Kostas' random thoughts » Work http://www.atreides.org.uk/blog Μη μου τους κύκλους τάρατε Mon, 24 Dec 2007 17:36:53 +0000 http://wordpress.org/?v=2.8.6 en hourly 1 glexec or why changing suexec is a bad idea http://www.atreides.org.uk/blog/2007/06/05/glexec-or-why-changing-suexec-is-a-bad-idea/ http://www.atreides.org.uk/blog/2007/06/05/glexec-or-why-changing-suexec-is-a-bad-idea/#comments Tue, 05 Jun 2007 10:23:07 +0000 Kostas Georgiou http://www.atreides.org.uk/blog/2007/06/05/glexec-or-why-changing-suexec-is-a-bad-idea/ I can not really believe that the LHC grid people want to use glexec in every batch system. The thought of thousands of machines running this really scares me.

The suexec sources+documentation say it clearly but I am going to repeat it one more time “Do not make any changes in the source code unless you really know what you are doing”. Just count the security holes introduced in glexec for an example on what not to do.

]]> http://www.atreides.org.uk/blog/2007/06/05/glexec-or-why-changing-suexec-is-a-bad-idea/feed/ 0 SPF problems http://www.atreides.org.uk/blog/2007/03/04/spf-problems/ http://www.atreides.org.uk/blog/2007/03/04/spf-problems/#comments Sun, 04 Mar 2007 01:34:14 +0000 Kostas Georgiou http://www.atreides.org.uk/blog/2007/03/04/spf-problems/ The people managing the mail relays at work decided to start rejecting emails based on SPF records without any warnings. Unfortunately this caused problems with the CERN mailing lists and forwards from some other domains that don’t rewrite the envelope. Of course after a few rejected emails we found out and screamed a bit but their only solution -after three days- was to stop rejecting emails to our mail server which solves half the problem since some of our student mailboxes are in the exchange server.

At least the users seem to be taking it relatively well so far.

]]> http://www.atreides.org.uk/blog/2007/03/04/spf-problems/feed/ 0 OpenLDAP or Fedora Directory Server http://www.atreides.org.uk/blog/2007/02/06/openldap-or-fedora-directory-server/ http://www.atreides.org.uk/blog/2007/02/06/openldap-or-fedora-directory-server/#comments Tue, 06 Feb 2007 18:16:05 +0000 Kostas Georgiou http://www.atreides.org.uk/blog/2007/02/06/openldap-or-fedora-directory-server/ I’ve been thinking for a while now on which one to use and I still haven’t decided. It seems that RedHat after RHEL5 will be pushing FDS but it’s not clear if it will be a $$$ addon or not. In my testing both fullfil my requirements so it’s not clear which one is better for my needs. Building FDS from the sources is possible now so vendor lockin isn’t a problem but the community seems small at the moment, although if it gets added to fedora things might start moving fast.

]]> http://www.atreides.org.uk/blog/2007/02/06/openldap-or-fedora-directory-server/feed/ 1 web frameworks http://www.atreides.org.uk/blog/2007/02/06/hdb/ http://www.atreides.org.uk/blog/2007/02/06/hdb/#comments Tue, 06 Feb 2007 17:54:23 +0000 Kostas Georgiou http://www.atreides.org.uk/blog/2007/02/06/hdb/ I am trying to decide on which language/framework to use for the frontend of a “hosts” database here at work. It seems that if I want good integration with kerberos/ldap only java (maybe Zope?) is the only choise. Rails/TurboGears/Django fail short in this area from what I can see.

]]> http://www.atreides.org.uk/blog/2007/02/06/hdb/feed/ 0