Welcome to Orb Designs

Home

Graffiti

About

Sitemap

Visual

DevWork

Email Brian Bilbrey

Email Brian

GPG Key

GRAFFITI -- April 26, 2004 thru May 02, 2004

>> Link to the Current Week <<

Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week

Search this site :

Welcome to Orb Graffiti, a place for me to write daily about life and computers. Contrary to popular belief, the two are not interchangeable.     About eMail - I publish email sometimes. If you send me an email and you want privacy or anonymity, please say so clearly at the beginning of your message.

 Ron Paul in 2008

Creative Commons License

Read LinuxGazette, get a clue.

MONDAY    Tues    Wed    Thu    Fri    Sat    Sun   
April 26, 2004

Lucy wakes up at Marcia's feet0623 - Good morning. You may remember that Sunday afternoons around the Bilbrey homestead are pretty special. That's right, it's nap-time! Lucy sleeps in the spot Sally once owned, at Marcia's feet. At right, she's just finished giving me the look that says, "Now go away and let me get back to sleep." Marcia rarely likes pictures of herself asleep, so you don't get to see ... sorry.

So it was my birthday on Saturday. I've been for 43 years now, and bloody lucky, at that. I count my blessings just about every day, from living and breathing to family, friends and especially my lovely Marcia. I spent a lot of the weekend enjoying quality time in the yard, which is really good for my soul, although tired-making from time to time. We went out to supper Saturday night at On The Border, where our favorite waitress, Christina, takes good care of us.

Last night, I started work on the mailserver project again. There are those (including friend Mark) who want to build a multipurpose Debian box. However, since I can't have remote access to the box, it'd be really hard to help remotely. The best I can do, is to do the gig and document it. Here's part one, rough cut:

Using Debian Sarge Beta-3 installer

Platform: VMware 4.5.1 running on Goldfinger, the dual Athlon. 

Goals:
  Mailserver (SMTP, POP3, IMAP, AV, AS)
    Postfix
    Cyrus suite
    Amavisd
    Spamassassin
    ClamAV
  Web Server (WWW, PHP, SQL)
    Apache 2.x
    PHP4
    MySQL
  Nameserver (DNS)
    Bind 9.3

Annoyance about this installer: In standard mode (not expert), tries to get DHCP before asking if static is desired. Debian is, IMHO, a server distro, and ought to ALWAYS ask static or DHCP, rather than having to be reconfigured after the fact. Bug filed. One other little issue I have is that the new partitioning tool, which generally rocks, doesn't show all of the available configuration options until they apply. That, to me, meant that this dialog wasn't where those options were configured. Bug filed. Final issue was that there are three (count 'm, 3) hardware detection phases. That's bloody confusing. No good explanation yet, bug filed.

I used the auto-partition feature - creates a swap and balance to a single root drive. I then edit the partition to format with reiserfs instead of ext3. Reiser is notably faster in most circumstances. I also add _noatime_ to the mount options. Another speed tweak. I don't care when I file was viewed, just written. _notail_ is also required for the partition containing /boot. So there you go.

Sidenote - another purported advantage of ReiserFS is that it can be resized while in use, allowing LVM manipulations to occur on mounted operational file systems. Hmmm, would I trust that on a production box? I dunno. I'd have to do more research first.

After the disk is partitioned and formatted, the base system installs from the CD (I got the ISO with the base system on, for just that reason).

My, wasn't that annoying. I got to the point where it was time to install Grub in the VM debian install, and boom, my desktop blew chunks. I suppose that it's possible that there's something VMware doesn't like about X.org... Let's see if it happens again.

Nope, got through to first reboot just fine. Time to configure, then install the balance of the base debian system. Timezone, users, hostname (again?), apt, packages...

In the "Select packages to install" step, I use tasksel,choose NOTHING from the list, then Finish. That gets me a good base from which to build my system. There are a couple of packages that come down with this setup that I don't want, particularly. One is Exim.

I lean towards Postfix, only because it's nicer than Sendmail, and I know it better than anything else. Some swear by Exim, others by Qmail, and still others by Sendmail. I know a fair number of people who swear *AT* Sendmail, too... Additionally, the NFS tools are down and installed - I need to at least disable those (statd and such-like).

