From: Maarten v. d. B. <de...@ul...> - 2003-01-23 10:30:04
|
Hi, I've just built my first devil linux, version 0.6, from the development system and I my head is still spinning... hehe ;-) But seriously, I have a problem making the floppydisk. The command 'build/scripts/build-etc' spews errors no matter from which directory I run it. (do I need to run it as chrooted user or as a 'normal' root ?) This is what it says: root:/# ./build/scripts/build-etc cat: /data/build/scripts/config/VERSION: No such file or directory ./build/scripts/build-etc: pushd: /data/build/tmp/ETC: No such file or directory tar (child): Cannot open archive /data/build/tmp/etc.tar.bz2: No such file or directory tar (child): Error is not recoverable: exiting now ./build/scripts/build-etc: line 19: 20187 Broken pipe tar -cjf $WORKDIR/etc.tar.bz2 etc mount: mount point /floppy does not exist umount: /floppy: not found ./build/scripts/build-etc: popd: directory stack empty The first error is quite understandable since /data is completely empty (is that normal ?). I tried making an symlink in /data to /build but that prompts the script to complain "Too many levels of symbolic links". Since this is my first build ever and I'm not too sure what to expect I'm sorta stuck. The CD I burned does try to boot and all (until it asks for the floppydisk), so it is not a totally botched job ;-) Any hints on what's wrong ? (Or: as a workaround, Can I simply make a tarball of /etc or does that make things worse ?) After this works I'll be looking to add some programs, most importantly some means to do IP accounting. Thus I'd be very glad for any tips on which programs could be useful, what has been done or tried before, and especially more extensive docs on how to integrate your own stuff into Devil linux. Are there more docs than what is in the new documentation at http://www.devil-linux.org/newdoc/ch02s03.html ? Because this leaves me with almost as many questions after reading as before... ;-) Oh yeah, the version I used is the version that I got from cvs yesterday. Thanks in advance, Maarten -- This statement is either false or a paradox. |
From: Heiko Z. <he...@zu...> - 2003-01-24 03:02:25
|
Hey, the right Mailinglist for this kind of questions is dev...@li... Maarten van den Berg wrote: > I've just built my first devil linux, version 0.6, from the development > system and I my head is still spinning... hehe ;-) > > But seriously, I have a problem making the floppydisk. The command > 'build/scripts/build-etc' spews errors no matter from which directory I > run it. (do I need to run it as chrooted user or as a 'normal' root ?) > This is what it says: > ....... I updated it in CVS, it should work now. The problem was, that the variable DL_DIR moved into the Makefile a few days ago. Since build-etc is called outside of the Makefile it failed. build-etc is more for testing, it just compresses build/tmp/ETC and copies it to the floppy disc. Rather use "make dist", it prepares everythin in build/dist (the doc subfolder is still messed up ) > Since this is my first build ever and I'm not too sure what to expect I'm > sorta stuck. The CD I burned does try to boot and all (until it asks for > the floppydisk), so it is not a totally botched job ;-) > Any hints on what's wrong ? (Or: as a workaround, Can I simply make a > tarball of /etc or does that make things worse ?) yes: tar -cjf etc.tar.bz2 build/tmp/ETC > After this works I'll be looking to add some programs, most importantly > some means to do IP accounting. Thus I'd be very glad for any tips on > which programs could be useful, what has been done or tried before, and > especially more extensive docs on how to integrate your own stuff into > Devil linux. Are there more docs than what is in the new documentation > at http://www.devil-linux.org/newdoc/ch02s03.html ? Because this leaves > me with almost as many questions after reading as before... ;-) Unfortunately there is not more. Take a look at the current scripts, it's really not very complicated. -- Regards Heiko We are Penguin, resistance is futile! http://www.devil-linux.org |
From: Maarten v. d. B. <de...@ul...> - 2003-01-24 14:37:36
|
