The emergency bypass switch on the UPS works.
This is the first time we’ve had to test it. Somehow, the UPS went into a tailspin and went into bypass mode and wouldn’t come out. So I switched to manual bypass on the back of the unit and threw the emergency bypass switch, turning the UPS off. It was nice to see the machine room keep humming. After restarting the UPS, it seemed fine, and we got a working NIC on the UPS again out of the deal (it’s been flaked out since last summer sometime).
I guess MT is gaining speed again, and there’s demand for more plugins.
I don’t see any problems with any of the plugins Mark wants, so I’ll be putting them on the list of plugins to upgrade or install this spring and summer (RSS feed is already there, but there’s a new version, and apparently something’s broken on ours).
I suspect that the MT site Mark references with the printer friendly versions of the etnries is done with another archive-related template. Just like there’s an individual entry archive template, she’s probably got and individual entry archive printer template that strips out the side bar and extraneous stuff around the page.
Explored the creation and use of resource calendars using the csresource utility.
Resource calendars are independant entities. They can have one or more owners and they can have their ownership changed. Annoyingly, they live in the base DN of the LDAP tree, and I’d prefer it if I could put them in their own OU, but that doesn’t seem possible.
It seems like there’s probably a better way to organize a group of resources into a calendar, but I’m not finding it yet.
Also set up nightly exports of the calendar data for backup purposes, much like the LDAP exports on ASHTI.
Got ProFTPd working with the AUTH TLS/mod_tls plugin again, by following directions at this howto.
Details are essentially:
<IfModule mod_tls.c> TLSEngine on TLSLog /var/log/proftpd/tls.log TLSProtocol TLSv1 TLSRSACertificateFile /etc/ssl/certs/ftp.earlham.edu.pem TLSRSACertificateKeyFile /etc/ssl/certs/ftp.earlham.edu.key TLSCipherSuite ALL TLSRequired off TLSVerifyClient off </IfModule>
Tried putting milter-sender on KE on Sunday, since I was sick of the stuff that was getting through SpamAssassin, and found that this program’s got some problems.
Specifically, it does send back a message to the sender, and that’s never stated, nor are we given the opportunity to modify that message. Second, it had died on BARIS and I was unable to restart it. These two factors make it unsuitable for use in an enterprise environment.
Made some modifications to MT to make the default paths for new blogs more appropriate.
Edit tmpl/cms/edit_blog.tmpl to make the statis HTML more appropriate for Earlham and edit lib/MT/App/CMS.pm so that the site path is based off of a getpwnam home direcotry lookup and the site URL includes the ~username.
Deleting a bunch of held spam messages from stale lists and deleting a couple of completely disused lists. Deleting the held messages in ~mailman/data/heldmsg-LIST-* makes the admindb page in Mailman complain about not finding messages - resubmit the page and all’s well again.
Finally starting to use the alumni group class.
Got proper info out of Banner for all the “student” accounts that have EALG code and nothing else that overrides and converted them in LDAP and now on PAX and KE. Seems to be going through just fine. 657 accounts total. Also tweaked the EZproxy setup on HEIWA to restrict access to databases for those in alumni, others, and board.
Working on getting a list of current accounts that ought to be considered alumni.
The script is running against Banner now, and ought to be done for inspection tomorrow.
Got milter-sender working onb BARIS.
It’s not doing call ahead checks to verify users on KE, and I’m not sure how to make that work. But it is rejecting nonexistent users from Hotmail, Yahoo!, and other places. I’m going to let this go for a day or so, and then assuming it works ok, I’ll try it on KE.
Added a user to Postgres on KE for RT reporting.
Get a user list with “select * from pg_shadow;” and modify perms with “grant select on table,table,… to user;”. Get a list of the current perms on the database with “\z”.
Not only do VxFS storage checkpoints require an additional license, it’s the database edition license, which is not covered under ScholarPAC.
The quoted price for DBED with FlashSnap (which I’m learning is actually a VxVM feature) was about $1500, which is not feasible for RAHU. I‘m going to be investigating using VxFS snapshots to see if they might work. The documentation is unclear as to whether making multiple snapshots at different times will actually do what I want – that is, have the last _N_ days of snapshots available for online restore. The doco claims that “there can be more than one snapshot of a file system, [but] they are all based on a single, parent file system. Storage Checkpoints can be based on other Storage Checkpoints.” This leaves me wondering what “single, parent file system” really means – is that just that you can’t have a snapshot of a snapshot (obviously pointless) or that all snapshots of a file system are really going to end up being identical? Testing will tell.
