The TriLUG Member Services FAQ Maintained by Jeremy Portzer v1.7, 13 February 2004 This document attempts to explain the TriLUG member services. Most of these services are available only to registered TriLUG members. How- ever, membership is free and open to anyone. See the TriLUG FAQ (http://www.trilug.org/faq/) for more information about membership and TriLUG in general. ______________________________________________________________________ Table of Contents 1. Preface 1.1 About the Member Services FAQ 1.2 Contact 1.3 Changelog 2. Member Services Overview 2.1 What are the TriLUG member services? 2.2 How do I get an account? 2.3 What if I'm not a member? 2.4 What are the restrictions on using the Member Services ? 2.5 How much does all this cost ? 3. TriLUG Mail Server 3.1 What is the TriLUG mail server? 3.2 How do I get an account? 3.3 What information do I need to login? 3.4 What mail clients can I use? 3.5 What mail add-ons can I use? 4. TriLUG Mirror Server 4.1 What is the TriLUG mirror server? 4.2 What is available on the mirror server? 4.3 How do I access mirrors via HTTP ? 4.4 How do I access mirrors via FTP ? 4.5 How do I use the TriLUG mirror server for up2date (current server)? (Red Hat Linux and Aurora Sparclinux only) 4.6 How do I access the mirrors with Apt for RPM ? 4.7 Coming soon: rsync server 5. TriLUG Shell/Login Server 5.1 What is the Login Server? 5.2 How do I get an account? 5.3 Can I set up a web page? 6. Reporting Problems, Getting Help 6.1 Ways to report problems or get help 6.2 What if all TriLUG services are down and I can't use any of the above mailing lists or TriLUG email? ______________________________________________________________________ 1. Preface 1.1. About the Member Services FAQ This document attempts to explain the TriLUG member services. Most of these services are available only to registered TriLUG members. However, membership is free and open to anyone. See the TriLUG FAQ for more information about membership and TriLUG in general. This document is also available in a variety of formats: HTML, text, Adobe Portable Document Format (PDF), Postscript, and SGML (Standard Generalized Markup Language). 1.2. Contact If you have any suggestions, additions, or corrections for this document, please contact the following: o TriLUG Steering Committee (steering(at)trilug.org) o The current Member Services FAQ maintainer, Jeremy Portzer (jeremy(at)trilug.org) o The main TriLUG List (trilug(at)trilug.org) 1.3. Changelog o Friday, February 13, 2004 - revised procedures for obtaining shell account (account request form now operational) o Saturday, September 13, 2003 - minor typo fixes o Friday, June 27, 2003 - changed moya.trilug.org to mail.trilug.org in several places, updated Mozilla mail information o Thursday June 5, 2003 - added changes made by Scott Lundgren -- thanks Scott o Thursday June 5, 2003 - removed K.S. email address, replaced with C.K. 2. Member Services Overview This section is an overview of the TriLUG Member Services 2.1. What are the TriLUG member services? This FAQ covers several of TriLUG's member services; ISP functions we are providing to our membership: Mail Server The TriLUG mail server, mail.trilug.org, provides IMAP-based email services. Mirror Server The TriLUG mirror server, mirrors.trilug.org (dargo.trilug.org) provides FTP and HTTP access to Linux distributions and other free software Shell Login Server/ The TriLUG login server, login.trilug.org provides *nix shell access. 2.2. How do I get an account? To get a shell account, you will need your TriLUG Membership number, and your registered e-mail address. o If you have forgotton your membership number, please see http://members.trilug.org/ to have your member number sent to you. o If you've forgotten your registered e-mail address, or can no longer receive e-mail at it, please contact the Steering Committee at steering(at)trilug.org for assistance. Once you have determined this information, go to this URL to fill out an account request : https://www.trilug.org/accountrequest/ . In order to avoid a certificate error, you may wish to import the TriLUG CA; see http://www.trilug.org/resources.php After filling out the form, a TriLUG system administrator will create your account. You will receive an e-mail response at this point letting you know it's ready. Be sure to change your password immediately (by logging into the shell server and running "passwd"). Note: If you previously had an account on our "fatalpha" login server, you now have an account on the TriLUG LDAP/kerberos single-sign-on system. However, your old password could not be migrated to the new system. Please contact sys(at)trilug.org for assistance. 2.3. What if I'm not a member? You must join TriLUG to get a shell / mail server account. Please see our organizational FAQ (http://www.trilug.org/faq/) for more information. Membership is free. If you're not a member, limited anonymous access to our FTP mirror is available; see the ``FTP server'' section for more information. 2.4. What are the restrictions on using the Member Services ? o You must follow the Terms of Service for Inflow, our ISP. o Mail quotas are set at ??? MB. Shell quotas are 25 MB. o In general, please respect the fact that TriLUG is run by volunteers; your friends, neighbors, and co-workers are providing this service. Please avoid anything that would cause trouble for the volunteers. 