On Friday 24 January 2003 03:54, Heiko Zuerker wrote: > Hey, > > the right Mailinglist for this kind of questions is > dev...@li... Yeah, I had already wondered about this. I hesitated because I would not dare to call myself a developer, for serious lack of coding skillz... ;-) I'll subscribe to it. [...] > I updated it in CVS, it should work now. > The problem was, that the variable DL_DIR moved into the Makefile a few > days ago. Since build-etc is called outside of the Makefile it failed. > build-etc is more for testing, it just compresses build/tmp/ETC and > copies it to the floppy disc. > Rather use "make dist", it prepares everythin in build/dist (the doc > subfolder is still messed up ) Okay... will try again. > > Since this is my first build ever and I'm not too sure what to expect > > I'm sorta stuck. The CD I burned does try to boot and all (until it > > asks for the floppydisk), so it is not a totally botched job ;-) > > Any hints on what's wrong ? (Or: as a workaround, Can I simply make a > > tarball of /etc or does that make things worse ?) > > yes: tar -cjf etc.tar.bz2 build/tmp/ETC Check. Thanx. > > After this works I'll be looking to add some programs, most > > importantly some means to do IP accounting. Thus I'd be very glad > > for any tips on which programs could be useful, what has been done or > > tried before, and especially more extensive docs on how to integrate > > your own stuff into Devil linux. Are there more docs than what is in > > the new documentation at > > http://www.devil-linux.org/newdoc/ch02s03.html ? Because this leaves > > me with almost as many questions after reading as before... ;-) > > Unfortunately there is not more. > Take a look at the current scripts, it's really not very complicated. Well, the major issue I see is how to protect my own changes from being deleted when doing a CO / update. The docs warn for this, but offer no workaround. I'll try not to lose my stuff... Thanks, Maarten -- This statement is either false or a paradox. |
From: Friedrich L. <fl...@fl...> - 2003-01-24 03:16:33
|
Maarten van den Berg wrote: > After this works I'll be looking to add some programs, most importantly > some means to do IP accounting. Thus I'd be very glad for any tips on > which programs could be useful, what has been done or tried before, and > especially more extensive docs on how to integrate your own stuff into > Devil linux. I can recommend http://sf.net/projects/ipac-ng but that would imply that you'd need to add postgres as well to at least get the postgres libs. -- MfG / Regards Friedrich Lobenstock ____________________________________________________________________ Friedrich Lobenstock FL226-RIPE Internetservices URL: http://www.fl.priv.at/ Email: fl...@fl... ____________________________________________________________________ |
From: Maarten v. d. B. <de...@ul...> - 2003-01-24 14:48:34
|
On Friday 24 January 2003 04:16, Friedrich Lobenstock wrote: > Maarten van den Berg wrote: > > After this works I'll be looking to add some programs, most > > importantly some means to do IP accounting. Thus I'd be very glad > > for any tips on which programs could be useful, what has been done or > > tried before, and especially more extensive docs on how to integrate > > your own stuff into Devil linux. > > I can recommend http://sf.net/projects/ipac-ng but that would imply > that you'd need to add postgres as well to at least get the postgres > libs. Thanks. That's exactly what I use now (or is that still ipac[-plain] ?). What bugs me however is that I _definitely_ do not want a HDD in the system. It will be CD/floppy based, remote syslogged, and that's it. So I'm really unsure how to solve this. Maybe write everything to ramdisk and periodically upload ? Quite nasty. Talk to a remote postgres through some tunnel ? Difficult to do right. Hack it so that it sends its info as syslog data ? Is that even feasible ? Fourth option ?? The box I'm building cannot have accessible ports, neither 'trusted' hosts (not even the syslogserver) so that will complicate things I guess. If you have ideas... please share them. Maarten -- This statement is either false or a paradox. |
From: Heiko Z. <he...@zu...> - 2003-01-25 02:06:36
|
Maarten van den Berg wrote: > On Friday 24 January 2003 04:16, Friedrich Lobenstock wrote: > >>Maarten van den Berg wrote: >> >>>After this works I'll be looking to add some programs, most >>>importantly some means to do IP accounting. Thus I'd be very glad >>>for any tips on which programs could be useful, what has been done or >>>tried before, and especially more extensive docs on how to integrate >>>your own stuff into Devil linux. >> >>I can recommend http://sf.net/projects/ipac-ng but that would imply >>that you'd need to add postgres as well to at least get the postgres >>libs. > > > Thanks. That's exactly what I use now (or is that still ipac[-plain] ?). > What bugs me however is that I _definitely_ do not want a HDD in the > system. It will be CD/floppy based, remote syslogged, and that's it. > > So I'm really unsure how to solve this. Maybe write everything to ramdisk > and periodically upload ? Quite nasty. Talk to a remote postgres through > some tunnel ? Difficult to do right. Hack it so that it sends its info > as syslog data ? Is that even feasible ? Fourth option ?? Check out if Postgres uses TCP, then you can tunnel it with stunnel wich is secure an easy to setup. Just bind stunnel to the local postgres port and tell ipac-ng that the sql server is running on localhost. Use the oposite way on the SQL server. -- Regards Heiko We are Penguin, resistance is futile! http://www.devil-linux.org |
