Search Results

Search found 19 results on 1 pages for 'larsks'.

Page 1/1 | 1 

  • Aligning text to the bottom of a div: am I confused about CSS or about blueprint? [closed]

    - by larsks
    I've used Blueprint to prototype a very simple page layout...but after reading up on absolute vs. relative positioning and a number of online tutorials regarding vertical positioning, I'm not able to get things working the way I think they should. Here's my html: <div class="container" id="header> <div class="span-4" id="logo"> <img src="logo.png" width="150" height="194" /> </div> <div class="span-20 last" id="title"> <h1 class="big">TITLE</h1> </div> </div> The document does include the blueprint screen.css file. I want TITLE aligned with the bottom of the logo, which in practical terms means the bottom of #header. This was my first try: #header { position: relative; } #title { font-size: 36pt; position: absolute; bottom: 0; } Not unexpectedly, in retrospect, this puts TITLE flush left with the left edge of #header...but it failed to affect the vertical positioning of the title. So I got exactly the opposite of what I was looking for. So I tried this: #title { position: relative; } #title h1 { font-size: 36pt; position: absolute; bottom: 0; } My theory was that this would allign the h1 element with the bottom of the containing div element...but instead it made TITLE disappear, completely. I guess this means that it's rendering off the visible screen somewhere. At this point I'm baffled. I'm hoping someone here can point me in the right direction. Thanks!

    Read the article

  • Active Directory, Linux, and User Private Groups

    - by larsks
    We're in the process of moving from NIS on our Linux systems to binding everything to Active Directory. The NIS environment follows the common standard used by many Linux distributions that a user's primary group is a group of the same name as the user (and of which the user is typically the only member). I have been informed that in the Active Directory environment, you may not have a group name with the same name as a user (specifically, that no two AD security objects may have the same name). This would seem to complicate the process of moving our group definitions into AD. It looks like we could maintain the NIS group information in AD using only POSIX attributes (e.g., not an actual AD security object), but that seems like a suboptimal fix (because we do really want to have the same view of group membership in both the Unix and AD worlds). Have you moved a large legacy NIS environment into Active Directory? How did you handle this situation?

    Read the article

  • Getting at fsid under Linux? Or an alternate way of identifying filesystems?

    - by larsks
    In an environment with automounted home directories, such that the same filesystem exported by a fileserver may be mounted multiple times on the client, I would like to authoritatively be able to identify whether two mountpoints are in fact the same filesystem. That is, if the remote server exports: /home And the local client has: # mount fileserver:/home/l/lars on /home/lars type nfs (rw...) fileserver:/home/b/bob on /home/bob type nfs (rw...) I am looking for a way to identify that both /home/lars and /home/bob are in fact the same filesystem. In theory this is what the fsid result of the statvfs structure is for, but in all cases, for both local and remote filesystems, I am finding that the value of this structure member is 0. Is this some sort of client-side issue? Or do most modern NFS servers simply decline to provide a useful fsid? The end goal of all of this is to robustly interpret the output from the quota command for NFS filesystems. For example, given the example above, running quota as myself may return something like: Disk quotas for user lars (uid 6580): Filesystem blocks quota limit grace files quota limit grace otherserver:/vol/home0/a/alice 12 52428800 52428800 4 4294967295 4294967295 fileserver:/home/l/lars 9353032 9728000 10240000 124018 0 0 ...the problem here being that there exists a quota for me on otherserver which is visible in the results of the quota command, even though my home directory is actually on a different device. My plan was to look up the fsid for each mountpoint listed in the quota output and check to see if it matched the fsid associated with my home directory. It looks like this won't work, so...any suggestions?

    Read the article

  • Validating signature trust with gpg?