With the system installed, I log in, su - to root and first off check for running services. Lock the box down, then start adding services and configuring as I go. Let's have a look at open, listening ports:

mailbox:~# netstat -a | grep tcp | grep LISTEN
tcp        0      0 *:707                   *:*           LISTEN     
tcp        0      0 *:printer               *:*           LISTEN     
tcp        0      0 *:time                  *:*           LISTEN     
tcp        0      0 *:discard               *:*           LISTEN     
tcp        0      0 *:daytime               *:*           LISTEN     
tcp        0      0 *:sunrpc                *:*           LISTEN     
tcp        0      0 *:auth                  *:*           LISTEN     
tcp        0      0 *:ssh                   *:*           LISTEN     
tcp        0      0 localhost:smtp          *:*           LISTEN

Note that mail (port 25) is only listening on the internal interface. However, we've got auth, sunrpc, daytime, discard, time, printer and ... um, port 707? What's listening on port 707?

mailbox:~# lsof | grep 707
rpc.statd 5189        root    6u  IPv4  23114   TCP *:707  (LISTEN)

Ah-hah! Our friend statd. You'd think I'd remember that port number, or that it would have made it into the /etc/services file by now.Ooops, I've forgotten. I work with Vim, by preference. Is it installed? It isn't. 

mailbox:~# apt-get install vim

Now, into /etc, and I'll first edit inetd.conf, then restart the TCP superserver. Every line for a service that isn't commented, I comment out, then I type:

mailbox:/etc# netstat -a | grep tcp | grep LISTEN
tcp        0      0 *:707                   *:*           LISTEN     
tcp        0      0 *:printer               *:*           LISTEN     
tcp        0      0 *:sunrpc                *:*           LISTEN     
tcp        0      0 *:ssh                   *:*           LISTEN     
tcp        0      0 localhost:smtp          *:*           LISTEN

That cleaned up a bunch of dross. Now for the rest. There is a tool called update-rc.d, which is similar to but less capable than the Red Hat chkconfig utility. I generally find it easier to just go to the rcN.d directory for my default runlevel, and change the SNNservice links to sNNservice, where applicable. You see, with a lowercase 's', the service won't start on boot, but I can go back and see what I did, and what's there. The only downside is that those won't get removed by any post-remove package script even if I use the --purge option for apt.

mailbox:/etc# runlevel
N 2
mailbox:/etc# cd /etc/rc2.d
mailbox:/etc/rc2.d# ls
S10sysklogd  S18portmap  S20lpd      S20ssh         S89cron
S11klogd     S20exim4    S20makedev  S21nfs-common  S99rmnologin
S14ppp       S20inetd    S20pcmcia   S89atd         S99stop-bootlogd
mailbox:/etc/rc2.d# mv S18portmap s18portmap
mailbox:/etc/rc2.d# mv S20lpd s20lpd  
mailbox:/etc/rc2.d# mv S21nfs-common s21nfs-common

You'll note that I didn't change the pcmcia link, I want to remove those altogether.

mailbox:/etc/rc2.d# apt-get remove pcmcia-cs --purge
Reading Package Lists... Done
Building Dependency Tree... Done
The following packages will be REMOVED:
  pcmcia-cs*
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
Need to get 0B of archives.
After unpacking 1032kB disk space will be freed.
Do you want to continue? [Y/n] Y
(Reading database ... 20250 files and directories currently installed.)
Removing pcmcia-cs ...
Purging configuration files for pcmcia-cs ...

Now to turn off those services that I don't want running, one last time:

mailbox:/etc/rc2.d# ./s18portmap stop
Stopping portmap daemon: portmap.
mailbox:/etc/rc2.d# ./s20lpd stop
Stopping printer spooler: lpd.
mailbox:/etc/rc2.d# ./s21nfs-common stop
Stopping NFS common utilities: statd.

How are we doing on open ports now?

mailbox:/etc/rc2.d# netstat -a | grep tcp | grep LISTEN
tcp        0      0 *:sunrpc                *:*           LISTEN     
tcp        0      0 *:ssh                   *:*           LISTEN     
tcp        0      0 localhost:smtp          *:*           LISTEN

Hmmm. Still sunrpc, huh? I though stopping portmap took care of that.

mailbox:/etc/init.d# ps ax | grep portmap | grep -v grep
 5156 ?        Ss     0:00 /sbin/portmap
mailbox:/etc/init.d# kill 5156
mailbox:/etc/init.d# ps ax | grep portmap | grep -v grep
 5156 ?        Ss     0:00 /sbin/portmap
mailbox:/etc/init.d# kill -9 5156
mailbox:/etc/init.d# ps ax | grep portmap | grep -v grep
mailbox:/etc/init.d# netstat -a | grep tcp | grep LISTEN
tcp        0      0 *:ssh                   *:*           LISTEN     
tcp        0      0 localhost:smtp          *:*           LISTEN

Wow, that took some killing. But now we've got a nice tight box to start with, and I can start adding services back, as I like and properly configured. I'll start with Postfix and a couple of support packages for postfix that I'll probably be using later:

mailbox:/etc/init.d# apt-get install postfix postfix-mysql postfix-pcre

This action also de-installs Exim. There's really, truly no need for two different MTA packages on any system. Once pulled down, the dialog configuration asks me to choose between No configuration, Internet site, Internet with smarthost, Satellite system, Local only, and something called HP. Wazzat? Anyway, I'll choose Internet with smarthost... and answer a bunch of questions via ncurses (textmode) dialogs. Mostly I take defaults, as the package designers know what they're doing. If I decide to change something later, I'll do so in the config files directly.

