[tech] new moray

Ian McKellar yakk at yakk.net.au
Thu Nov 18 16:42:57 WST 1999


On Thu, Nov 18, 1999 at 04:30:21PM +0800, Nick Bannon wrote:
> On Thu, Nov 18, 1999 at 03:41:25PM +0800, Ian McKellar wrote:
> > Okay,
> > 
> > It looks like the general(ish) consensus is that flamebox should become the
> > new moray. I suggest on it we run:
> 
> Excellent idea. I'll help where possible.
> 
> >   o Dispense
> 
> Including door and coke serial ports.
> 
> > 	o Flame
> 	o bind

I'll have a go at this.

> 	o FMS client

Ben, could you have a poke at this (note: there are a couple of users that
were added by various debian packages to the end of /etc/(passwd|shadow).

> 	o SOCKS (4 and 5?)
> 	o TACACS auth server
> 	o Charged telnet tunnel


> 	o telnat (telnetd running on port 222)
> 	o Hacked login so non-wheel group members can't log in
One option for this is not to run a telnetd at all, and simply run an SSHd
for wheel members to get in. I think just about everyone in wheel uses ssh
these days, and there are clients for just about every OS. Then nice thing
about SSHd is that we can (afaik) specify which groups can and can't log in.

> 	o doorlogger (in /usr/local/sbin, started from /etc/rc.boot)

This is related to dispense, and the serial ports right?

> 	o vimotd

Nick, whats involved in setting this up?

> 	o Cron jobs to mail vital UCC data out

I think thats mostly individual wheel members' projects

> 	o Apache?

Its installed. I'll have to take a look at the moray config to see what its
actually _doing_ :-)

> 	o Anything I've missed?
> 
> > 	o Postfix (instead of sendmail)
> > 	o Berolist/Minimalist/Somerandomlist (instead of mailman)
> > 
> > I'm going down to set up the mail stuff on flamebox now so that we can test
> > it for a bit.
> 
> Careful with those ones. If you want them, make the changeover smooooooth.
> I'd call the postfix change unnecessary but hopefully harmless. I'd expect
> mailman would be happier on mooneye, but if you want to try something
> else go ahead. Converting the old mail archives ought to be possible, too.

The reason I want to install postfix is that I don't like sendmail. Call me
a homophobe, but sendmail.cf files get on my nerves - I don't grok them, and
I don't like being confused. I've been running postfix at home (which given
the number of mailing lists I'm on counts as a mid-sized site) and I've found
it to be excellent. Its designed as a drop in replacement for sendmail - with
security in mind. Its license is okay, it supports user+extension at host, it
does Maildir, and its generally cool.

Berolist is seeming cooler and cooler the more I play with it. For a start
its small (43k tarball), and simple, and written in C. The config files are
sane, and theres a minimalist web interface.

Ian

-- 
Ian  McKellar | Email: yakk(a)yakk.net     | Web: http://www.yakk.net/
Fax: +61 (8) 9265 0821 / +0 (775) 205 0307 | Home: +61 (8) 9389 9152




More information about the tech mailing list