    - by larsks
    We would like to use gpg signatures to verify some aspects of our system configuration management tools. Additionally, we would like to use a "trust" model where individual sysadmin keys are signed with a master signing key, and then our systems trust that master key (and use the "web of trust" to validate signatures by our sysadmins). This gives us a lot of flexibility, such as the ability to easily revoke the trust on a key when someone leaves, but we've run into a problem. While the gpg command will tell you if a key is untrusted, it doesn't appear to return an exit code indicating this fact. For example: # gpg -v < foo.asc Version: GnuPG v1.4.11 (GNU/Linux) gpg: armor header: gpg: original file name='' this is a test gpg: Signature made Fri 22 Jul 2011 11:34:02 AM EDT using RSA key ID ABCD00B0 gpg: using PGP trust model gpg: Good signature from "Testing Key <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: ABCD 1234 0527 9D0C 3C4A CAFE BABE DEAD BEEF 00B0 gpg: binary signature, digest algorithm SHA1 The part we care about is this: gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. The exit code returned by gpg in this case is 0, despite the trust failure: # echo $? 0 How do we get gpg to fail in the event that something is signed with an untrusted signature? I've seen some suggestions that the gpgv command will return a proper exit code, but unfortunately gpgv doesn't know how to fetch keys from keyservers. I guess we can parse the status output (using --status-fd) from gpg, but is there a better way?

    Read the article

  • Is there a simple LDAP-to-HTTP gateway out there?

    - by larsks
    We have a local LDAP directory that provides basic contact information about our user community. We would like to integrate this into some third-party hosted services that allow us to implement widgets that run arbitrary Javascript. In order to connect Javascript to our LDAP directory, I would like to set up a simple LDAP-to-HTTP proxy that would accept HTTP GET requests, translate them into an appropriate LDAP query, and respond with directory information as JSON-encoded data. In an ideal world, something like this: GET /[email protected] Would get me something like this: { "cn": "Bob Person", "title": "System Administrator", "sn": "Person", "mail": "[email protected]", "telepehoneNumber": "617-555-1212", "givenName": "Bob" } (And this obviously assumes that the web application has locally configured information about what base DN to use, how to authenticate, etc). I guess I could write one...but surely something like this already exists? UPDATE The consensus seems to be that there isn't a pre-existing solution out there and that I should just get off my lazy derriere and write one. So I did, and it's here. It's not especially pretty, but it works for my prototyping and I figure maybe someone else will find it useful someday.

    Read the article

  • Asterisk/FreePBX: Allow other Google Talk clients to ring when using motif module

    - by larsks
    I've recently installed FreePBX to act as a link between a SIP soft phone and my Google Talk account. It was easy to set up and outbound calls work just fine, but I've run into two problems with inbound calls that I'm not sure how to resolve. I'm using an inbound route to forward all calls from Google to my soft phone. If the soft phone is not currently registered, Asterisk answers and immediately generates a fast-busy signal (reporting CHANUNAVAIL in the logs), and the call is lost. If the soft phone is registered, Asterisk "answers" the call before rining the soft phone, which means that other Google Talk clients never ring (since from their perspective someone has answered the call). For solving (1) seems like I could use the ChanIsAvail() function (or this answer) to prevent Asterisk from answering in the event that the phone isn't registered. However, I'm not sure what to do about (2), because the behavior I want is for Asterisk to not "answer" the call until I answer the call on the soft phone. How do I configure Asterisk (ideally within the FreePBX framework) such that I can continue to receive calls at other Google Talk clients in addition to forwarding them to a SIP phone?

    Read the article

  • Cross platform support for network attached USB hubs?

    - by larsks
    I am looking at network-attached USB hubs in order to run licensed software in a virtualized environment when hardware dongles are required. Are there any solutions that will work with both Linux and Windows? Most of the dedicated devices -- such as the Zonet ZUH2214 or the (oddly expensive) Digi AnywherUSB/2 -- appear to be Windows-only. Linux has the the USB/IP project, for which there appear to be Windows drivers, but the last "News" post on the site was in 2007, so I'm not entirely confident about the viability of the project. Has anyone out there found a solution that will work well in both environments?

    Read the article

  • Can you recommend a robust OpenAPI 2.0 provider?