Now to look at the open ports again, see what's changed:

mailbox:/etc/init.d# netstat -a | grep tcp | grep LISTEN
tcp        0      0 *:ssh                   *:*           LISTEN     
tcp        0      0 *:smtp                  *:*           LISTEN

As I figured, selecting any option that isn't Local only opens SMTP to the world. That's fine - Now I can go look at /etc/postfix/main.cf to see how that's setup. Nothing special there - a minimum configuration file that's not even worth showing you at this point - it's what's created by the selections I made during the installation of the package.

There's more to come, but here's a good stopping point for now.

I've got a string of busy days ahead, including some server debugging from events that happened over the weekend. I'll do the best I can, as usual. Thanks for dropping by and have a great day!

Top  /  Email Brian

Mon    TUESDAY    Wed    Thu    Fri    Sat    Sun   
April 27, 2004

0645 - Good morning. Last night was eaten by locusts ... well, that and installing White Box Enterprise Linux on a spare partition on Gryphon the Sony Laptop in anticipation of a specific need today. This morning I merely hit the snooze bar three times too many. I'm off to Gaithersburg in the teeth of the traffic. So you have a great day, eh?

Top  /  Email Brian

Mon    Tues    WEDNESDAY    Thu    Fri    Sat    Sun   
April 28, 2004

0715 - Good morning. I got YACLE (yet another cross-linking email) last night...

Jose Augusto wrote:
> Dear Bilbrey,
> 
> Your authoring skills and creativity have caught our attention on ZapFuture.com.
>  Your "essays" on www.orbdesigns.com are clear, well informed and you certainly 
> have a way putting words together.

Did I catch your attention so well that you copied the same text that over 
214 different sites on the Internet use to refer to my site? If you're looking for 
originality, you might start with some of your own, instead of copying someone 
else's list of 'blogs and then fishing for cross-promotion. I can also discern your 
careful personal attention to my site by your cunning use of my last name without 
prepending a "Mr.", or more casually, just using my first name like many correspondents 
do.

Oh, by the way, Aerogel, that "amazing substance", was first fabricated in 1931, and 
was selected as the Stardust cometary mission material collector matrix in the mid- 
to late 80's. Old tech, by many standards.

> However, we could use some help. If you like challenges and are interested in 
> helping us construct ZapFuture, posting your articles, giving suggestions, 
> moderating forums or in any other way, please give us some reply back.

As I noted, over 200 websites use the exact text to describe my journal as your 
"new" site does.

> We would be delightful to have your weighed opinions on ZapFuture.

Accumulating someone else's lists, then promoting for cross-links is nothing 
new. This is the future? It's so 1997...

Good luck, though. There are so very many news aggregators. You really need to write 
your own content, rather than just link to other people's stories. I mean, Slashdot's 
been done, already.

Don't feel put out by my overwhelmingly underwhelmed response. I get about 18 
requests for input and cross-linking a week, and almost all of them are variants 
on your scheme. You're just getting the reply so many of the others should have...

.b

-- 
Brian Bilbrey: [email protected] and www.orbdesigns.com
    The record companies pretend they're protecting the rights of 
    the musicians, but you have to be deeply dumb to believe that.
			- Orson Scott Card via ornery.org

Is that too harsh? I've been known to drop what I'm doing and spend hours researching a problem, installing a different distro, or doing whatever it takes to answer a legit question from Joe Random, or more likely someone that I've corresponded with frequently. But this is just a cross-linking traffic-builder scam, AFAICT. Meantime, I've really got better things to do with my time. By the time I got home from work last night, I'd been 12 hours, garage door to garage door. I relaxed in front of the Firefox and Thunderbird for a while, catching up on the days events, posts and email. Then I toddled off downstairs and sauteed some chicken and broccoli for supper. While eating, I read this month's Smithsonian magazine. By nine I was back up here and that email landed in my box. I followed the borked link in it, found the key phrase "Linux is a recurring theme" and thought to myself, that bastard. Form the following words into a meme: broken straw back camel ... bingo! This guy's just hit the Bilbrey email reply lottery. Oh, and look ... the dude's "delightful" rather than delighted. Grin.

