I also want to know what the new gjournal FreeBSD utility actually does, especially when used with UFS2.
From gjournal(8):
This is block level journaling, not file system level journaling, which means gjournal everything gets logged, e.g.: for file systems, it journals both data and metadata.
FreeBSD hasn't wanted journaling filesystems for years, since we've had softupdates which solve many of the same problems but with half the writes. The recent gjournal plugin to the GEOM system is a block-level journal. In other words, it handles all writes to a device, whether or not the overlying filesystem supports journaling. Journaled FAT anyone?
I have a dual-Opteron rackmount Dell with a ServerWorks HT1000 chipset, running 7.0-PRELEASE from January 15, that was having DMA-related fits. Does anyone know if they've got that problem under control yet? I had seen it discussed a lot on the mailing lists but lately haven't had the time to follow closely. Either way that server's staying on the 7-STABLE line because it's so much faster that I can live with running the drives in PIO4 (and with 4GB of RAM those drives don't get touched a lot).
In a trial I witnessed, for example, in a controversy involving RAM cache, an expert testified that storing data on a hard disk would count as storing it in RAM cache, because hard disks are random access devices.
As an observer, can you get in trouble for laughing and yelling "that's a load of crap" at appropriate times?
Windows Server, and indeed on the desktop, allows you two ways of doing things - clicky/pointy/pretty way, and CLI. I use the CLI a lot when I'm using Windows - it's fast, and as you say, has other benefits as well.
Out of curiosity, what's the "normal" way to connect into a Windows box to get a command line? I'm pretty sure they don't ship with OpenSSH by default, so is it part of RDP or the management console?
It depends. Are you telling me to do this, or my grandmother.
My mother-in-law. She's pretty smart but has next to no experience with computers. I've had to walk her through getting her system online enough for me to SSH into it to fix things (because it was on dodgy hardware, and for quite a while she'd shut it down by holding the power button until it dropped power). Especially when I'm not in front of an identically configured system, I'd infinitely rather tell her to open Konsole and type these three lines correctly than try to remember what the KDE 3.2 control center called something vital.
Is it really a net positive for science if it gives a very skewed version of what science is and how science works?
My daughter got into Discovery's shows about fishes, and now sincerely wants to become a marine biologist so she can learn more about them. Yeah, I'd say it's a net positive.
Perhaps the problem is that a lot of the problem-solving advice you can find online for distros like Ubuntu tend to use command line solutions, which is predictable if those solutions are being provided by more knowledgeable people who don't have a problem using the console to begin with.
That's because it's a lot easier to tell a quesion-asker to run
$ sudo/etc/rc.d/sshd restart
than to walk them through "open the control panel, click 'Sound Themes' then 'Color Editor', go to the 'Remote Widgets and Printing' tab, look for the 'Allow Zebras' checkbox, uncheck it, click apply, re-check it, click apply again, then close the window." Plus, users get it in their shell history so they can run it again without bookmarking the forum page and stepping through the instructions again.
Command line interfaces aren't just "lower level". They allow a different kind of expressivness which lends itself very well to certain tasks. Routine administration is very often that sweet spot.
The practice of labeling the act of infringement as "piracy" actually predates copyright itself. Even prior to the 1709 enactment of the Statute of Anne, generally recognized as the first copyright law, the Stationers' Company of London in 1557 received a Royal Charter giving the company a monopoly on publication and tasking it with enforcing the charter. Those who violated the charter were labeled pirates as early as 1603.
I've gone along with the party line of "unauthorized copying != piracy" for years, but it looks like we're in the wrong on this one.
I do! In fact, right now I'm loudly clanking away on one attached to my shiny Compiz Fusion desktop via a PS2-to-USB keyboard adapter. I fully expect to leave this to my grandkids.
So mostly these days, as I work on Linux-based Java projects, I just tell people that I worked for a number of years at a "major software company in the Northwest."
Tell them you work for a company that makes some popular keyboards and mice. At worst, they'll assume you mean Logitech and throw a flaky webcam at you.
Why switch from an Internet with a billion people on it to one that has nobody on it that can't be reached by IPv4?
DJB has an awful problem of confusing "I don't know how it can be done" with "it can't be done". For example, he doesn't seem to realize that you can run IPv4 in parallel with IPv6. In reality, you can access my homepage linked above through either protocol, or send me email from an IPv6-only server. In fact, all of my FreeBSD mailing list traffic comes in via IPv6, right now, today.
You know, I've had two "oh crap!" moments involving computer security. The first happened when I learned about SQL injection. The second occurred just now when I read your letter. Thanks for the followup!
Re:how chroot jails helps you when you got this
on
Chroot in OpenSSH
·
· Score: 1
it doesn't, unless you want not to allow users to run anything?
Since SFTP stands for Secure File Transfer Protocol, it's not really designed to allow you to execute commands.
A diropens his / and creates a unix socket in/not-so-much. B opens the socket in his/. Now, A passes his fd to his / to B. B then does fdchdir on the fd and he's out of jail. Now B can break A out.
That's pretty interesting! In practice, though, what would that get them? B would now have access to A's chroot (possibly - file permissions might be too restrictive anyway). If A trusts B that much, they could just share A's login.
Not saying this isn't serious, but I'm too tired to think of a useful attack vector at this moment. Am I missing something?
Right, just keep telling yourself he's just trying to 'spread freedom'
You're missing the point, which is that a "news" source that covers almost nothing but Bush's latest escapades is basically useless. This is a big planet and there are a lot of things happening that don't involved America in any way, shape, or form. I'd kind of like to hear about some of that stuff, you know?
It's always been that way, or at least since I was a kid watching Sesame Street in the 70s. There was always some big-person show or another brought to you by a grant from Amalgamated Industriofinance.