    - by larsks
    Help me find a robust OpenID 2.0 provider! We're looking at various SSO solutions for our organization, and I would like to suggest OpenID as a viable option, since (a) there is good consumer support in a number of web applications, and (b) it's simpler to implement than Shibboleth, which is the alternative technology. However, this requires that we find a robust OpenID provider, ideally one meeting the 2.0 specification. The only solutions I've come across so far are: Atlassian Crowd This looks great, although the $4000 price tag may make it a tough sell. Community-ID This looks like an interesting idea, but I'm not sure the project quality is at a suitable level (yet). In particular, it's not clear if LDAP support actually works (which will be a requirement in our environment). Have you implemented OpenID in your environment? What are you using? Have you selected an alternative SSO technology?

    Read the article

  • Specifying prerequisites for Puppet custom facts?

    - by larsks
    I have written a custom Puppet fact that requires the biosdevname tool to be installed. I'm not sure how to set things up correctly such that this tool will be installed before facter tries to instantiate the custom fact. Facts are loaded early on in the process, so I can't simply put a package { biosdevname: ensure => installed } in the manifest, since by the time Puppet gets this far the custom fact has already failed. I was curious if I could resolve this through Puppet's run stages. I tried: stage { pre: before => Stage[main] } class { biosdevname: stage => pre } And: class biosdevname { package { biosdevname: ensure => installed } } But this doesn't work...Puppet loads facts before entering the pre stage: info: Loading facts in physical_network_config ./physical_network_config.rb:33: command not found: biosdevname -i eth0 info: Applying configuration version '1320248045' notice: /Stage[pre]/Biosdevname/Package[biosdevname]/ensure: created Etc. Is there any way to make this work? EDIT: I should make it clear that I understand, given a suitable package declaration, that the fact will run correctly on subsequent runs. The difficulty here is that this is part of our initial configuration process. We're running Puppet out of kickstart and want the network configuration to be in place before the first reboot. It sounds like the only workable solution is to simply run Puppet twice during the initial system configuration, which will ensure that the necessary packages are in place. Also, for Zoredache: # This produces a fact called physical_network_config that describes # the number of NICs available on the motherboard, on PCI bus 1, and on # PCI bus 2. The fact value is of the form <x>-<y>-<z>, where <x> # is the number of embedded interfaces, <y> is the number of interfaces # on PCI bus 1, and <z> is the number of interfaces on PCI bus 2. em = 0 pci1 = 0 pci2 = 0 Dir['/sys/class/net/*'].each { |file| devname=File.basename(file) biosname=%x[biosdevname -i #{devname}] case when biosname.match('^pci1') pci1 += 1 when biosname.match('^pci2') pci2 += 1 when biosname.match('^em[0-9]') em += 1 end } Facter.add(:physical_network_config) do setcode do "#{em}-#{pci1}-#{pci2}" end end

    Read the article

  • Scanning for new disks attached using virtio?

    - by larsks
    I can successfully attach disks to a running KVM instance using virsh attach-disk... virsh attach-disk node-1 /dev/vg_lunsr/lun1 vdb Disk attached successfully ...but these new devices aren't seen by the guest without a reboot, which almost defeats the purpose of dynamic attachment. If these were SCSI devices I would use e.g. /sys/class/scsi_host/host0/scan to request the SCSI drivers to scan for new devices. Is there an equivalent capability for the virtio block driver?

    Read the article

  • With CentOS 6 and LXC, "ifconfig" is unable to see network interface (but busybox "ifconfig" works fine)