News tidbits... Daniel Robbins walks away from his role as Chief Architect of Gentoo Linux a few days back. Yeah, well, you know I think Gentoo rocks - I use it on both of my main working systems, plus we've got it installed on a production web box. drobbins is a really bright guy, but I think Gentoo's got critical mass, and might profit from a different hand at the helm for a while. But kudos to the man for having vision and executing on it - so many don't! And in the meantime, here in my inbox this morning is the announcement of Gentoo release 2004.1, on time. Woo!

Fedora Core 2 Test 3 has been released. I'm still of many minds on the Red Hat / Fedora thing. People whine and spew about how RH sold out their customer base, and that per-seat licensing is a horrid thing. Yeah, well, if you want commercial support per seat, guess what, Blinky? You gotta pay for it. If you're a company with inside clued resources and a trust in Open Source processes and communities, then you're already using Debian or Gentoo, or something like that. But think about this, RHEL 3 ES works great as a domain, file and print server, costs about half of what Windows Advanced Server 2003 does (admittedly, per year), and has NO CAL requirements or restrictions. A five-pack of CALs for WAS2003 runs 450-500 dollars. No, really!. Connect clients to a RHEL box until the box falls over - there's your hard limit with Linux at the core. OTOH, I'm still peeved about my RH9 subscription that got turned into abandonware (officially on this Friday, 4/30), with time remaining on the subscription. Sure, I could convert that into a "low cost" RHEL3-WS setup, but I'm just not likely to do that. Gripping hand, I don't know that RH won't change their business model again. That's the downside of doing business as a public company, when the hounds of Wall Street demand quarterly progress, and planning for the long term goes in the shitcan everytime it comes up against quarterly objectives. I'm still worried about the impending downfall IPO of Google, for the same reason.

Another post on Slashdot asked the question First Ten Programs on New Install? To which I must answer:

  1. OpenBox (or Fluxbox)
  2. RXVT
  3. Vim
  4. Screen
  5. Firefox
  6. Thunderbird
  7. Bluefish
  8. The Gimp
  9. GQView
  10. OpenOffice.org
  11. VMware
  12. XMMS
  13. Xine
  14. XChat

Yeah, I know that's 14. But it includes several items (including Vim, RXVT and Screen) that are known to be default on most distributions, so I hereby declare that count to be 11. These are the tools with which I spend the majority of my time. Openbox, or one of the other Blackbox derivatives as a window manager because they stay out of my way, and let me mostly use the mouse for the necessary purpose: pointing at the terminal in which I want to type. RXVT rocks big time compared to a stock xterm. Vim is just great. Yeah, Emacs rocks too, but I already have an OS installed - it's called Linux. Screen lets me work in sessions, detach from them and pick them up later, often from some other place altogether. You need screen, I tell you three times. Firefox and Thunderbird, in their alpha/beta incarnations, are good enough for me - Tbird was good enough to displace Evolution, which was my mail client for better than a year. When I'm on the command line, though, Mutt is the mail tool of choice. Bluefish, The Gimp and GQView let me get webby and image stuff up fast and painlessly. OpenOffice.org permits me the ability to open, read and write legacy document formats without having to boot a legacy OS. It's also pretty good for all the other little productivity suite stuff I have to do. VMware is a joy. I can experiment with distributions, with networking, grab screenshots from installations, all sorts of things. I pay to keep VMware up to date, and it's worth every penny to me. XMMS lets me hear all the OGG files I've got from our CD collection. Xine helps me watch the occasional movie, as well as handling the NASA MOV file formats that I so like. Finally, while I don't "IM" with any regularity, IRC fills a multitude of needs, from time to time. I like the GUI client that XChat provides.

I could gin up links for all of those, but Google is your friend, so if your interest is piqued, you'll go find them easily yourself. Also, Mark has questions from Monday's kickoff post about the MailBox. I'll address those later to him, and here tomorrow morning. Now I must get on with my day. Have a fun one yourself!

Top  /  Email Brian

Mon    Tues    Wed    THURSDAY    Fri    Sat    Sun   
April 29, 2004

0913 - Good morning. I made it through terrible traffic this morning, but I'm here. Last night we went out to Ruby Tuesday's (thanks, Ron and Karen) for supper, then watched Maxtrix Revolutions. Just a little bit of Aurtherian legend usage, there at the end, eh? Good flick, though, and great CG. Now I'd best get to work. More later if there's time. Have a great day!

Top  /  Email Brian

Mon    Tues    Wed    Thu    FRIDAY    Sat    Sun   
April 30, 2004

2242 - Good evening. My days are eaten by work, my early evening in the yard, dinner, dishes and relax - boom, it's 10. I'll be thinking of ways to rearrange my posting habits so's not to be as inconsistent as I've been over the past couple of weeks. But for now, it's nearly bedtime, and you'll excuse me if I just say "Howdy!" and bail. Enjoy yourself and TGIF!

