84D3-4E59-BAD2-8097A1AB6C18@occam.com> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_3385_29705622.1199886441855 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline > > > Personally, I prefer a per-user crontab. For one, it's the only thing a > plain user can modify directly if he or she wants to manage jobs. In > addition, I believe it's the only mechanism that works consistently on > all modern UNIXen. However, the /etc/cron.*/ stuff is useful for > packaged software. > I think the per user crontabs should be avoided. It's much less clear and obvious than the crons in /etc. I find it's easier to version control them, as people need to have root/sudo access to update them. I'm sure we've all had instances where critical crontabs stop running after an account is disabled when an employee leaves. ------=_Part_3385_29705622.1199886441855 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline

Personally, I prefer a per-user crontab. For one, it's the only thing a
plain user can modify directly if he or she wants to manage jobs. In
addition, I believe it's the only mechanism that works consistently on
all modern UNIXen. However, the /etc/cron.*/ stuff is useful for
packaged software.

I think the per user crontabs should be avoided. It's much less clear and obvious than the crons in /etc. I find it's easier to version control them, as people need to have root/sudo access to update them. I'm sure we've all had instances where critical crontabs stop running after an account is disabled when an employee leaves.
------=_Part_3385_29705622.1199886441855-- From sage-members-owner@usenix.org Wed Jan 9 09:27:49 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09HRiak002246 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 09:27:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09HRiWV002245 for sage-members-0utGoign; Wed, 9 Jan 2008 09:27:44 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09HQi9e002210 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 09:27:10 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m09HQZnA010347; Wed, 9 Jan 2008 09:26:35 -0800 Message-ID: <478503CB.4010206@chycoski.com> Date: Wed, 09 Jan 2008 09:26:35 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Gary Richardson CC: "sage-members@sage.org" Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ References: <4784373D.3040006@puryear-it.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk I believe that the location of cron entries should be dependent on the entity that is managing those cron entries. I prefer to see system-related cron entries in /etc/cron.d or /etc/cron.[daily|hourly|...] - for example, things that are managed by a packaging facility like yum that are installed by the sysadmins. I prefer to see user or custom application cron entries in user crontabs, managed by the user or applications team, but there are also packages that reduce or eliminate the need for user crontabs for applications - and also provide more functionality like monitoring, dependency control, and coordination with applications deployment (e.g., Orsyp's Dollar Universe, Autosys,...). These packages can give centralised control and visibility of scheduled/batch processes while still allowing non-root users to control their jobs. - Richard Gary Richardson wrote: > I second /etc/cron.d -- it's explicit and easy to manage. I like to > have a cron.d file for each application that users crontabs so it's > easier to keep track. > > On Jan 8, 2008 7:24 PM, Mason Turner < mason@mac.com > > wrote: > > I am a big fan of /etc/cron.d, mostly because it is a lot cleaner to > manage entire files (versus edits) with configuration management > tools. > > -- Mason Turner > > On Jan 8, 2008, at 9:53 PM, Dustin Puryear > > wrote: > > > So, we have an internal debate at Puryear IT about how to best setup > > cronjobs. First, let's assume Linux here. Every UNIX flavor has some > > unique trick it likes to use, but Linux is a good example of > several > > ways to do cronjobs. > > > > So, with most Linux installs, you have these options: > > > > 1. normal use of crontabs > > 2. creating a crontab-like entry in a file in /etc/cron.d/ > > 3. creating symlinks to your scripts in /etc/cron.hourly/, > > /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) > > 4. /etc/crontab for the root user being able to run cron jobs as any > > user, unlike /etc/cron.d/ and /etc/cron.daily/. > > > > The question here isn't one of technical correctness (they are all > > correct), but one of consistency both internally and, potentially, > > with > > other people messing with cronjobs on the same box. > > > > The debate started when I logged into a server and didn't see > our jobs > > in root's crontab or as symlink under /etc/cron.daily/. They were in > > /etc/cron.d/. Fine. Except I never do that. I usually use a user's > > crontab or /etc/cron.daily/. So, immediately, we have a internal > > consistency issue, which could, conceivably, cause me to create a > > duplicate cronjob. (Let's ignore documentation and change > management.) > > > > The problem I have with /etc/cron.d/ is that most people DON'T > USE IT. > > Sure, system scripts that come with the distro often do, but, > really, > > how many sysadmins create their cronjobs there? Not many in my > > experience. Yet, there is a certain cleanness to /etc/cron.d/. :) > > > > /etc/crontab has the unique benefit of letting centralize your > > cronjobs, > > but then you have a single file that everyone has to muck with. > Yuck. > > Oh, and trouble.. > > > > So, what are your thoughts? How do you handle this? > > > > -- > > Puryear Information Technology, LLC > > Baton Rouge, LA * 225-706-8414 > > http://www.puryear-it.com > > > > Author, "Best Practices for Managing Linux and UNIX Servers" > > http://www.puryear-it.com/pubs/linux-unix-best-practices > > > > > Identity Management, LDAP, and Linux Integration > > From sage-members-owner@usenix.org Wed Jan 9 09:53:10 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09HqYTI003545 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 09:52:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09HqYgu003544 for sage-members-0utGoign; Wed, 9 Jan 2008 09:52:34 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.187]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09HpUX9003501 for ; Wed, 9 Jan 2008 09:51:56 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so344779rvb.59 for ; Wed, 09 Jan 2008 09:51:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=9XXo0nwxU4t5NKuCsdOCTKv1/EJ8NfEdC2XQ7JU6ccs=; b=tjV+DeX9NkLPTvAac1TBZT2qo6y8ruoTilNNmWlC+AVQ6HzY8UMZmQtviE9+tQjgRPdHaF+/jUSCsrSrr1B+rYXd6WE2euJckuPTR+sYKMSAjGPaLhnGLjgoo7QfM+9aU7nNvJMhB752bg5iR6BLBXkf7Di3lHv1OMnrU1sOUgM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=jrrrfLA8E1/6OgjYpmQUuiftsKcgBFmHh1WCgJhEAF2WZwLW5Z5/1bNGto5d4qGMtrQtm0xli+EFZ5z4yrCV/ari6+375+Dy5VL36KEZF9hasV5E+czOTSA/WqaEEWUKcTqmdSQ+NBvRfIWMzd9X8ScSt0beLZXQxy2Dx+tB1c8= Received: by 10.141.51.15 with SMTP id d15mr596955rvk.21.1199901084165; Wed, 09 Jan 2008 09:51:24 -0800 (PST) Received: by 10.141.21.10 with HTTP; Wed, 9 Jan 2008 09:51:24 -0800 (PST) Message-ID: <701ea59b0801090951o73a77f6ag1c77671e44dd4954@mail.gmail.com> Date: Wed, 9 Jan 2008 11:51:24 -0600 From: "Jeremiah Johnson" To: "Dustin Puryear" Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Cc: sage-members@sage.org In-Reply-To: <4784373D.3040006@puryear-it.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <4784373D.3040006@puryear-it.com> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk My opinion is that they are all correct, but if you have a team of Sys Admins, you should agree upon a Standard, and make sure its followed. -miah On Jan 8, 2008 8:53 PM, Dustin Puryear wrote: > So, we have an internal debate at Puryear IT about how to best setup > cronjobs. First, let's assume Linux here. Every UNIX flavor has some > unique trick it likes to use, but Linux is a good example of several > ways to do cronjobs. > > So, with most Linux installs, you have these options: > > 1. normal use of crontabs > 2. creating a crontab-like entry in a file in /etc/cron.d/ > 3. creating symlinks to your scripts in /etc/cron.hourly/, > /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) > 4. /etc/crontab for the root user being able to run cron jobs as any > user, unlike /etc/cron.d/ and /etc/cron.daily/. > > The question here isn't one of technical correctness (they are all > correct), but one of consistency both internally and, potentially, with > other people messing with cronjobs on the same box. > > The debate started when I logged into a server and didn't see our jobs > in root's crontab or as symlink under /etc/cron.daily/. They were in > /etc/cron.d/. Fine. Except I never do that. I usually use a user's > crontab or /etc/cron.daily/. So, immediately, we have a internal > consistency issue, which could, conceivably, cause me to create a > duplicate cronjob. (Let's ignore documentation and change management.) > > The problem I have with /etc/cron.d/ is that most people DON'T USE IT. > Sure, system scripts that come with the distro often do, but, really, > how many sysadmins create their cronjobs there? Not many in my > experience. Yet, there is a certain cleanness to /etc/cron.d/. :) > > /etc/crontab has the unique benefit of letting centralize your cronjobs, > but then you have a single file that everyone has to muck with. Yuck. > Oh, and trouble.. > > So, what are your thoughts? How do you handle this? > > -- > Puryear Information Technology, LLC > Baton Rouge, LA * 225-706-8414 > http://www.puryear-it.com > > Author, "Best Practices for Managing Linux and UNIX Servers" > http://www.puryear-it.com/pubs/linux-unix-best-practices > > Identity Management, LDAP, and Linux Integration > From sage-members-owner@usenix.org Wed Jan 9 10:09:19 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09I9JEB004475 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 10:09:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09I9IdP004474 for sage-members-0utGoign; Wed, 9 Jan 2008 10:09:18 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09I9HKd004467 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 10:09:17 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09I9HqI004466 for sage-members@usenix.org; Wed, 9 Jan 2008 10:09:17 -0800 (PST) Received: from pacificlife.com (mail2.pacificlife.com [198.181.8.24]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09H3flc001552 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 9 Jan 2008 09:04:06 -0800 (PST) Received: from ([172.20.3.96]) by ironmail2.pacificlife.com with ESMTP id 5502304.19762979; Wed, 09 Jan 2008 08:56:29 -0800 Received: from 10.250.3.223 by PLEMF01.plservices.net with ESMTP ( Unauthorized Relaying Is Prohibited (Email Firewall v6.2.2)); Wed, 09 Jan 2008 09:02:43 -0800 X-Server-Uuid: 68A214DD-08F9-4134-8C3F-EFFF24A4D94B Received: from resmail12.resources.pacificlife.net ([10.250.2.219]) by rescon04.resources.pacificlife.net with Microsoft SMTPSVC(6.0.3790.3959); Wed, 9 Jan 2008 09:02:43 -0800 Content-class: urn:content-classes:message MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5 Subject: RE: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Date: Wed, 9 Jan 2008 09:02:43 -0800 Message-ID: <54E632B9DB493249901E99C17791058302514515@resmail12.resources.pacificlife.net> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Thread-Index: AchS3nMo99TrLwKrSIiekUM7dQqNmAAAkNKg From: "Orwig, Paul" To: "Gary Richardson" , sage-members@sage.org X-OriginalArrivalTime: 09 Jan 2008 17:02:43.0621 (UTC) FILETIME=[73563D50:01C852E1] X-TMWD-Spam-Summary: TS=20080109170245; SEV=2.0.2; DFV=A2008010708; IFV=2.0.4,4.0-8; RPD=4.00.0004; ENG=IBF; RPDID=NA; CAT=NONE; CON=NONE X-MMS-Spam-Filter-ID: A2008010708_4.00.0004_4.0-8 X-WSS-ID: 6B9A21BB36O889335-02-01 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C852E1.730E9F47" X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=46% Sender: owner-sage-members@usenix.org Precedence: bulk This is a multi-part message in MIME format. ------_=_NextPart_001_01C852E1.730E9F47 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Am I the only one seeing and hearing Red Alert sirens=3F =20 =46rom a security standpoint, the per-use crontabs can be controlled and managed. Giving users sudo access to directories intended for system-utility cronjobs is DANGEROUS! ________________________________ =46rom: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Gary Richardson Sent: Wednesday, January 09, 2008 5:47 AM To: sage-members@sage.org Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Personally, I prefer a per-user crontab. For one, it's the only thing a=20 plain user can modify directly if he or she wants to manage jobs. In addition, I believe it's the only mechanism that works consistently on all modern UNIXen. However, the /etc/cron.*/ stuff is useful for packaged software. =09 I think the per user crontabs should be avoided. It's much less clear and obvious than the crons in /etc. I find it's easier to version control them, as people need to have root/sudo access to update them. I'm sure we've all had instances where critical crontabs stop running after an account is disabled when an employee leaves.=20 ---------------------------------------------------------------------------= --- The information in this e-mail and any attachments are for the sole use of = the intended recipient and may contain privileged and confidential = information. If you are not the intended recipient, any use, disclosure, = copying or distribution of this message or attachment is strictly = prohibited. If you believe that you have received this e-mail in error, = please contact the sender immediately and delete the e-mail and all of its = attachments. =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D ------_=_NextPart_001_01C852E1.730E9F47 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: quoted-printable
Am I the only one seeing and hearing Red Alert=20 sirens=3F
 
From a security standpoint, the per-use crontabs = can be=20 controlled and managed.
Giving users sudo access to directories intended = =66or=20 system-utility cronjobs is DANGEROUS!

From: owner-sage-members@usenix.org=20 [mailto:owner-sage-members@usenix.org] On Behalf Of Gary=20 Richardson
Sent: Wednesday, January 09, 2008 5:47 AM
To:= =20 sage-members@sage.org
Subject: Re: [SAGE] crontabs vs=20 /etc/cron.[daily,hourly,*] vs. /etc/cron.d/


Personally,=20 I prefer a per-user crontab. For one, it's the only thing a
plain use= r= can=20 modify directly if he or she wants to manage jobs. In
addition, I = believe=20 it's the only mechanism that works consistently on
all modern UNIXen.= =20 However, the /etc/cron.*/ stuff is useful for
packaged=20 software.

I think the per user crontabs should be avoided. It's much less = clear=20 and obvious than the crons in /etc. I find it's easier to version control = them,=20 as people need to have root/sudo access to update them. I'm sure we've all = had=20 instances where critical crontabs stop running after an account is disabled= = when=20 an employee leaves. 

----------------------------------------------------------------------=
--------
The information in this e-mail and any attachments are for the sole use of =
the intended recipient and may contain privileged and confidential =
information.  If you are not the intended recipient, any use, disclosure, =
copying or distribution of this message or attachment is strictly =
prohibited.  If you believe that you have received this e-mail in error, =
please contact the sender immediately and delete the e-mail and all of its =
attachments.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D

------_=_NextPart_001_01C852E1.730E9F47-- From sage-members-owner@usenix.org Wed Jan 9 10:10:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09IAAWW004584 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 10:10:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09IAAAv004582 for sage-members-0utGoign; Wed, 9 Jan 2008 10:10:10 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09I9cdY004515 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 10:09:39 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09I9cZF004513 for sage-members@usenix.org; Wed, 9 Jan 2008 10:09:38 -0800 (PST) Received: from ocsapp.campuseai.org (ocsapp.campuseai.org [66.94.79.164]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09HtbJm003851 for ; Wed, 9 Jan 2008 09:56:02 -0800 (PST) Received: from suog-ocs.campuseai.org by ocsapp.campuseai.org with ESMTP id 74924501199898938; Wed, 09 Jan 2008 12:15:38 -0500 Received: from 199.29.196.18 by ocs.sunyorange.edu with ESMTP id 4159303191199894434; Wed, 09 Jan 2008 11:00:34 -0500 From: "Art Ramos" To: "Dustin Puryear" , "sage-members@sage.org" Subject: RE: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Date: Wed, 9 Jan 2008 11:00:19 -0500 Thread-Index: AchS2Lrfxhkp4MR4TRiGtcV8BryeRA== Message-ID: <20080109110019062.00000002176@U-BT0112-PARAMO> In-Reply-To: <4784373D.3040006@puryear-it.com> References: <4784373D.3040006@puryear-it.com> X-Mailer: Oracle Connector for Outlook 10.1.3.0.7 90706 (11.0.8118) X-Accept-Language: en-us, en MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=-------46384c9e46384c9e X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=95% Sender: owner-sage-members@usenix.org Precedence: bulk This is a multi-part message in MIME format ---------46384c9e46384c9e Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Please don't take this the wrong way, but does your organization have a set= of written Policies & Procedures? They should be codified so that all memb= ers of your staff know how you organize and maintain your servers. I know t= hat this is a big Duh, but this would include the use of cron. That way eve= rybody would know where things are and can maintain them properly. As you s= aid, one way is never used by the majority of your staff. One person deviat= ed from what the rest of the staff did. If this person could not do it any = other way, then it should have been documented and put into an Operations m= anual (along with all the other cron jobs). For instance, we here use root'= s crontab almost exclusively. However, 1 process needed to be run from the = software manufacturer's login's crontab. This was documented and put into t= he Operations manual so that Operations, and any of the Development staff, = will know what job was sending them E-Mail (E-Mails were sent to specific p= eople from this job letting them know the results of the job's execution) a= nd why. = Just a thought. = Art = = = Orange County = Arthur Ramos Jr. Community College Senior Systems Analyst = = = 115 South Street, BT-112 Middletown, NY 10940 Voice: (845)341-4747 Fax: (845)342-6390 E-Mail: art.ramos@sunyorange.edu = If you take the road less traveled, just make sure it isn't on the critical= path. (Elisabeth Hendrickson) = I do not fear computers. I fear the lack of them. (Isaac Asimov) = Walking on water and developing software from a specification are easy if b= oth are frozen. (Edward V Berard) = If you cannot grok the overall structure of a program while taking a shower= , you are not ready to code it. (Richard Pattis) = -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] = On Behalf Of Dustin Puryear Sent: Tuesday, January 08, 2008 9:54 PM To: sage-members@sage.org Subject: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ = So, we have an internal debate at Puryear IT about how to best setup cronjobs. First, let's assume Linux here. Every UNIX flavor has some unique trick it likes to use, but Linux is a good example of several ways to do cronjobs. = So, with most Linux installs, you have these options: = 1. normal use of crontabs 2. creating a crontab-like entry in a file in /etc/cron.d/ 3. creating symlinks to your scripts in /etc/cron.hourly/, /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) 4. /etc/crontab for the root user being able to run cron jobs as any user, unlike /etc/cron.d/ and /etc/cron.daily/. = The question here isn't one of technical correctness (they are all correct), but one of consistency both internally and, potentially, with other people messing with cronjobs on the same box. = The debate started when I logged into a server and didn't see our jobs in root's crontab or as symlink under /etc/cron.daily/. They were in /etc/cron.d/. Fine. Except I never do that. I usually use a user's crontab or /etc/cron.daily/. So, immediately, we have a internal consistency issue, which could, conceivably, cause me to create a duplicate cronjob. (Let's ignore documentation and change management.) = The problem I have with /etc/cron.d/ is that most people DON'T USE IT. Sure, system scripts that come with the distro often do, but, really, how many sysadmins create their cronjobs there? Not many in my experience. Yet, there is a certain cleanness to /etc/cron.d/. :) = /etc/crontab has the unique benefit of letting centralize your cronjobs, but then you have a single file that everyone has to muck with. Yuck. Oh, and trouble.. = So, what are your thoughts? How do you handle this? = -- Puryear Information Technology, LLC Baton Rouge, LA * 225-706-8414 http://www.puryear-it.com = Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices = Identity Management, LDAP, and Linux Integration = = ---------46384c9e46384c9e Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: quoted-printable

Please don’t take this the wrong way, but does your organizat= ion have a set of written Policies & Procedures? They should be codified so= that all members of your staff know how you organize and maintain your serv= ers. I know that this is a big Duh, but this would include the use of cron. That= way everybody would know where things are and can maintain them properly. As yo= u said, one way is never used by the majority of your staff. One person devia= ted from what the rest of the staff did. If this person could not do it any oth= er way, then it should have been documented and put into an Operations manual (along with all the other cron jobs). For instance, we here use root’= s crontab almost exclusively. However, 1 process needed to be run from the software manufacturer’s login’s crontab. This was documented an= d put into the Operations manual so that Operations, and any of the Developme= nt staff, will know what job was sending them E-Mail (E-Mails were sent to specific people from this job letting them know the results of the job̵= 7;s execution) and why.

 

Just a thought.

 

Art

 

 

 

Orange County=

= = Arthur Ramos Jr.

Community Coll= ege

<= font size=3D1 face=3DArial>Senior Systems Analyst

 

 

115 South Street= , BT-112
= Middletown, = NY  10940<= /b>

Voice: (845)341-4747   Fax: (845)342-6390

    = ;            &n= bsp;          E-Mail: art.ramos@sunyorange.edu

 

If you take the road less traveled, just make sure it is= n't on the critical path. (Elisabeth Hendrickson)

 

I do not fear computers. I fear the lack of them= . (Isaac Asimov)

 

Walking on water and developing software from a specification are easy if both are frozen. (Edward V Berard)

 

If you cannot grok the overall structure of a program wh= ile taking a shower, you are not ready to code it. (Richard Pattis)

 

-----Original Message-----
From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] = On Behalf Of Dustin Puryear
Sent: Tuesday, January 08, 2008 9:54 PM
To: sage-members@sage.org
Subject: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/

 

So, we have an internal debate at Puryear IT about how to best setu= p

cronjobs. First, let's assume Linux here. Every UNIX flavor has som= e

unique trick it likes to use, but Linux is a good example of severa= l

ways to do cronjobs.

 

So, with most Linux installs, you have these options:

 

1. normal use of crontabs

2. creating a crontab-like entry in a file in /etc/cron.d/

3. creating symlinks to your scripts in /etc/cron.hourly/,

/etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.)=

4. /etc/crontab for the root user being able to run cron jobs as an= y

user, unlike /etc/cron.d/ and /etc/cron.daily/.

 

The question here isn't one of technical correctness (they are all<= o:p>

correct), but one of consistency both internally and, potentially, = with

other people messing with cronjobs on the same box.

 

The debate started when I logged into a server and didn't see our j= obs

in root's crontab or as symlink under /etc/cron.daily/. They were i= n

/etc/cron.d/. Fine. Except I never do that. I usually use a user's<= o:p>

crontab or /etc/cron.daily/. So, immediately, we have a internal

consistency issue, which could, conceivably, cause me to create a

duplicate cronjob. (Let's ignore documentation and change managemen= t.)

 

The problem I have with /etc/cron.d/ is that most people DON'T USE = IT.

Sure, system scripts that come with the distro often do, but, reall= y,

how many sysadmins create their cronjobs there? Not many in my=

experience. Yet, there is a certain cleanness to /etc/cron.d/. :)

 

/etc/crontab has the unique benefit of letting centralize your cronjobs,

but then you have a single file that everyone has to muck with. Yuc= k.

Oh, and trouble..

 

So, what are your thoughts? How do you handle this?

 

--

Puryear Information Technology, LLC

Baton Rouge<= /font>, LA * 225-706-8414

http://www.puryear-it.com

 

Author, "Best Practices for Managing Linux and UNIX Servers&qu= ot;

  http://www.puryear-it.com/pubs/linux-unix-best-practices

 

Identity Management, LDAP, and Linux Integration<= /font>

 

 

---------46384c9e46384c9e-- From sage-members-owner@usenix.org Wed Jan 9 11:11:15 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09JBEJW007228 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 11:11:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09JBEbW007227 for sage-members-0utGoign; Wed, 9 Jan 2008 11:11:14 -0800 (PST) Received: from mx1.metro-region.org (mx1.metro-region.org [67.138.101.229]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09JAWub007192 for ; Wed, 9 Jan 2008 11:10:58 -0800 (PST) X-IronPort-AV: E=Sophos;i="4.24,263,1196668800"; d="scan'208";a="39748229" Received: from unknown (HELO THORIN.metro-region.org) ([192.168.10.205]) by ironport1.metro-region.org with ESMTP; 09 Jan 2008 11:10:32 -0800 Received: from [192.168.70.36] (ironside.metro-region.org [192.168.70.36]) by THORIN.metro-region.org with ESMTP; Wed, 09 Jan 2008 11:10:15 -0800 Message-ID: <47851C16.8000709@metro.dst.or.us> Date: Wed, 09 Jan 2008 11:10:14 -0800 From: John Miller User-Agent: Thunderbird 2.0.0.9 (X11/20071031) MIME-Version: 1.0 To: "Dustin J. Mitchell" CC: Dustin Puryear , sage-members@sage.org Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ References: <4784373D.3040006@puryear-it.com> <42338fbf0801082032j527f47fl2f270bf1873f8e5b@mail.gmail.com> In-Reply-To: <42338fbf0801082032j527f47fl2f270bf1873f8e5b@mail.gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk On a more specific aspect of this (without regard to best practice), does anyone know of a tool that converts crontabs into Gantt charts? I've always wanted to visualize how the crontab jobs (on a set of machines) line up in time. Each entry would need to be supplemented with an estimate of the duration of the job (3 minutes vs 3 hours). JM Dustin J. Mitchell wrote: > On Jan 8, 2008 9:53 PM, Dustin Puryear wrote: >> 1. normal use of crontabs >> 2. creating a crontab-like entry in a file in /etc/cron.d/ >> 3. creating symlinks to your scripts in /etc/cron.hourly/, >> /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) >> 4. /etc/crontab for the root user being able to run cron jobs as any >> user, unlike /etc/cron.d/ and /etc/cron.daily/. > > I consistently prefer /etc/crontab. When I have a box that's doing > something funny at 2:35am every morning, it's much easier to look in > just one place. It's also easier to make sure that crontasks aren't > stepping on one anothers' toes that way. > > The directories are really only useful for distro authors, who need a > flexible way to add and remove tasks for particular applications. > > Dustin (the other Dustin) > From sage-members-owner@usenix.org Wed Jan 9 15:45:17 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09NisY7018162 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 15:45:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m09NisPs018160 for sage-members-0utGoign; Wed, 9 Jan 2008 15:44:54 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m09NiAlP018144 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 9 Jan 2008 15:44:36 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m09Ni10Q012620; Wed, 9 Jan 2008 15:44:01 -0800 Message-ID: <47855C40.8050204@chycoski.com> Date: Wed, 09 Jan 2008 15:44:00 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: John Miller CC: "Dustin J. Mitchell" , Dustin Puryear , sage-members@sage.org Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ References: <4784373D.3040006@puryear-it.com> <42338fbf0801082032j527f47fl2f270bf1873f8e5b@mail.gmail.com> <47851C16.8000709@metro.dst.or.us> In-Reply-To: <47851C16.8000709@metro.dst.or.us> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk A true GANTT chart would also imply knowing task dependencies (unless you consider all tasks to be independent). Once you get to this stage, you should be considering more comprehensive 'batch processing' solutions that control these parameters (execution windows and dependencies). The best that you can really do with cron is to show start times for jobs - with no mechanism to enforce dependencies or overruns, anything else is just guesswork. (I currently work in a group that does batch job scheduling for a large environment, if you want to contact me privately.) - Richard John Miller wrote: > On a more specific aspect of this (without regard to best practice), > does anyone know of a tool that converts crontabs into Gantt charts? > > I've always wanted to visualize how the crontab jobs (on a set of > machines) line up in time. Each entry would need to be supplemented > with an estimate of the duration of the job (3 minutes vs 3 hours). > > JM > > > Dustin J. Mitchell wrote: >> On Jan 8, 2008 9:53 PM, Dustin Puryear wrote: >>> 1. normal use of crontabs >>> 2. creating a crontab-like entry in a file in /etc/cron.d/ >>> 3. creating symlinks to your scripts in /etc/cron.hourly/, >>> /etc/cron.daily/, etc. (I'll just say /etc/cron.daily to be short.) >>> 4. /etc/crontab for the root user being able to run cron jobs as any >>> user, unlike /etc/cron.d/ and /etc/cron.daily/. >> >> I consistently prefer /etc/crontab. When I have a box that's doing >> something funny at 2:35am every morning, it's much easier to look in >> just one place. It's also easier to make sure that crontasks aren't >> stepping on one anothers' toes that way. >> >> The directories are really only useful for distro authors, who need a >> flexible way to add and remove tasks for particular applications. >> >> Dustin (the other Dustin) >> From sage-members-owner@usenix.org Thu Jan 10 05:48:03 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0ADlsce009733 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 10 Jan 2008 05:47:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0ADlsqd009732 for sage-members-0utGoign; Thu, 10 Jan 2008 05:47:54 -0800 (PST) Received: from hexogen.explosive.net (hexogen.explosive.net [64.142.102.5]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0ADlFdX009700 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Thu, 10 Jan 2008 05:47:41 -0800 (PST) Received: by hexogen.explosive.net (Postfix, from userid 518) id BEDB866C04F; Thu, 10 Jan 2008 05:47:12 -0800 (PST) Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ To: sage-members@usenix.org Date: Thu, 10 Jan 2008 08:47:12 -0500 (EST) In-Reply-To: from "Gary Richardson" at Jan 09, 2008 05:47:21 AM From: "Adam Moskowitz" Reply-To: adamm@menlo.com X-Mailer: ELM [version 2.5 PL6] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20080110134712.BEDB866C04F@hexogen.explosive.net> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk "Gary Richardson" wrote: > I think the per user crontabs should be avoided. . . . I'm sure we've all > had instances where critical crontabs stop running after an account is > disabled when an employee leaves. While I tend to agree that, for "operational" processes, user crontabs should be avoided, I do not agree with Gary's reasoning. Having a critical process run out of an individual user's crontab is bad, this is not a technical problem and does not require a technical solution. In other words, even if user crontabs are available, don't use them for operational processes, document that such use is prohibited, and enforce this via managerial means. In situations where even sysadmins shouldn't be running cron jobs on production systems then there's probably no good reason for even providing user crontabs. However, in lots of other situations, giving users (sysadmins and others) access to cron for their personal use is often a valuable thing. I don't think this should be prohibited simply because some people abuse the mechanism. In other words, abuse should not dictate (or deny) use. AdamM From sage-members-owner@usenix.org Thu Jan 10 08:21:35 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0AGLYHP014562 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 10 Jan 2008 08:21:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0AGLYJb014561 for sage-members-0utGoign; Thu, 10 Jan 2008 08:21:34 -0800 (PST) Received: from coke.conundrum.com (coke.conundrum.com [216.235.9.139]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0AGKsmo014535 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 10 Jan 2008 08:21:20 -0800 (PST) Received: from [192.0.2.64] (fw01.cr.crp.cira.ca [192.228.22.245]) by coke.conundrum.com (8.13.1/8.12.6) with ESMTP id m0AGKQZP025548; Thu, 10 Jan 2008 11:20:26 -0500 (EST) (envelope-from matt@conundrum.com) In-Reply-To: <20080110134712.BEDB866C04F@hexogen.explosive.net> References: <20080110134712.BEDB866C04F@hexogen.explosive.net> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <91C19135-FFD2-4630-9F0E-3BD351AE8FAC@conundrum.com> Cc: sage-members@usenix.org Content-Transfer-Encoding: 7bit From: Matt Pounsett Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Date: Thu, 10 Jan 2008 11:20:25 -0500 To: adamm@menlo.com X-Pgp-Agent: GPGMail 1.1.2 (Tiger) X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2008-Jan-10, at 08:47, Adam Moskowitz wrote: > "Gary Richardson" wrote: >> I think the per user crontabs should be avoided. . . . I'm sure >> we've all >> had instances where critical crontabs stop running after an >> account is >> disabled when an employee leaves. > > While I tend to agree that, for "operational" processes, user crontabs > should be avoided, I do not agree with Gary's reasoning. Having a > critical > process run out of an individual user's crontab is bad, this is not a > technical problem and does not require a technical solution. In other > words, even if user crontabs are available, don't use them for > operational processes, document that such use is prohibited, and > enforce > this via managerial means. I think the distinction has to be made between a user that is an individual person, and a user like 'apache' or 'daemon'. Running anything production out of a person's crontab is asking for trouble. But, using per-user crontabs for system accounts, where access can be granted through sudo or similar tools for various users to manage them, *without* giving access to root's cron entries in / etc/cron, is to be encouraged. Matt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (Darwin) iD8DBQFHhkXJmFeRJ0tjIxERArAyAJ4igtuJpQtpqA1SpHmqlnEk1pDjSgCfV10q gwoY5N0yXHCsAQZoWp052r8= =5gCG -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Thu Jan 10 10:25:27 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0AIPESb019637 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 10 Jan 2008 10:25:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0AIPEbv019636 for sage-members-0utGoign; Thu, 10 Jan 2008 10:25:14 -0800 (PST) Received: from packetslave.com (draco.packetslave.com [206.123.106.161]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0AIOYqE019605 for ; Thu, 10 Jan 2008 10:25:00 -0800 (PST) Received: from hydra.packetslave.foo (unknown [216.27.161.161]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by packetslave.com (Postfix) with ESMTP id 965E77C1B7 for ; Thu, 10 Jan 2008 17:58:07 +0000 (UTC) Message-Id: <4E9B9F57-6CF7-4F34-84B6-2F0D4BC4AF35@packetslave.com> From: Brian Landers To: sage-members@sage.org Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: [SAGE] Websense implementations on Linux Date: Thu, 10 Jan 2008 12:58:06 -0500 X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Hello all, The company I work for is in the midst of planning a fairly-large (10+ server) rollout of Websense Security Suite. One of the big open questions in the design process is Win32 vs. *nix for the underlying server OS. We've got a pretty good handle on the technical factors in this decision, but the leadership folks are wondering about other companies that have implemented Websense on *nix. Our Websense AE and his team don't seem to have any customers they can name that have implemented on Linux or Solaris (not counting appliance- based implementations such as Bluecoat or Crossbeam). They're all Windows-based. I have to figure there are non-Windows implementations out there, or Websense wouldn't spend engineering resources providing Linux and Solaris versions. Does anyone on this list have experience with running Websense on Linux or Solaris? My preference is to not bring another 10+ Windows boxes into our environment to manage, but I need some ammunition to reassure the bosses. Thanks much in advance. From sage-members-owner@usenix.org Thu Jan 10 11:01:01 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0AJ0qqo021174 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 10 Jan 2008 11:00:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0AJ0qnm021172 for sage-members-0utGoign; Thu, 10 Jan 2008 11:00:52 -0800 (PST) Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0AJ0i8S021159 for ; Thu, 10 Jan 2008 11:00:50 -0800 (PST) X-IronPort-AV: E=Sophos;i="4.24,267,1196668800"; d="scan'208";a="7673307" Received: from sj-dkim-3.cisco.com ([171.71.179.195]) by sj-iport-5.cisco.com with ESMTP; 10 Jan 2008 10:52:32 -0800 Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id m0AIqTX9005062; Thu, 10 Jan 2008 10:52:29 -0800 Received: from [171.71.87.59] (dhcp-171-71-87-59.cisco.com [171.71.87.59]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id m0AIqNcV006902; Thu, 10 Jan 2008 18:52:29 GMT Message-ID: <47866929.6080203@chycoski.com> Date: Thu, 10 Jan 2008 10:51:21 -0800 From: Richard Chycoski Reply-To: rskiadmin@chycoski.com User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: adamm@menlo.com CC: sage-members@usenix.org Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ References: <20080110134712.BEDB866C04F@hexogen.explosive.net> In-Reply-To: <20080110134712.BEDB866C04F@hexogen.explosive.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: sj-dkim-3; header.From=rskiadmin@chycoski.com; dkim=neutral X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk In our environments that have not yet been transitioned to better centralised batch control tools (we're working towards eventually eliminating cron entirely), we have 'generic' user accounts that are accessible only via sudo that contain cron jobs for specific application areas. This gives us user-level security (users can't run jobs as root or any other user) and accountability (sudo logs tell us who's messing with the generic accounts) while still being able to delegate responsibility to application teams. It does mean that applications support people can (and occasionally do) mess up a crontab, but it doesn't happen often because they're generally careful - and know that we have the logs. :-) Individual users can create crontabs of their own on many of the shared-resource machines in the Engineering environment, but not on most of the Corporate servers. They can also create them on their desktops or laptops. These policies are getting tighter over time. 'System' crons still run either from root's crontab or the /etc/cron* directories, depending on the OS. It's a compromise that generally works for the thousands of servers and tens of thousands of desktops/laptops that run Unix/Linux in our environment. Eventually eliminating cron on all of the servers in the data centres is our goal to provide better reliability, control, monitoring, and accountability. Desktops aren't such an issue for us and may stay with cron, but that will be an issue for our desktop services and OS support people to decide. - Richard Adam Moskowitz wrote: > "Gary Richardson" wrote: >> I think the per user crontabs should be avoided. . . . I'm sure we've all >> had instances where critical crontabs stop running after an account is >> disabled when an employee leaves. > > While I tend to agree that, for "operational" processes, user crontabs > should be avoided, I do not agree with Gary's reasoning. Having a critical > process run out of an individual user's crontab is bad, this is not a > technical problem and does not require a technical solution. In other > words, even if user crontabs are available, don't use them for > operational processes, document that such use is prohibited, and enforce > this via managerial means. > > In situations where even sysadmins shouldn't be running cron jobs on > production systems then there's probably no good reason for even > providing user crontabs. However, in lots of other situations, giving > users (sysadmins and others) access to cron for their personal use is > often a valuable thing. I don't think this should be prohibited simply > because some people abuse the mechanism. > > In other words, abuse should not dictate (or deny) use. > > AdamM From sage-members-owner@usenix.org Thu Jan 10 19:41:25 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0B3eqTt005605 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 10 Jan 2008 19:41:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0B3eqrX005604 for sage-members-0utGoign; Thu, 10 Jan 2008 19:40:52 -0800 (PST) Received: from packetslave.com (draco.packetslave.com [206.123.106.161]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0B3eCDi005532 for ; Thu, 10 Jan 2008 19:40:38 -0800 (PST) Received: from hydra.packetslave.foo (unknown [216.27.161.161]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by packetslave.com (Postfix) with ESMTP id CF30D7C1A6; Fri, 11 Jan 2008 03:40:06 +0000 (UTC) Cc: sage-members@sage.org Message-Id: From: Brian Landers To: Rodrick Brown In-Reply-To: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] Websense implementations on Linux Date: Thu, 10 Jan 2008 22:40:06 -0500 References: <4E9B9F57-6CF7-4F34-84B6-2F0D4BC4AF35@packetslave.com> X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 10, 2008, at 10:24 PM, Rodrick Brown wrote: > Use the KISS approach. Keep it simple stupid - Use what ever your > team is more comfortable with. Thank you for your completely useless response. I need to convince my CIO what the correct platform is before he signs off on a $150,000 purchase. I asked for information to help do so. From sage-members-owner@usenix.org Fri Jan 11 10:33:00 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BIWxYh009253 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 11 Jan 2008 10:32:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0BIWx04009252 for sage-members-0utGoign; Fri, 11 Jan 2008 10:32:59 -0800 (PST) Received: from hs-out-2122.google.com (hs-out-0708.google.com [64.233.178.244]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BIWBLw009220 for ; Fri, 11 Jan 2008 10:32:37 -0800 (PST) Received: by hs-out-2122.google.com with SMTP id l65so394559hsc.7 for ; Fri, 11 Jan 2008 10:32:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=ttW57dzt0+Jk9eoSzquLcG0Isx7lETM+P42SWmlmZs8=; b=LizChEy1OFb9HN+rujocNKCKghe+e+r2ZFS8xJzh0kKXaWnRxcfAnLs4l/O6UgZqFJYWeP5wwOuiyoEFThmUw4CjXkLiMXkRE5NQ8DNTdMdQMx77XnRGjdZ/DlwecsnI20ixKAZc8EcLsbJJWm5gbWZ1JmwX63uRvHU/lFZnMcY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=On62UMWfaHd/1i5eVTCBY+kEJJ5EEdJcFfxZr40euoQOV5gf7mX8Xwbooeye5capL3pBX6USNfPd/2j3fOaJ2kPWgxvfjVzb3jGbtgdJlMJrSg52y+9wZfc93H/w2aRYeZWLSbbcjvvFzjUv0n2MWjtMRc8h6TS3U7ZQrfzPCFg= Received: by 10.142.225.11 with SMTP id x11mr1851505wfg.115.1200076325288; Fri, 11 Jan 2008 10:32:05 -0800 (PST) Received: by 10.143.33.15 with HTTP; Fri, 11 Jan 2008 10:32:05 -0800 (PST) Message-ID: Date: Fri, 11 Jan 2008 12:32:05 -0600 From: "Nathan Hruby" To: "Brian Landers" Subject: Re: [SAGE] Websense implementations on Linux Cc: sage-members@sage.org In-Reply-To: <4E9B9F57-6CF7-4F34-84B6-2F0D4BC4AF35@packetslave.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <4E9B9F57-6CF7-4F34-84B6-2F0D4BC4AF35@packetslave.com> X-Google-Sender-Auth: bc8ffb70d8cbb8b9 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 10, 2008 11:58 AM, Brian Landers wrote: > Does anyone on this list have experience with running Websense on > Linux or Solaris? My preference is to not bring another 10+ Windows > boxes into our environment to manage, but I need some ammunition to > reassure the bosses. I mentioned doing our websense on Linux once. The idea got shot down quickly. I also posit that: - the kind of people who like websense tend to be large corporate types, who tend to run windows as their main platform and are still "unsure about this whole Linux thing" - the kind of people who have the competency to roll out websense on Linux are also the kind of people who would tend to think squidguard or dansguardian were equally as good, considering the cost [1] - the kinds of services websense provides are now staring to be integrated into multi-purpose network appliances (eg: Fortinet firewalls) which makes paying for a websense deployment a lot harder to swallow [1] So, I'm not surprised that your websense contacts don't see a lot of linux deployments. -n [1] - when considering the security aspects of wensense only. I'm not sure there's a lot else out there that does the kind of "Big Brother" reporting on people's browsing habits that websense does. Since most people savvy enough to deploy websense on linux, I would think, consider the Big Brother aspect rather onerous, using something else without those features has "additional benefits." :) -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Fri Jan 11 10:39:54 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BIdrRT009611 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 11 Jan 2008 10:39:54 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0BIdrev009608 for sage-members-0utGoign; Fri, 11 Jan 2008 10:39:53 -0800 (PST) Received: from packetslave.com (draco.packetslave.com [206.123.106.161]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BIdEu8009577 for ; Fri, 11 Jan 2008 10:39:39 -0800 (PST) Received: from hydra.packetslave.foo (unknown [216.27.161.161]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by packetslave.com (Postfix) with ESMTP id 44F977C1B9; Fri, 11 Jan 2008 18:39:12 +0000 (UTC) Cc: sage-members@sage.org Message-Id: From: Brian Landers To: Nathan Hruby In-Reply-To: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] Websense implementations on Linux Date: Fri, 11 Jan 2008 13:39:11 -0500 References: <4E9B9F57-6CF7-4F34-84B6-2F0D4BC4AF35@packetslave.com> X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 11, 2008, at 1:32 PM, Nathan Hruby wrote: > - the kind of people who like websense tend to be large corporate > types, who tend to run windows as their main platform and are still > "unsure about this whole Linux thing" A valid point (among other valid points in your message). However, from what I can tell Solaris has been an available platform for Websense since their very early releases, and I imagine there are quite a few large corporate types (especially in financial services, government, and other "conservative" industries) that are large Sun shops. These are also the kinds of environments where "Big Brother" applications like Websense would seem to be the most common. As near I can tell, Linux and Solaris are equal-class citizens to Websense, so I'd be equally interested in hearing of anyone implementing it on the Sun platform. It may be that *everyone* who's ever implemented Websense has done it on Windows, but as I said I can't believe they would continue to expend the engineering resources to maintain feature parity on UNIX platforms if there wasn't a market for it. Thanks, Brian From sage-members-owner@usenix.org Fri Jan 11 11:05:03 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BJ4paG010752 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 11 Jan 2008 11:04:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0BJ4pFh010751 for sage-members-0utGoign; Fri, 11 Jan 2008 11:04:51 -0800 (PST) Received: from Mycroft.westnet.com (Mycroft.westnet.com [216.187.52.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BJ4BiX010727 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 11 Jan 2008 11:04:37 -0800 (PST) Received: from jfsnew.stoffel.org (24-241-23-116.dhcp.oxfr.ma.charter.com [24.241.23.116]) (authenticated bits=0) by Mycroft.westnet.com (8.14.0/8.14.0) with ESMTP id m0BJ3tRa019045 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 11 Jan 2008 14:03:56 -0500 (EST) Received: by jfsnew.stoffel.org (Postfix, from userid 1000) id 853464EF31; Fri, 11 Jan 2008 14:03:55 -0500 (EST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <18311.48539.477964.356789@stoffel.org> Date: Fri, 11 Jan 2008 14:03:55 -0500 From: "John Stoffel" To: sage-members@sage.org, tech@lopsa.org Subject: [SAGE] CommVault Galaxy backup software? X-Mailer: VM 7.19 under Emacs 21.4.1 X-Virus-Scanned: ClamAV 0.92/5478/Fri Jan 11 10:39:22 2008 on Mycroft.westnet.com X-Virus-Status: Clean X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Hi all, Is anyone here running CommVault Galaxy backup software? We're investigating a move from Legato, but I'm personally not wild about it, esp since it means moving to Windows Server 2003 as the main server platform. I know my anti-Windows bias is showing here, but it's hard to get rid of it. Anyway, I found a couple of forums and mailing lists, but they were all very low volume with out anything useful on there. Something like the networker mailing list would be great. Thanks, John From sage-members-owner@usenix.org Fri Jan 11 11:50:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BJoIab012476 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 11 Jan 2008 11:50:18 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0BJoHMV012475 for sage-members-0utGoign; Fri, 11 Jan 2008 11:50:17 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BJnK1r012432 for ; Fri, 11 Jan 2008 11:49:45 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id 7CCA73AE2B; Fri, 11 Jan 2008 14:49:07 -0500 (EST) Date: Fri, 11 Jan 2008 14:49:08 -0500 From: Neil Watson To: sage-members@sage.org Subject: Re: [SAGE] CommVault Galaxy backup software? Message-ID: <20080111194908.GA11285@watson-wilson.ca> References: <18311.48539.477964.356789@stoffel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <18311.48539.477964.356789@stoffel.org> X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-11-01) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk My last employer uses CommVault. I was only involved in supporting the Linux clients. During that time I had to perform some client upgrades. The 'automated' method, provided by CommVault, was so flawed that only a patch would correct the failures. -- Neil Watson | Debian Linux System Administrator | Uptime 12 days http://watson-wilson.ca From sage-members-owner@usenix.org Fri Jan 11 14:50:01 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BMnuTd017933 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 11 Jan 2008 14:49:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0BMnuHb017932 for sage-members-0utGoign; Fri, 11 Jan 2008 14:49:56 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.178]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BMn2MC017886 for ; Fri, 11 Jan 2008 14:49:29 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so1896455pyb.10 for ; Fri, 11 Jan 2008 14:48:58 -0800 (PST) Received: by 10.64.179.12 with SMTP id b12mr8130066qbf.1.1200091735487; Fri, 11 Jan 2008 14:48:55 -0800 (PST) Received: by 10.65.145.11 with HTTP; Fri, 11 Jan 2008 14:48:55 -0800 (PST) Message-ID: <2a5241e00801111448q5e229029l8617fa8cdb53222e@mail.gmail.com> Date: Fri, 11 Jan 2008 14:48:55 -0800 From: "Danny Howard" To: "Dustin Puryear" Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Cc: sage-members@sage.org In-Reply-To: <4784373D.3040006@puryear-it.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <4784373D.3040006@puryear-it.com> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk Hello, Well, to add another worm to your can . . . I'd say, any reasonable SysAdmin should default to /etc/crontab because every other reasonable SysAdmin already knows where it is. If anything is used in addition to /etc/crontab, leave a note in /etc/crontab advising the new guy who just got paged at 3:45am where else to look for crons. For production systems, I strongly object to the use of per-user crontabs. I'm glad to hear I'm not alone. One thing I have to do in a new environment tends to be to write a script that will sniff out all the cron entries. And then there was the shop that used /etc/crontab, user crons, and anacron to keep crons from running over each other. This frustrated me enough that I did a poor job of explaining that job concurrency could easily be ensured by wrapping script through a lockfile or flock-type program, instead of adding a new layer of system complexity. Sincerely, -danny -- http://dannyman.toldme.com/ From sage-members-owner@usenix.org Sat Jan 12 02:07:11 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0CA6c4P011326 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 12 Jan 2008 02:06:58 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0CA6cMQ011325 for sage-members-0utGoign; Sat, 12 Jan 2008 02:06:38 -0800 (PST) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.179]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0CA5k9e011294 for ; Sat, 12 Jan 2008 02:06:11 -0800 (PST) Received: by wa-out-1112.google.com with SMTP id j4so2489422wah.1 for ; Sat, 12 Jan 2008 02:05:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=SM9VZ1IoEJZ3o5mbn071zg1YhWNmEwlCDJUhuvF2ud4=; b=l5qwrfuQ8BOLzJ0kM53XpgfSxvF3EXPqktr5si19aDfnWdcjhW6MilL90bmZ+kQsSvAJ3Ztv8U/O0DIZe50wNm9fvxfVXgU6gcwsHI0sL9NwIh/b4+m9CP3LkkOU2O+R6kJwnBlqFYj1J2sSRSuZig5HXOZwZWqCxgZzmegtQf8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=nPG8Wti5tbu57dmZZPff+N8zRsYYuLPjtEZugBNzJCMlefvwGQp/lrqJD+Pwbb10BwoBzoinVlbi7n62T8ZaE6f2hwdge2bQ3PNvinRr5/7a8hL2kFl5WpIDpGGzmoRboaLffOXiGukjpIMEIwr9N0UUuNycSer/BoWE06vGfHE= Received: by 10.142.131.18 with SMTP id e18mr2081584wfd.39.1200131951836; Sat, 12 Jan 2008 01:59:11 -0800 (PST) Received: by 10.143.2.14 with HTTP; Sat, 12 Jan 2008 01:59:11 -0800 (PST) Message-ID: <647a40580801120159p663cc8c8h6ebcc1ffd2191248@mail.gmail.com> Date: Sat, 12 Jan 2008 10:59:11 +0100 From: "Jordi Molina" To: "Brian Landers" Subject: Re: [SAGE] Websense implementations on Linux Cc: "Nathan Hruby" , sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <4E9B9F57-6CF7-4F34-84B6-2F0D4BC4AF35@packetslave.com> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=2 Fuz1=2 Fuz2=2 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk Hi everybody, On Jan 11, 2008 7:39 PM, Brian Landers wrote: > > As near I can tell, Linux and Solaris are equal-class citizens to > Websense, so I'd be equally interested in hearing of anyone > implementing it on the Sun platform. It may be that *everyone* who's > ever implemented Websense has done it on Windows, but as I said I > can't believe they would continue to expend the engineering resources > to maintain feature parity on UNIX platforms if there wasn't a market > for it. > actually, I would think that the if company that's selling you websense has never done it with linux or sun, It doesn't means that other companies haven't done so, so maybe it'ld be time to look for another company to get Websense implemented on your environment with an OS friendly to you and your team. I had real bad experiences in the past with companies that only know the windows product version (in my case it was 2 times, different companies, with DataProtector). They tend to just double click the installer, click next, check that everything starts up and get the money. (Just my humble opinion) regads Jordi -- Jordi Molina Casas (warp3r) mail: warp3r@gmail.com 4BC8 8150 7B1A FC24 FBAD 7B07 FE90 F300 4F36 3BF7 mail: warp3r@2shifted.com 2F91 EF95 229E FC31 18C0 05C3 B320 22DA 8C03 F33E www: www.warp3r.com openid: https://openid.warp3r.com/?user=warp3r From sage-members-owner@usenix.org Sat Jan 12 11:18:08 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0CJHtmS027764 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 12 Jan 2008 11:17:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0CJHtSa027763 for sage-members-0utGoign; Sat, 12 Jan 2008 11:17:55 -0800 (PST) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.242]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0CJHEAG027738 for ; Sat, 12 Jan 2008 11:17:39 -0800 (PST) Received: by an-out-0708.google.com with SMTP id d33so410521and.105 for ; Sat, 12 Jan 2008 11:17:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=eHzNp34VWds4RmEpk0dvvQ1YyotJthS5a/bB26NpwMo=; b=pwOqrYxbbCHSx2Vux6N+/9JL0l7zCeC+woVxc+1qWFjq/+0oazB6YNERp4fEUovQyxb0lhZ7iQworX6SNM2n7aH4o+XGwchjte0LdRdq9SD9oe6jhsEA6BE7qlhxbf+PbV615iaLwJVTla0Ja2szbpnOBz6Bf9tOzmKpvnam+tc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=nTvGuQm5SOrmXJ4V58GTPVBLg/sLsnKsn0EIqNBB+WThBOJ5KSH1BUe9pE/AyE9bZVPurin0Ya9fh1DXvLQygEUOjWI+RH6oy0aKQhVw4v2l0sfXaFk7AoNj5y6JKKtP3IWHvHMv3RA+QXg2MqXcwzdaGhfqPPJ9E7nrjPDskx0= Received: by 10.100.249.9 with SMTP id w9mr9946777anh.44.1200165428262; Sat, 12 Jan 2008 11:17:08 -0800 (PST) Received: from ?192.168.1.100? ( [76.189.216.143]) by mx.google.com with ESMTPS id 58sm6253283rnw.4.2008.01.12.11.17.07 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 12 Jan 2008 11:17:07 -0800 (PST) Message-ID: <4789122E.7090603@gmail.com> Date: Sat, 12 Jan 2008 14:17:02 -0500 From: Jim Ankenbrandt User-Agent: Thunderbird 1.5.0.14 (Windows/20071210) MIME-Version: 1.0 To: John Stoffel CC: sage-members@sage.org Subject: Re: [SAGE] CommVault Galaxy backup software? References: <18311.48539.477964.356789@stoffel.org> In-Reply-To: <18311.48539.477964.356789@stoffel.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk The company I work for is converting from Backup Express to CommVault. There are very mixed feelings about it. Full disclosure: as a sys admin I don't do the backup's, but am a member of the team that does, storage. There is a load of complaining about the VTL's and NDMP. We apparently bought licenses and keep running into problems where the response is " Oh, you need to buy a different license for that" then there is a wrangle with sales about the contracts. There are also problems with getting it to run with the Sun tape Library. I think that the Windows/Exchange stuff was fairly straight forward it is the NAS/SAN/encryption/Oracle issues that are killing us. John Stoffel wrote: > Hi all, > > Is anyone here running CommVault Galaxy backup software? We're > investigating a move from Legato, but I'm personally not wild about > it, esp since it means moving to Windows Server 2003 as the main > server platform. > > I know my anti-Windows bias is showing here, but it's hard to get rid > of it. > > Anyway, I found a couple of forums and mailing lists, but they were > all very low volume with out anything useful on there. Something like > the networker mailing list would be great. > > Thanks, > John > From sage-members-owner@usenix.org Sat Jan 12 20:36:30 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0D4aPJr008054 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 12 Jan 2008 20:36:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0D4aP6F008053 for sage-members-0utGoign; Sat, 12 Jan 2008 20:36:25 -0800 (PST) Received: from mail845.megamailservers.com (mail845.carrierinternetsolutions.com [69.49.106.55]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0D4ZVCj008001 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 12 Jan 2008 20:35:57 -0800 (PST) X-Authenticated-User: leonvs.covad.net Received: from krishna.occam.int (h-66-167-140-2.sttnwaho.dynamic.covad.net [66.167.140.2]) (authenticated bits=0) by mail845.megamailservers.com (8.13.6.20060614/8.13.1) with ESMTP id m0D4Z0t6007773; Sat, 12 Jan 2008 23:35:01 -0500 Cc: Ok Pa - We Like To Whomp Ether Message-Id: <11140040-2167-480D-B9B8-52913B47C0F6@occam.com> From: Leon Towns-von Stauber To: "Danny Howard" In-Reply-To: <2a5241e00801111448q5e229029l8617fa8cdb53222e@mail.gmail.com> Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] crontabs vs /etc/cron.[daily,hourly,*] vs. /etc/cron.d/ Date: Sat, 12 Jan 2008 20:35:26 -0800 References: <4784373D.3040006@puryear-it.com> <2a5241e00801111448q5e229029l8617fa8cdb53222e@mail.gmail.com> X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=2% Sender: owner-sage-members@usenix.org Precedence: bulk > I'd say, any reasonable SysAdmin should default to /etc/crontab > because every other reasonable SysAdmin already knows where it is. SysV-derived systems don't tend to have an /etc/crontab. -------------------------------------------------------------------- Leon Towns-von Stauber http://www.occam.com/leonvs/ "We have not come to save you, but you will not die in vain!" From sage-members-owner@usenix.org Sun Jan 13 11:46:56 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0DJkiiZ005824 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 13 Jan 2008 11:46:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0DJkigs005823 for sage-members-0utGoign; Sun, 13 Jan 2008 11:46:44 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0DJkHqo005816 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 13 Jan 2008 11:46:17 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0DJkHXF005814 for sage-members@usenix.org; Sun, 13 Jan 2008 11:46:17 -0800 (PST) Received: from anchor-post-32.mail.demon.net (anchor-post-32.mail.demon.net [194.217.242.90]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0BNjZ9L019873 for ; Fri, 11 Jan 2008 15:45:40 -0800 (PST) Received: from guyver.demon.co.uk ([62.49.6.63]) by anchor-post-32.mail.demon.net with esmtp (Exim 4.67) id 1JDTT7-0002V8-6x; Fri, 11 Jan 2008 23:39:22 +0000 Received: from localhost (localhost.home [127.0.0.1]) by guyver.demon.co.uk (Postfix) with ESMTP id 195D91B183F; Fri, 11 Jan 2008 23:39:18 +0000 (GMT) Received: from guyver.demon.co.uk ([127.0.0.1]) by localhost (jabberwock.home [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19513-04; Fri, 11 Jan 2008 23:38:41 +0000 (GMT) Received: from [127.0.0.1] (unknown [192.168.1.28]) by guyver.demon.co.uk (Postfix) with ESMTP id 00B7D1B1830; Fri, 11 Jan 2008 23:38:40 +0000 (GMT) Message-ID: <4787FDFE.2060203@guyver.demon.co.uk> Date: Fri, 11 Jan 2008 23:38:38 +0000 From: Martin Jackson User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: John Stoffel Cc: sage-members@sage.org, tech@lopsa.org Subject: Re: [SAGE] CommVault Galaxy backup software? References: <18311.48539.477964.356789@stoffel.org> In-Reply-To: <18311.48539.477964.356789@stoffel.org> X-Enigmail-Version: 0.95.6 Content-Type: multipart/alternative; boundary="------------080707060006020303040501" X-Antivirus: avast! (VPS 080111-0, 11/01/2008), Outbound message X-Antivirus-Status: Clean X-Virus-Scanned: amavisd-new at guyver.demon.co.uk X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=27% Sender: owner-sage-members@usenix.org Precedence: bulk This is a multi-part message in MIME format. --------------080707060006020303040501 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit I haven't used Commvault but I have used Bakbone that apparently came from the same group in AT&T, it recently beat Bakbone in the usual suspects reviews due to more features. I also know a guy who was a Bakbone expert who went to work for Commvault without difficulty in transitioning because the products were so similar albeit Commvault has a nicer interface at present. Two years ago were were looking for a replacement to Legato Networker (8.X I think possibly 8.6 but my memory isn't that great). We found Legato almost unusable, the guy who went on the course was the only one who could use it because it had so many weird and wonderful quirks at that time that the rest of us just could deal with at the time e.g. The backup client was separate from the restore client and the support payments if you were off maintenance were extortionate! I recall someone quoting $2.5K+ just for Legato to even look the problem with zero guarantee of a fix or them to even work on the call. We wanted something more user friendly and intuitive, so we looked at Netbackup, Tivoli Storage manager and Bakbone. Due to the initially very strong desire for "Ease of use" after using Legato, we kind of ruled out Netbackup (it was then owned Veritas rather than Symantec) because it wasn't like BackupExec (Really easy to use but geared to Windows OS based systems mostly) so we thought it would have too much in common with Legato and it didn't have enough features at the time e.g. MacOS support, Synthetic backups (Consolidation) and MySQL support. We also have a number of Network Appliance Filers so we need NDMP support (that was the reason why we initially got Legato). Knowing what I know now, I wish I had gone with Veritas/Symantec Netbackup for a number of reasons: * Bakbone pulled out all the stops for us and we had a brilliant Account Management team that where was always helpful and eager to help us until the time that all they both *left* Bakbone due to Internal issues within the Company's management, direction and product marketing and strategy, We also had major issues as well due to the lack of resourcing on products that we (and the market) actually needed today rather than products that they wanted to flog us that incidentally others had done well before and way better. Let me say there is nothing (and I mean nothing!) more sorrowful that a pre-sales team trying to sell you something that their Executive Management are pushing them to sell that they know in their hearts, minds and souls is crap, you could literally see their souls being destroyed, ever hear the saying "A great product sells itself?" We'll a great product doesn't take a salesman, it only takes someone who believes the product is the best, well it's was like their belief in the greatness of their product was crumbling before your very eyes! * If Commvault is anything like Bakbone you will soon realise an amazing difference between what is "Sold" and what is actually usable in the product. * It was amazingly difficult to get easy and transparent pricing for Tivoli Storage Manager, the Vendor I went through wouldn't give me any straight pricing on example scenarios e.g. What if I just wanted to backup a Microsoft SQL Server and a Linux Apache Web Server, how much would that cost? * Netbackup is a industry leader even though it may not be the best, nicest, most technically advanced, state of the art with the latest features (and I don't know any of these things personally, i.e. for all I know it's the best thing since sliced bread) and shiny, most jobs/people seem to know it so there must be some good reason why you can throw a brick out the window at a backup specialists and odds on he knows Netbackup, I even know some managed backup outsourcing services who only deal with Netbackup i.e. They built their whole business model around providing managed Netbackup services, now that's trust! I have to balance this all with some comments though: * Commvault is available through Dell as a selectable option for all Servers so it must have something serious going for it (or an fantastic resellers commission), though if you do the Mercenary/Marketable skills penetration test e.g. search through Dice.com today you will see the following: + Netbackup: 549 Hits + Backup Exec: 138 hits + Networker: 111 hits + Commvault: 75 hits + Retrospect: 9 hits + Bakbone: 8 + Arkeia: 1 o If I was either a: managing a team or b: wanting an easily transferable backup skill I'd would go for Netbackup for the following reasons: 1. Odds on I'd have a larger pool of people to choose from if I opted for Netbackup because it's the backup skill in demand re; the Cisco effect 2. If I wanted to look for a new role as a backup specialist I'd have a lot more roles to choose from. * They have some great features listed on their portfolio i.e. o Single Instance Storage - i.e. File De-duplication only one copy of the same data stored on Virtual Tape Library instead of multiple copies of the same data. o Recently refocused on a MSP (Managed Service Provider) Programme to make Commvault more attractive to vendors who wish to supply Managed Backup Services using Commvault, so they are trying to make a big push into the software as a service market provider space where the volumes are a lot higher. Cheers -Martin John Stoffel wrote: > Hi all, > > Is anyone here running CommVault Galaxy backup software? We're > investigating a move from Legato, but I'm personally not wild about > it, esp since it means moving to Windows Server 2003 as the main > server platform. > > I know my anti-Windows bias is showing here, but it's hard to get rid > of it. > > Anyway, I found a couple of forums and mailing lists, but they were > all very low volume with out anything useful on there. Something like > the networker mailing list would be great. > > Thanks, > John > > --------------080707060006020303040501 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit I haven't used Commvault but I have used Bakbone that apparently came from the same group in AT&T, it recently beat Bakbone in the usual suspects reviews due to more features.

I also know a guy who was a Bakbone expert who went to work for Commvault without difficulty in transitioning because the products were so similar  albeit Commvault has a  nicer interface at  present.

Two years ago were were looking for a replacement to Legato Networker (8.X  I think  possibly  8.6 but my memory isn't that great).

We found Legato almost unusable, the guy who went on the course was the only one who could use it because it had so many weird and wonderful quirks at that time that the rest of us just could deal with at the time e.g. The backup client was separate from the restore client and the support payments if you were off maintenance were extortionate! I recall someone quoting $2.5K+ just for Legato to even look the problem with zero guarantee of a fix or them to even work on the call.

We wanted something more user friendly and intuitive, so we looked at Netbackup, Tivoli Storage manager and Bakbone. Due to the initially very strong desire for "Ease of use" after using Legato, we kind of ruled out Netbackup (it was then owned Veritas rather than Symantec) because it wasn't like BackupExec (Really easy to use but geared to Windows OS based systems mostly) so we thought it would have too much in common with Legato and it didn't have enough features at the time e.g. MacOS support, Synthetic backups (Consolidation) and MySQL support. We also have a number of Network Appliance Filers so we need NDMP support (that was the reason why we initially got Legato).

Knowing what I know now, I wish I had gone with Veritas/Symantec Netbackup for a number of reasons:
  • Bakbone pulled out all the stops for us and we had a brilliant Account Management team that where was always helpful and eager to help us until the time that all they both *left* Bakbone due to Internal issues within the Company's management, direction and product marketing and strategy, We also had major issues as well due to the lack of resourcing on products that we (and the market) actually needed today rather than products that they wanted to flog us that incidentally others had done well before and way better. Let me say there is nothing (and I mean nothing!) more sorrowful that a pre-sales team trying to sell you something that their Executive Management are pushing them to sell that they know in their hearts, minds and souls is crap, you could literally see their souls being destroyed, ever hear the saying "A great product sells itself?" We'll a great product doesn't take a salesman, it only takes someone who believes the product is the best, well it's was like their belief in the greatness of their product was crumbling before your very eyes!
  • If Commvault is anything like Bakbone you will soon realise an amazing difference between what is "Sold" and what is actually usable in the product.
  • It was amazingly difficult to get easy and transparent pricing for Tivoli Storage Manager, the Vendor I went through wouldn't give me any straight pricing on example scenarios e.g. What if I just wanted to backup a Microsoft SQL Server and a Linux Apache Web Server, how much would that cost?
  • Netbackup is a industry leader even though it may not be the best, nicest, most technically advanced, state of the art with the latest features (and I don't know any of these things personally, i.e. for all I know it's the best thing since sliced bread) and shiny, most jobs/people seem to know it so there must be some good reason why you can throw a brick out the window at a backup specialists and odds on he knows Netbackup, I even know some managed backup outsourcing services who only deal with Netbackup i.e. They built their whole business model around providing managed Netbackup services, now that's trust!

I have to balance this all with some comments though:
  • Commvault is available through Dell as a selectable option for all Servers so it must have something serious going for it (or an fantastic resellers commission), though if you do the Mercenary/Marketable skills penetration test e.g. search through Dice.com today you will see the following:
      • Netbackup: 549 Hits
      • Backup Exec: 138 hits
      • Networker: 111 hits
      • Commvault: 75 hits
      • Retrospect: 9 hits
      • Bakbone: 8
      • Arkeia: 1
    • If I was either a: managing a team or b: wanting an easily transferable backup skill I'd would go for Netbackup for the following reasons:
  1. Odds on I'd have a larger pool of people to choose from if I opted for Netbackup because it's the backup skill in demand re; the Cisco effect
  2. If I wanted to look for a new role as a backup specialist I'd have a lot more roles to choose from.
  • They have some great features listed on their portfolio i.e.
    • Single Instance Storage - i.e. File De-duplication only one copy of the same data stored on Virtual Tape Library instead of multiple copies of the same data.
    • Recently refocused on a MSP (Managed Service Provider) Programme to make Commvault more attractive to vendors who wish to supply Managed Backup Services using Commvault, so they are trying to make a big push into the software as a service market provider space where the volumes are a lot higher.
Cheers

-Martin

John Stoffel wrote: 
Hi all,

Is anyone here running CommVault Galaxy backup software?  We're
investigating a move from Legato, but I'm personally not wild about
it, esp since it means moving to Windows Server 2003 as the main
server platform.  

I know my anti-Windows bias is showing here, but it's hard to get rid
of it.

Anyway, I found a couple of forums and mailing lists, but they were
all very low volume with out anything useful on there.  Something like
the networker mailing list would be great.

