The TriLUG Member Services FAQ <author>Maintained by Jeremy Portzer <htmlurl url="mailto:jeremy(at)trilug.org" name="<jeremy(at)trilug.org>"> <date>v1.7, 13 February 2004 <abstract> This document attempts to explain the TriLUG member services. Most of these services are available only to registered TriLUG members. However, membership is free and open to anyone. See the TriLUG FAQ (<htmlurl url="http://www.trilug.org/faq/" name="http://www.trilug.org/faq/">) for more information about membership and TriLUG in general. </abstract> <toc> <sect>Preface <sect1>About the Member Services FAQ This document attempts to explain the TriLUG member services. Most of these services are available only to registered TriLUG members. However, membership is free and open to anyone. See the TriLUG FAQ for more information about membership and TriLUG in general. This document is also available in a variety of formats: HTML, text, Adobe Portable Document Format (PDF), Postscript, and SGML (Standard Generalized Markup Language). <sect1>Contact If you have any suggestions, additions, or corrections for this document, please contact the following: <itemize> <item> TriLUG Steering Committee (<htmlurl url="mailto:steering(at)trilug.org" name="steering(at)trilug.org">) <item> The current Member Services FAQ maintainer, Jeremy Portzer (<htmlurl url="mailto:jeremy(at)trilug.org" name="jeremy(at)trilug.org">) <item> The main TriLUG List (<htmlurl url="mailto:trilug(at)trilug.org" name="trilug(at)trilug.org">) </itemize> <sect1>Changelog <itemize> <item>Friday, February 13, 2004 - revised procedures for obtaining shell account (account request form now operational) <item>Saturday, September 13, 2003 - minor typo fixes <item>Friday, June 27, 2003 - changed moya.trilug.org to mail.trilug.org in several places, updated Mozilla mail information <item>Thursday June 5, 2003 - added changes made by Scott Lundgren -- thanks Scott <item>Thursday June 5, 2003 - removed K.S. email address, replaced with C.K. </itemize> <sect>Member Services Overview<label id="overview"> This section is an overview of the TriLUG Member Services <sect1> What are the TriLUG member services? This FAQ covers several of TriLUG's member services; ISP functions we are providing to our membership: <descrip> <tag/Mail Server/ The TriLUG mail server, <tt>mail.trilug.org</tt>, provides IMAP-based email services. <tag/Mirror Server/ The TriLUG mirror server, <tt>mirrors.trilug.org</tt> (dargo.trilug.org) provides FTP and HTTP access to Linux distributions and other free software <tag/Shell/Login Server/ The TriLUG login server, <tt>login.trilug.org</tt> provides *nix shell access. </descrip> <sect1> How do I get an account? To get a shell account, you will need your TriLUG Membership number, and your registered e-mail address. <itemize><item> If you have forgotton your membership number, please see <htmlurl url="http://members.trilug.org/" name="http://members.trilug.org/"> to have your member number sent to you. <item>If you've forgotten your registered e-mail address, or can no longer receive e-mail at it, please contact the Steering Committee at <htmlurl url="mailto:steering(at)trilug.org" name="steering(at)trilug.org"> for assistance. </itemize> Once you have determined this information, go to this URL to fill out an account request : <htmlurl url="http://members.trilug.org/accountrequest/" name="http://members.trilug.org/accountrequest/"> . In order to avoid a certificate error, you may wish to import the TriLUG CA; see <htmlurl url="http://www.trilug.org/resources.php" name="http://www.trilug.org/resources.php"> After filling out the form, a TriLUG system administrator will create your account. You will receive an e-mail response at this point letting you know it's ready. Be sure to change your password immediately (by logging into the shell server and running "passwd"). <bf>Note:</bf> If you previously had an account on our "fatalpha" login server, you now have an account on the TriLUG LDAP/kerberos single-sign-on system. However, your old password could not be migrated to the new system. Please contact <htmlurl url="mailto:sys(at)trilug.org" name="sys(at)trilug.org"> for assistance. <sect1> What