The other thing to do is to upgrade to Vx(VM|FS) 4.0, which we got in the mail today (as 3.5 was end-of-lifed in February without our knowledge, but our licenses should work fine for 4.0).
And the VEA gui console sat in an infinite loop this afternoon. Hmm.
Handed backups off to Aaron, restored some e-mail for a user, and did more work with Bonnie on RAHU.
SAGE members are trying to convince me that my testing of RAHU’s Xserve RAID should become a LISA paper.
And so I’m doing more testing. The stable version of Bonnie++ hits a nasty NFS bug when run from PAX, but there’s apparently an experimental version that doesn’t hit that bug. (Not sure that it’s a bug in NFS, though – it’s triggered when the directory changes while Bonnie’s reading it, and that might be in Bonnie’s threads or process spawning stuff.) I’ll have to re-run with this version on RAHU, to get it’s numbers (and I should do a number of runs with various options on both platforms, anyhow).
Uploaded my ldap2307 authentication module to the authentication forum at th moodle.org.
Exploring the nfsdump and nfsscan programs that were written up at LISA last fall.
nfsdump compiles fine on Solaris, and I’m running a test case on RAHU. I‘ll also try it on the other NFS machines in the cluster – PAX and HEWIA.
Turning the previously mirrored 21 GB of /data on EYEWI into a 63 GB RAID 5.
With the full set of 4 disks, we can use the two other disks for the on-disk backups. But we can’t make concats of mirrored devices in Solaris volume manager, so I had to dump /data, format the new disks the same as the current ones, and then turn slice 7 on all four disks into a RAID 5 volume. Currently doing a restore of the dumps from this morning (and then I’ll keep the tape around).
Mostly preparing for and at ITPC meeting about CMS – CHEF and Moodle.
The pendulum is currently pointing towards Moodle; we’ll see where we go from here. Got the New Assignment module installed – allows posting of corrected assignments by the instructor.
Trying to deal with the MacOS X LDAP authentication problem.
The Dennis lab brought down the directory server again today. I’ve been trying to access the Apple Darwin sources to see if they’ve either fixed the problem or if I can make sense of the LDAPv3 plugin to fix it myself, but their web site is timing out.
FIFA got into its periodic meltdown again, with the connection table filling up with INB connections. A reboot clears it, but I wish there were a better way of monitoring it besides waiting on user complaints.
Spent most of the day coming up with system and feature comparisons for Moodle and CHEF.
Looks like Bagle.J is out and heavy. Also, some changes to MIMEDefang.
Bagle.J hit us hard before Vexira got itself updated. I sent a note to the faculty and staff lists.
On the MIMEDefang front, I’ve changed the Windows executable attachment extension rule from defang to bounce. I also updated the mimedefang.pl program to catch the full name of the virus. Apparently Vexira changed the output format slightly. Looks like the current MIMEDefang distro has the right stuff.
Doing some performance testing on RAHU with Bonnie and Bonnie++ to see what the performance impact is for quotas.
Nomad over at SAGE was curious, and so am I. Currently running Bonnie++ tests, 10 in serial, both with and without quotas turned on for RAHU’s Xserve RAID (VxFS, VxVM, and RAID hardware). Will also run 10 tests on RAHU’s /data partition, which is UFS and Solaris Volume Manager (RAID-1, aka DiskSuite).
CHEF seems to be a bear of a Java application server to set up. Moodle has 1.2 beta out.
CHEF is a complete Java application server environment (much like uPortal). It will take some intense digging to get it set up properly.
On the other hand, Moodle 1.2 beta is out and it took me 1:30 hours to set it up, including the time to apply the LDAP2307 authentication patches and the futzing I had to do with Apache’s config file.
All disks are in EYEWI. the upper two are currently unconfigured and unmounted. I’ll probably be using them for temporary data at some point.
This post to Veritas-vx has a tarball of usefull Vertias quota tools attached.
I’ve donwloaded and unpacked it, so we probably don’t need to fetch it again, but it’s here in case we need to find it.