Thanks,
John

--------------080707060006020303040501-- From sage-members-owner@usenix.org Mon Jan 14 12:19:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0EKJfSZ023365 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 14 Jan 2008 12:19:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0EKJfYE023364 for sage-members-0utGoign; Mon, 14 Jan 2008 12:19:41 -0800 (PST) Received: from g2.mental.com (root@entrance.mental.com [192.31.14.10]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0EKIqgO023281 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Mon, 14 Jan 2008 12:19:23 -0800 (PST) Received: from mental.com (root@twen.mi [172.16.0.5]) by g2.mental.com (8.13.7/8.13.7/mental-071210) with ESMTP id m0EJxIt1020002 for ; Mon, 14 Jan 2008 20:59:18 +0100 (CET) Received: from mental.com (lobo@localhost [127.0.0.1]) by mental.com (8.13.7/8.13.7/mental-070305) with ESMTP id m0EJxITp026613 for ; Mon, 14 Jan 2008 20:59:18 +0100 (MET) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: sage-members@sage.org Subject: Re: [SAGE] Sun's Java Web Console In-reply-to: seph's message of Tue, 08 Jan 2008 11:46:00 EST Organization: mental images GmbH, Berlin, Germany Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 14 Jan 2008 20:59:18 +0100 Message-ID: <26612.1200340758@mental.com> From: Alexander Lobodzinski X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk () I've just started playing a Sun StorageTek array. Much to my () annoyance, the only way to manage it appears to require a machine () hosting the Common Array Manager software. Which, at least on solaris, () is a plugin for the java web console. () () Generally I've shied away from web consoles, preferring configuration () files, version control, and change tracking. How do other people feel () about sun's web console? I'd love to get a idea of how people feel () about it. I felt like you when I started looking at the array... There is some command-line tool which I couldn't get to work so I figured the console would do the job which it did until now. It's annoying to click through repetitive tasks like creating a bunch of 1 disk LUNs (we let ZFS do the RAID) but that's not supposed to hurt very oftenly. Actually I only used the console a few times out of curiosity once the array was up and running. A funny thing is that one cannot login using the userids in /etc/shadow because the Java console runs as non-root (fortunately :-). Ciao, Lobo From sage-members-owner@usenix.org Tue Jan 15 03:51:13 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FBp5pj000887 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 03:51:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FBp5Uj000886 for sage-members-0utGoign; Tue, 15 Jan 2008 03:51:05 -0800 (PST) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.236]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FBoMBu000860 for ; Tue, 15 Jan 2008 03:50:47 -0800 (PST) Received: by nz-out-0506.google.com with SMTP id m7so1529787nzf.29 for ; Tue, 15 Jan 2008 03:50:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=6A/gcbIzQ1uN+6mOa2wyHKSaipTFaURyIknH7u9OqtM=; b=Sk8HjJ6rXnhSmyStMQmWB9lao/YiNjDzzo5OtCBhOoNUQIRqRPaYwy2QsoWJw3Ps65eW48oBgcA4b4RJn7G3P9Y4V6ltvHEfdi64N1c8PSgua7q7IRSdpf+dcGnix10SIz3J03dneRW+Pdpbr6FubY3PyeDlRb6anh6v8rQCS98= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=b7UH+7qlxsVRXSZEeLZ1kgaehfSoSLfpwcfrYpOgdLheN05qWZuCli/RIOf9ucezbvecDDikh2mwDcBSXXlyonLYRJG3MCENLklbPpQh3PRzp9BoQ9TGyk9NFrcBKU4HhtR16O6+U78X2xA3l/hQEmLRILZDAVHc272uWFFkUXE= Received: by 10.142.237.20 with SMTP id k20mr2981863wfh.228.1200397821091; Tue, 15 Jan 2008 03:50:21 -0800 (PST) Received: by 10.142.191.9 with HTTP; Tue, 15 Jan 2008 03:50:21 -0800 (PST) Message-ID: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> Date: Tue, 15 Jan 2008 12:50:21 +0100 From: "Erling Ringen Elvsrud" To: sage-members@sage.org Subject: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Hello list, I work for a fairly large organization and will probably be involved in planning, installing and maintaining a LDAP based directory service this year. The directory will be mainly used to authenticate developers and systems administrators that need to access RH Linux servers (and also maybe HP-UX in the future). Microsoft AD is used elsewhere in the organization to authenticate users of Windows based desktop computers. The best solution would be to use AD to authenticate users of Unix computers as well, but I'm not sure if it is possible to make that solution work. We also would like to be able to use the directory for netgroups. The total solution consists of a couple of hundred servers and maybe around 200 users. The servers are distributed in test, development, pre-prod, prod, etc environments that are more or less isolated, but it is probably possible to allow communication between servers running the directory service. We alredy have licensed IBM TDS that is used in other parts of the organization, but also consider to purchase Red Hat Directory Server. We are early in the process. I appreciate any input on those two products as I'm not familiar with either. I have basic LDAP experience from OpenLDAP. With my limited LDAP experience I expect that the final solution will consist of something like a writeable master (or 2 if possible) accessible from all environments and read-only replicas in most other environments (firewalls are opened to allow communication where needed). Do you know any whitepapers , texts describing LDAP based directory services in environments like I have described above? I also appreciate to hear any suggestions or experiences you have from similar scenarios. Thanks, Erling From sage-members-owner@usenix.org Tue Jan 15 07:23:25 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FFMYCj007422 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 07:22:54 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FFMYq5007421 for sage-members-0utGoign; Tue, 15 Jan 2008 07:22:34 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.227]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FFLT7E007369 for ; Tue, 15 Jan 2008 07:21:56 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so1684838wxc.26 for ; Tue, 15 Jan 2008 07:21:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=kJKrY+0biCop1RiXOSZ0j7fZCa+WOY70zhnSgG76rMU=; b=wo15hEhed7/NLyoQhkgo7dWs16Un+qj6zYNg4JkjJv67yF/YxYL4zwNC+JCv5Mwdd97FqwKJdV/2OXPv9w/yyy+IZc36of/2aTsCBuaGw9C+YgrK3ZJGZyhE/StMqInWrLzREoO1ufYtp3d0jscIUxbGYS0fJrBaGf19ESPNj9E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=BpNwMVB14YQLyBqK6qEL4wf/vHr32y82Od5uYTczYa1tWONddvGehW3HLpG/86q3sP7GLAuc3WCcm2FSxW8gwaQ49XSDSs1O0ikVp3Y3rmvy6zyt1qbWTcqWi/AxpgiNz+dFhqMxruk8ysMhdyVHLGjZgnqrZaX5ZyQPx/oQIYM= Received: by 10.142.107.1 with SMTP id f1mr3153948wfc.26.1200410481239; Tue, 15 Jan 2008 07:21:21 -0800 (PST) Received: by 10.143.33.15 with HTTP; Tue, 15 Jan 2008 07:21:21 -0800 (PST) Message-ID: Date: Tue, 15 Jan 2008 09:21:21 -0600 From: "Nathan Hruby" To: "Erling Ringen Elvsrud" Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment Cc: sage-members@sage.org In-Reply-To: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> X-Google-Sender-Auth: bcff119c5d28a62e X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 15, 2008 5:50 AM, Erling Ringen Elvsrud wrote: > Hello list, > > I work for a fairly large organization and will probably be involved > in planning, installing and maintaining > a LDAP based directory service this year. The directory will be > mainly used to authenticate developers and systems administrators that > need to access RH Linux servers (and also maybe HP-UX in the future). > Microsoft AD is used elsewhere in the organization to authenticate > users of Windows based desktop computers. The best solution would > be to use AD to authenticate users of Unix computers as well, but I'm > not sure if it is possible to make that solution work. Depending on your AD forest and how willing your AD admins are to working with you, this is a perfectly viable option. Samba offers the winbind daemon which can talk to AD, and in AD 2003-r2 they've fixed a good number of the compatibility issues between windows and non-windows hosts. There are also several companies that offer integration solutions for Unix+AD. I'll warn against "having another directory" unless you plan to keep the two in-sync. Multiple identity stores in a large organization never ends up helping. Here are a few links that may (or may not) be helpful: - http://www.quest.com/landing/?ID=1025&AdCode=GoogleAdTextADtoUnixLinuxJava06052007 - http://blog.scottlowe.org/2006/08/08/linux-active-directory-and-windows-server-2003-r2-revisited/ - http://gentoo-wiki.com/HOWTO_Active_Directory_with_Samba_and_Winbind -n -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Tue Jan 15 08:04:39 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FG43wA009049 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 08:04:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FG42wE009048 for sage-members-0utGoign; Tue, 15 Jan 2008 08:04:02 -0800 (PST) Received: from highlandsun.propagation.net (highlandsun.propagation.net [66.221.212.168]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FG2xL0009024 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 08:03:25 -0800 (PST) Received: from [127.0.0.1] (highlandsun.com [66.221.212.169]) by highlandsun.propagation.net (8.13.3/8.13.3) with ESMTP id m0FG2mXB016527; Tue, 15 Jan 2008 10:02:48 -0600 Message-ID: <478CD966.1080903@symas.com> Date: Tue, 15 Jan 2008 08:03:50 -0800 From: Howard Chu User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9b3pre) Gecko/2008010217 SeaMonkey/2.0a1pre MIME-Version: 1.0 To: Nathan Hruby CC: Erling Ringen Elvsrud , sage-members@sage.org Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Nathan Hruby wrote: > On Jan 15, 2008 5:50 AM, Erling Ringen Elvsrud wrote: >> Hello list, >> >> I work for a fairly large organization and will probably be involved >> in planning, installing and maintaining >> a LDAP based directory service this year. The directory will be >> mainly used to authenticate developers and systems administrators that >> need to access RH Linux servers (and also maybe HP-UX in the future). >> Microsoft AD is used elsewhere in the organization to authenticate >> users of Windows based desktop computers. The best solution would >> be to use AD to authenticate users of Unix computers as well, but I'm >> not sure if it is possible to make that solution work. > > Depending on your AD forest and how willing your AD admins are to > working with you, this is a perfectly viable option. Samba offers the > winbind daemon which can talk to AD, and in AD 2003-r2 they've fixed a > good number of the compatibility issues between windows and > non-windows hosts. There are also several companies that offer > integration solutions for Unix+AD. Yes, it can be made to work. But among all the things which AD does poorly (which is, most of them), LDAP authentication is one of the worst. I guess with only 200 active users you should be OK. (LDAP searching is pretty lame on AD too.) http://connexitor.com/blog/pivot/entry.php?id=185 > I'll warn against "having another directory" unless you plan to keep > the two in-sync. Multiple identity stores in a large organization > never ends up helping. Agrred, but sometimes it's a necessary evil, until a better solution can be deployed. (Though as we all know, temporary stopgap measures have a tendency to become permanent...) > Here are a few links that may (or may not) be helpful: > - http://www.quest.com/landing/?ID=1025&AdCode=GoogleAdTextADtoUnixLinuxJava06052007 > - http://blog.scottlowe.org/2006/08/08/linux-active-directory-and-windows-server-2003-r2-revisited/ > - http://gentoo-wiki.com/HOWTO_Active_Directory_with_Samba_and_Winbind > > -n -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ From sage-members-owner@usenix.org Tue Jan 15 08:53:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FGrfQ1011147 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 08:53:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FGrfFa011145 for sage-members-0utGoign; Tue, 15 Jan 2008 08:53:41 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FGrecg011138 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 08:53:40 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FGreHP011137 for sage-members@usenix.org; Tue, 15 Jan 2008 08:53:40 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.177]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FEWegv005333 for ; Tue, 15 Jan 2008 06:33:09 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so3690303pyb.10 for ; Tue, 15 Jan 2008 06:32:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=6o8WdctgppvIOT1PDPJKieSrEgeaRQbgfwPuqYZiPgk=; b=MYPjDbn6sDE7zlqJHlQ+Fll4OAK3WgTTleWYKyCzJmc7e73kdEd0lY7c84bvrWGmnxCW01YnCkjNsBgJmnXPk3OIEk8y+AI+K+26QOTuAIrvcej3S4UOIdoGWklyRrpX3qIsK/TU05Jtz9QzQBtUZ/dCYi7054i/fAo5lsD/Fbc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=a2nwscrBxnnb2sas63scYnn5l+b5IdF3h1BSLYX3kbD0o4niYn0oopIN/pDhnnhwL9ISZvnDAVElKjmfcuLfiSU4gelzdCXW8EPnG1WHYfxIKbEeo5jXdpgOaGvNc5UhJkdEXYvxj/c7LIC78Q5lrXCKK5ofH9GWx6ek5/uRcCI= Received: by 10.64.27.13 with SMTP id a13mr17405041qba.53.1200407556706; Tue, 15 Jan 2008 06:32:36 -0800 (PST) Received: by 10.65.96.18 with HTTP; Tue, 15 Jan 2008 06:32:36 -0800 (PST) Message-ID: Date: Tue, 15 Jan 2008 06:32:36 -0800 From: "Gary Richardson" To: "Erling Ringen Elvsrud" Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment Cc: sage-members@sage.org In-Reply-To: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_11000_28764045.1200407556669" References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_11000_28764045.1200407556669 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline > > With my limited LDAP experience I expect that the final solution will > consist of something like a writeable master (or 2 if possible) > accessible from all environments and read-only replicas in most other > environments (firewalls are opened to allow communication where > needed). > I don't have whitepapers, but I have run a similar setup using OpenLDAP -- around 100 servers in two locations. Unix logins, Qmail-LDAP, Apache, Asterisk and various directory web apps all used the database. There was a read/write master in one and a read only replica in the other. There was around 750MB of data in LDAP (all the employees had their pictures in LDAP, as well as a lot of mail server configuration). The LDAP servers were running in VMware virtual machines were very lightly loaded. At various times, we had up to 6 replicas running. I read an awesome article on exposing Active Directory LDAP so that you can use it for nss_ldap authentication. I can't seem to find it right now. Having linux boxes talk directly to AD via LDAP is possible. The key points in the article were: - you had to set up a 'guest' account to allow the unix boxes to connect to LDAP - you had to install the NIS schema -- even though you aren't using NIS, it provides the unix attributes for your objects - I believe you had to use ldaps ------=_Part_11000_28764045.1200407556669 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline
With my limited LDAP experience I expect that the final solution will
consist of something like a writeable master (or 2 if possible)
accessible from all environments and read-only replicas in most other
environments (firewalls are opened to allow communication where
needed).

I don't have whitepapers, but I have run a similar setup using OpenLDAP -- around 100 servers in two locations. Unix logins, Qmail-LDAP, Apache, Asterisk and various directory web apps all used the database. 

There was a read/write master in one and a read only replica in the other. There was around 750MB of data in LDAP (all the employees had their pictures in LDAP, as well as a lot of mail server configuration). The LDAP servers were running in VMware virtual machines were very lightly loaded. At various times, we had up to 6 replicas running.

I read an awesome article on exposing Active Directory LDAP so that you can use it for nss_ldap authentication. I can't seem to find it right now. Having linux boxes talk directly to AD via LDAP is possible. The key points in the article were:

- you had to set up a 'guest' account to allow the unix boxes to connect to LDAP
- you had to install the NIS schema -- even though you aren't using NIS, it provides the unix attributes for your objects
- I believe you had to use ldaps
------=_Part_11000_28764045.1200407556669-- From sage-members-owner@usenix.org Tue Jan 15 09:17:09 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FHGXnp012246 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 09:16:33 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FHGWrD012245 for sage-members-0utGoign; Tue, 15 Jan 2008 09:16:32 -0800 (PST) Received: from highlandsun.propagation.net (highlandsun.propagation.net [66.221.212.168]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FHFTlZ012210 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 09:15:55 -0800 (PST) Received: from [127.0.0.1] (highlandsun.com [66.221.212.169]) by highlandsun.propagation.net (8.13.3/8.13.3) with ESMTP id m0FHFFaQ017860; Tue, 15 Jan 2008 11:15:15 -0600 Message-ID: <478CEA61.70100@symas.com> Date: Tue, 15 Jan 2008 09:16:17 -0800 From: Howard Chu User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9b3pre) Gecko/2008010217 SeaMonkey/2.0a1pre MIME-Version: 1.0 To: Gary Richardson CC: Erling Ringen Elvsrud , sage-members@sage.org Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Gary Richardson wrote: > With my limited LDAP experience I expect that the final solution will > consist of something like a writeable master (or 2 if possible) > accessible from all environments and read-only replicas in most other > environments (firewalls are opened to allow communication where > needed). > > > I don't have whitepapers, but I have run a similar setup using OpenLDAP > -- around 100 servers in two locations. Unix logins, Qmail-LDAP, Apache, > Asterisk and various directory web apps all used the database. > > There was a read/write master in one and a read only replica in the > other. There was around 750MB of data in LDAP (all the employees had > their pictures in LDAP, as well as a lot of mail server configuration). > The LDAP servers were running in VMware virtual machines were very > lightly loaded. At various times, we had up to 6 replicas running. > > I read an awesome article on exposing Active Directory LDAP so that you > can use it for nss_ldap authentication. I can't seem to find it right > now. Having linux boxes talk directly to AD via LDAP is possible. The > key points in the article were: > > - you had to set up a 'guest' account to allow the unix boxes to connect > to LDAP Right, by default AD doesn't allow anonymous access. > - you had to install the NIS schema -- even though you aren't using NIS, > it provides the unix attributes for your objects Right. > - I believe you had to use ldaps You can also use StartTLS. By default, AD doesn't allow Simple Binds over unencrypted connections. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ From sage-members-owner@usenix.org Tue Jan 15 10:27:52 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FIRLfN015141 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 10:27:22 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FIRLNj015139 for sage-members-0utGoign; Tue, 15 Jan 2008 10:27:21 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FIQHuY015092 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 10:26:43 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0FIQ1pV031068; Tue, 15 Jan 2008 10:26:01 -0800 Message-ID: <478CFAB9.9020201@chycoski.com> Date: Tue, 15 Jan 2008 10:26:01 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Nathan Hruby CC: Erling Ringen Elvsrud , sage-members@sage.org Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Nathan Hruby wrote: > On Jan 15, 2008 5:50 AM, Erling Ringen Elvsrud wrote: > >> Hello list, >> >> I work for a fairly large organization and will probably be involved >> in planning, installing and maintaining >> a LDAP based directory service this year. The directory will be >> mainly used to authenticate developers and systems administrators that >> need to access RH Linux servers (and also maybe HP-UX in the future). >> Microsoft AD is used elsewhere in the organization to authenticate >> users of Windows based desktop computers. The best solution would >> be to use AD to authenticate users of Unix computers as well, but I'm >> not sure if it is possible to make that solution work. >> > > Depending on your AD forest and how willing your AD admins are to > working with you, this is a perfectly viable option. Samba offers the > winbind daemon which can talk to AD, and in AD 2003-r2 they've fixed a > good number of the compatibility issues between windows and > non-windows hosts. There are also several companies that offer > integration solutions for Unix+AD. > > I'll warn against "having another directory" unless you plan to keep > the two in-sync. Multiple identity stores in a large organization > never ends up helping. > > Here are a few links that may (or may not) be helpful: > - http://www.quest.com/landing/?ID=1025&AdCode=GoogleAdTextADtoUnixLinuxJava06052007 > - http://blog.scottlowe.org/2006/08/08/linux-active-directory-and-windows-server-2003-r2-revisited/ > - http://gentoo-wiki.com/HOWTO_Active_Directory_with_Samba_and_Winbind > > -n > If you're looking at Unix system authentication, rather than just Samba or Apache authentication, there are three main products at this point that will authenticate Linux systems against an AD server, with "full AD membership". They are OpenLDAP , Quest's Vintela Authentication Services and Centrify Direct Control . Which to choose depends on the size of your organisation (number of computers, number of user accounts, how intensively you use Unix groups and/or netgroups), what kind of support your organisationi requires, and, of course - your budget. The advantages of going this route include full AD access/integration and better AD security - you don't have to expose your AD infrastructure to an untrusted 'guest' account. The downside (for some people) - you have to manage your Unix accounts in AD. I actually considered this to be a plus because it meant that I could foist off the managing of the accounts to another team. :-) - Richard From sage-members-owner@usenix.org Tue Jan 15 11:11:25 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FJBCJn017007 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 11:11:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0FJBCIZ017006 for sage-members-0utGoign; Tue, 15 Jan 2008 11:11:12 -0800 (PST) Received: from mh1.mail.rice.edu (smtp2.mail.rice.edu [128.42.206.129]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0FJAKBJ016971 for ; Tue, 15 Jan 2008 11:10:45 -0800 (PST) Received: from mh1.mail.rice.edu (localhost.localdomain [127.0.0.1]) by mh1.mail.rice.edu (Postfix) with ESMTP id E9EBA13005D; Tue, 15 Jan 2008 12:52:11 -0600 (CST) X-Virus-Scanned: by amavis-2.4.4 at mh1.mail.rice.edu Received: from mh1.mail.rice.edu ([127.0.0.1]) by mh1.mail.rice.edu (mh1.mail.rice.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id twoggHXZZNTq; Tue, 15 Jan 2008 12:52:11 -0600 (CST) Received: from [127.0.0.1] (c-98-199-16-78.hsd1.tx.comcast.net [98.199.16.78]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mh1.mail.rice.edu (Postfix) with ESMTP id 5E99E130059; Tue, 15 Jan 2008 12:52:11 -0600 (CST) Message-ID: <478D0184.60505@rice.edu> Date: Tue, 15 Jan 2008 12:55:00 -0600 From: Roger Moye User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Erling Ringen Elvsrud CC: sage-members@sage.org Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> In-Reply-To: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=3% Sender: owner-sage-members@usenix.org Precedence: bulk I do not have any practical experience with binding Linux ldap clients to Windows Active Directory. However, last week I attended a Red Hat Directory Services class. One of our lessons included configuring Linux ldap clients to authenticate against a Windows AD. So it is definitely possible to bind a Linux client to a Windows AD using Openldap. Red Hat's knowledge base advertises the following URL that discusses this topic: http://gentoo-wiki.com/HOWTO_Adding_a_Samba_Server_into_an_existing_AD_Domain The document discusses authenticating against AD with ldap even though the URL name suggests otherwise. -Roger From sage-members-owner@usenix.org Tue Jan 15 17:19:22 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0G1IpI4003297 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 17:18:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0G1IpgY003296 for sage-members-0utGoign; Tue, 15 Jan 2008 17:18:51 -0800 (PST) Received: from toq9-srv.bellnexxia.net (toq9.bellnexxia.net [209.226.175.116]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0G1Hkf5003266 for ; Tue, 15 Jan 2008 17:18:11 -0800 (PST) Received: from toip3.srvr.bell.ca ([209.226.175.86]) by tomts10-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080116004515.UIIC1733.tomts10-srv.bellnexxia.net@toip3.srvr.bell.ca> for ; Tue, 15 Jan 2008 19:45:15 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ao8CAJjijEdMQz2O/2dsb2JhbACsIQ Received: from bas1-toronto09-1279475086.dsl.bell.ca (HELO [192.168.1.133]) ([76.67.61.142]) by toip3.srvr.bell.ca with ESMTP; 15 Jan 2008 19:41:55 -0500 In-Reply-To: References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <0A20FD2E-689B-4A30-9FB4-15480CDB50EF@ee.ryerson.ca> Cc: SAGE mailing list Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment Date: Tue, 15 Jan 2008 19:45:14 -0500 To: Nathan Hruby X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=28% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 15, 2008, at 10:21, Nathan Hruby wrote: > Here are a few links that may (or may not) be helpful: > - http://www.quest.com/landing/? > ID=1025&AdCode=GoogleAdTextADtoUnixLinuxJava06052007 > - http://blog.scottlowe.org/2006/08/08/linux-active-directory-and- > windows-server-2003-r2-revisited/ > - http://gentoo-wiki.com/HOWTO_Active_Directory_with_Samba_and_Winbind Note that all of these assume that you want single sign-on with Kerberos. It might be desirable to simply use AD to look up various attributes in a NIS-like directory look up system. In Windows 2003 R2 and newer, AD started to use more RFC2307-like schemas so things match the Unix world a lot more. Authentication can be done by looking up the password attribute or trying an LDAP bind with a DN constructed via the user name and password entered (the latter is more recommended I believe). From sage-members-owner@usenix.org Tue Jan 15 22:29:18 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0G6T6Xx011251 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 22:29:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0G6T6MM011250 for sage-members-0utGoign; Tue, 15 Jan 2008 22:29:06 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0G6SOj0011235 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 22:28:50 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0G6SFoW003005; Tue, 15 Jan 2008 22:28:15 -0800 Message-ID: <478DA3FF.7000200@chycoski.com> Date: Tue, 15 Jan 2008 22:28:15 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Howard Chu CC: Nathan Hruby , Erling Ringen Elvsrud , sage-members@sage.org Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> <478CD966.1080903@symas.com> In-Reply-To: <478CD966.1080903@symas.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Howard Chu wrote: > Nathan Hruby wrote: >> On Jan 15, 2008 5:50 AM, Erling Ringen Elvsrud >> wrote: >>> Hello list, >>> >>> I work for a fairly large organization and will probably be involved >>> in planning, installing and maintaining >>> a LDAP based directory service this year. The directory will be >>> mainly used to authenticate developers and systems administrators that >>> need to access RH Linux servers (and also maybe HP-UX in the future). >>> Microsoft AD is used elsewhere in the organization to authenticate >>> users of Windows based desktop computers. The best solution would >>> be to use AD to authenticate users of Unix computers as well, but I'm >>> not sure if it is possible to make that solution work. >> >> Depending on your AD forest and how willing your AD admins are to >> working with you, this is a perfectly viable option. Samba offers the >> winbind daemon which can talk to AD, and in AD 2003-r2 they've fixed a >> good number of the compatibility issues between windows and >> non-windows hosts. There are also several companies that offer >> integration solutions for Unix+AD. > > Yes, it can be made to work. But among all the things which AD does > poorly (which is, most of them), LDAP authentication is one of the > worst. I guess with only 200 active users you should be OK. (LDAP > searching is pretty lame on AD too.) Compared to what? AD is one of the *fastest* LDAP servers at delivering this kind of authentication data (individual entries from around 200-300k entries, for example), and since Windows 2003 even does a passable/respectable job of delivering large-directory data (larger entries from millions of records) if you configure it for that kind of data retrieval. For cross platform authentication, I would definitely recommend upgrading to Windows 2003 as Windows 2000 had a number of limitations in speed and characteristics like maximum size of a group. I've tested this with loads simulating thousands of active clients. I was trying to make it fail. I expected it to fail. It didn't! It even degraded gracefully - after I reached the maximum number of transactions per second, it leveled off - it didn't crowbar like our Solaris-based NIS+ servers. I've never found an LDAP server that is good at 'walking' a map (i.e., retrieving all of the entries like 'ypcat' for NIS), but AD is certainly no worse than the others (and better than most). This is why client-side caching is so crucial for anything except tiny maps. If you're going to use AD, I recommend doing Kerberos+LDAP and make your clients true members of the domain. This provides increased security and best interoperability (the Kerberos tickets work across platforms). - Richard From sage-members-owner@usenix.org Tue Jan 15 23:56:11 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0G7tcdB016226 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 15 Jan 2008 23:55:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0G7tc6P016205 for sage-members-0utGoign; Tue, 15 Jan 2008 23:55:38 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0G7sURP013305 for ; Tue, 15 Jan 2008 23:54:55 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 06CD27CC0AF; Wed, 16 Jan 2008 02:54:30 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 08764-08; Wed, 16 Jan 2008 02:54:27 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id A66667CC08B; Wed, 16 Jan 2008 02:54:27 -0500 (EST) Received: from [192.168.82.74] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0G7sNOs098694; Wed, 16 Jan 2008 02:54:26 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <478DA3FF.7000200@chycoski.com> References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> <478CD966.1080903@symas.com> <478DA3FF.7000200@chycoski.com> Date: Wed, 16 Jan 2008 01:49:29 -0600 To: Richard Chycoski , Howard Chu From: Brad Knowles Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment Cc: Nathan Hruby , Erling Ringen Elvsrud , sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.343 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.056, BAYES_00=-2.599] X-Spam-Score: -4.343 X-Spam-Level: X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=18% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/15/08, Richard Chycoski wrote: > Compared to what? AD is one of the *fastest* LDAP servers at delivering > this kind of authentication data (individual entries from around 200-300k > entries, for example), and since Windows 2003 even does a passable/ > respectable job of delivering large-directory data (larger entries from > millions of records) if you configure it for that kind of data retrieval. Howard knows this better than anyone, since he is the "Chief Architect, Developer" for OpenLDAP but may not feel like he can beat his own chest on this topic, I would like to point out the pages at , as well as the presentation at . In the PDF slides, pay particular attention to pages 25 and 39, as well as the additional data at . Unless you can prove that your software can search over 500k entries per second at a data rate of about 3.5GB/sec on a machine with a memory bandwidth of about 4GB/sec, I wouldn't be touting the performance of your preferred software as one of the reasons to choose it over anything else. Your preferred software may have features like better Windows integration, but it most likely does not have higher performance when compared against more recent versions of OpenLDAP. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 16 06:49:27 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GEnEp3012152 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 16 Jan 2008 06:49:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0GEnEST012151 for sage-members-0utGoign; Wed, 16 Jan 2008 06:49:14 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.233]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GEmMfj012104 for ; Wed, 16 Jan 2008 06:48:47 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c55so18903wra.11 for ; Wed, 16 Jan 2008 06:48:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=bZTHPUR/6BoYvtHfrib37zyd+GW3o/8yA723f1h9WNQ=; b=nlckfSuWkEFUPMYk0CcdkiV7ZH3s/Vgn/AIxe8ukag5KswGghhGwTlkSypUztpWwSz8o5qP8wn1C8vMpMdt1HLWZSCiDSmyGPhvi1kETTzMuJ3XMBOc2VmV1/lfO6QPhq1gbD2y9kXG2Bp55DlW/KPnw02TxG9kdPkOZL9M4BbI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=NR4HkG8c9fBYRS9MOvPpGyUo9YBdUCbF+WZ9dXNyN7xfz6e8yru2fgXgkTysDO3vIcVq8ZX383seoDxrtIFDxhePC652pYBV29n4+oymtXKDgtFPAeeZHQ4LrFKpVtc53X13K9ENXhEzDVMqBL0vdGib3rH9WQWcujasHIquVQM= Received: by 10.142.226.2 with SMTP id y2mr448774wfg.46.1200494513110; Wed, 16 Jan 2008 06:41:53 -0800 (PST) Received: by 10.143.33.15 with HTTP; Wed, 16 Jan 2008 06:41:53 -0800 (PST) Message-ID: Date: Wed, 16 Jan 2008 08:41:53 -0600 From: "Nathan Hruby" To: "Howard Chu" Subject: Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment Cc: "Erling Ringen Elvsrud" , sage-members@sage.org In-Reply-To: <478CD966.1080903@symas.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <664c5a070801150350o531c2cdel4a8c57f55d6b63f9@mail.gmail.com> <478CD966.1080903@symas.com> X-Google-Sender-Auth: f262bea4e8448e12 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 15, 2008 10:03 AM, Howard Chu wrote: > Nathan Hruby wrote: > > Depending on your AD forest and how willing your AD admins are to > > working with you, this is a perfectly viable option. Samba offers the > > winbind daemon which can talk to AD, and in AD 2003-r2 they've fixed a > > good number of the compatibility issues between windows and > > non-windows hosts. There are also several companies that offer > > integration solutions for Unix+AD. > > Yes, it can be made to work. But among all the things which AD does poorly > (which is, most of them), LDAP authentication is one of the worst. I guess > with only 200 active users you should be OK. (LDAP searching is pretty lame on > AD too.) LDAP on AD ain't the best, I agree. It works, but it's extra funky (still, it's better than the LDAP provider Lotus Notes has :). That's why I do suggest investigating winbind or one of the commercial solutions as well as the standard LDAP or LDAP+krb method. Which way works best for you will require some investigation, and it may be that none work well. My point is that since it's possible and viable, it's work a look and some experimentation to see if it's feasible for you in your environment before building another silo. > > http://connexitor.com/blog/pivot/entry.php?id=185 > > > I'll warn against "having another directory" unless you plan to keep > > the two in-sync. Multiple identity stores in a large organization > > never ends up helping. > > Agrred, but sometimes it's a necessary evil, until a better solution can be > deployed. (Though as we all know, temporary stopgap measures have a tendency > to become permanent...) It a lot of cases, AD is the better solution simple because lots of things work with it easily. If you work in an industry where 99% of the applications your users need only run on Windows, other alternatives tend to get expensive quickly just on interop costs alone. OTOH, I agree with you that sometimes you do need to end up running Yet Another Directory Service because of the interop issues. I said in the above "multiple identity stores" and I really don't know why I said that, my apologies. I meant "multiple identities" -- meaning that I believe you can have every single directory service ever invented in your environment and have it work well, so long as the identity information between them is consistently identical and that consistency is achieved without user interaction. Thanks, -n -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Wed Jan 16 07:03:54 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GF3Tci012983 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 16 Jan 2008 07:03:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0GF3T4u012981 for sage-members-0utGoign; Wed, 16 Jan 2008 07:03:29 -0800 (PST) Received: from mailer.hamilton.edu (mailer.hamilton.edu [150.209.8.97]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GF2bdr012903 for ; Wed, 16 Jan 2008 07:03:03 -0800 (PST) Received: from pmxchannel-daemon.mail.hamilton.edu by mail.hamilton.edu (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) id <0JUQ0000XSGMGE00@mail.hamilton.edu> for sage-members@sage.org; Wed, 16 Jan 2008 10:02:46 -0500 (EST) Received: from [150.209.91.154] (cs-2268-583.hamilton.edu [150.209.91.154]) by mail.hamilton.edu (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0JUQ002L0SGI3SA0@mail.hamilton.edu> for sage-members@sage.org; Wed, 16 Jan 2008 10:02:42 -0500 (EST) Date: Wed, 16 Jan 2008 10:02:28 -0500 From: Nick Brockner Subject: [SAGE] LPIC? To: sage-members@sage.org Message-id: <478E1C84.5040100@hamilton.edu> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7BIT User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=71% Sender: owner-sage-members@usenix.org Precedence: bulk Hi All, As far as vendor NON-specific certifications go, what do you all think of LPIC (Linux Professional Institute) certs (in terms of recognition)? They claim to be well known, but it seems that not many people know about them (in these parts at least). http://www.lpi.org Thanks, Nick From sage-members-owner@usenix.org Wed Jan 16 09:28:12 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GHRxwG018779 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 16 Jan 2008 09:27:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0GHRxx0018778 for sage-members-0utGoign; Wed, 16 Jan 2008 09:27:59 -0800 (PST) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.232]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GHR7ji018757 for ; Wed, 16 Jan 2008 09:27:32 -0800 (PST) Received: by nz-out-0506.google.com with SMTP id m7so333610nzf.29 for ; Wed, 16 Jan 2008 09:27:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=RO7go3NHpx/XBEJvnu/rcRiGPs6ECAYeP82aGhPNbhY=; b=yHyY+Fi/srJujHTr2yHQh8UJYt+Yy4s5dyHAgVfPNZosTt9R/jw1gVwpTk3qREW8DJn6G5Ak5aa1fwNrkI6bwwtMF5HGssKb7iqWDrrtUPe3Ns3fJYQWNIDZ8ueuU6AVlPOzmfWlKy9rh72cQGZ2/wMQQl0P5huF1t4eslvRs1U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=UCHKpo2S3MVr4vD2Y1hqECZrUzeZZ7yd5MOffb5xAV9IVOr4X2XIzniR/4qxhx2Z+6RJRAGnLBPAON8lGn4fwoEQaUUzZzNDuZJ1b/Qr5yGA49y7nvkyDv2zLEDLMv9/tWWoEWePGs+jdIu/fuYn4FTDjjn2ijolb6hcEIMcMzE= Received: by 10.141.161.6 with SMTP id n6mr719047rvo.201.1200504054964; Wed, 16 Jan 2008 09:20:54 -0800 (PST) Received: by 10.140.226.13 with HTTP; Wed, 16 Jan 2008 09:20:54 -0800 (PST) Message-ID: <701ea59b0801160920s598e7933yb91c3be2c7db2d1a@mail.gmail.com> Date: Wed, 16 Jan 2008 11:20:54 -0600 From: "Jeremiah Johnson" To: "Nick Brockner" Subject: Re: [SAGE] LPIC? Cc: sage-members@sage.org In-Reply-To: <478E1C84.5040100@hamilton.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <478E1C84.5040100@hamilton.edu> X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk I've never met a person with a LPIC, and most people that I talk to don't know what it is either. Maybe they are one of the most well known in some Linux circles, I've never had a potential employer ask about LPIC, but I've had many ask about RHCE. -miah On Jan 16, 2008 9:02 AM, Nick Brockner wrote: > Hi All, > > As far as vendor NON-specific certifications go, what do you all think > of LPIC (Linux Professional Institute) certs (in terms of recognition)? > They claim to be well known, but it seems that not many people know > about them (in these parts at least). > > http://www.lpi.org > > Thanks, > Nick > From sage-members-owner@usenix.org Wed Jan 16 10:11:22 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GIBLLl020485 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 16 Jan 2008 10:11:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0GIBLVK020484 for sage-members-0utGoign; Wed, 16 Jan 2008 10:11:21 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GIAbYu020459 for ; Wed, 16 Jan 2008 10:11:03 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so195744wxc.26 for ; Wed, 16 Jan 2008 10:10:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=o6JnSo1k05AOtZEUXNTSe/KCZgvOwD0fA9RLw2n2xxg=; b=FlSbfHbUvAkTVSzVSE6ICJffgE2NCT9kk7iz4+zsEy7ZbZ1jWio0AZrT7ply5x6jBH+MFYseKoRSCUxzb/a4iEWBS8QlAJyPfR/CB4QLEEOjeazzPN7D1TLHipJqpPsMg89B+Woe5AOlaQc1ZU6Gmo2UE8na7IkoJWqSjtBSwkc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=I+a0sJQk+aoWzQn7HpKJIySDsiy+00u1RirGsPhyrDBRKrL7XLtZ/l2rUfuaVGufiOY9vubtuFjvSOsH1aFIeghwx9oQS75G1syUtUf5F5f53t78mQG/ave1h1VmzzSLGHiuP5XkJLs9t1PyE+ryUt1xu3YOkoW1DK2AYgL6Oeo= Received: by 10.143.53.7 with SMTP id f7mr615041wfk.217.1200507028443; Wed, 16 Jan 2008 10:10:28 -0800 (PST) Received: by 10.143.33.15 with HTTP; Wed, 16 Jan 2008 10:10:28 -0800 (PST) Message-ID: Date: Wed, 16 Jan 2008 12:10:28 -0600 From: "Nathan Hruby" To: "Jeremiah Johnson" Subject: Re: [SAGE] LPIC? Cc: "Nick Brockner" , sage-members@sage.org In-Reply-To: <701ea59b0801160920s598e7933yb91c3be2c7db2d1a@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <478E1C84.5040100@hamilton.edu> <701ea59b0801160920s598e7933yb91c3be2c7db2d1a@mail.gmail.com> X-Google-Sender-Auth: 2c3bd96939c74915 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 16, 2008 11:20 AM, Jeremiah Johnson wrote: > I've never met a person with a LPIC, and most people that I talk to > don't know what it is either. Maybe they are one of the most well > known in some Linux circles, I've never had a potential employer ask > about LPIC, but I've had many ask about RHCE. As an interviewee, I've only been asked about LPI certification from 2 places. Both of those places had Linux at the core of their business model, so they *should* be asking about it. Both of those places also asked about RHCE certification as well. I've also been asked about A+, MSXX, or Oracle certification from pretty much everyone else. When interviewers give me the "what's that?" look when mentioning LPI it's always a small red-flag for me about how well engaged the company is with the professional community. I follow that up with "Does the company reimburse for professional organization membership fees. You know, for like LOPSA, SAGE or USENIX?" I don't put my now out-dated Mirapoint Certification on my resume though :-) As someone who has reviewed appliactions and taken part in interviews, I've *never* seen resume cross my desk that makes mention of a LPI cert. But if one ever did, it'd probably float to the top of my list, as would RHCE, or even better RHCA (does anyone hold anything higher than an RHCE who doesn't work for Red Hat or do training?). The LPI cert tests are non-trivial and as far as I can tell a valid enough indicator of cluefulness to warrant a interview or at least a phone screen. -n -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Wed Jan 16 10:29:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GITJQg021474 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 16 Jan 2008 10:29:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0GITJmh021472 for sage-members-0utGoign; Wed, 16 Jan 2008 10:29:19 -0800 (PST) Received: from marlin.bio.umass.edu (marlin.bio.umass.edu [128.119.55.19]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0GISI8x021380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 16 Jan 2008 10:28:49 -0800 (PST) Received: from peredhil.bio.umass.edu (peredhil.bio.umass.edu [128.119.54.86]) (authenticated bits=0) by marlin.bio.umass.edu (8.13.6/8.13.6) with ESMTP id m0GISFCn023397 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Jan 2008 13:28:15 -0500 (EST) Message-ID: <478E4CC0.9000401@bio.umass.edu> Date: Wed, 16 Jan 2008 13:28:16 -0500 From: Chris Hoogendyk User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: Jeremiah Johnson CC: Nick Brockner , sage-members@sage.org Subject: Re: [SAGE] LPIC? References: <478E1C84.5040100@hamilton.edu> <701ea59b0801160920s598e7933yb91c3be2c7db2d1a@mail.gmail.com> In-Reply-To: <701ea59b0801160920s598e7933yb91c3be2c7db2d1a@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (marlin.bio.umass.edu [128.119.55.19]); Wed, 16 Jan 2008 13:28:15 -0500 (EST) X-Scanned-By: MIMEDefang 2.54 on 128.119.55.19 X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Jeremiah Johnson wrote: > I've never met a person with a LPIC, and most people that I talk to > don't know what it is either. Maybe they are one of the most well > known in some Linux circles, I've never had a potential employer ask > about LPIC, but I've had many ask about RHCE. > > -miah > > On Jan 16, 2008 9:02 AM, Nick Brockner wrote: > >> Hi All, >> >> As far as vendor NON-specific certifications go, what do you all think >> of LPIC (Linux Professional Institute) certs (in terms of recognition)? >> They claim to be well known, but it seems that not many people know >> about them (in these parts at least). >> >> http://www.lpi.org Typically, if it's techies interviewing techies, no amount of certs makes any difference. You'll just have to answer in explicit detail questions such as how to build a new kernel, how drivers work with respect to the kernel, how to set up virtual interfaces and routing, etc., etc. They'll know whether you know your stuff. It's like sparring or playing chess -- looking for your weak points and maybe being impressed by your strong points. On the other hand, if you're being interviewed by people who count certs, it could be that you don't really want to work for them anyway. At one company I was with, prospective programmers crashed after dinner with a group of programmers who rented a house together. They stayed up late socializing, playing games on their 60" display (in the mid '90's), and talking about programming and the industry. When they finally found someone they liked, he hit the ground full speed and had a rewrite of a significant product done in 6 months with major improvements, including reorganizing the code and taking it from C to C++. Managers who count certs wouldn't have even been able to recognize the qualities required to do that. --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology & Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erdös 4 From sage-members-owner@usenix.org Thu Jan 17 09:09:15 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0HH9E0u011416 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 17 Jan 2008 09:09:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0HH9EBB011415 for sage-members-0utGoign; Thu, 17 Jan 2008 09:09:14 -0800 (PST) Received: from MSXYVR1.ds.mda.ca (mail.mda.ca [142.73.64.14]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0HH8sLo011398 for ; Thu, 17 Jan 2008 09:09:00 -0800 (PST) Received: from VMXYVR1.ds.mda.ca ([142.73.129.70]) by MSXYVR1.ds.mda.ca with Microsoft SMTPSVC(6.0.3790.3959); Thu, 17 Jan 2008 09:00:23 -0800 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: [SAGE] Unwanted users on home wireless network Date: Thu, 17 Jan 2008 09:00:21 -0800 Message-ID: <57F67688A8D72449AC80164DA9820831039D8471@VMXYVR1.ds.mda.ca> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Unwanted users on home wireless network Thread-Index: AchZKm8oV5bohiO7RjCIB5UHZuwDrg== From: "John LLOYD" To: X-OriginalArrivalTime: 17 Jan 2008 17:00:23.0804 (UTC) FILETIME=[734DDBC0:01C8592A] X-DCC-Usenix-Metrics: voyager; whitelist X-DCC-Usenix-Metrics: voyager 1010; Body=1 Fuz1=1 Fuz2=1 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id m0HH9DLo011410 Sender: owner-sage-members@usenix.org Precedence: bulk I've been wondering what to do about this, and saw this reference. Beautiful! http://www.ex-parrot.com/~pete/upside-down-ternet.html --John From sage-members-owner@usenix.org Thu Jan 17 10:29:50 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0HITJiW015074 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 17 Jan 2008 10:29:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0HITJ6T015073 for sage-members-0utGoign; Thu, 17 Jan 2008 10:29:19 -0800 (PST) Received: from s200aog17.obsmtp.com (s200aog17.obsmtp.com [207.126.144.131]) by usenix.org (8.13.6/8.13.6) with SMTP id m0HISF6K015033 for ; Thu, 17 Jan 2008 10:28:41 -0800 (PST) Received: from source ([209.85.132.248]) by eu1sys200aob017.postini.com ([207.126.147.11]) with SMTP; Thu, 17 Jan 2008 18:28:09 UTC Received: by an-out-0708.google.com with SMTP id c25so166199ana.92 for ; Thu, 17 Jan 2008 10:28:09 -0800 (PST) Received: by 10.150.57.5 with SMTP id f5mr659641yba.140.1200592982183; Thu, 17 Jan 2008 10:03:02 -0800 (PST) Received: by 10.150.140.12 with HTTP; Thu, 17 Jan 2008 10:03:02 -0800 (PST) Message-ID: <21606dcf0801171003l13b447dasbc3c83f54189937b@mail.gmail.com> Date: Thu, 17 Jan 2008 19:03:02 +0100 From: "Sam Johnston" To: "John LLOYD" Subject: Re: [SAGE] Unwanted users on home wireless network Cc: sage-members@usenix.org In-Reply-To: <57F67688A8D72449AC80164DA9820831039D8471@VMXYVR1.ds.mda.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <57F67688A8D72449AC80164DA9820831039D8471@VMXYVR1.ds.mda.ca> X-DCC-Usenix-Metrics: voyager 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=50% Sender: owner-sage-members@usenix.org Precedence: bulk So once upon a time (over 10 years ago now) I worked for this university down under where I ran this proxy server (squid) with a script (calamaris) so as to identify and shame the top talkers. It was quite effective for a while but given some of the students were cleverer than I (eg Matt Chapman of rdesktop and Samba fame, though he was on my side enforcing quotas rather than circumventing them) I had to run a bleeding edge version to get at some feature (ldap auth or something like that) on this flaky, bleeding edge (at the time) dual PPro200 hardware that wouldn't run NT 4 without constant BSODs. All was well until one day something went horribly wrong whereby squid got all confused about which resource it had put where and started serving up content (apparently) randomly. Normally this wouldn't be so much the problem (security concerns aside), except that most of the content in this particular cache was pr0n and even back then browsers were apparently fairly resilient when it came to serving up content which didn't match the mime type. Hilarity ensued, I got dragged out of bed and did a 'squid -z' or some such thing and eventually ended up writing a netfilter IP quota module that I believe is still in use today: http://www.koders.com/c/fidAE6B40283E024623640D053328B5B446C84E3B02.aspx My point is simply that a proxy that could be made to deliberately mix up resources could be equally entertaining and would be easier on the CPU and memory as well. Could be a good way to get plausible deniability (http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html) without a bandwidth bill! Sam On Jan 17, 2008 6:00 PM, John LLOYD wrote: > I've been wondering what to do about this, and saw this reference. > Beautiful! > > > http://www.ex-parrot.com/~pete/upside-down-ternet.html > > > > --John > > From sage-members-owner@usenix.org Fri Jan 18 20:46:12 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0J4jQRM003380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 18 Jan 2008 20:45:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0J4jQ2R003379 for sage-members-0utGoign; Fri, 18 Jan 2008 20:45:26 -0800 (PST) Received: from iguana.igtc.com (iguana.igtc.com [66.139.77.15]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0J4igl0003364 for ; Fri, 18 Jan 2008 20:44:47 -0800 (PST) Received: by iguana.igtc.com (Postfix, from userid 504) id 5DAF910C0F1; Fri, 18 Jan 2008 22:34:29 -0600 (CST) X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on iguana.igtc.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=10.0 tests=AWL autolearn=ham version=3.1.8 Received: from ignoble.igtc.com (ignoble.igtc.com [74.95.195.162]) by iguana.igtc.com (Postfix) with ESMTP id 6B2FF10C0AD; Fri, 18 Jan 2008 22:34:22 -0600 (CST) Received: by ignoble.igtc.com (Postfix, from userid 501) id 789F2DE9EF8; Fri, 18 Jan 2008 20:34:20 -0800 (PST) Date: Fri, 18 Jan 2008 20:34:20 -0800 From: "Paul M. Moriarty" To: John LLOYD Cc: sage-members@usenix.org Subject: Re: [SAGE] Unwanted users on home wireless network Message-ID: <20080119043420.GE11943@ignoble.igtc.com> References: <57F67688A8D72449AC80164DA9820831039D8471@VMXYVR1.ds.mda.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <57F67688A8D72449AC80164DA9820831039D8471@VMXYVR1.ds.mda.ca> User-Agent: Mutt/1.5.17 (2007-11-01) X-DCC--Metrics: ; whitelist X-DCC--Metrics: 1356; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk John LLOYD writes: > I've been wondering what to do about this, and saw this reference. > Beautiful! > > > http://www.ex-parrot.com/~pete/upside-down-ternet.html > Cute. It used to be sarcastically said that an engineer was somebody who spent $100 to solve a $5 problem. I guess the same can be said about certain sysadmins these days. :) I'm with Bruce Schneier on this. I don't secure my wireless. Not at all (the machines that sit on it are a different story :) http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html - Paul - From sage-members-owner@usenix.org Sat Jan 19 08:11:26 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0JGAuqw007327 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 19 Jan 2008 08:10:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0JGAt2G007326 for sage-members-0utGoign; Sat, 19 Jan 2008 08:10:56 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0JGAIpC007309 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 19 Jan 2008 08:10:18 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0JGAI2R007308 for sage-members@usenix.org; Sat, 19 Jan 2008 08:10:18 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.176]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0J1sMc2029238 for ; Fri, 18 Jan 2008 17:54:47 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so1840203pyb.10 for ; Fri, 18 Jan 2008 17:54:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=VBVIE9MXRjfly5g5NinPEkqyEpf5AxZsVeiGQzi8h/k=; b=ub3r4P9wl2L1UgxMn2nOm9c9Pont/0zqebN8BJgYbnJJpoAdKId/tMyI3PVAbVSsm8OGGQH0RTP5ARcvQLYN8kGnMaT6P3KutQrcjRaFTMTYByNJxiMfO3Gxd/TFv5Rjp37HHwS1tzayC7iDiP82a/JzEEqZX4R3nDLAHW7Os1Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=fxkonlXgmuUWAA2pAfyvvaRllYjtBlSOAS4oTapa2j4xQWkGa3LxwtQWfFSblkwZvXkZ+tAgrzyfjADZ/u88HgAMBNBw8xqif42aIeedtm1rKGh4aay1EXkUTy0EZuuaRHlLFwyz+vzsTgtJ9TENTQKVqXFAIQJsk6X0wR3SvAE= Received: by 10.35.44.16 with SMTP id w16mr4546837pyj.13.1200707660931; Fri, 18 Jan 2008 17:54:20 -0800 (PST) Received: by 10.35.60.6 with HTTP; Fri, 18 Jan 2008 17:54:20 -0800 (PST) Message-ID: Date: Fri, 18 Jan 2008 20:54:20 -0500 From: "Rodrick Brown" To: "Sage Members" Subject: [SAGE] Sun acquires MySQL MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_6043_7454144.1200707660923" X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=12% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_6043_7454144.1200707660923 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline http://www.sun.com/aboutsun/pr/2008-01/sunflash.20080116.1.xml Not sure why Sun waited until the very last minute to do this, this acquistion should have happened many years ago I think its a bit too late but who knows. Just imagine how many MySQL support licenses they could have sold with E450's V880's etc.. -- Rodrick R. Brown http://www.rodrickbrown.com ------=_Part_6043_7454144.1200707660923 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline
 
Not sure why Sun waited until the very last minute to do this, this acquistion should have happened many years ago I think its a bit too late but who knows.
Just imagine how many MySQL support licenses they could have sold with E450's V880's etc..

--
Rodrick R. Brown
http://www.rodrickbrown.com
------=_Part_6043_7454144.1200707660923-- From sage-members-owner@usenix.org Sat Jan 19 08:27:02 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0JGQQ5X007923 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 19 Jan 2008 08:26:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0JGQQBE007922 for sage-members-0utGoign; Sat, 19 Jan 2008 08:26:26 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.186]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0JGPOIM007875 for ; Sat, 19 Jan 2008 08:25:49 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so1443288rvb.59 for ; Sat, 19 Jan 2008 08:25:18 -0800 (PST) Received: by 10.143.40.18 with SMTP id s18mr853738wfj.168.1200759918211; Sat, 19 Jan 2008 08:25:18 -0800 (PST) Received: by 10.142.142.7 with HTTP; Sat, 19 Jan 2008 08:25:18 -0800 (PST) Message-ID: <523a2afd0801190825p2512d429x9323d814e6b7eb29@mail.gmail.com> Date: Sat, 19 Jan 2008 16:25:18 +0000 From: "Kate Harris" To: "Sage Members" Subject: Re: [SAGE] Sun acquires MySQL In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On 19/01/2008, Rodrick Brown wrote: > http://www.sun.com/aboutsun/pr/2008-01/sunflash.20080116.1.xml > > Not sure why Sun waited until the very last minute to do this, this > acquistion should have happened many years ago I think its a bit too late > but who knows. > Just imagine how many MySQL support licenses they could have sold with > E450's V880's etc.. Not sure how this will work now in practical terms with Oracle owning innoDB. Yes, innoDB is still open source, but could Oracle change their mind on that at any time? My grasp of the details is sketchy at best, but it's still something that sprang to mind when I saw the press release last week. K -- http://www.totkat.org/ From sage-members-owner@usenix.org Sat Jan 19 15:15:10 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0JNEeAB018440 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 19 Jan 2008 15:14:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0JNEe9M018439 for sage-members-0utGoign; Sat, 19 Jan 2008 15:14:40 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0JNDv6r018407 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 19 Jan 2008 15:13:58 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0JNDvHw018406 for sage-members@usenix.org; Sat, 19 Jan 2008 15:13:57 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.181]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0JGqswc008996 for ; Sat, 19 Jan 2008 08:53:24 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so2052788pyb.10 for ; Sat, 19 Jan 2008 08:52:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=9MdanIxDI2TnOp1B/O2gvjN5oLTlxIsUK3nxVJmKl58=; b=LhQ2ZDh2JT1pvkIeWNQIN+ZuE2Du5KFmWQNThiV6tfZlTcftk8k/E5fus9OwTQ569BvqAbyPw0Ef/jFUkrfeHY9m+R9knjwYDV7hJtErFzmDEBnzY3L5JoX8z1RDdwRzYwPhzeIYQf62cQkCeZ34/9NEWveqd5pTI2nIrEnIsho= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=RKeoc6zUNIBJGvT3MzpYPNFkbS01atTR2CN9n/AqX/+i/QAJLdG2UqRF15JgyZdC0B4XEs7dos3Dd+OCXY58C0y7VRcqamKRrebdIyfWTr3jt2JnR73y3cN6a1uZwHFJOE+g6v1ixgx85PoizOTpkbLMzfCnjTQMu6wwMn3GZus= Received: by 10.35.82.16 with SMTP id j16mr5349604pyl.57.1200761568875; Sat, 19 Jan 2008 08:52:48 -0800 (PST) Received: by 10.35.60.6 with HTTP; Sat, 19 Jan 2008 08:52:48 -0800 (PST) Message-ID: Date: Sat, 19 Jan 2008 11:52:48 -0500 From: "Rodrick Brown" To: "Kate Harris" Subject: Re: [SAGE] Sun acquires MySQL Cc: "Sage Members" In-Reply-To: <523a2afd0801190825p2512d429x9323d814e6b7eb29@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_6770_31172959.1200761568869" References: <523a2afd0801190825p2512d429x9323d814e6b7eb29@mail.gmail.com> X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_6770_31172959.1200761568869 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Jan 19, 2008 11:25 AM, Kate Harris wrote: > On 19/01/2008, Rodrick Brown wrote: > > http://www.sun.com/aboutsun/pr/2008-01/sunflash.20080116.1.xml > > > > Not sure why Sun waited until the very last minute to do this, this > > acquistion should have happened many years ago I think its a bit too > late > > but who knows. > > Just imagine how many MySQL support licenses they could have sold with > > E450's V880's etc.. > > Not sure how this will work now in practical terms with Oracle owning > innoDB. Yes, innoDB is still open source, but could Oracle change > their mind on that at any time? My grasp of the details is sketchy at > best, but it's still something that sprang to mind when I saw the > press release last week. > Remember InnoDB is just a storage engine for MySQL and its GPL, MyISAM is still the most used storage engine for MySQL and its also the default engine so I dont see this being too much of an issue. My guess Sun will probably engineering a much better ACID compliant enterprise ready storage engine for MySQL over time or license InnoDB if need be. This is still an interesting acquisition for Sun. > > K > -- > http://www.totkat.org/ > -- Rodrick R. Brown http://www.rodrickbrown.com ------=_Part_6770_31172959.1200761568869 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline
On Jan 19, 2008 11:25 AM, Kate Harris <kat@totkat.org> wrote:
On 19/01/2008, Rodrick Brown <rodrick.brown@gmail.com> wrote:
> http://www.sun.com/aboutsun/pr/2008-01/sunflash.20080116.1.xml
>
> Not sure why Sun waited until the very last minute to do this, this
> acquistion should have happened many years ago I think its a bit too late
> but who knows.
> Just imagine how many MySQL support licenses they could have sold with
> E450's V880's etc..

Not sure how this will work now in practical terms with Oracle owning
innoDB.  Yes, innoDB is still open source, but could Oracle change
their mind on that at any time?  My grasp of the details is sketchy at
best, but it's still something that sprang to mind when I saw the
press release last week.
 
Remember InnoDB is just a storage engine for MySQL and its GPL, MyISAM is still the most used storage engine for MySQL and its also the default engine so I dont see this being too much of an issue. My guess Sun will probably engineering a much better ACID compliant enterprise ready storage engine for MySQL over time or license InnoDB if need be. This is still an interesting acquisition for Sun.
 