if I'm not a member? You must join TriLUG to get a shell / mail server account. Please see our organizational FAQ (<htmlurl url="http://www.trilug.org/faq/" name="http://www.trilug.org/faq/">) for more information. Membership is free. If you're not a member, limited anonymous access to our FTP mirror is available; see the <ref id="mirror-ftp" name="FTP server"> section for more information. <sect1> What are the restrictions on using the Member Services ? <itemize> <item>You must follow the Terms of Service for Inflow, our ISP. <item>Mail quotas are set at ??? MB. Shell quotas are 25 MB. <item>In general, please respect the fact that TriLUG is run by volunteers; your friends, neighbors, and co-workers are providing this service. Please avoid anything that would cause trouble for the volunteers. </itemize> <sect1> How much does all this cost ? It's all free! Thanks to the generosity of our sponsors (<htmlurl url="http://www.trilug.org/sponsors.php" name="http://www.trilug.org/sponsors.php">) and recent member donations (<htmlurl url="http://www.trilug.org/donations.php" name="http://www.trilug.org/donations.php">), we're able to provides these services free of charge. We welcome your donations; you may bring donations to any meeting, or contact the steering committee, chair, or treasurer if you'd like to donate. See <htmlurl url="http://www.trilug.org/steering.php" name="http://www.trilug.org/steering.php"> for the contact information. TriLUG is a 501(c)(3) educational organization, so your donation may be tax-deductible. A receipt will gladly be provided for donations of $25 or more. <sect>TriLUG Mail Server These are general questions about the TriLUG Mail Server <sect1> What is the TriLUG mail server? Thanks to the generosity of many individuals and companies (see <htmlurl url="http://www.trilug.org/donations.php" name="www.trilug.org/donations.php">), TriLUG now offers a mail server to its members. Special thanks go to Inflow (<htmlurl url="http://www.inflow.com/" name="www.inflow.com">), one of our Platinum sponsors, which provides co-location and Internet bandwidth for our server cluster. <sect1> How do I get an account? See the <ref id="overview" name="Overview"> section for information about obtaining a shell/mail server account. <sect1> What information do I need to login? <itemize> <item>Incoming Mail Server (IMAP via SSL or TLS): <tt>mail.trilug.org</tt> (port 993, or port 143 with STARTTLS) <item>Outgoing Mail Server (SSL,authenticated SMTP): <tt>mail.trilug.org</tt> (port 465, or port 25 with STARTTLS) <newline>(of course, you can use your ISP's SMTP server, or a client on the login/shell server, to send mail. You could also set up an SSH tunnel to one of the TriLUG servers to use SMTP "locally".) <item>Username: your TriLUG shell/LDAP username <item>Password: your TriLUG kerberos password </itemize> <sect1> What mail clients can I use? You can use any mail client that supports IMAP via SSL or TLS. If your client doesn't support IMAP over SSL, but does support IMAP, you can use <tt>stunnel</tt> to make the SSL connection. Here are a few clients that we've tested: <descrip> <tag/Evolution/Works nicely but will give you an error about the SSL certificate the first time you connect. This is normal, since we're using a self-signed cert. Just OK it and you'll be fine on subsequent connections. You will probably have to restart Evolution after adjusting your settings, otherwise you won't get any new mail. Be sure to check the "Use SSL" boxes for both the "receiving mail" and "sending mail" tabs. You'll also need to check "Server requires authentication" box in the Sending Mail tab. <tag/Mozilla/ To enable SSL for the IMAP (incoming mail), open the Mail & Newsgroups Account Settings dialog, click on "Server Settings", and check the "Use secure connection (SSL)" box. If you want to use the TriLUG server for outgoing mail, click on the "Outgoing Server (SMTP) Settings", specify the server name, the checkbox for "Use name and password," and the radio button for "Use secure connection (SSL) - always" Use port 25, not port 465, for sending mail securely with mozilla. To get rid of certificate warnings, load the TriLUG