2.5. How much does all this cost ? It's all free! Thanks to the generosity of our sponsors (http://www.trilug.org/sponsors.php) and recent member donations (http://www.trilug.org/donations.php), we're able to provides these services free of charge. We welcome your donations; you may bring donations to any meeting, or contact the steering committee, chair, or treasurer if you'd like to donate. See http://www.trilug.org/steering.php for the contact information. TriLUG is a 501(c)(3) educational organization, so your donation may be tax-deductible. A receipt will gladly be provided for donations of $25 or more. 3. TriLUG Mail Server These are general questions about the TriLUG Mail Server 3.1. What is the TriLUG mail server? Thanks to the generosity of many individuals and companies (see www.trilug.org/donations.php), TriLUG now offers a mail server to its members. Special thanks go to Inflow (www.inflow.com), one of our Platinum sponsors, which provides co-location and Internet bandwidth for our server cluster. 3.2. How do I get an account? See the ``Overview'' section for information about obtaining a shell/mail server account. 3.3. What information do I need to login? o Incoming Mail Server (IMAP via SSL or TLS): mail.trilug.org (port 993, or port 143 with STARTTLS) o Outgoing Mail Server (SSL,authenticated SMTP): mail.trilug.org (port 465, or port 25 with STARTTLS) (of course, you can use your ISP's SMTP server, or a client on the login/shell server, to send mail. You could also set up an SSH tunnel to one of the TriLUG servers to use SMTP "locally".) o Username: your TriLUG shell/LDAP username o Password: your TriLUG kerberos password 3.4. What mail clients can I use? You can use any mail client that supports IMAP via SSL or TLS. If your client doesn't support IMAP over SSL, but does support IMAP, you can use stunnel to make the SSL connection. Here are a few clients that we've tested: Evolution Works nicely but will give you an error about the SSL certificate the first time you connect. This is normal, since we're using a self-signed cert. Just OK it and you'll be fine on subsequent connections. You will probably have to restart Evolution after adjusting your settings, otherwise you won't get any new mail. Be sure to check the "Use SSL" boxes for both the "receiving mail" and "sending mail" tabs. You'll also need to check "Server requires authentication" box in the Sending Mail tab. Mozilla To enable SSL for the IMAP (incoming mail), open the Mail & Newsgroups Account Settings dialog, click on "Server Settings", and check the "Use secure connection (SSL)" box. If you want to use the TriLUG server for outgoing mail, click on the "Outgoing Server (SMTP) Settings", specify the server name, the checkbox for "Use name and password," and the radio button for "Use secure connection (SSL) - always" Use port 25, not port 465, for sending mail securely with mozilla. To get rid of certificate warnings, load the TriLUG CA Certificate in your browser by visiting http://www.trilug.org/cgi-bin/loadCAcert.cgi. Pine You can run pine from the shell server without any special configuration. The default settings should load up your TriLUG folders just fine. If you have a long-running shell session, you may need to run kinit to get a new Kerberos ticket before starting pine; otherwise you'll be prompted for your IMAP username and password. Here are directions for configuring pine on another computer: Add a new folder collection (type S, then L, then A from main menu). For "server name" put "mail.trilug.org/user=USERID/ssl/novalidate-cert" where USERID is your username. You probably want to delete the "local folder" collection which was the only way I could get INBOX to appear in the right place. Then, go to the "Config" section of the Setup screen (type S, then C from main menu). Change the inbox-path variable to read this: {mail.trilug.org/user=USERID/ssl/novalidate-cert}INBOX where USERID is your username. You may need to restart pine after making these changes. I've not tested pine with the authenticated SMTP part of the setup (you don't need it if you're running pine directly on the TriLUG servers). Mutt Here are the basic .muttrc commands for for the IMAP part of the setup: ________________________________________________________________ set imap_authenticators="login" ; set spoolfile=imaps://USERNAME@mail.trilug.org/INBOX ; set folder=imaps://USERNAME@mail.trilug.org/ ; ________________________________________________________________ Here's a contributed .muttrc for the trilug setup that should work pretty well: http://www.trilug.org/~sws/mutt/(substitute your user- name in the for sws). Also, see http://mutt.sourceforge.net/imap/ for some other documentation. Outlook Express You are not allowed to use Outlook Express with the TriLUG mail server. Just kidding! It actually seems to work pretty well. Here's some info about using OE with IMAP folders: http://www.usc.edu/dept/gero/AgeWorks/distance- education/email/outlook/outlookex5win.html. (Ignore the site- specific comments.) Be sure to enable SSL as with other clients. Other please contribute information about other mail clients 3.5. What mail add-ons can I use? Currently, the following add-ons are installed: o Procmail -- sort your mail to multiple folders. Note that our procmail configuration will