    - by larsks
    I've just started working with LXC under CentOS 6 (via the libvirt adapter). If I create an LXC container, I'm unable to see any network interfaces when using the native system tools: # ifconfig -a # The behavior is very odd; specifying an interface by names yields neither the expected output nor an error message. This is true even for clearly invalid interface names, like this: # ifconfig foo # The ip command exhibits the same behavior. On the other hand, if I use "ifconfig" provided by busybox, everything works as expected: # busybox ifconfig -a eth0 Link encap:Ethernet HWaddr 52:54:00:E0:12:C8 inet6 addr: fe80::5054:ff:fee0:12c8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:268 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:17814 (17.3 KiB) TX bytes:552 (552.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) So...what does busybox know that the native tools don't? The libvirt config for this environment is pretty standard; the network definition looks like this: <interface type='network'> <mac address='52:54:00:e0:12:c8'/> <source network='default'/> <target dev='veth0'/> </interface> The full configuration is here if you think it might help. I'm running: lxc-0.7.2-2.el6.x86_64 kernel-2.6.32-71.29.1.el6.x86_64 EDIT Weirder and weirder...it's a display issue, not a functionality issue. I can see the output of ifconfig if I pipe it into anything, so for example: # ifconfig eth0 | cat eth0 Link encap:Ethernet HWaddr 52:54:00:E0:12:C8 inet addr:192.168.10.10 Bcast:192.168.10.255 Mask:255.255.255.0 inet6 addr: fe80::5054:ff:fee0:12c8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:573 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:37914 (37.0 KiB) TX bytes:552 (552.0 b) And in fact even when not piping the output, strace shows that ifconfig is in fact writing the output to file descriptor 1 (aka stdout), so it's not clear why no output is actually showing up. This could be either an LXC or a virsh issue, I guess.

    Read the article

  • Under FreeBSD, can a VLAN interface have a smaller MTU than the primary interface?

    - by larsks
    I have a system with two physical interfaces, combined into a LACP aggregation group. That LACP channel has two VLANs, one untagged (the "native vlan") and one using VLAN tagging. This gives us: lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:25:90:1d:fe:8e inet 10.243.24.23 netmask 0xffffff00 broadcast 10.243.24.255 media: Ethernet autoselect status: active laggproto lacp laggport: em1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> laggport: em0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=3<RXCSUM,TXCSUM> ether 00:25:90:1d:fe:8e inet 10.243.16.23 netmask 0xffffff80 broadcast 10.243.16.127 media: Ethernet autoselect status: active vlan: 610 parent interface: lagg0 Is it possible to set a 9K MTU on lagg0 while preserving the 1500 byte MTU on vlan0? Normally I would simply try this out, but this is actually on a vendor-supported platform and I am loathe to make changes "behind the back" of their administration interface. This system is roughly FreeBSD 7.3.

    Read the article

  • Applying ACLs to a Dovecot public namespace

    - by larsks
    I have a public namespace define in my dovecot (dovecot-2.0.9) configuration that looks like this: namespace { type = public separator = . prefix = news. location = maildir:/var/spool/news subscriptions = no } I would like to make all the mailboxes in this namespace read-only. I've got the following configuration for the ACL plugin: plugin { acl = vfile:/etc/dovecot/acls:cache_secs=300 } After perusing the documentation, it seemed as if I had a mailfolder /var/spool/news/.foo.bar that I could place the following into /var/spool/news/.foo.bar/dovecot-acl: anyone rl But that doesn't have any affect. I also tried creating a file /usr/local/etc/dovecot/acls/news.foo.bar with the same contents, but that didn't do anything, either. I've turned on mail debugging: mail_debug = yes But the log doesn't produce anything that appears to be relevant to ACL processing. I'm curious to know if anyone has gotten this to work correctly and if so if you could provide some configuration examples. Also, if there's any way to do this that doesn't involve per-mailbox configuration (.e.g, the ability to apply an ACL to news.* or something), that would be awesome. Getting the documented behavior for default ACLs working would be a step in the right direction.

    Read the article

  • Handling FreeBSD package upgrades using pkg_add

    - by larsks
    I'm trying to use FreeBSD's pkg_add command to install and upgrade binary packages in a build-once-install-on-multiple-machines sort of scenario. It works well when installing a new package, but upgrades are baffling me. For example, if I want to upgrade a package that is depended on by another package, I can't just install it: # pkg_add /path/to/somepackage-2.0.tbz pkg_add: package 'somepackage' or its older version already installed At this point, I can delete the older version of the package if I pass -f to the pkg_delete command: # pkg_delete -f somepackage-1.0 pkg_delete: package 'somepackage-1.0' is required by these other packages and may not be deinstalled (but I'll delete it anyway): anotherpackage-1.0 But...and this is the killer...now the dependency information is gone! I can install the upgrade: # pkg_add /path/to/somepackage-2.0.tbz And now attempts to delete it will succeed without any errors: # pkg_delete somepackage-2.0 How do I handle this gracefully (whereby "gracefully" means "in a fashion that preserves dependency information without requiring me to rebuild/reinstall and entire dependency chain"). Thanks!