K
--
http://www.totkat.org/



--
Rodrick R. Brown
http://www.rodrickbrown.com ------=_Part_6770_31172959.1200761568869-- From sage-members-owner@usenix.org Sun Jan 20 10:29:46 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0KISnj8026374 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 20 Jan 2008 10:29:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0KISnpE026372 for sage-members-0utGoign; Sun, 20 Jan 2008 10:28:49 -0800 (PST) Received: from vms046pub.verizon.net (vms046pub.verizon.net [206.46.252.46]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0KIRjgG026203 for ; Sun, 20 Jan 2008 10:28:10 -0800 (PST) Received: from jantman.dyndns.org ([72.76.253.249]) by vms046.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0JUY00211GLMZXV3@vms046.mailsrvcs.net> for sage-members@sage.org; Sun, 20 Jan 2008 12:27:22 -0600 (CST) Received: from [192.168.2.21] (ool-44c4f709.dyn.optonline.net [68.196.247.9]) by jantman.dyndns.org (Postfix) with ESMTP id 7E0536EEB9; Sun, 20 Jan 2008 13:26:38 -0500 (EST) Date: Sun, 20 Jan 2008 13:27:33 -0500 From: Jason Antman Subject: Re: [SAGE] Sun acquires MySQL In-reply-to: To: Rodrick Brown , sage-members@sage.org Message-id: <47939295.8060200@jasonantman.com> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit OpenPGP: id=34EE2F92 X-Enigmail-Version: 0.95.3 References: <523a2afd0801190825p2512d429x9323d814e6b7eb29@mail.gmail.com> User-Agent: Thunderbird 2.0.0.6 (X11/20070801) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=6% Sender: owner-sage-members@usenix.org Precedence: bulk Speaking simply of my own opinion (I'm an intern at Sun, this has nothing to do with my Sun affiliation) - Oracle and Sun have a very good relationship - Oracle is one of Sun's most important ISVs. I highly doubt, at least in the short term, that Oracle would make any move against Sun's new acquisition. I've heard a lot of worry about Sun controlling MySQL - everything from "the sky is falling" (Sun essentially turning MySQL into a mainly proprietary product with a small free version) to worries about Sun pushing Solaris (OpenSolaris) and Java as a replacement for the LAMP stack. The general feeling that I've gotten lately is that Sun is trying to be all about options (rather than the old-world proprietary mindset). Java's Free software now. Solaris has been opened as well. I don't get the feeling that acquiring MySQL is about pushing Solaris instead of Linux, or that it will cause Sun to ignore PostgreSQL or Oracle/Solaris products. It's about options. Just look at Sun in the news lately - more and more Intel-based commodity hardware, Solaris, Linux, or even Windows on Sun Hardware, Java, OpenSolaris... Whatever you want, Sun can help. Everything from million-dollar Enterprise servers running Trusted Solaris and giant Oracle databases to Intel-based 1U or 2U LAMP servers - or even, now, LAMP servers on non-Sun hardware. (Though why anyone with the money to do so wouldn't buy Sun hardware, I have no idea). -Jason Antman (I'm the Sun Campus Ambassador for Rutgers University. All of this is simply my own opinion, and in no way reflects the views of Sun. As an intern, they don't tell me anything confidential enough to come up with anything more informed than my own opinions from reading the news.) Rodrick Brown wrote: > On Jan 19, 2008 11:25 AM, Kate Harris > wrote: > > On 19/01/2008, Rodrick Brown > wrote: > > http://www.sun.com/aboutsun/pr/2008-01/sunflash.20080116.1.xml > > > > Not sure why Sun waited until the very last minute to do this, this > > acquistion should have happened many years ago I think its a bit > too late > > but who knows. > > Just imagine how many MySQL support licenses they could have > sold with > > E450's V880's etc.. > > Not sure how this will work now in practical terms with Oracle owning > innoDB. Yes, innoDB is still open source, but could Oracle change > their mind on that at any time? My grasp of the details is sketchy at > best, but it's still something that sprang to mind when I saw the > press release last week. > > > Remember InnoDB is just a storage engine for MySQL and its GPL, MyISAM > is still the most used storage engine for MySQL and its also the > default engine so I dont see this being too much of an issue. My guess > Sun will probably engineering a much better ACID compliant enterprise > ready storage engine for MySQL over time or license InnoDB if need > be. This is still an interesting acquisition for Sun. > > > > K > -- > http://www.totkat.org/ > > > > > -- > Rodrick R. Brown > http://www.rodrickbrown.com From sage-members-owner@usenix.org Sun Jan 20 13:22:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0KLMO9L011016 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 20 Jan 2008 13:22:24 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0KLMNin011014 for sage-members-0utGoign; Sun, 20 Jan 2008 13:22:24 -0800 (PST) Received: from toq8-srv.bellnexxia.net (bc.sympatico.ca [209.226.175.204]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0KLLVLT010961 for ; Sun, 20 Jan 2008 13:21:57 -0800 (PST) Received: from toip4.srvr.bell.ca ([209.226.175.87]) by tomts5-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080120204718.GFKQ17217.tomts5-srv.bellnexxia.net@toip4.srvr.bell.ca> for ; Sun, 20 Jan 2008 15:47:18 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAANZBk0dMQz5d/2dsb2JhbAAIqyY Received: from bas1-toronto09-1279475293.dsl.bell.ca (HELO [192.168.1.133]) ([76.67.62.93]) by toip4.srvr.bell.ca with ESMTP; 20 Jan 2008 15:49:12 -0500 In-Reply-To: References: <523a2afd0801190825p2512d429x9323d814e6b7eb29@mail.gmail.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <4F42D448-93B1-411B-9CE1-DFB79431EBDC@ee.ryerson.ca> Cc: "Kate Harris" , "Sage Members" Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Sun acquires MySQL Date: Sun, 20 Jan 2008 15:47:12 -0500 To: Rodrick Brown X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=56% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 19, 2008, at 11:52, Rodrick Brown wrote: > Remember InnoDB is just a storage engine for MySQL and its GPL, > MyISAM is > still the most used storage engine for MySQL and its also the > default engine > so I dont see this being too much of an issue. My guess Sun will > probably > engineering a much better ACID compliant enterprise ready storage > engine for > MySQL over time or license InnoDB if need be. This is still an > interesting > acquisition for Sun. A new ACID, MVCC system is being developed already: http://forge.mysql.com/wiki/Falcon From sage-members-owner@usenix.org Mon Jan 21 21:30:11 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0M5Tbp2017498 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 21 Jan 2008 21:29:58 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0M5TbkI017497 for sage-members-0utGoign; Mon, 21 Jan 2008 21:29:37 -0800 (PST) Received: from relay00.pair.com (relay00.pair.com [209.68.5.9]) by usenix.org (8.13.6/8.13.6) with SMTP id m0M5Suf2017459 for ; Mon, 21 Jan 2008 21:29:22 -0800 (PST) Received: (qmail 64721 invoked by uid 0); 22 Jan 2008 05:28:44 -0000 Received: from unknown (HELO ?66.119.212.42?) (unknown) by unknown with SMTP; 22 Jan 2008 05:28:44 -0000 X-pair-Authenticated: 66.119.212.42 Message-ID: <47957F0A.8010606@deaddrop.org> Date: Mon, 21 Jan 2008 21:28:42 -0800 From: Lynda Organization: dig @localhost TXT CHAOS version.bind User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.11) Gecko/20050728 X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE Members Subject: [SAGE] Re: CHIMIT 2008 - SUMISSIONS DEADLINES MOVED BACK References: In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=4% Sender: owner-sage-members@usenix.org Precedence: bulk Just received this hideous bunch of mime, and it took me a minute or two to figure out why. It's from George Engelbeck (and George, if you're on the list, all that rich text stuff is rude), and was sent via sage-announce, which means that someone, somewhere, approved it. Usually, when I receive this kind of thing, my membership number is part of the message, it's in plain text, and it's not a bcc to me, and gets filtered right where it should be. I say "Aha. There's a new message from Usenix." and then I read it. George Engelbeck wrote: > There are new deadlines for CHIMIT08 – The ACM 2008 Symposium on > Computer Human Interaction for Management of > > Information Technology > [snip rest] Ignoring the issue of whether or not Microsoft (rather than the ACM or USENIX) should be sending this, it would have been polite to follow the usual standards for such announcements. I know, I know, I'm so touchy. Still, I'm not wrong. -- The avalanche has already started. It is too late for the pebbles to vote. Ambassador Kosh, Babylon 5 From sage-members-owner@usenix.org Tue Jan 22 02:18:43 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MAIUMN008217 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 02:18:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0MAIUKH008216 for sage-members-0utGoign; Tue, 22 Jan 2008 02:18:30 -0800 (PST) Received: from hexogen.explosive.net (hexogen.explosive.net [64.142.102.5]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MAHlWg008192 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Tue, 22 Jan 2008 02:18:13 -0800 (PST) Received: by hexogen.explosive.net (Postfix, from userid 518) id B835066C056; Tue, 22 Jan 2008 02:17:47 -0800 (PST) Subject: Re: [SAGE] Re: CHIMIT 2008 - SUMISSIONS DEADLINES MOVED BACK To: sage-members@usenix.org Date: Tue, 22 Jan 2008 05:17:47 -0500 (EST) In-Reply-To: <47957F0A.8010606@deaddrop.org> from "Lynda" at Jan 21, 2008 09:28:42 PM From: "Adam Moskowitz" Reply-To: adamm@menlo.com X-Mailer: ELM [version 2.5 PL6] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20080122101747.B835066C056@hexogen.explosive.net> X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: 1049; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Lynda wrote: > Ignoring the issue of whether or not Microsoft (rather than the ACM or > USENIX) should be sending this George Engelbeck is on the CHIMIT program committee and is responsible for publicity so in my oppinopn it's not at all unreasonable that the message is "from" Microsoft. At least, not any more unreasonable than if Mary Baker had sent a similar message "from" HP Labs regarding FAST '08 or Mario Obejas had sent one "from" Raytheon for LISA '08. > it would have been polite to follow the usual standards for such > announcements. While I agree in principle, this conference is only co-sponsored by USENIX (ACM got top billing) so I don't expect them to follow USENIX's "rules." AdamM From sage-members-owner@usenix.org Tue Jan 22 06:12:30 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MECUEv015172 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 06:12:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0MECUsr015171 for sage-members-0utGoign; Tue, 22 Jan 2008 06:12:30 -0800 (PST) Received: from relay00.pair.com (relay00.pair.com [209.68.5.9]) by usenix.org (8.13.6/8.13.6) with SMTP id m0MEBodp015154 for ; Tue, 22 Jan 2008 06:12:16 -0800 (PST) Received: (qmail 23744 invoked by uid 0); 22 Jan 2008 14:11:47 -0000 Received: from unknown (HELO ?66.119.212.42?) (unknown) by unknown with SMTP; 22 Jan 2008 14:11:47 -0000 X-pair-Authenticated: 66.119.212.42 Message-ID: <4795F9A1.1090900@deaddrop.org> Date: Tue, 22 Jan 2008 06:11:45 -0800 From: Lynda Organization: dig @localhost TXT CHAOS version.bind User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.11) Gecko/20050728 X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage members Subject: Re: [SAGE] Re: CHIMIT 2008 - SUMISSIONS DEADLINES MOVED BACK References: <20080122101747.B835066C056@hexogen.explosive.net> In-Reply-To: <20080122101747.B835066C056@hexogen.explosive.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=4% Sender: owner-sage-members@usenix.org Precedence: bulk Adam Moskowitz wrote: >Lynda wrote: > > >>Ignoring the issue of whether or not Microsoft (rather than the ACM or >>USENIX) should be sending this >> >> > >George Engelbeck is on the CHIMIT program committee and is responsible >for publicity so in my oppinopn it's not at all unreasonable that the >message is "from" Microsoft. At least, not any more unreasonable than if >Mary Baker had sent a similar message "from" HP Labs regarding FAST '08 >or Mario Obejas had sent one "from" Raytheon for LISA '08. > > Still, we are talking about form, here. I can read the headers, and it went through sage-announce, which (as far as I know) requires permission/approval. Please note that I did *not* rudely fire off anything to George privately, since I could see that it was quite legitimate (nasty mime and all). I should point out that your example conferences are sponsored by USENIX, and I'd be amazed to see those any other way than is normal. >>it would have been polite to follow the usual standards for such >>announcements. >> >> > >While I agree in principle, this conference is only co-sponsored by >USENIX (ACM got top billing) so I don't expect them to follow USENIX's >"rules." > > Perhaps. I'm not really thinking of rules so much as form (a slight semantic difference). It would seem a slight extra effort to set up something that people who were in this precise situation (i.e. announcing a joint conference that USENIX was not primary on) could use to send an announcement in the way that I've come to expect them. In the past years I've come to expect that it works a certain way; I don't remember any other way. See? This is what USENIX gets for being professional; I'm spoiled. Usually I delete the announcements once I've read them (unless it has information I need), so it was tough to find an example. USENIX News: USENIX '06 Call for Papers, 2006 election info, Sec '06 Call for Papers, and More (31337) Precedence: bulk, To: shrdlu@deaddrop.org, From: Anne_Dickison@usenix.org See? Informative, all nice plain text, from our kind friend Anne, and to me. You would think that it would be simple to offer that same thing to our friends from other conferences. I note that I've received notice about SANS conferences from Anne, so I think that it's at least possible. I'm also wondering whether someone less friendly than I has already fired off a note of complaint to poor George for sending them spam (which would not surprise me, considering the spam score was just this side of rejection). -- The avalanche has already started. It is too late for the pebbles to vote. Ambassador Kosh, Babylon 5 From sage-members-owner@usenix.org Tue Jan 22 06:24:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MEOaJZ015738 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 06:24:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0MEOa9p015737 for sage-members-0utGoign; Tue, 22 Jan 2008 06:24:36 -0800 (PST) Received: from mailbox.reptiles.org (rootgecko.reptiles.org@skink.reptiles.org [198.96.210.227]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MEOHTS015719 for ; Tue, 22 Jan 2008 06:24:22 -0800 (PST) Received: from skink.reptiles.org ([198.96.210.227] port=49774) by mailbox.reptiles.org([198.96.210.227] port=25) via TCP with esmtp (1789 bytes) (sender: ) (ident using UNIX) id for ; Tue, 22 Jan 2008 09:19:02 -0500 (EST) (Smail-3.2.0.121 2005-Nov-17 #4 built 2006-Nov-28) Date: Tue, 22 Jan 2008 09:19:01 -0500 (EST) From: Cat Okita To: Lynda cc: sage members Subject: Re: [SAGE] Re: CHIMIT 2008 - SUMISSIONS DEADLINES MOVED BACK In-Reply-To: <4795F9A1.1090900@deaddrop.org> Message-ID: <20080122091759.R72248@gecko.reptiles.org> References: <20080122101747.B835066C056@hexogen.explosive.net> <4795F9A1.1090900@deaddrop.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, 22 Jan 2008, Lynda wrote: > See? Informative, all nice plain text, from our kind friend Anne, and to me. > You would think that it would be simple to offer that same thing to our > friends from other conferences. I note that I've received notice about SANS > conferences from Anne, so I think that it's at least possible. I'm also > wondering whether someone less friendly than I has already fired off a note > of complaint to poor George for sending them spam (which would not surprise > me, considering the spam score was just this side of rejection). Having not actually seen the note about the conference -- it was, I would presume, eaten by my spamtraps -- it's just as possible that many folk didn't see the note at all! cheers! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." From sage-members-owner@usenix.org Tue Jan 22 11:16:15 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MJFxhM001437 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 11:16:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0MJFxqq001436 for sage-members-0utGoign; Tue, 22 Jan 2008 11:15:59 -0800 (PST) Received: from blue.stonehenge.com (_postfix@blue.stonehenge.com [209.223.236.162]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MJF6fW001391 for ; Tue, 22 Jan 2008 11:15:32 -0800 (PST) Received: by blue.stonehenge.com (Postfix, from userid 1001) id 71AEF1DE834; Tue, 22 Jan 2008 10:47:00 -0800 (PST) To: Jason Antman Cc: Rodrick Brown , sage-members@sage.org Subject: Re: [SAGE] Sun acquires MySQL References: <523a2afd0801190825p2512d429x9323d814e6b7eb29@mail.gmail.com> <47939295.8060200@jasonantman.com> From: merlyn@stonehenge.com (Randal L. Schwartz) x-mayan-date: Long count = 12.19.15.0.5; tzolkin = 3 Chicchan; haab = 13 Muan Date: Tue, 22 Jan 2008 10:47:00 -0800 In-Reply-To: <47939295.8060200@jasonantman.com> (Jason Antman's message of "Sun, 20 Jan 2008 13:27:33 -0500") Message-ID: <86ve5l7l5n.fsf@blue.stonehenge.com> User-Agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk >>>>> "Jason" == Jason Antman writes: Jason> I've heard a lot of worry about Sun controlling MySQL - everything from Jason> "the sky is falling" (Sun essentially turning MySQL into a mainly Jason> proprietary product with a small free version) [...] Huh? MySQL AB already succeeded in doing that! The restrictions on using the "free" version are pretty brutal. If you want to do *anything* interesting, you're encouraged to get the paid version "to be safe". There are other databases out there that are truly free, and do a lot more in a lot less time. MySQL is getting less and less interesting as the years go by. [Yawn.] -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! From sage-members-owner@usenix.org Tue Jan 22 14:53:03 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MMqUIi019443 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 14:52:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0MMqUWP019442 for sage-members-0utGoign; Tue, 22 Jan 2008 14:52:30 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.186]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MMpTeG019279 for ; Tue, 22 Jan 2008 14:51:57 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so2802771rvb.59 for ; Tue, 22 Jan 2008 14:51:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject:message-id:x-mailer:mime-version:content-type:content-transfer-encoding; bh=OXVP91i7vN4q3/DetHoGrYSgC9gQyYNCAonm4E6NzOU=; b=EuKxQOg+eOrURo2RjojadoKnzdCDbSUk1wBpTtaZc75hX3bvMoR3+S7DiZAoOuDU3TZcSoSoK5BQxOLPDpvbmNQp4zZdhM1JUGTcRiZoDyqAhMiJN4eBH6to3zcj9wMGFCqgGuzDZoaQoE3OXFEXzc3NFvblsDAsb7TFYE8bwTk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:x-mailer:mime-version:content-type:content-transfer-encoding; b=kwqBnsx6Y+w2zkwVs7bVQi9VDaDUfO3dfLitcaBvq5CpKeyiOAQzOP6Bq2GMXeEFgq7Vm5SiyE5hbeMx4k+ifkaUoQ+VWC18FZf1t/v+S5hvlU8RWsgFR/LAblnUbmxHdknR9OpYjG7sonk8p5GAs+9TspZhTXNf6/dqFkHYIoA= Received: by 10.140.82.40 with SMTP id f40mr5830977rvb.0.1201042283998; Tue, 22 Jan 2008 14:51:23 -0800 (PST) Received: from mango.nsd.org ( [152.157.64.243]) by mx.google.com with ESMTPS id k2sm2296385rvb.36.2008.01.22.14.51.22 (version=SSLv3 cipher=OTHER); Tue, 22 Jan 2008 14:51:23 -0800 (PST) Date: Tue, 22 Jan 2008 14:52:00 -0800 From: Ski Kacoroski To: SAGE mailing list Subject: [SAGE] Best practice for Windows ACL's question Message-ID: <20080122145200.56e5d7dc@mango.nsd.org> X-Mailer: Claws Mail 3.2.0 (GTK+ 2.8.20; i486-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Hi, I have several cases where I need to set up the top level folder structure and do not want the end users to change it (e.g. a home folder with Desktop, Documents, Public, and Web folders in it). This worked fine with a single ACE until Office 2007 came along. As near as I can tell, Office 2007 requires delete privileges of the folder it is writing to in order to save a file into the folder. This means that the user can then delete, rename, etc the top level folders. Not good. The only way around it I have found is two ACE's. The first is for the top level folder only and does not have delete privileges and the second is for all subfolders and files and includes delete privileges. I am wondering if this is the correct way to solve this issue or if there is a way to use just one ACE (much preferred). cheers, ski -- "When we try to pick out anything by itself, we find it connected to the entire universe" John Muir Chris "Ski" Kacoroski, kacoroski@gmail.com, 206-501-9803 or ski98033 on most IM services and gizmo From sage-members-owner@usenix.org Tue Jan 22 15:43:31 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MNhVYw024798 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 15:43:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0MNhUOu024797 for sage-members-0utGoign; Tue, 22 Jan 2008 15:43:30 -0800 (PST) Received: from chopin.co-prosperity.org (chopin.co-prosperity.org [24.196.66.98]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MNgoHR024765 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 15:43:16 -0800 (PST) Received: from chopin.co-prosperity.org (chopin [127.0.0.1]) by chopin.co-prosperity.org (8.13.4/8.12.5) with ESMTP id m0MNHFON011291; Tue, 22 Jan 2008 17:17:45 -0600 Received: from localhost (nmedbery@localhost) by chopin.co-prosperity.org (8.13.4/8.12.5/Submit) with ESMTP id m0MNHE6C011288; Tue, 22 Jan 2008 17:17:15 -0600 X-Authentication-Warning: chopin.co-prosperity.org: nmedbery owned process doing -bs Date: Tue, 22 Jan 2008 17:17:14 -0600 (CST) From: nmedbery@museverte.net X-X-Sender: nmedbery@chopin.co-prosperity.org To: Ski Kacoroski cc: SAGE mailing list Subject: Re: [SAGE] Best practice for Windows ACL's question In-Reply-To: <20080122145200.56e5d7dc@mango.nsd.org> Message-ID: References: <20080122145200.56e5d7dc@mango.nsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Seen-By: mailfromd 4.1 chopin.co-prosperity.org X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Ski, I am not sure this covers your situation exactly, but I believe we have a workable configuration. It is setup as follows: The top level folder has Read & Execute, List Folder Contents, and Read permissions. Sub folders have Modify permission granted to users as necessary (for their home directory for instance). This keeps the users from changing the name or from deleting their actual home directory (or whatever you put there), but they can create, delete, rename, etc. any files or folders inside of their home. e.g. F:\data\home\user1 perms on home = Read & Execute, List Folder Contents, Read (Domain Users or a specified group) perms on user1 = Modify (user1) Maybe this is exactly what you were describing, in which case, I think it is a fairly standard configuration. -Nate On Tue, 22 Jan 2008, Ski Kacoroski wrote: > Hi, > > I have several cases where I need to set up the top level folder > structure and do not want the end users to change it (e.g. a home > folder with Desktop, Documents, Public, and Web folders in it). > This worked fine with a single ACE until Office 2007 came along. As > near as I can tell, Office 2007 requires delete privileges of the > folder it is writing to in order to save a file into the folder. This > means that the user can then delete, rename, etc the top level > folders. Not good. The only way around it I have found is two ACE's. > The first is for the top level folder only and does not have delete > privileges and the second is for all subfolders and files and includes > delete privileges. > > I am wondering if this is the correct way to solve this issue or if > there is a way to use just one ACE (much preferred). > > cheers, > > ski > > From sage-members-owner@usenix.org Tue Jan 22 15:57:11 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MNv85x025720 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 15:57:08 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0MNv8CL025718 for sage-members-0utGoign; Tue, 22 Jan 2008 15:57:08 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.190]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0MNuK4s025584 for ; Tue, 22 Jan 2008 15:56:49 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so2818407rvb.59 for ; Tue, 22 Jan 2008 15:56:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; bh=pbnAveIIwn75WmfrhAZK02UhOtIKvbYVHo9poFMtlhk=; b=GNi78ozY0X0RcK9ukut/MhDTywdGZOS5WAPDdWtBcOAQFe5Bd2jqmDgRY1oaAtJZVDy4IKVR702E0H/zBJBHIAglf5Zkp8gPeJCRcCMH1iDb+/RJYmkQ6hjZpy48OBsR96tv5wl82fWOmJ5GiyzqFoqI4U8uaFFRqRfj4e5Zc9k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; b=aLJ0yc8fxqlnv0XztRE6L5VF/zk0foCe3JGyxBlFWkhZzgE7yj7j7vAcPgGqzlAGxHdMOvMeaB/8CqaDafIfkCbmcavubzfU0b1952di1nGDXJZf4BKqk4r1PjDfkdEN53ULQtiRM6hKsrRgMPv1U+8dGzBgxEVysuj6XLRa73Q= Received: by 10.140.133.10 with SMTP id g10mr5845492rvd.151.1201046175151; Tue, 22 Jan 2008 15:56:15 -0800 (PST) Received: from mango.nsd.org ( [152.157.64.243]) by mx.google.com with ESMTPS id l21sm2608151rvb.26.2008.01.22.15.56.13 (version=SSLv3 cipher=OTHER); Tue, 22 Jan 2008 15:56:14 -0800 (PST) Date: Tue, 22 Jan 2008 15:56:52 -0800 From: Ski Kacoroski To: nmedbery@museverte.net Cc: SAGE mailing list Subject: Re: [SAGE] Best practice for Windows ACL's question Message-ID: <20080122155652.646e868e@mango.nsd.org> In-Reply-To: References: <20080122145200.56e5d7dc@mango.nsd.org> X-Mailer: Claws Mail 3.2.0 (GTK+ 2.8.20; i486-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk Nate, Thanks for your reply, but when I use modify rights the user can delete their own folder (e.g. in your example, user1 can delete the user1 folder) which is not going to work for me. cheers, ski On Tue, 22 Jan 2008 17:17:14 -0600 (CST) nmedbery@museverte.net wrote: > Ski, > > I am not sure this covers your situation exactly, but I believe we > have a workable configuration. It is setup as follows: > > The top level folder has Read & Execute, List Folder Contents, and > Read permissions. Sub folders have Modify permission granted to users > as necessary (for their home directory for instance). > > This keeps the users from changing the name or from deleting their > actual home directory (or whatever you put there), but they can > create, delete, rename, etc. any files or folders inside of their > home. > > e.g. > F:\data\home\user1 > > perms on home = Read & Execute, List Folder Contents, Read (Domain > Users or a specified group) > perms on user1 = Modify (user1) > > Maybe this is exactly what you were describing, in which case, I > think it is a fairly standard configuration. > -Nate > > On Tue, 22 Jan 2008, Ski Kacoroski wrote: > > > Hi, > > > > I have several cases where I need to set up the top level folder > > structure and do not want the end users to change it (e.g. a home > > folder with Desktop, Documents, Public, and Web folders in it). > > This worked fine with a single ACE until Office 2007 came along. As > > near as I can tell, Office 2007 requires delete privileges of the > > folder it is writing to in order to save a file into the folder. > > This means that the user can then delete, rename, etc the top level > > folders. Not good. The only way around it I have found is two > > ACE's. The first is for the top level folder only and does not have > > delete privileges and the second is for all subfolders and files > > and includes delete privileges. > > > > I am wondering if this is the correct way to solve this issue or if > > there is a way to use just one ACE (much preferred). > > > > cheers, > > > > ski > > > > -- "When we try to pick out anything by itself, we find it connected to the entire universe" John Muir Chris "Ski" Kacoroski, kacoroski@gmail.com, 206-501-9803 or ski98033 on most IM services and gizmo From sage-members-owner@usenix.org Tue Jan 22 17:53:38 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0N1rP49002500 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 22 Jan 2008 17:53:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0N1rPed002499 for sage-members-0utGoign; Tue, 22 Jan 2008 17:53:25 -0800 (PST) Received: from hs-out-2122.google.com (hs-out-0708.google.com [64.233.178.242]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0N1qkQd002471 for ; Tue, 22 Jan 2008 17:53:11 -0800 (PST) Received: by hs-out-2122.google.com with SMTP id l65so2490606hsc.7 for ; Tue, 22 Jan 2008 17:52:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=x9nB0/c6Kc2kI3xBK2CPbZQmMygeoL2ON2cmakiWNRE=; b=RAKdvK7hXPflTE9wMit+Rm3aEMiToXBLiLZYa7sQoBJ5pbAmO8N5EtXCZEiJnYG92CBDArIAKZQ9L0Da96N7AD0YPzaYZvnsqfBSh4iXpvB6XPNcBuebWVszXxKn2wgljTqNPJ7JHhkAc2OCN/2+0QQUF5YQ3JgF3aJZmbt9wD8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=xsUXb5dQKh71ipE9NwoDTMaldfxyljMkR6GUSBeX12tpe2Mwz5ENcT4SwF0vyAY1pw0KNrJV8LLw/Cw3JCz6WYmZT01R/gUJRkZcYes/W1Eap/cax/Od9K6vigQzvN8uUX1lLgI2QhQWsi69DoRM9k9/0dZq6dErPtVlxGrXUJA= Received: by 10.142.215.5 with SMTP id n5mr4612530wfg.11.1201053165015; Tue, 22 Jan 2008 17:52:45 -0800 (PST) Received: by 10.142.72.20 with HTTP; Tue, 22 Jan 2008 17:52:44 -0800 (PST) Message-ID: Date: Tue, 22 Jan 2008 17:52:44 -0800 From: "Kurt Buff" To: "Ski Kacoroski" Subject: Re: [SAGE] Best practice for Windows ACL's question Cc: nmedbery@museverte.net, "SAGE mailing list" In-Reply-To: <20080122155652.646e868e@mango.nsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080122145200.56e5d7dc@mango.nsd.org> <20080122155652.646e868e@mango.nsd.org> X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: 1049; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk I think in this case, when you create the top-level directories for each user, you should not give them modify permissions to it. If you go to the Advanced settings for the directory permissions, and edit the user's permissions, you'll see that you can set the directory permissions to be for "Subfolders and files only", among other settings. They can then create/modify/delete files and directories as they please below there. Kurt On Jan 22, 2008 3:56 PM, Ski Kacoroski wrote: > Nate, > > Thanks for your reply, but when I use modify rights the user can delete > their own folder (e.g. in your example, user1 can delete the user1 > folder) which is not going to work for me. > > cheers, > > ski > > > On Tue, 22 Jan 2008 17:17:14 -0600 (CST) nmedbery@museverte.net wrote: > > Ski, > > > > I am not sure this covers your situation exactly, but I believe we > > have a workable configuration. It is setup as follows: > > > > The top level folder has Read & Execute, List Folder Contents, and > > Read permissions. Sub folders have Modify permission granted to users > > as necessary (for their home directory for instance). > > > > This keeps the users from changing the name or from deleting their > > actual home directory (or whatever you put there), but they can > > create, delete, rename, etc. any files or folders inside of their > > home. > > > > e.g. > > F:\data\home\user1 > > > > perms on home = Read & Execute, List Folder Contents, Read (Domain > > Users or a specified group) > > perms on user1 = Modify (user1) > > > > Maybe this is exactly what you were describing, in which case, I > > think it is a fairly standard configuration. > > -Nate > > > > On Tue, 22 Jan 2008, Ski Kacoroski wrote: > > > > > Hi, > > > > > > I have several cases where I need to set up the top level folder > > > structure and do not want the end users to change it (e.g. a home > > > folder with Desktop, Documents, Public, and Web folders in it). > > > This worked fine with a single ACE until Office 2007 came along. As > > > near as I can tell, Office 2007 requires delete privileges of the > > > folder it is writing to in order to save a file into the folder. > > > This means that the user can then delete, rename, etc the top level > > > folders. Not good. The only way around it I have found is two > > > ACE's. The first is for the top level folder only and does not have > > > delete privileges and the second is for all subfolders and files > > > and includes delete privileges. > > > > > > I am wondering if this is the correct way to solve this issue or if > > > there is a way to use just one ACE (much preferred). > > > > > > cheers, > > > > > > ski > > > > > > > > > > -- > "When we try to pick out anything by itself, we find it > connected to the entire universe" John Muir > > Chris "Ski" Kacoroski, kacoroski@gmail.com, 206-501-9803 > or ski98033 on most IM services and gizmo > From sage-members-owner@usenix.org Wed Jan 23 09:25:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NHPlDw001061 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 09:25:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NHPlpC001060 for sage-members-0utGoign; Wed, 23 Jan 2008 09:25:47 -0800 (PST) Received: from QMTA09.westchester.pa.mail.comcast.net (qmta09.westchester.pa.mail.comcast.net [76.96.62.96]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NHP7gY001027 for ; Wed, 23 Jan 2008 09:25:33 -0800 (PST) Received: from OMTA11.westchester.pa.mail.comcast.net ([76.96.62.36]) by QMTA09.westchester.pa.mail.comcast.net with comcast id ggGC1Y00a0mv7h05906G00; Wed, 23 Jan 2008 17:24:48 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA11.westchester.pa.mail.comcast.net with comcast id ghR11Y00H5A3TEL3X00000; Wed, 23 Jan 2008 17:25:02 +0000 X-Authority-Analysis: v=1.0 c=1 a=GfyvAy890PUcjOTZ8u0A:9 a=X15uR4UoqlZ0Qh44osMYWdAPQF8A:4 a=3SmO1NJXDBsA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 863591ACE4; Wed, 23 Jan 2008 12:25:01 -0500 (EST) To: sage-members@sage.org Subject: [SAGE] Dell 2950 w/ SAS 6/iR controller? From: Paul Lussier Date: Wed, 23 Jan 2008 12:25:01 -0500 Message-ID: <87myqw4fpu.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk Hi all, Does anyone have any experience running Linux on a Dell 2950 w/ SAS 6/iR controller ? This is, from what I can tell of the quote shown me by my IT guy, an intregrated SAS RAID controller. They claim it's not a PERC, which I know is to be avoided. But I know nothing of this other thing. Cautionary tales, warnings, sirens and alarm bells all welcome :) (unless all they say is "Don't buy from Dell", I, unfortunately, have little choice there :( -- Seeya, Paul From sage-members-owner@usenix.org Wed Jan 23 10:07:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NI7Ju5002838 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:07:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NI7JNw002837 for sage-members-0utGoign; Wed, 23 Jan 2008 10:07:19 -0800 (PST) Received: from highlandsun.propagation.net (highlandsun.propagation.net [66.221.212.168]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NI6FMP002796 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:06:41 -0800 (PST) Received: from [127.0.0.1] (highlandsun.com [66.221.212.169]) by highlandsun.propagation.net (8.13.3/8.13.3) with ESMTP id m0NI63Z7002808; Wed, 23 Jan 2008 12:06:03 -0600 Message-ID: <47978263.2090905@symas.com> Date: Wed, 23 Jan 2008 10:07:31 -0800 From: Howard Chu User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9b3pre) Gecko/2008011510 SeaMonkey/2.0a1pre MIME-Version: 1.0 To: Paul Lussier CC: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> In-Reply-To: <87myqw4fpu.fsf@comcast.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Paul Lussier wrote: > Hi all, > > Does anyone have any experience running Linux on a Dell 2950 w/ SAS > 6/iR controller ? This is, from what I can tell of the quote shown me > by my IT guy, an intregrated SAS RAID controller. They claim it's not > a PERC, which I know is to be avoided. But I know nothing of this > other thing. What's wrong with the PERC? The Dell 2950 I used in these tests http://connexitor.com/blog/pivot/entry.php?id=191 has a PERC 5/i controller. > Cautionary tales, warnings, sirens and alarm bells all welcome :) > (unless all they say is "Don't buy from Dell", I, unfortunately, have > little choice there :( I ran Debian etch on this thing, no real issues. However, I replaced the default kernel (2.6.18-5) with my own build of 2.6.24-rc3. The ethernet drivers in the new kernel are much more efficient under heavy load than the stock kernel. I don't know what other kernel changes accounted for these differences. results on stock kernel: custom built kernel: Cores Rate CPU Rate CPU 1 18521 100% 14544 100% 2 21600 182% 24060 195% 3 30729 258% 33023 278% 4 33400 318% 36212 337% 5 31870 360% 37130 381% 6 34057 400% 37650 428% 7 28440 430% 37987 477% 8 25136 440% 40366 534% As you can see, with the stock Debian kernel performance for 7-8 cores is actually slower than for 3 cores on my workload. If your workload is network-intensive, this is something to watch out for and tune carefully (ethtool is vital). -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ From sage-members-owner@usenix.org Wed Jan 23 10:21:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NILCa5003754 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:21:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NILCHK003750 for sage-members-0utGoign; Wed, 23 Jan 2008 10:21:12 -0800 (PST) Received: from mail.menolly.net (menolly.net [216.250.182.89]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIKWNK003713 for ; Wed, 23 Jan 2008 10:20:58 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.menolly.net (Postfix) with ESMTP id 883007B691; Wed, 23 Jan 2008 11:56:27 -0600 (CST) X-Virus-Scanned: Debian amavisd-new at menolly.net Received: from mail.menolly.net ([127.0.0.1]) by localhost (mail.menolly.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HQhvbRcV5XqI; Wed, 23 Jan 2008 11:56:27 -0600 (CST) Received: from www.menolly.net (localhost [127.0.0.1]) by mail.menolly.net (Postfix) with ESMTP id 4306C7B663; Wed, 23 Jan 2008 11:56:27 -0600 (CST) Received: from 161.225.1.12 (SquirrelMail authenticated user btpier) by www.menolly.net with HTTP; Wed, 23 Jan 2008 11:56:27 -0600 (CST) Message-ID: <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> In-Reply-To: <87myqw4fpu.fsf@comcast.net> References: <87myqw4fpu.fsf@comcast.net> Date: Wed, 23 Jan 2008 11:56:27 -0600 (CST) Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? From: "Bryce T Pier" To: "Paul Lussier" Cc: sage-members@sage.org User-Agent: SquirrelMail/1.4.9a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, January 23, 2008 11:25 am, Paul Lussier wrote: > > Hi all, > > Does anyone have any experience running Linux on a Dell 2950 w/ SAS > 6/iR controller ? This is, from what I can tell of the quote shown me > by my IT guy, an intregrated SAS RAID controller. They claim it's not > a PERC, which I know is to be avoided. But I know nothing of this > other thing. > > Cautionary tales, warnings, sirens and alarm bells all welcome :) > (unless all they say is "Don't buy from Dell", I, unfortunately, have > little choice there :( > I have one in my lab but haven't tried my SLES 10 build on it yet. Why avoid PERC? We have 200+ 2850's & 2950's with PERCs running SLES9. The only issue we've hit is a PERC 5 bug that made the drives appear to fail. It only happened once, was fixed by loading new firmware and the data on the mirrored pair was fine. I've even successfully forced one drive off-line made OS changes then shutdown and forced that disk off-line, on-lined the other disk and booted from it. -- Bryce T Pier Unix Geek From sage-members-owner@usenix.org Wed Jan 23 10:26:15 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIQFeq004219 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:26:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NIQFxv004218 for sage-members-0utGoign; Wed, 23 Jan 2008 10:26:15 -0800 (PST) Received: from QMTA03.emeryville.ca.mail.comcast.net (qmta03.emeryville.ca.mail.comcast.net [76.96.30.32]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIPasp004190 for ; Wed, 23 Jan 2008 10:26:01 -0800 (PST) Received: from OMTA11.emeryville.ca.mail.comcast.net ([76.96.30.36]) by QMTA03.emeryville.ca.mail.comcast.net with comcast id gd0y1Y00K0mlR8U0A0Xr00; Wed, 23 Jan 2008 18:25:31 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA11.emeryville.ca.mail.comcast.net with comcast id giRW1Y0015A3TEL8X00000; Wed, 23 Jan 2008 18:25:31 +0000 X-Authority-Analysis: v=1.0 c=1 a=diduoPDee9cA:10 a=jtVp1bOUGmfyM31xyjAA:9 a=6CsgkQwCPqc-W9BYjuMX0KFCfjQA:4 a=r2OZt28MrbcA:10 a=liJRedtLUCcA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 93E851ACE4; Wed, 23 Jan 2008 13:25:29 -0500 (EST) To: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> From: Paul Lussier Date: Wed, 23 Jan 2008 13:25:29 -0500 In-Reply-To: <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> (Bryce T. Pier's message of "Wed\, 23 Jan 2008 11\:56\:27 -0600 \(CST\)") Message-ID: <87ir1k4cx2.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk "Bryce T Pier" writes: > Why avoid PERC? No one here has ever had good luck with PERC. My personal experience is admittedly several years old, but there were a couple others here who also had more recent bad experiences with them. I won't exclude the possibility that our collective experience/memory is out of date and requires an upgrade, though :) Thanks, -- Seeya, Paul From sage-members-owner@usenix.org Wed Jan 23 10:44:30 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIiTMA005245 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:44:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NIiTtA005242 for sage-members-0utGoign; Wed, 23 Jan 2008 10:44:29 -0800 (PST) Received: from QMTA04.emeryville.ca.mail.comcast.net (qmta04.emeryville.ca.mail.comcast.net [76.96.30.40]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIhoZj005202 for ; Wed, 23 Jan 2008 10:44:15 -0800 (PST) Received: from OMTA09.emeryville.ca.mail.comcast.net ([76.96.30.20]) by QMTA04.emeryville.ca.mail.comcast.net with comcast id giJf1Y00P0S2fkC0A04t00; Wed, 23 Jan 2008 18:43:45 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA09.emeryville.ca.mail.comcast.net with comcast id gijj1Y00U5A3TEL8V00000; Wed, 23 Jan 2008 18:43:45 +0000 X-Authority-Analysis: v=1.0 c=1 a=diduoPDee9cA:10 a=VTaBKu_FqsiZYE0BGf0A:9 a=UD6fnf6idmHlut1TR5cIiQD0vSoA:4 a=GBF0qrQiYlQA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 657CC1ACE4; Wed, 23 Jan 2008 13:43:43 -0500 (EST) To: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> From: Paul Lussier Date: Wed, 23 Jan 2008 13:43:43 -0500 In-Reply-To: <47978918.7020604@cs.earlham.edu> (Skylar Thompson's message of "Wed\, 23 Jan 2008 10\:36\:08 -0800") Message-ID: <87d4rs4c2o.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk Skylar Thompson writes: > I haven't had any bad luck with PERCs since Dell moved off Adaptec > controllers. I think everything after the PERC3s are LSI controllers, > which seem pretty solid and give reasonable performance. Is PERC Dell's OEM name for some other vendor's product? I was always under the impression that PERC was a low-grade vendor separate from Dell and everyone else. Your statement leads me to believe I'm wrong. If PERC is a Dell OEM name, and it is now LSI they are reselling under this name, then I guess I don't have any qualms about avoiding them. By the way, my question wasn't so much about the Dell 2950 with Debian, rather, it was "What's this SAS 6i/R controller thingy?". Our Dell rep is insisting that it is NOT a PERC, but can't tell us what it is. Thanks. -- Seeya, Paul From sage-members-owner@usenix.org Wed Jan 23 10:44:31 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIiVMu005253 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:44:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NIiUek005250 for sage-members-0utGoign; Wed, 23 Jan 2008 10:44:30 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.188]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIhMis005183 for ; Wed, 23 Jan 2008 10:44:11 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so3175969rvb.59 for ; Wed, 23 Jan 2008 10:43:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; bh=cNgGSHDycA3UvEITvzAawpB+YSvo74cs1ArjRJI48tM=; b=uK55ePAYfWXc9GR7wvH/KNnjPgKUxa4YqvuZgpzEex/DuaJVJy1LAczAfKzxIdgEc49Lqoo57ii2J4Y2KL01wg35J40C3e/7DdxV1KbPr8Yywolkw0510tZNj560qCTf6KFoyU3sga4YN++01FdlYG04UdfKcuMSki3FkFitQGA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; b=PB3p7T9C4fy+h/lkhQsKQIKN2AVt+fhMsWeJh4W+duwkBOHMkMo0toHPk0mOuxCS8uk7AELsbFtexd6WgLyp3yKM2YOwMjaQbNjP4FCMTTwciqnScBteIg0r44PStdRjuC5tAXZ8zwGxG9Ablwe/tcsfe2f5jDnoym4aoT2dQ8k= Received: by 10.140.144.4 with SMTP id r4mr6559697rvd.175.1201113394473; Wed, 23 Jan 2008 10:36:34 -0800 (PST) Received: from mango.nsd.org ( [152.157.64.243]) by mx.google.com with ESMTPS id 3sm727488rvi.14.2008.01.23.10.36.32 (version=SSLv3 cipher=OTHER); Wed, 23 Jan 2008 10:36:33 -0800 (PST) Date: Wed, 23 Jan 2008 10:37:13 -0800 From: Ski Kacoroski To: "Kurt Buff" Cc: nmedbery@museverte.net, "SAGE mailing list" Subject: Re: [SAGE] Best practice for Windows ACL's question Message-ID: <20080123103713.6d4edad6@mango.nsd.org> In-Reply-To: References: <20080122145200.56e5d7dc@mango.nsd.org> <20080122155652.646e868e@mango.nsd.org> X-Mailer: Claws Mail 3.2.0 (GTK+ 2.8.20; i486-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk This is essentially what I am doing. I have one ACE that applies to the folder that allows the user access and a second ACE for the user that allows them modify rights for subfolders and files. With Office 2004 I did not need two ACE's, one worked fine. ski On Tue, 22 Jan 2008 17:52:44 -0800 "Kurt Buff" wrote: > I think in this case, when you create the top-level directories for > each user, you should not give them modify permissions to it. If you > go to the Advanced settings for the directory permissions, and edit > the user's permissions, you'll see that you can set the directory > permissions to be for "Subfolders and files only", among other > settings. They can then create/modify/delete files and directories as > they please below there. > > Kurt > > On Jan 22, 2008 3:56 PM, Ski Kacoroski wrote: > > Nate, > > > > Thanks for your reply, but when I use modify rights the user can > > delete their own folder (e.g. in your example, user1 can delete the > > user1 folder) which is not going to work for me. > > > > cheers, > > > > ski > > > > > > On Tue, 22 Jan 2008 17:17:14 -0600 (CST) nmedbery@museverte.net > > wrote: > > > Ski, > > > > > > I am not sure this covers your situation exactly, but I believe we > > > have a workable configuration. It is setup as follows: > > > > > > The top level folder has Read & Execute, List Folder Contents, and > > > Read permissions. Sub folders have Modify permission granted to > > > users as necessary (for their home directory for instance). > > > > > > This keeps the users from changing the name or from deleting their > > > actual home directory (or whatever you put there), but they can > > > create, delete, rename, etc. any files or folders inside of their > > > home. > > > > > > e.g. > > > F:\data\home\user1 > > > > > > perms on home = Read & Execute, List Folder Contents, Read (Domain > > > Users or a specified group) > > > perms on user1 = Modify (user1) > > > > > > Maybe this is exactly what you were describing, in which case, I > > > think it is a fairly standard configuration. > > > -Nate > > > > > > On Tue, 22 Jan 2008, Ski Kacoroski wrote: > > > > > > > Hi, > > > > > > > > I have several cases where I need to set up the top level folder > > > > structure and do not want the end users to change it (e.g. a > > > > home folder with Desktop, Documents, Public, and Web folders in > > > > it). This worked fine with a single ACE until Office 2007 came > > > > along. As near as I can tell, Office 2007 requires delete > > > > privileges of the folder it is writing to in order to save a > > > > file into the folder. This means that the user can then delete, > > > > rename, etc the top level folders. Not good. The only way > > > > around it I have found is two ACE's. The first is for the top > > > > level folder only and does not have delete privileges and the > > > > second is for all subfolders and files and includes delete > > > > privileges. > > > > > > > > I am wondering if this is the correct way to solve this issue > > > > or if there is a way to use just one ACE (much preferred). > > > > > > > > cheers, > > > > > > > > ski > > > > > > > > > > > > > > > > -- > > "When we try to pick out anything by itself, we find it > > connected to the entire universe" John Muir > > > > Chris "Ski" Kacoroski, kacoroski@gmail.com, 206-501-9803 > > or ski98033 on most IM services and gizmo > > -- "When we try to pick out anything by itself, we find it connected to the entire universe" John Muir Chris "Ski" Kacoroski, kacoroski@gmail.com, 206-501-9803 or ski98033 on most IM services and gizmo From sage-members-owner@usenix.org Wed Jan 23 11:00:33 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJ08MF006258 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 11:00:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NJ08cQ006256 for sage-members-0utGoign; Wed, 23 Jan 2008 11:00:08 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIxgqx006238 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:59:43 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NIxgYd006237 for sage-members@usenix.org; Wed, 23 Jan 2008 10:59:42 -0800 (PST) Received: from quark.cs.earlham.edu (cs.earlham.edu [159.28.230.3]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NIaTMC004852 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 10:36:54 -0800 (PST) Received: from angband.gs.washington.edu (angband.gs.washington.edu [128.208.9.42]) (authenticated bits=0) by quark.cs.earlham.edu (8.13.6/8.13.3) with ESMTP id m0NIaArc063988 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 23 Jan 2008 13:36:11 -0500 (EST) (envelope-from skylar@cs.earlham.edu) Message-ID: <47978918.7020604@cs.earlham.edu> Date: Wed, 23 Jan 2008 10:36:08 -0800 From: Skylar Thompson Reply-To: skylar@cs.earlham.edu Organization: Earlham College Computer Science Department User-Agent: Thunderbird 2.0.0.9 (X11/20071031) MIME-Version: 1.0 To: Paul Lussier CC: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> In-Reply-To: <87ir1k4cx2.fsf@comcast.net> X-Enigmail-Version: 0.95.6 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig399529A725131FD31BF89FD3" X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-1.6 (quark.cs.earlham.edu [159.28.230.3]); Wed, 23 Jan 2008 13:36:11 -0500 (EST) X-Scanned-By: MIMEDefang 2.56 on 159.28.230.3 X-Spam-Status: No, score=-2.7 required=8.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on quark.cs.earlham.edu X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig399529A725131FD31BF89FD3 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Paul Lussier wrote: > "Bryce T Pier" writes: > > =20 >> Why avoid PERC? >> =20 > > No one here has ever had good luck with PERC. My personal experience > is admittedly several years old, but there were a couple others here > who also had more recent bad experiences with them. > > I won't exclude the possibility that our collective experience/memory > is out of date and requires an upgrade, though :) > > =20 I haven't had any bad luck with PERCs since Dell moved off Adaptec=20 controllers. I think everything after the PERC3s are LSI controllers,=20 which seem pretty solid and give reasonable performance. --=20 -- Skylar Thompson (skylar@cs.earlham.edu) -- http://www.cs.earlham.edu/~skylar/ --------------enig399529A725131FD31BF89FD3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHl4kasc4yyULgN4YRApRlAJ9gXGro+2KC64MCKyrc4pXUUSycggCdEOco 3oYqEAP/Wyt+Yam3zyWYp8g= =NMUH -----END PGP SIGNATURE----- --------------enig399529A725131FD31BF89FD3-- From sage-members-owner@usenix.org Wed Jan 23 11:02:49 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJ2Jpq006419 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 11:02:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NJ2Jl7006418 for sage-members-0utGoign; Wed, 23 Jan 2008 11:02:19 -0800 (PST) Received: from highlandsun.propagation.net (highlandsun.propagation.net [66.221.212.168]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJ1F0N006343 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 11:01:41 -0800 (PST) Received: from [127.0.0.1] (highlandsun.com [66.221.212.169]) by highlandsun.propagation.net (8.13.3/8.13.3) with ESMTP id m0NJ0ude003940; Wed, 23 Jan 2008 13:00:57 -0600 Message-ID: <47978F40.4050000@symas.com> Date: Wed, 23 Jan 2008 11:02:24 -0800 From: Howard Chu User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9b3pre) Gecko/2008011510 SeaMonkey/2.0a1pre MIME-Version: 1.0 To: Paul Lussier CC: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> <87d4rs4c2o.fsf@comcast.net> In-Reply-To: <87d4rs4c2o.fsf@comcast.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Paul Lussier wrote: > Skylar Thompson writes: > >> I haven't had any bad luck with PERCs since Dell moved off Adaptec >> controllers. I think everything after the PERC3s are LSI controllers, >> which seem pretty solid and give reasonable performance. > > Is PERC Dell's OEM name for some other vendor's product? I was always > under the impression that PERC was a low-grade vendor separate from > Dell and everyone else. AFAIK PERC in this context just means PowerEdge Expandable RAID Controller. So yes, it could be anything. > Your statement leads me to believe I'm wrong. If PERC is a Dell OEM > name, and it is now LSI they are reselling under this name, then I > guess I don't have any qualms about avoiding them. Yes, PERC 5 and PERC 6 use LSI MegaRAID components. > > By the way, my question wasn't so much about the Dell 2950 with > Debian, rather, it was "What's this SAS 6i/R controller thingy?". > > Our Dell rep is insisting that it is NOT a PERC, but can't tell us > what it is. If it's sold by Dell, it's a PERC, but that's just a meaningless product name. > Thanks. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ From sage-members-owner@usenix.org Wed Jan 23 11:17:52 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJHRNC007476 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 11:17:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NJHRUU007475 for sage-members-0utGoign; Wed, 23 Jan 2008 11:17:27 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJGX2f007443 for ; Wed, 23 Jan 2008 11:16:58 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id 5E19C3AE30; Wed, 23 Jan 2008 14:16:24 -0500 (EST) Date: Wed, 23 Jan 2008 14:16:24 -0500 From: Neil Watson To: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? Message-ID: <20080123191624.GA4860@watson-wilson.ca> References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> <87d4rs4c2o.fsf@comcast.net> <47978F40.4050000@symas.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <47978F40.4050000@symas.com> X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-12-11) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Jan 23, 2008 at 11:02:24AM -0800, Howard Chu wrote: >> Is PERC Dell's OEM name for some other vendor's product? I was always >> under the impression that PERC was a low-grade vendor separate from >> Dell and everyone else. > > AFAIK PERC in this context just means PowerEdge Expandable RAID > Controller. So yes, it could be anything. Ah the beauty of Dell. A mystery in every box. Is it Adaptec? Is it LSI? Is it a unique version of either and incompatible with non Dell drivers? Will the next model I buy from Dell in a few weeks contain entirely different hardware in spite of the model number being the same? Sorry, I had to get that off of my chest. Please resume useful discussion. -- Neil Watson | Debian Linux System Administrator | Uptime 9 days http://watson-wilson.ca From sage-members-owner@usenix.org Wed Jan 23 11:39:58 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJddIc008506 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 11:39:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NJddRq008505 for sage-members-0utGoign; Wed, 23 Jan 2008 11:39:39 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.227]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJcl8l008464 for ; Wed, 23 Jan 2008 11:39:13 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so2341502wxc.26 for ; Wed, 23 Jan 2008 11:38:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=6WBDuo5eTautisonMLF+IddhHeQHrSNchvyPO4P1xlU=; b=HunnoT5WQbnc6WHUuUGG++4ts2L7hChmcPhbbXLo4C+g7yYyoNT9M0dNd1K0gLL57LeFovimQfkEDq58DyuTZvM5jGbujNdoYppJ0MseCV7Huxgl/4WhT10LL3UtVAW5YPgEI9SenQm3TPBVZnanOcxwZTiAcj/dASZYRqkY+bs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=I9XcwmjjQ71kXAQWDkoPNKigEKgxsqVwvnrgiLRqHw8JfWrB0fsuSXyffRIs+PUBVXaQVGhn6kb0qT50qWaj4JTpur29gzJK1qihxrL0VXUvhh/QECMgycxMQSHS5ewcCwpWXI9E4O9XBwXsl0OxcjxxtKBuUV2rPJfMHdxcBUQ= Received: by 10.142.100.1 with SMTP id x1mr5202172wfb.131.1201116737414; Wed, 23 Jan 2008 11:32:17 -0800 (PST) Received: by 10.142.72.20 with HTTP; Wed, 23 Jan 2008 11:32:17 -0800 (PST) Message-ID: Date: Wed, 23 Jan 2008 11:32:17 -0800 From: "Kurt Buff" To: "Ski Kacoroski" Subject: Re: [SAGE] Best practice for Windows ACL's question Cc: nmedbery@museverte.net, "SAGE mailing list" In-Reply-To: <20080123103713.6d4edad6@mango.nsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080122145200.56e5d7dc@mango.nsd.org> <20080122155652.646e868e@mango.nsd.org> <20080123103713.6d4edad6@mango.nsd.org> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk That may be what you're stuck with, along with specifying "Creator Owner". I haven't played with MSOffice 2007 yet. FWIW, I am a huge fan of a utility called fileacl.exe http://www.gbordier.com/gbtools/fileacl.htm This utility allows me to record and reapply permissions in a very straightforward way on my file server, by recording its output as a batch file that can be reapplied, which output is fairly easy to understand. Here's a snippet of output from the departmental shared directory. K:\groups\dummy is a template that I maintain for reference when setting up a new group's directory: FILEACL "k:\Groups\Dummy" /S "BUILTIN\Administrators":RWXD/U/U /S "CREATOR OWNER":U/RWXD/RWXD /S "MYCOMPANY\Domain Users":RX/U/U /S "MYCOMPANY\ZusHomeGroupsDummyManagers":RAWaWeXDc/U FILEACL "k:\Groups\Dummy\Private" /S "MYCOMPANY\ZusHomeGroupsDummyUsers":RWXD /S "MYCOMPANY\ZusHomeGroupsDummyManagers":RWXD FILEACL "k:\Groups\Dummy\Public" /S "MYCOMPANY\ZusHomeGroupsDummyUsers":RWXD /S "MYCOMPANY\ZusHomeGroupsDummyManagers":RWXD /S "MYCOMPANY\Domain Users":RX The documentation has a reasonable explanation of the various rights - otherwise I'd never be able to figure out what "MYCOMPANY\ZusHomeGroupsDummyManagers":RAWaWeXDc/U" means by looking at it. Lastly, permissions inheritance make my job much simpler - the above permissions are quite simple, and if the department in question wants a directory or document with different permissions, I require that they live in a new/different subdirectory underneath the department's root. No permissions are allowed to be applied more than one directory beneath a department's root directory, where the Dummy department's root directory is k:\groups\dummy. Thus, if k:\groups\dummy\public\newdir1 needs different permissions than k:\groups\dummy\public, it is yanked up to k:\groups\dummy\newdir1. This has the side effect of flattening the directory structure, which is good, if not carried too far. The nicest thing about inheritance is that the batchfile that I generate every night as a record of current permissions, for the above k: drive (with more than 2million files/directories) is only 81k, or 735 lines. Kurt On Jan 23, 2008 10:37 AM, Ski Kacoroski wrote: > This is essentially what I am doing. I have one ACE that applies to > the folder that allows the user access and a second ACE for the user > that allows them modify rights for subfolders and files. With Office > 2004 I did not need two ACE's, one worked fine. > > ski > > On Tue, 22 Jan 2008 17:52:44 -0800 "Kurt Buff" > wrote: > > > I think in this case, when you create the top-level directories for > > each user, you should not give them modify permissions to it. If you > > go to the Advanced settings for the directory permissions, and edit > > the user's permissions, you'll see that you can set the directory > > permissions to be for "Subfolders and files only", among other > > settings. They can then create/modify/delete files and directories as > > they please below there. > > > > Kurt > > > > On Jan 22, 2008 3:56 PM, Ski Kacoroski wrote: > > > Nate, > > > > > > Thanks for your reply, but when I use modify rights the user can > > > delete their own folder (e.g. in your example, user1 can delete the > > > user1 folder) which is not going to work for me. > > > > > > cheers, > > > > > > ski > > > > > > > > > On Tue, 22 Jan 2008 17:17:14 -0600 (CST) nmedbery@museverte.net > > > wrote: > > > > Ski, > > > > > > > > I am not sure this covers your situation exactly, but I believe we > > > > have a workable configuration. It is setup as follows: > > > > > > > > The top level folder has Read & Execute, List Folder Contents, and > > > > Read permissions. Sub folders have Modify permission granted to > > > > users as necessary (for their home directory for instance). > > > > > > > > This keeps the users from changing the name or from deleting their > > > > actual home directory (or whatever you put there), but they can > > > > create, delete, rename, etc. any files or folders inside of their > > > > home. > > > > > > > > e.g. > > > > F:\data\home\user1 > > > > > > > > perms on home = Read & Execute, List Folder Contents, Read (Domain > > > > Users or a specified group) > > > > perms on user1 = Modify (user1) > > > > > > > > Maybe this is exactly what you were describing, in which case, I > > > > think it is a fairly standard configuration. > > > > -Nate > > > > > > > > On Tue, 22 Jan 2008, Ski Kacoroski wrote: > > > > > > > > > Hi, > > > > > > > > > > I have several cases where I need to set up the top level folder > > > > > structure and do not want the end users to change it (e.g. a > > > > > home folder with Desktop, Documents, Public, and Web folders in > > > > > it). This worked fine with a single ACE until Office 2007 came > > > > > along. As near as I can tell, Office 2007 requires delete > > > > > privileges of the folder it is writing to in order to save a > > > > > file into the folder. This means that the user can then delete, > > > > > rename, etc the top level folders. Not good. The only way > > > > > around it I have found is two ACE's. The first is for the top > > > > > level folder only and does not have delete privileges and the > > > > > second is for all subfolders and files and includes delete > > > > > privileges. > > > > > > > > > > I am wondering if this is the correct way to solve this issue > > > > > or if there is a way to use just one ACE (much preferred). > > > > > > > > > > cheers, > > > > > > > > > > ski From sage-members-owner@usenix.org Wed Jan 23 11:42:47 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJgfwL008686 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 11:42:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NJgf3I008684 for sage-members-0utGoign; Wed, 23 Jan 2008 11:42:41 -0800 (PST) Received: from scotch.datalyte.com (postfix@scotch.datalyte.com [69.31.85.243]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NJg29j008648 for ; Wed, 23 Jan 2008 11:42:27 -0800 (PST) X-SMTP-Auth: no Received: from localhost (localhost [127.0.0.1]) by scotch.datalyte.com (Postfix) with ESMTP id A9653137FD; Wed, 23 Jan 2008 14:18:23 -0500 (EST) Received: from scotch.datalyte.com ([127.0.0.1]) by localhost (scotch.datalyte.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 15103-03; Wed, 23 Jan 2008 14:18:14 -0500 (EST) Received: from tag1334.hq.communityconnect.com (hq2.communityconnect.com [207.13.235.98]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by scotch.datalyte.com (Postfix) with ESMTP id 1CC0E137E9; Wed, 23 Jan 2008 14:18:14 -0500 (EST) Cc: sage-members@sage.org Message-Id: <1C77818A-868D-407A-BAD2-3E571E538962@mbarr.net> From: Matthew Barr To: skylar@cs.earlham.edu In-Reply-To: <47978918.7020604@cs.earlham.edu> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? Date: Wed, 23 Jan 2008 14:17:07 -0500 References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> X-Mailer: Apple Mail (2.915) X-Virus-Scanned: Maia Mailguard 1.0.1 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk >> I haven't had any bad luck with PERCs since Dell moved off Adaptec >> controllers. I think everything after the PERC3s are LSI >> controllers, which seem pretty solid and give reasonable performance. Some of the PERC 3's were LSI, as I've got one right here. It was dropped from the Megaraid driver, and so isn't supported under 2.6, basically giving me a nonuseful server... (They weren't the plain PERC3's, but it was a variant name.) But yes, PERC = LSI, these days. Matthew ------ Matthew Barr mbarr@mbarr.net From sage-members-owner@usenix.org Wed Jan 23 12:20:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NKKVp1010361 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 12:20:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NKKViW010360 for sage-members-0utGoign; Wed, 23 Jan 2008 12:20:31 -0800 (PST) Received: from sgpsmtp2.avagotech.com (sgpsmtp2.avagotech.com [202.153.6.34]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NKJpp0010334 for ; Wed, 23 Jan 2008 12:20:16 -0800 (PST) Received: from sgpsmtp2.avagotech.com (localhost.localdomain [127.0.0.1]) by localhost.avagotech.com (Postfix) with ESMTP id 7A88135530 for ; Thu, 24 Jan 2008 03:46:45 +0800 (SGT) Received: from smtp2.ftc.avagotech.net (smtp2.ftc.avagotech.net [10.10.9.12]) by sgpsmtp2.avagotech.com (Postfix) with ESMTP id 3429235402 for ; Thu, 24 Jan 2008 03:46:45 +0800 (SGT) Received: from [10.10.10.146] (vw.ftc.avagotech.net [10.10.10.146]) by smtp2.ftc.avagotech.net (Postfix) with ESMTP id 48AF910043 for ; Wed, 23 Jan 2008 13:00:16 -0700 (MST) Message-ID: <47979CCF.6040102@frii.com> Date: Wed, 23 Jan 2008 13:00:15 -0700 From: Ray Frush User-Agent: Thunderbird 2.0.0.6 (X11/20071022) MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> <87d4rs4c2o.fsf@comcast.net> <47978F40.4050000@symas.com> <20080123191624.GA4860@watson-wilson.ca> In-Reply-To: <20080123191624.GA4860@watson-wilson.ca> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=2% Sender: owner-sage-members@usenix.org Precedence: bulk Neil Watson wrote: > Ah the beauty of Dell. A mystery in every box. Is it Adaptec? Is it > LSI? Is it a unique version of either and incompatible with non Dell > drivers? Will the next model I buy from Dell in a few weeks contain > entirely different hardware in spite of the model number being the same? Our organization has been using Dell Power Edge server from the Poweredge 1850/2850 (Generation 8) introduction. During that time, the "Generation 8" box seems to have gone through 1 revision (so two versions). The Generation 9 (1950/2950) are on their third sub-revision, and will probably be replaced by the "Generation 10" systems that have started to trickle out. Within each Generation (Gen8, Gen9, Gen9III) I have found the hardware (chipsets, controllers, etc) to be very stable. Much of Dell's reputation for changing parts frequently comes from older generation servers, and their lower end consumer products, which do change frequently, which you would expect. The "enterprise server" market is definitely requiring vendors like Dell to be more attentive to keeping hardware consistent during a product's lifecycle. If you have more than, say 20 systems in your organization, you can probably talk a Dell Sales droid to show you the product roadmap so you have an idea of what's going to happen to your servers in the next 18 months. In my experience the Perc 5 and Perc6 controllers (all LSI) have been rock solid, and we've only had one controller failure over some 200 machines. I haven't done extensive performance comparisons, since we run all our high data loads via EMC or NetApp storage. That being said, a PE2950 I have has been able to out perform all our other hardware, (except our brand new NetApp) on NFS testing for what would be best described as "workgroup" loads. -- Ray Frush From sage-members-owner@usenix.org Wed Jan 23 13:00:53 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NL0rgV011932 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 13:00:53 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NL0r8Y011931 for sage-members-0utGoign; Wed, 23 Jan 2008 13:00:53 -0800 (PST) Received: from starfish.geekisp.com (mail.geekisp.com [216.168.135.169]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NL0CvK011906 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 13:00:38 -0800 (PST) Received: (qmail 10499 invoked by uid 1003); 23 Jan 2008 21:01:15 -0000 Received: from clam.int.geekisp.com (HELO clam.geekisp.com) (192.168.4.38) by mail.geekisp.com with (DHE-RSA-AES256-SHA encrypted) SMTP; 23 Jan 2008 21:01:15 -0000 Received: from clam.geekisp.com (njt@localhost.geekisp.com [127.0.0.1]) by clam.geekisp.com (8.14.0/8.14.0) with ESMTP id m0NL06p8010556; Wed, 23 Jan 2008 16:00:06 -0500 (EST) Received: (from njt@localhost) by clam.geekisp.com (8.14.0/8.14.0/Submit) id m0NL05Nx023428; Wed, 23 Jan 2008 16:00:05 -0500 (EST) X-Authentication-Warning: clam.geekisp.com: njt set sender to njt@ayvali.org using -f Date: Wed, 23 Jan 2008 16:00:05 -0500 From: "N.J. Thomas" To: Paul Lussier Cc: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? Message-ID: <20080123210005.GL10168@ayvali.org> References: <87myqw4fpu.fsf@comcast.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87myqw4fpu.fsf@comcast.net> User-Agent: Mutt/1.5.9i X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk * Paul Lussier [2008-01-23 12:25:01-0500]: > Does anyone have any experience running Linux on a Dell 2950 w/ SAS > 6/iR controller? We bought about a hundred of these a few months ago. They all more or less run RHEL 5 (or CentOS 5). They were part of a larger batch of about 400 servers (the vast majority of which were the 1u 1950s), we had a couple of them (maybe 5 or 6) DOA, but I don't think it it was because of the controller in particular -- probably got bumped around in shipping. Obviously Dell replaced those. Don't have any complaints about the controllers so far. We are just beginning to stress them with software, and it looks like they are holding up so far. Thomas -- N.J. Thomas njt@ayvali.org Etiamsi occiderit me, in ipso sperabo From sage-members-owner@usenix.org Wed Jan 23 13:06:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NL5w8T012226 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 13:06:18 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0NL5w37012225 for sage-members-0utGoign; Wed, 23 Jan 2008 13:05:58 -0800 (PST) Received: from mailout1.bnsvcs.net (mailout1.bnsvcs.net [87.108.20.68]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0NL546x012170 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 23 Jan 2008 13:05:31 -0800 (PST) Received: from localhost (localhost.localdomain [127.0.0.1]) by mailout1.bnsvcs.net (Postfix) with ESMTP id 5B5CE3BC010; Wed, 23 Jan 2008 21:04:58 +0000 (UTC) X-Virus-Scanned: amavisd-new-snap at mailout1.bnsvcs.net Received: from mailout1.bnsvcs.net ([127.0.0.1]) by localhost (mailout1.bnsvcs.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w0G-dEt7sp70; Wed, 23 Jan 2008 21:04:46 +0000 (UTC) Received: from [85.77.228.156] (KMDCCLV.gprs.saunalahti.fi [85.77.228.156]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: kajtzu@fi.basen.net) by mailout1.bnsvcs.net (Postfix) with ESMTPSA id 5508D3BC00C; Wed, 23 Jan 2008 21:04:42 +0000 (UTC) From: "Kaj Niemi" Reply-to: "Kaj Niemi" To: Neil Watson Cc: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? Date: Thu, 24 Jan 2008 05:04:37 +0800 Message-ID: X-Mailer: EPOC Email Version 2.10 MIME-Version: 1.0 Content-Language: i-default Content-Type: text/plain; charset=UTF-8 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id m0NL5u6w012218 Sender: owner-sage-members@usenix.org Precedence: bulk Hi, Executive summary: In all fairness to Dell, the 8G (1850, 2850, etc) and 9G models (1950, 2950, etc) have been remarkably solid pieces of engineering. :) We have several hundred servers installed and have had very little problems. A PSU here or a SATA drive there that's gotten replaced quickly. No DOAs at all. Both the non-RAID controllers and RAID PERCs have been detected by the operating system and have worked well under various loads. By using OMSA and SNMP we've gotten notifications of failed subsystems, opened a ticket with Dell, gotten them replaced and had the server continue doing whatever it was doing without noticeable interruptions (except when a DIMM failed). The account team is also friendly, maybe a bit too Windows oriented (dell in Europe is), but are able to find out things to questions even relating to linux support and the pricing is quite nice. They sometimes have 2-for-1 deals too which are nice (works out to about 1.6:1 because you have to buy 24x7x4 3 yr instead of the default NBD 3yr) if you buy a lot of servers. They also don't really understand the concept of schwag and t-shirts unlike Sun in the old days who made sure the techies were properly clothed. :) The last is something I can live without, obviously. As far as I have seen there haven't been any changes in the PCI IDs which was quite common when we shopped Supermicro/sweat shop systems and really had a component and driver lottery every time we got a new batch. There were also multiple DOAs or "magic smoke escapes within a week" events which kept things interesting along with "some parts not properly seated". The perceived savings in costs weren't really there. Just like with routers and switches, you do not really pay the list price when buying servers either. We install consistent images on all servers and regularly upgrade older systems in the field to the same release. Kernels are usually vendor provided unless there is something they have not fixed and we absolutely must have it right now (RHEL3: sata_sil vs. siimage driver, RHEL4: kernel must not wait forever for broken udp packet (think snmp datagrams), RHEL5: so far nothing). Drivers are operating system vendor drivers, not the drivers Dell touts on their pages. I'm not sure really who they're for but probably not for people with RHEL or SLES. If I'd ever start buying servers from scratch I'd certainly skip the Supermicro/no-name phase no matter how cool it was to select funky controllers and install things into them. My impression (we've had some units every now and then for testing and comparison) is that HP is equivalent to Dell for both hardware engineering, QA, linux drivers and support. HTH :) Kaj -original message- Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? From: Neil Watson Date: 24/01/2008 03:26 On Wed, Jan 23, 2008 at 11:02:24AM -0800, Howard Chu wrote: >> Is PERC Dell's OEM name for some other vendor's product? I was always >> under the impression that PERC was a low-grade vendor separate from >> Dell and everyone else. > > AFAIK PERC in this context just means PowerEdge Expandable RAID > Controller. So yes, it could be anything. Ah the beauty of Dell. A mystery in every box. Is it Adaptec? Is it LSI? Is it a unique version of either and incompatible with non Dell drivers? Will the next model I buy from Dell in a few weeks contain entirely different hardware in spite of the model number being the same? Sorry, I had to get that off of my chest. Please resume useful discussion. -- Neil Watson | Debian Linux System Administrator | Uptime 9 days http://watson-wilson.ca From sage-members-owner@usenix.org Wed Jan 23 16:43:56 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0O0htZv019150 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 16:43:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0O0htBh019149 for sage-members-0utGoign; Wed, 23 Jan 2008 16:43:55 -0800 (PST) Received: from ag-out-0708.google.com (ag-out-0708.google.com [72.14.246.241]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0O0hFdN019129 for ; Wed, 23 Jan 2008 16:43:40 -0800 (PST) Received: by ag-out-0708.google.com with SMTP id 5so17777agb.1 for ; Wed, 23 Jan 2008 16:43:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=CEJn2X29LwzKYNOq08hgzROpOaWd7Sc8NlP088rLoyU=; b=TY4nQXyt5PDy50LefLaY4/jhmSDtV2Xu23Bl8W8fkEb8xRLJHj7z4mmK1T4gQ9TIPp+CkqDHgSSnd+NEKmEKuNjDvyhInPBDXuVIJfuiOuQI0yJm2aBNARdA/xn8JBeHVxaZyekmFPLvwZr474/5A+XcbsbobR1SNKrqCWrs5HI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=W/fzTgCKbSUJT/tCdqrCan8r5NEJvPrUy8RhHNpVmANcmEFQ7xZi+iEkQCO+loMIY/AHb6ihAgGV99vb11mb3GLcGeyljGTllvWHgFe4iTSgd6nGFj7QTUS8ByjMMqpeiY0ubd5IxjiXZUw4GV9v4VYFGjmelqXACoOWo5PDznU= Received: by 10.150.195.21 with SMTP id s21mr3799329ybf.114.1201132108532; Wed, 23 Jan 2008 15:48:28 -0800 (PST) Received: from ?10.0.0.5? ( [65.24.146.151]) by mx.google.com with ESMTPS id a45sm35292rne.10.2008.01.23.15.48.26 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 23 Jan 2008 15:48:27 -0800 (PST) Message-ID: <4797D250.6060906@gmail.com> Date: Wed, 23 Jan 2008 18:48:32 -0500 From: Rob Felsburg User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Paul Lussier CC: sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> In-Reply-To: <87myqw4fpu.fsf@comcast.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=9% Sender: owner-sage-members@usenix.org Precedence: bulk Paul Lussier wrote: > Hi all, > > Does anyone have any experience running Linux on a Dell 2950 w/ SAS > 6/iR controller ? This is, from what I can tell of the quote shown me > by my IT guy, an intregrated SAS RAID controller. They claim it's not > a PERC, which I know is to be avoided. But I know nothing of this > other thing. > > Cautionary tales, warnings, sirens and alarm bells all welcome :) > (unless all they say is "Don't buy from Dell", I, unfortunately, have > little choice there :( > > We're running 2 Dell Poweredge 2950's right now with CentOS 5. We've had no issues with the Perc 5i raid controllers in the 2950's at all, in fact they've been remarkably stable under quite a bit of load. -Rob From sage-members-owner@usenix.org Wed Jan 23 16:50:43 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0O0ob9R019513 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 23 Jan 2008 16:50:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0O0ob2r019510 for sage-members-0utGoign; Wed, 23 Jan 2008 16:50:37 -0800 (PST) Received: from QMTA06.westchester.pa.mail.comcast.net (qmta06.westchester.pa.mail.comcast.net [76.96.62.56]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0O0nt5x019438 for ; Wed, 23 Jan 2008 16:50:20 -0800 (PST) Received: from OMTA12.westchester.pa.mail.comcast.net ([76.96.62.44]) by QMTA06.westchester.pa.mail.comcast.net with comcast id goGe1Y0020xGWP80503700; Thu, 24 Jan 2008 00:49:50 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA12.westchester.pa.mail.comcast.net with comcast id gopp1Y00b5A3TEL3Y00000; Thu, 24 Jan 2008 00:49:50 +0000 X-Authority-Analysis: v=1.0 c=1 a=gmGukzVTIsKq2mTotRgA:9 a=FW_YPJskL-m-1AyMUAbb22uq8NwA:4 a=si9q_4b84H0A:10 a=ok68_o4NJqgA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 6FB821ACE2; Wed, 23 Jan 2008 19:49:49 -0500 (EST) To: sage-members@sage.org Subject: [SAGE] Re: Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> From: Paul Lussier Date: Wed, 23 Jan 2008 19:49:49 -0500 In-Reply-To: <87myqw4fpu.fsf@comcast.net> (Paul Lussier's message of "Wed\, 23 Jan 2008 12\:25\:01 -0500") Message-ID: <87r6g82gk2.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk Paul Lussier writes: > Hi all, > > Does anyone have any experience running Linux on a Dell 2950 w/ SAS > 6/iR controller ? This is, from what I can tell of the quote shown me > by my IT guy, an intregrated SAS RAID controller. They claim it's not > a PERC, which I know is to be avoided. But I know nothing of this > other thing. Thanks all for your responses. It's certainly been helpful. Based on all the great feedback and information, I feel comfortable enough to tell the IT guy to go ahead with the order. The worst case scenario is we return it, or turn it into a Windows server :) Thanks again! -- Seeya, Paul From sage-members-owner@usenix.org Thu Jan 24 00:47:14 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0O8l16l018525 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 00:47:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0O8l1bO018524 for sage-members-0utGoign; Thu, 24 Jan 2008 00:47:01 -0800 (PST) Received: from mail.mlop.de (heimdall.mlop.de [213.128.138.33]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0O8kA8Z018463 for ; Thu, 24 Jan 2008 00:46:36 -0800 (PST) Received: from [10.10.42.42] (p548FD715.dip.t-dialin.net [84.143.215.21]) (authenticated bits=0) by mail.mlop.de (8.14.1/8.14.1) with ESMTP id m0O8JJsI024814 for ; Thu, 24 Jan 2008 09:19:23 +0100 Date: Thu, 24 Jan 2008 09:19:17 +0100 (CET) From: Andreas Gerler To: sage-members@sage.org Subject: Re: [SAGE] Sun acquires MySQL In-Reply-To: <86ve5l7l5n.fsf@blue.stonehenge.com> Message-ID: References: <523a2afd0801190825p2512d429x9323d814e6b7eb29@mail.gmail.com> <47939295.8060200@jasonantman.com> <86ve5l7l5n.fsf@blue.stonehenge.com> User-Agent: Alpine 1.00 (LNX 882 2007-12-20) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-SMTP-Vilter-Version: 1.3.6 X-Spamd-Symbols: AWL, BAYES_00, PGP_BLOCK, RCVD_IN_PBL, RCVD_IN_SORBS_DUL, RDNS_DYNAMIC X-SMTP-Vilter-Spam-Backend: spamd X-Spam-Score: -9.1 X-Spam-Threshold: 5.0 X-Spam-Probability: -1.8 X-Its-A-Nuisance: This is spam X-SMTP-Vilter-Unwanted-Backend: attachment X-SMTP-Vilter-attachment-Unwanted-Status: clean X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! As a long time MySQL User I cannot agree. After using the community version for a long time we switched over to the enterprise edition. You should have a look at the included monitoring tool called "Enterprise Dashboard". Having seen this on other RDBMs. And the Query-Cache is a great feature bringing system load from 50% to below 10% on our systems. Even master/slave setup is working since around 5.0.30 for us without much headache. But InnoDB is imo currently the most important storage engine. So its interesting whats going on in the next time. so long... Baron - -- http://www.bundesbrandschatzamt.de/~baron mailto:baron@bundesbrandschatzamt.de ICQ # 168310436 AIM: baron42fmcb On Tue, 22 Jan 2008, Randal L. Schwartz wrote: RLS> Date: Tue, 22 Jan 2008 10:47:00 -0800 RLS> From: Randal L. Schwartz RLS> To: Jason Antman RLS> Cc: Rodrick Brown , sage-members@sage.org RLS> Subject: Re: [SAGE] Sun acquires MySQL RLS> RLS> >>>>> "Jason" == Jason Antman writes: RLS> RLS> Jason> I've heard a lot of worry about Sun controlling MySQL - everything from RLS> Jason> "the sky is falling" (Sun essentially turning MySQL into a mainly RLS> Jason> proprietary product with a small free version) [...] RLS> RLS> Huh? MySQL AB already succeeded in doing that! RLS> RLS> The restrictions on using the "free" version are pretty brutal. If you want RLS> to do *anything* interesting, you're encouraged to get the paid version "to be RLS> safe". RLS> RLS> There are other databases out there that are truly free, and do a lot more in RLS> a lot less time. MySQL is getting less and less interesting as the RLS> years go by. RLS> RLS> [Yawn.] RLS> RLS> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.7 (GNU/Linux) iD8DBQFHmEoJeip+AM3OXw4RAnCmAJ9T8AywORdcUQYjvo2BF4AFITgxwwCgkozp 71ZKh8Udwpy+i08kYgIBZqc= =1lG5 -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Thu Jan 24 06:38:33 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OEbwM5028546 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 06:38:18 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OEbwxp028545 for sage-members-0utGoign; Thu, 24 Jan 2008 06:37:58 -0800 (PST) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.239]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OEbILA028527 for ; Thu, 24 Jan 2008 06:37:44 -0800 (PST) Received: by nz-out-0506.google.com with SMTP id f1so695018nzc.37 for ; Thu, 24 Jan 2008 06:37:11 -0800 (PST) Received: by 10.142.171.6 with SMTP id t6mr280272wfe.44.1201178474314; Thu, 24 Jan 2008 04:41:14 -0800 (PST) Received: by 10.142.162.18 with HTTP; Thu, 24 Jan 2008 04:41:14 -0800 (PST) Message-ID: <664c5a070801240441u49ce5485sabf7b451a219e212@mail.gmail.com> Date: Thu, 24 Jan 2008 13:41:14 +0100 From: "Erling Ringen Elvsrud" To: sage-members@usenix.org Subject: [SAGE] Slow Bastille development, any alternatives? MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Hello, Development of Bastille seems to be very slow and there is little activity on the mailing lists. A message "Bastille UNIX release coming January 14th, 2008." appeared, but I have not seen any new version yet. Bastille does not work properly on RHEL 5.1, it spews out messages about not being able to detect which Red Hat version it is. It is possible to trick it by changing /etc/redhat-release to a supported version, but I'm not sure if it works as it should. Do you know what the status of the Bastille project is? is it dying? and do you know of any alternatives? I use Bastille mostly because it is policy here to use Bastille on all servers. If Bastille is slowing in development and dying we need to find a replacement. Thanks, Erling From sage-members-owner@usenix.org Thu Jan 24 09:18:07 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OHHsmk004183 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 09:17:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OHHsRb004182 for sage-members-0utGoign; Thu, 24 Jan 2008 09:17:54 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.224]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OHHFeU004156 for ; Thu, 24 Jan 2008 09:17:40 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c55so153674wra.11 for ; Thu, 24 Jan 2008 09:17:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=BlwJ6zrl3gOBnPmPyLYfi0KJicxg2wFKIQw0hJFZn9s=; b=nSSnwGIHmGbYqoA9+vEOQ6spxgh93+l5m5NI85BsCMHJ/jLgDIxMfjbJdD3zaUgr/zqfQo1OzJQPreI3ARvdeeiLWas50Uc9jL15VP5oHSW8efNx7069/Cmne62RPXE6d1sKq20Sx7r255G6Ua0LGZAgkiq1Xu0sLZdkwRtnxns= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=PU7zqpYQvF0spdjG3pQ+4sifFEQQ3KkhL5WsEfRPgpjDljzKkdu/DwZZYnUBmjnPnP/n755zzJGGZZ8QvucY6BSlHUTm+ZPdFeqPp/Bsf2OkF69OwwbqEEE+wLWgpeLUmjZafFY0wX41VkJjUiKitYGJbmYN5ho2dUxP4g5uQl8= Received: by 10.142.230.11 with SMTP id c11mr500807wfh.145.1201193354526; Thu, 24 Jan 2008 08:49:14 -0800 (PST) Received: by 10.142.84.18 with HTTP; Thu, 24 Jan 2008 08:49:14 -0800 (PST) Message-ID: Date: Thu, 24 Jan 2008 10:49:14 -0600 From: "Nathan Hruby" To: "Paul Lussier" Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? Cc: sage-members@sage.org In-Reply-To: <87d4rs4c2o.fsf@comcast.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> <87d4rs4c2o.fsf@comcast.net> X-Google-Sender-Auth: 3d37c0c8c27f063b X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 23, 2008 12:43 PM, Paul Lussier wrote: > By the way, my question wasn't so much about the Dell 2950 with > Debian, rather, it was "What's this SAS 6i/R controller thingy?". Mind you the 5i and 6i are *NOT* PERC hardware RAID controllers. They are motherboard integrated LSI SAS controllers that have built in mirroring as defined by the SAS spec (maybe raid0 striping as well.. I can't remember). These controllers in Linux use the mpt_* drivers which are fairly stable and we've had few issues. One minor note is that there is/was a bug in the driver/firmware/something such that tickling some of the /proc entries with the right virgin chicken would cause the controllers to wrongly kick a disk out of the mirror set. General usage would not cause this, but older versions the Oracle Grid Control agent in Oracle 10g seemed to be able to do this fairly reliably. This happened on our 5i's and it took several weeks to figure out what was going on and then upgrade the Grid Control Agent to fix it. HTH, -n -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Thu Jan 24 10:13:20 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OID7xi006357 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 10:13:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OID7IN006356 for sage-members-0utGoign; Thu, 24 Jan 2008 10:13:07 -0800 (PST) Received: from mail0.lsil.com (mail0.lsil.com [147.145.40.20]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OIClgU006327 for ; Thu, 24 Jan 2008 10:12:53 -0800 (PST) Received: from milmhbs0.lsil.com (mhbs.lsil.com [147.145.1.30]) by mail0.lsil.com (8.12.11/8.12.11) with ESMTP id m0OHu168014410 for ; Thu, 24 Jan 2008 09:56:01 -0800 (PST) Received: from namail.ad.lsil.com (namail.co.lsil.com [172.21.36.18]) by milmhbs0.lsil.com (8.12.11/8.12.11) with ESMTP id m0OHwqIQ023849 for ; Thu, 24 Jan 2008 09:58:52 -0800 Received: from NAMAIL1.ad.lsil.com ([172.21.36.19]) by namail.ad.lsil.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 24 Jan 2008 10:58:48 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] Re: Dell 2950 w/ SAS 6/iR controller? Date: Thu, 24 Jan 2008 10:58:53 -0700 Message-ID: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE2F8A@NAMAIL1.ad.lsil.com> In-Reply-To: <87r6g82gk2.fsf@comcast.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] Re: Dell 2950 w/ SAS 6/iR controller? Thread-Index: AcheI3QWSfdTUuVCQRibk4iBVJcoGgAj0BEw From: "Simon, Wesley" To: X-OriginalArrivalTime: 24 Jan 2008 17:58:48.0516 (UTC) FILETIME=[C52AB840:01C85EB2] X-Scanned-By: MIMEDefang 2.39 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id m0OID5gU006351 Sender: owner-sage-members@usenix.org Precedence: bulk >From what I hear, those guys over at LSI make some pretty good storage products... Wesley Simon 316.636.8078 -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Paul Lussier Sent: Wednesday, January 23, 2008 6:50 PM To: sage-members@sage.org Subject: [SAGE] Re: Dell 2950 w/ SAS 6/iR controller? Paul Lussier writes: > Hi all, > > Does anyone have any experience running Linux on a Dell 2950 w/ SAS > 6/iR controller ? This is, from what I can tell of the quote shown me > by my IT guy, an intregrated SAS RAID controller. They claim it's not > a PERC, which I know is to be avoided. But I know nothing of this > other thing. Thanks all for your responses. It's certainly been helpful. Based on all the great feedback and information, I feel comfortable enough to tell the IT guy to go ahead with the order. The worst case scenario is we return it, or turn it into a Windows server :) Thanks again! -- Seeya, Paul From sage-members-owner@usenix.org Thu Jan 24 10:39:37 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OIdS6P007580 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 10:39:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OIdSZC007579 for sage-members-0utGoign; Thu, 24 Jan 2008 10:39:28 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OIcx23007561 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 10:39:20 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OIcxvY007559 for sage-members@usenix.org; Thu, 24 Jan 2008 10:38:59 -0800 (PST) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.242]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0O8gMWV018338 for ; Thu, 24 Jan 2008 00:42:51 -0800 (PST) Received: by an-out-0708.google.com with SMTP id d33so33645and.105 for ; Thu, 24 Jan 2008 00:42:16 -0800 (PST) Received: by 10.100.239.11 with SMTP id m11mr852491anh.87.1201164136391; Thu, 24 Jan 2008 00:42:16 -0800 (PST) Received: by 10.100.134.11 with HTTP; Thu, 24 Jan 2008 00:42:16 -0800 (PST) Message-ID: <9003ed000801240042u1895bab9sc000cd08fdd3dd7b@mail.gmail.com> Date: Thu, 24 Jan 2008 08:42:16 +0000 From: "Colm Buckley" To: "Paul Lussier" Subject: Re: [SAGE] Re: Dell 2950 w/ SAS 6/iR controller? Cc: sage-members@sage.org In-Reply-To: <87r6g82gk2.fsf@comcast.net> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_39465_32984383.1201164136372" References: <87myqw4fpu.fsf@comcast.net> <87r6g82gk2.fsf@comcast.net> X-Google-Sender-Auth: b035b1dedb8d8f93 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_39465_32984383.1201164136372 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Jan 24, 2008 12:49 AM, Paul Lussier wrote: > > Does anyone have any experience running Linux on a Dell 2950 w/ SAS > > 6/iR controller ? This is, from what I can tell of the quote shown me > > by my IT guy, an intregrated SAS RAID controller. They claim it's not > > a PERC, which I know is to be avoided. But I know nothing of this > > other thing. > > Thanks all for your responses. It's certainly been helpful. Based on > all the great feedback and information, I feel comfortable enough to > tell the IT guy to go ahead with the order. The worst case scenario > is we return it, or turn it into a Windows server :) I'm not 100% sure that the responses in this thread captured your concern, though; most people talked about the stability and strong support in Linux for the recent PERC cards (with which I concur; we have a large fleet of PERC5 and PERC6 systems deployed, largely without issue - there was an incident where a particular batch of drives from a particular manufacturer had a firmware problem which had a bad interaction with the PERC5, but we were able to find a workaround after a week or so of closely working with Dell), but the SAS6/iR is not a PERC card. The current generation of PERC cards are simply VAR versions of very standard LSI MegaRAID cards (for example, the PERC6/i is based very closely on the LSILogic 8888ELP card), but the SAS6/iR integrated controller is an MPT Fusion device, not a "megaraid". It *should* be supported by Linux using the mptsas/mptfusion driver complex, but I can't personally vouch for its correct operation. You might be better off going with the additional expenditure of the PERC6 - that I *can* vouch for! Colm -- Colm Buckley / colm@tuatha.org / +353 87 2469146 ------=_Part_39465_32984383.1201164136372 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Jan 24, 2008 12:49 AM, Paul Lussier <p.lussier@comcast.net> wrote:
 
> Does anyone have any experience running Linux on= a Dell 2950 w/ SAS
> 6/iR controller ?  This is, from what I ca= n tell of the quote shown me
> by my IT guy, an intregrated SAS RAID = controller.  They claim it's not
> a PERC, which I know is to be avoided.  But I know nothing of= this
> other thing.