automatically sort to IMAP folders, so it's necessary that your mail client understands how to retrieve all IMAP folders. Put your .procmailrc in your home directory using the shell server. Here's a sample .procmailrc for our setup: ___________________________________________________________________ :0 * ^Subject: Test Folder | $DELIVERTO +NewTest ___________________________________________________________________ This will cause any messages with the Subject "Test Folder" to be delivered to a folder called NewTest. Notice the use of the "| $DELIVERTO" construct -- this is necessary! If you do not use this, your procmail folders will not be accessible via IMAP, and may not work at all. Also, if you're having trouble getting your procmail rules working correctly, I highly recommend setting up a procmail log. Just add this line to the top of your .procmailrc : LOGFILE=$HOME/procmail.log The log file may start taking up tons of space if you get a lot of mail, so be sure to remove this line when you're done testing. Important Note: If you use procmail to create additional folders, you will probably need to "subscribe" to them through your mail client. The procedure varies; the dialog is found under the Tools menu in Evolution and Outlook Express, for example. Consult your MUA's documentation for more details (look in the IMAP section). o Spamassassin -- Spamassassin is installed and is running sitewide on the mail server. Currently, it is set up to scan and tag all email, but it will not delete any spam. You should probably setup a procmail rule to forward tagged spam to a different folder, so you won't see it in your INBOX all the time. This rule will work for that: ___________________________________________________________________ * ^X-Spam-Status: Yes | $DELIVERTO +spam ___________________________________________________________________ You may also want to look into Bayesian learning program, as well as other options for your ~/.spamassassin/user_prefs file, such as white- and black-lists. See the man pages for sa-learn and Mail::SpamAssassin::Conf, as well as http://www.spamassassin.org for more information. You can run rpm -q spamassassin on the login server to see which version is currrently installed, which will be helpful to know when perusing the SA web site. (As of this writing, the version is 2.60.) o Web Mail -- coming soon. 4. TriLUG Mirror Server Information about TriLUG's mirror server, which provides Linux distributions and other free software. 4.1. What is the TriLUG mirror server? The TriLUG Mirror Server is a dual Pentium III 600Mhz machine donated by the Center for Public Domain. Special thanks go to Inflow, our co-location provider (see Sponsors: http://www.trilug.org/sponsors.php). Several members and companies donated drives, SCSI cards, and other components... thanks! The main disk array is about 101 GB. 4.2. What is available on the mirror server? We have mirrors of several popular Linux distributions, and some other Linux or open-source related items. Here are the primary directories as of this FAQ's writing: Immunix_6.2 linux-kernel mandrake mandrake-updates mozilla redhat security updates VA_Linux_6.2.4 4.3. How do I access mirrors via HTTP ? Currently, HTTP access is available to members only. Connect to http://mirrors.trilug.org. Use your registered email address as your username, and your member number as your password. 4.4. How do I access mirrors via FTP ? Anonymous FTP to mirrors.trilug.org and log in as anonymous . Anonymous access is bandwidth limited and limited to a small number of users at a time. Authenticated FTP to mirrors.trilug.org and log in with your registered email address as your username, and your member number as password. There are no restrictions when you are authenticated; however we do have a limited amount of bandwidth from Inflow. 4.5. How do I use the TriLUG mirror server for up2date (current server)? (Red Hat Linux and Aurora Sparclinux only) You will need to set up your computer to use TriLUG's server instead of the default Red Hat Network. Here's how: (note: these instructions might be broken for rhl 7.x/up2date 2.8. We're working on it.) o Determine your version of up2date by running rpm -q up2date at a shell prompt. If you have something less than 2.8, please upgrade (you can get Red Hat updates from mirrors.trilug.org). If you're running 3.0, there's one configuration file, /etc/sysconfig/rhn/up2date. If you're running 2.8, there are two: /etc/sysconfig/rhn/up2date and /etc/sysconfig/rhn/rhn_register. Regardless of version, you will also need trilug's CA-CERT public key. o Make a backup of your up2date configuration file(s), located in /etc/sysconfig/rhn/: up2date, rhn_register, systemid o Download the appropriate configuration files (depending on your version): o Public key for dargo's current server (needed for all versions of up2date): http://members.trilug.org/TRILUG-CA-CERT : install this file as /usr/share/rhn/TRILUG-CA-CERT o up2date 2.8 configuration file, installed as /etc/sysconfig/rhn/up2date : http://members.trilug.org/up2date-2.8 o up2date 2.8 rhn_register config. file, installed as /etc/sysconfig/rhn/rhn_register : http://members.trilug.org/rhn_register o up2date 3.0 configuration file, installed as /etc/sysconfig/rhn/up2date : http://members.trilug.org/up2date-3.0 o If running up2date 2.8, delete or