    Read the article

  • Puppet templates and undefined/nil variables

    - by larsks
    I often want to include default values in Puppet templates. I was hoping that given a class like this: class myclass ($a_variable=undef) { file { '/tmp/myfile': content => template('myclass/myfile.erb'), } } I could make a template like this: a_variable = <%= a_variable || "a default value" %> Unfortunately, undef in Puppet doesn't translate to a Ruby nil value in the context of the template, so this doesn't actually work. What is the canonical way of handling default values in Puppet templates? I can set the default value to an empty string and then use the empty? test... a variable = <%= a_variable.empty? ? "a default value" : a_variable %> ...but that seems a little clunky.

    Read the article

  • Creating a pseudoterminal to make sudo happy

    - by larsks
    I need to automate the provisioning of a cloud instance (running Fedora 17) for which the following initial facts are true: I have ssh-key based access to a remote user (cloud) That user has password-free root access via sudo. Manual configuration is as simple as logging in and running sudo su - and having at it, but I would like to fully automate this process. The trick is that the system defaults to having the requiretty option enabled for sudo, which means that an attempt to do something like this: ssh remotehost sudo yum -y install puppet Will fail: sudo: sorry, you must have a tty to run sudo I am working around this right now by first pushing over a small Python script that will run a command on a pseudoterminal: import os import sys import errno import subprocess pid, master_fd = os.forkpty() if pid == 0: # child process: now that we're attached to a # pty, run the given command. os.execvp(sys.argv[1], sys.argv[1:]) else: while True: try: data = os.read(master_fd, 1024) except OSError, detail: if detail.errno == errno.EIO: break if not data: break sys.stdout.write(data) os.wait() Assuming that this is named pty, I can then run: ssh remotehost ./pty sudo yum -y install puppet This works fine, but I'm wondering if there are solutions already available that I haven't considered. I would normally think about expect, but it's not installed by default on this system. screen can do this in a pinch, but the best I came up with was: screen -dmS sudo somecommand ...which does work but eats the output. Are there any other tools available that will allocate a pseudoterminal for me that are going to be generally available?

    Read the article

  • Can Exchange be configured to populate a text/plain part of a meeting invite?

    - by larsks
    I work in an environment where some people are using Microsoft Exchange and some people are not. The meeting invitations sent out by Exchange include a text/calendar attachment with the meeting information in iCal format. They also include an empty text/plain and an empty text/html part. Is there any way to configure Exchange such that it will populate either (or both!) the text/plain or the text/html part with a human-readable version of the meeting summary? This would help out people using mail clients that do not have native support for text/calendar attachments.

    Read the article

  • Windows 2008 startup script will not run?

    - by larsks
    I am trying to get a very simple batch script to run when my Windows 2008 Server (R2) system starts up. I have added the script to the "Startup Scripts" in the local group policy by running gpedit.msc, and I see the script listed under Windows Settings/Scripts (Startup/Shutdown)/Startup when I run rsop.msc, but the script is not being executed. The "Last Executed" column in rsop is empty even after a reboot, and a file that should be created by the script is never created. At the moment, the entire contents of the script are: rem Check if this script is running. date /t > c:\temp\flag The target directory (c:\temp) exists. The script is called c:\scripts\startup.bat, and works fine if I run it by hand.

    Read the article

  • Blogger (Python) API: How do I retrieve a post by post ID?

    - by larsks
    Having previously obtained a post ID from a call to gdata.blogger.client.add_post()... post = client.add_post(...) post_id = post.get_post_id() ...how do I use that post id to retrieve the post in the future? I thought maybe gdata.blogger.client.Query would be the way to go, but this doesn't support post id as a query term. The example code distributed with the Python gdata module doesn't have an example of this use case, and after poking around gdata.blogger.client.* for a while I'm not making much progress. I could obviously iterate through all the posts in the blog until find the one with the corresponding id, but that would be a terrible, terrible idea.

    Read the article

1