Thanks all for your responses. &nbs= p;It's certainly been helpful.  Based on
all the great feedback= and information, I feel comfortable enough to
tell the IT guy to go ahead with the order.  The worst case scenar= io
is we return it, or turn it into a Windows server :)

I'm not 100% sure that the responses in this thread captured your = concern, though; most people talked about the stability and strong support = in Linux for the recent PERC cards (with which I concur; we have a large fl= eet of PERC5 and PERC6 systems deployed, largely without issue - there was = an incident where a particular batch of drives from a particular manufactur= er had a firmware problem which had a bad interaction with the PERC5, but w= e were able to find a workaround after a week or so of closely working with= Dell), but the SAS6/iR is not a PERC card.  The current generation of= PERC cards are simply VAR versions of very standard LSI MegaRAID cards (fo= r example, the PERC6/i is based very closely on the LSILogic 8888ELP card),= but the SAS6/iR integrated controller is an MPT Fusion device, not a "= ;megaraid".  It *should* be supported by Linux using the mptsas/m= ptfusion driver complex, but I can't personally vouch for its correct o= peration.

You might be better off going with the additional expenditure of th= e PERC6 - that I *can* vouch for!

= Colm


--
Colm Buckley / colm@tuatha.org / +353 87 2469146 ------=_Part_39465_32984383.1201164136372-- From sage-members-owner@usenix.org Thu Jan 24 10:40:43 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OIeIjP007659 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 10:40:18 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OIeIDm007658 for sage-members-0utGoign; Thu, 24 Jan 2008 10:40:18 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OIdqcq007631 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 10:39:53 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OIdqHj007630 for sage-members@usenix.org; Thu, 24 Jan 2008 10:39:52 -0800 (PST) Received: from quark.cs.earlham.edu (cs.earlham.edu [159.28.230.3]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OHqTFB005540 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 09:52:55 -0800 (PST) Received: from angband.gs.washington.edu (angband.gs.washington.edu [128.208.9.42]) (authenticated bits=0) by quark.cs.earlham.edu (8.13.6/8.13.3) with ESMTP id m0OHqDuR076504 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 24 Jan 2008 12:52:16 -0500 (EST) (envelope-from skylar@cs.earlham.edu) Message-ID: <4798D04B.7070904@cs.earlham.edu> Date: Thu, 24 Jan 2008 09:52:11 -0800 From: Skylar Thompson Reply-To: skylar@cs.earlham.edu Organization: Earlham College Computer Science Department User-Agent: Thunderbird 2.0.0.9 (X11/20071031) MIME-Version: 1.0 To: Nathan Hruby CC: Paul Lussier , sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> <87d4rs4c2o.fsf@comcast.net> In-Reply-To: X-Enigmail-Version: 0.95.6 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig587156CC16FC1672EC2BFD42" X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-1.6 (quark.cs.earlham.edu [159.28.230.3]); Thu, 24 Jan 2008 12:52:17 -0500 (EST) X-Scanned-By: MIMEDefang 2.56 on 159.28.230.3 X-Spam-Status: No, score=-2.7 required=8.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on quark.cs.earlham.edu X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig587156CC16FC1672EC2BFD42 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Nathan Hruby wrote: > Mind you the 5i and 6i are *NOT* PERC hardware RAID controllers. They > are motherboard integrated LSI SAS controllers that have built in > mirroring as defined by the SAS spec (maybe raid0 striping as well.. I > can't remember). These controllers in Linux use the mpt_* drivers > which are fairly stable and we've had few issues. > =20 I thought the only difference between the n/i and the n/d controllers=20 was that the n/d's have external connectors? The 5/i's that we have do=20 RAID-5 and RAID-10 as well as mirroring and striping. --=20 -- Skylar Thompson (skylar@cs.earlham.edu) -- http://www.cs.earlham.edu/~skylar/ --------------enig587156CC16FC1672EC2BFD42 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHmNBNsc4yyULgN4YRAnbvAJwLYn/mKVvE1uvIER8n7VLZOBBs0gCgsbsC W7eFYflzGSf6wXTRQfPSHHU= =l0tw -----END PGP SIGNATURE----- --------------enig587156CC16FC1672EC2BFD42-- From sage-members-owner@usenix.org Thu Jan 24 11:46:12 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OJjxlq011957 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 11:45:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OJjxcA011956 for sage-members-0utGoign; Thu, 24 Jan 2008 11:45:59 -0800 (PST) Received: from sgpsmtp1.avagotech.com (sgpsmtp1.avagotech.com [202.86.248.61]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OJjJO1011924 for ; Thu, 24 Jan 2008 11:45:44 -0800 (PST) Received: from sgpsmtp1.avagotech.com (localhost.localdomain [127.0.0.1]) by localhost.avagotech.com (Postfix) with ESMTP id DBF5D3466E; Fri, 25 Jan 2008 03:09:10 +0800 (SGT) Received: from smtp2.ftc.avagotech.net (smtp2.ftc.avagotech.net [10.10.9.12]) by sgpsmtp1.avagotech.com (Postfix) with ESMTP id 8DDE23469F; Fri, 25 Jan 2008 03:09:10 +0800 (SGT) Received: from [10.10.10.146] (vw.ftc.avagotech.net [10.10.10.146]) by smtp2.ftc.avagotech.net (Postfix) with ESMTP id 5FCBE10038; Thu, 24 Jan 2008 12:22:02 -0700 (MST) Message-ID: <4798E559.6040000@frii.com> Date: Thu, 24 Jan 2008 12:22:01 -0700 From: Ray Frush User-Agent: Thunderbird 2.0.0.6 (X11/20071022) MIME-Version: 1.0 To: Nathan Hruby Cc: Paul Lussier , sage-members@sage.org Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> <87d4rs4c2o.fsf@comcast.net> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Nathan Hruby wrote: > > Mind you the 5i and 6i are *NOT* PERC hardware RAID controllers. They > are motherboard integrated LSI SAS controllers that have built in > mirroring as defined by the SAS spec (maybe raid0 striping as well.. I > can't remember). These controllers in Linux use the mpt_* drivers > which are fairly stable and we've had few issues. > The Dell nomenclature for their embedded controllers is a tad confusing... Baseline: SAS 6/iR (Not a LSI/MegaRAID hardware RAID like Nathan points out. Upgrade: PERC6i SAS RAID Physically, the controller is an add on card that takes up residence near the front of the chassis. We've swapped the SAS6/iR with the PERC cards on a couple of occasions. Neither of these controllers have external connections. In addition to the "embedded" controllers you can add on a variety of spendy "2nd Controllers" including the "PERC6E SAS RAID", which provides External SAS ports. -- Ray Frush From sage-members-owner@usenix.org Thu Jan 24 11:54:20 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OJsJeO012629 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 11:54:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OJsJqi012628 for sage-members-0utGoign; Thu, 24 Jan 2008 11:54:19 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OJsHue012620 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 24 Jan 2008 11:54:17 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0OJsHiQ012616 for sage-members@usenix.org; Thu, 24 Jan 2008 11:54:17 -0800 (PST) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.250]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0OJ8C8H009178 for ; Thu, 24 Jan 2008 11:08:38 -0800 (PST) Received: by an-out-0708.google.com with SMTP id d33so95660and.105 for ; Thu, 24 Jan 2008 11:08:07 -0800 (PST) Received: by 10.100.196.17 with SMTP id t17mr2102797anf.115.1201201686929; Thu, 24 Jan 2008 11:08:06 -0800 (PST) Received: by 10.100.134.11 with HTTP; Thu, 24 Jan 2008 11:08:06 -0800 (PST) Message-ID: <9003ed000801241108v1fae5bf8kdc70d70e84717ecf@mail.gmail.com> Date: Thu, 24 Jan 2008 19:08:06 +0000 From: "Colm Buckley" To: skylar@cs.earlham.edu Subject: Re: [SAGE] Dell 2950 w/ SAS 6/iR controller? Cc: "Nathan Hruby" , "Paul Lussier" , sage-members@sage.org In-Reply-To: <4798D04B.7070904@cs.earlham.edu> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_43029_13640971.1201201686910" References: <87myqw4fpu.fsf@comcast.net> <48130.161.225.1.12.1201110987.squirrel@www.menolly.net> <87ir1k4cx2.fsf@comcast.net> <47978918.7020604@cs.earlham.edu> <87d4rs4c2o.fsf@comcast.net> <4798D04B.7070904@cs.earlham.edu> X-Google-Sender-Auth: 822cfed4fc1feab8 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_43029_13640971.1201201686910 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Jan 24, 2008 5:52 PM, Skylar Thompson wrote: > > I thought the only difference between the n/i and the n/d controllers > was that the n/d's have external connectors? The 5/i's that we have do > RAID-5 and RAID-10 as well as mirroring and striping. Yes, *but* there are also non-PERC "SAS 5/i" and "SAS 6/i" controllers, which (AIUI) are mptfusion devices, not LSI megaraids. Colm -- Colm Buckley / colm@tuatha.org / +353 87 2469146 ------=_Part_43029_13640971.1201201686910 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Jan 24, 2008 5:52 PM, Skylar Thompson <skylar@cs.earlham.edu> wrote:

I thought the only difference between the n/i and the n/d controllers
was that the n/d's have external connectors? The 5/i's that we have do
RAID-5 and RAID-10 as well as mirroring and striping.

Yes, *but* there are also non-PERC "SAS 5/i" and "SAS 6/i" controllers, which (AIUI) are mptfusion devices, not LSI megaraids.

Colm


--
Colm Buckley / colm@tuatha.org / +353 87 2469146 ------=_Part_43029_13640971.1201201686910-- From sage-members-owner@usenix.org Fri Jan 25 07:52:54 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PFqg2w003508 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 07:52:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PFqgXu003507 for sage-members-0utGoign; Fri, 25 Jan 2008 07:52:42 -0800 (PST) Received: from QMTA04.westchester.pa.mail.comcast.net (qmta04.westchester.pa.mail.comcast.net [76.96.62.40]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PFpoTE003477 for ; Fri, 25 Jan 2008 07:52:16 -0800 (PST) Received: from OMTA04.westchester.pa.mail.comcast.net ([76.96.62.35]) by QMTA04.westchester.pa.mail.comcast.net with comcast id hSag1Y00E0ldTLk0507d00; Fri, 25 Jan 2008 15:51:45 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA04.westchester.pa.mail.comcast.net with comcast id hTrk1Y00H5A3TEL3Q00000; Fri, 25 Jan 2008 15:51:45 +0000 X-Authority-Analysis: v=1.0 c=1 a=AcP-deDDAAAA:8 a=9-NqiIJEiv30XU0ABxoA:9 a=9iWaBs0-QxkXV_dbeNU_H_bbyBMA:4 a=D3L0AG4XjkMA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 37C721ACE2; Fri, 25 Jan 2008 10:51:44 -0500 (EST) To: sage-members@sage.org Subject: [SAGE] Does your wiring look like this? From: Paul Lussier Date: Fri, 25 Jan 2008 10:51:44 -0500 Message-ID: <87sl0l299r.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk http://royal.pingdom.com/?p=240 I'm very impressed :) I have really good intentions, and I've had in the past what I considered to be fairly clean and neat cabling. But I admit, I never achieved this level. -- Seeya, Paul From sage-members-owner@usenix.org Fri Jan 25 08:22:01 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PGLHQW004711 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 08:21:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PGLHij004710 for sage-members-0utGoign; Fri, 25 Jan 2008 08:21:17 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.186]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PGKLcr004683 for ; Fri, 25 Jan 2008 08:20:51 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so770036rvb.59 for ; Fri, 25 Jan 2008 08:20:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=UOOJa3TtzyDUCFdf8g+B8TAWOdhGANt8NhUILVA+qxQ=; b=qKI9TCxbxlPy5KtNzaxYEcxJ0dT6B5s8gu53JE7oD3L4I3jqRVncFxY22v4AUJiOdYg2kJ7Gfkz/7Uggch0rCa+tZ+Dl9b7BggbaZYQgjalA+bgLIezetDIQpREJcIfqhYn2MfcI7s0WtHLaZqS804hvwNGaD27Cn+165P//FA0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Y+FJVpPPGSszJjDtjhpd59qOpL1kDpq8VPEpEceTmZprplAfdYNsZdYU14WIy+5QLGWg4Nzjq8Ffw+1X835IpBMCjYIybjwG5vtmQVgG8+K8/6pbXab6cl/Ux2etSWVkIybLL8mjZhd4Ukp6LqsjM9upeuAkvz+MUmUV0SmWUcg= Received: by 10.140.135.20 with SMTP id i20mr1533114rvd.263.1201278014105; Fri, 25 Jan 2008 08:20:14 -0800 (PST) Received: by 10.140.226.13 with HTTP; Fri, 25 Jan 2008 08:20:14 -0800 (PST) Message-ID: <701ea59b0801250820p61bf1966x46395cec95803fa9@mail.gmail.com> Date: Fri, 25 Jan 2008 10:20:14 -0600 From: "Jeremiah Johnson" To: "Paul Lussier" Subject: Re: [SAGE] Does your wiring look like this? Cc: sage-members@sage.org In-Reply-To: <87sl0l299r.fsf@comcast.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87sl0l299r.fsf@comcast.net> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk In my cabinet, its very close not as pretty, but we use the CMA's and proper cables.. in the Windows teams cabinet, its a mess. The Windows teams problem is that they also don't install the CMA's for their servers, and never use the right length cables, so you'll have a 10' cable used where a 5' would have been fine, and the slack just hanging down preventing heat from escaping the rack, and entangling itself on other cables. Add to that, none of the cables are labeled, so you sometimes have 3 or 4 extra wires hanging in there that you have no idea what they are/were for. The big problem I have with our setup is the people that built the server room made the decision to actually install patch panels inside the racks. So we lose 4-8u on the top of the rack for patch panels. The run the Network cabling through the bottom of the rack to the top where the patch panels are, so we also lose 2-3u on the bottom. It makes moving a rack impossible, and it puts you in situations where "oh we dont have fiber in this rack". I keep telling them that its complete garbage and they need to look into the other ways of doing this properly but they don't listen. -Jeremiah On Jan 25, 2008 9:51 AM, Paul Lussier wrote: > > http://royal.pingdom.com/?p=240 > > I'm very impressed :) I have really good intentions, and I've had in > the past what I considered to be fairly clean and neat cabling. But I > admit, I never achieved this level. > -- > Seeya, > Paul > From sage-members-owner@usenix.org Fri Jan 25 08:34:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PGYln9005343 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 08:34:48 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PGYlZ1005342 for sage-members-0utGoign; Fri, 25 Jan 2008 08:34:47 -0800 (PST) Received: from hrndva-omtalb.mail.rr.com (hrndva-omtalb.mail.rr.com [71.74.56.123]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PGY6OX005311 for ; Fri, 25 Jan 2008 08:34:31 -0800 (PST) Received: from malkavian.ghostar.ath.cx ([24.174.55.104]) by hrndva-omta01.mail.rr.com with ESMTP id <20080125163315.RBFB11942.hrndva-omta01.mail.rr.com@malkavian.ghostar.ath.cx>; Fri, 25 Jan 2008 16:33:15 +0000 Received: from malkavian.ghostar.ath.cx (hcoyote@localhost.ghostar.ath.cx [127.0.0.1]) by malkavian.ghostar.ath.cx (8.13.1/8.12.11) with ESMTP id m0PGi41D020265; Fri, 25 Jan 2008 10:44:04 -0600 (CST) (envelope-from hcoyote@malkavian.ghostar.ath.cx) Received: (from hcoyote@localhost) by malkavian.ghostar.ath.cx (8.13.1/8.12.11/Submit) id m0PGi4tP020264; Fri, 25 Jan 2008 10:44:04 -0600 (CST) (envelope-from hcoyote) Date: Fri, 25 Jan 2008 10:44:04 -0600 From: Travis To: Paul Lussier Cc: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080125164404.GA20237@malkavian.ghostar.ath.cx> References: <87sl0l299r.fsf@comcast.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87sl0l299r.fsf@comcast.net> User-Agent: Mutt/1.5.13 (2006-08-11) X-Scanned-By: MIMEDefang 2.52 on 192.168.1.51 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=6% Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 25, 2008 at 10:51:44AM -0500, Paul Lussier wrote: > > http://royal.pingdom.com/?p=240 > > I'm very impressed :) I have really good intentions, and I've had in > the past what I considered to be fairly clean and neat cabling. But I > admit, I never achieved this level. We achieve that, but only because we pay a wiring contractor to follow our wiring designs. We generally do the first rack of a new system form factor to figure out what works and what doesn't. Then they just follow that. It really does take a lot of time, patience, and a bit of anal retentiveness to get it that clean. We still have a few racks that are a rats nest because of how often we go in and rewire and manipulate the stuff IN the racks (the racks are for our testing environment). Travis -- Travis Campbell hcoyote@ghostar.ath.cx From sage-members-owner@usenix.org Fri Jan 25 09:38:53 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PHcMZS007718 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 09:38:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PHcMMV007716 for sage-members-0utGoign; Fri, 25 Jan 2008 09:38:22 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PHbpiU007696 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 09:37:51 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PHbprE007695 for sage-members@usenix.org; Fri, 25 Jan 2008 09:37:51 -0800 (PST) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PFtjh6003652 for ; Fri, 25 Jan 2008 07:56:11 -0800 (PST) Received: by ug-out-1314.google.com with SMTP id 32so517618ugm.14 for ; Fri, 25 Jan 2008 07:55:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=v670KUosSPem20lwCTKnqqty2z2bZU9oSj8GRY5CzCg=; b=eFUyhA9Rg0mhDWQTMWlZ7Ni9yG4CGPnHScuNEfE26JoebmXOA3SxapnGfJmtQR0/g3+JiqZKmYT87SHv8Gk1O/a9tE38AWEqvYdJpLXYGIYB2UuJCL4KUN1gZJVgNtjvGILm3gWSAvEyDBGE2SFh1mbRoirYI7btnVlTS7cHmGQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=jMYVkVAR3K/uS0Ry0r1yBjHx9Tvt700wBHtqDV99tUBOp9YlpBCvuA7ePtZH5HB3PRDatw3PfIXdYWl57On6xvYojCqS5dtQNA6aKOIC95xq/NvmxPd0USJyOlSHtHtOHqnDaGHmVtbKcsnYV1V/kE6XiqS+XC/0cKspIG8X8HA= Received: by 10.67.122.12 with SMTP id z12mr3714475ugm.18.1201276539119; Fri, 25 Jan 2008 07:55:39 -0800 (PST) Received: by 10.86.30.6 with HTTP; Fri, 25 Jan 2008 07:55:39 -0800 (PST) Message-ID: <8c92ade10801250755xafc3dedw25261235be8b2c0c@mail.gmail.com> Date: Fri, 25 Jan 2008 08:55:39 -0700 From: "nicole velasquez" To: sage-members@sage.org Subject: [SAGE] System administrator research MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_1188_28993467.1201276539102" X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=18% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_1188_28993467.1201276539102 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Dear System Administrator, My name is Nicole Velasquez, and I am a researcher at the University of Arizona and a fellow SAGE member. My colleagues and I are conducting a study to examine the factors and qualities that motivate system administrators to use or not use software applications, and we would really appreciate your help. You are being invited to participate because as a system administrator, you have a unique understanding of what makes a software application ( i.e., "tool") useful in your job. The survey asks about the tools you use in your work and will take about 20-30 minutes to complete. There are no right or wrong answers; we are interested in your opinions. Approximately 200-500 system administrators are being asked to participate in this survey. As a way of thanking you for your participation, one participant will be randomly chosen to win an iPod Nano. The survey can be accessed here: http://www.questionbuilder.com/console/TakeSurvey?id=38817 We would like to get the opinions of as many system administrators as possible, so please feel free to tell fellow system administrators about the survey. Thank you very much! Nicole Velasquez Nicole F. Velasquez Ph.D. Candidate Management Information Systems The University of Arizona nicolefv@u.arizona.edu http://www.u.arizona.edu/~nicolefv ------=_Part_1188_28993467.1201276539102 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Dear System Administrator,

My name is Nicole Velasquez, and I am a researcher at the University of Arizona and a fellow SAGE member.  My colleagues and I are conducting a study to examine the factors and qualities that motivate system administrators to use or not use software applications, and we would really appreciate your help. You are being invited to participate because as a system administrator, you have a unique understanding of what makes a software application ( i.e., "tool") useful in your job.

The survey asks about the tools you use in your work and will take about 20-30 minutes to complete. There are no right or wrong answers; we are interested in your opinions.  Approximately 200-500 system administrators are being asked to participate in this survey.  As a way of thanking you for your participation, one participant will be randomly chosen to win an iPod Nano.

The survey can be accessed here:  http://www.questionbuilder.com/console/TakeSurvey?id=38817

We would like to get the opinions of as many system administrators as possible, so please feel free to tell fellow system administrators about the survey.

Thank you very much!

Nicole Velasquez

Nicole F. Velasquez
Ph.D. Candidate
Management Information Systems
The University of Arizona

nicolefv@u.arizona.edu
http://www.u.arizona.edu/~nicolefv
------=_Part_1188_28993467.1201276539102-- From sage-members-owner@usenix.org Fri Jan 25 12:43:34 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PKgoG6015083 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 12:43:10 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PKgnnJ015082 for sage-members-0utGoign; Fri, 25 Jan 2008 12:42:50 -0800 (PST) Received: from anchor-post-37.mail.demon.net (anchor-post-37.mail.demon.net [194.217.242.87]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PKfvlc015052 for ; Fri, 25 Jan 2008 12:42:23 -0800 (PST) Received: from guyver.demon.co.uk ([62.49.6.63]) by anchor-post-37.mail.demon.net with esmtp (Exim 4.68) id 1JIVN6-0001BG-Pc; Fri, 25 Jan 2008 20:41:57 +0000 Received: from localhost (localhost.home [127.0.0.1]) by guyver.demon.co.uk (Postfix) with ESMTP id DBCC51B183F; Fri, 25 Jan 2008 20:41:55 +0000 (GMT) Received: from guyver.demon.co.uk ([127.0.0.1]) by localhost (jabberwock.home [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 13329-03; Fri, 25 Jan 2008 20:41:34 +0000 (GMT) Received: from [127.0.0.1] (unknown [192.168.1.26]) by guyver.demon.co.uk (Postfix) with ESMTP id 2F41C1B1830; Fri, 25 Jan 2008 20:41:34 +0000 (GMT) Message-ID: <479A497D.40002@guyver.demon.co.uk> Date: Fri, 25 Jan 2008 20:41:33 +0000 From: Martin Jackson User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Paul Lussier Cc: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> In-Reply-To: <87sl0l299r.fsf@comcast.net> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Antivirus: avast! (VPS 080125-3, 25/01/2008), Outbound message X-Antivirus-Status: Clean X-Virus-Scanned: amavisd-new at guyver.demon.co.uk X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=22% Sender: owner-sage-members@usenix.org Precedence: bulk Like I always say to my guys nothing sends a more powerful message that a good cabling job. It make you and your team look extremely professional and you don't feel embarrassed to take people into your server room! -Martin Paul Lussier wrote: > http://royal.pingdom.com/?p=240 > > I'm very impressed :) I have really good intentions, and I've had in > the past what I considered to be fairly clean and neat cabling. But I > admit, I never achieved this level. > From sage-members-owner@usenix.org Fri Jan 25 13:44:22 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PLiLU2017524 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 13:44:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PLiL38017523 for sage-members-0utGoign; Fri, 25 Jan 2008 13:44:21 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PLiIXN017515 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 13:44:19 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PLiINb017513 for sage-members@usenix.org; Fri, 25 Jan 2008 13:44:18 -0800 (PST) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.177]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PLZwlC017129 for ; Fri, 25 Jan 2008 13:36:23 -0800 (PST) Received: by wa-out-1112.google.com with SMTP id j4so1372094wah.1 for ; Fri, 25 Jan 2008 13:35:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references; bh=JkmMNQc4Tm482apS5+5jhAbW3F3uAS0st8wN7gf3QPo=; b=IWLznKto0qya6uSgtaauhiFs8O6XeLWAMkPxBHfLDiGo12qtwWZBrI5AS9w9YiYMl2hcypOXOv9GoDL8d5+/IN8Sa9pw9fdSqnawTgdZV0uJ/KcVTq0jsneJwrelGkKKIscUq/ys4QLZFPsps9EsNnOACq++RxGX7+Dn1l97Rdw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references; b=vPAfhMgMkVzT7J36ObS16HCGrWff5NcSyoZ46CFq0PMgsqf3DcGjGAeZTKib/CEhB2F6L9yZoXaS9rL76IkAM+BhTh8oXlCG+gDb8mVr+Wn8TQsY4ikzBhndoIxBgJPJwO33JXA0+Uj7a3pVCICKIcVk8Nzb42nAw0yH+i+vsiI= Received: by 10.114.88.1 with SMTP id l1mr2791581wab.79.1201293022421; Fri, 25 Jan 2008 12:30:22 -0800 (PST) Received: by 10.114.149.16 with HTTP; Fri, 25 Jan 2008 12:30:22 -0800 (PST) Message-ID: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> Date: Fri, 25 Jan 2008 12:30:22 -0800 From: "\"Bruce A. Hamilton\" " Reply-To: bhami@pobox.com To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? In-Reply-To: <87sl0l299r.fsf@comcast.net> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_1643_12753917.1201293022415" References: <87sl0l299r.fsf@comcast.net> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_1643_12753917.1201293022415 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I have yet to see anybody implement my scheme which would be: do not use thick bundles of nearly untraceable same-color cables. Rather, use a wide mix of colors so that individual cables are more easily traced. --Bruce (Bruce Hamilton, Redondo Beach, CA) bhami@pobox.com http://bhami.com/ ------=_Part_1643_12753917.1201293022415 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I have yet to see anybody implement my scheme which would be: do not use thick bundles of nearly untraceable same-color cables. Rather, use a wide mix of colors so that individual cables are more easily traced.

--Bruce (Bruce Hamilton, Redondo Beach, CA)
bhami@pobox.com
http://bhami.com/ ------=_Part_1643_12753917.1201293022415-- From sage-members-owner@usenix.org Fri Jan 25 13:57:26 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PLv2nj018245 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 13:57:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PLv2r8018244 for sage-members-0utGoign; Fri, 25 Jan 2008 13:57:02 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.186]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PLuAfi018208 for ; Fri, 25 Jan 2008 13:56:35 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so865651rvb.59 for ; Fri, 25 Jan 2008 13:56:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=oYhhDWsa9o74gPDrEnQLiRmQruLa1oXQo0AsIflUrwY=; b=AFZCxNu6GALojM6gmZ5k/iCtdUxCpv51a2hPo7li8utKPX09ZhbNMr71gxEpJ/sJehHkoIebcTTJmitG1mIepGRyoh4ufmtVR8oCXz6s8v1I6tTe12mF1ZXN63UIdFAQVPtjOfW/EOgmnNtzopj26686VCrhyhRTXHUo1eKa1ZA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=wtOPkCZhp2eJWZ3sHrXELEywJyom5nvrhTXBRHuTs/HjKCOsekSjeG0UwOzlrS9n5MwKnJmWf+3ybKxE3+RRu4w3jqQrGCaY5iqEXoUgHihDNpw6c5lAYuMehKnabuIP0KzM2QsLT5GTS6MUaHlf2zWdCLUjVktVqbHOWb/o73A= Received: by 10.141.79.12 with SMTP id g12mr1800759rvl.29.1201298169996; Fri, 25 Jan 2008 13:56:09 -0800 (PST) Received: by 10.140.226.13 with HTTP; Fri, 25 Jan 2008 13:56:09 -0800 (PST) Message-ID: <701ea59b0801251356i3b385cb1qb4a091e1194bd971@mail.gmail.com> Date: Fri, 25 Jan 2008 15:56:09 -0600 From: "Jeremiah Johnson" To: bhami@pobox.com Subject: Re: [SAGE] Does your wiring look like this? Cc: sage-members@sage.org In-Reply-To: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Possibly because there are not many different wiring colors available. People do typically color code wires for differences in network use though, eg a dmz cable would be a different color than a kvm-ip or internal network cable. Nowadays, most purchased network cables are labeled at both ends with a unique(ish) number so that you can more easily trace it. -Jeremiah On Jan 25, 2008 2:30 PM, Bruce A. Hamilton wrote: > I have yet to see anybody implement my scheme which would be: do not use > thick bundles of nearly untraceable same-color cables. Rather, use a wide > mix of colors so that individual cables are more easily traced. > > --Bruce (Bruce Hamilton, Redondo Beach, CA) > bhami@pobox.com > http://bhami.com/ From sage-members-owner@usenix.org Fri Jan 25 13:59:33 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PLxWfl018439 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 13:59:33 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PLxWiO018437 for sage-members-0utGoign; Fri, 25 Jan 2008 13:59:32 -0800 (PST) Received: from mx1.metro-region.org (mx1.metro-region.org [67.138.101.229]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PLwnMA018362 for ; Fri, 25 Jan 2008 13:59:18 -0800 (PST) X-IronPort-AV: E=Sophos;i="4.25,252,1199692800"; d="scan'208";a="42953282" Received: from unknown (HELO THORIN.metro-region.org) ([192.168.10.205]) by ironport1.metro-region.org with ESMTP; 25 Jan 2008 13:58:48 -0800 Received: from [192.168.70.36] (ironside.metro-region.org [192.168.70.36]) by THORIN.metro-region.org with ESMTP; Fri, 25 Jan 2008 13:58:28 -0800 Message-ID: <479A5B84.6020907@metro.dst.or.us> Date: Fri, 25 Jan 2008 13:58:28 -0800 From: John Miller User-Agent: Thunderbird 2.0.0.9 (X11/20071031) MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> In-Reply-To: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk The photos were presented as a gallery of Art. That cabling was what you should see in an IDF where the cables are punched down an never removed... Evidently the servers or switches in the pictures will never change in size or placement, for the lifetime of the installation. They all went overboard with tie straps. You could not replace a damaged or faulty cable if you had to in that arrangement without messing it all up. Beautiful yes, functional maybe, but not flexible or practical, in my opinion. JM From sage-members-owner@usenix.org Fri Jan 25 14:08:54 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PM8rMR019183 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 14:08:53 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PM8r8C019182 for sage-members-0utGoign; Fri, 25 Jan 2008 14:08:53 -0800 (PST) Received: from ironport.rand.org (ironport.rand.org [192.5.14.160]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PM8XpP019163 for ; Fri, 25 Jan 2008 14:08:39 -0800 (PST) Received: from mail.rand.org ([10.1.6.160]) by iron-int.rand.org with ESMTP; 25 Jan 2008 14:00:44 -0800 Received: from crane.rand.org (crane.rand.org [10.1.6.53]) by mail.rand.org (8.12.11/8.12.11) with ESMTP id m0PM0iST021085 for ; Fri, 25 Jan 2008 14:00:44 -0800 (PST) Received: from nightshade.rand.org (nightshade.rand.org [10.1.12.33]) by crane.rand.org (8.14.1/8.14.1) with ESMTP id m0PM0iu5018417 for ; Fri, 25 Jan 2008 14:00:44 -0800 (PST) Received: from nightshade.rand.org (localhost [127.0.0.1]) by nightshade.rand.org (8.14.1/8.14.1) with ESMTP id m0PM0iGI025700 for ; Fri, 25 Jan 2008 14:00:44 -0800 (PST) Received: from nightshade.rand.org (leeann@localhost) by nightshade.rand.org (8.14.1/8.14.1/Submit) with ESMTP id m0PM0iAK025697 for ; Fri, 25 Jan 2008 14:00:44 -0800 (PST) Message-Id: <200801252200.m0PM0iAK025697@nightshade.rand.org> To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? In-reply-to: Your message of Fri, 25 Jan 2008 12:30:22 PST. <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> Date: Fri, 25 Jan 2008 14:00:43 -0800 From: Lee Ann Goldstein Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii" X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk --Your message was: (from "\"Bruce A. Hamilton\" ") > > I have yet to see anybody implement my scheme which would be: do not use > thick bundles of nearly untraceable same-color cables. Rather, use a wide > mix of colors so that individual cables are more easily traced. There's probably a reason for this... I'm reminded of a long ago boyfriend of mine who for obnoxiousness' sake would go to garage sales and buy not just awful ties, but polyester sports coats and jackets in the worst "used car dealer" plaids he could find. Then he'd combine them in the ugliest ways imaginable. There was one combination he came up with in which the colors clashed so horribly that the first time I saw it, my stomach turned. Yes, really. So if you continue decorating your server room in that fashion, maybe you ought to have a bucket or two handy in the racks. Lee Ann -- Lee Ann Goldstein, Lead System Administrator Information Services & Technology The RAND Corp., Santa Monica, CA 90407-2138 leeann@rand.org __________________________________________________________________________ This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. From sage-members-owner@usenix.org Fri Jan 25 14:23:41 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PMNVpD019921 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 14:23:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PMNV11019920 for sage-members-0utGoign; Fri, 25 Jan 2008 14:23:31 -0800 (PST) Received: from sj-iport-1.cisco.com (sj-iport-1-in.cisco.com [171.71.176.70]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PMN76W019911 for ; Fri, 25 Jan 2008 14:23:17 -0800 (PST) Received: from sj-dkim-3.cisco.com ([171.71.179.195]) by sj-iport-1.cisco.com with ESMTP; 25 Jan 2008 14:12:40 -0800 Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id m0PMCe19009676; Fri, 25 Jan 2008 14:12:40 -0800 Received: from [10.19.54.148] (sjc-rac-8713.cisco.com [10.19.54.148]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id m0PMCMj5025749; Fri, 25 Jan 2008 22:12:39 GMT Message-ID: <479A5E86.2010807@chycoski.com> Date: Fri, 25 Jan 2008 14:11:18 -0800 From: Richard Chycoski Reply-To: rskiadmin@chycoski.com User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: bhami@pobox.com CC: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> In-Reply-To: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: sj-dkim-3; header.From=rskiadmin@chycoski.com; dkim=neutral X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk It doesn't scale well, and a significant portion of the male population is colour blind. :-) I prefer cables with unique serial numbers. My current $WORK chooses not to use them, but they have certainly saved me a lot of time in the past. I also prefer unbundled cables except when all of the cables go from the same source point to destination point, e.g., from a bank of connectors on one chassis to a bank of connectors on another chassis. Bundling cables with disjoint destinations has always caused me problems and more work sooner or later. It may look prettier to make a smaller number of large bundles, but tracing is a bear and it's more work when you have to open a bundle to find a cable or replace a bad one. Neatness can be had without extreme bundling - using Panduct or similar products to provide a cableway and breakout arrangement. It's still important to use cables of the correct length, though - hiding an extra ten feet of each cable in the duct makes for as much work as tearing apart bundles! Another consideration of bundles - you can put a lot of extra stress on connectors with bundling unless cross-members and/or cable management hardware are properly used. The goal should be for a neat, serviceable arrangement, regardless of whether or not bundling is employed. - Richard "Bruce A. Hamilton" wrote: > I have yet to see anybody implement my scheme which would be: do not use > thick bundles of nearly untraceable same-color cables. Rather, use a > wide mix of colors so that individual cables are more easily traced. > > --Bruce (Bruce Hamilton, Redondo Beach, CA) > bhami@pobox.com > http://bhami.com/ From sage-members-owner@usenix.org Fri Jan 25 15:10:24 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PNA3AR021700 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 15:10:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PNA3mj021699 for sage-members-0utGoign; Fri, 25 Jan 2008 15:10:03 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PN9VKe021681 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 15:09:31 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0PN9VZt021680 for sage-members@usenix.org; Fri, 25 Jan 2008 15:09:31 -0800 (PST) Received: from mail01.answerfinancial.com (mail01.answerfinancial.com [12.107.3.241]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0PMXSF5020476 for ; Fri, 25 Jan 2008 14:33:53 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail01.answerfinancial.com (Postfix) with ESMTP id DDB5D1A19C8; Fri, 25 Jan 2008 14:03:03 -0800 (PST) Received: from mail01.answerfinancial.com ([127.0.0.1]) by localhost (mail01.answerfinancial.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gi-LrBPAbUgW; Fri, 25 Jan 2008 14:02:59 -0800 (PST) Received: from AFI01407 (afi01407.answer.answerfinancial.com [10.6.46.14]) by mail01.answerfinancial.com (Postfix) with ESMTP; Fri, 25 Jan 2008 14:02:59 -0800 (PST) From: "Todd Williams" To: , References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> Subject: RE: [SAGE] Does your wiring look like this? Date: Fri, 25 Jan 2008 14:02:59 -0800 Message-ID: <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000A_01C85F5A.FE437BF0" X-Mailer: Microsoft Office Outlook 11 Thread-Index: AchfnA2Wmh/xuzHpQYOcdY4LoTQcXQAAKXXw In-Reply-To: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk This is a multi-part message in MIME format. ------=_NextPart_000_000A_01C85F5A.FE437BF0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit We use a different color for each length of patch cable. 3' = purple, 4'=blue, 5'=red, etc. All crossover cables are orange. This makes it easy to find the cable you need in a box (or more likely a pile :-( ), and helps the tracing efforts, since we have 8+ different colors of cables. However, many times there are 15 or 20 blue cables next to each other, so it doesn't always help a whole lot. But putting a serialized >5 digit number on both ends of each patch cable with a Brady ID Pro labeller helps. But that's for patch cables. For house cabling, our 3rd-party vendor uses thick bundles of same-color cables, of course. We also have some rules posted about how to run patch cables....but they are often ignored. -Todd _____ From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of "Bruce A. Hamilton" Sent: Friday, January 25, 2008 12:30 PM To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? I have yet to see anybody implement my scheme which would be: do not use thick bundles of nearly untraceable same-color cables. Rather, use a wide mix of colors so that individual cables are more easily traced. --Bruce (Bruce Hamilton, Redondo Beach, CA) bhami@pobox.com http://bhami.com/ ------=_NextPart_000_000A_01C85F5A.FE437BF0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
We use a different color for each length of = patch=20 cable.  3' =3D purple, 4'=3Dblue, 5'=3Dred, etc.   All = crossover cables=20 are orange.
 
This makes it easy to find the cable you need = in a box (or=20 more likely a pile :-(  ), and helps the tracing efforts, since we = have 8+=20 different colors of cables.  However, many times there are 15 or 20 = blue=20 cables next to each other, so it doesn't always help a whole=20 lot.
 
But putting a serialized >5 digit = number on both=20 ends of each patch cable with a Brady ID Pro labeller = helps.
 
But that's for patch cables.  For house = cabling, our=20 3rd-party vendor uses thick bundles of same-color cables, of=20 course.
 
We also have some rules posted about how to run = patch=20 cables....but they are often ignored.
 
-Todd

From: owner-sage-members@usenix.org=20 [mailto:owner-sage-members@usenix.org] On Behalf Of "Bruce A. = Hamilton"=20 <bhami@pobox.com>
Sent: Friday, January 25, 2008 12:30=20 PM
To: sage-members@sage.org
Subject: Re: [SAGE] = Does your=20 wiring look like this?

I have yet to see anybody implement my scheme which would be: = do not=20 use thick bundles of nearly untraceable same-color cables. Rather, use a = wide=20 mix of colors so that individual cables are more easily = traced.

