In my previous post, I introduced iotop a very cool tool that displays a table of current I/O usage by processes on the system; just as useful as top, but for I/O monitoring. Unfortunately, iotop requires Python >= 2.5 and a Linux kernel >= 2.6.20 to work, and even if the installation is very simple as presented in my last post, getting it to run on older distributions might not be so easy. This post will show how you can run iotop on debian etch, describing how we can solve the dependencies and make iotop run just fine on etch.
Read the rest of this entry »
Tags: debian-etch, iotop
The Bcfg2 version available in debian etch is quite old (v0.8.6), while the one in lenny is newer v0.9.5.7, it still isn’t the latest stable version 0.9.6 that was released in November last year. Since this version fixes many bugs it is the version that is recommended to use in production at this time (unfortunately it breaks the reporting system, that will not be fixed until the release 1.0 planed for the next months). This post will show how we can rebuild a debian package for the latest stable bcfg2 release so we can easily deploy it on several machines.
Bcfg2 is a debian friendly project, meaning they provide inside the source package all what is needed to build a debian package very easy. We will use for this a debian etch system, but this should work on any debian based system. Read the rest of this entry »
Tags: apt, bcfg2, deb, debian-etch, debian_packages, debuild
This post will show how to setup an auto-reply message using vacation on a debian etch server running postfix. This should work in the same way using other email servers, but this was tested with postfix. I’ll assume that you have postfix already running properly on the server. The first step is to install the vacation package. Since vacation is available in etch we can install it just by running:
aptitude install vacation
and this will install vacation version 3.3.0 on the system
Read the rest of this entry »
Tags: Debian, debian-etch, postfix, vacation
“The Debian project is pleased to announce the fifth update of its stable distribution Debian GNU/Linux 4.0 (codename etch). This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems.
Please note that this update does not constitute a new version of Debian GNU/Linux 4.0 but only updates some of the packages included. There is no need to throw away 4.0 CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated.
Those who frequently install updates from security.debian.org won’t have to update many packages and most updates from security.debian.org are included in this update.” Read the rest of this entry »
Tags: Debian, debian-etch, etch, releases
For the first time in the history of debian stable releases, a new kernel was included in the stable branch in what was called “Etch and a half” project. This happened from the desire to support hardware that requires updated drivers. This allows an ‘official’ way to upgrade your 2.6.18 debian etch kernel to a more recent one 2.6.24 without doing a manual compile or some use some backported packages. Still if you are not very careful this upgrade can cause problems and this post will show how you can loose your network connectivity if your system is using a bnx2 based driver.
Read the rest of this entry »
Tags: bnx2, debian-etch, kernel
Hopefully by now most debian sysadmins have updated their systems and regenerated any weak openssl keys found. After the disclosure from last week, the debian team has done a great job to identify any possible affected program and any type of key, and for sure there are many 
.
Special pages were created to help peoples migrate their keys and also to identify if their keys are weak or not. In my previous post I have discussed howto indentify and regenerate the ssh vulnerable keys, obviously the most targeted by attacks against this issue. This post will answer the questions I have received on email on how you can identify and regenerate apache PEM keys (SSL certificates).
Read the rest of this entry »
Tags: debian-etch, openssl
Yesterday, 13 May 2008, was a really bad day for the Debian project, probably one of the worst days in the history of Debian. Luciano Bello discovered that the random number generator in Debian’s openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.
Systems which are running any of the following releases are affected :
Read the rest of this entry »
Tags: debian-etch, openssl, ssh
A while ago, I have linked an interesting story about the ethereal name change to wireshark. If you are a tethereal user (the console version of ethereal) and using Debian testing (like I am) you will notice that the Debian developers have pushed the new version with the changed name into Etch repositories. If for ethereal the correspondent is wireshark, for tethereal this is tshark (and not twireshark as you might have expected).
When you will install the new version this will remove the ethereal package and we will remain with wireshark.
Read the rest of this entry »
Tags: debian-etch, ethereal, networking, wireshark
Loading ...