CA Certificate in your browser by visiting <htmlurl url="http://www.trilug.org/cgi-bin/loadCAcert.cgi" name="http://www.trilug.org/cgi-bin/loadCAcert.cgi">. <tag/Pine/ You can run pine from the shell server without any special configuration. The default settings should load up your TriLUG folders just fine. If you have a long-running shell session, you may need to run <tt>kinit</tt> to get a new Kerberos ticket before starting pine; otherwise you'll be prompted for your IMAP username and password. Here are directions for configuring pine on another computer: Add a new folder collection (type S, then L, then A from main menu). For "server name" put "<tt>mail.trilug.org/user=USERID/ssl/novalidate-cert</tt>" where USERID is your username. You probably want to delete the "local folder" collection which was the only way I could get INBOX to appear in the right place. Then, go to the "Config" section of the Setup screen (type S, then C from main menu). Change the <tt>inbox-path</tt> variable to read this: <tt>{mail.trilug.org/user=USERID/ssl/novalidate-cert}INBOX</tt> where USERID is your username. You may need to restart pine after making these changes. I've not tested pine with the authenticated SMTP part of the setup (you don't need it if you're running pine directly on the TriLUG servers). <tag/Mutt/ Here are the basic .muttrc commands for for the IMAP part of the setup: <code> set imap_authenticators="login" ; set spoolfile=imaps://USERNAME@mail.trilug.org/INBOX ; set folder=imaps://USERNAME@mail.trilug.org/ ; </code> Here's a contributed .muttrc for the trilug setup that should work pretty well: <htmlurl url="http://www.trilug.org/~sws/mutt/" name="http://www.trilug.org/~sws/mutt/">(substitute your username in the for sws). Also, see <htmlurl url="http://mutt.sourceforge.net/imap/" name="http://mutt.sourceforge.net/imap/"> for some other documentation. <tag/Outlook Express/ You are not allowed to use Outlook Express with the TriLUG mail server. Just kidding! It actually seems to work pretty well. Here's some info about using OE with IMAP folders: <htmlurl url="http://www.usc.edu/dept/gero/AgeWorks/distance-education/email/outlook/outlookex5win.html" name="http://www.usc.edu/dept/gero/AgeWorks/distance-education/email/outlook/outlookex5win.html">. (Ignore the site-specific comments.) Be sure to enable SSL as with other clients. <tag/Other/ please contribute information about other mail clients </descrip> <sect1> What mail add-ons can I use? Currently, the following add-ons are installed: <itemize> <item><bf>Procmail</bf> -- sort your mail to multiple folders. Note that our procmail configuration will automatically sort to <it>IMAP</it> folders, so it's necessary that your mail client understands how to retrieve all IMAP folders. Put your .procmailrc in your home directory using the shell server. Here's a sample .procmailrc for our setup: <code> :0 * ^Subject: Test Folder | $DELIVERTO +NewTest </code> This will cause any messages with the Subject "Test Folder" to be delivered to a folder called NewTest. Notice the use of the "| $DELIVERTO" construct -- this is necessary! If you do not use this, your procmail folders will not be accessible via IMAP, and may not work at all. Also, if you're having trouble getting your procmail rules working correctly, I highly recommend setting up a procmail log. Just add this line to the top of your .procmailrc : <verb> LOGFILE=$HOME/procmail.log </verb> The log file may start taking up tons of space if you get a lot of mail, so be sure to remove this line when you're done testing. <bf>Important Note:</bf> If you use procmail to create additional folders, you will probably need to "subscribe" to them through your mail client. The procedure varies; the dialog is found under the Tools menu in Evolution and Outlook Express, for example. Consult your MUA's documentation for more details (look in the IMAP section). <item><bf>Spamassassin</bf> -- Spamassassin is installed and is running sitewide on the mail server. Currently, it is set up to scan and tag all email, but it will not delete any spam. You should probably setup a procmail rule to forward tagged spam to a different folder, so you won't