Linux system administrator and developer
I develop /etc/net project (http://etcnet.org) and my goal is to integrate it
into Fedora Core.
I am a member of ALTLinux Team. /etc/net is already integrated into ALTLinux
development tree and should soon be seen in 3.0 version.
I know that ArchLinux has /etc/net in its repository. IDMS Linux did so too,
but i haven't heard from them for last months.
My skills include 6 years Linux experience, several programming
languages, 5 years of mixed software development and system/network
administration and so on, but I guess it's not related much to my goal now.
I have reviewed current initscripts buglist.
Some bugs are not bugs in /etc/net:
#65114 RFE: ifup-aliases iproute support, ifup/ifup-aliases scop...
#75390 it would be nice to tie bandwidth shaping into the networ...
#129820 initscripts maclist patch
#132252 Request for addition of routing rule config file
#132912 No additional IP addresses at ethX without aliased devices
#132925 initscripts use old ifconfig instead of iproute2
#154348 Adds support for WPA (Wi-Fi Protected Access) to the ifup...
#168990 No ifup-gre/ifdown-gre scripts.
#170884 MTU of ethernet card can't be set before interface is up
#171763 Enhancement to initscripts
Some bugs gave me ideas how to improve /etc/net:
#59114 .d-style scripts for ifup/ifdown
#119952 RFE: Add hook for "local" network initialization
#124045 Support setting a metric on interface routes
The whole process, if we don't face some unexpected problems, should take
3 to 6 months. What I need:
1. Ability to advocate patches (sometimes heavy) to about 10-20 FC packages.
2. Probably some help with documentation.
How can we start?
pub 1024D/6D1844F2 2002-11-11
Key fingerprint = AF2F DDAE 7EB3 4699 09FF F0FC 00B1 6D41 6D18 44F2
uid Denis Ovsienko <linux(a)pilot.org.ua>
uid Denis Ovsienko (http://pilot.org.ua) <pilot(a)altlinux.ru>
sub 2048g/57B7ACBE 2002-11-11
I don't know the right way to fix this, but something is definitely broken;
and something needs to be fixed, one way or the other. The question is what
exactly needs to be fixed.
Consider something like this:
AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), AC_MSG_RESULT(no))
Here's what happens on x86_64:
gcc -o conftest -g -O2 -Wall -I.. -I./.. conftest.c -lresolv >&5
/tmp/ccW7EeDX.o(.text+0x7): In function `main':
/home/mrsam/src/courier/authlib/configure:5160: undefined reference to
collect2: ld returned 1 exit status
configure:5147: $? = 1
configure: failed program was:
[ blah blah blah ]
| /* We use char because int might match the return type of a gcc2
| builtin and then its argument prototype would still apply. */
| char res_query ();
| main ()
| res_query ();
| return 0;
The same exact test on FC1 x86 will work.
The reason appears to be that you have to #include <resolv.conf> on x86_64
in order to succesfully pull res_query() out of libresolv.so. You don't
need to do this on x86, and the test program generated by AC_TRY_LINK_FUNC
does not include any headers, but uses a manual prototype.
So, what now?
I saw zeroconf in action at a Mac based facility a while back and I have
to say I was impressed. It makes their networking setup very easy. The
biggest downside was that they knew very little about how their network
actually worked. That made my life integrating a Linux system in to
their environment much more difficult. So, I'd like to see zeroconf
really integrated in to FC5. I think it'll make network setup for a lot
of users much easier.
For those who don't know, zeroconf provides several functions:
*) Dynamically allocating an IP address to a system when it boots
(without requiring a DHCP server)
*) Translate between names and IP addresses (without any setup or
*) Allows for the publishing and discovery of services such as DNS,
NFS, ftp, http, printers, whatever (without requiring any setup or
*) Allocates multicast addresses (without a MADCAP server). (This part
isn't yet supported and I'm not sure I know what it means :))
Fedora ships with Howl which looks to be the framework for doing
zeroconf. It seems that what's needed is integrating howl in to all the
I was wondering if is or ever will be possible to install srpms using
yum. In the yum manpage it says you can specify a package using
'package.arch', so I was wondering if that could be done with
'package.src'. I think this would really be a helpful feature. At the
moment to get a srpm I have to go to one of the ftp mirrors, find the
right folder then search for the right package among hundreds of other
Disclaimer: I hope that this is the right mailing list, but I really
wanted to reach developers would can say if it's feasible and what to
use for that.
Anyway, I was fighting the usual problems with networks and came up with the
following dream to make my life easier as a network admin. Basically I
am tired of fixing things, of worrying if a hard disk will die, of
having to deal with data access, backup etc...
I was thinking this through by looking at how most of my coworkers,
friends, and small offices use their PCs in day-to-day operations and
applying that work flow to a solution.