Top  /  Email Brian

Mon    Tues    Wed    Thu    Fri    SATURDAY    Sun   
May 1, 2004

0903 - Good morning. Yardwork first, then fun stuff. As I find a routine, things should steady out. The tomatoes are doing great, btw. Have a fun morning, back atcha shortly.

1438 - The yardwork is done. I weeded, pruned and re-mulched another planting bed in the front yard. This was an odd corner space that already has decorative grasses in place, and that's fine by me, but it was also full of weeds, two thirteen gallon trashbags full. Then I went over and chatted with neighbor Tim for a little while before round two. That was weeding and mowing in back, followed by bagging up the balance of the boxwood debris from two weeks ago. Ten more 33 gallon trashbags finished up that job. Now I am whacked. Time for a shower. Later...

1641 - Howdy! Here's some Q and A regarding Monday's getting started section for building a Debian mail server. I've just finished with the A, and now you can have it, too.

Addendum to Mailbox Part 1 -

There were some questions that needed answering to make this useful for at least one person:

Q: "Had to hunt to find the reiserfs option, should have been obvious, but I confused myself. Didn't add the noatime or notail options to the reiser options."

A: Yah, that new partitioning tool confused me, too, the first time I used it. In the partitioning tool, first you create the partitions, then one at a time edit the partitions. Several options in the editing of the partitions aren't available until they're pertinent. You have to change the Usage method item first, from do not use, to format. Then you can use arrow keys to select the File system: item, and set Reiser in the dialog that follows. Notail is a required option for the partition containing /boot, which is the only partition in this setup. If I *do* create a separate boot partition, I frequently do two things. First, I create it using basic EXT2. No purpose to fancy file system on something that rarely gets written to, and doesn't even need to be mounted for a normally running system (so I modify /etc/fstab so that it doesn't, and that's the second thing). Noatime says don't write to the inode when a file is merely accessed. Write and create are good enough - this is a performance tuning option. If you want to know when files are accessed, then don't set noatime.

Q: "Then I got confused with the "every line for a service that isn't commented, I comment out". I couldn't get rid of the auth and finally figured out how to do it. Seems obvious to you gurus, but us normal folks fret that, well, those things are there for a reason."

A: I might not have been clear enough when I said, "...first off check for running services. Lock the box down, then start adding services and configuring as I go." I mean, when the box is tightened down, there's literally nothing listening on the outside interface besides OpenSSH. With that I've got a box I could safely put raw on the Internet (if I so desired).

#ident       stream  tcp   wait  identd  /usr/sbin/identd    identd

That's the line that runs the service called auth, safely commented. How do we know which service is on which port? How about this for fun? First, I'll turn ident back on, by uncommenting that line, and restarting the inetd server:

mailbox:/etc# /etc/init.d/inetd restart
Restarting internet superserver: inetd.
mailbox:/etc# netstat -a | grep tcp | grep -i listen
tcp        0      0 *:auth                  *:*           LISTEN     
tcp        0      0 *:ssh                   *:*           LISTEN     
tcp        0      0 *:smtp                  *:*           LISTEN

Observe that auth is running. Now, there's no "auth" in inetd.conf, which caught you by surprise. I've done this so many times I don't even think about it anymore. So sorry. So here's how you identify the service that's got you stumped. First, observe the order above, so you can pick out the right line from the next listing. I'm adding 'n' to the netstat option, to remove the service name resolution:

mailbox:/etc# netstat -an | grep tcp | grep -i listen
tcp        0      0 0.0.0.0:113             0.0.0.0:*     LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*     LISTEN     
tcp        0      0 0.0.0.0:25              0.0.0.0:*     LISTEN

So, by order, this tells me that 113 is auth. I can confirm that by looking in the file /etc/services:

mailbox:/etc# grep auth services
auth            113/tcp         authentication tap ident
codaauth2       370/tcp 
codaauth2       370/udp               # Coda authentication server
afs3-kaserver   7004/tcp              # AFS/Kerberos authentication
kerberos_master 751/udp               # Kerberos authentication

And there's our buddy auth, shown as port 113. Yes, the /etc/services table is a very useful reference. I could have used one method or the other, to get port 113, but now you know two ways. In the services file, there's even a hint of the server, part of the tail string says "ident". But let's check that more closely, using the lsof command:

mailbox:/etc# lsof | grep auth | grep -i tcp
inetd    521    root    4u  IPv4     843    TCP *:auth (LISTEN)

Hmmm. And now we know what I knew before, that it's a service being monitored by the inetd superserver. You can't see the underlying identd service running on that port, because it isn't running until inetd gets a connection and starts the appropriate service.