see it in your INBOX all the time. This rule will work for that: <code> * ^X-Spam-Status: Yes | $DELIVERTO +spam </code> You may also want to look into Bayesian learning program, as well as other options for your <tt>~/.spamassassin/user_prefs</tt> file, such as white- and black-lists. See the man pages for <tt>sa-learn</tt> and <tt>Mail::SpamAssassin::Conf</tt>, as well as <htmlurl url="http://www.spamassassin.org" name="http://www.spamassassin.org"> for more information. You can run <tt>rpm -q spamassassin</tt> on the login server to see which version is currrently installed, which will be helpful to know when perusing the SA web site. (As of this writing, the version is 2.60.) <item><bf>Web Mail</bf> -- coming soon. </itemize> <sect> TriLUG Mirror Server Information about TriLUG's mirror server, which provides Linux distributions and other free software. <sect1>What is the TriLUG mirror server? The TriLUG Mirror Server is a dual Pentium III 600Mhz machine donated by the Center for Public Domain. Special thanks go to Inflow, our co-location provider (see Sponsors: <htmlurl url="http://www.trilug.org/sponsors.php" name="http://www.trilug.org/sponsors.php">). Several members and companies donated drives, SCSI cards, and other components... thanks! The main disk array is about 101 GB. <sect1>What is available on the mirror server? We have mirrors of several popular Linux distributions, and some other Linux or open-source related items. Here are the primary directories as of this FAQ's writing: <tscreen><verb> Immunix_6.2 linux-kernel mandrake mandrake-updates mozilla redhat security updates VA_Linux_6.2.4 </verb></tscreen> <sect1>How do I access mirrors via HTTP ? Currently, HTTP access is available to members only. Connect to <tt><htmlurl url="http://mirrors.trilug.org/" name="http://mirrors.trilug.org"></tt>. Use your registered email address as your username, and your member number as your password. <sect1>How do I access mirrors via FTP ? <label id="mirror-ftp"> <descrip> <tag/Anonymous/ FTP to <tt>mirrors.trilug.org</tt> and log in as anonymous . Anonymous access is bandwidth limited and limited to a small number of users at a time. <tag/Authenticated/ FTP to <tt>mirrors.trilug.org</tt> and log in with your registered email address as your username, and your member number as password. There are no restrictions when you are authenticated; however we do have a limited amount of bandwidth from Inflow. </descrip> <sect1>How do I use the TriLUG mirror server for up2date (current server)? (Red Hat Linux and Aurora Sparclinux only) You will need to set up your computer to use TriLUG's server instead of the default Red Hat Network. Here's how: (note: these instructions might be broken for rhl 7.x/up2date 2.8. We're working on it.) <itemize> <item> Determine your version of up2date by running <tt>rpm -q up2date</tt> at a shell prompt. If you have something less than 2.8, please upgrade (you can get Red Hat updates from mirrors.trilug.org). If you're running 3.0, there's one configuration file, <tt>/etc/sysconfig/rhn/up2date</tt>. If you're running 2.8, there are two: <tt>/etc/sysconfig/rhn/up2date</tt> and <tt>/etc/sysconfig/rhn/rhn_register</tt>. Regardless of version, you will also need trilug's CA-CERT public key. <item> Make a backup of your up2date configuration file(s), located in <tt> /etc/sysconfig/rhn/: up2date, rhn_register, systemid</tt> <item>Download the appropriate configuration files (depending on your version): <itemize> <item>Public key for dargo's <tt>current</tt> server (needed for all versions of up2date): <tt><htmlurl url="http://members.trilug.org/TRILUG-CA-CERT" name="http://members.trilug.org/TRILUG-CA-CERT"></tt> : install this file as <tt>/usr/share/rhn/TRILUG-CA-CERT</tt> <item> up2date 2.8 configuration file, installed as /etc/sysconfig/rhn/up2date : <tt><htmlurl url="http://members.trilug.org/up2date-2.8" name="http://members.trilug.org/up2date-2.8"></tt> <item> up2date 2.8 rhn_register config. file, installed as /etc/sysconfig/rhn/rhn_register : <tt><htmlurl url="http://members.trilug.org/rhn_register" name="http://members.trilug.org/rhn_register"></tt> <item> up2date 3.0 configuration file, installed