Before, somebody screams, this means little or moderate daily data
generation so that, basically, a laptop drive could hold the entire
company's data. (This may require email-purge rules and other things
Anyway here it is: Basically, I suggest that (almost) all PCs in the
network be laptops with the exact same image. Furthermore, they
replicate their HD continuously (with possibly some delay).
This certainly applies to the user data and application. It may not
be necessary for the OS
I am not sure of the technology to use here, but I thought something
deriving from the P-to-P technology, some distributed file system,
some database replication technology or even freenet could be a
Since every laptop will contain ALL the data for the
whole network, every laptop uses hardware encryption
at the hard disk level using an external dongle/card/whatever to limit
the risk when a laptop is lost or stolen.
Additionally, every login ALSO uses a dongle/card for access to their
account. This makes it (almost) impossible for somebody stealing a
laptop to get access to the whole data. Additionally, it makes it
(alomst) impossible for somebody to fet to other people's data. If a
system dies, you just get a new one and sync it up. However, one main
idea is that you always have EVERYTHING you need right where you are,
no matter WHERE you are. Also, there is no UPS to worry about.
Communication between PCs could be implemented using VPN/IPSec or
whatever other protected mechanism. Internet access would have to be
"sandboxed", but UNIX based OSes allow for that easily. That's the
gist of it. A lot of things can be configured in many ways, but the
whole point here is to simplify people's life.
Look at it from a disaster recovery: a lot of people bring their laptop home.
Even if the company's building burns down as well as a few employees
homes, one surviving laptop is enough to bring the business back online.
* seamless company disaster recovery
* seamless personal computer loss recovery (you lose everything since
the last sync)
* you can use ANY laptop and find YOUR own environment and files
* no central server/single point of failure
* no UPS except for the internet firewall (this comes from the PCs
* sync across a lot of PCs might be tricky and needs to be tuned.
Maybe randonly select one as master like the SMB Master browser
* each laptop needs to have enough space for the whole company's data
* maybe not appropriate for disk intensive applications (video capture...)
I wanted to post it here for other people to use if they think it's a
good idea. (and also to preempt any proprietary company from saying
It seems that Windows Vista is coming with some automatic
synchronization across two PCs so, that's one step towards it, but we
have different goals.
I posted this somewhere and somebody pointed me toward stateless linux
and it seems pretty cool and close to what I was thinking of. I'll
look smoe more into it, but does anybody see this as useful for VERY
SMALL networks? (I already got bashed by enterprise admins sneernig at
people who don't want a rack server, so if that's your intent, just
reply "me too").
Feel free to comment (I know people will).
-----BEGIN PGP SIGNED MESSAGE-----
Just did a kickstart install of rawhide and it did not exclude the
packages I had marked with "-name". Is this a known issue?
- - Orion
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
During the FC4 development cycle I mistakenly asked for 2.6.12 to be
included because it "had" the ip_conntrack for ipv6. This was based on
something I read. It turns out the person was misquoting. The USAGI
project was promising this for a patch for 2.6.12. It was never included
at least to my knowledge.
My wish list for FC5 includes the following:
TARPIT target for IPTABLES (I think it is already included).
connlimit (and friends) matching for the kernel, this exists in
documentation but has not yet made the mainstream kernel. Help should be
given to get it there and it should be included.
ip6_conntrack (or whatever it's name is) should be given similar help
and should be included.
Other than that, most of my wishes are ready being addressed. I do think
these are very important for both desktop and server/firewall machines.
"I conceive that a great part of the miseries of mankind are brought
upon them by the false estimates they have made of the value of things."
-- Benjamin Franklin
I have been a Fedora user since FC1, and now I'd like to contribute to
the project. I know some Python, but no GUI (as yet). My more tested
programming skills lie is pascal and delphi. I am interested in building
a cnfiguration tool for sshd to help me learn the python language
better, and also to contribute to the fedora project. But I need some help:
Knowledge - HOWTOs, tutorial, whitepapers, etc that I need to read to
properly write a system-config applicat ion
Rules - Standards, and guidelines that I shoudl follow
Technologies - gui toolkits, modules, etc that I should stick to in
learning and building a system-config tool.
Thanks for your assistance and time.
PS: the fedora-config-list is dead, so I'm reposting here
The Fedora Core team invites you to participate in a survey to help
identify the major ways in which Fedora can be improved for the benefit
of the community. The survey consists of 10 questions involving Fedora
Core and Fedora Extras. We are greatly interested in your views and
hope you can share your thoughts with us. The survey is available at:
The survey is enabled now and will remain open for input until
Wednesday, November 30.
Thanks in advance for helping us to make Fedora better for all
involved. Upon conclusion of the survey, a summary of the results will