Are you denying the veracity of any of those headlines?
I haven't really looked into them, but I assert as fact that there are other things happening in the world than Clinton v. Obama and Bush Hates You.
if you're getting your news from the moving picture box, you're doing yourself a disservice.
I get two daily newspapers and Science News. But the question at hand was about decent TV news sources. If there was something on TV worth watching, I'd be interested in it as a supplement, not as my only source.
Anyway, would something like Kerberos fill the bill for you? I use it to navigate around our network, and it's not that hard to do once you get over the initial learning curve. If you're stucking working with Windows, you can even auth against an Active Directory domain.
From gjournal(8):
The point of asking here was that, as I mentioned in the OP, I haven't had time to read them lately. :-)
FreeBSD hasn't wanted journaling filesystems for years, since we've had softupdates which solve many of the same problems but with half the writes. The recent gjournal plugin to the GEOM system is a block-level journal. In other words, it handles all writes to a device, whether or not the overlying filesystem supports journaling. Journaled FAT anyone?
I just said journal a lot, didn't I?
I have a dual-Opteron rackmount Dell with a ServerWorks HT1000 chipset, running 7.0-PRELEASE from January 15, that was having DMA-related fits. Does anyone know if they've got that problem under control yet? I had seen it discussed a lot on the mailing lists but lately haven't had the time to follow closely. Either way that server's staying on the 7-STABLE line because it's so much faster that I can live with running the drives in PIO4 (and with 4GB of RAM those drives don't get touched a lot).
As an observer, can you get in trouble for laughing and yelling "that's a load of crap" at appropriate times?
Out of curiosity, what's the "normal" way to connect into a Windows box to get a command line? I'm pretty sure they don't ship with OpenSSH by default, so is it part of RDP or the management console?
My mother-in-law. She's pretty smart but has next to no experience with computers. I've had to walk her through getting her system online enough for me to SSH into it to fix things (because it was on dodgy hardware, and for quite a while she'd shut it down by holding the power button until it dropped power). Especially when I'm not in front of an identically configured system, I'd infinitely rather tell her to open Konsole and type these three lines correctly than try to remember what the KDE 3.2 control center called something vital.
Your big words must be a bitch.
My daughter got into Discovery's shows about fishes, and now sincerely wants to become a marine biologist so she can learn more about them. Yeah, I'd say it's a net positive.
That's because it's a lot easier to tell a quesion-asker to run
than to walk them through "open the control panel, click 'Sound Themes' then 'Color Editor', go to the 'Remote Widgets and Printing' tab, look for the 'Allow Zebras' checkbox, uncheck it, click apply, re-check it, click apply again, then close the window." Plus, users get it in their shell history so they can run it again without bookmarking the forum page and stepping through the instructions again.
Command line interfaces aren't just "lower level". They allow a different kind of expressivness which lends itself very well to certain tasks. Routine administration is very often that sweet spot.
Thus spake Wikipedia:
I've gone along with the party line of "unauthorized copying != piracy" for years, but it looks like we're in the wrong on this one.
What about moving it in chunks to either a fileserver or a USB drive, then back to Linux or Mac?
I do! In fact, right now I'm loudly clanking away on one attached to my shiny Compiz Fusion desktop via a PS2-to-USB keyboard adapter. I fully expect to leave this to my grandkids.
Tell them you work for a company that makes some popular keyboards and mice. At worst, they'll assume you mean Logitech and throw a flaky webcam at you.
DJB has an awful problem of confusing "I don't know how it can be done" with "it can't be done". For example, he doesn't seem to realize that you can run IPv4 in parallel with IPv6. In reality, you can access my homepage linked above through either protocol, or send me email from an IPv6-only server. In fact, all of my FreeBSD mailing list traffic comes in via IPv6, right now, today.
.info? Seriously? ARIN couldn't afford a domain that didn't scream "Beware of the Leopard"?
The answer to you question is: without your ISP's involvement, no.
And the correct answer to the question is: yes, but most people won't be able to get to it.
NAT = FIREWALL.
No. People, please get this out of your heads. It's not.
And another question on this sentence: exactly how many employee levels are there?
You know, I've had two "oh crap!" moments involving computer security. The first happened when I learned about SQL injection. The second occurred just now when I read your letter. Thanks for the followup!
Since SFTP stands for Secure File Transfer Protocol, it's not really designed to allow you to execute commands.
That's pretty interesting! In practice, though, what would that get them? B would now have access to A's chroot (possibly - file permissions might be too restrictive anyway). If A trusts B that much, they could just share A's login.
Not saying this isn't serious, but I'm too tired to think of a useful attack vector at this moment. Am I missing something?
You're missing the point, which is that a "news" source that covers almost nothing but Bush's latest escapades is basically useless. This is a big planet and there are a lot of things happening that don't involved America in any way, shape, or form. I'd kind of like to hear about some of that stuff, you know?
It's always been that way, or at least since I was a kid watching Sesame Street in the 70s. There was always some big-person show or another brought to you by a grant from Amalgamated Industriofinance.
I haven't really looked into them, but I assert as fact that there are other things happening in the world than Clinton v. Obama and Bush Hates You.
if you're getting your news from the moving picture box, you're doing yourself a disservice.I get two daily newspapers and Science News. But the question at hand was about decent TV news sources. If there was something on TV worth watching, I'd be interested in it as a supplement, not as my only source.
OK, just checking. It's been a long day. :-)
Anyway, would something like Kerberos fill the bill for you? I use it to navigate around our network, and it's not that hard to do once you get over the initial learning curve. If you're stucking working with Windows, you can even auth against an Active Directory domain.