--Bruce=20 (Bruce Hamilton, Redondo Beach, CA)
bhami@pobox.com
http://bhami.com/ ------=_NextPart_000_000A_01C85F5A.FE437BF0-- From sage-members-owner@usenix.org Fri Jan 25 16:27:16 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q0RFdA024427 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 16:27:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q0RFCZ024426 for sage-members-0utGoign; Fri, 25 Jan 2008 16:27:15 -0800 (PST) Received: from ns.genyosha.net (ns.genyosha.net [216.103.76.250]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q0QYvg024408 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 16:27:00 -0800 (PST) Received: from dragon.genyosha.net (dragon.genyosha.net [216.103.76.254]) by ns.genyosha.net (8.12.11.20060614/8.12.11) with ESMTP id m0Q06ESk024947 for ; Fri, 25 Jan 2008 16:06:14 -0800 (PST) Received: from dragon.genyosha.net (localhost [127.0.0.1]) by dragon.genyosha.net (8.14.1/8.13.8) with ESMTP id m0Q06Euu007287 for ; Fri, 25 Jan 2008 16:06:14 -0800 (PST) (envelope-from sr@dragon.genyosha.net) Received: (from sr@localhost) by dragon.genyosha.net (8.14.1/8.14.2/Submit) id m0Q06AKb007286 for sage-members@sage.org; Fri, 25 Jan 2008 16:06:10 -0800 (PST) (envelope-from sr) Date: Fri, 25 Jan 2008 16:06:10 -0800 From: Steve Rikli To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080126000610.GB7065@dragon.genyosha.net> References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> User-Agent: Mutt/1.4.2.3i X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 25, 2008 at 02:02:59PM -0800, Todd Williams wrote: > [ wiring standards ] > We also have some rules posted about how to run patch cables....but they are > often ignored. > ... That's the key, isn't it? Wiring standards, color schemes, serialized cables, velcro, good cable management rings/loops/catchers/channels, labels, etc. -- all good stuff, for whatever your site's needs may be. But the people doing the work still have to *use* that stuff, and use it the right way. Every time. Or it's all eventually for naught. On top of that, the "stuff" has to be readily available and easily at-hand -- especially if end-users are doing their own cabling. Even motivated support folks will sometimes do a half-way cable job if they've gotta walk all the way downstairs to the supply closet to get the right 5' red cable or whatever. If there's a 7' green laying there, well, that's "good enough" isn't it? And "we'll fix it later" .... sr. From sage-members-owner@usenix.org Fri Jan 25 16:45:24 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q0ipjd025258 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 16:45:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q0ip7C025257 for sage-members-0utGoign; Fri, 25 Jan 2008 16:44:51 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q0iC0D025231 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 16:44:37 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0Q0i1As027099; Fri, 25 Jan 2008 16:44:01 -0800 Message-ID: <479A8251.1010109@chycoski.com> Date: Fri, 25 Jan 2008 16:44:01 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Steve Rikli CC: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> <20080126000610.GB7065@dragon.genyosha.net> In-Reply-To: <20080126000610.GB7065@dragon.genyosha.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk And even though we have bins of cables of every length in every data centre - there are still people who don't follow the rules. This is why the best of intentions still need occasional cleanup - or maybe draconian rules supplemented by lots of cameras?... - Richard Steve Rikli wrote: > On Fri, Jan 25, 2008 at 02:02:59PM -0800, Todd Williams wrote: > >> [ wiring standards ] >> We also have some rules posted about how to run patch cables....but they are >> often ignored. >> ... >> > > That's the key, isn't it? > > Wiring standards, color schemes, serialized cables, velcro, good > cable management rings/loops/catchers/channels, labels, etc. -- all > good stuff, for whatever your site's needs may be. > > But the people doing the work still have to *use* that stuff, and > use it the right way. Every time. Or it's all eventually for naught. > > On top of that, the "stuff" has to be readily available and easily > at-hand -- especially if end-users are doing their own cabling. > Even motivated support folks will sometimes do a half-way cable > job if they've gotta walk all the way downstairs to the supply > closet to get the right 5' red cable or whatever. > > If there's a 7' green laying there, well, that's "good enough" isn't > it? And "we'll fix it later" .... > > sr. > From sage-members-owner@usenix.org Fri Jan 25 17:01:08 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q10ZaW025987 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 17:00:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q10ZLe025986 for sage-members-0utGoign; Fri, 25 Jan 2008 17:00:35 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.181]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q0xsbf025945 for ; Fri, 25 Jan 2008 17:00:19 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so1383983pyb.10 for ; Fri, 25 Jan 2008 16:59:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=Xe8oWUe/ii5ayGfXIrUdaVBvJQkUX3gqTIZesIqGW88=; b=OnqpWJiAW+YfbrL73vuoZdzbuE1o7uRlQKEMBhV487TKZudjkHpdvDKtR2NX2dhCeveh1F/ARPCgv5hSZfccQttzrOFSUO9k1lsHHlipdQpdyGwP6hsBj0MaCQGt87SkBBWGJ39LXbhhlQjZfInu3oxu0YpF3U8T63V0B0kCTWM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Q01SUuQZmvSsUUF8SgSmzjNWtnbHmd6/lG/vTDecWgB+fKFynCwL6naw/B/XByQo8Qjmy+cqUeSVXyJLnnstIWLwvEnrr6RzeUhvRSjV1DiXuRu0kNyHfGQ6yMcQiPlLsBy61yah5KJHyj38hxQKXIYIPcWLZP0NrZ1psc1GkNg= Received: by 10.142.84.3 with SMTP id h3mr1681588wfb.113.1201308819709; Fri, 25 Jan 2008 16:53:39 -0800 (PST) Received: by 10.143.35.5 with HTTP; Fri, 25 Jan 2008 16:53:39 -0800 (PST) Message-ID: <72aff9060801251653u71f20395oca255fc6e27e9426@mail.gmail.com> Date: Fri, 25 Jan 2008 16:53:39 -0800 From: "Sean Ellis" Reply-To: sellis@totallygeek.com To: "Richard Chycoski" Subject: Re: [SAGE] Does your wiring look like this? Cc: "Steve Rikli" , sage-members@sage.org In-Reply-To: <479A8251.1010109@chycoski.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> <20080126000610.GB7065@dragon.genyosha.net> <479A8251.1010109@chycoski.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk That is why there needs to be some one responsible for the data center. That person must have the rank to hand down severe penalties for those whom bend and break the rules. Cabling, to me, is just as important as configuring ports for the proper VLAN. As a side note, I am surprised there are not more cable styles/colors - striped, banded, dayglo, etc. Sean On Jan 25, 2008 4:44 PM, Richard Chycoski wrote: > And even though we have bins of cables of every length in every data > centre - there are still people who don't follow the rules. > > This is why the best of intentions still need occasional cleanup - or > maybe draconian rules supplemented by lots of cameras?... > > - Richard > > > > Steve Rikli wrote: > > On Fri, Jan 25, 2008 at 02:02:59PM -0800, Todd Williams wrote: > > > >> [ wiring standards ] > >> We also have some rules posted about how to run patch cables....but they are > >> often ignored. > >> ... > >> > > > > That's the key, isn't it? > > > > Wiring standards, color schemes, serialized cables, velcro, good > > cable management rings/loops/catchers/channels, labels, etc. -- all > > good stuff, for whatever your site's needs may be. > > > > But the people doing the work still have to *use* that stuff, and > > use it the right way. Every time. Or it's all eventually for naught. > > > > On top of that, the "stuff" has to be readily available and easily > > at-hand -- especially if end-users are doing their own cabling. > > Even motivated support folks will sometimes do a half-way cable > > job if they've gotta walk all the way downstairs to the supply > > closet to get the right 5' red cable or whatever. > > > > If there's a 7' green laying there, well, that's "good enough" isn't > > it? And "we'll fix it later" .... > > > > sr. > > > > From sage-members-owner@usenix.org Fri Jan 25 17:07:05 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q175NL026433 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 17:07:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q174nn026432 for sage-members-0utGoign; Fri, 25 Jan 2008 17:07:05 -0800 (PST) Received: from QMTA07.westchester.pa.mail.comcast.net (qmta07.westchester.pa.mail.comcast.net [76.96.62.64]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q16Pl1026414 for ; Fri, 25 Jan 2008 17:06:50 -0800 (PST) Received: from OMTA14.westchester.pa.mail.comcast.net ([76.96.62.60]) by QMTA07.westchester.pa.mail.comcast.net with comcast id hQRR1Y0061HzFnQ0517b00; Sat, 26 Jan 2008 01:06:20 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA14.westchester.pa.mail.comcast.net with comcast id hd6K1Y00Q5A3TEL3a00000; Sat, 26 Jan 2008 01:06:20 +0000 X-Authority-Analysis: v=1.0 c=1 a=4idpzMMBmDYA:10 a=TRyfkSsMDlDTWcKxFIcA:9 a=sCnuVW9FRFDpryFiB9DIvxLoF_MA:4 a=MSl-tDqOz04A:10 a=IYyPzgZJ17kA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 4B8941AAAE; Fri, 25 Jan 2008 20:06:19 -0500 (EST) To: "Jeremiah Johnson" Cc: bhami@pobox.com, sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <701ea59b0801251356i3b385cb1qb4a091e1194bd971@mail.gmail.com> From: Paul Lussier Date: Fri, 25 Jan 2008 20:06:19 -0500 In-Reply-To: <701ea59b0801251356i3b385cb1qb4a091e1194bd971@mail.gmail.com> (Jeremiah Johnson's message of "Fri\, 25 Jan 2008 15\:56\:09 -0600") Message-ID: <873asl1jlg.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk "Jeremiah Johnson" writes: > Possibly because there are not many different wiring colors available. > People do typically color code wires for differences in network use > though, eg a dmz cable would be a different color than a kvm-ip or > internal network cable. Nowadays, most purchased network cables are > labeled at both ends with a unique(ish) number so that you can more > easily trace it. Oh, sure, I've often used color schemes such as: red - DMZ connections blue - Desktops yellow - servers green - network uplinks pink - crossovers/serial connections purple - special-purpose You can get cables in just about any color you want. -- Seeya, Paul From sage-members-owner@usenix.org Fri Jan 25 17:07:57 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q17ubj026560 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 17:07:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q17u94026559 for sage-members-0utGoign; Fri, 25 Jan 2008 17:07:56 -0800 (PST) Received: from QMTA06.emeryville.ca.mail.comcast.net (qmta06.emeryville.ca.mail.comcast.net [76.96.30.56]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q17DDa026449 for ; Fri, 25 Jan 2008 17:07:38 -0800 (PST) Received: from OMTA02.emeryville.ca.mail.comcast.net ([76.96.30.19]) by QMTA06.emeryville.ca.mail.comcast.net with comcast id hVf11Y0020QkzPw0A0kq00; Sat, 26 Jan 2008 01:07:08 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA02.emeryville.ca.mail.comcast.net with comcast id hd761Y00B5A3TEL8N00000; Sat, 26 Jan 2008 01:07:07 +0000 X-Authority-Analysis: v=1.0 c=1 a=4idpzMMBmDYA:10 a=DBymK8q3NVNLY64V8mkA:9 a=tNH6HLFvvyDWuOOEY_AbgkuB4zgA:4 a=zUBsD6tbDSsA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 636831AAAE; Fri, 25 Jan 2008 20:07:06 -0500 (EST) To: John Miller Cc: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> From: Paul Lussier Date: Fri, 25 Jan 2008 20:07:06 -0500 In-Reply-To: <479A5B84.6020907@metro.dst.or.us> (John Miller's message of "Fri\, 25 Jan 2008 13\:58\:28 -0800") Message-ID: <87y7adz96t.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk John Miller writes: > They all went overboard with tie straps. You could not replace a > damaged or faulty cable if you had to in that arrangement without > messing it all up. That's why I always use velcro tie wraps :) -- Seeya, Paul From sage-members-owner@usenix.org Fri Jan 25 18:02:09 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q21uri028347 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 18:01:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q21upP028346 for sage-members-0utGoign; Fri, 25 Jan 2008 18:01:56 -0800 (PST) Received: from toq7-srv.bellnexxia.net (toq7.bellnexxia.net [209.226.175.203]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q21Gc3028334 for ; Fri, 25 Jan 2008 18:01:42 -0800 (PST) Received: from toip3.srvr.bell.ca ([209.226.175.86]) by tomts22-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080126012514.KREU18413.tomts22-srv.bellnexxia.net@toip3.srvr.bell.ca> for ; Fri, 25 Jan 2008 20:25:14 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAAIbmkdMQR+t/2dsb2JhbAAIrjc Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip3.srvr.bell.ca with ESMTP; 25 Jan 2008 20:21:42 -0500 In-Reply-To: <479A5E86.2010807@chycoski.com> References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5E86.2010807@chycoski.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Cc: Sage Members Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Does your wiring look like this? Date: Fri, 25 Jan 2008 20:25:12 -0500 To: rskiadmin@chycoski.com X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=45% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 25, 2008, at 17:11, Richard Chycoski wrote: > I prefer cables with unique serial numbers. My current $WORK > chooses not to use them, but they have certainly saved me a lot of > time in the past. Would this be in the form of something like yyyyMMdd###, where you would have (in this example): year, month, day, incrementing counter. And then in a spreadsheet have what this number corresponds to? From sage-members-owner@usenix.org Fri Jan 25 18:17:28 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q2HFnt028894 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 18:17:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q2HFlS028893 for sage-members-0utGoign; Fri, 25 Jan 2008 18:17:15 -0800 (PST) Received: from iguana.igtc.com (iguana.igtc.com [66.139.77.15]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q2GOcv028871 for ; Fri, 25 Jan 2008 18:16:49 -0800 (PST) Received: by iguana.igtc.com (Postfix, from userid 504) id 44B3810C0F4; Fri, 25 Jan 2008 20:16:22 -0600 (CST) X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on iguana.igtc.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=10.0 tests=AWL autolearn=ham version=3.1.8 Received: from ignoble.igtc.com (ignoble.igtc.com [74.95.195.162]) by iguana.igtc.com (Postfix) with ESMTP id 59F1E10C0F0; Fri, 25 Jan 2008 20:16:15 -0600 (CST) Received: by ignoble.igtc.com (Postfix, from userid 501) id E8919F43A75; Fri, 25 Jan 2008 18:16:13 -0800 (PST) Date: Fri, 25 Jan 2008 18:16:13 -0800 From: "Paul M. Moriarty" To: Paul Lussier Cc: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080126021613.GA28601@ignoble.igtc.com> References: <87sl0l299r.fsf@comcast.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87sl0l299r.fsf@comcast.net> User-Agent: Mutt/1.5.17 (2007-11-01) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Paul Lussier writes: > > http://royal.pingdom.com/?p=240 > > I'm very impressed :) I have really good intentions, and I've had in > the past what I considered to be fairly clean and neat cabling. But I > admit, I never achieved this level. Waaaaay back when in the last century, I completed USAF's Standard Installation Practices Training that covered more about comm wiring than you might think existed. For example, when runing a bundle, if a cable was 3rd from the left on the top, it remained there for the entire run. You could, with great assurance, go to the end of the run (or anywhere else along the run, for that matter), pull the 3rd cable from the left on top and knew you had the right one Anybody remember cable lacing? :) Careful with the twine that has rat poison on it! - Paul - From sage-members-owner@usenix.org Fri Jan 25 19:22:19 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q3Llh8000642 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 19:22:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q3Llhr000641 for sage-members-0utGoign; Fri, 25 Jan 2008 19:21:47 -0800 (PST) Received: from mail01.answerfinancial.com (mail01.answerfinancial.com [12.107.3.241]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q3L8sF000594 for ; Fri, 25 Jan 2008 19:21:33 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail01.answerfinancial.com (Postfix) with ESMTP id E3B441A19D6; Fri, 25 Jan 2008 19:21:02 -0800 (PST) Received: from mail01.answerfinancial.com ([127.0.0.1]) by localhost (mail01.answerfinancial.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t5PbRWPiQXg1; Fri, 25 Jan 2008 19:20:56 -0800 (PST) Received: from AFI01407 (afi01407.answer.answerfinancial.com [10.6.46.14]) by mail01.answerfinancial.com (Postfix) with ESMTP; Fri, 25 Jan 2008 19:20:56 -0800 (PST) From: "Todd Williams" To: "'David Magda'" , Cc: "Sage Members" References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5E86.2010807@chycoski.com> Subject: RE: [SAGE] Does your wiring look like this? Date: Fri, 25 Jan 2008 19:20:56 -0800 Message-ID: <000e01c85fca$771f6d80$0e2e060a@answer.answerfinancial.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 Thread-Index: AchfwD637XcCgV23TgKkiaf1pVAchwACekQQ In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Over here we use a Brady ID Pro labeller, which will print 2 labels and then auto-increment. When you have a matching serial number on both ends of the cable, you can use traditional techniques to get close, then use the exact number to verify you have the right cable. Sometimes we put a second label on the cable that tells where the other end is, but we never rely on that. I can't imagine a site diligent enough to keep a spreadsheet up to date and accurate. YMMV. -Todd -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of David Magda Sent: Friday, January 25, 2008 5:25 PM To: rskiadmin@chycoski.com Cc: Sage Members Subject: Re: [SAGE] Does your wiring look like this? On Jan 25, 2008, at 17:11, Richard Chycoski wrote: > I prefer cables with unique serial numbers. My current $WORK chooses > not to use them, but they have certainly saved me a lot of time in the > past. Would this be in the form of something like yyyyMMdd###, where you would have (in this example): year, month, day, incrementing counter. And then in a spreadsheet have what this number corresponds to? From sage-members-owner@usenix.org Fri Jan 25 20:24:20 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4OCUJ005254 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 20:24:13 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q4OC2m005253 for sage-members-0utGoign; Fri, 25 Jan 2008 20:24:12 -0800 (PST) Received: from ns.genyosha.net (ns.genyosha.net [216.103.76.250]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4NWCW005204 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 20:23:58 -0800 (PST) Received: from dragon.genyosha.net (dragon.genyosha.net [216.103.76.254]) by ns.genyosha.net (8.12.11.20060614/8.12.11) with ESMTP id m0Q4NV6Q019281 for ; Fri, 25 Jan 2008 20:23:31 -0800 (PST) Received: from dragon.genyosha.net (localhost [127.0.0.1]) by dragon.genyosha.net (8.14.1/8.13.8) with ESMTP id m0Q4NVcd008340 for ; Fri, 25 Jan 2008 20:23:31 -0800 (PST) (envelope-from sr@dragon.genyosha.net) Received: (from sr@localhost) by dragon.genyosha.net (8.14.1/8.14.2/Submit) id m0Q4NVSE008339 for sage-members@sage.org; Fri, 25 Jan 2008 20:23:31 -0800 (PST) (envelope-from sr) Date: Fri, 25 Jan 2008 20:23:31 -0800 From: Steve Rikli To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080126042331.GB8210@dragon.genyosha.net> References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> <20080126000610.GB7065@dragon.genyosha.net> <479A8251.1010109@chycoski.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <479A8251.1010109@chycoski.com> User-Agent: Mutt/1.4.2.3i X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 25, 2008 at 04:44:01PM -0800, Richard Chycoski wrote: > And even though we have bins of cables of every length in every data > centre - there are still people who don't follow the rules. Indeed. "I'm too busy for that" is an oft-heard refrain. Which is (or should be) quite offensive to anyone who is responsible for the lab/machine room/idf/datacenter/etc., because the implication is _you_ are _not_ too busy to cleanup someone else's mess. > This is why the best of intentions still need occasional cleanup - or > maybe draconian rules supplemented by lots of cameras?... Whatever policy is declared and publicly published must be equally and just as publicly backed by management -- and not just *your* management. Your (presumably IT-ish) management must also do their job and get your users/customers' management to buy in to the policy too. Up front & ahead of time. Start with education, demonstration, correction, etc., escalate to "3 strikes" or whatever policy makes sense for your site, but make sure you're not creating a policy vacuum. sr. > Steve Rikli wrote: > >On Fri, Jan 25, 2008 at 02:02:59PM -0800, Todd Williams wrote: > > > >>[ wiring standards ] > >>We also have some rules posted about how to run patch cables....but they > >>are > >>often ignored. > >>... > >> > > > >That's the key, isn't it? > > > >Wiring standards, color schemes, serialized cables, velcro, good > >cable management rings/loops/catchers/channels, labels, etc. -- all > >good stuff, for whatever your site's needs may be. > > > >But the people doing the work still have to *use* that stuff, and > >use it the right way. Every time. Or it's all eventually for naught. > > > >On top of that, the "stuff" has to be readily available and easily > >at-hand -- especially if end-users are doing their own cabling. > >Even motivated support folks will sometimes do a half-way cable > >job if they've gotta walk all the way downstairs to the supply > >closet to get the right 5' red cable or whatever. > > > >If there's a 7' green laying there, well, that's "good enough" isn't > >it? And "we'll fix it later" .... > > > >sr. > > From sage-members-owner@usenix.org Fri Jan 25 20:38:13 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4cDRE007129 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 20:38:13 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q4cCqr007128 for sage-members-0utGoign; Fri, 25 Jan 2008 20:38:12 -0800 (PST) Received: from dave.net (dave.net [64.81.37.132]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4brET007095 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 25 Jan 2008 20:37:58 -0800 (PST) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by dave.net (8.12.11.20060308/8.12.11) with ESMTP id m0Q4RkXm015177 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 20:27:46 -0800 Received: (from dave@localhost) by localhost.localdomain (8.12.11.20060308/8.12.11/Submit) id m0Q4RkF8015176 for sage-members@sage.org; Fri, 25 Jan 2008 20:27:46 -0800 Date: Fri, 25 Jan 2008 20:27:46 -0800 From: David Good To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080126042746.GA14274@fred.dave.net> Mail-Followup-To: David Good , sage-members@sage.org References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> <20080126000610.GB7065@dragon.genyosha.net> <479A8251.1010109@chycoski.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <479A8251.1010109@chycoski.com> User-Agent: Mutt/1.4.1i X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 25, 2008 at 04:44:01PM -0800, Richard Chycoski wrote: > And even though we have bins of cables of every length in every data > centre - there are still people who don't follow the rules. > > This is why the best of intentions still need occasional cleanup - or > maybe draconian rules supplemented by lots of cameras?... I've heard rumors that in Cisco's datacenters all cables are labelled and put in a cable management database. If you find a cable that is not labelled or is not in the database not only are you allowed to remove it, it is considered your *duty* to remove it and you can be disciplined if you do not. I have no way to confirm that, but I think that's the level of draconian rules needed to keep datacenter wiring under control. Good luck getting it implemented, though... -- David Good dave@dave.net This space intentionally left blank. From sage-members-owner@usenix.org Fri Jan 25 20:39:09 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4d8ID007301 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 20:39:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q4d8hv007298 for sage-members-0utGoign; Fri, 25 Jan 2008 20:39:08 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4cPoL007148 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 20:38:54 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0Q4cGkm028519; Fri, 25 Jan 2008 20:38:16 -0800 Message-ID: <479AB938.6030507@chycoski.com> Date: Fri, 25 Jan 2008 20:38:16 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: David Magda CC: Sage Members Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5E86.2010807@chycoski.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk David Magda wrote: > On Jan 25, 2008, at 17:11, Richard Chycoski wrote: > >> I prefer cables with unique serial numbers. My current $WORK chooses >> not to use them, but they have certainly saved me a lot of time in >> the past. > > Would this be in the form of something like yyyyMMdd###, where you > would have (in this example): year, month, day, incrementing counter. > And then in a spreadsheet have what this number corresponds to? I'm perfectly happy with a simple, unique serial number. Cables can be ordered from suppliers with labels attached for a very small additional charge. Even universities can afford them. :-) Keeping track of the patch cables, in any fashion, isn't going to happen. Our data centre layouts are logical enough (they are now - ten years ago that would have been a fairy tale :-) that such spreadsheets aren't necessary. Plant cable is available from rack-to-rack, it's tracing patch panel cables within a rack (or between patch panels on adjacent double or triple network racks) that need the serial numbers. - Richard From sage-members-owner@usenix.org Fri Jan 25 20:46:29 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4kF1g008127 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 25 Jan 2008 20:46:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0Q4kEAh008126 for sage-members-0utGoign; Fri, 25 Jan 2008 20:46:14 -0800 (PST) Received: from westnet.com (root@westnet.com [216.187.52.2]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0Q4k7TE008110 for ; Fri, 25 Jan 2008 20:46:12 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.14.0/8.14.0) with ESMTP id m0Q4b157002268 for ; Fri, 25 Jan 2008 23:37:01 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.14.0/8.13.2/Submit) with ESMTP id m0Q4b0kr002264 for ; Fri, 25 Jan 2008 23:37:01 -0500 (EST) Date: Fri, 25 Jan 2008 23:37:00 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Does your wiring look like this? In-Reply-To: <87y7adz96t.fsf@comcast.net> Message-ID: References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <87y7adz96t.fsf@comcast.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 25 Jan 2008, Paul Lussier wrote: > John Miller writes: >> They all went overboard with tie straps. You could not replace a >> damaged or faulty cable if you had to in that arrangement without >> messing it all up. > That's why I always use velcro tie wraps :) My previous boss (at my previous job) *loved* wireties. I would often, during moments when I could catch my breath between fires, wander into the server room with a pair of snips and cut all the wire ties off the bundles, replacing them with velcro straps. We had the straps -- USE THEM! :) Yet, when new wiring happened, he would still go in and wire-tie everything together. The worst was when he would wire-tie the power cables to the cross-members in the racks. It became a war -- he'd tie, I'd snip. At least it kept things interesting... -Adam From sage-members-owner@usenix.org Sat Jan 26 08:43:39 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QGhRSV015693 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 08:43:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0QGhQXP015692 for sage-members-0utGoign; Sat, 26 Jan 2008 08:43:26 -0800 (PST) Received: from gwyn.tux.org (ident-user@gwyn.tux.org [207.172.156.132]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QGglr8015673 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Sat, 26 Jan 2008 08:43:13 -0800 (PST) Received: from gwyn.tux.org (ident-user@localhost.localdomain [127.0.0.1]) by gwyn.tux.org (8.12.11/8.12.11) with ESMTP id m0QGgRXb031319; Sat, 26 Jan 2008 11:42:27 -0500 Received: (from jsdy@localhost) by gwyn.tux.org (8.12.11/8.12.11/Submit) id m0QGgNmO031309; Sat, 26 Jan 2008 11:42:23 -0500 Date: Sat, 26 Jan 2008 11:42:23 -0500 From: Joseph S D Yao To: bhami@pobox.com Cc: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080126114223.B28481@gwyn.tux.org> Mail-Followup-To: bhami@pobox.com, sage-members@sage.org References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com>; from bhami3@gmail.com on Fri, Jan 25, 2008 at 12:30:22PM -0800 X-Accepted-File-Formats: ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (gwyn.tux.org [0.0.0.0]); Sat, 26 Jan 2008 11:42:27 -0500 (EST) X-Virus-Scanned: ClamAV version 0.88.4, clamav-milter version 0.88.4 on gwyn.tux.org X-Virus-Status: Clean X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 25, 2008 at 12:30:22PM -0800, Bruce A. Hamilton wrote: > I have yet to see anybody implement my scheme which would be: do not use > thick bundles of nearly untraceable same-color cables. Rather, use a wide > mix of colors so that individual cables are more easily traced. In one job, we had a variety of networks with different switches and VLANs, plus the console server cables, which also used network cables. A different colour for each network and grey for the console server did wonders for one's sanity. No, one could not segregate completely by network, as most of the boxes in the racks of which I speak were firewalls and other devices that had multiple networks to them. Where possible, of course, this was done. -- /*********************************************************************\ ** ** Joe Yao jsdy@tux.org - Joseph S. D. Yao ** \*********************************************************************/ From sage-members-owner@usenix.org Sat Jan 26 08:46:04 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QGk2AP015792 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 08:46:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0QGk2W3015791 for sage-members-0utGoign; Sat, 26 Jan 2008 08:46:02 -0800 (PST) Received: from gwyn.tux.org (ident-user@gwyn.tux.org [207.172.156.132]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QGjh1x015775 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Sat, 26 Jan 2008 08:45:48 -0800 (PST) Received: from gwyn.tux.org (ident-user@localhost.localdomain [127.0.0.1]) by gwyn.tux.org (8.12.11/8.12.11) with ESMTP id m0QGjS3O031794; Sat, 26 Jan 2008 11:45:28 -0500 Received: (from jsdy@localhost) by gwyn.tux.org (8.12.11/8.12.11/Submit) id m0QGjSwQ031792; Sat, 26 Jan 2008 11:45:28 -0500 Date: Sat, 26 Jan 2008 11:45:28 -0500 From: Joseph S D Yao To: Richard Chycoski Cc: bhami@pobox.com, sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080126114528.C28481@gwyn.tux.org> Mail-Followup-To: Richard Chycoski , bhami@pobox.com, sage-members@sage.org References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5E86.2010807@chycoski.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <479A5E86.2010807@chycoski.com>; from rskiadmin@chycoski.com on Fri, Jan 25, 2008 at 02:11:18PM -0800 X-Accepted-File-Formats: ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (gwyn.tux.org [0.0.0.0]); Sat, 26 Jan 2008 11:45:28 -0500 (EST) X-Virus-Scanned: ClamAV version 0.88.4, clamav-milter version 0.88.4 on gwyn.tux.org X-Virus-Status: Clean X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 25, 2008 at 02:11:18PM -0800, Richard Chycoski wrote: > It doesn't scale well, and a significant portion of the male population is > colour blind. :-) But most males in this culture will, when stressed, admit to being able to distinguish up to 16 colours. (Females, of course, can distinguish at least 65536.) [;-)] -- /*********************************************************************\ ** ** Joe Yao jsdy@tux.org - Joseph S. D. Yao ** \*********************************************************************/ From sage-members-owner@usenix.org Sat Jan 26 08:51:50 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QGpQB0016223 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 08:51:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0QGpPb4016222 for sage-members-0utGoign; Sat, 26 Jan 2008 08:51:25 -0800 (PST) Received: from gwyn.tux.org (ident-user@gwyn.tux.org [207.172.156.132]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QGp6og016194 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Sat, 26 Jan 2008 08:51:12 -0800 (PST) Received: from gwyn.tux.org (ident-user@localhost.localdomain [127.0.0.1]) by gwyn.tux.org (8.12.11/8.12.11) with ESMTP id m0QGow9B000306; Sat, 26 Jan 2008 11:50:58 -0500 Received: (from jsdy@localhost) by gwyn.tux.org (8.12.11/8.12.11/Submit) id m0QGownh000305; Sat, 26 Jan 2008 11:50:58 -0500 Date: Sat, 26 Jan 2008 11:50:58 -0500 From: Joseph S D Yao To: sellis@totallygeek.com Cc: Richard Chycoski , Steve Rikli , sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080126115058.D28481@gwyn.tux.org> Mail-Followup-To: sellis@totallygeek.com, Richard Chycoski , Steve Rikli , sage-members@sage.org References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> <20080126000610.GB7065@dragon.genyosha.net> <479A8251.1010109@chycoski.com> <72aff9060801251653u71f20395oca255fc6e27e9426@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <72aff9060801251653u71f20395oca255fc6e27e9426@mail.gmail.com>; from totallygeek@gmail.com on Fri, Jan 25, 2008 at 04:53:39PM -0800 X-Accepted-File-Formats: ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (gwyn.tux.org [0.0.0.0]); Sat, 26 Jan 2008 11:50:59 -0500 (EST) X-Virus-Scanned: ClamAV version 0.88.4, clamav-milter version 0.88.4 on gwyn.tux.org X-Virus-Status: Clean X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 25, 2008 at 04:53:39PM -0800, Sean Ellis wrote: ... > As a side note, I am surprised there are not more cable styles/colors > - striped, banded, dayglo, etc. ... Business opportunity, someone? -- /*********************************************************************\ ** ** Joe Yao jsdy@tux.org - Joseph S. D. Yao ** \*********************************************************************/ From sage-members-owner@usenix.org Sat Jan 26 11:01:36 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QJ13Ww020285 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 11:01:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0QJ132M020284 for sage-members-0utGoign; Sat, 26 Jan 2008 11:01:03 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QJ0N0e020264 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 11:00:49 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0QJ0CgX001107; Sat, 26 Jan 2008 11:00:14 -0800 Message-ID: <479B833C.8020309@chycoski.com> Date: Sat, 26 Jan 2008 11:00:12 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: David Good CC: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <000901c85f9e$0c66bbf0$0e2e060a@answer.answerfinancial.com> <20080126000610.GB7065@dragon.genyosha.net> <479A8251.1010109@chycoski.com> <20080126042746.GA14274@fred.dave.net> In-Reply-To: <20080126042746.GA14274@fred.dave.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk David Good wrote: > On Fri, Jan 25, 2008 at 04:44:01PM -0800, Richard Chycoski wrote: > >> And even though we have bins of cables of every length in every data >> centre - there are still people who don't follow the rules. >> >> This is why the best of intentions still need occasional cleanup - or >> maybe draconian rules supplemented by lots of cameras?... >> > > I've heard rumors that in Cisco's datacenters all cables are labelled > and put in a cable management database. If you find a cable that is not > labelled or is not in the database not only are you allowed to remove > it, it is considered your *duty* to remove it and you can be disciplined > if you do not. > > I have no way to confirm that, but I think that's the level of draconian > rules needed to keep datacenter wiring under control. Good luck getting > it implemented, though... > > I can confirm that this is only a rumour. :-) All of the 'plant' cables are labelled. There is a network rack that contains one or more switches associated with each row (or subrow) of server racks, and each server rack has a breakout box associated with it *under the floor*. The labels on the breakout boxes match the labels on the patch panels in the associated network rack. All of the server racks are meant to be individually movable - there are no plant cables terminated in any of these racks. Networking racks do contain plant cable and are permanently attached to the floor. There are rows of network racks where plant cable from the server row network racks terminate, and this is where the major networking gear for the data centre lives. All of these patch panels are labeled with the destination server row information. So - all of the plant cables can be identified at each end. They are tracked with the DC designs. Now we get to the patch cables... None of them are labeled (not even with serial numbers). Most patch cables don't go far - usually from gear in a server rack to the breakout box under the floor, or between patch panels and switches in the network racks. There is no inventory kept of the patch cables. The argument is that it would never be even close to up-to-date. (I disagree with the argument against serial numbered patch cables, but I lost that one with the DC manger. Oh, well. :-) The story you heard is probably about 'illegal' patch cables - if someone strings a patch cable between cabinets, it's fair game to be immediately disconnected. (If found by a sysadmin, he or she will usually go and seek out the offender rather than just unplug it. Announcing it loudly among a group of sysadmins usually does the trick. The DC manager is not so restrained.:-) This has had a *very* few exceptions over the years to temporarily fix high impact problems - and there will be a note signed by the DC manager attached to the cable. (Or you won't see the cable for long! :-) Ten years ago, the DCs were a cable nightmare. The DC, networking, and sysadmin teams designed the current scheme when a couple of new DCs were opened in '98 and went to a lot of trouble to clean up the old ones - it took years. Most all of the DCs are now a place that people are proud to show off - instead of an example of how 'not to do it'. :-) But you're right on one count - to keep a DC neat you do have to have rules, and they must be enforced. - Richard From sage-members-owner@usenix.org Sat Jan 26 11:41:00 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QJeEBn021731 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 11:40:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0QJeDhJ021730 for sage-members-0utGoign; Sat, 26 Jan 2008 11:40:14 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QJdMIL021699 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 11:39:47 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0QJcww4001396; Sat, 26 Jan 2008 11:38:58 -0800 Message-ID: <479B8C52.4080402@chycoski.com> Date: Sat, 26 Jan 2008 11:38:58 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Richard Chycoski , bhami@pobox.com, sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5E86.2010807@chycoski.com> <20080126114528.C28481@gwyn.tux.org> In-Reply-To: <20080126114528.C28481@gwyn.tux.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Joseph S D Yao wrote: > On Fri, Jan 25, 2008 at 02:11:18PM -0800, Richard Chycoski wrote: > >> It doesn't scale well, and a significant portion of the male population is >> colour blind. :-) >> > > > But most males in this culture will, when stressed, admit to being able > to distinguish up to 16 colours. (Females, of course, can distinguish > at least 65536.) [;-)] > > > Most males may *claim* that they can distinguish 16 colours, but red-green colour blindness is quite common. (And so you wonder why they chose those two colours for traffic signals?) See: for a view of colours as seen by the colour-impaired. And some females really can see a wider range of colour - they have four kinds of cones in their retinas instead of three. I've done some work with a few of our colour-impaired staff to tweak choices of web page colours so that the colour-sighted would be able to distinguish by colour, and the colour-impaired could use a combination of contrast and limited colour vision to discern the status. Many electronic assembly plants use (or used to use) mostly female workers because of their ability to properly see colour codes on parts and cables. Phone companies check the colour vision of installation and repair workers for the same reason. While it's possible to use complex colour codes to identify even large bundles of cables (the telephone cable standard uses just ten colours to identify cables of any number of conductors using stripes and by wrapping groups of conductors - and to Paul M, yes, I learned how to lace cables too :-), it becomes impractical to stock the necessary cables. I like the idea of using a few colours to identify the type of cable (we use green for normal cables, black for crossover, and purple for 'rolled' console cables) - if you have different types of cables in your environment it is really important to easily recognise the different types. Keeping the number of colour small (and the monochrome contrast between them large) makes it less of problem for the colour-impaired. Using colour identify the length of patch cables (you only need to stock one colour for each length) is also practical, as suggested by Todd Williams. It helps if you reserve a colour or two for non-standard cable types. However, a colour-impaired individual will have problems with this arrangement. I would still argue that putting unique serial numbers on every cable will reduce overall confusion when you end up with several cables of the same colour to deal with, and colour-impairment doesn't make it difficult or impossible to identify cables. - Richard (who, gratefully, has relatively normal colour vision!) From sage-members-owner@usenix.org Sat Jan 26 15:55:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QNtJS6028836 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 15:55:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0QNtJPD028835 for sage-members-0utGoign; Sat, 26 Jan 2008 15:55:19 -0800 (PST) Received: from smtp102.his.com (smtp105.his.com [216.194.192.14]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0QNskH7028802 for ; Sat, 26 Jan 2008 15:54:51 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 121DAD5C02C; Sat, 26 Jan 2008 18:47:54 -0500 (EST) Received: from smtp102.his.com ([216.194.192.14]) by localhost (smtp105.his.com [216.194.192.14]) (amavisd-new, port 10024) with ESMTP id 08932-07; Sat, 26 Jan 2008 18:47:52 -0500 (EST) Received: from vhost109.his.com (vhost109a.his.com [216.194.192.12]) by smtp102.his.com (Postfix) with ESMTP id BE321D5C02B; Sat, 26 Jan 2008 18:47:52 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0QNlZXO075813; Sat, 26 Jan 2008 18:47:52 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <479A5B84.6020907@metro.dst.or.us> References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> Date: Sat, 26 Jan 2008 17:44:24 -0600 To: John Miller , sage-members@sage.org From: Brad Knowles Subject: Re: [SAGE] Does your wiring look like this? Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.344 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.055, BAYES_00=-2.599] X-Spam-Score: -4.344 X-Spam-Level: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On 1/25/08, John Miller wrote: > They all went overboard with tie straps. You could not replace a damaged > or faulty cable if you had to in that arrangement without messing it all up. Three of the pictures seemed to show either velcro ties or re-adjustable plastic tie wraps, so at least there seems to have been some thought given to future maintenance of the cable plant. I know that when we were doing cable runs in the studio theater for the amateur drama groups I was involved with in Brussels, the studio manager wanted everyone to use velcro ties whenever possible. He also recognized that they had a limited number of velcro ties, and allowed us to use gaffers tape in those cases when we ran out of velcro ties. But everything that went up this week would be coming down next week, for the next show to come in, so everything had to be done keeping in mind the temporary nature of the situation. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Sat Jan 26 16:39:56 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0R0dV6Q000066 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 16:39:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0R0dV80000065 for sage-members-0utGoign; Sat, 26 Jan 2008 16:39:31 -0800 (PST) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.251]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0R0cbhC000035 for ; Sat, 26 Jan 2008 16:39:03 -0800 (PST) Received: by an-out-0708.google.com with SMTP id d33so329345and.105 for ; Sat, 26 Jan 2008 16:38:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=9mIu9I7mAp5B6LSC3rHGQmuELyzfoVZbhzILFFUmwn8=; b=id5oymz1IRFm+nwjbng2XPs3oG2XFyM4KFXTvEo0NzbEmxa/Z+duJp0tgMrEFDJJ5tu+ycqaudnZBH6PuFmF59XkZOXf/mpzpWsZNz1i5/VlbZEYYQX8YNJHuKM3t+E7sTE/UncYbBmSZDYhcDMJurxRjLLrBRHn0dxk44mMDX4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=T5TXXFuwknVMlRMd5NH0Ca7kdN7VnMfKXY7ZapyBKZHUkBG9/B6Sr8dOzrdc08H4O4qbqfl7Lm4Ex87zO018LDXjarQ/f9sCtjLSlcqrg7wU012fO1C5UoTL8Ked3/09X516XC+VJS+F1gh0HBK8aheTYsBKQIDkbWB2uRt+hH0= Received: by 10.100.41.16 with SMTP id o16mr7967126ano.116.1201393934228; Sat, 26 Jan 2008 16:32:14 -0800 (PST) Received: by 10.100.190.14 with HTTP; Sat, 26 Jan 2008 16:32:13 -0800 (PST) Message-ID: Date: Sat, 26 Jan 2008 18:32:13 -0600 From: "Nathan Hruby" To: "Brad Knowles" Subject: Re: [SAGE] Does your wiring look like this? Cc: "John Miller" , sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> X-Google-Sender-Auth: cf4c356628a2dd73 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 26, 2008 5:44 PM, Brad Knowles wrote: > I know that when we were doing cable runs in the studio theater for > the amateur drama groups I was involved with in Brussels, the studio > manager wanted everyone to use velcro ties whenever possible. He > also recognized that they had a limited number of velcro ties, and > allowed us to use gaffers tape in those cases when we ran out of > velcro ties. > > But everything that went up this week would be coming down next week, > for the next show to come in, so everything had to be done keeping in > mind the temporary nature of the situation. Velcro Ties? Get some tie-line, it's super cheap, reusable and has a multitude of purposes beyond putting cable to pipe (belts, shoelaces, keychains, a quick mock-up for a rigging experiment, lashing down a recalcitrant techie to a ladder or soft goods cart [1], etc... ) A 300' spool is $14 bucks: http://www.goodbuyguys.com/catalog/product_info.php/cPath/95_97/products_id/397 Gaff tape is nice when you need to chase a cable up the back of a flat to a practical or across the floor, but for general bundles gaff is overkill and messy for anything longer than a 1 night run. Yes, I have yelled at people about that in my former life as a stage electrician and general techie. They were even union, hence "former life." ;-) OTOH, a roll of 1" white gaff or spike is incredibly handy to have when you need to label things (mixers, patch panels, hallways, floors, people, etc...) -n [1] - I used to work with a TD that would intensionally set up his builds near the deck electricians, just so he could screw their boots to the deck while the electricians were looking up at a pipe. Generally this happened right before the TD called lunch or dinner. -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Sat Jan 26 18:05:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0R24vSh002123 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 26 Jan 2008 18:05:17 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0R24vSa002122 for sage-members-0utGoign; Sat, 26 Jan 2008 18:04:57 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0R2419E002101 for ; Sat, 26 Jan 2008 18:04:28 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 7E7CE558604; Sat, 26 Jan 2008 21:04:00 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 01849-07; Sat, 26 Jan 2008 21:03:58 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id D492D5585FE; Sat, 26 Jan 2008 21:03:58 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0R23suR080330; Sat, 26 Jan 2008 21:03:57 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> Date: Sat, 26 Jan 2008 20:01:31 -0600 To: "Nathan Hruby" , "Brad Knowles" From: Brad Knowles Subject: Re: [SAGE] Does your wiring look like this? Cc: "John Miller" , sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.344 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.055, BAYES_00=-2.599] X-Spam-Score: -4.344 X-Spam-Level: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=7% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/26/08, Nathan Hruby wrote: > Velcro Ties? Get some tie-line, it's super cheap, reusable and has a > multitude of purposes beyond putting cable to pipe (belts, shoelaces, > keychains, a quick mock-up for a rigging experiment, lashing down a > recalcitrant techie to a ladder or soft goods cart [1], etc... ) Maybe it's the fact that I've got the flu right now, but I'm a little confused -- what exactly is tie line? Does it have any kind of metal wire core to help ensure that it keeps its shape? > Gaff tape is nice when you need to chase a cable up the back of a flat > to a practical or across the floor, but for general bundles gaff is > overkill and messy for anything longer than a 1 night run. The fact that it was messy is the primary reason why our Studio Manager only allowed it to be used once the velcro tie wraps were used up. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Sun Jan 27 05:45:45 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RDjWcU003121 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 05:45:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0RDjW0H003120 for sage-members-0utGoign; Sun, 27 Jan 2008 05:45:32 -0800 (PST) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.185]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RDihvj003097 for ; Sun, 27 Jan 2008 05:45:13 -0800 (PST) Received: by rv-out-0910.google.com with SMTP id f5so1496037rvb.59 for ; Sun, 27 Jan 2008 05:44:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=upZv9cPLQQ6+2LWmwIzRBcPm6smPvJN4CZT39tVVtdQ=; b=HF5GSKOvCIBJCUm0AYSI1s9hmrhYC83DfdO+uIdRgrLC11bejCYOcw4snhGK+Hesu7UkHY8F4IQRqtb28o9gho33fmJa0+n/CDJZu5ojP+BmKnBZMcI+ezuf4IZDKy42RO7u5bw/t+JB/D1ZCQEfMKZV2SLTinNPad4cItLYSVI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=FP7/qRhDpcjNh+xLOs1euzYjWKGRRIf1SsgI5YwYm0UDB8MwQqjWZ0ABrkZY1VM/xuIzLgaOGlSClVrrDTsnGnhaKx4lR+rtoqTVtZwqNInZS3toJHMT0C7WLkim3MJXO1Uu5fAMT5d1xfMrigkK1Cr41LvK6ZLqdR9uLo1R9tA= Received: by 10.143.161.3 with SMTP id n3mr1915270wfo.32.1201441479861; Sun, 27 Jan 2008 05:44:39 -0800 (PST) Received: by 10.142.84.18 with HTTP; Sun, 27 Jan 2008 05:44:39 -0800 (PST) Message-ID: Date: Sun, 27 Jan 2008 07:44:39 -0600 From: "Nathan Hruby" To: "Brad Knowles" Subject: Re: [SAGE] Does your wiring look like this? Cc: "John Miller" , sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 26, 2008 8:01 PM, Brad Knowles wrote: > On 1/26/08, Nathan Hruby wrote: > > > Velcro Ties? Get some tie-line, it's super cheap, reusable and has a > > multitude of purposes beyond putting cable to pipe (belts, shoelaces, > > keychains, a quick mock-up for a rigging experiment, lashing down a > > recalcitrant techie to a ladder or soft goods cart [1], etc... ) > > Maybe it's the fact that I've got the flu right now, but I'm a little > confused -- what exactly is tie line? Does it have any kind of metal > wire core to help ensure that it keeps its shape? Nope, just plain 'ol thin cotton rope. -n -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Sun Jan 27 06:42:26 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0REgEWR004714 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 06:42:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0REgDBa004713 for sage-members-0utGoign; Sun, 27 Jan 2008 06:42:13 -0800 (PST) Received: from caprica.megacity.org (root@caprica.megacity.org [64.142.22.246]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0REfY6j004697 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Sun, 27 Jan 2008 06:42:00 -0800 (PST) Received: from [192.168.123.102] (cpe-74-73-230-219.hvc.res.rr.com [74.73.230.219]) (authenticated bits=0) by caprica.megacity.org (8.13.8/8.13.8/Debian-3) with ESMTP id m0REfVOI016342 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sun, 27 Jan 2008 09:41:32 -0500 Cc: "Nathan Hruby" , "John Miller" , sage-members@sage.org Message-Id: From: "Derek J. Balling" To: Brad Knowles In-Reply-To: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] Does your wiring look like this? Date: Sun, 27 Jan 2008 09:41:25 -0500 References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> X-Mailer: Apple Mail (2.915) Received-SPF: Pass (sender authenticated); receiver=caprica.megacity.org; client-ip=74.73.230.219; envelope-from= Received-SPF: Pass (sender authenticated); receiver=caprica.megacity.org; client-ip=74.73.230.219; helo=[192.168.123.102] X-Null-Tag: 3d8befbb38aa75c8c062fb81c0974d12 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 26, 2008, at 9:01 PM, Brad Knowles wrote: > On 1/26/08, Nathan Hruby wrote: > >> Velcro Ties? Get some tie-line, it's super cheap, reusable and >> has a >> multitude of purposes beyond putting cable to pipe (belts, shoelaces, >> keychains, a quick mock-up for a rigging experiment, lashing down a >> recalcitrant techie to a ladder or soft goods cart [1], etc... ) > > Maybe it's the fact that I've got the flu right now, but I'm a > little confused -- what exactly is tie line? Does it have any kind > of metal wire core to help ensure that it keeps its shape? Think "that stuff that old-school telco guys can tie and untie with their eyes closed but which can be a black-magic art form to anyone else". Yes, if you have the tie-line skills, it can be incredibly tidy, but..... D From sage-members-owner@usenix.org Sun Jan 27 11:06:41 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RJ69dd011784 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 11:06:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0RJ6800011782 for sage-members-0utGoign; Sun, 27 Jan 2008 11:06:08 -0800 (PST) Received: from toq11-srv.bellnexxia.net (toq11-srv.bellnexxia.net [209.226.175.118]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RJ5HeZ011730 for ; Sun, 27 Jan 2008 11:05:45 -0800 (PST) Received: from toip4.srvr.bell.ca ([209.226.175.87]) by tomts40-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080127180132.VBCO1617.tomts40-srv.bellnexxia.net@toip4.srvr.bell.ca> for ; Sun, 27 Jan 2008 13:01:32 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAKpVnEdMQR+t/2dsb2JhbAAIqj8 Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip4.srvr.bell.ca with ESMTP; 27 Jan 2008 13:03:21 -0500 In-Reply-To: References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <1FB8639D-2250-43F1-8027-220E9A2DC9CB@ee.ryerson.ca> Cc: Sage Members Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Does your wiring look like this? Date: Sun, 27 Jan 2008 13:01:30 -0500 To: "Nathan Hruby" X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=51% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 27, 2008, at 08:44, Nathan Hruby wrote: > On Jan 26, 2008 8:01 PM, Brad Knowles wrote: > >> Maybe it's the fact that I've got the flu right now, but I'm a little >> confused -- what exactly is tie line? Does it have any kind of metal >> wire core to help ensure that it keeps its shape? > > Nope, just plain 'ol thin cotton rope. Any issues with insurance and flammability? From sage-members-owner@usenix.org Sun Jan 27 11:40:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RJdxSd012999 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 11:40:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0RJdxpc012998 for sage-members-0utGoign; Sun, 27 Jan 2008 11:39:59 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RJd8R9012969 for ; Sun, 27 Jan 2008 11:39:33 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 80CF7558614; Sun, 27 Jan 2008 14:39:03 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 16384-05; Sun, 27 Jan 2008 14:39:01 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id C98ED55860A; Sun, 27 Jan 2008 14:39:01 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0RJcwED044662; Sun, 27 Jan 2008 14:39:00 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> Date: Sun, 27 Jan 2008 13:33:50 -0600 To: "Derek J. Balling" , Brad Knowles From: Brad Knowles Subject: Re: [SAGE] Does your wiring look like this? Cc: "Nathan Hruby" , "John Miller" , sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.344 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.055, BAYES_00=-2.599] X-Spam-Score: -4.344 X-Spam-Level: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=7% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/27/08, Derek J. Balling wrote: > Think "that stuff that old-school telco guys can tie and untie with their > eyes closed but which can be a black-magic art form to anyone else". I guess I've never been that fully exposed to old-school telco guys. My Dad used to use stuff kind of like this in the University theaters where he was the TD, and I vaguely recall doing pretty well in Boy Scouts in knot-tying using similar stuff, but I don't recall ever seeing this used outside of a theater environment. Even then, as I remember, it was most frequently used for things like tying curtains to battens on the fly rail, and not in the context of tidying cables from lighting or sound equipment. > Yes, if you have the tie-line skills, it can be incredibly tidy, but..... TO be honest, it's been nearly twenty years since I graduated college, and it was probably at least ten years before that when I last did anything with knot-tying in Boy Scouts (even as a Jr. Asst. Scoutmaster). At this stage, I probably wouldn't know proper tie-line skills if you strung me up with them and held me over a burning fire pit. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Sun Jan 27 15:50:13 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RNnln5020199 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 15:49:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0RNnlI3020197 for sage-members-0utGoign; Sun, 27 Jan 2008 15:49:47 -0800 (PST) Received: from hs-out-2122.google.com (hs-out-0708.google.com [64.233.178.251]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0RNmoZZ020170 for ; Sun, 27 Jan 2008 15:49:16 -0800 (PST) Received: by hs-out-2122.google.com with SMTP id l65so1467003hsc.7 for ; Sun, 27 Jan 2008 15:48:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=TN7W2Ag/XDEdGS/qUJ8PMsYmel9u4msmTXkQeLHMZjI=; b=Cz+if/v1t4nwRyePK9lDZZBjmf71lga3Ihqtrf4blBvTxX1U5eG+xG8KyJ13ltzAaMa0a+vDNbPugS8mc2t3fGVrg+W+11mMsitZeKd6Df7KwbdYkkEVGNkfHFnBuR8XMNecEDSbpsyMMND1cssLJjd7Oo4k0+ZntBdDWOBhu7c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Y4Qgi9ezGKKI45u5f8EX8fjPVmR+hO2WySfvXObVbGPgPcOZsAFoTpph3z2bIp4REYqF+BXv4M964XYWQRb3hL2M2lorViM8NOYw6uaph369RC+vFyfFobq7A8aS3lto1PsQfsTdwKhfNVATgQog3JiWcQ3c3+uoQk9XyTGz3E4= Received: by 10.142.112.5 with SMTP id k5mr2042902wfc.57.1201477729269; Sun, 27 Jan 2008 15:48:49 -0800 (PST) Received: by 10.142.89.12 with HTTP; Sun, 27 Jan 2008 15:48:49 -0800 (PST) Message-ID: <72aff9060801271548t6d03a866w32f134a25b9194ed@mail.gmail.com> Date: Sun, 27 Jan 2008 15:48:49 -0800 From: "Sean Ellis" Reply-To: sellis@totallygeek.com To: "Brad Knowles" Subject: Re: [SAGE] Does your wiring look like this? Cc: "Derek J. Balling" , "Nathan Hruby" , "John Miller" , sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=9% Sender: owner-sage-members@usenix.org Precedence: bulk I am seriously starting to question the "yellow wall" photo of the horrible cabling jobs. It looks like a data center about to be decommissioned that had maybe four or five spools of cable there. Someone said, "hey, let's put up all this cable and take a photo." I seriously don't know how any work would be accomplished if that was production cabling. On Jan 27, 2008 11:33 AM, Brad Knowles wrote: > On 1/27/08, Derek J. Balling wrote: > > > Think "that stuff that old-school telco guys can tie and untie with their > > eyes closed but which can be a black-magic art form to anyone else". > > I guess I've never been that fully exposed to old-school telco guys. > My Dad used to use stuff kind of like this in the University theaters > where he was the TD, and I vaguely recall doing pretty well in Boy > Scouts in knot-tying using similar stuff, but I don't recall ever > seeing this used outside of a theater environment. > > Even then, as I remember, it was most frequently used for things like > tying curtains to battens on the fly rail, and not in the context of > tidying cables from lighting or sound equipment. > > > Yes, if you have the tie-line skills, it can be incredibly tidy, but..... > > TO be honest, it's been nearly twenty years since I graduated > college, and it was probably at least ten years before that when I > last did anything with knot-tying in Boy Scouts (even as a Jr. Asst. > Scoutmaster). > > At this stage, I probably wouldn't know proper tie-line skills if you > strung me up with them and held me over a burning fire pit. > > > -- > Brad Knowles > LinkedIn Profile: > From sage-members-owner@usenix.org Sun Jan 27 16:19:04 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0S0Ip0W021113 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 16:18:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0S0IpsT021112 for sage-members-0utGoign; Sun, 27 Jan 2008 16:18:51 -0800 (PST) Received: from mailbox.reptiles.org (rootgecko.reptiles.org@[198.96.210.227]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0S0I9LH021089 for ; Sun, 27 Jan 2008 16:18:35 -0800 (PST) Received: from gecko.reptiles.org ([198.96.210.227] port=52370) by mailbox.reptiles.org([198.96.210.227] port=25) via TCP with esmtp (2646 bytes) (sender: ) (ident using UNIX) id for ; Sun, 27 Jan 2008 19:18:00 -0500 (EST) (Smail-3.2.0.121 2005-Nov-17 #4 built 2006-Nov-28) Date: Sun, 27 Jan 2008 19:17:59 -0500 (EST) From: Cat Okita To: sellis@totallygeek.com cc: Brad Knowles , "Derek J. Balling" , Nathan Hruby , John Miller , sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? In-Reply-To: <72aff9060801271548t6d03a866w32f134a25b9194ed@mail.gmail.com> Message-ID: <20080127191543.Q37106@gecko.reptiles.org> References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <72aff9060801271548t6d03a866w32f134a25b9194ed@mail.gmail.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Sun, 27 Jan 2008, Sean Ellis wrote: > I am seriously starting to question the "yellow wall" photo of the > horrible cabling jobs. It looks like a data center about to be > decommissioned that had maybe four or five spools of cable there. > Someone said, "hey, let's put up all this cable and take a photo." I > seriously don't know how any work would be accomplished if that was > production cabling. I wish it was a fake - but I've worked in multiple datacenters that had areas that looked far, far, -far- too similar (more colours, but not by much, or by a statistically significant amount). As far as "any work would be accomplished" - it certainly made getting work accomplished more of a challenge[0], and led to things like stringing still more cable across the tops of things, because it was easier than using the buried patch panels... cheers! [0] Whether that was getting agreement to add cables, remove cables, finding a place where you could put cables, accidentally unplugging the wrong cable... ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." From sage-members-owner@usenix.org Sun Jan 27 16:55:49 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0S0tGVC022220 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 16:55:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0S0tGuE022219 for sage-members-0utGoign; Sun, 27 Jan 2008 16:55:16 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0S0sjfX022205 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 16:55:10 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0S0sbXE011921; Sun, 27 Jan 2008 16:54:37 -0800 Message-ID: <479D27CD.2070501@chycoski.com> Date: Sun, 27 Jan 2008 16:54:37 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: sellis@totallygeek.com CC: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <72aff9060801271548t6d03a866w32f134a25b9194ed@mail.gmail.com> In-Reply-To: <72aff9060801271548t6d03a866w32f134a25b9194ed@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Sean, I've seen (and unfortunately had to work in) data centres that were far messier, yet were (somewhat :-) functioning operations. Neatness matters little while things are working but it matters greatly when things are broken. Tracing through the mess takes way too much time and the chance of breaking something else goes up astronomically. MTTR becomes large (or at least completely non-deterministic). Some places operate like this for years. The main hope is that they eventually discover how much money its costing them, and correct it. And yes, I had to learn this the hard way like most everybody else! - Richard Sean Ellis wrote: > I am seriously starting to question the "yellow wall" photo of the > horrible cabling jobs. It looks like a data center about to be > decommissioned that had maybe four or five spools of cable there. > Someone said, "hey, let's put up all this cable and take a photo." I > seriously don't know how any work would be accomplished if that was > production cabling. > > From sage-members-owner@usenix.org Sun Jan 27 17:17:36 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0S1H1mJ022854 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 17:17:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0S1H0eS022853 for sage-members-0utGoign; Sun, 27 Jan 2008 17:17:01 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0S1GKvX022837 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 27 Jan 2008 17:16:46 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0S1G9DI012045; Sun, 27 Jan 2008 17:16:09 -0800 Message-ID: <479D2CD9.3090703@chycoski.com> Date: Sun, 27 Jan 2008 17:16:09 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Cat Okita CC: sellis@totallygeek.com, Brad Knowles , "Derek J. Balling" , Nathan Hruby , John Miller , sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <72aff9060801271548t6d03a866w32f134a25b9194ed@mail.gmail.com> <20080127191543.Q37106@gecko.reptiles.org> In-Reply-To: <20080127191543.Q37106@gecko.reptiles.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Cat Okita wrote: > On Sun, 27 Jan 2008, Sean Ellis wrote: >> I am seriously starting to question the "yellow wall" photo of the >> horrible cabling jobs. It looks like a data center about to be >> decommissioned that had maybe four or five spools of cable there. >> Someone said, "hey, let's put up all this cable and take a photo." I >> seriously don't know how any work would be accomplished if that was >> production cabling. > > I wish it was a fake - but I've worked in multiple datacenters that had > areas that looked far, far, -far- too similar (more colours, but not by > much, or by a statistically significant amount). > > As far as "any work would be accomplished" - it certainly made getting > work accomplished more of a challenge[0], and led to things like > stringing > still more cable across the tops of things, because it was easier than > using the buried patch panels... > > cheers! > [0] Whether that was getting agreement to add cables, remove cables, > finding a place where you could put cables, accidentally unplugging > the wrong cable... > ========================================================================== > > "A cat spends her life conflicted between a deep, passionate and profound > desire for fish and an equally deep, passionate and profound desire to > avoid getting wet. This is the defining metaphor of my life right now." When you go into a data centre (or converted closet that is being called a data centre!), see a mountain of cables cascading onto the floor, and the fileserver is named 'sauna' (guess how hot this room was?), you know that you're in for some work... The name and location of this so-called data centre will remain unannounced to protect the perpetrators... Fortunately, the equipment was quickly moved to a much safer environment! - Richard From sage-members-owner@usenix.org Mon Jan 28 08:00:46 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SG0LHC013293 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 08:00:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0SG0LdK013292 for sage-members-0utGoign; Mon, 28 Jan 2008 08:00:21 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.228]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SFxS6N013247 for ; Mon, 28 Jan 2008 07:59:53 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so1516476wxc.26 for ; Mon, 28 Jan 2008 07:59:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; bh=e80sagEtxWRCCnq43WpcRSmqGzjnZvndGiCkydmqwrg=; b=MrfpBrqut4wdUxCqluLJK3Ib4UhEHz0zX/PvnNWbBVrnsv4Z+7zOm2eJWznbLAe/776aWx6z6qbP0ijB6kCs6X2SIEmOLl2hi0ghVNqGbeYA7/vr9tjXCDW3CdrP2Yp88aTDjTQJY//Qwm3UV/FzSQv9IYvOvudJ3rsB0jtc0Zw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=o1XWnGuLO421hdygKvD+GfKRpADMwojJHJTcCNL+mfFRtOtAJvXuixYXfJo07ql1GnIcvPxwEPwhMACXH5SzNDQnetNk+0RggLZdHzDjBRFlqBN5KORflj7PXM0tc6DeI9aS2JkV6WQBx1NLyP2Lkg4Gi09Lpv8s+yAmDaY694E= Received: by 10.115.14.1 with SMTP id r1mr4354894wai.31.1201535963631; Mon, 28 Jan 2008 07:59:23 -0800 (PST) Received: by 10.114.75.3 with HTTP; Mon, 28 Jan 2008 07:59:23 -0800 (PST) Message-ID: Date: Mon, 28 Jan 2008 10:59:23 -0500 From: "Tom Limoncelli" To: "Richard Chycoski" Subject: [SAGE] Speaking of closet-turned-computer rooms... Cc: "Cat Okita" , sellis@totallygeek.com, "Brad Knowles" , "Derek J. Balling" , "Nathan Hruby" , "John Miller" , sage-members@sage.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Google-Sender-Auth: c11b7cb04f4b3446 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=9% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 27, 2008 8:16 PM, Richard Chycoski wrote: > > The name and location of this so-called data centre will remain > unannounced to protect the perpetrators... Fortunately, the equipment > was quickly moved to a much safer environment! > > - Richard Which reminds me... A bit of advice... A wiring closet usually doesn't have any cooling. I've often seen people add a router or two, then a few servers, then a lot of servers, and suddenly an uncooled wiring closet is called "the computer room". These can leach off the cooling of the office as long as there are only 1-2 servers, especially during the winter. Most office buildings turn off cooling/heating on the weekend. The first long weekend of the spring (Memorial Day weekend in the U.S.) tends to have many server melt-downs. If you have a computer closet, mark a day in April to test how hot your uncooled rooms get. That gives you about 4 weeks to correct the problem before Memorial Day. I've found that in an emergency, something like this: http://www.walmart.com/catalog/product.do?product_id=5799323 is sufficient until we can get a real cooling solution, and is cheap enough that I can grab 1 or 2 at WalMart without busting even the smallest purchasing limit. Tom From sage-members-owner@usenix.org Mon Jan 28 08:23:29 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SGN5k9014457 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 08:23:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0SGN4kS014456 for sage-members-0utGoign; Mon, 28 Jan 2008 08:23:04 -0800 (PST) Received: from rn-out-0102.google.com (rn-out-0910.google.com [64.233.170.189]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SGM8DG014399 for ; Mon, 28 Jan 2008 08:22:34 -0800 (PST) Received: by rn-out-0102.google.com with SMTP id v46so135937rnb.14 for ; Mon, 28 Jan 2008 08:22:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=vv/96GO/2sA+oKZ+TvO06t2ntKEX+nf/SiaZC+0wmHc=; b=eDPu+2Eq/M5VyIo2xdl9ztgsdK1VagjhBDbQIrOfuQ4s7yFhC1J/NlLgrVz6bVCxsygNN3AC8TFsKXlb79Trq7X+c3mDhtqvdmdW4h+co7V5TIrEP/+jKXzbPhXRf/d/5pYPf65cnEwXUEywbNKgVFzvy+Fv9t5sVSboxsyhvL4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=YGVo4DIPbngdUYV4So8ykXVbvMhGlMqId1M1lH3UjkSiqBLXeBx56pir/xlj7FdtlE0LhuzEzJMDHR+SuM42OWaeAL7ibnf2sXNQAM49vj6NHD1Nbbboj0kL7StUuXzWoXLk1yy8WPXmge4kiC/TbpZ0YZBp1IA9N96Au283yug= Received: by 10.151.9.1 with SMTP id m1mr2176071ybi.150.1201537323019; Mon, 28 Jan 2008 08:22:03 -0800 (PST) Received: by 10.150.202.15 with HTTP; Mon, 28 Jan 2008 08:22:02 -0800 (PST) Message-ID: <42338fbf0801280822y60f033f9uaf044f0e89b9eba0@mail.gmail.com> Date: Mon, 28 Jan 2008 11:22:02 -0500 From: "Dustin J. Mitchell" To: sage-members@sage.org Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... Cc: "Dan Locks" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: X-Google-Sender-Auth: aa6e2adceeba4e1a X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=9% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 28, 2008 10:59 AM, Tom Limoncelli wrote: > I've found that in an emergency, something like this: > http://www.walmart.com/catalog/product.do?product_id=5799323 > is sufficient until we can get a real cooling solution, and is cheap > enough that I can grab 1 or 2 at WalMart without busting even the > smallest purchasing limit. In a previous life, a school I worked at had its "computer room" in an uncooled basement (which, I suspect, had some steam pipes running through it somewhere). We had two similar units pointing straight at the equipment, running 24/7. As long as the drip tray got changed regularly, it wasn't a problem. It was always a laugh, though, to see the admin (hi, Dan) come to work in shorts and a T-shirt in the middle of the Chicago winter. Dustin -- Storage Software Engineer http://www.zmanda.com From sage-members-owner@usenix.org Mon Jan 28 09:43:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SHhf38017723 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 09:43:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0SHhfEf017722 for sage-members-0utGoign; Mon, 28 Jan 2008 09:43:41 -0800 (PST) Received: from Mycroft.westnet.com (Mycroft.westnet.com [216.187.52.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SHh1wi017696 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Mon, 28 Jan 2008 09:43:27 -0800 (PST) Received: from jfsnew.stoffel.org (24-241-23-116.dhcp.oxfr.ma.charter.com [24.241.23.116]) (authenticated bits=0) by Mycroft.westnet.com (8.14.0/8.14.0) with ESMTP id m0SHgrEG027752 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 28 Jan 2008 12:42:53 -0500 (EST) Received: by jfsnew.stoffel.org (Postfix, from userid 1000) id DD4E84EF42; Mon, 28 Jan 2008 12:42:52 -0500 (EST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <18334.5148.824781.699654@stoffel.org> Date: Mon, 28 Jan 2008 12:42:52 -0500 From: "John Stoffel" To: Brad Knowles Cc: "Derek J. Balling" , "Nathan Hruby" , "John Miller" , sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? In-Reply-To: References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> X-Mailer: VM 7.19 under Emacs 21.4.1 X-Virus-Scanned: ClamAV 0.92/5586/Mon Jan 28 11:45:12 2008 on Mycroft.westnet.com X-Virus-Status: Clean X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk >>>>> "Brad" == Brad Knowles writes: Brad> On 1/27/08, Derek J. Balling wrote: >> Think "that stuff that old-school telco guys can tie and untie with their >> eyes closed but which can be a black-magic art form to anyone else". Brad> I guess I've never been that fully exposed to old-school telco Brad> guys. My Dad used to use stuff kind of like this in the Brad> University theaters where he was the TD, and I vaguely recall Brad> doing pretty well in Boy Scouts in knot-tying using similar Brad> stuff, but I don't recall ever seeing this used outside of a Brad> theater environment. The nice thing about tie line in the Theatre world is that it's black. And it can't be seen from the second row. I used it more in the Rock'n'Roll theme, since my college has a group which did all on-campus (and some off) sound and lighting. It's great stuff, and we made sure that all our cables had a tie line on one end so that it could be coiled and then tied off neatly. Plus points if you got the coil right so that the ends plugged in to each other as well! I keep wanting to pick up some for home and put on the garden hose, electrical cords, etc. It's just handy to have around. John From sage-members-owner@usenix.org Mon Jan 28 10:47:04 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SIkNio022202 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 10:46:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0SIkMfx022200 for sage-members-0utGoign; Mon, 28 Jan 2008 10:46:22 -0800 (PST) Received: from mail.adimus.de (mail.adimus.de [78.47.239.5]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SIjbkw022149 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 10:45:43 -0800 (PST) Received: (qmail 667 invoked by uid 0); 28 Jan 2008 19:38:21 +0100 Received: by simscan 1.3.1 ppid: 663, pid: 664, t: 0.0442s scanners: regex: 1.3.1 Received: from unknown (HELO laphroiag.quux.de) (88.73.108.254) by mail.adimus.de with SMTP; 28 Jan 2008 19:38:21 +0100 Received: from jens by laphroiag.quux.de with local (Exim 3.36 #1 (Debian)) id 1JJYs1-0002HM-00 for ; Mon, 28 Jan 2008 19:38:13 +0100 From: Jens Link To: sage-members@sage.org Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... Organization: - References: X-URL: http://www.quux.de X-message-flag: HTML Mails will not be read! Send plain text! Date: Mon, 28 Jan 2008 19:38:13 +0100 In-Reply-To: (Tom Limoncelli's message of "Mon, 28 Jan 2008 10:59:23 -0500") Message-ID: <878x296bje.fsf@laphroiag.quux.de> User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk "Tom Limoncelli" writes: > Most office buildings turn off cooling/heating on the weekend. The > first long weekend of the spring (Memorial Day weekend in the U.S.) > tends to have many server melt-downs. Speaking of server melt-downs: http://thedailywtf.com/Articles/Im-Sure-You-Can-Deal.aspx cheers Jens -- sage@guug Berlin: http://www.guug.de/lokal/berlin/index.html http://www.openbc.com/go/invita/4269460 From sage-members-owner@usenix.org Mon Jan 28 11:48:56 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SJmh5G025839 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 11:48:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0SJmhfb025838 for sage-members-0utGoign; Mon, 28 Jan 2008 11:48:43 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.231]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SJlpoY025799 for ; Mon, 28 Jan 2008 11:48:17 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c55so1026923wra.11 for ; Mon, 28 Jan 2008 11:47:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=DTFS+wPNhfrg4via+BLyMz+nRjtO061BkG6BHU0HUyU=; b=cqmOSbtv8ySLYrUcwFJ1h5PvSfvio3Q9hciBzh/fqXxgcafmaQPZkg8enEedseZiLWAjzLiiAIZCNqXEWJzGBYn2M6dhOseQ3w6/duwJfzv5k5EoVtvt40yBrMj00Sq1jDurwMEVmjNU595n/zmIaT5RTTGYd0XX9DEypnwvKC0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=fpfgnDFTuofolas0zcKpJWgQ74Tpc0X8yQqbiCOy1AwEQWWY3covJzKQfrxM2USxocC3v0bNfgL30RmX9bKdZVdJxyrObC0+X9PL1/orTuRIMBPo1jlR8cJfE4KCzSnCt6B3v/Yix4kignu879io9D7IeUnM7iKXh6O0ayp4g9Y= Received: by 10.142.212.19 with SMTP id k19mr2646887wfg.224.1201549666608; Mon, 28 Jan 2008 11:47:46 -0800 (PST) Received: by 10.142.87.9 with HTTP; Mon, 28 Jan 2008 11:47:46 -0800 (PST) Message-ID: Date: Mon, 28 Jan 2008 11:47:46 -0800 From: "Kurt Buff" To: "SAGE mailing list" Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... In-Reply-To: <878x296bje.fsf@laphroiag.quux.de> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <878x296bje.fsf@laphroiag.quux.de> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 28, 2008 10:38 AM, Jens Link wrote: > "Tom Limoncelli" writes: > > > Most office buildings turn off cooling/heating on the weekend. The > > first long weekend of the spring (Memorial Day weekend in the U.S.) > > tends to have many server melt-downs. > > Speaking of server melt-downs: > > http://thedailywtf.com/Articles/Im-Sure-You-Can-Deal.aspx > > cheers > > Jens What a great argument for environmental monitoring. Wow. Taking early retirement is, uh, indicated. Truly a career-ending-action. Kurt From sage-members-owner@usenix.org Mon Jan 28 12:04:18 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SK45fP000064 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 12:04:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0SK45BQ000058 for sage-members-0utGoign; Mon, 28 Jan 2008 12:04:05 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SK38G5029752 for ; Mon, 28 Jan 2008 12:03:34 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id F382E15B8E9; Mon, 28 Jan 2008 14:55:41 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 32123-03; Mon, 28 Jan 2008 14:55:40 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id CEE5D15BAF4; Mon, 28 Jan 2008 14:55:39 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0SJtXgB098635; Mon, 28 Jan 2008 14:55:36 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <18334.5148.824781.699654@stoffel.org> References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> Date: Mon, 28 Jan 2008 13:35:38 -0600 To: "John Stoffel" , Brad Knowles From: Brad Knowles Subject: Re: [SAGE] Does your wiring look like this? Cc: "Derek J. Balling" , "Nathan Hruby" , "John Miller" , sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.086 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.313, BAYES_00=-2.599] X-Spam-Score: -4.086 X-Spam-Level: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/28/08, John Stoffel wrote: > It's great stuff, and we made sure that all our cables had a tie line > on one end so that it could be coiled and then tied off neatly. Plus > points if you got the coil right so that the ends plugged in to each > other as well! I do kind of remember that. We used Lark's Head knots to tie the tieline to the cable, which left the ends of the tieline free to tie around the cable. Of course, everyone here should already know that you can't roll cable around your elbow and hand. Instead, you "throw" the cable from one hand to the other, giving the cable a half twist as you go. The cable should find its own natural bend radius, and stay relatively neat. Or, you can use spools, and avoid getting the cable twisted. We avoided plugging the ends of the cable into each other, because each plug/socket is only good for a limited number of insertions/removals, and doing that when rolling/unrolling the cable will cut the life of the plug/socket in half, and it's usually rather painful/annoying to try to re-wire a plug or socket on a cable. > I keep wanting to pick up some for home and put on the garden hose, > electrical cords, etc. It's just handy to have around. I prefer to have rolls of velcro ties for that sort of thing. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Mon Jan 28 15:49:10 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SNmvoJ024127 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 15:48:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0SNmvZi024125 for sage-members-0utGoign; Mon, 28 Jan 2008 15:48:57 -0800 (PST) Received: from toq4-srv.bellnexxia.net (toq4.bellnexxia.net [209.226.175.24]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0SNmHpI024095 for ; Mon, 28 Jan 2008 15:48:43 -0800 (PST) Received: from toip3.srvr.bell.ca ([209.226.175.86]) by tomts16-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080128232505.BFWE574.tomts16-srv.bellnexxia.net@toip3.srvr.bell.ca> for ; Mon, 28 Jan 2008 18:25:05 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAKLznUdMQR+t/2dsb2JhbAAIrB0 Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip3.srvr.bell.ca with ESMTP; 28 Jan 2008 18:21:24 -0500 In-Reply-To: <18334.5148.824781.699654@stoffel.org> References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Cc: Sage Members Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Does your wiring look like this? Date: Mon, 28 Jan 2008 18:24:57 -0500 To: John Stoffel X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=53% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 28, 2008, at 12:42, John Stoffel wrote: > It's great stuff, and we made sure that all our cables had a tie line > on one end so that it could be coiled and then tied off neatly. Plus > points if you got the coil right so that the ends plugged in to each > other as well! And how many people know how to coil properly? :) (Unless you've taken sailing lessons perhaps.) From sage-members-owner@usenix.org Mon Jan 28 17:03:26 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T131Fi006586 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:03:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0T131xT006585 for sage-members-0utGoign; Mon, 28 Jan 2008 17:03:01 -0800 (PST) Received: from relay00.pair.com (relay00.pair.com [209.68.5.9]) by usenix.org (8.13.6/8.13.6) with SMTP id m0T123oZ006408 for ; Mon, 28 Jan 2008 17:02:28 -0800 (PST) Received: (qmail 13898 invoked by uid 0); 29 Jan 2008 01:02:02 -0000 Received: from unknown (HELO ?66.119.212.42?) (unknown) by unknown with SMTP; 29 Jan 2008 01:02:02 -0000 X-pair-Authenticated: 66.119.212.42 Message-ID: <479E7B08.1070504@deaddrop.org> Date: Mon, 28 Jan 2008 17:02:00 -0800 From: Lynda Organization: dig @localhost TXT CHAOS version.bind User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.11) Gecko/20050728 X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE Members Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... References: <878x296bje.fsf@laphroiag.quux.de> In-Reply-To: <878x296bje.fsf@laphroiag.quux.de> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=3% Sender: owner-sage-members@usenix.org Precedence: bulk Jens Link wrote: >"Tom Limoncelli" writes: > > > >>Most office buildings turn off cooling/heating on the weekend. The >>first long weekend of the spring (Memorial Day weekend in the U.S.) >>tends to have many server melt-downs. >> >> > >Speaking of server melt-downs: > >http://thedailywtf.com/Articles/Im-Sure-You-Can-Deal.aspx > > As funny as it is, I've been assured that it's an urban legend. Here's another, similar event. http://www.just-whatever.com/2007/06/05/lets-save-the-environment/ -- The Consultant's Curse: When the customer has beaten upon you long enough, give him what he asks for, instead of what he needs. This is very strong medicine, and is normally only required once. From sage-members-owner@usenix.org Mon Jan 28 17:24:50 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1OKNV010757 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:24:24 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0T1OKSh010755 for sage-members-0utGoign; Mon, 28 Jan 2008 17:24:20 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1ND5c010584 for ; Mon, 28 Jan 2008 17:23:38 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 6406E558623; Mon, 28 Jan 2008 20:23:12 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 23662-04; Mon, 28 Jan 2008 20:23:10 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id 99E60558608; Mon, 28 Jan 2008 20:23:10 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0T1N9xp010943; Mon, 28 Jan 2008 20:23:09 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <479E7B08.1070504@deaddrop.org> References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> Date: Mon, 28 Jan 2008 19:22:49 -0600 To: Lynda , SAGE Members From: Brad Knowles Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.344 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.055, BAYES_00=-2.599] X-Spam-Score: -4.344 X-Spam-Level: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=7% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/28/08, Lynda wrote: >> Speaking of server melt-downs: >> http://thedailywtf.com/Articles/Im-Sure-You-Can-Deal.aspx > > As funny as it is, I've been assured that it's an urban legend. Here's > another, similar event. > > http://www.just-whatever.com/2007/06/05/lets-save-the-environment/ According to this thread at snopes.com (see ), is does seem likely that this is an urban legend. But there is a lot of amazingly stupid stuff out there. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Mon Jan 28 17:34:45 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1YinX011821 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:34:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0T1YiIO011820 for sage-members-0utGoign; Mon, 28 Jan 2008 17:34:44 -0800 (PST) Received: from adsl-67-122-242-225.dsl.pltn13.pacbell.net (adsl-67-122-242-225.dsl.pltn13.pacbell.net [67.122.242.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1Y8nK011785 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:34:33 -0800 (PST) Received: from [192.168.72.2] (wizfast.rski.net [192.168.72.2]) by adsl-67-122-242-225.dsl.pltn13.pacbell.net (8.13.8/8.13.8) with ESMTP id m0T1Y337021233 for ; Mon, 28 Jan 2008 17:34:03 -0800 Message-ID: <479E828A.5030104@chycoski.com> Date: Mon, 28 Jan 2008 17:34:02 -0800 From: Richard Chycoski User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: SAGE Members Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Brad Knowles wrote: > On 1/28/08, Lynda wrote: > >>> Speaking of server melt-downs: >>> http://thedailywtf.com/Articles/Im-Sure-You-Can-Deal.aspx >> >> As funny as it is, I've been assured that it's an urban legend. Here's >> another, similar event. >> >> http://www.just-whatever.com/2007/06/05/lets-save-the-environment/ > > According to this thread at snopes.com (see > ), is does seem > likely that this is an urban legend. > > But there is a lot of amazingly stupid stuff out there. > Like at former $WORK, where, for a number of years, 'the big red buttons' in the data centre *only* powered off the air conditioners, not the computers... - Richard From sage-members-owner@usenix.org Mon Jan 28 17:41:04 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1exs6012446 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:41:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0T1ex3h012445 for sage-members-0utGoign; Mon, 28 Jan 2008 17:40:59 -0800 (PST) Received: from bache.ece.cmu.edu (BACHE.ECE.CMU.EDU [128.2.129.23]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1eFBh012362 for ; Mon, 28 Jan 2008 17:40:40 -0800 (PST) Received: from [10.9.204.128] (dsl093-061-215.pit1.dsl.speakeasy.net [66.93.61.215]) by bache.ece.cmu.edu (Postfix) with ESMTP id C4EFE99 for ; Mon, 28 Jan 2008 20:40:14 -0500 (EST) Mime-Version: 1.0 (Apple Message framework v753) In-Reply-To: <479E7B08.1070504@deaddrop.org> References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <6BEF01D6-4F26-4CD5-BDFB-33B3A386806E@ece.cmu.edu> Content-Transfer-Encoding: 7bit From: "Brandon S. Allbery KF8NH" Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... Date: Mon, 28 Jan 2008 20:40:12 -0500 To: SAGE Members X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 28, 2008, at 20:02 , Lynda wrote: > Jens Link wrote: > >> Speaking of server melt-downs: >> http://thedailywtf.com/Articles/Im-Sure-You-Can-Deal.aspx > > As funny as it is, I've been assured that it's an urban legend. > Here's another, similar event. > > http://www.just-whatever.com/2007/06/05/lets-save-the-environment/ While it probably is an urban legend, I'm reminded that some otherwise fairly sensible mail admins have asserted that Trey's 500- mile-email story is an urban legend.... -- brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu electrical and computer engineering, carnegie mellon university KF8NH From sage-members-owner@usenix.org Mon Jan 28 17:57:18 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1umF7013461 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:57:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0T1umsi013459 for sage-members-0utGoign; Mon, 28 Jan 2008 17:56:48 -0800 (PST) Received: from slick.sigje.org (slick.sigje.org [64.125.64.90]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1uKNe013422 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:56:45 -0800 (PST) Received: from sigje (helo=localhost) by slick.sigje.org with local-esmtp (Exim 4.66 (FreeBSD)) (envelope-from ) id 1JJf16-0005OH-SV; Mon, 28 Jan 2008 17:12:00 -0800 Date: Mon, 28 Jan 2008 17:12:00 -0800 (PST) From: Jennifer To: Lynda cc: SAGE Members Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... In-Reply-To: <479E7B08.1070504@deaddrop.org> Message-ID: <20080128170755.L19864@slick.sigje.org> References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk I read this: Fatalities: Exchange Server, Domain Controllers, a few Sun boxes that I m not sure of the usage. Near-Fatalities: Phone Switch, Apps Servers. Temperature of server room 7AM Tuesday Morning: 90 Degrees Fahrenheit. and I _know_ from personal experience that even in a room with 3000+ systems and temperatures of 120 degrees fahrenheit and rising, that systems don't fail that bad :) A few melted bits on some Cisco equipment, and some resets of BIOS (no idea why that happened) on some equipment and everything else ran fine .. although the filers did start making nasty smells, and shutting themselves down. It was not a pleasant experience, but the city talked to the building management about shutting off the water. The building management didn't notify us that they were shutting off our water from our cooling tower.. Suffice it to say, much fun was had in a very short space of time. Jennifer From sage-members-owner@usenix.org Mon Jan 28 17:58:39 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1w2n8013548 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 28 Jan 2008 17:58:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0T1w2DS013545 for sage-members-0utGoign; Mon, 28 Jan 2008 17:58:02 -0800 (PST) Received: from smtp102.his.com (smtp102.his.com [216.194.225.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0T1uxok013473 for ; Mon, 28 Jan 2008 17:57:24 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id BB39A558626; Mon, 28 Jan 2008 20:56:58 -0500 (EST) Received: from smtp102.his.com ([216.194.225.125]) by localhost (smtp102.his.com [216.194.225.125]) (amavisd-new, port 10024) with ESMTP id 26649-06; Mon, 28 Jan 2008 20:56:56 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp102.his.com (Postfix) with ESMTP id 1AD99558612; Mon, 28 Jan 2008 20:56:56 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0T1utSL012001; Mon, 28 Jan 2008 20:56:55 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <6BEF01D6-4F26-4CD5-BDFB-33B3A386806E@ece.cmu.edu> References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> <6BEF01D6-4F26-4CD5-BDFB-33B3A386806E@ece.cmu.edu> Date: Mon, 28 Jan 2008 19:56:50 -0600 To: "Brandon S. Allbery KF8NH" , SAGE Members From: Brad Knowles Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.344 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.055, BAYES_00=-2.599] X-Spam-Score: -4.344 X-Spam-Level: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=7% Sender: owner-sage-members@usenix.org Precedence: bulk On 1/28/08, Brandon S. Allbery KF8NH wrote: > While it probably is an urban legend, I'm reminded that some otherwise > fairly sensible mail admins have asserted that Trey's 500-mile-email > story is an urban legend.... You mean the story referenced at ? I don't doubt Trey's story at all. I've personally seen stuff just about that weird. For example, the e-mail that could only travel 32 router hops from sender to recipient, who were in offices across the hall from each other (in LA, IIRC), but who were on different e-mail systems. Of course, the recipient was on AOL, and our Internet mail gateway systems were just across the 33rd router hop from the sending system. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Tue Jan 29 05:57:12 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TDvBsa004402 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 05:57:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0TDvBbs004401 for sage-members-0utGoign; Tue, 29 Jan 2008 05:57:11 -0800 (PST) Received: from Mycroft.westnet.com (Mycroft.westnet.com [216.187.52.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TDuNNw004373 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Tue, 29 Jan 2008 05:56:50 -0800 (PST) Received: from jfsnew.stoffel.org (24-241-23-116.dhcp.oxfr.ma.charter.com [24.241.23.116]) (authenticated bits=0) by Mycroft.westnet.com (8.14.0/8.14.0) with ESMTP id m0TDuMFa020357 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 29 Jan 2008 08:56:22 -0500 (EST) Received: by jfsnew.stoffel.org (Postfix, from userid 1000) id 071194EF42; Tue, 29 Jan 2008 08:56:21 -0500 (EST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <18335.12421.957269.714465@stoffel.org> Date: Tue, 29 Jan 2008 08:56:21 -0500 From: "John Stoffel" To: David Magda Cc: John Stoffel , Sage Members Subject: Re: [SAGE] Does your wiring look like this? In-Reply-To: References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> X-Mailer: VM 7.19 under Emacs 21.4.1 X-Virus-Scanned: ClamAV 0.92/5596/Tue Jan 29 07:55:12 2008 on Mycroft.westnet.com X-Virus-Status: Clean X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk >>>>> "David" == David Magda writes: David> On Jan 28, 2008, at 12:42, John Stoffel wrote: >> It's great stuff, and we made sure that all our cables had a tie line >> on one end so that it could be coiled and then tied off neatly. Plus >> points if you got the coil right so that the ends plugged in to each >> other as well! David> And how many people know how to coil properly? :) Before I got there, not many, afterwards, alot more since I was a fiend for proper coiling. David> (Unless you've taken sailing lessons perhaps.) Grew up sailing, so I learned at a young age. :] From sage-members-owner@usenix.org Tue Jan 29 06:02:37 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TE2C9J004769 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 06:02:13 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0TE2CwE004765 for sage-members-0utGoign; Tue, 29 Jan 2008 06:02:12 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TE1JjR004697 for ; Tue, 29 Jan 2008 06:01:44 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id 0BCE33AE30; Tue, 29 Jan 2008 09:01:03 -0500 (EST) Date: Tue, 29 Jan 2008 09:01:04 -0500 From: Neil Watson To: Sage Members Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080129140104.GA7759@watson-wilson.ca> References: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <18335.12421.957269.714465@stoffel.org> X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-12-11) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 29, 2008 at 08:56:21AM -0500, John Stoffel wrote: >David> (Unless you've taken sailing lessons perhaps.) Or a roadie. -- Neil Watson | Debian Linux System Administrator | Uptime 3 days http://watson-wilson.ca From sage-members-owner@usenix.org Tue Jan 29 07:55:16 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TFtGo6016222 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 07:55:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0TFtGHd016220 for sage-members-0utGoign; Tue, 29 Jan 2008 07:55:16 -0800 (PST) Received: from eero.baz.org (eero.baz.org [12.130.29.202]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TFsmiW016155 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=FAIL) for ; Tue, 29 Jan 2008 07:55:14 -0800 (PST) Received: by eero.baz.org (Postfix, from userid 1015) id 407FA89976; Tue, 29 Jan 2008 10:30:10 -0500 (EST) Date: Tue, 29 Jan 2008 10:30:10 -0500 From: Luke Hankins To: Richard Chycoski Cc: SAGE Members Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... Message-ID: <20080129153010.GR1411@ethersmith.com> References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> <479E828A.5030104@chycoski.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <479E828A.5030104@chycoski.com> User-Agent: Mutt/1.5.6i X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk * Richard Chycoski wrote: > Like at former $WORK, where, for a number of years, 'the big red > buttons' in the data centre *only* powered off the air conditioners, not > the computers... Er, we've got contractors doing work right now to fix an error they made when we moved in a year ago: The EPO just cuts the power to the AC and UPS units, but doesn't tell the UPS units to dump their output power. Oops. We discovered this when a contractor pressed the EPO, thinking that it was the door release button. To be fair, it didn't have a sign on it... or a plastic box... or even a little plastic cover. *sigh* (Not my responsibility, I'm just a tenant in the machine room in question.) -Luke From sage-members-owner@usenix.org Tue Jan 29 08:50:18 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TGo3bE021026 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 08:50:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0TGo3Hw021023 for sage-members-0utGoign; Tue, 29 Jan 2008 08:50:03 -0800 (PST) Received: from rtp-iport-2.cisco.com (rtp-iport-2.cisco.com [64.102.122.149]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TGntM0021004 for ; Tue, 29 Jan 2008 08:50:00 -0800 (PST) Received: from rtp-dkim-1.cisco.com ([64.102.121.158]) by rtp-iport-2.cisco.com with ESMTP; 29 Jan 2008 11:42:01 -0500 Received: from rtp-core-1.cisco.com (rtp-core-1.cisco.com [64.102.124.12]) by rtp-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id m0TGftC3023425; Tue, 29 Jan 2008 11:41:55 -0500 Received: from [10.19.54.148] (sjc-rac-8713.cisco.com [10.19.54.148]) by rtp-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id m0TGfdVJ014609; Tue, 29 Jan 2008 16:41:54 GMT Message-ID: <479F5705.4040009@chycoski.com> Date: Tue, 29 Jan 2008 08:40:37 -0800 From: Richard Chycoski Reply-To: rskiadmin@chycoski.com User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Luke Hankins CC: SAGE Members Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> <479E828A.5030104@chycoski.com> <20080129153010.GR1411@ethersmith.com> In-Reply-To: <20080129153010.GR1411@ethersmith.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: rtp-dkim-1; header.From=rskiadmin@chycoski.com; dkim=neutral X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk I heard a similar story (hitting the EPO button thinking that it opened the door) from one of our IBM Customer Engineers (about someone *else* doing it, of course :-). This was about 30 years ago. The more things change, the more they stay the same. :-) - Richard Luke Hankins wrote: > * Richard Chycoski wrote: >> Like at former $WORK, where, for a number of years, 'the big red >> buttons' in the data centre *only* powered off the air conditioners, not >> the computers... > > Er, we've got contractors doing work right now to fix an error they made > when we moved in a year ago: The EPO just cuts the power to the AC and UPS > units, but doesn't tell the UPS units to dump their output power. Oops. > > We discovered this when a contractor pressed the EPO, thinking that it was > the door release button. To be fair, it didn't have a sign on it... or a > plastic box... or even a little plastic cover. *sigh* > > (Not my responsibility, I'm just a tenant in the machine room in question.) > > -Luke > From sage-members-owner@usenix.org Tue Jan 29 08:57:29 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TGvHjt021635 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 08:57:17 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0TGvHbM021634 for sage-members-0utGoign; Tue, 29 Jan 2008 08:57:17 -0800 (PST) Received: from morpheus.lapseofthought.com (adsl-66-124-80-202.dsl.snfc21.pacbell.net [66.124.80.202]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TGuQIi021595 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 08:56:51 -0800 (PST) Received: from [127.0.0.1] (morpheus.lapseofthought.com [172.16.42.16]) (authenticated bits=0) by morpheus.lapseofthought.com (8.13.8/8.13.8) with ESMTP id m0TGeNSv049560 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 08:40:40 -0800 (PST) (envelope-from drich@employees.org) Message-ID: <479F56F7.1030600@employees.org> Date: Tue, 29 Jan 2008 08:40:23 -0800 From: Dan Rich User-Agent: Thunderbird 2.0.0.9 (X11/20071031) MIME-Version: 1.0 To: Sage Members Subject: Re: [SAGE] Does your wiring look like this? References: <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> <20080129140104.GA7759@watson-wilson.ca> In-Reply-To: <20080129140104.GA7759@watson-wilson.ca> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new X-Spam-Status: No, score=-1.2 required=6.0 tests=BAYES_00, DATE_IN_FUTURE_96_XX autolearn=no version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on morpheus.lapseofthought.com X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Neil Watson wrote: > On Tue, Jan 29, 2008 at 08:56:21AM -0500, John Stoffel wrote: >> David> (Unless you've taken sailing lessons perhaps.) > > Or a roadie. Or anyone who has had to work with me backstage at a theatre. I'm a bit militant about it (and I've trained several dozen people to do it the "right way"^tm. -- Dan Rich | http://www.employees.org/~drich/ | "Step up to red alert!" "Are you sure, sir? | It means changing the bulb in the sign..." | - Red Dwarf (BBC) From sage-members-owner@usenix.org Tue Jan 29 09:12:50 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0THCcui022563 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 09:12:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0THCbCq022562 for sage-members-0utGoign; Tue, 29 Jan 2008 09:12:38 -0800 (PST) Received: from zimbra.ccs.neu.edu (zimbra.ccs.neu.edu [129.10.116.59]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0THBwxq022515 for ; Tue, 29 Jan 2008 09:12:23 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by zimbra.ccs.neu.edu (Postfix) with ESMTP id BB709AA8526; Tue, 29 Jan 2008 12:11:57 -0500 (EST) X-Virus-Scanned: amavisd-new at X-Spam-Flag: NO X-Spam-Score: -4.018 X-Spam-Level: X-Spam-Status: No, score=-4.018 tagged_above=-10 required=6.6 tests=[ALL_TRUSTED=-1.8, AWL=0.381, BAYES_00=-2.599] Received: from zimbra.ccs.neu.edu ([127.0.0.1]) by localhost (zimbra.ccs.neu.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0VAKRz3Y9Ptw; Tue, 29 Jan 2008 12:11:49 -0500 (EST) Received: from omphaloskepsis.ccs.neu.edu (omphaloskepsis.ccs.neu.edu [129.10.116.223]) by zimbra.ccs.neu.edu (Postfix) with ESMTP id 88FBEAA8525; Tue, 29 Jan 2008 12:11:49 -0500 (EST) Cc: lisa08chair@usenix.org Message-Id: From: David Blank-Edelman To: Sage Members In-Reply-To: <18335.12421.957269.714465@stoffel.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] Does your wiring look like this? Date: Tue, 29 Jan 2008 12:11:48 -0500 References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk (cc'ing the next LISA chair) On Jan 29, 2008, at 8:56 AM, John Stoffel wrote: >>>>>> "David" == David Magda writes: > > David> And how many people know how to coil properly? :) This is going to sound peculiar, but I would *love* it if someone would have a BoF or some other evening activity at the next LISA around skills like this. I've never been a sailor, theatre tech or roadie and would love the opportunity to learn this from someone who knew what she or he was doing. I also wonder, are there other transferable physical skills from people's other lives that could be taught there? -- dNb From sage-members-owner@usenix.org Tue Jan 29 09:28:29 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0THSSgc023618 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 09:28:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0THSSND023616 for sage-members-0utGoign; Tue, 29 Jan 2008 09:28:28 -0800 (PST) Received: from hapkido.dreamhost.com (postfix@hapkido.dreamhost.com [66.33.216.122]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0THRnl7023578 for ; Tue, 29 Jan 2008 09:28:14 -0800 (PST) Received: from randymail-a1.g.dreamhost.com (sd-green-bigip-177.dreamhost.com [208.97.132.177]) by hapkido.dreamhost.com (Postfix) with ESMTP id 30D5A17A68F for ; Tue, 29 Jan 2008 09:27:48 -0800 (PST) Received: from [192.168.1.103] (cpe-66-61-63-225.neo.res.rr.com [66.61.63.225]) by randymail-a1.g.dreamhost.com (Postfix) with ESMTP id EF8BE18DA57 for ; Tue, 29 Jan 2008 09:27:09 -0800 (PST) Message-Id: <18396817-FC1C-4CB9-9981-66B191E91754@tangledhelix.com> From: Dan Lowe To: SAGE Members In-Reply-To: <479F5705.4040009@chycoski.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] Speaking of closet-turned-computer rooms... Date: Tue, 29 Jan 2008 12:27:08 -0500 References: <878x296bje.fsf@laphroiag.quux.de> <479E7B08.1070504@deaddrop.org> <479E828A.5030104@chycoski.com> <20080129153010.GR1411@ethersmith.com> <479F5705.4040009@chycoski.com> X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=26% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 29, 2008, at 11:40 AM, Richard Chycoski wrote: > I heard a similar story (hitting the EPO button thinking that it > opened the door) from one of our IBM Customer Engineers (about > someone *else* doing it, of course :-). > > This was about 30 years ago. The more things change, the more they > stay the same. :-) I was working in the security department (physical, not computer) at a national insurance company around 1994 when one of our guards hit the big red button thinking it was how you opened the door. We had harassed him to hit the button instead of just turning the doorknob, because every time he opened the door using the doorknob, a silent alarm went off and we had to disarm it within 60 seconds or the police would show up. The real door button was a 6x6" strike plate on the wall about 5 feet from the door, and the big red button was about 35-40 feet from any door, in the center of the room, in the middle of the fire panel. Under one of those plastic guards you have to lift up with your thumb before you can even hit the button. No, none of these things stopped him. I wasn't on shift the day this happened, fortunately. The resulting panic was quite stressful, my boss assured me as he told me the story the next day. He had spun down a room full of mainframes, containing every policy and billing record and everything else for every customer for every office across the country. As well as the other side of the room, where all of the tape robots were that backed all of this stuff up. Needless to say, he was fired on the spot and the IT department gave all our guards dirty looks for quite a while after that. -dan > Luke Hankins wrote: >> * Richard Chycoski wrote: >>> Like at former $WORK, where, for a number of years, 'the big red >>> buttons' in the data centre *only* powered off the air >>> conditioners, not the computers... From sage-members-owner@usenix.org Tue Jan 29 10:00:43 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TI0gdN025373 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 10:00:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0TI0gUV025371 for sage-members-0utGoign; Tue, 29 Jan 2008 10:00:42 -0800 (PST) Received: from kyrios.zvr.gr (postfix@kyrios.zvr.gr [195.251.255.25]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TI03AE025330 for ; Tue, 29 Jan 2008 10:00:28 -0800 (PST) Received: by kyrios.zvr.gr (Postfix, from userid 222) id 5825323958; Tue, 29 Jan 2008 19:37:17 +0200 (EET) Date: Tue, 29 Jan 2008 19:37:17 +0200 From: Alexios Zavras To: David Blank-Edelman Cc: Sage Members Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080129173717.GT30566@zvr.gr> References: <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Mailing-Address: P.O. Box 24071, GR-11110 Athens, Greece X-Mobile: +30-6947181285 X-Phone: +30-2102010669 X-Fax: +30-2102010669 User-Agent: Mutt/1.5.13 (2006-08-11) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk David Blank-Edelman wrote [edited]: > I also wonder, are there other transferable physical skills from > people's other lives that could be taught there? lock picking (1/2 :-) -- -- zvr -- -- +---------------------------+ Alexios Zavras (-zvr-) | H eytyxia den exei enoxes | zvr@zvr.gr +-----------------------zvr-+ From sage-members-owner@usenix.org Tue Jan 29 10:41:25 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TIfOer027539 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 10:41:24 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0TIfOfZ027538 for sage-members-0utGoign; Tue, 29 Jan 2008 10:41:24 -0800 (PST) Received: from relay02.pair.com (relay02.pair.com [209.68.5.16]) by usenix.org (8.13.6/8.13.6) with SMTP id m0TIf0EE027492 for ; Tue, 29 Jan 2008 10:41:10 -0800 (PST) Received: (qmail 4993 invoked by uid 0); 29 Jan 2008 18:34:20 -0000 Received: from unknown (HELO ?66.119.212.42?) (unknown) by unknown with SMTP; 29 Jan 2008 18:34:20 -0000 X-pair-Authenticated: 66.119.212.42 Message-ID: <479F71A9.40503@deaddrop.org> Date: Tue, 29 Jan 2008 10:34:17 -0800 From: Lynda Organization: dig @localhost TXT CHAOS version.bind User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.11) Gecko/20050728 X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE Members Subject: Re: [SAGE] Does your wiring look like this? References: <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> <20080129173717.GT30566@zvr.gr> In-Reply-To: <20080129173717.GT30566@zvr.gr> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=9% Sender: owner-sage-members@usenix.org Precedence: bulk Alexios Zavras wrote: >David Blank-Edelman wrote [edited]: > > >>I also wonder, are there other transferable physical skills from >>people's other lives that could be taught there? >> >> > >lock picking (1/2 :-) > > IFF you live in a state where the mere possession of those tools is not illegal. There are more states with laws that pertain to this than you might think. I know you were mostly joking, of course. Before anyone says that it's part of the job if you're testing physical security as part of an audit, I'm going to tell you that the laws still apply (unless you are a locksmith). -- The Consultant's Curse: When the customer has beaten upon you long enough, give him what he asks for, instead of what he needs. This is very strong medicine, and is normally only required once. From sage-members-owner@usenix.org Tue Jan 29 17:05:03 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U14xeZ026511 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 17:04:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U14xeV026506 for sage-members-0utGoign; Tue, 29 Jan 2008 17:04:59 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U14vg6026493 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 17:04:57 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U14vK6026492 for sage-members@usenix.org; Tue, 29 Jan 2008 17:04:57 -0800 (PST) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.177]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0TNdcea020242 for ; Tue, 29 Jan 2008 15:40:16 -0800 (PST) Received: by wa-out-1112.google.com with SMTP id j4so23462wah.1 for ; Tue, 29 Jan 2008 15:39:30 -0800 (PST) Received: by 10.114.124.1 with SMTP id w1mr15563wac.131.1201649970739; Tue, 29 Jan 2008 15:39:30 -0800 (PST) Received: by 10.114.79.15 with HTTP; Tue, 29 Jan 2008 15:39:30 -0800 (PST) Message-ID: Date: Tue, 29 Jan 2008 17:39:30 -0600 From: "Chris Nelson" To: sage-members@sage.org Subject: [SAGE] Apache access_log -> Syslog MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Google-Sender-Auth: 8553f41d93c345ea X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Greetings, I've been experimenting with feeding Apache access_log into Syslog with little to no success. I have tried a perl script (found through the grace of Google) with the Sys::Syslog mod. I have looked at mod_security, but that is a bit more than I was ready to implement just yet. Does anyone else have any suggestions or experience with this? Cheers, Chris From sage-members-owner@usenix.org Tue Jan 29 17:38:09 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U1bc2Q028946 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 17:37:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U1bcWT028943 for sage-members-0utGoign; Tue, 29 Jan 2008 17:37:38 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U1b7cr028875 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 17:37:07 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U1b7E7028873 for sage-members@usenix.org; Tue, 29 Jan 2008 17:37:07 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.176]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U1GIL5027336 for ; Tue, 29 Jan 2008 17:16:44 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so53149pyb.10 for ; Tue, 29 Jan 2008 17:16:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=EYMh6Dixljxyb1QoAYdliEFcWHJZ6P08+Yt/3LF9h/w=; b=Jg3Bu5DMluxkecTQZRR+T1cE2GQz4a7IygKz5bCy9edRnmWVJeHIYb/YrsDax27/Hs4p31znixdrcxRzwQWP41Ro/IJFRPSaD0Ud1KLU3upy4tEuC23WNZXruk+rf+5icOipkygs4n6hHsXv3xfaPnZmVudcE6ALY3xHxBD3vkM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=FsboJSe7SgY3IcVYprQV2KYUx3bqG/VV1XokF4ur9wjx5SDyBP8k/RugFYxohLL1p9H6HGTKZvKlFEaq/BSVSRoFWwnF0qYwAFkjypvxFakS/F9xa/okQbyxCw1MKZHk/jqSFV+4pafz/ix3nFq8vrvXMhAf82EDvLNUlmJBX+4= Received: by 10.65.222.11 with SMTP id z11mr255980qbq.39.1201655772158; Tue, 29 Jan 2008 17:16:12 -0800 (PST) Received: by 10.65.96.18 with HTTP; Tue, 29 Jan 2008 17:16:12 -0800 (PST) Message-ID: Date: Tue, 29 Jan 2008 17:16:12 -0800 From: "Gary Richardson" To: "Chris Nelson" Subject: Re: [SAGE] Apache access_log -> Syslog Cc: sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_13335_9030982.1201655772145" References: X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_13335_9030982.1201655772145 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Was http://www.oreillynet.com/pub/a/sysadmin/2006/10/12/httpd-syslog.htmlyour perl script? Did you try something like: echo hi there | apache_syslog To see if the script is working? On Jan 29, 2008 3:39 PM, Chris Nelson < csnelson+sage-members-posting@cryptzero.net> wrote: > Greetings, > > I've been experimenting with feeding Apache access_log into Syslog > with little to no success. I have tried a perl script (found through > the grace of Google) with the Sys::Syslog mod. I have looked at > mod_security, but that is a bit more than I was ready to implement > just yet. Does anyone else have any suggestions or experience with > this? > > > Cheers, > Chris > ------=_Part_13335_9030982.1201655772145 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Was http://www.oreillynet.com/pub/a/sysadmin/2006/10/12/httpd-syslog.html your perl script? Did you try something like:

