When installing third-party applications, they often default to running as root. The server applications for TeamSite/LiveSite are among those. I have applied a simple modification to the init.d scripts that starts them as a non-root user. It also allows the scripts to be run by members of an administration group via sudo. This approach is applicable to other applications. Continue reading
One nagging issue I had with IPv6 was how to distribute DNS server addresses and search lists to my clients. It took a little research to find the solution. On IPv4 I had been using DHCP to do this, but DHCP didn’t seem to be right approach for IPv6.
radvd can be used to distribute both types of data. The following article covers setup on Ubuntu and OpenWRT. The Ubuntu (Debian) examples below should work with any distribution using
/etc//radvd.conf to configure
radvd. Continue reading
Recent reports indicate that spam is increasing again. I have been using Exim to filter spam for several years. Some recent tuning I have done have decreased the percent of spam which reaches my spam filters. This article provides a discussion of the techniques used, and provides implementation examples. Spambots tend to be simple programs which don’t handle slow servers very well. Using a greylist is effective method of blocking them as they usually don’t retry. My latest changes use delays to cause many spambots to abandon their attempt. Greylisting is used only for poorly configured servers that make it to the Recipient command.
This article was updated in February 2014 to reflect changes policy and reporting options. The earlier ADSP (Author Domain Signing Practices) information has been removed.
DomainKeys Identified Mail (DKIM) provides a method to confirm the origin of an e-mail. DKIM also provides some protection against tampering. Unlike SPF, this validation applies to the contents of the message when it is signed. Like SPF, the information required for validation is added to DNS. Continue reading
Cfengine is a declarative system configuration tool. This helps apply standards to system configuration. The configuration files specify the desired configuration and the engine applies these specifications to the system. It is useful to:
- Distribute configuration files;
- Install standard packages (including on Debian and Ubuntu with code provided here);
- Cleanup old files; and
- Ensure certain programs are/are not running.
This documentation applies to Cfengine version 2. . The latest version has made significant changes to the scripting structure, but maintains the capability to run the version 2 format files. Continue reading