as /etc/sysconfig/rhn/up2date : <tt><htmlurl url="http://members.trilug.org/up2date-3.0" name="http://members.trilug.org/up2date-3.0"></tt> </itemize> <item>If running up2date 2.8, delete or rename your <tt>/etc/sysconfig/rhn/systemid</tt> file, and then use "rhn_register" to register yourself with the new setup. For version 3.0, just run "up2date" which should recognize that you need to re-register. (The 3.0 configuration file stores your systemid in systemid.trilug and leaves the old one alone.) <item>Since Red Hat maintains the GUI client, the Current Server has to conform to what the client expects. Right now there is an incompatibility between the up2date 3.0 GUI client and the Current Server to be fixed in Current Server v. 1.4.4 due in the next few weeks. For now run update 3.0 in text mode with the "--nox" switch. If that doesn't work, "set DISPLAY= up2date" to clear the DISPLAY variable and make it think you're not running X. <item> You should see a trilug-specifc privacy policy, instead of the one from Red Hat Network. <item>Enter your registered email address as username, and your membership number as password (you'll have to enter the member number/password twice). The field marked email address is required by the client, but not used by TriLUG's server. <item>Note: the only required fields are username, password, and email address. The other information is not kept by the <tt>current</tt> server backend, so there's no point in filling it in. None of the information about your computer is saved either, so just click through all of that. <item>Complete your registration! You should be able to use up2date as normal, but now it downloads from dargo.trilug.org instead of Red Hat's servers. <item>If you wish to restore the default configuration, simply restore your backed up <tt>/etc/sysconfig/rhn/(up2date|rhn_register)</tt> configuration file(s). <item>Be aware that the <tt>current</tt> server is beta, so there may be problems from time to time. Please report any to <htmlurl url="mailto:sys(at)trilug.org" name="sys(at)trilug.org"> </itemize> <sect1>How do I access the mirrors with Apt for RPM ? TriLUG is pleased to offer an Apt for RPM server. Apt is the package updater included with debian, and a port for Red Hat and RPM-based distributions is available here: <htmlurl url="http://freshrpms.net/apt/" name="http://freshrpms.net/apt/">. Please use at least version 0.5; otherwise the authenticated access described below won't work with HTTP. The apt repositories that are available include updates from Red Hat 7.0 and greater, and the full set of OS RPMs for 7.2 and greater (follows our general mirrors). There's also a special "trilug" repository for RPMs that TriLUG sysadmins have modified for use on Trilug's servers, although this probably won't be of interest to *that* many people. Configuring Apt: <itemize> <item>Add the lines similar to the following in your /etc/apt/sources.list, substituting everything in upper-case with your real information. <code> rpm http://EMAIL:MEMBERNUM@mirrors.trilug.org/apt redhat/VERSION/LANG/ARCH os updates rpm-src http://EMAIL:MEMBERNUM@mirrors.trilug.org/apt redhat/VERSION/LANG/ARCH os updates </code> However, note that due to the URL format, you'll need to encode the "@" sign in your email address with a "%40" (hexidecimal for the ASCII "@" sign). In addition, if you use the freshrpms respository (which is not being mirrored by trilug at this writing), be sure to leave it enabled in a separate section. Here's an example /etc/apt/sources.list, verbatim except for the member number. <code> # Red Hat Linux 8.0 rpm http://jeremyp%40pobox.com:00000000@mirrors.trilug.org/apt redhat/8.0/en/i386 os updates rpm-src http://jeremyp%40pobox.com:00000000@mirrors.trilug.org/apt redhat/8.0/en/i386 os updates rpm http://apt.freshrpms.net redhat/8.0/en/i386 freshrpms rpm-src http://apt.freshrpms.net redhat/8.0/en/i386 freshrpms </code> <item>After configuring sources.list, run "apt-get update" to update your local database; if there are configuration errors you should notice them at this point. Then run "apt-get upgrade" to upgrade your system to the latest packages! <item>If you prefer to use FTP