echo hi there | apache_syslog

To see if the script is working?

On Jan 29, 2008 3:39 PM, Chris Nelson <csnelson+sage-members-posting@cryptzero.net> wrote:
Greetings,

I've been experimenting with feeding Apache access_log into Syslog
with little to no success.  I have tried a perl script (found through
the grace of Google)  with the Sys::Syslog mod.  I have looked at
mod_security, but that is a bit more than I was ready to implement
just yet.  Does anyone else have any suggestions or experience with
this?


Cheers,
Chris

------=_Part_13335_9030982.1201655772145-- From sage-members-owner@usenix.org Tue Jan 29 17:44:15 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U1i2S8029563 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 17:44:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U1i230029562 for sage-members-0utGoign; Tue, 29 Jan 2008 17:44:02 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.226]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U1h6Qc029489 for ; Tue, 29 Jan 2008 17:43:36 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c49so52024wra.1 for ; Tue, 29 Jan 2008 17:43:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=ZuTIkLymVl4OW6gkSmNoLjRIRTl5RIhu2fSdN1BdMSE=; b=LSDdZ1IswXT4CdA5LkqvfbK9/NHwdjHMbyZT1kqPOT02ixsx5G4HLBooZCwKZs4c4o5wcPBTG0NYaWLRJBc5jaRucNFdVeCRwCR5om7z11bcVQsKac2qXHJiwu+YghguTZcsldgwZ9xeUopYpBZzZqW/C3B7XfRBO3kbJVKYkIA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=wgcCr26iHIXVAl3GAJcdzMunKE3IbTXoLg28B20rXTEJvuSxNvSM31wCZRRX17CUjRF1ngJECxhIuNT1EaHFEKk7moMfK29n7PKIQSai4hkgt1WxWtxuv0B/XCT0lpCmPrIeIyJRWb4RUdCFyTgy7ReltRkHoS5xsJmbOKK47Zo= Received: by 10.142.216.9 with SMTP id o9mr49331wfg.226.1201657378756; Tue, 29 Jan 2008 17:42:58 -0800 (PST) Received: by 10.142.87.9 with HTTP; Tue, 29 Jan 2008 17:42:58 -0800 (PST) Message-ID: Date: Tue, 29 Jan 2008 17:42:58 -0800 From: "Kurt Buff" To: "Chris Nelson" Subject: Re: [SAGE] Apache access_log -> Syslog Cc: sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk It looks like you're on the right track. I searched for this some time ago, and the following were my best finds http://www.precision-guesswork.com/sage-guide/apache.html http://www.oreillynet.com/pub/a/sysadmin/2006/10/12/httpd-syslog.html On Jan 29, 2008 3:39 PM, Chris Nelson wrote: > Greetings, > > I've been experimenting with feeding Apache access_log into Syslog > with little to no success. I have tried a perl script (found through > the grace of Google) with the Sys::Syslog mod. I have looked at > mod_security, but that is a bit more than I was ready to implement > just yet. Does anyone else have any suggestions or experience with > this? > > > Cheers, > Chris > From sage-members-owner@usenix.org Tue Jan 29 19:14:40 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U3Edsr004181 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 19:14:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U3EdX8004180 for sage-members-0utGoign; Tue, 29 Jan 2008 19:14:39 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.225]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U3DqUH004133 for ; Tue, 29 Jan 2008 19:14:18 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so102122wxc.26 for ; Tue, 29 Jan 2008 19:13:43 -0800 (PST) Received: by 10.142.240.9 with SMTP id n9mr66321wfh.79.1201656922043; Tue, 29 Jan 2008 17:35:22 -0800 (PST) Received: by 10.142.84.18 with HTTP; Tue, 29 Jan 2008 17:35:22 -0800 (PST) Message-ID: Date: Tue, 29 Jan 2008 19:35:22 -0600 From: "Nathan Hruby" To: "Chris Nelson" Subject: Re: [SAGE] Apache access_log -> Syslog Cc: sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: X-Google-Sender-Auth: cbc66fa534cf8768 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 29, 2008 5:39 PM, Chris Nelson wrote: > Greetings, > > I've been experimenting with feeding Apache access_log into Syslog > with little to no success. I have tried a perl script (found through > the grace of Google) with the Sys::Syslog mod. I have looked at > mod_security, but that is a bit more than I was ready to implement > just yet. Does anyone else have any suggestions or experience with > this? I can think of three other options (and I wasn't aware mod_security would syslog stuff, so thanks!): - The apache logging directives does (at least did) take a | argument, so you could make a CustomLog that points at "| /usr/bin/logger" Oracle does this for a lot of if it's application servers that bundle apache. I can't vouch for performance. - Write logs to a fifo from apache, have a script read the fifo and spit out syslog. - Use splunk as a forwarder. In "lightweight forwarder" configs, splunk doesn't index anything so you can use the freely available version to do what you need regardless of the quantity of logs you plan on pushing (I'm not sure if a forwarder will speak splunk-ish XML-RPC, syslogish tcp, or what) Additionally, you could always just rsync the logs from @webservers to $wherever I would say that you might want to duplicate your logs to localhost in the first two examples, so you don't loose events from the webserver should your loghost go down or network blip. Splunk will queue up events if it can't forward things. HTH, -n -- ------------------------------------------- nathan hruby metaphysically wrinkle-free ------------------------------------------- From sage-members-owner@usenix.org Tue Jan 29 20:51:58 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U4pqiX009076 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 20:51:53 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U4pqvU009073 for sage-members-0utGoign; Tue, 29 Jan 2008 20:51:52 -0800 (PST) Received: from relay00.pair.com (relay00.pair.com [209.68.5.9]) by usenix.org (8.13.6/8.13.6) with SMTP id m0U4p5uB009005 for ; Tue, 29 Jan 2008 20:51:37 -0800 (PST) Received: (qmail 85954 invoked by uid 0); 30 Jan 2008 04:51:01 -0000 Received: from unknown (HELO ?66.119.212.42?) (unknown) by unknown with SMTP; 30 Jan 2008 04:51:01 -0000 X-pair-Authenticated: 66.119.212.42 Message-ID: <47A00233.1050601@deaddrop.org> Date: Tue, 29 Jan 2008 20:50:59 -0800 From: Lynda Organization: dig @localhost TXT CHAOS version.bind User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.11) Gecko/20050728 X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE Members Subject: Re: [SAGE] Does your wiring look like this? References: <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> <20080129173717.GT30566@zvr.gr> <479F71A9.40503@deaddrop.org> <6A170722-8711-4AB7-99A7-D83882283E71@ee.ryerson.ca> In-Reply-To: <6A170722-8711-4AB7-99A7-D83882283E71@ee.ryerson.ca> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=3% Sender: owner-sage-members@usenix.org Precedence: bulk David Magda wrote: > > On Jan 29, 2008, at 13:34, Lynda wrote: > >> IFF you live in a state where the mere possession of those tools is >> not illegal. There are more states with laws that pertain to this >> than you might think. I know you were mostly joking, of course. >> Before anyone says that it's part of the job if you're testing >> physical security as part of an audit, I'm going to tell you that >> the laws still apply (unless you are a locksmith). > > > Special tools are hardly necessary in many cases: do a search for > "bump key". Unless your lock is designed to resist this attack (and > most common ones are not), you can get by a lock with a minimal of fuss. The issue was not whether you could pick a lock, the issue was that offering to teach lock picking skills in a state where the possession of such tools was illegal might not be so helpful. I have lock picks; I have friends who've taught lock-picking at places like Defcon. I understand about bump keys. You seem to live in Canada (I say this because of your email address). It is illegal to own, or have in your possession, lock picks or slim jims unless you are a certified locksmith. I found out that I'd moved to a state with more draconian laws than the one I left when I ordered some from Think Geek, and they canceled the order and returned my money. -- The Consultant's Curse: When the customer has beaten upon you long enough, give him what he asks for, instead of what he needs. This is very strong medicine, and is normally only required once. From sage-members-owner@usenix.org Tue Jan 29 21:54:08 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U5rari011421 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Jan 2008 21:53:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U5rZWD011420 for sage-members-0utGoign; Tue, 29 Jan 2008 21:53:36 -0800 (PST) Received: from gwyn.tux.org (ident-user@gwyn.tux.org [207.172.156.132]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U5qtVR011394 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Tue, 29 Jan 2008 21:53:21 -0800 (PST) Received: from gwyn.tux.org (ident-user@localhost.localdomain [127.0.0.1]) by gwyn.tux.org (8.12.11/8.12.11) with ESMTP id m0U5qgtc025822; Wed, 30 Jan 2008 00:52:42 -0500 Received: (from jsdy@localhost) by gwyn.tux.org (8.12.11/8.12.11/Submit) id m0U5qgUF025821; Wed, 30 Jan 2008 00:52:42 -0500 Date: Wed, 30 Jan 2008 00:52:42 -0500 From: Joseph S D Yao To: Dan Rich Cc: Sage Members Subject: Re: [SAGE] Does your wiring look like this? Message-ID: <20080130005242.C9709@gwyn.tux.org> Mail-Followup-To: Dan Rich , Sage Members References: <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> <20080129140104.GA7759@watson-wilson.ca> <479F56F7.1030600@employees.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <479F56F7.1030600@employees.org>; from drich@employees.org on Tue, Jan 29, 2008 at 08:40:23AM -0800 X-Accepted-File-Formats: ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (gwyn.tux.org [0.0.0.0]); Wed, 30 Jan 2008 00:52:42 -0500 (EST) X-Virus-Scanned: ClamAV version 0.88.4, clamav-milter version 0.88.4 on gwyn.tux.org X-Virus-Status: Clean X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 29, 2008 at 08:40:23AM -0800, Dan Rich wrote: > Neil Watson wrote: > > On Tue, Jan 29, 2008 at 08:56:21AM -0500, John Stoffel wrote: > >> David> (Unless you've taken sailing lessons perhaps.) > > > > Or a roadie. > > Or anyone who has had to work with me backstage at a theatre. I'm a bit > militant about it (and I've trained several dozen people to do it the > "right way"^tm. Or someone who took Lifeguarding or was a Scout and paid attention [Brad, I'm sure it would come back to you quickly!], or was a conscientious firefighter, or ... or ... -- /*********************************************************************\ ** ** Joe Yao jsdy@tux.org - Joseph S. D. Yao ** \*********************************************************************/ From sage-members-owner@usenix.org Wed Jan 30 00:05:07 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U84sM1001917 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 00:04:54 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U84sYT001916 for sage-members-0utGoign; Wed, 30 Jan 2008 00:04:54 -0800 (PST) Received: from toq3-srv.bellnexxia.net (toq3.bellnexxia.net [209.226.175.16]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U84AWX001896 for ; Wed, 30 Jan 2008 00:04:36 -0800 (PST) Received: from toip5.srvr.bell.ca ([209.226.175.88]) by tomts5-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080130034203.HIUR17217.tomts5-srv.bellnexxia.net@toip5.srvr.bell.ca> for ; Tue, 29 Jan 2008 22:42:03 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAF6An0dMQR+t/2dsb2JhbAAIsAs Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip5.srvr.bell.ca with ESMTP; 29 Jan 2008 22:42:50 -0500 In-Reply-To: <20080129173717.GT30566@zvr.gr> References: <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> <20080129173717.GT30566@zvr.gr> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <73BDE9FA-C822-4EBB-ACA9-CF0588DE6A34@ee.ryerson.ca> Cc: Sage Members Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Does your wiring look like this? Date: Tue, 29 Jan 2008 22:42:02 -0500 To: Alexios Zavras X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=59% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 29, 2008, at 12:37, Alexios Zavras wrote: > David Blank-Edelman wrote [edited]: >> I also wonder, are there other transferable physical skills from >> people's other lives that could be taught there? > > lock picking (1/2 :-) To answer this non-serious message: there are hobbyist clubs where you can learn to do this. Of course you can just search for "bump key" and skip all the hard stuff. From sage-members-owner@usenix.org Wed Jan 30 00:16:30 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U8GTtD002514 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 00:16:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0U8GTPh002512 for sage-members-0utGoign; Wed, 30 Jan 2008 00:16:29 -0800 (PST) Received: from toq5-srv.bellnexxia.net (toq5.bellnexxia.net [209.226.175.27]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0U8FnMc002473 for ; Wed, 30 Jan 2008 00:16:14 -0800 (PST) Received: from toip5.srvr.bell.ca ([209.226.175.88]) by tomts13-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080130034545.TFBP22392.tomts13-srv.bellnexxia.net@toip5.srvr.bell.ca> for ; Tue, 29 Jan 2008 22:45:45 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAIuBn0dMQR+t/2dsb2JhbAAIsAg Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip5.srvr.bell.ca with ESMTP; 29 Jan 2008 22:46:31 -0500 In-Reply-To: <479F71A9.40503@deaddrop.org> References: <479A5B84.6020907@metro.dst.or.us> <18334.5148.824781.699654@stoffel.org> <18335.12421.957269.714465@stoffel.org> <20080129173717.GT30566@zvr.gr> <479F71A9.40503@deaddrop.org> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <6A170722-8711-4AB7-99A7-D83882283E71@ee.ryerson.ca> Cc: SAGE Members Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Does your wiring look like this? Date: Tue, 29 Jan 2008 22:45:43 -0500 To: Lynda X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=55% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 29, 2008, at 13:34, Lynda wrote: > IFF you live in a state where the mere possession of those tools is > not illegal. There are more states with laws that pertain to this > than you might think. I know you were mostly joking, of course. > Before anyone says that it's part of the job if you're testing > physical security as part of an audit, I'm going to tell you that > the laws still apply (unless you are a locksmith). Special tools are hardly necessary in many cases: do a search for "bump key". Unless your lock is designed to resist this attack (and most common ones are not), you can get by a lock with a minimal of fuss. From sage-members-owner@usenix.org Wed Jan 30 04:09:31 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UC9I3O009425 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 04:09:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UC9IOQ009423 for sage-members-0utGoign; Wed, 30 Jan 2008 04:09:18 -0800 (PST) Received: from relay00.pair.com (relay00.pair.com [209.68.5.9]) by usenix.org (8.13.6/8.13.6) with SMTP id m0UC8ara009394 for ; Wed, 30 Jan 2008 04:09:04 -0800 (PST) Received: (qmail 48966 invoked from network); 30 Jan 2008 12:08:33 -0000 Received: from unknown (HELO rhea.princeton.edu) (unknown) by unknown with SMTP; 30 Jan 2008 12:08:33 -0000 X-pair-Authenticated: 128.112.235.206 Date: Wed, 30 Jan 2008 07:08:33 -0500 From: "Jonathan S. Billings" To: Chris Nelson Cc: sage-members@sage.org Subject: Re: [SAGE] Apache access_log -> Syslog Message-ID: <20080130120833.GA28732@negate.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.17 (2007-11-01) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=2% Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 29, 2008 at 05:39:30PM -0600, Chris Nelson wrote: > I've been experimenting with feeding Apache access_log into Syslog > with little to no success. I have tried a perl script (found through > the grace of Google) with the Sys::Syslog mod. I have looked at > mod_security, but that is a bit more than I was ready to implement > just yet. Does anyone else have any suggestions or experience with > this? I started using syslog-ng at work, because it would preserve the name of the host when forwarding through an intermediate syslog-ng (on the head node of a cluster). It has the ability to watch arbitrary logfiles as well as the standard logging location. I use it to watch the output of a cluster filesystem log, which doesn't write logs to syslog. My only problem is that it reads in the entirety of the file when it starts up, so if it's forwarding, you'll suddenly get a lot of data. -- Jonathan Billings All seems condemned in the long run to approximate a state akin to Gaussian noise. -- James Martin From sage-members-owner@usenix.org Wed Jan 30 04:40:00 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UCdW7j010407 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 04:39:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UCdWkQ010406 for sage-members-0utGoign; Wed, 30 Jan 2008 04:39:32 -0800 (PST) Received: from g2.mental.com (root@entrance.mental.com [192.31.14.10]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UCcqMv010381 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 30 Jan 2008 04:39:18 -0800 (PST) Received: from mental.com (root@twen.mi [172.16.0.5]) by g2.mental.com (8.13.7/8.13.7/mental-071210) with ESMTP id m0UCceix019808 for ; Wed, 30 Jan 2008 13:38:40 +0100 (CET) Received: from mental.com (lobo@localhost [127.0.0.1]) by mental.com (8.13.7/8.13.7/mental-070305) with ESMTP id m0UCceeK018450 for ; Wed, 30 Jan 2008 13:38:40 +0100 (MET) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: sage-members@sage.org Subject: Re: [SAGE] Apache access_log -> Syslog In-reply-to: "Jonathan S. Billings"'s message of Wed, 30 Jan 2008 07:08:33 EST <20080130120833.GA28732@negate.org> Organization: mental images GmbH, Berlin, Germany Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 30 Jan 2008 13:38:40 +0100 Message-ID: <18449.1201696720@mental.com> From: Alexander Lobodzinski X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk () My only problem is that it reads in the entirety of the file when it () starts up, so if it's forwarding, you'll suddenly get a lot of data. logtail memorizes the point in the file it left off so you can fire it every minute and it just gives you the new lines. Ciao, Lobo From sage-members-owner@usenix.org Wed Jan 30 13:50:22 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0ULnwb6018327 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 13:49:58 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0ULnvof018324 for sage-members-0utGoign; Wed, 30 Jan 2008 13:49:57 -0800 (PST) Received: from mail.puryear-it.com (mail.puryear-it.com [68.224.217.79]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0ULn4Jt018200 for ; Wed, 30 Jan 2008 13:49:29 -0800 (PST) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.puryear-it.com (Postfix) with ESMTP id D069C8127 for ; Wed, 30 Jan 2008 15:48:58 -0600 (CST) X-Virus-Scanned: amavisd-new at puryear-it.com Received: from mail.puryear-it.com ([127.0.0.1]) by localhost (mail.puryear-it.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mfYJ+6asnobI for ; Wed, 30 Jan 2008 15:48:52 -0600 (CST) Received: from [192.168.222.102] (unknown [192.168.222.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.puryear-it.com (Postfix) with ESMTP id 6404E810D for ; Wed, 30 Jan 2008 15:48:52 -0600 (CST) Message-ID: <47A0F0C9.4050807@puryear-it.com> Date: Wed, 30 Jan 2008 15:48:57 -0600 From: Dustin Puryear Organization: Puryear IT, LLC User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071031 Thunderbird/2.0.0.9 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: sage-members@sage.org Subject: [SAGE] Programmers as.. sysadmins.. X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk I was having a conversation the other day with a friend that works for a decently sized software/services shop that works almost strictly for the government. They were looking for a Linux sysadmin (they only ever have one, even though they have quite a few Linux and Solaris servers). Generally their sysadmin helps manage the applications running on the servers, but a lot of the sysadmin work on the Linux and Solaris boxes (testing and production) are done by the programmers. I noted "Programmers make the worst sysadmins." He didn't quite get my meaning. So, my question: Have you found, in your experience, that programmers make bad sysadmins? I have. I'm not saying that all programmers are bad sysadmins, or that PAST programmers make bad CURRENT sysadmins, but that CURRENT programmers almost always make bad CURRENT sysadmins, even if small settings. Some reasons I've found this to be true: o programmers want to get the job done, and taking short-cuts on the server often comes into play. o programmers don't seem to get it when it comes to managing more than one box. o programmers treat a UNIX server like they treat their home Linux box. o etc. The thing is, I see this in A LOT of sites, although it tends to happen more often in smaller tech-focused companies. Thoughts? P.S. Yes, I know that "it depends on the person". I'm generalizing, but I'm also saying that my generalization tends to be correct on this point. ;) -- Puryear Information Technology, LLC Baton Rouge, LA * 225-706-8414 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices Identity Management, LDAP, and Linux Integration From sage-members-owner@usenix.org Wed Jan 30 14:04:37 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UM4aGN020012 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:04:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UM4a9h020011 for sage-members-0utGoign; Wed, 30 Jan 2008 14:04:36 -0800 (PST) Received: from foxengines.net (foxengines.net [69.5.8.162]) by usenix.org (8.13.6/8.13.6) with SMTP id m0UM4HQ9019991 for ; Wed, 30 Jan 2008 14:04:22 -0800 (PST) Received: (qmail 23557 invoked from network); 30 Jan 2008 21:57:36 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; h=X-Originating-IP:Date:From:X-X-Sender:Reply-To:To:cc:Subject:In-Reply-To:Message-ID:References:MIME-Version:Content-Type; s=default; d=richfox.org; b=mXea+hLKbxeTzoDXDB9dSfIqsgg9BTnyf1b5GeCIealjmBbFBSBLVEn/73n2VqiMt3ofL1h+N5UhjywXJ+wiD9YFgapi44UjREJqw5UU7JOLNGZgwDOFNqOXCmK+tdUBirZxpWgg/SlhgJ3f0NmmJbWZBj8M11/tl+ShDxZ9cuU=; X-Originating-IP: [75.67.148.163] Date: Wed, 30 Jan 2008 16:57:30 -0500 (EST) From: sage@richfox.org X-X-Sender: rfox@powerbook.localdomain Reply-To: sage@richfox.org To: Dustin Puryear cc: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. In-Reply-To: <47A0F0C9.4050807@puryear-it.com> Message-ID: References: <47A0F0C9.4050807@puryear-it.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Hi, I haven't seen very many good sysadmins. I haven't seen very many good programmers. Of those that I have seen, the good sysadmins were also good programmers. Rich. On Wed, 30 Jan 2008, Dustin Puryear wrote: > I was having a conversation the other day with a friend that works for a > decently sized software/services shop that works almost strictly for the > government. They were looking for a Linux sysadmin (they only ever have one, > even though they have quite a few Linux and Solaris servers). > > Generally their sysadmin helps manage the applications running on the > servers, but a lot of the sysadmin work on the Linux and Solaris boxes > (testing and production) are done by the programmers. > > I noted "Programmers make the worst sysadmins." He didn't quite get my > meaning. > > So, my question: Have you found, in your experience, that programmers make > bad sysadmins? I have. I'm not saying that all programmers are bad sysadmins, > or that PAST programmers make bad CURRENT sysadmins, but that CURRENT > programmers almost always make bad CURRENT sysadmins, even if small settings. > > Some reasons I've found this to be true: > > o programmers want to get the job done, and taking short-cuts on the server > often comes into play. > o programmers don't seem to get it when it comes to managing more than one > box. > o programmers treat a UNIX server like they treat their home Linux box. > o etc. > > The thing is, I see this in A LOT of sites, although it tends to happen more > often in smaller tech-focused companies. > > Thoughts? > > P.S. Yes, I know that "it depends on the person". I'm generalizing, but I'm > also saying that my generalization tends to be correct on this point. ;) > > -- From sage-members-owner@usenix.org Wed Jan 30 14:16:12 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMGCwt020694 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:16:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMGCEP020693 for sage-members-0utGoign; Wed, 30 Jan 2008 14:16:12 -0800 (PST) Received: from sj-iport-1.cisco.com (sj-iport-1-in.cisco.com [171.71.176.70]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMFVur020670 for ; Wed, 30 Jan 2008 14:15:58 -0800 (PST) Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-1.cisco.com with ESMTP; 30 Jan 2008 14:15:23 -0800 Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id m0UMF2Xh022982; Wed, 30 Jan 2008 14:15:02 -0800 Received: from [171.70.237.67] ([171.70.237.67]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id m0UMElAl004538; Wed, 30 Jan 2008 22:15:02 GMT Message-ID: <47A0F699.6080908@chycoski.com> Date: Wed, 30 Jan 2008 14:13:45 -0800 From: Richard Chycoski Reply-To: rskiadmin@chycoski.com User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Dustin Puryear CC: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> In-Reply-To: <47A0F0C9.4050807@puryear-it.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: sj-dkim-4; header.From=rskiadmin@chycoski.com; dkim=neutral X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk In my experience many (if not most) really good programmers can be really good sysadmins. Good programmers need a lot of the same good judgment required to be a good sysadmin (think about scaling, interoperation, don't touch it if you don't understand what you're doing...) The problem is, there aren't a lot of *really* good programmers out there. They especially do not follow that last rule "don't touch it if you don't understand what you're doing". There are lots of coders and hackers masquerading as programmers, and letting them near 'root' can be a disaster. So, I agree that your observation is correct - most of the 'programmers' that you find make really poor sysadmins. It may not say a lot about their programming abilities, either! There are enough small shops that have really poor sysadmins, too. I've had to help clean up after some of them... - Richard Dustin Puryear wrote: > I was having a conversation the other day with a friend that works for a > decently sized software/services shop that works almost strictly for the > government. They were looking for a Linux sysadmin (they only ever have > one, even though they have quite a few Linux and Solaris servers). > > Generally their sysadmin helps manage the applications running on the > servers, but a lot of the sysadmin work on the Linux and Solaris boxes > (testing and production) are done by the programmers. > > I noted "Programmers make the worst sysadmins." He didn't quite get my > meaning. > > So, my question: Have you found, in your experience, that programmers > make bad sysadmins? I have. I'm not saying that all programmers are bad > sysadmins, or that PAST programmers make bad CURRENT sysadmins, but that > CURRENT programmers almost always make bad CURRENT sysadmins, even if > small settings. > > Some reasons I've found this to be true: > > o programmers want to get the job done, and taking short-cuts on the > server often comes into play. > o programmers don't seem to get it when it comes to managing more than > one box. > o programmers treat a UNIX server like they treat their home Linux box. > o etc. > > The thing is, I see this in A LOT of sites, although it tends to happen > more often in smaller tech-focused companies. > > Thoughts? > > P.S. Yes, I know that "it depends on the person". I'm generalizing, but > I'm also saying that my generalization tends to be correct on this > point. ;) > From sage-members-owner@usenix.org Wed Jan 30 14:16:45 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMGiwh020793 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:16:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMGi9A020792 for sage-members-0utGoign; Wed, 30 Jan 2008 14:16:44 -0800 (PST) Received: from bzz.taranis.org (bzz.taranis.org [38.112.190.19]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMFxeC020686 for ; Wed, 30 Jan 2008 14:16:24 -0800 (PST) Received: by bzz.taranis.org (Postfix, from userid 100) id C0DCA555C; Wed, 30 Jan 2008 17:15:58 -0500 (EST) Date: Wed, 30 Jan 2008 17:15:58 -0500 From: Christophe Kalt To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. Message-ID: <20080130221558.GA17131@bzz.taranis.org> Mail-Followup-To: sage-members@sage.org References: <47A0F0C9.4050807@puryear-it.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47A0F0C9.4050807@puryear-it.com> User-Agent: Mutt/1.4.2.1i X-Spring: flower X-Message-Flag: Outlook is a highly efficient virus delivery agent. X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk i think the problem is more of clear job responsability. Either you're a programmer, or a sysadmin. People who are trying to be both usually think of one of their responsability as primary, and the other one suffers from this. I think that most of what you've seen are probably cases of programmers having to do some SA work because they have the skills and someone need to get the job done. From sage-members-owner@usenix.org Wed Jan 30 14:17:41 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMHShv020972 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:17:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMHSKt020971 for sage-members-0utGoign; Wed, 30 Jan 2008 14:17:28 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.234]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMGZF3020747 for ; Wed, 30 Jan 2008 14:17:01 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c49so424112wra.1 for ; Wed, 30 Jan 2008 14:16:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=o4qqlUsg1n2BvESu/zro0XTRzemW9D+Hx4s5hkljWWU=; b=NOrhyQfHbzzojMQz3sxIF6iM+K8uwFYogKZCqZPuRM1Ag475piGhO3GI2MijOqgfmHkwGnSv2nvTbVV6D690IZHfdNcGEdB5FNHFXiVQKcGTVr+W8RJsfcpGX+IAeSpwiCV9kG0hwASY4mUkYoEo0pgE6MY1+ObsHgR+C+z1nss= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=gZoHa2+Ypd1pltUq56MF7jN8jYmunE7X678DJq4OaO3KthZIz+lSscmLbHLxyYL2tZvw0xe8YomBh3fp7QlHDu5fI7XS+kbbywTTLFZay1y51CyYEe7k67c/D0Rw3b5fYHtF8o8WvXjQN8v5TwSKKx9BdIFtcKXECOQz5kmblZ8= Received: by 10.150.204.19 with SMTP id b19mr333741ybg.35.1201731389671; Wed, 30 Jan 2008 14:16:29 -0800 (PST) Received: by 10.150.202.15 with HTTP; Wed, 30 Jan 2008 14:16:29 -0800 (PST) Message-ID: <42338fbf0801301416w45a5bbf6w8fc6fbcd96dbbec5@mail.gmail.com> Date: Wed, 30 Jan 2008 17:16:29 -0500 From: "Dustin J. Mitchell" To: "Dustin Puryear" Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: sage-members@sage.org In-Reply-To: <47A0F0C9.4050807@puryear-it.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47A0F0C9.4050807@puryear-it.com> X-Google-Sender-Auth: e887754a63a59541 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=9% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, 2008 4:48 PM, Dustin Puryear wrote: > So, my question: Have you found, in your experience, that programmers > make bad sysadmins? I have. I'm not saying that all programmers are bad > sysadmins, or that PAST programmers make bad CURRENT sysadmins, but that > CURRENT programmers almost always make bad CURRENT sysadmins, even if > small settings. Short answer: yes. And I agree completely with your reasons. I've been all over this particular map -- at different companies I've been 100% sysadmin, 100% programmer, and 50/50 -- so I've puzzled over this myself for some time. I would add, as a corollary, that sysadmins don't tend to make very good programmers. Code from admins tends to be of the get-it-done variety, without much concern for things like maintainability, portability, or configurability. It cuts boths ways. Like Dustin, I'm over-generalizing here. ISTM that both disciplines are solving the same kinds of problems -- managing an incomprehensibly complex system through many layers of abstraction, automation, and analysis. I think that the conflict comes when someone in one field doesn't have the perspective to see the problems in the other field in this light. A programmer doesn't want to install the latest version of that package on every machine enterprise-wide, but just on his desktop, so configure/make/make install works fine for him. Similarly, a sysadmin doesn't need her bash script to run under SunOS 2.7's shell, so there's no reason to sweat shell-portability issues. Dustin -- Storage Software Engineer http://www.zmanda.com From sage-members-owner@usenix.org Wed Jan 30 14:19:11 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMJA33021384 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:19:11 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMJAZe021381 for sage-members-0utGoign; Wed, 30 Jan 2008 14:19:10 -0800 (PST) Received: from mycroft.greatcircle.com (mycroft-eth0.greatcircle.com [198.102.244.2]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMIQaW021195 for ; Wed, 30 Jan 2008 14:18:52 -0800 (PST) Received: from [::?????IPv6:::1] (localhost [127.0.0.1]) by mycroft.greatcircle.com (Postfix) with ESMTP id B21834B0054; Wed, 30 Jan 2008 14:18:26 -0800 (PST) In-Reply-To: <47A0F0C9.4050807@puryear-it.com> References: <47A0F0C9.4050807@puryear-it.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <4B510B44-50D7-4BA4-BAA8-C29BEFD578B4@greatcircle.com> Cc: sage-members@sage.org Content-Transfer-Encoding: 7bit From: Elizabeth Zwicky Subject: Re: [SAGE] Programmers as.. sysadmins.. Date: Wed, 30 Jan 2008 14:18:24 -0800 To: Dustin Puryear X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, 2008, at 1:48 PM, Dustin Puryear wrote: > > P.S. Yes, I know that "it depends on the person". I'm generalizing, > but I'm also saying that my generalization tends to be correct on > this point. ;) As far as I can tell, it doesn't depend on the person so much as it depends on the situation. I am capable of being a great sysadmin. Currently I am paid to program. Also, I do some sysadmin, on the side. Oh, I am so, so bad at it. (Hey, wanna come run our computers? Please?) Why am I bad it? If I have to touch a machine, I have to page in whole piles of stuff I don't normally think about. My brain is already full. And if I have to update a software package? Oh, just shoot me now. Read a syslog? Crap, has it been doing that for long? As long as I have logs for... say who set up this log rotation anyway? It doesn't help that the answer is never "I did!" I totally get it. I just don't have the cycles to do it. And if I make the cycles, that will use up brain cells I need for my real job, the one they're not going to hire somebody else to do shortly, the one I need to be good at. So yeah, pay me to program or pay me to administer systems. You could even pay me to administer systems and write relevant programs. But if you're paying me to program something else, I will either be a lousy sysadmin, or I will be a lousy programmer (and then you will fire me, so where's the joy in that?) or I will grow a new head. And I've never succeeded with the two heads thing. Elizabeth zwicky@otoh.org P.S. Did I mention we have an open position for a sysadmin at $WORK? From sage-members-owner@usenix.org Wed Jan 30 14:24:31 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMOUvJ022097 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:24:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMOU92022096 for sage-members-0utGoign; Wed, 30 Jan 2008 14:24:30 -0800 (PST) Received: from sj-iport-3.cisco.com (sj-iport-3-in.cisco.com [171.71.176.72]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMONTT022087 for ; Wed, 30 Jan 2008 14:24:29 -0800 (PST) Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-3.cisco.com with ESMTP; 30 Jan 2008 14:16:31 -0800 Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id m0UMGV6P025556; Wed, 30 Jan 2008 14:16:31 -0800 Received: from [171.70.237.67] ([171.70.237.67]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id m0UMGBAl005642; Wed, 30 Jan 2008 22:16:27 GMT Message-ID: <47A0F6ED.5030804@chycoski.com> Date: Wed, 30 Jan 2008 14:15:09 -0800 From: Richard Chycoski Reply-To: rskiadmin@chycoski.com User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: sage@richfox.org CC: Dustin Puryear , sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: sj-dkim-4; header.From=rskiadmin@chycoski.com; dkim=neutral X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk I have met a couple of good sysadmins who were not good programmers, but only because they hadn't tackled that field yet. They were certainly had the right underlying skills to become very good programmers. - Richard sage@richfox.org wrote: > Hi, > > I haven't seen very many good sysadmins. > I haven't seen very many good programmers. > Of those that I have seen, the good sysadmins were also good programmers. > > Rich. > > On Wed, 30 Jan 2008, Dustin Puryear wrote: > >> I was having a conversation the other day with a friend that works for >> a decently sized software/services shop that works almost strictly for >> the government. They were looking for a Linux sysadmin (they only ever >> have one, even though they have quite a few Linux and Solaris servers). >> >> Generally their sysadmin helps manage the applications running on the >> servers, but a lot of the sysadmin work on the Linux and Solaris boxes >> (testing and production) are done by the programmers. >> >> I noted "Programmers make the worst sysadmins." He didn't quite get my >> meaning. >> >> So, my question: Have you found, in your experience, that programmers >> make bad sysadmins? I have. I'm not saying that all programmers are >> bad sysadmins, or that PAST programmers make bad CURRENT sysadmins, >> but that CURRENT programmers almost always make bad CURRENT sysadmins, >> even if small settings. >> >> Some reasons I've found this to be true: >> >> o programmers want to get the job done, and taking short-cuts on the >> server often comes into play. >> o programmers don't seem to get it when it comes to managing more than >> one box. >> o programmers treat a UNIX server like they treat their home Linux box. >> o etc. >> >> The thing is, I see this in A LOT of sites, although it tends to >> happen more often in smaller tech-focused companies. >> >> Thoughts? >> >> P.S. Yes, I know that "it depends on the person". I'm generalizing, >> but I'm also saying that my generalization tends to be correct on this >> point. ;) >> >> > From sage-members-owner@usenix.org Wed Jan 30 14:29:14 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMSccP022624 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:28:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMScmw022623 for sage-members-0utGoign; Wed, 30 Jan 2008 14:28:38 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.239]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMRYm3022527 for ; Wed, 30 Jan 2008 14:27:59 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so545182wxc.26 for ; Wed, 30 Jan 2008 14:27:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=E5RCXwBJRnDqmSEwgSpn9uh4dN1yYK3a2UwdZ2VNIII=; b=f2BvKZR9T/V1X2ndXMZOBJnILhmK71AhnYHZJjoJrAFTwEXyGqf84r/5irMcL2nfMHvfy6YfvnG5horGU63uw/WEbgNOfaAEeIbo/i294UbTIIjkX3bI/5d92lqJv0z1h9Vr7jQOqk83/75rsX9Xo/2XSOlMNLYHSUqzJTD4ScA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=GjgvAC2PYCG6edIy2NaGS6NNfgkxyAUCkx85eOIJfgWYL9uHS1WI4Qw+eRV4lKxTzCT98UufyoT3Dk2v60jkqXU7DdBt1FTrrFxhlbGH++MXehn3BY633W5Z7iisfDOyKjOWvH4t2K7HnJMx8SE1zFZToJHfdlxilt5V8m1BVls= Received: by 10.142.48.14 with SMTP id v14mr786524wfv.14.1201732049427; Wed, 30 Jan 2008 14:27:29 -0800 (PST) Received: by 10.142.89.12 with HTTP; Wed, 30 Jan 2008 14:27:29 -0800 (PST) Message-ID: <72aff9060801301427p6ae047a3rdde62707289f6b92@mail.gmail.com> Date: Wed, 30 Jan 2008 14:27:29 -0800 From: "Sean Ellis" Reply-To: sellis@totallygeek.com To: "Dustin Puryear" Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: sage-members@sage.org In-Reply-To: <47A0F0C9.4050807@puryear-it.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47A0F0C9.4050807@puryear-it.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Comments inline. On Jan 30, 2008 1:48 PM, Dustin Puryear wrote: > I was having a conversation the other day with a friend that works for a > decently sized software/services shop that works almost strictly for the > government. They were looking for a Linux sysadmin (they only ever have > one, even though they have quite a few Linux and Solaris servers). > > Generally their sysadmin helps manage the applications running on the > servers, but a lot of the sysadmin work on the Linux and Solaris boxes > (testing and production) are done by the programmers. > > I noted "Programmers make the worst sysadmins." He didn't quite get my > meaning. > I would say that programmers should be programmers, but decent admins should have a fair amount of programming in their past. > So, my question: Have you found, in your experience, that programmers > make bad sysadmins? I have. I'm not saying that all programmers are bad > sysadmins, or that PAST programmers make bad CURRENT sysadmins, but that > CURRENT programmers almost always make bad CURRENT sysadmins, even if > small settings. > > Some reasons I've found this to be true: > > o programmers want to get the job done, and taking short-cuts on the > server often comes into play. There are bad admins on both sides of the programmer/non-programmer fence on this one. Those guys are out the door quickly in most production environments. > o programmers don't seem to get it when it comes to managing more than > one box. I find just the opposite. In my experience, some code will be put in to do what most admins will perform over and over and over and over (and over)^n again. I tend to work better with admins that will implement code solutions than those that will out-type the rest of us. Perhaps it is just the groups I have been with, but admins with coding backgrounds tend to be better at commenting solutions, developing a plan of attack, and maintaining configuration revisions than others. > o programmers treat a UNIX server like they treat their home Linux box. You mean with a decent amount of respect? ;) > o etc. > > The thing is, I see this in A LOT of sites, although it tends to happen > more often in smaller tech-focused companies. > > Thoughts? > > P.S. Yes, I know that "it depends on the person". I'm generalizing, but > I'm also saying that my generalization tends to be correct on this point. ;) > > -- > Puryear Information Technology, LLC > Baton Rouge, LA * 225-706-8414 > http://www.puryear-it.com > > Author, "Best Practices for Managing Linux and UNIX Servers" > http://www.puryear-it.com/pubs/linux-unix-best-practices > > Identity Management, LDAP, and Linux Integration > From sage-members-owner@usenix.org Wed Jan 30 14:37:25 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMbLUn023354 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:37:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMbLR9023353 for sage-members-0utGoign; Wed, 30 Jan 2008 14:37:21 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMbIpA023340 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:37:19 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMbIdT023339 for sage-members@usenix.org; Wed, 30 Jan 2008 14:37:18 -0800 (PST) Received: from s200aog12.obsmtp.com (s200aog12.obsmtp.com [207.126.144.126]) by usenix.org (8.13.6/8.13.6) with SMTP id m0UMQqX8022379 for ; Wed, 30 Jan 2008 14:27:22 -0800 (PST) Received: from source ([72.14.204.235]) by eu1sys200aob012.postini.com ([207.126.147.11]) with SMTP; Wed, 30 Jan 2008 22:26:45 UTC Received: by qb-out-0506.google.com with SMTP id d8so463454qbc.3 for ; Wed, 30 Jan 2008 14:26:45 -0800 (PST) Received: by 10.142.191.2 with SMTP id o2mr752086wff.209.1201732001319; Wed, 30 Jan 2008 14:26:41 -0800 (PST) Received: by 10.143.38.10 with HTTP; Wed, 30 Jan 2008 14:26:41 -0800 (PST) Message-ID: <21606dcf0801301426q4738b6c8qa1cc078369a13c8d@mail.gmail.com> Date: Wed, 30 Jan 2008 23:26:41 +0100 From: "Sam Johnston" To: "Christophe Kalt" Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: sage-members@sage.org In-Reply-To: <20080130221558.GA17131@bzz.taranis.org> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_25226_2473798.1201732001314" References: <47A0F0C9.4050807@puryear-it.com> <20080130221558.GA17131@bzz.taranis.org> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=71% Sender: owner-sage-members@usenix.org Precedence: bulk ------=_Part_25226_2473798.1201732001314 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Jan 30, 2008 11:15 PM, Christophe Kalt wrote: > i think the problem is more of clear job responsability. > > Either you're a programmer, or a sysadmin. > People who are trying to be both usually think of one of > their responsability as primary, and the other one suffers > from this. I think that most of what you've seen are > probably cases of programmers having to do some SA work > because they have the skills and someone need to get the job > done. > Let's not forget that there can be conflicting priorities for the two roles as well - a quick and dirty apache installation for development does not make for a stable production service for example, and a 'one off' library installation to satisfy a linker error does not make for easy change management. Conversely, a stripped back SOE can be great for availability and manageability but a world of hurt for a programmer. Sam ------=_Part_25226_2473798.1201732001314 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On Jan 30, 2008 11:15 PM, Christophe Kalt <sage-members@klb.taranis.org> wrote:
i think the problem is more of clear job responsability.

Either you're a programmer, or a sysadmin.
People who are trying to be both usually think of one of
their responsability as primary, and the other one suffers
from this.  I think that most of what you've seen are
probably cases of programmers having to do some SA work
because they have the skills and someone need to get the job
done.

Let's not forget that there can be conflicting priorities for the two roles as well - a quick and dirty apache installation for development does not make for a stable production service for example, and a 'one off' library installation to satisfy a linker error does not make for easy change management. Conversely, a stripped back SOE can be great for availability and manageability but a world of hurt for a programmer.