From: Friedrich L. <fl...@fl...> - 2003-01-25 02:33:02
|
Maarten van den Berg wrote: > Thanks. That's exactly what I use now (or is that still ipac[-plain] ?). > What bugs me however is that I _definitely_ do not want a HDD in the > system. It will be CD/floppy based, remote syslogged, and that's it. Enough RAM that's all you need. This is a Devil-Machine with a patched on ipac-ng: accounting.example.net:~ # df -h Filesystem Size Used Avail Use% Mounted on rootfs 40G 43M 39G 1% / shmfs 40G 43M 39G 1% / / 40G 43M 39G 1% /dev/shm /dev/hdd 49M 49M 0 100% /cdrom shmfs 442M 3.1M 438M 1% /var/lib/ipac accounting.example.net:~ # cat /proc/meminfo | grep ^MemTotal MemTotal: 905168 kB > > So I'm really unsure how to solve this. Maybe write everything to ramdisk > and periodically upload ? Quite nasty. Talk to a remote postgres through > some tunnel ? Difficult to do right. Hack it so that it sends its info > as syslog data ? Is that even feasible ? Fourth option ?? Ipac-ng will buffer the data to disk (a ram disk in my case) till it can reach the database host again. So the system above can withstand a database outage (no UPS failure at the same time ;-)). > The box I'm building cannot have accessible ports, neither 'trusted' > hosts (not even the syslogserver) so that will complicate things I guess. Then I you'll need a harddisk when you don't have any trusted servers nearby also for syslog logging. -- MfG / Regards Friedrich Lobenstock ____________________________________________________________________ Friedrich Lobenstock FL226-RIPE Internetservices URL: http://www.fl.priv.at/ Email: fl...@fl... ____________________________________________________________________ |
From: maarten v. d. B. <de...@ul...> - 2003-01-26 01:40:14
|
On Saturday 25 January 2003 03:32, Friedrich Lobenstock wrote: > Maarten van den Berg wrote: > > Thanks. That's exactly what I use now (or is that still ipac[-plain] = ?). > > What bugs me however is that I _definitely_ do not want a HDD in the > > system. It will be CD/floppy based, remote syslogged, and that's it. > > Enough RAM that's all you need. Plenty available. > This is a Devil-Machine with a patched on ipac-ng: How did you 'patch it on', if you don't mind me asking ? > accounting.example.net:~ # df -h > Filesystem Size Used Avail Use% Mounted on > rootfs 40G 43M 39G 1% / > shmfs 40G 43M 39G 1% / > / 40G 43M 39G 1% /dev/shm > /dev/hdd 49M 49M 0 100% /cdrom > shmfs 442M 3.1M 438M 1% /var/lib/ipac > > accounting.example.net:~ # cat /proc/meminfo | grep ^MemTotal > MemTotal: 905168 kB I gather you have a Gig of ram, not 40 Gigs...? :-) [...] > > The box I'm building cannot have accessible ports, neither 'trusted' > > hosts (not even the syslogserver) so that will complicate things I gu= ess. > > Then I you'll need a harddisk when you don't have any trusted servers > nearby also for syslog logging. Ehh, let me clarify that statement because it is prone to misinterpretati= on:=20 There is a syslog server, and I do 'trust' it enough to connect to it, an= d I=20 do obviously trust it to store my logs. It's just that I don't trust it t= o=20 connect back to ME in any way.=20 Trust can go both ways, but in this case it doesn't. In fact, this is quite common in client-server relationships actually. Maarten --=20 Linux: Because rebooting is for adding hardware. |
From: Friedrich L. <fl...@fl...> - 2003-01-26 03:45:19
|
maarten van den Berg wrote: > > How did you 'patch it on', if you don't mind me asking ? Compiled ipac-ng on SuSE 7.3. It was a bit tricky to link statically against the postgres libs. In the end I had to temporarily remove all libpq*.so.