instead of HTTP, apt supports it. Just change "http" to "ftp" in the URLs. <item>If you want to include the special "trilug" repository, just add that to the list of repositories at the end of the configuration line. For example, "os updates" becomes "os updates trilug". <item> As always, if you have problems or questions, please email <htmlurl url="mailto:sys(at)trilug.org" name="sys(at)trilug.org">. </itemize> <sect1>Coming soon: rsync server <sect> TriLUG Shell/Login Server The TriLUG Shell/Login Server, <tt>fatalpha.trilug.org</tt>, is currently on vacation. But you can gain access to <tt>moya.trilug.org</tt> (or login.trilug.org) while we rebuild fatalpha. The shell servers provides shell access to a Red Hat Linux machine. It's useful to check your mail remotely, try things out on another box, or for newbies to practice Unix commands before setting up their own box. <sect1> What is the Login Server? The TriLUG Shell/Login Server is a COMPAQ AlphaServer DS10 466 MHz, generously donated by Compaq. Special thanks go to Inflow, our co-location provider (see Sponsors: <htmlurl url="http://www.trilug.org/sponsors.php" name="http://www.trilug.org/sponsors.php">). Access is limited to ssh, scp, and sftp... no insecure methods like telnet or ftp are allowed. <sect1> How do I get an account? See the <ref id="overview" name="Overview"> section for information about obtaining a shell/mail server account. <sect1> Can I set up a web page? Yes. Create a directory called <tt>public_html</tt>, make sure it has permissions of at least 755 (read/execute for everyone). Make sure your home directory has permissions of at least 711 (execute for everyone). PHP is allowed as well as CGI access through su_exec. Upload files via scp or sftp through your ssh client. Your web URL will be <tt>http://www.trilug.org/~username/</tt>. For CGI/su_exec access, give your executables the ".cgi" extension, and make sure they have permission 755 or less (su_exec doesn't like group write permission). (You can even use permission 700 since su_exec runs as your user id.) <sect> Reporting Problems, Getting Help <sect1> Ways to report problems or get help <itemize> <item> Bugzilla (<htmlurl url="http://bugzilla.trilug.org/" name="http://bugzilla.trilug.org/">) is the preferred method to report a problem or request an enhancement. <item> Send mail to the Sys mailing list (<htmlurl url="mailto:sys(at)trilug.org" name="sys(at)trilug.org">) to contact the system administrators. This is the address to request accounts, to reset forgotten passwords, or to ask questions. Also, try contacting one of the sysadmins via IRC (see below). <item> Join the hosting list (<htmlurl url="http://www.trilug.org/mailman/listinfo/hosting" name="http://www.trilug.org/mailman/listinfo/hosting">) if you want to join the discussion of the TriLUG cluster; the initiative to host open-source projects, or discuss ways you can help <item> Join the main TriLUG list (<htmlurl url="http://www.trilug.org/mailman/listinfo/trilug" name="http://www.trilug.org/mailman/listinfo/trilug">) is for open (unmoderated) discussion of all things Linux, *BSD, Free Software, and/or Open Source related; here you can ask general Linux questions not related to the Member Services <item> Send mail to the steering committee list (<htmlurl url="mailto:steering(at)trilug.org" name="steering(at)trilug.org">) if you have a concern or comment for the steering committee. </itemize> <sect1> What if all TriLUG services are down and I can't use any of the above mailing lists or TriLUG email? <itemize> <item> You can see if anyone is on IRC, channel #trilug on irc.freenode.net. This does not depend on any of TriLUG's servers. <item> Some current steering committee members' non-Trilug email addresses: Chris Knowles: <htmlurl url="mailto:chrisk(at)nc.rr.com" name="chrisk(at)nc.rr.com">, Tanner Lovelace <htmlurl url="mailto:lovelace(at)wayfarer.org" name="lovelace(at)wayfarer.org">, Jeremy Portzer <htmlurl url="mailto:portzerj(at)yahoo.com" name="portzerj(at)yahoo.com"> <item> Generally, someone on the steering committee will probably notice pretty quickly if TriLUG services go down, so just be patient. *grin* </itemize> </article>