Sam

------=_Part_25226_2473798.1201732001314-- From sage-members-owner@usenix.org Wed Jan 30 14:41:29 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMfR6h023868 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:41:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMfRAF023867 for sage-members-0utGoign; Wed, 30 Jan 2008 14:41:27 -0800 (PST) Received: from scudder.smxy.org (scudder.smxy.org [64.32.179.42]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMehEN023818 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:41:13 -0800 (PST) Received: from Shaun-T-Ericksons-Computer.local (65-78-67-213.c3-0.eas-ubr1.atw-eas.pa.cable.rcn.com [65.78.67.213]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: ste) by scudder.smxy.org (Postfix) with ESMTP id 8A853F5C7 for ; Wed, 30 Jan 2008 17:15:06 -0500 (EST) Message-ID: <47A0F6EA.1040606@smxy.org> Date: Wed, 30 Jan 2008 17:15:06 -0500 From: "Shaun T. Erickson" Reply-To: ste@smxy.org Organization: Smxy - four cats who rule (my heart)! User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk sage@richfox.org wrote: > Hi, > > I haven't seen very many good sysadmins. > I haven't seen very many good programmers. > Of those that I have seen, the good sysadmins were also good programmers. So, are you saying that sysadmins who are not programmers are not good sysadmins? -ste From sage-members-owner@usenix.org Wed Jan 30 14:47:45 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMljcm024382 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 14:47:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UMliwu024381 for sage-members-0utGoign; Wed, 30 Jan 2008 14:47:45 -0800 (PST) Received: from will.to (mailman.will.to [68.164.136.125]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UMl4o2024336 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 30 Jan 2008 14:47:30 -0800 (PST) Received: from [149.77.33.118] (pants.nyc.deshaw.com [149.77.33.118]) (authenticated bits=0) by will.to (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id m0UMkr0w015617 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 30 Jan 2008 17:46:53 -0500 Message-ID: <47A0FE5C.30609@will.to> Date: Wed, 30 Jan 2008 17:46:52 -0500 From: Doug Hughes User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: sage@richfox.org CC: Dustin Puryear , sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0rc3 (will.to [68.164.136.125]); Wed, 30 Jan 2008 17:46:53 -0500 (EST) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk sage@richfox.org wrote: > Hi, > > I haven't seen very many good sysadmins. > I haven't seen very many good programmers. > Of those that I have seen, the good sysadmins were also good programmers. Ok, but point 3 doesn't necessarily imply that the converse is true. Is it in your observation/experience? I've seen good sysadmins that were bad programmers, good sysadmins that were good programmers, good programmers that were good sysadmins and good programmers that were bad sysadmins. The most common intersection is good at one and mediocre at the other; not for lack of intelligence, but for lack of practice and thinking about things in the right way). Remember, it takes many years to be an expert in a field (the common wisdom is 5-10) From sage-members-owner@usenix.org Wed Jan 30 15:31:36 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNV3wR026214 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 15:31:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UNV2l7026213 for sage-members-0utGoign; Wed, 30 Jan 2008 15:31:03 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.230]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNUIWu026190 for ; Wed, 30 Jan 2008 15:30:48 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c49so462802wra.1 for ; Wed, 30 Jan 2008 15:30:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=9OCG98exHGVdLwRWwqj227RLRmHuAvlYibN8fX9FpBE=; b=KA3nJkAZJC7L+fxSDvz/n+CYf6Vzoqc81PSP6SVf/F/lto39sUP1pkYOGS8k3gduqDrtxYZGGQcGGnKqNHQbrQulW/ahCPOr504KaxUJQ7E4Mpz4iYdlRavHLT0CJYukXxFRgpa5+o7LO2QVBwurcs+IU0uG/Lj/ooNodnRKu+8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=h1neAu4ih/r8KtaUDv5qNFNyPEyhe5WGP/8haAE6DSwYeiRF2H+KbbVQRmYfsY7vN2INvC0q+WrGJJRC9tL/dVKJovAL6QxsSuxgZrweBI5hsjo7nJrWz9XnxIRPoBSFcuk0Zs1iPH3dlpKhf5hk0eivK8BWOYY0OieKHLUv7Bo= Received: by 10.142.242.8 with SMTP id p8mr794352wfh.232.1201735446639; Wed, 30 Jan 2008 15:24:06 -0800 (PST) Received: by 10.142.87.9 with HTTP; Wed, 30 Jan 2008 15:24:06 -0800 (PST) Message-ID: Date: Wed, 30 Jan 2008 15:24:06 -0800 From: "Kurt Buff" To: "Elizabeth Zwicky" Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: "Dustin Puryear" , sage-members@sage.org In-Reply-To: <4B510B44-50D7-4BA4-BAA8-C29BEFD578B4@greatcircle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47A0F0C9.4050807@puryear-it.com> <4B510B44-50D7-4BA4-BAA8-C29BEFD578B4@greatcircle.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, 2008 2:18 PM, Elizabeth Zwicky wrote: > > On Jan 30, 2008, at 1:48 PM, Dustin Puryear wrote: > > > > P.S. Yes, I know that "it depends on the person". I'm generalizing, > > but I'm also saying that my generalization tends to be correct on > > this point. ;) > > As far as I can tell, it doesn't depend on the person so much as it > depends on the situation. > I am capable of being a great sysadmin. Currently I am paid to > program. Also, I do some > sysadmin, on the side. Oh, I am so, so bad at it. (Hey, wanna come > run our computers? Please?) > > Why am I bad it? If I have to touch a machine, I have to page in > whole piles of stuff I don't > normally think about. My brain is already full. And if I have to > update a software package? > Oh, just shoot me now. Read a syslog? Crap, has it been doing that > for long? As long as I > have logs for... say who set up this log rotation anyway? It doesn't > help that the answer is > never "I did!" > > I totally get it. I just don't have the cycles to do it. And if I > make the cycles, that will use up > brain cells I need for my real job, the one they're not going to hire > somebody else to > do shortly, the one I need to be good at. > > So yeah, pay me to program or pay me to administer systems. You could > even pay me > to administer systems and write relevant programs. But if you're > paying me to program > something else, I will either be a lousy sysadmin, or I will be a > lousy programmer (and > then you will fire me, so where's the joy in that?) or I will grow a > new head. And I've > never succeeded with the two heads thing. > > Elizabeth > zwicky@otoh.org > > P.S. Did I mention we have an open position for a sysadmin at $WORK? Heh. $GEOGRAPHICLOCATION and $RANGEOFPAY? Kidding aside, I believe you are quite correct. Doing two things at once usually means you do both poorly. Multitasking is broken in humans. Kurt From sage-members-owner@usenix.org Wed Jan 30 15:39:00 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNctcd026809 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 15:38:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UNcsoN026808 for sage-members-0utGoign; Wed, 30 Jan 2008 15:38:55 -0800 (PST) Received: from lon-mail-3.gradwell.net (lon-mail-3.gradwell.net [193.111.201.127]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNcZpU026771 for ; Wed, 30 Jan 2008 15:38:40 -0800 (PST) Received: from 80-195-11-239.cable.ubr05.haye.blueyonder.co.uk ([80.195.11.239] helo=[192.168.0.51] country=GB ident=postmaster&pop3#redigloo$org) by lon-mail-3.gradwell.net with esmtpa (Gradwell gwh-smtpd 1.283) id 47a108b2.14470.17; Wed, 30 Jan 2008 23:30:58 +0000 (envelope-sender ) Message-ID: <47A108B1.9070304@redigloo.org> Date: Wed, 30 Jan 2008 23:30:57 +0000 From: Jonathan Crompton User-Agent: Thunderbird 1.5.0.14pre (X11/20071022) MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> In-Reply-To: <47A0F0C9.4050807@puryear-it.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=37% Sender: owner-sage-members@usenix.org Precedence: bulk Dustin Puryear wrote: > So, my question: Have you found, in your experience, that programmers > make bad sysadmins? I have. I'm not saying that all programmers are bad > sysadmins, or that PAST programmers make bad CURRENT sysadmins, but that > CURRENT programmers almost always make bad CURRENT sysadmins, even if > small settings. I think programmers and sys admins have very similar skill sets but slightly different personality traits. Both need to be able to abstract problems, express concepts in code, and debug the broken. But a sys admin is happier in an interrupt driven environment keeping several balls in the air, whereas a programmer tends to be serially monogamous with their projects. That said, I'm from the old school and think programmers need to understand what their code is doing to the operating environment, and admins need to be able to code the repetitive. Jonathan, sysadmin (My other half's a programmer) From sage-members-owner@usenix.org Wed Jan 30 15:47:28 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNkhCR027499 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 15:47:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UNkhTG027494 for sage-members-0utGoign; Wed, 30 Jan 2008 15:46:43 -0800 (PST) Received: from mail.frii.com (phobos04.frii.com [216.17.128.164]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNjpSB027466 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 15:46:17 -0800 (PST) Received: from [10.10.130.4] (fw01-e3.ftc.frii.net [216.17.230.109]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.frii.com (FRII) with ESMTP id 3F8156786A; Wed, 30 Jan 2008 16:45:46 -0700 (MST) In-Reply-To: <47A0F0C9.4050807@puryear-it.com> References: <47A0F0C9.4050807@puryear-it.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <2C21E25B-EE73-4CD0-A230-7F7ACD86BE02@frii.com> Cc: sage-members@sage.org Content-Transfer-Encoding: 7bit From: Neil Neely Subject: Re: [SAGE] Programmers as.. sysadmins.. Date: Wed, 30 Jan 2008 16:44:44 -0700 To: Dustin Puryear X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, 2008, at 2:48 PM, Dustin Puryear wrote: > > So, my question: Have you found, in your experience, that > programmers make bad sysadmins? I have. I'm not saying that all > programmers are bad sysadmins, or that PAST programmers make bad > CURRENT sysadmins, but that CURRENT programmers almost always make > bad CURRENT sysadmins, even if small settings. > I believe you are talking about "Application Programmers", and I expect your generalization is fairly true most of the time. System programming is a very different animal and it has a lot more in common with System Administration than Application Programming. In my experience the line between a great system administrator and a great system programmer is very blurry. I've met plenty of good sysadmins who couldn't program very well - its my opinion that the lack of programming skill is the line that is keeping them from being great. Of course there are probably exceptions I haven't met and I don't mean to offend anyone here, this is just a generalization. I'm a big fan of the SAGE job description, and it has this one in it: From Level IV: Senior System Administrator (http://www.sage.org/ field/jobs-descriptions.html) * Ability to program in an administrative language (Tk, Perl, VBScript, a shell), to port C programs from one platform to another, and to write small C or C# programs. Doesn't mean you need to be an application developer, but it really does mean that the skill is usually important at the top of our profession. Neil Neely From sage-members-owner@usenix.org Wed Jan 30 15:58:18 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNwIeL028092 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 15:58:18 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0UNwIU0028090 for sage-members-0utGoign; Wed, 30 Jan 2008 15:58:18 -0800 (PST) Received: from mailhost2.vuse.vanderbilt.edu (mailhost2.vuse.vanderbilt.edu [129.59.90.17]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0UNvxkQ028079 for ; Wed, 30 Jan 2008 15:58:04 -0800 (PST) Received: from jekyll.vuse.vanderbilt.edu (jekyll.vuse.vanderbilt.edu [129.59.88.108]) by mailhost2.vuse.vanderbilt.edu (8.14.2/8.14.2/VUSE-2.4.1) with SMTP id m0UNpdiJ007341 for ; Wed, 30 Jan 2008 17:51:40 -0600 (CST) Message-Id: <200801302351.m0UNpdiJ007341@mailhost2.vuse.vanderbilt.edu> Date: Wed, 30 Jan 2008 17:51:04 -0600 (CST) From: "David R. Linn" Reply-To: "David R. Linn" Subject: Re: [SAGE] Programmers as.. sysadmins.. To: sage-members@sage.org MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: SWLcVOp6iOEGD7wLPg/6IA== X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.6.2 SunOS 5.10 sun4u sparc X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk >> Date: Wed, 30 Jan 2008 23:30:57 +0000 >> From: Jonathan Crompton >> >> Dustin Puryear wrote: >> >> > So, my question: Have you found, in your experience, that programmers >> > make bad sysadmins? I have. I'm not saying that all programmers are bad >> > sysadmins, or that PAST programmers make bad CURRENT sysadmins, but that >> > CURRENT programmers almost always make bad CURRENT sysadmins, even if >> > small settings. >> >> I think programmers and sys admins have very similar skill sets but >> slightly different personality traits. *I* think that programmer and sysfolk have very similar skill sets but *express* slightly different personality traits. Once I was a user, then I was a programmer, then a system programmer (how *'bout* that LISP interpreter?) and then, in self-defense, a system manager (as the role was called in the local parlance). In many contexts, I still "program" but now the "objects" of my language of expression are systems (hardware and software) and processes (real-world, well, EDU, not "programs in executions). From sage-members-owner@usenix.org Wed Jan 30 16:06:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V06lPF028596 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 16:06:48 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V06l1M028595 for sage-members-0utGoign; Wed, 30 Jan 2008 16:06:47 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.231]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V065ml028548 for ; Wed, 30 Jan 2008 16:06:31 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so586760wxc.26 for ; Wed, 30 Jan 2008 16:05:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=59D/CYIcHezvaPOvc1AvEFLOTr1WsycrB8tgqKD8Y8o=; b=a4eSkpZuxsTRTy+G+KZi4kcrBI3gNeN/jTf8j0g8kBESfNsMZIkobOTZ4lu72ihUYCgy0BO7wMX3F+YMj18NKnCO8398Y+3AlqOGsVaZnZH6b7YFipekmiywEIrEaM83stiFPbhng7zSauCUIP9zr7+eu+cMVTAkGt8wqgrKjiE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=LsPgeU9+bBk+f84ezajXI6WDI6DKjDeQcu+RSTXu/YYwubMfPPUfvpSOnnApitYftr+aYTF6Om49yNv+RBxecdHNm/LpxfijkhH6z1AMorkXadf55XOwi58tNfMN/gkXwq+ynw6dRsBbGVC4cQ8l0wdA8G/EBtmXF9yJ+0BoGdg= Received: by 10.142.142.16 with SMTP id p16mr830696wfd.119.1201737533663; Wed, 30 Jan 2008 15:58:53 -0800 (PST) Received: by 10.142.89.12 with HTTP; Wed, 30 Jan 2008 15:58:53 -0800 (PST) Message-ID: <72aff9060801301558q4bf10511y9569b78d8e81abc2@mail.gmail.com> Date: Wed, 30 Jan 2008 15:58:53 -0800 From: "Sean Ellis" Reply-To: sellis@totallygeek.com To: "Kurt Buff" Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: "Elizabeth Zwicky" , "Dustin Puryear" , sage-members@sage.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47A0F0C9.4050807@puryear-it.com> <4B510B44-50D7-4BA4-BAA8-C29BEFD578B4@greatcircle.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Yes, but we can task switch just fine.... On Jan 30, 2008 3:24 PM, Kurt Buff wrote: > On Jan 30, 2008 2:18 PM, Elizabeth Zwicky wrote: > > > > On Jan 30, 2008, at 1:48 PM, Dustin Puryear wrote: > > > > > > P.S. Yes, I know that "it depends on the person". I'm generalizing, > > > but I'm also saying that my generalization tends to be correct on > > > this point. ;) > > > > As far as I can tell, it doesn't depend on the person so much as it > > depends on the situation. > > I am capable of being a great sysadmin. Currently I am paid to > > program. Also, I do some > > sysadmin, on the side. Oh, I am so, so bad at it. (Hey, wanna come > > run our computers? Please?) > > > > Why am I bad it? If I have to touch a machine, I have to page in > > whole piles of stuff I don't > > normally think about. My brain is already full. And if I have to > > update a software package? > > Oh, just shoot me now. Read a syslog? Crap, has it been doing that > > for long? As long as I > > have logs for... say who set up this log rotation anyway? It doesn't > > help that the answer is > > never "I did!" > > > > I totally get it. I just don't have the cycles to do it. And if I > > make the cycles, that will use up > > brain cells I need for my real job, the one they're not going to hire > > somebody else to > > do shortly, the one I need to be good at. > > > > So yeah, pay me to program or pay me to administer systems. You could > > even pay me > > to administer systems and write relevant programs. But if you're > > paying me to program > > something else, I will either be a lousy sysadmin, or I will be a > > lousy programmer (and > > then you will fire me, so where's the joy in that?) or I will grow a > > new head. And I've > > never succeeded with the two heads thing. > > > > Elizabeth > > zwicky@otoh.org > > > > P.S. Did I mention we have an open position for a sysadmin at $WORK? > > Heh. $GEOGRAPHICLOCATION and $RANGEOFPAY? > > Kidding aside, I believe you are quite correct. Doing two things at > once usually means you do both poorly. Multitasking is broken in > humans. > > Kurt > From sage-members-owner@usenix.org Wed Jan 30 16:32:11 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V0WAXt029741 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 16:32:11 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V0WA9t029740 for sage-members-0utGoign; Wed, 30 Jan 2008 16:32:10 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.229]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V0VUmG029713 for ; Wed, 30 Jan 2008 16:31:56 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c49so483404wra.1 for ; Wed, 30 Jan 2008 16:31:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=v6JGh3sqmAD87fQhv8xJ1wY8vIWIv5GhLTOjgazcrrA=; b=rbKq6d5dC+a8LBcNpuVJv89wjhCzK9U88UkKl30Az3fVeZT7NAsfSQnP9i+CFbz/RWZDmDZMUVtT5R7mB+VtJgy6yUqS7Da4H17vhs2EytPXwjJtYXJkhmcQ9EbCA6VdbzCOp7XRblkdbRIGU/8S1FthBIMYbX5kqyZMi29+jP0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=RTdGSRbzKMGrm+P/FbYn7Cep/P71XnuCslT0ZvCN4K5fj7XS+lg0oopJxNhppneyui6RWNHu8x3GXp7RDYiy36XBqgCu+f4Qx+BTZwGDfEIVvzYVr9VHYAB0rJ4+anMEZ0iPe0rxOPhAwLsGzRFWT2rn9sz+fXWVY9Mq55dpf5c= Received: by 10.142.178.13 with SMTP id a13mr859626wff.24.1201739486058; Wed, 30 Jan 2008 16:31:26 -0800 (PST) Received: by 10.142.87.9 with HTTP; Wed, 30 Jan 2008 16:31:26 -0800 (PST) Message-ID: Date: Wed, 30 Jan 2008 16:31:26 -0800 From: "Kurt Buff" To: sellis@totallygeek.com Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: sage-members@sage.org In-Reply-To: <72aff9060801301558q4bf10511y9569b78d8e81abc2@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47A0F0C9.4050807@puryear-it.com> <4B510B44-50D7-4BA4-BAA8-C29BEFD578B4@greatcircle.com> <72aff9060801301558q4bf10511y9569b78d8e81abc2@mail.gmail.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, 2008 3:58 PM, Sean Ellis wrote: > On Jan 30, 2008 3:24 PM, Kurt Buff wrote: > > On Jan 30, 2008 2:18 PM, Elizabeth Zwicky wrote: > > > > > > On Jan 30, 2008, at 1:48 PM, Dustin Puryear wrote: > > > > > > > > P.S. Yes, I know that "it depends on the person". I'm generalizing, > > > > but I'm also saying that my generalization tends to be correct on > > > > this point. ;) > > > > > > As far as I can tell, it doesn't depend on the person so much as it > > > depends on the situation. > > > I am capable of being a great sysadmin. Currently I am paid to > > > program. Also, I do some > > > sysadmin, on the side. Oh, I am so, so bad at it. (Hey, wanna come > > > run our computers? Please?) > > > > > > Why am I bad it? If I have to touch a machine, I have to page in > > > whole piles of stuff I don't > > > normally think about. My brain is already full. And if I have to > > > update a software package? > > > Oh, just shoot me now. Read a syslog? Crap, has it been doing that > > > for long? As long as I > > > have logs for... say who set up this log rotation anyway? It doesn't > > > help that the answer is > > > never "I did!" > > > > > > I totally get it. I just don't have the cycles to do it. And if I > > > make the cycles, that will use up > > > brain cells I need for my real job, the one they're not going to hire > > > somebody else to > > > do shortly, the one I need to be good at. > > > > > > So yeah, pay me to program or pay me to administer systems. You could > > > even pay me > > > to administer systems and write relevant programs. But if you're > > > paying me to program > > > something else, I will either be a lousy sysadmin, or I will be a > > > lousy programmer (and > > > then you will fire me, so where's the joy in that?) or I will grow a > > > new head. And I've > > > never succeeded with the two heads thing. > > > > > > Elizabeth > > > zwicky@otoh.org > > > > > > P.S. Did I mention we have an open position for a sysadmin at $WORK? > > > > Heh. $GEOGRAPHICLOCATION and $RANGEOFPAY? > > > > Kidding aside, I believe you are quite correct. Doing two things at > > once usually means you do both poorly. Multitasking is broken in > > humans. > > > > Kurt > > > > Yes, but we can task switch just fine.... I find that the overhead of task switching grows with the age of the sysadmin, though that's relative - the absolute difference in individual ability to task switch is quite variable - and that under pressure, cache-thrash is a real danger. Kurt From sage-members-owner@usenix.org Wed Jan 30 17:22:10 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V1M9UI001628 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 17:22:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V1M9LG001627 for sage-members-0utGoign; Wed, 30 Jan 2008 17:22:09 -0800 (PST) Received: from bzz.taranis.org (bzz.taranis.org [38.112.190.19]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V1LUXd001600 for ; Wed, 30 Jan 2008 17:21:55 -0800 (PST) Received: by bzz.taranis.org (Postfix, from userid 100) id BE602555C; Wed, 30 Jan 2008 20:21:29 -0500 (EST) Date: Wed, 30 Jan 2008 20:21:29 -0500 From: Christophe Kalt To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. Message-ID: <20080131012129.GA18299@bzz.taranis.org> Mail-Followup-To: sage-members@sage.org References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47A0F6EA.1040606@smxy.org> User-Agent: Mutt/1.4.2.1i X-Spring: flower X-Message-Flag: Outlook is a highly efficient virus delivery agent. X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Hi Shaun! On Jan 30, Shaun T. Erickson wrote: | sage@richfox.org wrote: | >Hi, | > | >I haven't seen very many good sysadmins. | >I haven't seen very many good programmers. | >Of those that I have seen, the good sysadmins were also good programmers. | | So, are you saying that sysadmins who are not programmers are not good | sysadmins? Sure, they can be good, but in my opinion & experience, they'll never be as good as sysadmins who are also good programmers. That's why i don't even bother interviewing candidates who can't program at all. From sage-members-owner@usenix.org Wed Jan 30 18:31:31 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V2VUhS005171 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 18:31:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V2VUn1005169 for sage-members-0utGoign; Wed, 30 Jan 2008 18:31:30 -0800 (PST) Received: from scudder.smxy.org (scudder.smxy.org [64.32.179.42]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V2UnRa005074 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 18:31:15 -0800 (PST) Received: from Shaun-T-Ericksons-Computer.local (65-78-67-213.c3-0.eas-ubr1.atw-eas.pa.cable.rcn.com [65.78.67.213]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: ste) by scudder.smxy.org (Postfix) with ESMTP id 78C25F5C7 for ; Wed, 30 Jan 2008 21:30:48 -0500 (EST) Message-ID: <47A132D7.5070905@smxy.org> Date: Wed, 30 Jan 2008 21:30:47 -0500 From: "Shaun T. Erickson" Reply-To: ste@smxy.org Organization: Smxy - four cats who rule (my heart)! User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> In-Reply-To: <20080131012129.GA18299@bzz.taranis.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Hi Christophe. Long time, no chat. I hope you're well. :) Christophe Kalt wrote: > > Sure, [sysadmins who aren't programmers] can be good, but in my opinion & experience, > they'll never be as good as sysadmins who are also good > programmers. > > That's why i don't even bother interviewing candidates who > can't program at all. Hmm. I have never had a position that required I be a programmer, so I've never done any since college, many years ago. If I'm installing programs that require compiling (virtually always OSS stuff, from the 'net) and it fails, I use the resources of Google, mailing lists, the program's website, and so on to figure out what the problem is and solve it, without needing to know how to actually manually debug, modify and compile the source code myself. If I'm working with a developer, he/she understands their code and I understand the system, so, between us, we have the skills to figure out whatever issue they are having - again, without my having to be a programmer. Now, if by programming, you mean being able to write scripts in something like shell and awk, to automate repetitive tasks, I can do that. Perl? No, but only because I haven't ever needed to use it yet. The first time I do, I'll learn it. (In actuality, I had a personal project, recently, that required a minor bit of perl, so I *have* dipped a toe into it, but I wouldn't put it on my resume yet.) This doesn't sound like the kind of programming you all are talking about though. I always thought being able to solve the problem was of paramount import. If I don't have the personal skill to solve it, but know how to find the solution, isn't that what counts most? And if I am presented with a job task that can't be done with the skills I have, and requires me to add a skill, and I am willing to develop it (like learning perl because I was handed or inherited some perl scripts that I'm now to be responsible for), isn't that what matters most? We can't all know everything and there isn't time to learn everything, but we can add to our skills as the need arises, no? Isn't that the kind of person you want to work for you? As it happens, I'm unemployed. But I'm not a programmer, so I guess I shouldn't apply with you, eh? :-/ -ste From sage-members-owner@usenix.org Wed Jan 30 18:47:02 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V2knPD005862 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 18:46:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V2kn87005861 for sage-members-0utGoign; Wed, 30 Jan 2008 18:46:49 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.237]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V2jwrU005836 for ; Wed, 30 Jan 2008 18:46:23 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so650113wxc.26 for ; Wed, 30 Jan 2008 18:45:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=wBkE1lhJ6hn2rqe7beALkbQTy7LhoGEtbculqI1riMw=; b=iPoMfZgQxifGbaBdusNTTajRanf3n9U4f8x4g5HWF0m/n+giVChEXABiM27slRm+B7esVZTJBV4IqU0c+aApUtlHVj/+HSDX+NK0dO/D7Gf5N/xRnrjBTAXCvgK3Lhud70Vw4ugQUut/cGbOumdnS+4JIY2DFstv18BnCWZxD5I= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=VdTxf7JwaGsYPFTl1USdGkwehU3yE0jx5ZEZsdT0BC9CHWm7lgZf5LWxHjUVu12sgo8XQ10L5K2Qnt5laGzFtZemLOZcAe0FgGc2RhJ3/vax8Z9WEVUDZHMP5sR/ywKbM8ye/DStVFrijKHbsz8Gbh55DZdP07rmVx4xDFQegiQ= Received: by 10.150.98.18 with SMTP id v18mr435877ybb.10.1201747549585; Wed, 30 Jan 2008 18:45:49 -0800 (PST) Received: by 10.150.202.15 with HTTP; Wed, 30 Jan 2008 18:45:49 -0800 (PST) Message-ID: <42338fbf0801301845p14955fd5jfb4db9660b7771ed@mail.gmail.com> Date: Wed, 30 Jan 2008 21:45:49 -0500 From: "Dustin J. Mitchell" To: ste@smxy.org Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: sage-members@sage.org In-Reply-To: <47A132D7.5070905@smxy.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A132D7.5070905@smxy.org> X-Google-Sender-Auth: dc890c62e0adb33a X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: 1049; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, 2008 9:30 PM, Shaun T. Erickson wrote: > Christophe Kalt wrote: > > That's why i don't even bother interviewing candidates who > > can't program at all. > > As it happens, I'm unemployed. But I'm not a programmer, so I guess I > shouldn't apply with you, eh? :-/ We're all using vaguely defined categories in these conversations, and I think you've hit on an important distinction. A sysadmin who "can't program at all" is the type who, when asked to change the password expiration time for all users in the LDAP database, will happily click on all 12,492 user objects and type in the password expiration time[1]. A sysadmin who can program -- even a little -- will say "hey now, I'm not doing that manually!" and start looking for resources she can use to automate the process. Shaun, I expect you fall squarely into this latter category. Dustin [1] And then file a worker's comp claim for RSI -- Storage Software Engineer http://www.zmanda.com From sage-members-owner@usenix.org Wed Jan 30 18:51:40 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V2pGa1006239 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 18:51:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V2pFUm006238 for sage-members-0utGoign; Wed, 30 Jan 2008 18:51:15 -0800 (PST) Received: from web53801.mail.re2.yahoo.com (web53801.mail.re2.yahoo.com [206.190.36.196]) by usenix.org (8.13.6/8.13.6) with SMTP id m0V2oOtJ006188 for ; Wed, 30 Jan 2008 18:50:49 -0800 (PST) Received: (qmail 88192 invoked by uid 60001); 31 Jan 2008 02:50:19 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=HiX1bFBCQLp3KkLUJNMHAI9LF87/6Rv7gbwqn58NxUQD9yotCcorlvHiUQethfFC40+ujCLwxspzucaZ1EKbo+ZTheKv3ytOroGhdw6x8cjT67J8gs4MVcVEALPDcWHFYLGJt61HRr1EdEcVslthz2tOBXA9EH9SwdNNw3z7ndw=; X-YMail-OSG: DfATOUgVM1kDn1c9TWvlVH0pRI0_bEPea6DalhcNj8iS6A8ldCg76os0wWecwh6pczyrw7sk0_ho1iLAvXVRJHCm5YJfl3KVw3kDRWVprZ5fOY4NN7..QL9dwIOnoCktfiKBClOKFRQyoA-- Received: from [199.46.200.231] by web53801.mail.re2.yahoo.com via HTTP; Wed, 30 Jan 2008 18:50:17 PST Date: Wed, 30 Jan 2008 18:50:17 -0800 (PST) From: unix_fan Subject: Re: [SAGE] Programmers as.. sysadmins.. To: sage-members@sage.org In-Reply-To: <20080130221558.GA17131@bzz.taranis.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <999529.88014.qm@web53801.mail.re2.yahoo.com> X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: 1049; bulk rep Body=many Fuz1=many Fuz2=many rep=27% Sender: owner-sage-members@usenix.org Precedence: bulk --- Christophe Kalt wrote: > i think the problem is more of clear job responsability. > > Either you're a programmer, or a sysadmin. > People who are trying to be both usually think of one of > their responsability as primary, and the other one suffers > from this. I think that most of what you've seen are > probably cases of programmers having to do some SA work > because they have the skills and someone need to get the job > done. Absolutely agree. In my world, what I see that matches this setup are small areas with not enough critical mass for a full time sysadmin, or at least that's the belief. Or they haven't figured out a way for their cost center to get part time sysadmin help. The programmers have what amounts to a full time job with delivery dates, etc., for the code and related artifacts (test procedures, design docs, integration plans, etc.). The sysadmin work is on a time available basis, or a "something's broke that needs to be fixed" basis. -------------------------------------- Founding member #4 The League of Professional System Administrators http://www.lopsa.org Advancing the profession. Leagues ahead. From sage-members-owner@usenix.org Wed Jan 30 19:00:40 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V30CfN006749 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 19:00:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V30C8C006748 for sage-members-0utGoign; Wed, 30 Jan 2008 19:00:12 -0800 (PST) Received: from highlandsun.propagation.net (highlandsun.propagation.net [66.221.212.168]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V2x3RW006690 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 18:59:33 -0800 (PST) Received: from [127.0.0.1] (highlandsun.com [66.221.212.169]) by highlandsun.propagation.net (8.13.3/8.13.3) with ESMTP id m0V2woKk031303; Wed, 30 Jan 2008 20:58:50 -0600 Message-ID: <47A139DB.2020801@symas.com> Date: Wed, 30 Jan 2008 19:00:43 -0800 From: Howard Chu User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9b3pre) Gecko/2008011510 SeaMonkey/2.0a1pre MIME-Version: 1.0 To: Christophe Kalt CC: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> In-Reply-To: <20080131012129.GA18299@bzz.taranis.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Christophe Kalt wrote: > Hi Shaun! > > On Jan 30, Shaun T. Erickson wrote: > | sage@richfox.org wrote: > |>Hi, > |> > |>I haven't seen very many good sysadmins. > |>I haven't seen very many good programmers. > |>Of those that I have seen, the good sysadmins were also good programmers. > | > | So, are you saying that sysadmins who are not programmers are not good > | sysadmins? > > Sure, they can be good, but in my opinion& experience, > they'll never be as good as sysadmins who are also good > programmers. > > That's why i don't even bother interviewing candidates who > can't program at all. Interesting. In my experience, sysadmins who become good programmers tend to change jobs and quit being sysadmins. If you're looking for programming talent, sysadmins can be a good pool to select from, but if you're looking for someone who'll be content to remain a sysadmin, then you don't want someone who excels at programming. On the other hand, someone who has good familiarity with low-level system programming concepts tends to have a better understanding of how systems are put together and how to troubleshoot when they go wrong. I was going to make a comment about laziness but perhaps the better word is efficiency - someone who recognizes repetitive tasks and tends to script them may be viewed as motivated by laziness. But it's definitely a bit of a programmer mindset, and it's definitely an advantage for a sysadmin. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ From sage-members-owner@usenix.org Wed Jan 30 19:01:19 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V3162j006784 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 19:01:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V316fg006781 for sage-members-0utGoign; Wed, 30 Jan 2008 19:01:06 -0800 (PST) Received: from smtp102.his.com (smtp105.his.com [216.194.192.14]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V30Bqb006742 for ; Wed, 30 Jan 2008 19:00:40 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp102.his.com (Postfix) with ESMTP id 69A12D5C017; Wed, 30 Jan 2008 22:00:06 -0500 (EST) Received: from smtp102.his.com ([216.194.192.14]) by localhost (smtp105.his.com [216.194.192.14]) (amavisd-new, port 10024) with ESMTP id 30069-02; Wed, 30 Jan 2008 22:00:04 -0500 (EST) Received: from vhost109.his.com (vhost109a.his.com [216.194.192.12]) by smtp102.his.com (Postfix) with ESMTP id 8DF49D5C01B; Wed, 30 Jan 2008 22:00:04 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m0V303CC052660; Wed, 30 Jan 2008 22:00:03 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <47A0F0C9.4050807@puryear-it.com> Date: Wed, 30 Jan 2008 19:29:29 -0600 To: sage@richfox.org, Dustin Puryear From: Brad Knowles Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Virus-Scanned: Debian amavisd-new at smtp502.his.com X-Spam-Status: No, score=-4.343 tagged_above=-99 required=5 tests=[ALL_TRUSTED=-1.8, AWL=0.056, BAYES_00=-2.599] X-Spam-Score: -4.343 X-Spam-Level: X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On 1/30/08, sage@richfox.org wrote: > I haven't seen very many good sysadmins. I've seen a few good sysadmins. > I haven't seen very many good programmers. I've seen more programmers that I consider to be good, but then I'm not a professional programmer and I'm not convinced that I'm qualified as to whether or not they are actually good. > Of those that I have seen, the good sysadmins were also good programmers. The best sysadmins I've known have also been people that I considered to be good programmers. However, I have seen some good sysadmins that don't write code (they may do a bit of script hacking, but no real programming). There is a lot of overlap, but not necessarily a causal relationship. -- Brad Knowles LinkedIn Profile: From sage-members-owner@usenix.org Wed Jan 30 19:12:21 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V3CK20007573 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 19:12:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V3CK3q007572 for sage-members-0utGoign; Wed, 30 Jan 2008 19:12:20 -0800 (PST) Received: from QMTA03.emeryville.ca.mail.comcast.net (qmta03.emeryville.ca.mail.comcast.net [76.96.30.32]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V3Bdhq007543 for ; Wed, 30 Jan 2008 19:12:05 -0800 (PST) Received: from OMTA03.emeryville.ca.mail.comcast.net ([76.96.30.27]) by QMTA03.emeryville.ca.mail.comcast.net with comcast id jQEz1Y0040b6N64A31jw00; Thu, 31 Jan 2008 03:11:33 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA03.emeryville.ca.mail.comcast.net with comcast id jfBZ1Y00A5A3TEL8P00000; Thu, 31 Jan 2008 03:11:34 +0000 X-Authority-Analysis: v=1.0 c=1 a=cSXBqd5MW5MnF_F2cEYA:9 a=z2VGbJLbgCIcBmgMvW4ANrNZk8YA:4 a=C35D7iIojSgA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id A88A61AB37; Wed, 30 Jan 2008 22:11:32 -0500 (EST) To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> <20080130221558.GA17131@bzz.taranis.org> From: Paul Lussier Date: Wed, 30 Jan 2008 22:11:32 -0500 In-Reply-To: <20080130221558.GA17131@bzz.taranis.org> (Christophe Kalt's message of "Wed\, 30 Jan 2008 17\:15\:58 -0500") Message-ID: <87r6fyvgd7.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk Christophe Kalt writes: > i think the problem is more of clear job responsability. > > Either you're a programmer, or a sysadmin. > People who are trying to be both usually think of one of > their responsability as primary, and the other one suffers > from this. I think that most of what you've seen are > probably cases of programmers having to do some SA work > because they have the skills and someone need to get the job > done. I can attest to this first hand. I consider myself first and foremost a sysadmin. Over the last year or two I've been trying to transition into a developer role, but due to various dark forces working against me, I've been unable to shed my sysadmin duties. As a result, when things like the NFS server goes wonky, or the backup server dies with a drive failure, etc. my first inclination is to spend what it whatever time it requires to keep the "important systems" running. This means my product related duties suffer. Conversely, when we tried to share some of the sysadmin duties across an otherwise all-developer team in order to allow me more time to focus on the product, the systems suffered from neglect since everyone's primary focus was something other than the infrastructure. When things broke because the infrastructure grew too haphazardly without a plan and no one had a decent idea of how things did, or were supposed to work, we lost lots of product time trying to fix the infrastructure. I think a programmer can make a good sysadmin given the following: A. They *want* to be a sysadmin B. It's their primary focus C. They're allowed to have it be their primary focus I think a sysadmin can make a good programmer provided essentially the same criteria and the ability to do so. However... In general, programmers tend to want to program. That's the activity they enjoy. They thrive on the development of a single system at a very narrowly focused level. Sysadmins tend to thrive on understanding things at a higher altitude, and making things work together. My experience has been the following analogy: A Programmer is much like a virtuoso musician. They know they're instrument extremely well. They may know, and occasionally play other instruments, but tend to focus almost exclusively on one. A sysadmin is more like the conductor. They have to know about all the instruments, the characteristics of each, how they play and sound together and in contrast with others. Then need to understand the timing, the sound characteristics of the hall, etc. and make everything work together. For fun, they may occassionally beat the kettle drum or pluck a banjo. They may even sound pretty good at it and enjoy it. That's my $.0002. -- Seeya, Paul (who someday might like to be a developer or a banjo plucker :) From sage-members-owner@usenix.org Wed Jan 30 19:26:16 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V3QG4a008201 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 30 Jan 2008 19:26:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0V3QGIx008199 for sage-members-0utGoign; Wed, 30 Jan 2008 19:26:16 -0800 (PST) Received: from bache.ece.cmu.edu (BACHE.ECE.CMU.EDU [128.2.129.23]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0V3PYpZ008168 for ; Wed, 30 Jan 2008 19:26:00 -0800 (PST) Received: from [10.9.204.128] (dsl093-061-215.pit1.dsl.speakeasy.net [66.93.61.215]) by bache.ece.cmu.edu (Postfix) with ESMTP id DAFEDB1; Wed, 30 Jan 2008 22:25:33 -0500 (EST) Mime-Version: 1.0 (Apple Message framework v753) In-Reply-To: <47A139DB.2020801@symas.com> References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A139DB.2020801@symas.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: "Brandon S. Allbery KF8NH" Subject: Re: [SAGE] Programmers as.. sysadmins.. Date: Wed, 30 Jan 2008 22:25:31 -0500 To: Howard Chu , SAGE mailing list X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, 2008, at 22:00 , Howard Chu wrote: > I was going to make a comment about laziness but perhaps the better > word is efficiency - someone who recognizes repetitive tasks and > tends to script them may be viewed as motivated by laziness. But > it's definitely a bit of a programmer mindset, and it's definitely > an advantage for a sysadmin. Randal Schwartz's "laziness, impatience, and hubris" quote would seem to apply here. -- brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu electrical and computer engineering, carnegie mellon university KF8NH From sage-members-owner@usenix.org Thu Jan 31 04:01:16 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VC13vi026757 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 04:01:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VC13QW026756 for sage-members-0utGoign; Thu, 31 Jan 2008 04:01:03 -0800 (PST) Received: from westnet.com (root@westnet.com [216.187.52.2]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VC0Kpd026664 for ; Thu, 31 Jan 2008 04:00:45 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.14.0/8.14.0) with ESMTP id m0VC0C2Q013738 for ; Thu, 31 Jan 2008 07:00:12 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.14.0/8.13.2/Submit) with ESMTP id m0VC0BWY013735 for ; Thu, 31 Jan 2008 07:00:12 -0500 (EST) Date: Thu, 31 Jan 2008 07:00:11 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Programmers as.. sysadmins.. In-Reply-To: Message-ID: References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A139DB.2020801@symas.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 30 Jan 2008, Brandon S. Allbery KF8NH wrote: > On Jan 30, 2008, at 22:00 , Howard Chu wrote: >> I was going to make a comment about laziness but perhaps the better word is >> efficiency - someone who recognizes repetitive tasks and tends to script >> them may be viewed as motivated by laziness. But it's definitely a bit of a >> programmer mindset, and it's definitely an advantage for a sysadmin. > > Randal Schwartz's "laziness, impatience, and hubris" quote would seem to > apply here. I've been living this in my recent position. It's turned into something I don't really want -- low level helpdesk-type support -- but I'm surrounded by people who don't have a programming background, while I do. My first job was technically as a system programmer, but since then it's been sysadmin all the way. I can definitely see the words laziness, impatience and efficiency floating around (I'll just ignore the other one, shall I? :) ). Of course, sometimes I take it too far, and end up spending 6 hours on something that would otherwise have taken 20 minutes because I want to script it up. Still, it's usually because I can see the request coming again in the future, and it's tedious (or error-prone) anyway. The others around me don't get it, and struggle through typing things up in Excel to cut-and-paste, or just type it out by hand over and over. I don't get *that*. I would say I certainly approach sysadminning, or at least certain problems therein, with a programmer mindset. -Adam From sage-members-owner@usenix.org Thu Jan 31 07:49:52 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VFneGi011015 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 07:49:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VFnegh011014 for sage-members-0utGoign; Thu, 31 Jan 2008 07:49:40 -0800 (PST) Received: from compata.com (compata.com [216.237.17.163]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VFmwl3010960 for ; Thu, 31 Jan 2008 07:49:26 -0800 (PST) Received: from aopen.compata.com (aopen [192.168.44.9]) by compata.com (8.12.11/8.12.11) with ESMTP id m0VFmpt6011794 for ; Thu, 31 Jan 2008 07:48:51 -0800 Received: from localhost by aopen.compata.com (Linux 2.6) with ESMTP (8.14.1/8.14.1) id m0VFmpA0014170 for ; Thu, 31 Jan 2008 07:48:51 -0800 Message-Id: <200801311548.m0VFmpA0014170@aopen.compata.com> X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.1 To: sage-members@usenix.org Subject: Re: [SAGE] Programmers as.. sysadmins.. In-reply-to: Your message of "Thu, 31 Jan 2008 07:00:11 EST." References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A139DB.2020801@symas.com> From: Dave Close Reply-To: sage-members@usenix.org X-message-flag: Did you know MS Outlook is evil? X-Face: $?&5f7w4GjUJOb-[FmngebA}V`5Dv)QEdHg|d%mytVRm]'o}*{J6:PP%(LfN LmOcb#>"^wDF*|ZzuS??S*vLH[.miV(; Thu, 31 Jan 2008 08:27:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VGRFfu012764 for sage-members-0utGoign; Thu, 31 Jan 2008 08:27:15 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.229]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VGQZld012743 for ; Thu, 31 Jan 2008 08:27:00 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c49so645501wra.1 for ; Thu, 31 Jan 2008 08:26:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=QDeits+sIfXZf8UUb8Faun6KNPscJ8pMofGywXVZKJc=; b=P//7H2Ll/MtsViQY1IVe4thX2bl+8rlfOTp0iJkf4iWptQViLDhdgfMdKS5z05UKFnYFkrgtaevKFJwvPXRx7E4PrUAzm4MCTgNKEsE4guLg7tgGmcLBoff0hEvP1CE/tfpT0ENOazN28LmlXnq08E1dVeDSHnoPFWRi1syG2+E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=q3/BmAMKr2H1E0OWVCB7AHXP6+aK+LiRTAsYxxQVCymolVDd1rk8WWbBKv10imeZQ3PrQ61Ga8ocKV6ZoFlfB0eM1inT/9IfZNGfliXR3z+AZYUofocPJWq4Vcd1YQ7VhEESKZY+4e3ZKk4ZWPdfWLKWOOAWV21QsXHHGCnctq0= Received: by 10.114.198.1 with SMTP id v1mr377270waf.89.1201796373918; Thu, 31 Jan 2008 08:19:33 -0800 (PST) Received: by 10.114.26.10 with HTTP; Thu, 31 Jan 2008 08:19:33 -0800 (PST) Message-ID: Date: Thu, 31 Jan 2008 11:19:33 -0500 From: "Jim Ankenbrandt" To: "Christophe Kalt" Subject: Re: [SAGE] Programmers as.. sysadmins.. Cc: sage-members@sage.org In-Reply-To: <20080130221558.GA17131@bzz.taranis.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47A0F0C9.4050807@puryear-it.com> <20080130221558.GA17131@bzz.taranis.org> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk I would agree with this. From my experience programmers want to try new things use new functionality. Most experienced sysadmins "fear" new things. If you are answerable to others for their team's productivity there is a tendency to be conservative rather then break new ground. That responsibility begins to make you try to keep the most people happy and productive as you can. And that is the mark of a good sysadmin On 1/30/08, Christophe Kalt wrote: > i think the problem is more of clear job responsability. > > Either you're a programmer, or a sysadmin. > People who are trying to be both usually think of one of > their responsability as primary, and the other one suffers > from this. I think that most of what you've seen are > probably cases of programmers having to do some SA work > because they have the skills and someone need to get the job > done. > From sage-members-owner@usenix.org Thu Jan 31 08:40:45 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VGeTKT013405 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 08:40:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VGeTVJ013403 for sage-members-0utGoign; Thu, 31 Jan 2008 08:40:29 -0800 (PST) Received: from bache.ece.cmu.edu (BACHE.ECE.CMU.EDU [128.2.129.23]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VGdnWE013379 for ; Thu, 31 Jan 2008 08:40:14 -0800 (PST) Received: from [10.9.204.128] (dsl093-061-215.pit1.dsl.speakeasy.net [66.93.61.215]) by bache.ece.cmu.edu (Postfix) with ESMTP id D6743C0; Thu, 31 Jan 2008 11:39:48 -0500 (EST) Mime-Version: 1.0 (Apple Message framework v753) In-Reply-To: References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A139DB.2020801@symas.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: "Brandon S. Allbery KF8NH" Subject: Re: [SAGE] Programmers as.. sysadmins.. Date: Thu, 31 Jan 2008 11:39:47 -0500 To: Adam Levin , SAGE mailing list X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 31, 2008, at 7:00 , Adam Levin wrote: > I can definitely see the words laziness, impatience and efficiency > floating around (I'll just ignore the other one, shall I? :) ). Bah. Sysadmins have the conceit that they can actually manage systems despite vendors who ship radically different hardware with the same name and users who "customize" everything they can touch; how is this not hubris? :) -- brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu electrical and computer engineering, carnegie mellon university KF8NH From sage-members-owner@usenix.org Thu Jan 31 09:45:44 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VHjhei020659 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 09:45:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VHjh8q020658 for sage-members-0utGoign; Thu, 31 Jan 2008 09:45:43 -0800 (PST) Received: from scudder.smxy.org (scudder.smxy.org [64.32.179.42]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VHj2Du020623 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 09:45:28 -0800 (PST) Received: from Shaun-T-Ericksons-Computer.local (65-78-67-213.c3-0.eas-ubr1.atw-eas.pa.cable.rcn.com [65.78.67.213]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: ste) by scudder.smxy.org (Postfix) with ESMTP id EADFDF5C7 for ; Thu, 31 Jan 2008 12:45:01 -0500 (EST) Message-ID: <47A2091D.7000003@smxy.org> Date: Thu, 31 Jan 2008 12:45:01 -0500 From: "Shaun T. Erickson" Reply-To: ste@smxy.org Organization: Smxy - four cats who rule (my heart)! User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A132D7.5070905@smxy.org> <16C553AB-5147-423C-8B0B-14EDAD115384@frii.com> In-Reply-To: <16C553AB-5147-423C-8B0B-14EDAD115384@frii.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Neil Neely wrote: > > Who I really want to work for me is someone who loves to solve problems > so that someone with less training and expertise can solve it the next > time it comes up. Yes, we should document our work. At my last job, the sysadmin team had an internal wiki. I resisted using it, at first, because I felt that time spent documenting was time not spent performing administration work (nor were my coworkers using it). Eventually I decided to give it a try and whenever I ran into a problem I had to solve more than once I documented the problem and my solution. Not only was it good for the reason you mentioned, but I found that knowing someone else would have to read it and follow it made me more conscious of my work - causing me to streamline it and clean it up so that it was something that was straightforward to do, was documented concisely, and wasn't "just an ugly hack" to get the job done. It also meant that I didn't have to commit the solution to memory, freeing up brain cells for other uses. All I had to remember was enough to recognize the problem and recall that I'd documented the solution. Then it just took a quick search. -ste From sage-members-owner@usenix.org Thu Jan 31 10:24:58 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VIOMqQ022531 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 10:24:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VIOMUN022529 for sage-members-0utGoign; Thu, 31 Jan 2008 10:24:22 -0800 (PST) Received: from ettin.watson-wilson.ca (watson-wilson.ca [216.138.221.7]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VINIYZ022485 for ; Thu, 31 Jan 2008 10:23:43 -0800 (PST) Received: by ettin.watson-wilson.ca (Postfix, from userid 1000) id D8FF83AE2E; Thu, 31 Jan 2008 13:23:06 -0500 (EST) Date: Thu, 31 Jan 2008 13:23:06 -0500 From: Neil Watson To: SAGE mailing list Subject: Re: [SAGE] zenoss versus nagios Message-ID: <20080131182306.GA29760@watson-wilson.ca> References: <20080103151022.GB2316@watson-wilson.ca> <20080104225434.GA3516@watson-wilson.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20080104225434.GA3516@watson-wilson.ca> X-Message-Flag: Outlook is a dangerous and insecure program (Magic 8 ball: Outlook not good) X-Accepted-File-Formats: No proprietary Microsoft Office files please User-Agent: Mutt/1.5.17 (2007-12-11) X-watson-wilson.ca-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-watson-wilson.ca-MailScanner-From: sage@watson-wilson.ca X-Spam-Status: No X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 04, 2008 at 05:54:34PM -0500, Neil Watson wrote: > I'm going to expand this thread a bit. Has anyone kicked the tires of > Opennms? I had a test drive of OpenNMS. I share with you my findings: http://technocrat.watson-wilson.ca/blosxom/computer/onmsreview.html -- Neil Watson | Debian Linux System Administrator | Uptime 5 days http://watson-wilson.ca From sage-members-owner@usenix.org Thu Jan 31 11:46:59 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VJklJg026596 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 11:46:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VJklae026595 for sage-members-0utGoign; Thu, 31 Jan 2008 11:46:47 -0800 (PST) Received: from marlin.bio.umass.edu (marlin.bio.umass.edu [128.119.55.19]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VJk6Ju026553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Thu, 31 Jan 2008 11:46:32 -0800 (PST) Received: from peredhil.bio.umass.edu (peredhil.bio.umass.edu [128.119.54.86]) (authenticated bits=0) by marlin.bio.umass.edu (8.13.6/8.13.6) with ESMTP id m0VJk0Bh029193 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 31 Jan 2008 14:46:03 -0500 (EST) Message-ID: <47A22578.8000008@bio.umass.edu> Date: Thu, 31 Jan 2008 14:46:00 -0500 From: Chris Hoogendyk User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 CC: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> <20080130221558.GA17131@bzz.taranis.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (marlin.bio.umass.edu [128.119.55.19]); Thu, 31 Jan 2008 14:46:03 -0500 (EST) X-Scanned-By: MIMEDefang 2.54 on 128.119.55.19 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Jim Ankenbrandt wrote: > I would agree with this. From my experience programmers want to try > new things use new functionality. Most experienced sysadmins "fear" > new things. If you are answerable to others for their team's > productivity there is a tendency to be conservative rather then break > new ground. That responsibility begins to make you try to keep the > most people happy and productive as you can. And that is the mark of a > good sysadmin > > On 1/30/08, Christophe Kalt wrote: > >> i think the problem is more of clear job responsability. >> >> Either you're a programmer, or a sysadmin. >> People who are trying to be both usually think of one of >> their responsability as primary, and the other one suffers >> from this. I think that most of what you've seen are >> probably cases of programmers having to do some SA work >> because they have the skills and someone need to get the job >> done. Lot of commentary. I'm responding in general to a number of things said along the thread. pigeon holing, bell curve, . . . . This is an issue in many aspects of society and life. We take short cuts and trust gut reactions. There may be some substance in some generalizations; but, when we actually have to make a decision based on them, such as hiring, it's best to look beyond the generalization. In some instances (although most probably not the one under discussion here) it might even become a legal concern. To make the best decisions in hiring, we need to look beyond the generalizations and carefully examine each applicant as an individual. Yeah, I know, in the 1990's we advertised job openings and got maybe 20 applicants. After the bubble burst, the same job opening would get 200 applicants. Still, best to beware of generalizations. once someone is hired, clear job responsibilities are very important. Hire someone as a programmer and then ask them, by the way, to also be sysadmin for your network of servers -- now you're just asking for trouble. In such cases it is the hiring manager who is at fault. If the sysadmin responsibilities are considered important, then hire someone to do them. If not, then don't complain. I worked for Specular for a few years (Infini-D 3D modeling software on the Mac). They had some of the hottest programmers around. I had been a programmer, but I was hired to handle their customer database, backups, network, etc. My job was to support the programmers and the rest of the company. Previously, their chief programmer was responsible for the network and backups. It was a total mess. He was absolutely brilliant, and could certainly have done a good job of it; but it was far more important to the livelihood of the company that he focus his attention on the programming. When they got big enough that it made sense, they hired me. knowledge, attention, focus . . . . I think it is important for real programmers to know how hardware works -- to have some idea of how cpu, memory, i/o channels, etc. interconnect and communicate. Too many programmers today write bloated and inefficient code, at least in part because they have no clue or respect for what their code is going to do in terms of demand on hardware resources. Serious programmers ought to at least spend some time playing in machine code or assembler. Back in the bad old days programmers could write time sharing operating systems that could serve 200 simultaneous users out of 16K core memory. They had to understand the hardware. OK, they didn't have GUIs, they didn't process jpegs, and etc. But, still, depth of knowledge and understanding is almost always beneficial. Going back to Specular, one of the seemingly inexplicable hires (initially) was a young woman from Taiwan. She could program, but some of the programmers weren't impressed. Turns out she was an absolute wiz at mathematics and projective geometry. When she looked at the code, she wasn't seeing the code structure the way the other programmers did, she was extracting the mathematical algorithms being used. Change the algorithm, put it back in, and magically, the code ran twice as fast, or even better. Bringing that back around to sysadmins, understanding programming and software development as well as hardware is almost always beneficial. It can make the difference between seeing your way through a problem to a relatively quick, concise solution that's stable, versus thrashing your way through to a messy hack that seems to be working, but you don't really have much of a clue what's going on. So, back to the hiring question. Pick the person with the best depth of knowledge, the willingness and interest to take the job with the specified responsibilities, and who seems to have good attention and focus. Give them clearly defined responsibilities. One of the best hires we made (in a previous job) was a guy who had been a Unix software developer and C programmer. As his company shifted toward Windows, he managed the conversion of the Unix software to run on Windows. The ownership of the company had changed, he was unhappy with how they were managing it (post bubble burst), and he wanted something more stable with better benefits to support his family. We felt incredibly lucky to have the opportunity to hire him. He came in as a Windows sysadmin and was immediately solving longstanding problems. Been happily on the job for maybe 5 years now. --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology & Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erdös 4 From sage-members-owner@usenix.org Thu Jan 31 13:44:07 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VLhxmE001972 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 13:43:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VLhxU2001971 for sage-members-0utGoign; Thu, 31 Jan 2008 13:43:59 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VLhiT8001957 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 13:43:45 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VLhib6001956 for sage-members@usenix.org; Thu, 31 Jan 2008 13:43:44 -0800 (PST) Received: from mail.frii.com (phobos04.frii.com [216.17.128.164]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VH2ceq018024 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 09:03:03 -0800 (PST) Received: from [10.10.130.4] (fw01-e3.ftc.frii.net [216.17.230.109]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.frii.com (FRII) with ESMTP id 063DE67877; Thu, 31 Jan 2008 10:02:29 -0700 (MST) In-Reply-To: <47A132D7.5070905@smxy.org> References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A132D7.5070905@smxy.org> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: multipart/alternative; boundary=Apple-Mail-2-153387490 Message-Id: <16C553AB-5147-423C-8B0B-14EDAD115384@frii.com> Cc: sage-members@sage.org From: Neil Neely Subject: Re: [SAGE] Programmers as.. sysadmins.. Date: Thu, 31 Jan 2008 10:01:26 -0700 To: ste@smxy.org X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk --Apple-Mail-2-153387490 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On Jan 30, 2008, at 7:30 PM, Shaun T. Erickson wrote: > > I always thought being able to solve the problem was of paramount > import. If I don't have the personal skill to solve it, but know > how to find the solution, isn't that what counts most? And if I am > presented with a job task that can't be done with the skills I > have, and requires me to add a skill, and I am willing to develop > it (like learning perl because I was handed or inherited some perl > scripts that I'm now to be responsible for), isn't that what > matters most? We can't all know everything and there isn't time to > learn everything, but we can add to our skills as the need arises, > no? Isn't that the kind of person you want to work for you? Who I really want to work for me is someone who loves to solve problems so that someone with less training and expertise can solve it the next time it comes up. I personally tend to equate this with someone who does system level programming, but that isn't necessarily always the case. Being able to develop a clear and well documented process that the next guy can follow is of similar value to programming skill. A negative trait of some system administrators is believing that their own personal ability to solve a given problem is more important than the organizations ability to ensure that the problem can always be fixed regardless of whether or not that admin happens to be around. This is a tangent to the programming discussion, but I'm enjoying the discourse on the traits of great system administrators and wanted to add some more thoughts on the matter. (Full disclosure - My interest isn't entirely academic, I'm in the process of trying to hire a new System Administrator and this discussion about what folks consider good qualities is helpful) Neil Neely Senior System Engineer FRII --Apple-Mail-2-153387490 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=ISO-8859-1
On Jan 30, = 2008, at 7:30 PM, Shaun T. Erickson wrote:

I always thought being able to solve the problem was = of paramount import. If I don't have the personal skill to solve it, but = know how to find the solution, isn't that what counts most? And if I am = presented with a job task that can't be done with the skills I have, and = requires me to add a skill, and I am willing to develop it (like = learning perl because I was handed or inherited some perl scripts that = I'm now to be responsible for), isn't that what matters most? We can't = all know everything and there isn't time to learn everything, but we can = add to our skills as the need arises, no? Isn't that the kind of person = you want to work for you?

Who I really want to work = for me is someone who loves to solve problems so that someone with less = training and expertise can solve it the next time it comes up. =A0I = personally tend to equate this with someone who does system level = programming, but that isn't necessarily always the case. =A0Being able = to develop a clear and well documented process that the next guy can = follow is of similar value to programming skill. =A0A negative trait of = some system administrators is believing that their own personal ability = to solve a given problem is more important than the organizations = ability to ensure that the problem can always be fixed regardless of = whether or not that admin happens to be around. =A0

This is a=A0tangent=A0to = the programming discussion, but I'm enjoying the discourse on the traits = of great system administrators and wanted to add some more thoughts on = the matter. =A0(Full disclosure - My interest isn't entirely academic, = I'm in the process of trying to hire a new System Administrator and this = discussion about what folks consider good qualities is = helpful)

Neil Neely
Senior System = Engineer
FRII



= --Apple-Mail-2-153387490-- From sage-members-owner@usenix.org Thu Jan 31 13:44:46 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VLiUdO002018 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 13:44:33 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VLiTKR002017 for sage-members-0utGoign; Thu, 31 Jan 2008 13:44:30 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VLiGdd002000 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 13:44:16 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VLiGDH001999 for sage-members@usenix.org; Thu, 31 Jan 2008 13:44:16 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.224]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VHuloS021377 for ; Thu, 31 Jan 2008 09:57:12 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c49so695295wra.1 for ; Thu, 31 Jan 2008 09:56:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:in-reply-to:subject:references:message-id:content-type:content-transfer-encoding:mime-version:date:cc:x-mailer:sender; bh=qdUaOQ+3ic/8dbdOF++fBuI+TfiEx22IifF+jwEZag0=; b=Sd93FIh+4y43MmVMoFyH8FQE/iEMe8meF4rnPEP3BSyeJIF8QktLpNY1QNiln2TFiJGG2UrLsc3/+aw8rAmj3H5F90VRBJg1Z7aloVkcgwsCENmDZBII0V3a21UkSwsvtjTXORIPYTbOl3taq2/lv/9IiixCRoOApdI7suje1NU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:in-reply-to:subject:references:message-id:content-type:content-transfer-encoding:mime-version:date:cc:x-mailer:sender; b=FF+C8XJHFR42KdLszoXTTpdN6MFy1KxhgICjvoxYPsgx/lbY16Dv13kp4w12cIdMWvWZfUOn3ySxZfomRQBi3B7YMTv53QvabnMlIkO9U5EpqNc1sIgQWFe7YbZnIa+PiXLPC6DNQfAdkiYlyMe7CuPknMlrrdF6kGr2MO/nHj0= Received: by 10.142.154.20 with SMTP id b20mr1371896wfe.172.1201802203797; Thu, 31 Jan 2008 09:56:43 -0800 (PST) Received: from owl.rcac.purdue.edu ( [128.210.189.94]) by mx.google.com with ESMTPS id g5sm3258655wra.36.2008.01.31.09.56.41 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 31 Jan 2008 09:56:42 -0800 (PST) From: "Dwight D. McKay" To: ste@smxy.org In-Reply-To: <47A2091D.7000003@smxy.org> Subject: Re: [SAGE] Programmers as.. sysadmins.. References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A132D7.5070905@smxy.org> <16C553AB-5147-423C-8B0B-14EDAD115384@frii.com> <47A2091D.7000003@smxy.org> Message-Id: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Date: Thu, 31 Jan 2008 12:56:39 -0500 Cc: sage-members@sage.org X-Mailer: Apple Mail (2.915) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk We use an internal wiki also. One of the cultural shifts in documenting things occurs once you have enough information in your documentation pool (wiki in our case) that searching it becomes the quick way to get an answer. At that point, most everyone begins to see the value. There also develops some peer pressure to get the holdouts to start using the wiki. -- Dwight D. McKay, Director of Systems Engineering Rosen Center for Advanced Computing, ITaP, Purdue University mckay@purdue.edu / 765.494.4481 / MATH B73 http://www.google.com/calendar/embed?src=dwight.mckay%40gmail.com&mode=week On Jan 31, 2008, at 12:45 PM, Shaun T. Erickson wrote: > Neil Neely wrote: >> Who I really want to work for me is someone who loves to solve >> problems so that someone with less training and expertise can solve >> it the next time it comes up. > > Yes, we should document our work. At my last job, the sysadmin team > had an internal wiki. I resisted using it, at first, because I felt > that time spent documenting was time not spent performing > administration work (nor were my coworkers using it). Eventually I > decided to give it a try and whenever I ran into a problem I had to > solve more than once I documented the problem and my solution. > > Not only was it good for the reason you mentioned, but I found that > knowing someone else would have to read it and follow it made me > more conscious of my work - causing me to streamline it and clean it > up so that it was something that was straightforward to do, was > documented concisely, and wasn't "just an ugly hack" to get the job > done. > > It also meant that I didn't have to commit the solution to memory, > freeing up brain cells for other uses. All I had to remember was > enough to recognize the problem and recall that I'd documented the > solution. Then it just took a quick search. > > -ste From sage-members-owner@usenix.org Thu Jan 31 14:49:24 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VMmdj7005678 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 14:48:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m0VMmd0g005677 for sage-members-0utGoign; Thu, 31 Jan 2008 14:48:39 -0800 (PST) Received: from mail.frii.com (phobos03.frii.com [216.17.128.163]) by usenix.org (8.13.6/8.13.6) with ESMTP id m0VMlZBm005610 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 31 Jan 2008 14:48:00 -0800 (PST) Received: from microbrew.elizabeth.street (phred.dsl.frii.net [216.17.139.237]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.frii.com (FRII) with ESMTP id 6C92B678B9; Thu, 31 Jan 2008 15:47:22 -0700 (MST) Received: from vw.elizabeth.street ([192.168.0.100]) by microbrew.elizabeth.street with esmtp (Exim 4.63) (envelope-from ) id 1JKiBl-0004dt-Dl; Thu, 31 Jan 2008 15:47:21 -0700 Cc: SAGE mailing list Message-Id: <38F62EBE-052B-4D42-AC8B-761202E3BE59@frii.com> From: Ray Frush To: Neil Watson In-Reply-To: <20080131182306.GA29760@watson-wilson.ca> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Subject: Re: [SAGE] zenoss versus nagios Date: Thu, 31 Jan 2008 15:47:21 -0700 References: <20080103151022.GB2316@watson-wilson.ca> <20080104225434.GA3516@watson-wilson.ca> <20080131182306.GA29760@watson-wilson.ca> X-Mailer: Apple Mail (2.915) X-DCC--Metrics: ; whitelist X-DCC--Metrics: 1356; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk That's a very nice write up of OpenNMS. I think it should be noted that the examples in the write up show how extensible OpenNMS is, but I would point out that out of the box (RPM or .deb) OpenNMS does most of what the examples demonstrated. The author of this write-up has gone and done a good job of showing how the out of box config can be customized. I particularly like the conclusion warning about "monitoring everything". We recently re-worked our OpenNMS installation to limit what it monitors significantly. We found, over time, that when the pager goes off at 3am, it should be only for a pretty short list of things. An Network Monitoring System can quickly overwhelm the SysAdmin with email. -- Ray Frush On Jan 31, 2008, at 11:23 AM, Neil Watson wrote: > On Fri, Jan 04, 2008 at 05:54:34PM -0500, Neil Watson wrote: >> I'm going to expand this thread a bit. Has anyone kicked the tires >> of >> Opennms? > > I had a test drive of OpenNMS. I share with you my findings: > http://technocrat.watson-wilson.ca/blosxom/computer/onmsreview.html > > -- > Neil Watson | Debian Linux > System Administrator | Uptime 5 days > http://watson-wilson.ca From sage-members-owner@usenix.org Fri Feb 1 01:09:22 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m1198jbx009296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 01:08:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m1198jvp009295 for sage-members-0utGoign; Fri, 1 Feb 2008 01:08:45 -0800 (PST) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.179]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11981dg009267 for ; Fri, 1 Feb 2008 01:08:06 -0800 (PST) Received: by py-out-1112.google.com with SMTP id u52so1486207pyb.10 for ; Fri, 01 Feb 2008 01:07:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=24MOXb8od5YryKiJ/d1N+QBdO13pzFmVZITrucn9zbI=; b=uQvPuH6s0F4Cm++5HfjEAc+U0ogn0gWV1TOJQwlXtQdCI7ydGgl6xhIN3GSY7HChP9CG0vqOpzM7GvvDpIka/0LAnLcZ9WLw0c6/am8pG+abDZ4SvZlnanBGRUnnTVwj03pR0Pz3oboJdY+K6r5cScw7rYKLzrHGDiHzDTnE9dY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=n/4nE8OsKoMc2Ha2hR2IEecOm+r4KvRS88fXkMK49kaqGvCrKGNJ3hf0UnPQ0PRBRpErPsrj3jlH2gaGyIQwFL7A1JJChs5uXWtQ3VaH7AAgkJOwBSU8LlRW5+f9xwrYwF6NJ6B2sEJeZf6aSK508lbz6FUTfugXtO/nTat2Hvk= Received: by 10.35.98.6 with SMTP id a6mr3630872pym.10.1201856875107; Fri, 01 Feb 2008 01:07:55 -0800 (PST) Received: by 10.35.31.9 with HTTP; Fri, 1 Feb 2008 01:07:54 -0800 (PST) Message-ID: <391e184c0802010107p36b6ab3em3adf8bdd77ec74a9@mail.gmail.com> Date: Fri, 1 Feb 2008 10:07:54 +0100 From: "Joel Pinckheard" To: sage-members@sage.org Subject: Re: [SAGE] Does your wiring look like this? In-Reply-To: <20080127191543.Q37106@gecko.reptiles.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <87sl0l299r.fsf@comcast.net> <8870624d0801251230r4c8c4c10lf05c5d7b9d1afb04@mail.gmail.com> <479A5B84.6020907@metro.dst.or.us> <72aff9060801271548t6d03a866w32f134a25b9194ed@mail.gmail.com> <20080127191543.Q37106@gecko.reptiles.org> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk I know that it is practically a FAQ at this stage but I haven't been able to find a good answer. How do people get unique serial numbers on their cables? The two possibilities I've seen are prepurchased (http://www.stonewallcable.com/) or DIY with something like the Brady ID Pro labeler. However the prepurchased I've seen are at about $7 per cable (I'm looking for 200 1m / 3.3 ft cables) and that particular labeler seems to be end of life (at least here in Spain). Anyone have good alternatives? -- Joel Pinckheard http://www.pincky.com/ From sage-members-owner@usenix.org Fri Feb 1 09:36:54 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11HaU0H024985 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 09:36:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11HaT4J024984 for sage-members-0utGoign; Fri, 1 Feb 2008 09:36:29 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11HaG9X024971 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 09:36:16 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11HaGAB024970 for sage-members@usenix.org; Fri, 1 Feb 2008 09:36:16 -0800 (PST) Received: from mail0.lsil.com (mail0.lsil.com [147.145.40.20]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11Fk3ax020876 for ; Fri, 1 Feb 2008 07:46:30 -0800 (PST) Received: from milmhbs0.lsil.com (mhbs.lsil.com [147.145.1.30]) by mail0.lsil.com (8.12.11/8.12.11) with ESMTP id m11FgmTj024120 for ; Fri, 1 Feb 2008 07:42:53 -0800 (PST) Received: from namail.ad.lsil.com (namail.co.lsil.com [172.21.36.18]) by milmhbs0.lsil.com (8.12.11/8.12.11) with ESMTP id m11Fjg03032258 for ; Fri, 1 Feb 2008 07:45:43 -0800 Received: from NAMAIL1.ad.lsil.com ([172.21.36.19]) by namail.ad.lsil.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 1 Feb 2008 08:45:39 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/related; boundary="----_=_NextPart_001_01C864E9.7E57CDBE"; type="multipart/alternative" Subject: [SAGE] Career path input Date: Fri, 1 Feb 2008 08:45:42 -0700 Message-ID: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> X-MS-Has-Attach: yes X-MS-TNEF-Correlator: Thread-Topic: Career path input Thread-Index: Achk6YCW6bB1MxAnQN28MxOqTHB0qw== From: "Simon, Wesley" To: X-OriginalArrivalTime: 01 Feb 2008 15:45:39.0119 (UTC) FILETIME=[7E6B7BF0:01C864E9] X-Scanned-By: MIMEDefang 2.39 X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk This is a multi-part message in MIME format. ------_=_NextPart_001_01C864E9.7E57CDBE Content-Type: multipart/alternative; boundary="----_=_NextPart_002_01C864E9.7E57CDBE" ------_=_NextPart_002_01C864E9.7E57CDBE Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable =20 Hi Everyone, =20 I'm looking for some intelligent feedback. I have been a (mostly) Unix system administrator for 8 years. My role has expanded into areas outside of system administration. I am involved in all aspects of (floating) software licenses, purchasing equipment, application installation, and anything else that comes my way. The actual time I spend doing system administration seems negligible compared to the time I spend on other tasks and in meetings. =20 =20 An opportunity to become a software test engineer has presented itself. I'm concerned that this move could severely impair future career possibilities. Part of me believes I should focus on improving my system administration skills and then find other opportunities. =20 =20 Does anyone have any opinions or suggestions? =20 Thanks, =20 Wesley Simon System Administrator LSI Corporation Engenio Storage Group 3718 North Rock Road Wichita, Kansas 67226 P: 316.636.8078 F: 316.636.8487 =20 =20 =20 ------_=_NextPart_002_01C864E9.7E57CDBE Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

 

Hi Everyone,

 

I’m looking for some intelligent = feedback.  I have been a (mostly) Unix system administrator for 8 years.  My = role has expanded into areas outside of system administration.  I am = involved in all aspects of (floating) software licenses, purchasing equipment, = application installation, and anything else that comes my way.  The actual time = I spend doing system administration seems negligible compared to the time = I spend on other tasks and in meetings. 

 

An opportunity to become a software test engineer has = presented itself.  I’m concerned that this move could severely impair = future career possibilities.  Part of me believes I should focus on = improving my system administration skills and then find other opportunities.  =

 

Does anyone have any opinions or = suggestions?