The only advice I can give you is to follow the directions, don't worry and be happy. (Oh, I'd better comment that ident line out, and restart inetd again ... done).

Secondly, it turns out there's a second place where Portmap (sunrpc service) gets started, in /etc/rcS.d. I didn't catch that until about the middle of the week:

mailbox:/etc# mv rcS.d/S43portmap rcS.d/s43portmap

Q: "How does one know what services to disable?"

A: That's easy. If you don't understand it, then you can't configure it. If you can't configure it, it's vulnerable. If it's vulnerable, turn it off. As a matter of fact, let's tighten up the SSHD configuration while we're at it.

mailbox:/etc# vim ssh/sshd_config

PermitRootLogin no

mailbox:/etc# init.d/ssh restart
Restarting OpenBSD Secure Shell server: sshd.

That option, PermitRootLogin, defaults to yes. That can be handy on first boot, especially if you didn't define a regular user yet. But once you've got a normal account setup, you should turn off direct Root (administrator) access via ssh. Just another layer of difficulty for any potential attacker. They'd have to get remote access via hacking your user account, then attack the root account. That increases the time to success, and thus increases chances of detection.

Restarting the sshd server while connected to the box via ssh is fine, since the restart kills and restarts the parent server, not the spawned child process that is running your current connection.

Q: "I'm sure there is a logic to the underlying directory structure, but 'tis hard to figure it out."

A: Well, two things, maybe more. First, mostly you can find everything that configures the system inside /etc. The initscript system that mostly every distro except Gentoo and, I think, Slackware, is SysV Init. That is, it derives from UNIX System V, rather than BSD.

When the system is loaded, it starts executing init scripts based upon the description in /etc/inittab. Init scripts are found in /etc/init.d (in older linuces, /etc/rc.d/init.d). A system boots into a specific runlevel. Those runlevels are Single User (Runlevel 1) or MultiUser (Runlevels 2-5). there are directories in /etc (or in /etc/rc.d) that reflect the several runlevels, rc0.d .. rc6.d (Runlevels 0 and 6 are halt and reboot, respectively). In each rcN.d directory, there are symbolic links to the init scripts found in /etc/init.d. The symbolic links have codified filenames. To be used by the init system, the first character must be a 'S' (start) or a 'K' (kill, stop). The next two characters are a number from 00 to 99. By tradition, the balance of the filename is identical to the linked-to script in /etc/init.d, thus:

mailbox:/etc# ls -al rc3.d/S20ssh 
lrwxrwxrwx   1 root  root  13 Apr 25 20:52 rc3.d/S20ssh -> ../init.d/ssh

In /etc/inittab, there's a line (or two):

# The default runlevel.
id:2:initdefault:

The 2 in that line tells us that the system is booting into Runlevel 2 by default. Looking further at the /etc/inittab file, we see that

si::sysinit:/etc/init.d/rcS

So rcS (and thus, all of the startup scripts linked in /etc/rcS.d) are run at every boot. Then, based upon the default Runlevel, one of these lines is active: 

l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6

And all of the symlinked scripts in that runlevel (in this case /etc/rc2.d) are run during boot.

You can learn lots more about the init system by typing "man inittab" at the command line.

Finally for now, to close this topic. You have to start somewhere. You have to find instruction where you can, and when you can, validate the instructions one way or another. Either you trust the source, or you find multiple sources that give you fundamentally the same instructions, in order to be sure you aren't being told how to build a Linux mail spam relay zombie, for instance. Whenever you run into a command or a config file you don't understand, read the manpage for it, or google for more information, if the manpage doesn't exist or isn't clear. Eventually you reach the point where the tidbits of information fall into place on the knowledge framework you're building.

Yeah, sure this is lots harder than just running something from Microsoft. But then, you'll NEVER understand what's happening under the hood on that platform, and you can be turned into a spam zombie through actions entirely out of your control. But then you knew that, or you wouldn't even be reading this.

Q: "I've used vi, should I look at vim?"

A: Vim rocks. Vim is vi on all sorts of interesting and illegal chemical enhancers, nuclear boosted and rockin'. I like Vim. Can you tell?

Top  /  Email Brian

Mon    Tues    Wed    Thu    Fri    Sat    SUNDAY  
May 2, 2004

1036 - Okay, I'm awake now... barely. I finally dragged out of bed about 20 minutes ago, and I'm letting some coffee soak it's way into my bloodstream. Personally, I find coffee to be extremely motivational. Nothing new yet this morning - there was the late, long post yesterday with some Q & A about the first Mailbox entry of Monday. I'll be back later probably, but it's time to get out and do the shopping before the weather rolls in. We're due for a fair bit of rain, thunder and lightning by late afternoon. Might be fun! Have a great day.