* from /usr/lib. Now I created a tar file with all the needed files (just fetchipac and ipacsum) which I copied to patch/base/IPAC.tar.bz2 on the floppy disk. # mount -tvfat /dev/fd0 /floppy/ # tar -tjf /floppy/patch/base/IPAC.tar.bz2 usr/sbin/fetchipac usr/sbin/ipacsum # umount /floppy/ That's it. Some time I have to make update ipac-ng from version 1.24 to 1.25, now that it supports the database config not compiled in but via config file. You might take a look at ftp://ftp.fl.priv.at/pub/devil-linux/0.5/patch/base/ where you'll find some already prepared patches. > > I gather you have a Gig of ram, not 40 Gigs...? :-) I know, this 40G was my mistake when I rewrote the boot script. You will notice this on your system too ;-) It's just the max. size of the shared memory filesystem. Sometime I should check in a more reasonable value. But hey, just add RAM to your machine and there will be no limit up to 40 Gigs - ok with DL 0.5 the limit is actually 0.9G of RAM and 4GB with the next upcoming 0.6beta. > Ehh, let me clarify that statement because it is prone to misinterpretation: > There is a syslog server, and I do 'trust' it enough to connect to it, and I > do obviously trust it to store my logs. It's just that I don't trust it to > connect back to ME in any way. But there's no trusted LAN inbetween your accounting host and the database server where ipac-ng should log the traffic too. Is this true? Then you might need to do it as Heiko already suggested. Depending on how much traffic you'll be accounting for, it might be impractical to let ipac-ng log to a host bejoined the local LAN. -- MfG / Regards Friedrich Lobenstock ____________________________________________________________________ Friedrich Lobenstock FL226-RIPE Internetservices URL: http://www.fl.priv.at/ Email: fl...@fl... ____________________________________________________________________ |
From: Maarten v. d. B. <de...@ul...> - 2003-01-27 16:36:52
|
On Sunday 26 January 2003 04:44, Friedrich Lobenstock wrote: > maarten van den Berg wrote: > > How did you 'patch it on', if you don't mind me asking ? > > Compiled ipac-ng on SuSE 7.3. It was a bit tricky to link statically > against the postgres libs. In the end I had to temporarily remove > all libpq*.so.* from /usr/lib. Now I created a tar file with all > the needed files (just fetchipac and ipacsum) which I copied > to patch/base/IPAC.tar.bz2 on the floppy disk. Hrm. I don't even manage to statically compile it. When I give --enable-static to ./configure it seems to just disregard it; ldd indicates as much anyway. When I tweak the LDFLAGS in the Makefile itself the compile breaks with hundreds of "undefined reference to `PQfoobar'. Removing the libpq*.so.* files makes either no difference, or makes it worse (configure telling me it can't find/use postgres at all) I've been running around Googl'ing all day but I'm at a loss here... > # mount -tvfat /dev/fd0 /floppy/ > # tar -tjf /floppy/patch/base/IPAC.tar.bz2 > usr/sbin/fetchipac > usr/sbin/ipacsum > # umount /floppy/ Would that be another floppy or the same floppy the config tarball is on ? [...] > But there's no trusted LAN inbetween your accounting host and the > database server where ipac-ng should log the traffic too. Is this true? > Then you might need to do it as Heiko already suggested. There is a stretch of switched ethernet which -if devil-linux does its future job well enough- ought to be protected, thus trusted. ;-) Maarten -- This statement is either false or a paradox. |
From: Friedrich L. <fl...@fl...> - 2003-01-27 19:31:37
|
Maarten van den Berg wrote: > On Sunday 26 January 2003 04:44, Friedrich Lobenstock wrote: > >>maarten van den Berg wrote: >> >>>How did you 'patch it on', if you don't mind me asking ? >> >>Compiled ipac-ng on SuSE 7.3. It was a bit tricky to link statically >>against the postgres libs. In the end I had to temporarily remove >>all libpq*.so.* from /usr/lib. Now I created a tar file with all >>the needed files (just fetchipac and ipacsum) which I copied >>to patch/base/IPAC.tar.bz2 on the floppy disk. > > > Hrm. I don't even manage to statically compile it. When I give > --enable-static to ./configure it seems to just disregard it; ldd > indicates as much anyway. When I tweak the LDFLAGS in the Makefile itself > the compile breaks with hundreds of "undefined reference to `PQfoobar'. > Removing the libpq*.so.* files makes either no difference, or makes it > worse (configure telling me it can't find/use postgres at all) > I've been running around Googl'ing all day but I'm at a loss here... Yes there's no possibility to tell configure to create static binaries. You have to move the *.so libs so the linker has to link against the static libs. AND you have to run the last linker command by hand changing the link order of the libs. If I recall correctly the "-lpq" has to come last or so instead of first. > > Would that be another floppy or the same floppy the config tarball is on ? The _same_ floppy as the config tarball!! -- MfG / Regards Friedrich Lobenstock ____________________________________________________________________ Friedrich Lobenstock FL226-RIPE Internetservices URL: http://www.fl.priv.at/ Email: fl...@fl... ____________________________________________________________________ |