 

Thanks,

 

Wesley Simon

System Administrator

LSI Corporation

Engenio Storage Group

3718 = North Rock Road

Wichita, Kansas 67226

P: 316.636.8078

F: 316.636.8487

 

 

------_=_NextPart_002_01C864E9.7E57CDBE-- ------_=_NextPart_001_01C864E9.7E57CDBE Content-Type: image/jpeg; name="image001.jpg" Content-Transfer-Encoding: base64 Content-ID: Content-Description: image001.jpg Content-Location: image001.jpg /9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAAZAAA/+4ADkFkb2JlAGTAAAAAAf/b AIQAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQICAgICAgICAgIC AwMDAwMDAwMDAwEBAQEBAQECAQECAgIBAgIDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMD AwMDAwMDAwMDAwMDAwMDAwMD/8AAEQgALQCRAwERAAIRAQMRAf/EALEAAAICAwEBAQAAAAAAAAAA AAAICQoFBgcCAQMBAAEDBQEAAAAAAAAAAAAAAAACBQcBAwQGCAkQAAAGAQQBAwEEBgkFAAAAAAEC AwQFBgcAERIIEyEUCTFBIhUWUWGzFxk5cSPUVZVWltZ3JCa3GHgRAAIBAgUBBAYHBAgHAAAAAAEC AxEEACESBQYHMVEiE0FhgbEUCHGRocEyIxXw0VI0YnKSsjNDgxZCosLiwyQX/9oADAMBAAIRAxEA PwC/r5UuXHyE5b7ceZeW/wBNtt999UqMUqMe9VxXBowYNGDBowY1CTyFQYVyZlM3ioRLwvqZpJ2W FYOShuJdzIOnqSofeAQ+n1DSPMjrp1LqHoqMUBBNBmRjIw1qrFjKY9escDPFJuBjQ0xHyhSiXbly Fi4XANtw33/ToWSNzRWBI7jgDKTQEVGM9peK4NGDHgFUhHiChBN9OIHKI7h9Q2Ad/TVKjFKjHvVc VwaMGDRgwiPyN2G6VfrDPy1KsEnW3AWWtMZ17EOFGb5xXZNyvHuo8j1ASOWiTp+5bAoZIxDHTAyY iJDmAeefmg3Pfdp6TXN5sNzLayfFQJK0ZKu0MjFGQMPEoZ2TUVIJFVJ0sQY86oXN/acTkmsJXibz Yw5U0JRiVIqMxUla0pUZdhOFF6IQuRcd9qLjitazzqtOaYdrV2moF8+dPoxaXsUBQZZq6RQeKLg0 fN31ncEFVLgc5SGIbcuwBC3y8WHJ+M9X77iD3dwdjTY4LqWF3Z4zJNDZyKwDE6XDzuNS0JAKmoyG l9PIN02zl8+ztLIbFbFJWQklSzpCwIBrQgyEVFDkQcTUa7vxO+DRgwaMGDRgxUYkJGR/ikOm34g/ 9v8A+750/B7xz4fF++jj4vH5eHi4+nHbjx9NttMConxerSNXmnOgr+M4yI0TyNWldXizoK9p9OLc +n/GPg0YMH09R9ADRgxVT7T90uxXazOU1hvCc/ZmFBkbU4o9EpFLd/gj67FaulWP4tYpVBw1cvUp tRE7kUV3CbBq04+QgCRRUzBLO9waknyych6KHsqPSTl21oezF1I4xEJps6itD2AHsFPSTl21zyGM 9BfDN2rmGZH01ZcR1t44DyqR0nZ7DJSCShwA5iul4aqyUeZXkYQMKbhUu4b7jq4LK5IyVR6iae4M Ptwr4mg8KGnrIHurjTLf8WPdjE4mstRj4a3Lxf8A1KT7FlzWRsDfx7G8rFnLIVaaXcFENwI1KqqI h90BHSXtZ1zZKgd1D9nb9QxUzxuKSqaesBh+/wCzDifHRmLv/LZocYlyC1s1hoNVatTZGUzRGzDG fojE5XARv4VPvmiNgez8wdESNWjsXaLhJM6n9UmQ6xblrJceaI0JIB8QNTQe3MHuHp7qVIsyiIUM J8RPZWop6a/w+ofZSpE/unnCcVBum0nJK/IPjRBWRfqIjmG1FMko8cHTMUErNsUxDKCUwen261i2 RB5TADVWPOgr2rhTIgskYKurTFnQV7U9OLfOtnwnEcHyh5Fy/jjrm1f4mStzZKWukZFZEsNI9yhY q7QBi5h7KOGcw1ZvlKyV+9aN2xpIU9kAU4bgKgamPobtGwbzzgW+/wDw7BLWR4EnAMclwCgRSpZR JQFnEdfFp9WOP/nc5bz7h/Rn43gY3BPO3KGK+nsiVuLewMczzOkqo5t9bpHEbilI9dCfEMIT0wyd nzC8c1vlAsU72z6mTzwFbxAQxl5vNmEJeQA7l4tL0ZZ27nG8mwOU6jpJgq/ipRuUzlE6R1Cn1LvU vY+Jcmmbad3hi4/1BiWkEj0SyvUXIBJwAhVsgpkEcsTURgwBGOUPlw5t1W6cWcfKuKXl1z7oJdyV vYIdU287NLJVnMtkXedZENWlWBp7W5jBmjZGYNiWHO7audnurlta4zlWV1iri1glIV7CGM68jmKt cK/coHbgUjtlJR4sVCOWyxE3LZQhiKkIcpihwF124JvG7cG3Xhl3bSpu7iGkZXxVSeKQMtKhgVUs rKSrLmpINcelV3uuxdSuBPuPErqK/wBqu1UxyRHUCUkUspGTJIhUrJG6rJGwKuqsCBsVTxb+XuzO TMkJR4tomcxHjGvsX3jEqB3sXLW1vLMyLCHATtIyHixOXfcpTkEfQQ007PxH9M6rbtylY9FlcbLY Qo9KAtHJcCRa9lVjit6j0ArXD7ZbObfll1uaIRFLZW6KadrK0gYD1hVj+sYXnsPnPLOR0JSh9XDN Yytx6Tv95HZGZfJQWPKozabhIMKzbnhRZSDxmQpvevWAOztQ+4iHl5KI87daurXUbnENxxD5fzHb 7FCr/qfJp5Bb7baIn+JHa3jjy5HQV8+e3ExiHhiHmani7h6TdNOCcQlh5R1rDzbxKy/p/H4UM9/d O3+G9xaodcauaeTDOYhJ+KQ6NKSLR8fd3vKOb7Djep3K85Pw80rkz+P26dbyCtVb3Foq2UaTdZTf e4cQbCSUA6CCDhwVxIon9wqikYoJpQV8mPLOWQ9Wbzg/Htz3bkHTGKym+JvLhZDaLeIVKz2vmamt 45TWONJJBJcIfPkijYBI5i+a3jXGpemlry/fNv2zZOoMl3F5FrC0YuTasGDRXOjSs7xiju6IY4HH lJI6ku8gjG59gWNqg4F5XW1ih52fUj1rIWpyMIhW2ENkyXj5N5LASXdoe2ncYQZ3LBXcACUdt9wO iqUmvUvVKGpSoJ7vX+7HnPRaVw1er2EYqFyH8051/wDcR/8AzTpiX+a/1W/vnGVH/L+xvecW9NPu MXBowY+GKBimKYNymASmAfoICGwgP9IaO3BioH2I6pdiunOa5C6U+Dt/5Zr9rXs+N8sVaLXkY5qy B2d7Gfiq7NJ83h5Rgkp7dy2fFImuJDiUqiBwE2vPE8B0vUBaUPoNOwg9gOVaVqD7Cb8bxvEIpaAg AZ5A07CD7K0rUH2E9QrvzD9voNJFvLfuwtpkfuquJ6luGbxcSl4j5vyzOV9qU3L1HiiX1/V6avLe XAz1ah6wPuAwr4YHNWans/cMdgr/AM3WY2yiH5owzjWZQLwBwWClLPXV1QDfyCmq+d2ZJExvTbdM 4B+v7Lgvpx26D7CP+o+7CTbN/EP7P/d+3rxIh1a+UrC/Yq1McfT8HJYkvsyqk1rrGdk2kzXrK+UE wJRMZZG7WNFGYWP6It3TVAFzGAiSiipgIOTFfI7aZBpJNAa1HqByFK+jKnorUjFp0ePNqae8ff2U +0evsxJ7rOwnFPjpn/MMxn/zHa/2Vm1rVt2Rf6fvXFx/5BP6sXvTFwfWy4t48nIRQhk1ClOQ5TEO Q5QMQ5DAIGKYogIGKYB2EB9BDVQSDUZEYoyq6lWAKkUIPYR3HCcPunFNqWSxzZ17ehhXJDlX/umL h2x18XZKjVXBnD+Iu1GQXaNkVHRjmOi/jTtHDRyIOOKxgEppHi6kbluGyf7Y5ev6nsqj8pnNLq2Y CivDOQSadhSQOrr4KqMxztdfLtxzYOaf/Sukkn+2uYu3/sxRKW2zcYy2p4ryyVkUFiSUnt2ikik/ N0yMCC18PCRkWZ89aw0PEyk6ulJWJSIbIpBJzHtkm6rx46Tas1pNwVNIqQOFiAsdIhQHYAAoaBcX U84WKSWSSCIFYw5J0pUkACpCiprpU0BJ+nE8bftllYmW5gtre3vrphJcGJQPMl0hS7sFQyNQBRI6 hyqqDSgAyD1kzkmbqPkGyD1i+brNHjN0kRds6auEzJLt3CKgGTWRWSMJTFMAlMURAfTTfdWttfW0 lleRpLaSoUdHAZXRhRlZTUMrAkEHIg0OHi2ubizuEu7V2juY3DI6khlZTVWUjMEHMEZg5jC65O69 N8zvouBvc64Y4arotDsMU046sEwtDtoBBbuLrLNQbu1YmO4gVpFsQbopGL5TrKG4FShLn3RaDqjd 2+z8vvHi6YWOgx7TZE28d06U0tfTJpcwx0pDawCNEI8xpXbQscucL6sS9O7afdOMWqS9QrvUH3O7 Ame2Vq6ls4m1KJZK1luZjIzA+WsaLqL90q9UrNJg2NaqEDFVuAjEiosYiGZIMGLchSlKJioNyEKZ VTjudQ26ihvvGERER1LfH+O7DxTaYdi41Z29js8ChY4YI1jjUAU/CoAJNKsxqzHNiSa4jLe993nk m5S7zv8AdT3m6TNV5ZnZ3Y/SxNAPQooqjIADLGwaecNWDRgxUIlVUkflKerLqpIIpd31VFVl1CIo pJkzRyOoqqoYqaSZChuJjCAAHqOmJSBc1PZ5rf3zjKTK3z7m95xbX/NtV/zNX/8AGY7+06evNj/i X6xjE1L3jB+bar/mav8A+Mx39p0ebH/Ev1jBqXvGMmnJRyrI0mk/ZKRxEllzyCbpA7IiLfn51jOy qCgVJDxm5mE2xeI77bDqupdOqo09/owVFK+jCD0T5NupV3vtqx+4v6FSXgpx5DwtntYJR1IurVoY iJpWCtHlUjWzRZzzKkD8zTzplKokJwPsGIl9CzEMCorkT2Eevur25+imdchXS9AxU6T+2Y7R35+3 PLDano2Fsis0plSnYvvbB4BVkZU9fqlnZugHcxVUnxmj5FcB5iIGAw/X9erwitZfGFjYd9AftwgL G3iAU/V6Mcmu3Ubp2+jZCVuWC8LRMY2bquJKaGsV+opM2xBMqs5czMYnDmZpp+omUFUnEPtANIe2 tQup1VVHprp9xGFV0itSB6iR7jipf2Gi8bVrsfeYzrbKupSgRdxZBjmRi3rqRU92VKOWFKAlBOq8 kmjCyGWRj3PNRRdFNM4HOIgczK4TxDMx59vdn931jPGZGS0H51aUNa5eHPt9n2Z4uw14ZI0BBjNA ATAw8aMsABsASQskRfAAbBsAOuethj1eWuv8ekV+mmeMJa6Rq/FTFRDpn/MMxn/zHa/2Vm1rtt2R f6fvXF5/5BP6sXvTFwfWy4t45Zl/M+O8FVE91yTOBCwwuyRzIiTZw+kJaVVbuHKEXFsWxDquXiyD RQ3rxTIUgmOcpQEQj7qX1R4V0j42eU85u/hds8wRRgK0kk0pVmWKKNQSzsqMc6KoBZ2VQTjd+AdO +W9Td+HHOH23xO4aDI5LKkcUQZVaSR2ICoCyjKrEkBVYkDCPxPZy3ZeITIltl2vWTq40dKmYTU6/ I1ylmQWo7hGVlVPk5iYg5yB7lSISXem9UGzk5xOohyft3XvknUpBzXklzHwL5f45CY57iQJu29aP 8q1Iq0MJIHmtZpJOc4oJ2Yu8XSl90Y2HgLHiew278z61ugDwwoW23adX+ZcA0WWUA/lrdMkIykmh VQqyPPTr+xl6ga1voGbotSb+3ShF7uX8Kl30OUqDVrLvohyqtJQjd4ucCt035iPVCcTqpJCcC665 4py233jjv69NZXm1bAulbc3w8qeSEBVWZ4WLSwK7ZRrcFZ2WjyRxlgMcscz2mDi+4va3e4WV5fLV rlrZtcEUrMaxLMAscrLUa2hBhDEojuATjcH80RIZiPiStpeyxcMlMEr3v0mThwm9GSRiCrOFSKkZ ISj2JXRIscokAyRhH0KOt1trixm3D9OkmVJlWN5ABqZI5GdVkKjMgmOSneUIGNOvLqWKCYWKLPuM cJdYdYQuSG0KXIIQOylQxBAzJyGI4sg52ur+wyli602dRrmirFUNlHpZm1M8PPXJo2SSWUk6A2eP hctLGhHl5tnVeePIGYRMU+yi4F806bRxXbIrNLPm0AbjU/8AK7zZeOOEkkabgqtDGWyZbhEnhNRk tdPGvLOqPJbrd5936MXpj6kWIP6nw/eQYp7tVAJksVd9SXCxisclhNLY3aFWo8gHmdZ6td88R9nZ BxSWrScx5mOGbPT2TFtvZrISjNeIW9rNBFSQIJNJRKMdAJFU1CtXyWwio2IACIa/zvpPyHg8K7pI 0V5xyRl8u6hIKkOKprWpKlhmCNSH/hc1xvvQ35p+n/Wy7fjUEd1tHUS2RzcbZdoVlRojpm8qTSFl EbZMrCKdcy8KgHDwai7HTWDRgxW6z78UnaDJmcsw5Frr7FicBesm3i2whJG2S7aQLE2GySMrHlfN 0qs4TQdg0dE8hCqHKU+4AYwBuLS9lMzsfDQsx7e8k93rxkRyqkYVu3P7STjkf8Gztz/eOIP9ZzX+ 0dJ+Am/o/t7ML86Pu+zB/Bs7c/3jiD/Wc1/tHR8BN/R/b2YPOj7vsxPD1H6+S2J+p1SwBlxjXJx2 1jbxDW2NjXK0tXZSKtlpskkoyFZyzj1XKDuImSkWKKRNjGMUNwDkLhFABb+RKAQQQfbjGk0uTT8J xG5nX4VoiWlZSd6+5Ib1Zo6FRwzoN8aP5GMYrG2MLVhcWCjqWSjwNuCZHLF2sQNgMsf66w5LBwax MCPXkfrFa/UPWT24Ws8i5NRvX2H7wfqHr78JIf4yvkAx67VJTYUqxVTiQ7+h5XhYZFcCiGxzlkJu svhIbiG3NIB/SAaxWs5q5x1J9PhP31phTSwSf4iEn1hT95yx+gfGz8huQnCbK5xTsjTyk3eXvL0L MsUBOIiKwoMrDZHpgIJQEfGgY2+2wDoFnMDQR9np8P764BJbxn8tKEdyqPvGJJ+nvxNQWFLnCZSz TaorIdurizaTrNVg2LpKnwM+3P5W809eyYJP7I9jVSlUaFM2aIoLlBQxVTFIJMyGxIYNNSgPYM/r OWXqp9JIyxbkleUaSNKd1a1+k5ZeofXTIzJ6csIxAD14+M/sbi/thTc1WV5jc9PgcgzdnfJRlnlH cwMbIkmSoFQZK1tqgo5AX5ORRWKAevr6aZ4bGeMJXT4dFc/4SK+j1YWzA2qwj8YCD+yVr7jif7Tx hGFm7V9eEOyGN2tTTlWkLP1+xR9trMhJMjyMOaUj0HjM8fNsUzpqOImSZP1U1eIiYhuJ+JwKKZ4H +YforD1y4NHxxLiO13izvY7y1klQyw+bGroY54wQWhlSRlalSp0tpYKUaZeh3VmXpBzB99eCS52u 6tHtbhI3EcvluyOJIXIIWWN0VlrkRVaqSGVb+unRicrl1b5b7IWxlky/QahG9Lg2arh3T6o2jx8M W9at3bKNbgdkgmT2DFuzbMY0AASEMoCYowd0S+Undtj5SnUjrjuMW/cxtGC2MCFnsrRY/DE6K6RL VFA+HgjhigtQAUVnCGKX+rnzM7bu/HH4H0gsJNm4tcgtdzOFW7uWfORGZXkajsT58zyyTXGYZlUs JOxd+bYtTuq+R5JooKT9ytUoxgcpuJvcO7hBGU2H6js0RVEdvsDU8/MbvL7H0g3S6hNLl2t40P8A Sa5ir/yhscB9Rr1rHiF1KhpITGq/SZE+4HGp4ly0hcu6mWoFssBmimAsSSbRMFeROKHGzbkKA7cv Fk8u+32Bpm4ZzOPfOvG9bdE35B45t0iiuVB+fl7L8Yw9m3lb7nl7bofAdtt2Hs/M/wDPjZe4fS+j dsayxUcPVaVlWpEMtj/JkWkcZGHWKr7osXKpoLNV5KBWdBzAgKEXaLD5UDlEVCK9p9Oepe69P75g ii62C4NLi2Y+FxSmpKghZAMq0KuPC4IoVjX5hvlw4x162WJ5ZW23ndgCbDcYgfMhNdXlShSrSQFv FQMHif8AMiZSXV156Y9Eso4lys6z92IyBXLvk5KrO6hD/llF25Wct3Ytmy1kudofx0M+s1j/AAlo DUiqzdRcySgmXcLHKThuHUrqrsXINgXiXDrOa12MziZ/NIABFSI4YlZ1ij1nUQGC1FFRQTWI/lx+ VznHAedydVuru7We581Wxe0h+GDMWV9Km4vLl44Xubjyk8pWaNnKMTLNIwXTKpqBcd1YNGDBowYN GDBowYNGDBowYNGDBowYNGDBowYNGDBowYNGDBowYj1+ThOKV6wPQlnk8yTLdqydmaDjGEmkvIFQ lvatZxN9LRBmsKsbcDLoGWWScAiIIqFE4BzT82C2b9JZPjJLiNRfwFfKjSQF6SaVlDyR6YjnV1LM r6PAwriNOrAhPEm85pFHxEdNChqtRqB6stFPeKkNp8JFcJP8e6T8e2c6rcHtgLdi4diiJMGsYzPC LVo1coYxjmalnUunItlUogsaCKCTJUFFT7mVIUmykC/LUlz/APZbh97kuRv42OMBFjUxGDyLTQ0s jSB1Ij8jSqxMGY5uoWjaF00En+8pDetL8f8AArkFGkpoh0lmLahRdFAFNSe0AZzxa9EMdEYNGDBo wYNGDH//2Q== ------_=_NextPart_001_01C864E9.7E57CDBE-- From sage-members-owner@usenix.org Fri Feb 1 10:19:49 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11IJbcs027441 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 10:19:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11IJbxl027440 for sage-members-0utGoign; Fri, 1 Feb 2008 10:19:37 -0800 (PST) Received: from procyon.quay.net (procyon.quay.net [206.248.145.34]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11IJ6E2027391 for ; Fri, 1 Feb 2008 10:19:11 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by procyon.quay.net (Postfix) with ESMTP id 07D49B862 for ; Fri, 1 Feb 2008 13:12:02 -0500 (EST) X-Virus-Scanned: amavisd-new 2.5.2 (20070627) at procyon.quay.net Received: from procyon.quay.net ([127.0.0.1]) by localhost (procyon.quay.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4QL+3h0iNEyi for ; Fri, 1 Feb 2008 13:11:52 -0500 (EST) Received: from vega.quay.net (vega.quay.net [206.248.145.38]) by procyon.quay.net (Postfix) with ESMTP id DF454B821 for ; Fri, 1 Feb 2008 13:11:52 -0500 (EST) Message-ID: <47A360E8.8000809@quay.net> Date: Fri, 01 Feb 2008 13:11:52 -0500 From: "Gabriel O'Brien" User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] Career path input References: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> In-Reply-To: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk Simon, Wesley wrote: > An opportunity to become a software test engineer has presented itself. > I’m concerned that this move could severely impair future career > possibilities. Part of me believes I should focus on improving my > system administration skills and then find other opportunities. > > Does anyone have any opinions or suggestions? Hi Simon, Since you asked anyone, I'll pipe in, I'm anyone. My experience has been that sysadmins with a broad range of job experiences are often (but certainly not always) better sysadmins than narrow(er) specialists. I would take a look at your opportunity and decide if it looks interesting and if there is potential to learn something new. I'm a firm believer that systems administration is a multidisciplinary profession. Personally I've worked with a number of sysadmins that come from a testing background and in my experience the methodical approach to chasing down bugs that comes from a test lab background can be worth its weight in gold when trying to smoke out a difficult OS bug or hardware problem. There's also a good chance you'll be exposed to tools and processes that can (at least in part) be transferred to your next sysadmin job. That said, if you think you can still improve in your current job and continue to enjoy it then maybe you should stay put. Change is good. Best of luck! -Gabriel -- Gabriel O'Brien email: go@quay.net http://blog.quay.net/ From sage-members-owner@usenix.org Fri Feb 1 10:57:23 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11IvNUI029129 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 10:57:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11IvMY4029128 for sage-members-0utGoign; Fri, 1 Feb 2008 10:57:22 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11IvLPi029123 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 10:57:21 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11IvLYe029122 for sage-members@usenix.org; Fri, 1 Feb 2008 10:57:21 -0800 (PST) Received: from mail.frii.com (phobos02.frii.com [216.17.128.162]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11IWNkD028134 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 10:32:28 -0800 (PST) Received: from [10.10.130.4] (fw01-e3.ftc.frii.net [216.17.230.109]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.frii.com (FRII) with ESMTP id A6F40678D6 for ; Fri, 1 Feb 2008 11:17:04 -0700 (MST) Mime-Version: 1.0 (Apple Message framework v753) To: SAGE mailing list Message-Id: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> Content-Type: multipart/alternative; boundary=Apple-Mail-13-244262840 From: Neil Neely Subject: [SAGE] Best Practices for Anti-Virus on Exchange Date: Fri, 1 Feb 2008 11:16:02 -0700 X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=2% Sender: owner-sage-members@usenix.org Precedence: bulk --Apple-Mail-13-244262840 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed What are the best practices folks out there use for Anti-Virus for their MS Exchange servers? I've used sendmail and postfix systems for many years but Exchange is new to me, and I'll be the first to admit that I don't grok Microsoft particularly well. In a typical single mail server environment (for simplicity - does both mail delivery and mail access) I would deploy it something like this: All inbound email would go through an external spam and virus filter. All email submitted on the mail server destined for someone else on the mail server would first have to loop through the external spam and virus filter to ensure that all mail no matter who it was from/to would go through the virus filtering process. When it comes to the world of Exchange I can't seem to find a way to do this cleanly without some methodology that would cause some other customer facing aspect to be negatively impacted. I can implement what I described above seamlessly on non-exchange environments so that customers never need to know that it's taken care of - it just is. The closest I've come in the Exchange environment involves really screwing up the Global Address Lists and making a mess out of the use of shared calendars. I really need a solution that takes care of ensuring virus filtering and doesn't impact the functionality of the Exchange server. What I've found is that it appears that the common recommended practice is to do spam and virus filtering on the gateway device, and it appears that the concern about one user on the exchange server infecting another is quietly ignored. I've seen it so many times that I think there is a common perception that threats can't originate from within an intranet (This baffles me, but it's what I keep reading). The alternative I've seen to this is that you can purchase anti-virus products that run on the exchange server that claim to also filter all inbound and outbound traffic for viruses. These solutions seem to run about $20/user/year. So what are folks here doing with their exchange environments? Do you filter spam/viruses on a gateway of some kind, then also run an on-exchange virus filter to catch intra-server email? Do you do gateway for inbound protection and then rely on client side A/V products to ensure intra-server messages get scanned? If the only safe answer is adding $20/user/year extra cost into my model then that's what the answer is - I just want to be sure I understand the options before throwing money at it. Thanks, Neil Neely --Apple-Mail-13-244262840 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=ISO-8859-1

What are the best = practices folks out there use for Anti-Virus for their MS Exchange = servers?

I've = used sendmail and postfix systems for many years but Exchange is new to = me, and I'll be the first to admit=A0that I don't grok Microsoft = particularly well.

In a typical single mail = server environment (for simplicity - does both mail delivery and mail = access) I would deploy it something like this:

All inbound email would go = through an external spam and virus filter.
All email submitted = on the mail server destined for someone else on the mail server would = first have to loop through the external spam and virus filter to ensure = that all mail no matter who it was from/to would go through the virus = filtering process.

When it comes to the world = of Exchange I can't seem to find a way to do this cleanly without some = methodology that would cause some other customer facing aspect to be = negatively impacted. =A0I can implement what I described above = seamlessly on non-exchange environments so that customers never need to = know that it's taken care of - it just is. =A0The closest I've come in = the Exchange environment involves really screwing up the Global Address = Lists and making a mess out of the use of shared calendars. =A0I really = need a solution that takes care of ensuring virus filtering and doesn't = impact the functionality of the Exchange server.

What I've found is that it = appears that the common recommended practice is to do spam and virus = filtering on the gateway device, and it appears that the concern about = one user on the exchange server infecting another is quietly ignored. = =A0I've seen it so many times that I think there is a common perception = that threats can't originate from within an intranet (This baffles me, = but it's what I keep reading). =A0

The alternative I've seen = to this is that you can purchase anti-virus products that run on the = exchange server that claim to also filter all inbound and outbound = traffic for viruses. =A0These solutions seem to run about = $20/user/year.

So what are folks here = doing with their exchange environments? =A0Do you filter spam/viruses on = a gateway of some kind, then also run an on-exchange virus filter to = catch intra-server email? =A0Do you do gateway for inbound protection = and then rely on client side A/V products to ensure intra-server = messages get scanned?

If the only safe answer is = adding $20/user/year extra cost into my model then that's what the = answer is - I just want to be sure I understand the options before = throwing money at it.

Thanks,

Neil = Neely

= --Apple-Mail-13-244262840-- From sage-members-owner@usenix.org Fri Feb 1 11:11:59 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11JBxv4029976 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 11:11:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11JBxNY029975 for sage-members-0utGoign; Fri, 1 Feb 2008 11:11:59 -0800 (PST) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.232]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11JBITd029946 for ; Fri, 1 Feb 2008 11:11:44 -0800 (PST) Received: by wx-out-0506.google.com with SMTP id s14so1509219wxc.26 for ; Fri, 01 Feb 2008 11:11:18 -0800 (PST) Received: by 10.115.90.1 with SMTP id s1mr4406117wal.50.1201893076872; Fri, 01 Feb 2008 11:11:16 -0800 (PST) Received: by 10.114.149.9 with HTTP; Fri, 1 Feb 2008 11:11:11 -0800 (PST) Message-ID: Date: Fri, 1 Feb 2008 14:11:11 -0500 From: "Gilbert Wilson" To: "Neil Neely" Subject: Re: [SAGE] Best Practices for Anti-Virus on Exchange Cc: "SAGE mailing list" In-Reply-To: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk We use a gateway device to filter incoming mail. Symantec Corporate Edition with the Exchange plug-in protects the server itself and the clients. Simple, effective, transparent to users, and virus free since the year 2000. Gil On 2/1/08, Neil Neely wrote: > > > What are the best practices folks out there use for Anti-Virus for their MS > Exchange servers? > > I've used sendmail and postfix systems for many years but Exchange is new to > me, and I'll be the first to admit that I don't grok Microsoft particularly > well. > > In a typical single mail server environment (for simplicity - does both mail > delivery and mail access) I would deploy it something like this: > > All inbound email would go through an external spam and virus filter. > All email submitted on the mail server destined for someone else on the mail > server would first have to loop through the external spam and virus filter > to ensure that all mail no matter who it was from/to would go through the > virus filtering process. > > When it comes to the world of Exchange I can't seem to find a way to do this > cleanly without some methodology that would cause some other customer facing > aspect to be negatively impacted. I can implement what I described above > seamlessly on non-exchange environments so that customers never need to know > that it's taken care of - it just is. The closest I've come in the Exchange > environment involves really screwing up the Global Address Lists and making > a mess out of the use of shared calendars. I really need a solution that > takes care of ensuring virus filtering and doesn't impact the functionality > of the Exchange server. > > What I've found is that it appears that the common recommended practice is > to do spam and virus filtering on the gateway device, and it appears that > the concern about one user on the exchange server infecting another is > quietly ignored. I've seen it so many times that I think there is a common > perception that threats can't originate from within an intranet (This > baffles me, but it's what I keep reading). > > The alternative I've seen to this is that you can purchase anti-virus > products that run on the exchange server that claim to also filter all > inbound and outbound traffic for viruses. These solutions seem to run about > $20/user/year. > > So what are folks here doing with their exchange environments? Do you > filter spam/viruses on a gateway of some kind, then also run an on-exchange > virus filter to catch intra-server email? Do you do gateway for inbound > protection and then rely on client side A/V products to ensure intra-server > messages get scanned? > > If the only safe answer is adding $20/user/year extra cost into my model > then that's what the answer is - I just want to be sure I understand the > options before throwing money at it. > > Thanks, > > > Neil Neely > > From sage-members-owner@usenix.org Fri Feb 1 11:58:06 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11Jw5mD001998 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 11:58:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11Jw5Kl001997 for sage-members-0utGoign; Fri, 1 Feb 2008 11:58:05 -0800 (PST) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.230]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11JvPap001975 for ; Fri, 1 Feb 2008 11:57:51 -0800 (PST) Received: by wr-out-0506.google.com with SMTP id c49so1206335wra.1 for ; Fri, 01 Feb 2008 11:57:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=yBxd90IVFVPgKOLxhGyXp80fRyxKhCBUfysgZf+8RNY=; b=w6Dx6iBGuZoN4QvMb8YIE1ZaVvLjQmAb4E42zpgPMYIlWX3TzQTGhIavUSQvd9po6cl04eQiUKpD5ZUHuhxx7mnP+YoC51gd0O1YRUMNvl1qmfAxvLIoQL/tVFf7gSzvlcjg8rEND4N8HkxINGXtq66kp0FzWb4r+A/3ax9BWP8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=GPSZH4RGpxkf9RogONeCRzX9DJC1+FmD8Wgc9NvY2ZX0jwPUIvZs88Ajyjab1P9cJra75oFiWtUaehOB8gQ/EINgwMxGUZepW0IEUNz1pvgX7LqWI5FbiTqsA50wMatMAZst2cKp6uanuw1U/y16D/8p2h4KuniPIGJPVjmjaVM= Received: by 10.142.212.19 with SMTP id k19mr2463092wfg.193.1201895413414; Fri, 01 Feb 2008 11:50:13 -0800 (PST) Received: by 10.142.87.9 with HTTP; Fri, 1 Feb 2008 11:50:13 -0800 (PST) Message-ID: Date: Fri, 1 Feb 2008 11:50:13 -0800 From: "Kurt Buff" To: "Neil Neely" Subject: Re: [SAGE] Best Practices for Anti-Virus on Exchange Cc: "SAGE mailing list" In-Reply-To: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=2 Fuz1=2 Fuz2=2 rep=11% Sender: owner-sage-members@usenix.org Precedence: bulk On Feb 1, 2008 10:16 AM, Neil Neely wrote: > All inbound email would go through an external spam and virus filter. > All email submitted on the mail server destined for someone else on the mail > server would first have to loop through the external spam and virus filter > to ensure that all mail no matter who it was from/to would go through the > virus filtering process. This is good - I use a FreeBSD/Postfix/Maia Mailguard setup for this very thing > When it comes to the world of Exchange I can't seem to find a way to do this > cleanly without some methodology that would cause some other customer facing > aspect to be negatively impacted. I can implement what I described above > seamlessly on non-exchange environments so that customers never need to know > that it's taken care of - it just is. The closest I've come in the Exchange > environment involves really screwing up the Global Address Lists and making > a mess out of the use of shared calendars. I really need a solution that > takes care of ensuring virus filtering and doesn't impact the functionality > of the Exchange server. > > What I've found is that it appears that the common recommended practice is > to do spam and virus filtering on the gateway device, and it appears that > the concern about one user on the exchange server infecting another is > quietly ignored. I've seen it so many times that I think there is a common > perception that threats can't originate from within an intranet (This > baffles me, but it's what I keep reading). > > The alternative I've seen to this is that you can purchase anti-virus > products that run on the exchange server that claim to also filter all > inbound and outbound traffic for viruses. These solutions seem to run about > $20/user/year. > > So what are folks here doing with their exchange environments? Do you > filter spam/viruses on a gateway of some kind, then also run an on-exchange > virus filter to catch intra-server email? Do you do gateway for inbound > protection and then rely on client side A/V products to ensure intra-server > messages get scanned? > > If the only safe answer is adding $20/user/year extra cost into my model > then that's what the answer is - I just want to be sure I understand the > options before throwing money at it. Best practice for the Windows world, IMHO, is to purchase an add-in product for Exchange server, and also install A/V software on the Windows workstations. You'll get differing opinions on what products are best - I loathe both McAfee and Symantec, for instance - but that's the way to go. I'm hoping this year to move away from McAfee to NOD32 or Kaspersky, FWIW. Also, sunbeltsoftware.com has a very good Exchange mail list (and very good NT Administration list, among others), and you'll find a number of *very* knowledgeable current and former Microsoft MVPs, all with strong opinions, on it. It's a good, helpful community, though the signal to noise ratio sometimes gets a little skewed. Kurt From sage-members-owner@usenix.org Fri Feb 1 12:09:48 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11K9a55002692 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 12:09:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11K9ZdN002691 for sage-members-0utGoign; Fri, 1 Feb 2008 12:09:36 -0800 (PST) Received: from bzz.taranis.org (bzz.taranis.org [38.112.190.19]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11K8uFd002676 for ; Fri, 1 Feb 2008 12:09:21 -0800 (PST) Received: by bzz.taranis.org (Postfix, from userid 100) id BE596555C; Fri, 1 Feb 2008 15:08:55 -0500 (EST) Date: Fri, 1 Feb 2008 15:08:55 -0500 From: Christophe Kalt To: sage-members@sage.org Subject: Re: [SAGE] Programmers as.. sysadmins.. Message-ID: <20080201200855.GA4730@bzz.taranis.org> Mail-Followup-To: sage-members@sage.org References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A132D7.5070905@smxy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47A132D7.5070905@smxy.org> User-Agent: Mutt/1.4.2.1i X-Spring: flower X-Message-Flag: Outlook is a highly efficient virus delivery agent. X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 30, Shaun T. Erickson wrote: | Christophe Kalt wrote: | > | >Sure, [sysadmins who aren't programmers] can be good, but in my opinion & | >experience, | >they'll never be as good as sysadmins who are also good | >programmers. | > | >That's why i don't even bother interviewing candidates who | >can't program at all. [...] | I always thought being able to solve the problem was of paramount | import. If I don't have the personal skill to solve it, but know how to | find the solution, isn't that what counts most? Not really. Sure, it's useful (and in some cases enough) but generally if you don't learn anything in the process it means you're just applying a recipe without understanding things. | And if I am presented | with a job task that can't be done with the skills I have, and requires | me to add a skill, and I am willing to develop it (like learning perl | because I was handed or inherited some perl scripts that I'm now to be | responsible for), isn't that what matters most? We can't all know | everything and there isn't time to learn everything, but we can add to | our skills as the need arises, no? We work in a fairly rapidly evolving field, the ability to keep learning is obviously important, but it's just one of many basic/essential requirements. (There's also a difference between learned/earned experience and core skills.) I've long strongly believed that programming skills are also essential for sysadmins, so i always look for that in candidates, especially since properly developping such skills on the job is non-trivial. | Isn't that the kind of person you | want to work for you? i like to hire people who can eventually do my job. For senior hires, this pretty much means "right away", while for more junior hires it's more a question of judging potential and ability to realize such potential. From sage-members-owner@usenix.org Fri Feb 1 12:24:04 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11KO3jx003550 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 12:24:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11KO38Q003549 for sage-members-0utGoign; Fri, 1 Feb 2008 12:24:03 -0800 (PST) Received: from authusersmtp.mail.cornell.edu (granite2.mail.cornell.edu [128.253.83.142]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11KNNjq003515 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 1 Feb 2008 12:23:49 -0800 (PST) Received: from [128.253.64.138] (lilt.cit.cornell.edu [128.253.64.138]) (authenticated bits=0) by authusersmtp.mail.cornell.edu (8.13.1/8.12.10) with ESMTP id m11KNLMR018240 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 1 Feb 2008 15:23:21 -0500 (EST) Mime-Version: 1.0 Message-Id: In-Reply-To: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> References: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> Date: Fri, 1 Feb 2008 15:23:15 -0500 To: Neil Neely , sage-members@sage.org From: Todd Olson Subject: Re: [SAGE] Best Practices for Anti-Virus on Exchange Content-Type: text/plain; charset="us-ascii" X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=4% Sender: owner-sage-members@usenix.org Precedence: bulk Hi >What are the best practices folks out there use for Anti-Virus for their MS Exchange servers? > >All inbound email would go through an external spam and virus filter. >All email submitted on the mail server destined for someone else on the mail server would first have to loop through the external spam and virus filter to ensure that all mail no matter who it was from/to would go through the virus filtering process. > Exchange 2007 seems to process mail the way you describe here. external filtering via the 'hub' role internal filtering via the 'transport' role It is still not clear to me if they operate as advertised, and vendors are still working to make their products work with Exch2007 We have a sendmail/puremessage system in front of it all to handle incoming mail Regards, Todd Olson Cornell University From sage-members-owner@usenix.org Fri Feb 1 13:47:38 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11LlPWh006601 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 13:47:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11LlO5W006599 for sage-members-0utGoign; Fri, 1 Feb 2008 13:47:24 -0800 (PST) Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11LkuPY006578 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 13:46:56 -0800 (PST) Received: (from jrl@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11Lktrc006577 for sage-members@usenix.org; Fri, 1 Feb 2008 13:46:56 -0800 (PST) Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11KOAX0003557 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 1 Feb 2008 12:24:15 -0800 (PST) Received: from bcs-mail6.internal.cacheflow.com ([10.2.2.69]) by whisker.bluecoat.com (8.13.8/8.13.8) with ESMTP id m11KHoDi016635; Fri, 1 Feb 2008 12:17:51 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/related; boundary="----_=_NextPart_001_01C8650F.81C82342"; type="multipart/alternative" Subject: RE: [SAGE] Career path input Date: Fri, 1 Feb 2008 12:17:08 -0800 Message-ID: In-Reply-To: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] Career path input Thread-Index: Achk6YCW6bB1MxAnQN28MxOqTHB0qwAJMyqQ From: "Belchak, Ben" To: "Simon, Wesley" , X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=48% Sender: owner-sage-members@usenix.org Precedence: bulk This is a multi-part message in MIME format. ------_=_NextPart_001_01C8650F.81C82342 Content-Type: multipart/alternative; boundary="----_=_NextPart_002_01C8650F.81C82342" ------_=_NextPart_002_01C8650F.81C82342 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Wesley, =20 As a sysadmin who turned software engineer, back to sysadmin, I can speak directly to this question. I've done both in my life. I started out as a sysadmin and kind of cut my teeth on software engineering on the side. I went full-bore into software engineering, and I really enjoyed it, but it was missing something. I missed the hands-on, immediate gratification and variety that you get as a sysadmin. I did, however, gain a much better understanding of some of the WHYs of what we do as sysadmins instead of just the hows and whats. Being a software engineer gave me a much broader range of experience, and actually makes me a better sysadmin and architect. I have since gone back into systems administration and systems architecture and I haven't regretted it once. =20 My advice to you is to do what makes you feel good, and do the job at which you are best. For me, being a systems administrator and architect is a better fit, but I am glad for the experience that I had as a software engineer. I don't think that becoming a software engineer will hurt your career, but you really need to think about what YOU want to be doing in the long run. Where do you see yourself in 5 years? Are you still doing systems administrator or have you moved into more of an architect or managerial role? If so, a broader range of experience is probably better. =20 Thanks, =20 Ben =20 ________________________________ From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Simon, Wesley Sent: Friday, February 01, 2008 8:46 AM To: sage-members@sage.org Subject: [SAGE] Career path input =20 =20 Hi Everyone, =20 I'm looking for some intelligent feedback. I have been a (mostly) Unix system administrator for 8 years. My role has expanded into areas outside of system administration. I am involved in all aspects of (floating) software licenses, purchasing equipment, application installation, and anything else that comes my way. The actual time I spend doing system administration seems negligible compared to the time I spend on other tasks and in meetings. =20 =20 An opportunity to become a software test engineer has presented itself. I'm concerned that this move could severely impair future career possibilities. Part of me believes I should focus on improving my system administration skills and then find other opportunities. =20 =20 Does anyone have any opinions or suggestions? =20 Thanks, =20 Wesley Simon System Administrator LSI Corporation Engenio Storage Group 3718 North Rock Road Wichita, Kansas 67226 P: 316.636.8078 F: 316.636.8487 =20 =20 =20 ------_=_NextPart_002_01C8650F.81C82342 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi = Wesley,

 

As a sysadmin who turned software engineer, back to sysadmin, I can speak directly to this question.  = I’ve done both in my life.  I started out as a sysadmin and kind of cut = my teeth on software engineering on the side.  I went full-bore into = software engineering, and I really enjoyed it, but it was missing = something.  I missed the hands-on, immediate gratification and variety that you get as = a sysadmin.  I did, however, gain a much better understanding of some = of the WHYs of what we do as sysadmins instead of just the hows and = whats.  Being a software engineer gave me a much broader range of experience, and = actually makes me a better sysadmin and architect.  I have since gone back = into systems administration and systems architecture and I haven’t = regretted it once.

 

My advice to you is to do what = makes you feel good, and do the job at which you are best.  For me, being a = systems administrator and architect is a better fit, but I am glad for the = experience that I had as a software engineer.  I don’t think that = becoming a software engineer will hurt your career, but you really need to think = about what YOU want to be doing in the long run.  Where do you see = yourself in 5 years?  Are you still doing systems administrator or have you moved = into more of an architect or managerial role?  If so, a broader range of experience is probably better.

 

Thanks,

=

 

Ben

 

From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] = On Behalf Of Simon, Wesley
Sent: Friday, February = 01, 2008 8:46 AM
To: = sage-members@sage.org
Subject: [SAGE] Career = path input

 

 

Hi Everyone,

 

I’m looking for some intelligent = feedback.  I have been a (mostly) Unix system administrator for 8 years.  My = role has expanded into areas outside of system administration.  I am = involved in all aspects of (floating) software licenses, purchasing equipment, = application installation, and anything else that comes my way.  The actual time = I spend doing system administration seems negligible compared to the time = I spend on other tasks and in meetings. 

 

An opportunity to become a software test engineer has presented itself.  I’m concerned that this move could = severely impair future career possibilities.  Part of me believes I should = focus on improving my system administration skills and then find other opportunities. 

 

Does anyone have any opinions or = suggestions?

 

Thanks,

 

Wesley Simon

System Administrator

LSI Corporation

Engenio Storage Group

3718 = North Rock Road

Wichita, Kansas 67226

P: 316.636.8078

F: 316.636.8487

 

 

------_=_NextPart_002_01C8650F.81C82342-- ------_=_NextPart_001_01C8650F.81C82342 Content-Type: image/jpeg; name="image001.jpg" Content-Transfer-Encoding: base64 Content-ID: Content-Description: image001.jpg Content-Location: image001.jpg /9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAAZAAA/+4ADkFkb2JlAGTAAAAAAf/b AIQAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQICAgICAgICAgIC AwMDAwMDAwMDAwEBAQEBAQECAQECAgIBAgIDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMD AwMDAwMDAwMDAwMDAwMDAwMD/8AAEQgALQCRAwERAAIRAQMRAf/EALEAAAICAwEBAQAAAAAAAAAA AAAICQoFBgcCAQMBAAEDBQEAAAAAAAAAAAAAAAACBQcBAwQGCAkQAAAGAQQBAwEEBgkFAAAAAAEC AwQFBgcAERIIEyEUCTFBIhUWUWGzFxk5cSPUVZVWltZ3JCa3GHgRAAIBAgUBBAYHBAgHAAAAAAEC AxEEACESBQYHMVEiE0FhgbEUCHGRocEyIxXw0VI0YnKSsjNDgxZCosLiwyQX/9oADAMBAAIRAxEA PwC/r5UuXHyE5b7ceZeW/wBNtt999UqMUqMe9VxXBowYNGDBowY1CTyFQYVyZlM3ioRLwvqZpJ2W FYOShuJdzIOnqSofeAQ+n1DSPMjrp1LqHoqMUBBNBmRjIw1qrFjKY9escDPFJuBjQ0xHyhSiXbly Fi4XANtw33/ToWSNzRWBI7jgDKTQEVGM9peK4NGDHgFUhHiChBN9OIHKI7h9Q2Ad/TVKjFKjHvVc VwaMGDRgwiPyN2G6VfrDPy1KsEnW3AWWtMZ17EOFGb5xXZNyvHuo8j1ASOWiTp+5bAoZIxDHTAyY iJDmAeefmg3Pfdp6TXN5sNzLayfFQJK0ZKu0MjFGQMPEoZ2TUVIJFVJ0sQY86oXN/acTkmsJXibz Yw5U0JRiVIqMxUla0pUZdhOFF6IQuRcd9qLjitazzqtOaYdrV2moF8+dPoxaXsUBQZZq6RQeKLg0 fN31ncEFVLgc5SGIbcuwBC3y8WHJ+M9X77iD3dwdjTY4LqWF3Z4zJNDZyKwDE6XDzuNS0JAKmoyG l9PIN02zl8+ztLIbFbFJWQklSzpCwIBrQgyEVFDkQcTUa7vxO+DRgwaMGDRgxUYkJGR/ikOm34g/ 9v8A+750/B7xz4fF++jj4vH5eHi4+nHbjx9NttMConxerSNXmnOgr+M4yI0TyNWldXizoK9p9OLc +n/GPg0YMH09R9ADRgxVT7T90uxXazOU1hvCc/ZmFBkbU4o9EpFLd/gj67FaulWP4tYpVBw1cvUp tRE7kUV3CbBq04+QgCRRUzBLO9waknyych6KHsqPSTl21oezF1I4xEJps6itD2AHsFPSTl21zyGM 9BfDN2rmGZH01ZcR1t44DyqR0nZ7DJSCShwA5iul4aqyUeZXkYQMKbhUu4b7jq4LK5IyVR6iae4M Ptwr4mg8KGnrIHurjTLf8WPdjE4mstRj4a3Lxf8A1KT7FlzWRsDfx7G8rFnLIVaaXcFENwI1KqqI h90BHSXtZ1zZKgd1D9nb9QxUzxuKSqaesBh+/wCzDifHRmLv/LZocYlyC1s1hoNVatTZGUzRGzDG fojE5XARv4VPvmiNgez8wdESNWjsXaLhJM6n9UmQ6xblrJceaI0JIB8QNTQe3MHuHp7qVIsyiIUM J8RPZWop6a/w+ofZSpE/unnCcVBum0nJK/IPjRBWRfqIjmG1FMko8cHTMUErNsUxDKCUwen261i2 RB5TADVWPOgr2rhTIgskYKurTFnQV7U9OLfOtnwnEcHyh5Fy/jjrm1f4mStzZKWukZFZEsNI9yhY q7QBi5h7KOGcw1ZvlKyV+9aN2xpIU9kAU4bgKgamPobtGwbzzgW+/wDw7BLWR4EnAMclwCgRSpZR JQFnEdfFp9WOP/nc5bz7h/Rn43gY3BPO3KGK+nsiVuLewMczzOkqo5t9bpHEbilI9dCfEMIT0wyd nzC8c1vlAsU72z6mTzwFbxAQxl5vNmEJeQA7l4tL0ZZ27nG8mwOU6jpJgq/ipRuUzlE6R1Cn1LvU vY+Jcmmbad3hi4/1BiWkEj0SyvUXIBJwAhVsgpkEcsTURgwBGOUPlw5t1W6cWcfKuKXl1z7oJdyV vYIdU287NLJVnMtkXedZENWlWBp7W5jBmjZGYNiWHO7audnurlta4zlWV1iri1glIV7CGM68jmKt cK/coHbgUjtlJR4sVCOWyxE3LZQhiKkIcpihwF124JvG7cG3Xhl3bSpu7iGkZXxVSeKQMtKhgVUs rKSrLmpINcelV3uuxdSuBPuPErqK/wBqu1UxyRHUCUkUspGTJIhUrJG6rJGwKuqsCBsVTxb+XuzO TMkJR4tomcxHjGvsX3jEqB3sXLW1vLMyLCHATtIyHixOXfcpTkEfQQ007PxH9M6rbtylY9FlcbLY Qo9KAtHJcCRa9lVjit6j0ArXD7ZbObfll1uaIRFLZW6KadrK0gYD1hVj+sYXnsPnPLOR0JSh9XDN Yytx6Tv95HZGZfJQWPKozabhIMKzbnhRZSDxmQpvevWAOztQ+4iHl5KI87daurXUbnENxxD5fzHb 7FCr/qfJp5Bb7baIn+JHa3jjy5HQV8+e3ExiHhiHmani7h6TdNOCcQlh5R1rDzbxKy/p/H4UM9/d O3+G9xaodcauaeTDOYhJ+KQ6NKSLR8fd3vKOb7Djep3K85Pw80rkz+P26dbyCtVb3Foq2UaTdZTf e4cQbCSUA6CCDhwVxIon9wqikYoJpQV8mPLOWQ9Wbzg/Htz3bkHTGKym+JvLhZDaLeIVKz2vmamt 45TWONJJBJcIfPkijYBI5i+a3jXGpemlry/fNv2zZOoMl3F5FrC0YuTasGDRXOjSs7xiju6IY4HH lJI6ku8gjG59gWNqg4F5XW1ih52fUj1rIWpyMIhW2ENkyXj5N5LASXdoe2ncYQZ3LBXcACUdt9wO iqUmvUvVKGpSoJ7vX+7HnPRaVw1er2EYqFyH8051/wDcR/8AzTpiX+a/1W/vnGVH/L+xvecW9NPu MXBowY+GKBimKYNymASmAfoICGwgP9IaO3BioH2I6pdiunOa5C6U+Dt/5Zr9rXs+N8sVaLXkY5qy B2d7Gfiq7NJ83h5Rgkp7dy2fFImuJDiUqiBwE2vPE8B0vUBaUPoNOwg9gOVaVqD7Cb8bxvEIpaAg AZ5A07CD7K0rUH2E9QrvzD9voNJFvLfuwtpkfuquJ6luGbxcSl4j5vyzOV9qU3L1HiiX1/V6avLe XAz1ah6wPuAwr4YHNWans/cMdgr/AM3WY2yiH5owzjWZQLwBwWClLPXV1QDfyCmq+d2ZJExvTbdM 4B+v7Lgvpx26D7CP+o+7CTbN/EP7P/d+3rxIh1a+UrC/Yq1McfT8HJYkvsyqk1rrGdk2kzXrK+UE wJRMZZG7WNFGYWP6It3TVAFzGAiSiipgIOTFfI7aZBpJNAa1HqByFK+jKnorUjFp0ePNqae8ff2U +0evsxJ7rOwnFPjpn/MMxn/zHa/2Vm1rVt2Rf6fvXFx/5BP6sXvTFwfWy4t48nIRQhk1ClOQ5TEO Q5QMQ5DAIGKYogIGKYB2EB9BDVQSDUZEYoyq6lWAKkUIPYR3HCcPunFNqWSxzZ17ehhXJDlX/umL h2x18XZKjVXBnD+Iu1GQXaNkVHRjmOi/jTtHDRyIOOKxgEppHi6kbluGyf7Y5ev6nsqj8pnNLq2Y CivDOQSadhSQOrr4KqMxztdfLtxzYOaf/Sukkn+2uYu3/sxRKW2zcYy2p4ryyVkUFiSUnt2ikik/ N0yMCC18PCRkWZ89aw0PEyk6ulJWJSIbIpBJzHtkm6rx46Tas1pNwVNIqQOFiAsdIhQHYAAoaBcX U84WKSWSSCIFYw5J0pUkACpCiprpU0BJ+nE8bftllYmW5gtre3vrphJcGJQPMl0hS7sFQyNQBRI6 hyqqDSgAyD1kzkmbqPkGyD1i+brNHjN0kRds6auEzJLt3CKgGTWRWSMJTFMAlMURAfTTfdWttfW0 lleRpLaSoUdHAZXRhRlZTUMrAkEHIg0OHi2ubizuEu7V2juY3DI6khlZTVWUjMEHMEZg5jC65O69 N8zvouBvc64Y4arotDsMU046sEwtDtoBBbuLrLNQbu1YmO4gVpFsQbopGL5TrKG4FShLn3RaDqjd 2+z8vvHi6YWOgx7TZE28d06U0tfTJpcwx0pDawCNEI8xpXbQscucL6sS9O7afdOMWqS9QrvUH3O7 Ame2Vq6ls4m1KJZK1luZjIzA+WsaLqL90q9UrNJg2NaqEDFVuAjEiosYiGZIMGLchSlKJioNyEKZ VTjudQ26ihvvGERER1LfH+O7DxTaYdi41Z29js8ChY4YI1jjUAU/CoAJNKsxqzHNiSa4jLe993nk m5S7zv8AdT3m6TNV5ZnZ3Y/SxNAPQooqjIADLGwaecNWDRgxUIlVUkflKerLqpIIpd31VFVl1CIo pJkzRyOoqqoYqaSZChuJjCAAHqOmJSBc1PZ5rf3zjKTK3z7m95xbX/NtV/zNX/8AGY7+06evNj/i X6xjE1L3jB+bar/mav8A+Mx39p0ebH/Ev1jBqXvGMmnJRyrI0mk/ZKRxEllzyCbpA7IiLfn51jOy qCgVJDxm5mE2xeI77bDqupdOqo09/owVFK+jCD0T5NupV3vtqx+4v6FSXgpx5DwtntYJR1IurVoY iJpWCtHlUjWzRZzzKkD8zTzplKokJwPsGIl9CzEMCorkT2Eevur25+imdchXS9AxU6T+2Y7R35+3 PLDano2Fsis0plSnYvvbB4BVkZU9fqlnZugHcxVUnxmj5FcB5iIGAw/X9erwitZfGFjYd9AftwgL G3iAU/V6Mcmu3Ubp2+jZCVuWC8LRMY2bquJKaGsV+opM2xBMqs5czMYnDmZpp+omUFUnEPtANIe2 tQup1VVHprp9xGFV0itSB6iR7jipf2Gi8bVrsfeYzrbKupSgRdxZBjmRi3rqRU92VKOWFKAlBOq8 kmjCyGWRj3PNRRdFNM4HOIgczK4TxDMx59vdn931jPGZGS0H51aUNa5eHPt9n2Z4uw14ZI0BBjNA ATAw8aMsABsASQskRfAAbBsAOuethj1eWuv8ekV+mmeMJa6Rq/FTFRDpn/MMxn/zHa/2Vm1rtt2R f6fvXF5/5BP6sXvTFwfWy4t45Zl/M+O8FVE91yTOBCwwuyRzIiTZw+kJaVVbuHKEXFsWxDquXiyD RQ3rxTIUgmOcpQEQj7qX1R4V0j42eU85u/hds8wRRgK0kk0pVmWKKNQSzsqMc6KoBZ2VQTjd+AdO +W9Td+HHOH23xO4aDI5LKkcUQZVaSR2ICoCyjKrEkBVYkDCPxPZy3ZeITIltl2vWTq40dKmYTU6/ I1ylmQWo7hGVlVPk5iYg5yB7lSISXem9UGzk5xOohyft3XvknUpBzXklzHwL5f45CY57iQJu29aP 8q1Iq0MJIHmtZpJOc4oJ2Yu8XSl90Y2HgLHiew278z61ugDwwoW23adX+ZcA0WWUA/lrdMkIykmh VQqyPPTr+xl6ga1voGbotSb+3ShF7uX8Kl30OUqDVrLvohyqtJQjd4ucCt035iPVCcTqpJCcC665 4py233jjv69NZXm1bAulbc3w8qeSEBVWZ4WLSwK7ZRrcFZ2WjyRxlgMcscz2mDi+4va3e4WV5fLV rlrZtcEUrMaxLMAscrLUa2hBhDEojuATjcH80RIZiPiStpeyxcMlMEr3v0mThwm9GSRiCrOFSKkZ ISj2JXRIscokAyRhH0KOt1trixm3D9OkmVJlWN5ABqZI5GdVkKjMgmOSneUIGNOvLqWKCYWKLPuM cJdYdYQuSG0KXIIQOylQxBAzJyGI4sg52ur+wyli602dRrmirFUNlHpZm1M8PPXJo2SSWUk6A2eP hctLGhHl5tnVeePIGYRMU+yi4F806bRxXbIrNLPm0AbjU/8AK7zZeOOEkkabgqtDGWyZbhEnhNRk tdPGvLOqPJbrd5936MXpj6kWIP6nw/eQYp7tVAJksVd9SXCxisclhNLY3aFWo8gHmdZ6td88R9nZ BxSWrScx5mOGbPT2TFtvZrISjNeIW9rNBFSQIJNJRKMdAJFU1CtXyWwio2IACIa/zvpPyHg8K7pI 0V5xyRl8u6hIKkOKprWpKlhmCNSH/hc1xvvQ35p+n/Wy7fjUEd1tHUS2RzcbZdoVlRojpm8qTSFl EbZMrCKdcy8KgHDwai7HTWDRgxW6z78UnaDJmcsw5Frr7FicBesm3i2whJG2S7aQLE2GySMrHlfN 0qs4TQdg0dE8hCqHKU+4AYwBuLS9lMzsfDQsx7e8k93rxkRyqkYVu3P7STjkf8Gztz/eOIP9ZzX+ 0dJ+Am/o/t7ML86Pu+zB/Bs7c/3jiD/Wc1/tHR8BN/R/b2YPOj7vsxPD1H6+S2J+p1SwBlxjXJx2 1jbxDW2NjXK0tXZSKtlpskkoyFZyzj1XKDuImSkWKKRNjGMUNwDkLhFABb+RKAQQQfbjGk0uTT8J xG5nX4VoiWlZSd6+5Ib1Zo6FRwzoN8aP5GMYrG2MLVhcWCjqWSjwNuCZHLF2sQNgMsf66w5LBwax MCPXkfrFa/UPWT24Ws8i5NRvX2H7wfqHr78JIf4yvkAx67VJTYUqxVTiQ7+h5XhYZFcCiGxzlkJu svhIbiG3NIB/SAaxWs5q5x1J9PhP31phTSwSf4iEn1hT95yx+gfGz8huQnCbK5xTsjTyk3eXvL0L MsUBOIiKwoMrDZHpgIJQEfGgY2+2wDoFnMDQR9np8P764BJbxn8tKEdyqPvGJJ+nvxNQWFLnCZSz TaorIdurizaTrNVg2LpKnwM+3P5W809eyYJP7I9jVSlUaFM2aIoLlBQxVTFIJMyGxIYNNSgPYM/r OWXqp9JIyxbkleUaSNKd1a1+k5ZeofXTIzJ6csIxAD14+M/sbi/thTc1WV5jc9PgcgzdnfJRlnlH cwMbIkmSoFQZK1tqgo5AX5ORRWKAevr6aZ4bGeMJXT4dFc/4SK+j1YWzA2qwj8YCD+yVr7jif7Tx hGFm7V9eEOyGN2tTTlWkLP1+xR9trMhJMjyMOaUj0HjM8fNsUzpqOImSZP1U1eIiYhuJ+JwKKZ4H +YforD1y4NHxxLiO13izvY7y1klQyw+bGroY54wQWhlSRlalSp0tpYKUaZeh3VmXpBzB99eCS52u 6tHtbhI3EcvluyOJIXIIWWN0VlrkRVaqSGVb+unRicrl1b5b7IWxlky/QahG9Lg2arh3T6o2jx8M W9at3bKNbgdkgmT2DFuzbMY0AASEMoCYowd0S+Undtj5SnUjrjuMW/cxtGC2MCFnsrRY/DE6K6RL VFA+HgjhigtQAUVnCGKX+rnzM7bu/HH4H0gsJNm4tcgtdzOFW7uWfORGZXkajsT58zyyTXGYZlUs JOxd+bYtTuq+R5JooKT9ytUoxgcpuJvcO7hBGU2H6js0RVEdvsDU8/MbvL7H0g3S6hNLl2t40P8A Sa5ir/yhscB9Rr1rHiF1KhpITGq/SZE+4HGp4ly0hcu6mWoFssBmimAsSSbRMFeROKHGzbkKA7cv Fk8u+32Bpm4ZzOPfOvG9bdE35B45t0iiuVB+fl7L8Yw9m3lb7nl7bofAdtt2Hs/M/wDPjZe4fS+j dsayxUcPVaVlWpEMtj/JkWkcZGHWKr7osXKpoLNV5KBWdBzAgKEXaLD5UDlEVCK9p9Oepe69P75g ii62C4NLi2Y+FxSmpKghZAMq0KuPC4IoVjX5hvlw4x162WJ5ZW23ndgCbDcYgfMhNdXlShSrSQFv FQMHif8AMiZSXV156Y9Eso4lys6z92IyBXLvk5KrO6hD/llF25Wct3Ytmy1kudofx0M+s1j/AAlo DUiqzdRcySgmXcLHKThuHUrqrsXINgXiXDrOa12MziZ/NIABFSI4YlZ1ij1nUQGC1FFRQTWI/lx+ VznHAedydVuru7We581Wxe0h+GDMWV9Km4vLl44Xubjyk8pWaNnKMTLNIwXTKpqBcd1YNGDBowYN GDBowYNGDBowYNGDBowYNGDBowYNGDBowYNGDBowYj1+ThOKV6wPQlnk8yTLdqydmaDjGEmkvIFQ lvatZxN9LRBmsKsbcDLoGWWScAiIIqFE4BzT82C2b9JZPjJLiNRfwFfKjSQF6SaVlDyR6YjnV1LM r6PAwriNOrAhPEm85pFHxEdNChqtRqB6stFPeKkNp8JFcJP8e6T8e2c6rcHtgLdi4diiJMGsYzPC LVo1coYxjmalnUunItlUogsaCKCTJUFFT7mVIUmykC/LUlz/APZbh97kuRv42OMBFjUxGDyLTQ0s jSB1Ij8jSqxMGY5uoWjaF00En+8pDetL8f8AArkFGkpoh0lmLahRdFAFNSe0AZzxa9EMdEYNGDBo wYNGDH//2Q== ------_=_NextPart_001_01C8650F.81C82342-- From sage-members-owner@usenix.org Fri Feb 1 14:36:58 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11MaNMU008689 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 14:36:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m11MaNwX008687 for sage-members-0utGoign; Fri, 1 Feb 2008 14:36:23 -0800 (PST) Received: from hs-out-2122.google.com (hs-out-0708.google.com [64.233.178.247]) by usenix.org (8.13.6/8.13.6) with ESMTP id m11MZhWQ008669 for ; Fri, 1 Feb 2008 14:36:08 -0800 (PST) Received: by hs-out-2122.google.com with SMTP id l65so1199501hsc.7 for ; Fri, 01 Feb 2008 14:35:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; bh=M3upNus/vCqBNIUXyhkqS3NnM12i6gUuLOxdXywIRwE=; b=o6dgUvAX6BUmmyVb84LA2qSZd8XN3kJtrEGcZB55ld+/0UbgbrrObQsioLAlWCKkmLRPGN/EtzPT1XzGY8PbvaM2JiTfVUd2V/8SKSAaaV/TmEdQ1Nvgp2fOqO0uX5mC/wc3hUfxnxukQgDcxNTp0LF64aOeSt6e44Upf/DbxUI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:in-reply-to:references:x-mailer:mime-version:content-type:content-transfer-encoding; b=o3+qFS54sa7kb4op081u7pJ6n28GTEEXdGNvHzeHbXRAMyZ7GvhdrEcruDg/P1h5zTa2+s1SN0TpRJDsqbruH2PaWbZO8q9oxiDeBfjJE7WgOjPV6f5UJZV1XUC1FD2mU+t2BG+cbr3nytkSOPyK8e7wxVl4QJaSeSU5bZZ8QSI= Received: by 10.140.199.19 with SMTP id w19mr2889050rvf.104.1201905336227; Fri, 01 Feb 2008 14:35:36 -0800 (PST) Received: from mango.nsd.org ( [152.157.64.243]) by mx.google.com with ESMTPS id b21sm716785rvf.34.2008.02.01.14.35.34 (version=SSLv3 cipher=OTHER); Fri, 01 Feb 2008 14:35:35 -0800 (PST) Date: Fri, 1 Feb 2008 14:35:42 -0800 From: Ski Kacoroski To: "Simon, Wesley" Cc: Subject: Re: [SAGE] Career path input Message-ID: <20080201143542.07333b14@mango.nsd.org> In-Reply-To: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> References: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> X-Mailer: Claws Mail 3.2.0 (GTK+ 2.8.20; i486-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; Body=1 Fuz1=1 Fuz2=1 rep=10% Sender: owner-sage-members@usenix.org Precedence: bulk Hi, I am a firm believer that variety makes a better system admin. I have done lab analysis, custom sensor development, System Admin, Software Development, Project management, and spent 10 years in management of Tech Support, IT, and QA. The broader your background the better off you are in understanding your customers and figuring out the hard problems. That said, I also believe that the people who you work with are also very, very important. If you feel at all uncertain about the people in the new position, stay home. Good luck on your decision. cheers, ski -- "When we try to pick out anything by itself, we find it connected to the entire universe" John Muir Chris "Ski" Kacoroski, kacoroski@gmail.com, 206-501-9803 or ski98033 on most IM services and gizmo From sage-members-owner@usenix.org Fri Feb 1 16:29:52 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m120TRU8015952 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 16:29:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m120TRCA015951 for sage-members-0utGoign; Fri, 1 Feb 2008 16:29:27 -0800 (PST) Received: from toq8-srv.bellnexxia.net (bc.sympatico.ca [209.226.175.204]) by usenix.org (8.13.6/8.13.6) with ESMTP id m120SkTm015928 for ; Fri, 1 Feb 2008 16:29:12 -0800 (PST) Received: from toip4.srvr.bell.ca ([209.226.175.87]) by tomts40-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080202001325.OHDV1617.tomts40-srv.bellnexxia.net@toip4.srvr.bell.ca> for ; Fri, 1 Feb 2008 19:13:25 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAONDo0dMQR+t/2dsb2JhbAAIrmE Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip4.srvr.bell.ca with ESMTP; 01 Feb 2008 19:15:11 -0500 In-Reply-To: <38F62EBE-052B-4D42-AC8B-761202E3BE59@frii.com> References: <20080103151022.GB2316@watson-wilson.ca> <20080104225434.GA3516@watson-wilson.ca> <20080131182306.GA29760@watson-wilson.ca> <38F62EBE-052B-4D42-AC8B-761202E3BE59@frii.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Cc: SAGE mailing list Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] zenoss versus nagios Date: Fri, 1 Feb 2008 19:13:23 -0500 To: Ray Frush X-Mailer: Apple Mail (2.753) X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: 1049; bulk rep Body=many Fuz1=many Fuz2=many rep=56% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 31, 2008, at 17:47, Ray Frush wrote: > I particularly like the conclusion warning about "monitoring > everything". We recently re-worked our OpenNMS installation to > limit what it monitors significantly. We found, over time, that > when the pager goes off at 3am, it should be only for a pretty > short list of things. An Network Monitoring System can quickly > overwhelm the SysAdmin with email. I would think that a good monitoring tool would be able build a dependency graph and only send an alert for what it believes is the root cause. From sage-members-owner@usenix.org Fri Feb 1 17:45:18 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m121jDhY026046 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 17:45:13 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m121jDSu026045 for sage-members-0utGoign; Fri, 1 Feb 2008 17:45:13 -0800 (PST) Received: from toq5-srv.bellnexxia.net (toq5.bellnexxia.net [209.226.175.27]) by usenix.org (8.13.6/8.13.6) with ESMTP id m121iVI4026025 for ; Fri, 1 Feb 2008 17:44:58 -0800 (PST) Received: from toip4.srvr.bell.ca ([209.226.175.87]) by tomts13-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080202002007.VQMC22392.tomts13-srv.bellnexxia.net@toip4.srvr.bell.ca> for ; Fri, 1 Feb 2008 19:20:07 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAHhGo0dMQR+t/2dsb2JhbAAIrl8 Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip4.srvr.bell.ca with ESMTP; 01 Feb 2008 19:21:53 -0500 In-Reply-To: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> References: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <2C858288-1F78-45F2-922D-80DCEA303B25@ee.ryerson.ca> Cc: SAGE mailing list Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Best Practices for Anti-Virus on Exchange Date: Fri, 1 Feb 2008 19:20:06 -0500 To: Neil Neely X-Mailer: Apple Mail (2.753) X-DCC-dcc-servers-Metrics: ; whitelist X-DCC-dcc-servers-Metrics: 1049; bulk rep Body=many Fuz1=many Fuz2=many rep=56% Sender: owner-sage-members@usenix.org Precedence: bulk On Feb 1, 2008, at 13:16, Neil Neely wrote: > What are the best practices folks out there use for Anti-Virus for > their MS Exchange servers? Set up a/some Unix system/s in front of the Exchange machine and let them do job. You can go with either a commercial solution or any old system running ClamAV and various anti-spam mechanisms. Plenty of HOWTOs on line on setting things up with you POSIX system of choice. While you're at it, perhaps send up a regex or something to automatically reject all pif/scf/com files. (Many places were also blocking zip files for a time, telling their users to simply rename the file to have an extension of "zap".) From sage-members-owner@usenix.org Fri Feb 1 18:44:24 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m122hpGR028064 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 18:44:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m122hp1a028063 for sage-members-0utGoign; Fri, 1 Feb 2008 18:43:51 -0800 (PST) Received: from QMTA01.emeryville.ca.mail.comcast.net (qmta01.emeryville.ca.mail.comcast.net [76.96.30.16]) by usenix.org (8.13.6/8.13.6) with ESMTP id m122hAEs028045 for ; Fri, 1 Feb 2008 18:43:35 -0800 (PST) Received: from OMTA02.emeryville.ca.mail.comcast.net ([76.96.30.19]) by QMTA01.emeryville.ca.mail.comcast.net with comcast id kDvp1Y0080QkzPwA10rN00; Sat, 02 Feb 2008 02:43:00 +0000 Received: from taz.paulntooz.homelinux.org ([76.24.131.239]) by OMTA02.emeryville.ca.mail.comcast.net with comcast id kSj21Y0055A3TEL8N00000; Sat, 02 Feb 2008 02:43:03 +0000 X-Authority-Analysis: v=1.0 c=1 a=vkgBcNoo968mfJC0OEgA:9 a=cU3R-ZhaQgUB8H7VGU4A:7 a=BBKyOsRI5uXuJLXh-XNlz2zoF5oA:4 a=g3Y4LtA3PwEA:10 a=shE9WCRXG_MA:10 Received: from taz.comcast.net (localhost [127.0.0.1]) by taz.paulntooz.homelinux.org (Postfix) with ESMTP id 24D791AB37; Fri, 1 Feb 2008 21:43:02 -0500 (EST) To: "Simon\, Wesley" Cc: Subject: Re: [SAGE] Career path input References: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> From: Paul Lussier Date: Fri, 01 Feb 2008 21:43:01 -0500 In-Reply-To: <28ACDEA4DA7C4D4CB61B9321B3255AC101DE3A78@NAMAIL1.ad.lsil.com> (Wesley Simon's message of "Fri\, 1 Feb 2008 08\:45\:42 -0700") Message-ID: <87bq70rscq.fsf@comcast.net> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/23.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: ; whitelist Sender: owner-sage-members@usenix.org Precedence: bulk "Simon, Wesley" writes: > I'm looking for some intelligent feedback. And yet, you came here ? ;) > Does anyone have any opinions or suggestions? Ahh, right, so you *did* come to the right place ;) > I have been a (mostly) Unix system administrator for 8 years. [...] > The actual time I spend doing system administration seems negligible > compared to the time I spend on other tasks and in meetings. > > An opportunity to become a software test engineer has presented itself. > I'm concerned that this move could severely impair future career > possibilities. Part of me believes I should focus on improving my > system administration skills and then find other opportunities. Others have already answered this in a similar way. But I figure I'll add my .02 sheckles. In short, do what you think will be most interesting, gratifying, and intellectually rewarding. If you have a genuine interest in becoming a software test engineer, or you just want to broaden your skills and learn something different, then go do that. Though, if you truly enjoy what you're doing now, and you still feel like your learning something new each day, then stay where you are. If you go towards being a test engineer, however, you might in fact find that your sysadmin skills provide you a perspective unavailable to others in the group. You'll be rewarded both by learning new skills from them and being able to teach them some neat tricks as well. It could be a very mutually rewarding change for everyone. As someone who has been trying to make the switch from pure sysadmin to developer for sometime now, I can say that it's not easy. In my case, there has been no clean break, which I think is essential. In my situation it been a case of "Can you keep covering this stuff until we get someone else to take it over from you?" That's been ongoing for about 2+ years now. I was actually able to be sysadmin-duty free for about 6 months during that time, until the guy I passed everything off to left and I got it all back in much worse shape than I left it... I don't know anything about you or your interests. If it were me, I'd jump at the chance because it sounds like a fun chance to learn something new and gain a fresh and different perspective on the world of geekery. But I recommend it be a very quick and clean break. Anything else is just asking for trouble. I hope that helps. -- Seeya, Paul From sage-members-owner@usenix.org Fri Feb 1 20:02:42 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m1242AeG000443 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 20:02:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m1242AwH000441 for sage-members-0utGoign; Fri, 1 Feb 2008 20:02:10 -0800 (PST) Received: from toq5-srv.bellnexxia.net (toq5.bellnexxia.net [209.226.175.27]) by usenix.org (8.13.6/8.13.6) with ESMTP id m1241Ubd000422 for ; Fri, 1 Feb 2008 20:01:56 -0800 (PST) Received: from toip3.srvr.bell.ca ([209.226.175.86]) by tomts22-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20080202031309.TCCA18413.tomts22-srv.bellnexxia.net@toip3.srvr.bell.ca> for ; Fri, 1 Feb 2008 22:13:09 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAAAE5uo0dMQR+t/2dsb2JhbAAIrm0 Received: from bas1-toronto09-1279336365.dsl.bell.ca (HELO [192.168.1.133]) ([76.65.31.173]) by toip3.srvr.bell.ca with ESMTP; 01 Feb 2008 22:09:28 -0500 In-Reply-To: References: <47A0F0C9.4050807@puryear-it.com> <47A0F6EA.1040606@smxy.org> <20080131012129.GA18299@bzz.taranis.org> <47A139DB.2020801@symas.com> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <5E48D049-5E49-42D4-9EBD-1112BECC2D48@ee.ryerson.ca> Cc: SAGE mailing list Reply-To: David Magda Content-Transfer-Encoding: 7bit From: David Magda Subject: Re: [SAGE] Programmers as.. sysadmins.. Date: Fri, 1 Feb 2008 22:13:07 -0500 To: Adam Levin X-Mailer: Apple Mail (2.753) X-DCC-Usenix-Metrics: ; whitelist X-DCC-Usenix-Metrics: 1010; bulk rep Body=many Fuz1=many Fuz2=many rep=51% Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 31, 2008, at 07:00, Adam Levin wrote: > Of course, sometimes I take it too far, and end up spending 6 hours > on something that would otherwise have taken 20 minutes because I > want to script it up. Like most computer techie people, I'll happily spend 6 hours trying figure out how to do a 3 hour job in 10 minutes. -- Rev. James Cort From sage-members-owner@usenix.org Fri Feb 1 20:49:41 2008 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.13.6/8.13.6) with ESMTP id m124mu5T002355 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Feb 2008 20:49:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.13.6/8.13.6/Submit) id m124mtRv002354 for sage-members-0utGoign; Fri, 1 Feb 2008 20:48:56 -0800 (PST) Received: from smtp303.his.com (smtp303.his.com [216.194.210.47]) by usenix.org (8.13.6/8.13.6) with ESMTP id m124m4OH002326 for ; Fri, 1 Feb 2008 20:48:29 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by smtp303.his.com (Postfix) with ESMTP id 7A01C15BB59; Fri, 1 Feb 2008 23:48:01 -0500 (EST) Received: from smtp303.his.com ([216.194.210.47]) by localhost (smtp303.his.com [216.194.210.47]) (amavisd-new, port 10024) with ESMTP id 05401-10; Fri, 1 Feb 2008 23:47:59 -0500 (EST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by smtp303.his.com (Postfix) with ESMTP id 7865515BB56; Fri, 1 Feb 2008 23:47:59 -0500 (EST) Received: from [192.168.1.199] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.13.1/8.12.3) with ESMTP id m124lwlb069871; Fri, 1 Feb 2008 23:47:58 -0500 (EST) (envelope-from brad@shub-internet.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> References: <1A6F6DDC-BB0A-498A-914E-76ACF5EE57B5@frii.com> Date: Fri, 1 Feb 2008 22:42:07 -0600 To: Neil Neely , SAGE mailing list From: Brad Knowles Subject: Re: [SAGE] Best Practices for Anti-Virus on Exchange Content-Type: text/plain; charset="us-ascii" ; format="flow