1731 - Howdy. We got the shopping done, although there was a side-trip to a second grocery store, as Safeway managed to lose power to JUST the computers, and had to call the utility company to come out and fix things. Have they never heard of battery backup and fallback generators? Wow! Once that travelling was done, I headed back out to the home center stores to get some supplies for finishing up the walls down in the woodshop, in the next week or so. Then I can prime, paint and move on to the next phase, as I have a couple of incidental tables in mind as a first project.

Now to dive into the mail bag. It took him six days, but I finally got a reply from webmaster of the latest friendly news accumulator site, ZapFuture.com. Jose didn't seem to like that I'd taken his email badly. Apparently it was my duty to either accept his offer with quiet dignity, or trash the email without further reply. Oops, my bad... Here's his email and my latest reply. His mail is hard to read because viewed as HTML, the text doesn't wrap, and viewed as text, there's no quoting levels maintained - I've tried to make a difference by using emphasis. He really should use a decent mailer instead of LookOut!

From: =?iso-8859-1?Q?Jos=E9_Manuel_Augusto?= <[email protected]>
To: <[email protected]>
Subject: Thanks a lot
Date: Sun, 2 May 2004 19:51:58 +0100

Mr. Brian Bilbrey,
 
Please consider this a personal mail. First I have to say, THANK YOU! Thank
you for exposing my site zapfuture.com to the ridiculous on your weblog. 
 
But I am going to answer all your statements one by one: 
(Sorry If my English is not the best one, but it’s not my native language)
 
Jose Augusto wrote:

>> Dear Bilbrey,
>> 
>> Your authoring skills and creativity have caught our attention on
>> ZapFuture.com.
>>  Your "essays" on www.orbdesigns.com are clear, well informed and you
>> certainly have a way putting words together.

 Did I catch your attention so well that you copied the same text that over 
214 different sites on the Internet use to refer to my site? If you're
looking for originality, you might start with some of your own, instead of copying
someone else's list of 'blogs and then fishing for cross-promotion. I can also
discern your careful personal attention to my site by your cunning use of my last name
without prepending a "Mr.", or more casually, just using my first name like many
correspondents do.
 
I think the text you're referring to is the description of your site on
zapfuture's links page. You're an expert. You should know where did I got
that text from, right? Yes, it was from Dmoz.
 
Yes, indeed there was some mass mailing assembly procedures involved on the
mailing I send; on the construction of the text and inserting Urls. But it
stopped there. I personally checked the sites one by one, before sending
each email and also checked the emails (avoiding webmaster@). It was
supposed to be a first contact only, and from the 63 mails I send (ONLY!), I
got 8 positive feedbacks. Now, I ask you, 63 emails is YACLE bombing?
 
As you very clearly stat, I must be paying for a lot of previously YACLEs,
as you go on humiliating zapfuture's content... (I wonder what this as to do
with YACLEs)
 
Oh, by the way, Aerogel, that "amazing substance", was first fabricated in
1931, and was selected as the Stardust cometary mission material collector matrix in
the mid- to late 80's. Old tech, by many standards.
 
On this, I have to say:
        1. Nowadays Aerogel is different from 1931's Aerogel
        2. Aerogel was recent news.
        2. And most important, if you check again the article is not about
today's news but about Future Materials and Objects.
 

>> However, we could use some help. If you like challenges and are interested in 
>> helping us construct ZapFuture, posting your articles, giving suggestions,
>> moderating forums or in any other way, please give us some reply back.

 
As I noted, over 200 websites use the exact text to describe my journal as
your "new" site does.

>> We would be delightful to have your weighed opinions on ZapFuture.
 
Accumulating someone else's lists, then promoting for cross-links is nothing
new. This is the future? It's so 1997...
 
Good luck, though. There are so very many news aggregators. You really need
to write your own content, rather than just link to other people's stories. I mean,
Slashdot's been done, already.
 
If you have taken more that 5 minutes on the site, you might have noticed
that there are both.
 
There are only 2 content contributors right now, me and Roland Piquepaille,
a very well know, and, I should say, VERY brilliant writer about new tech.
 
The website is just starting, how do you want it to have tons of
contributors from the beginning? Or, how will it attract people, with only
one or two piece of news? 
 
Maybe, if people like you start helping instead of doing with you did. And
you say you help people. I wonder if you didn’t. Read my post on
physicsforums.com about helping other people...

http://physicsforums.com/showthread.php?p=200507#post200507
 
Also, take note, that the news on the sidebars are posted with authorization
from plausible futures and the others are from Moreover.
 
Don't feel put out by my overwhelmingly underwhelmed response. I get about
18 requests for input and cross-linking a week, and almost all of them are
variants on your scheme. You're just getting the reply so many of the others should
have...
 
