Mojah's questions

Here's a weird issue. I want to make crontab for a user that is read-only for that particular user and can only be managed via root. Sounds easy? Here's the catch:

$ ls -alh /var/spool/cron/my_user
-r-------- 1 root root 386 May  8 15:13 /var/spool/cron/my_user

So, the file is owned/grouped for root and only has read privileges (0400) for root.

The catch:

$ su - my_user
my_user~$ crontab -e
(write something to the crontab)
crontab: installing new crontab
$ ls -alh /var/spool/cron/my_user
-rw------- 1 my_user my_user 386 May  8 15:13 /var/spool/cron/my_user

So a file owned by root, with read-only privileges by root, could be read by a non-privileged user and was then modified to a 0600 (rw) and owned for that user?

What obvious catch am I missing?

I'm trying to find a way of "identifying" anycast IPs. This turns out to be rather tricky, as it's (usually) dependant on BGP routes directing you to the nearest available host.

What are common techniques of identifying if a certain IP address is a unicast or anycast IP?

I've thought of tracerouting the IP several times and find any differences in the last hops (usually the datacenter where it resides), but with dynamic paths (sometimes you hop via switch-1, sometimes via switch-2) this turned out to be quite unreliable.

I have a webserver which serves content for a site, let's call it "domain.com". On that site, I have several PHP scripts that serve content. When someone browses to that site, everything works.

If I request, from within PHP (with Curl/Fopen), a URL on my own site (I'll call "domain.com/api/something.php?x=y", I get a timeout that the site could not be contacted. That only happens when I request that URL via PHP, not when called via the CLI. When I browse the URL from externally, that works.

On the server, I can "curl " or "wget ", and that works. I can use PHP to request pages externally hosted (google.com etc.), but I can not do it with pages hosted on my lighttpd config on the same server.

Is this familiar to anyone? Are there known parameters that could conflict with this?

I have a Windows Server 2008 system, which has 12GB of RAM.

If I list all processes in the Task Manager, and SUM() the memory of each process (Working Set, Memory (Private Working Set), Commit Size, ...), I never reach more than 4-5GB that should be "in use". However, task manager reports this server has 11GB in use via the "Performance" tab.

I'm failing in determining where all that used RAM is going. It doesn't seem to be system cache, but I can not be sure.

It might be a memory leak in one of the appliances, but I'm struggling to find out which one. The server's memory keeps filing up, and eventually forces us to reboot the device to clear it.

I've been reading up on how RAM assignments work on Windows Server:

• RAM, Virtual Memory, Pagefile and all that stuff: http://support.microsoft.com/kb/2267427
• What's the best way to measure? http://www.zdnet.com/blog/bott/windows-7-memory-usage-whats-the-best-way-to-measure/1786
• Configure the file system cache in Windows: http://smallvoid.com/article/winnt-system-cache.html

But I fear I'm stuck without ideas at the moment.

Let me try to explain my situation. I have a load balancer server, which balances traffic over a set of pre-defined SMTP servers.

Host A (the client) connects to Balancer B which sends the request to Cluster-Node C. Since Balancer B uses IP masquarading, it looks to Cluster-Node C as if the request came directly from Host A, so it sends its replies to Host A.

Host A -> Balancer B: clients makes a request on port 25 to the load balancer
Balancer B -> Cluster-Node C: load balancer connects the client to the actual node
Cluster-Node C -> Host A: the node connects back, directly to the client

The answer of Cluster-Node C should actually go back to Balancer B, instead of Host A.

Here's the tricky part: all servers reside on the same subnet. If I change the Cluster-Nodes to a new subnet, I can give them the gateway of Balancer B, and it would work, as requests are sent over the gateway.

Host A: 10.0.0.10 Balancer B: 10.0.0.20 Cluster-Node C: 10.0.0.30

Is there a way to force all outgoing connections on Cluster-Node C (10.0.0.30) to be sent to Balancer B (10.0.0.20), no matter what the originating (in this case, masquarated) IP was?

I'm trying to set up a relay server using Postfix as MTA, and I need to log the server's mail usage (either to file or SQL). The idea is to monitor the amount of mails sent by host, and their size.

I've looked at several possibilities for this kind of traffic accounting in Postfix. They can be summed up as:

• A daemon running to intercept port 25 traffic, log it, then send the request to Postfix
• Log file analyzers that determine # mails sent & mail size via the /var/log/maillog (written in python, C-code, ...)

Analyzing log files will cause bounced mails being resent to count as doubles, while the daemon that's intercepting incoming port 25 won't notice Postfix re-running it's onhold-queue. So there's bound to be differences in both way of 'traffic accounting'.

Some examples include:

• MySQMail-Postfix-Logger: http://freshmeat.net/projects/mysqmail-postfix-logger
• pflogsumm (by Postfix)

But none seem to be able to give very detailed information. I prefer to log as much as possible (requesting IP, mailsize, from, to, mail-id, receiving mta, ...).

Do you have any experience with it? Are there recommendations, or things to look out for?

I need to sync a local disk to a iSCSI mount on Windows (server 2003), and I'm struggling to find software that's capable of doing so in a reasonable timeframe.

Notes on the current 1TB disk: - 800GB currently in use - Contains a folder with several hundred thousand subfolders, which in turn have several thousand files, ...

So I'm trying to find a piece of software that can handle such large filelists, and give me a good timeframe on when this will be copied. I've tried DeltaCopy (the rSync GUI client for Windows), but it's intolerably slow and doesn't provide me with a good estimate time remaining.

DeltaCopy: http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp

Does anyone know alternative software for Windows, that would do this well?

We're running a simple Juniper VPN tunnel (using Juniper SSG5's) for outside-network access, which works great for Windows PCs since they can connect using the supplied Netscreen-Remote VPN client.

Has anyone successfully managed to get this working under Linux? There are several alternatives, but none seem to actually work. The following were tried, but failed: - http://www.prolixium.com/netscreenlinux - http://david.dw-perspective.org.uk/Juniper-Networks-SSL-VPN-Client-On-Linux.html

The official version is no Linux Client will ever be developed by Juniper themselves, but perhaps other (open) software exists that has been found compatible to Juniper's VPN?

I'm trying to find a way to centralize user management & authentication for a large collection of Windows & Linux Servers, including network devices (Cisco, HP, Juniper). Options include RADIUS/LDAP/TACACS/... Idea is to keep track with staff changes, and access towards these devices.

Preferably a system that is compatible with both Linux, Windows & those network devices. Seems like Windows is the most stubborn of them all, for Linux & Network equipment it's easier to implement a solution (using PAM.D for instance).

Should we look for an Active Directory/Domain Controller solution for Windows? Fun sidenote; we also manage client systems, that are often already in a domain. Trust-relationships between Domain Controllers isn't always an option for us (due to client security restrictions).

I'd love to hear fresh ideas on how to implement such a centralized authentication "portal" for those systems.