.b
 
Thanks, but no thanks. Harm already done. Try searching for ZapFuture.com on
google!

So, at least, let me have my right to reply and post this mail on your blog.
 
My last statement is this one: 
 
With so many garbage sites out there trying to sell the most weirdest stuff
- and REALLY doing mass YACLE - why did you choose to humiliate a novice,
100% non commercial, community driven, good content web project????
 
This is just something I really don’t understand!
 
Best Regards,
 
Jose Augusto
 
José Manuel Augusto wrote:
> /*/_Mr._/*/// Brian Bilbrey,// Please consider this a personal mail. 
> First I have to say, THANK YOU! Thank you for exposing my site
> zapfuture.com to the ridiculous on your weblog.

... [lots of excuses and whining snipped off] ...

> Also, take note, that the news on the sidebars are posted with 
> authorization from plausible futures and the others are from
> Moreover.

This must be the language problem - I'm sure you don't mean that you 
have permission from the ('a' ?) future to post specific news items in your sidebar.

... [more snippage] ...

> With so many garbage sites out there trying to sell the most weirdest
>  stuff - and REALLY doing mass YACLE - why did you choose to
> humiliate a novice, 100% non commercial, community driven, good
> content web project????
> 
> This is just something I really don’t understand!

Your non-understanding is not my problem. Why are you special? You didn't 
propose anything that was to my benefit, your mailing didn't give any 
indication that you'd actually READ anything on my site, frankly your mailing 
made me SURE that your site was going to be full of questionably copied news 
and stale stories.  Finally, if you don't get this message as a "novice", then you'll 
continue your bad habits into adulthood.

What I do write, I generally post on my sites. There's nothing on your site 
(which I did go through, mind you, before replying the first time) that makes 
me want to sit up and take notice. I don't generally *LIKE* forums either 
(plainly, I'm not good at/with them) - that purpose is served well by mailing 
lists, and I don't have to go anywhere to get those.

And my statement still stands - Aerogels are old tech (AND old news, if you 
must know). I don't see any new applications jumping off the store shelves 
at me using the stuff. It isn't a "Future material" if it was first fabricated in 
the 30's and is in active (if limited) use today. Period. Understand what you 
mean to present, and check it for accuracy before posting. If not, then certainly 
be prepared to take some flack for doing so. I have, and do, regularly.

If (as you say) you ONLY sent 63 emails (although there are some 216 blog 
links just in your Technology section, how did you pick who to ask?), then 
you should have taken time to properly personalize each one - it would have 
improved both your over-all positive responses as well as been much more 
palatable to me personally. Quite frankly, when there's as much information 
and as many sites as there are on the Internet, everyone gets only one shot 
to make their best impression. For me, your mailing didn't work. Consider it 
to be a lesson in manners - if you're going to ask a favor (cross-linking) *AND* 
request for content, then take the time to do it right.

Next, there really are lots of sites that have the same sort of mission as yours 
appears to, more or less. What are you going to do to make it different. Changing 
people's browsing habits is hard, there's already more on my plate, for example, 
than I can get to in any given day. You're going to have to stand out somehow.

Finally, you'd better grow a thick skin - you'll be lionized one minute, and 
subjected to ridicule the next all through your endeavor. I get nasty unpleasant 
mail all the time. I was neither profane nor did I attempt to insult you personally, 
as so many others will, and do, to me, and soon, to you. Get used to it - people 
hide behind the shield of anonymity with great ease.

Good luck, I gave you a real link this time, just because you took the time to 
write, rather than having your robot do it. 

Future correspondence from you will not be acknowledged, I don't really have 
time for this anymore.

.brian

-- 
Brian Bilbrey: [email protected] and http://www.orbdesigns.com/
    The record companies pretend they're protecting the rights of 
    the musicians, but you have to be deeply dumb to believe that.
			- Orson Scott Card via ornery.org

Okay, so if ZapFuture is up your alley, then by all means, go there, enjoy. I didn't mean to deprive you, gentle reader, from the privilege of communing with the future through that resource.

Top  /  Email Brian

Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week

Visit the rest of the DAYNOTES GANG, a collection of bright minds and sharp wits. Really, I don't know why they tolerate me <grin>. My personal inspiration for these pages is Dr. Jerry Pournelle. I am also indebted to Bob Thompson and Tom Syroid for their patience, guidance and feedback. Of course, I am sustained by and beholden to my lovely wife, Marcia. You can find her online too, at http://www.dutchgirl.net/. Thanks for dropping by.

All Content Copyright © 1999-2011 Brian P. Bilbrey.

Creative Commons License
Except where otherwise noted, this site is licensed under the
Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.