rename your /etc/sysconfig/rhn/systemid file, and then use "rhn_register" to register yourself with the new setup. For version 3.0, just run "up2date" which should recognize that you need to re-register. (The 3.0 configuration file stores your systemid in systemid.trilug and leaves the old one alone.) o Since Red Hat maintains the GUI client, the Current Server has to conform to what the client expects. Right now there is an incompatibility between the up2date 3.0 GUI client and the Current Server to be fixed in Current Server v. 1.4.4 due in the next few weeks. For now run update 3.0 in text mode with the "--nox" switch. If that doesn't work, "set DISPLAY= up2date" to clear the DISPLAY variable and make it think you're not running X. o You should see a trilug-specifc privacy policy, instead of the one from Red Hat Network. o Enter your registered email address as username, and your membership number as password (you'll have to enter the member number/password twice). The field marked email address is required by the client, but not used by TriLUG's server. o Note: the only required fields are username, password, and email address. The other information is not kept by the current server backend, so there's no point in filling it in. None of the information about your computer is saved either, so just click through all of that. o Complete your registration! You should be able to use up2date as normal, but now it downloads from dargo.trilug.org instead of Red Hat's servers. o If you wish to restore the default configuration, simply restore your backed up /etc/sysconfig/rhn/(up2date|rhn_register) configuration file(s). o Be aware that the current server is beta, so there may be problems from time to time. Please report any to sys(at)trilug.org 4.6. How do I access the mirrors with Apt for RPM ? TriLUG is pleased to offer an Apt for RPM server. Apt is the package updater included with debian, and a port for Red Hat and RPM-based distributions is available here: http://freshrpms.net/apt/. Please use at least version 0.5; otherwise the authenticated access described below won't work with HTTP. The apt repositories that are available include updates from Red Hat 7.0 and greater, and the full set of OS RPMs for 7.2 and greater (follows our general mirrors). There's also a special "trilug" repository for RPMs that TriLUG sysadmins have modified for use on Trilug's servers, although this probably won't be of interest to *that* many people. Configuring Apt: o Add the lines similar to the following in your /etc/apt/sources.list, substituting everything in upper-case with your real information. ___________________________________________________________________ rpm http://EMAIL:MEMBERNUM@mirrors.trilug.org/apt redhat/VERSION/LANG/ARCH os updates rpm-src http://EMAIL:MEMBERNUM@mirrors.trilug.org/apt redhat/VERSION/LANG/ARCH os updates ___________________________________________________________________ However, note that due to the URL format, you'll need to encode the "@" sign in your email address with a "%40" (hexidecimal for the ASCII "@" sign). In addition, if you use the freshrpms respository (which is not being mirrored by trilug at this writing), be sure to leave it enabled in a separate section. Here's an example /etc/apt/sources.list, verbatim except for the member number. ______________________________________________________________________ # Red Hat Linux 8.0 rpm http://jeremyp%40pobox.com:00000000@mirrors.trilug.org/apt redhat/8.0/en/i386 os updates rpm-src http://jeremyp%40pobox.com:00000000@mirrors.trilug.org/apt redhat/8.0/en/i386 os updates rpm http://apt.freshrpms.net redhat/8.0/en/i386 freshrpms rpm-src http://apt.freshrpms.net redhat/8.0/en/i386 freshrpms ______________________________________________________________________ o After configuring sources.list, run "apt-get update" to update your local database; if there are configuration errors you should notice them at this point. Then run "apt-get upgrade" to upgrade your system to the latest packages! o If you prefer to use FTP instead of HTTP, apt supports it. Just change "http" to "ftp" in the URLs. o If you want to include the special "trilug" repository, just add that to the list of repositories at the end of the configuration line. For example, "os updates" becomes "os updates trilug". o As always, if you have problems or questions, please email sys(at)trilug.org. 4.7. Coming soon: rsync server 5. TriLUG Shell/Login Server The TriLUG Shell/Login Server, fatalpha.trilug.org, is currently on vacation. But you can gain access to moya.trilug.org (or login.trilug.org) while we rebuild fatalpha. The shell servers provides shell access to a Red Hat Linux machine. It's useful to check your mail remotely, try things out on another box, or for newbies to practice Unix commands before setting up their own box. 5.1. What is the Login Server? The TriLUG Shell/Login Server is a COMPAQ AlphaServer DS10 466 MHz, generously donated by Compaq. Special thanks go to Inflow, our co- location provider (see Sponsors: http://www.trilug.org/sponsors.php). Access is limited to ssh, scp, and sftp... no insecure methods like telnet or ftp are allowed. 5.2. How do I get an account? See the ``Overview'' section for information about obtaining a shell/mail server account. 5.3. Can I set up a web page? Yes. Create a directory called public_html, make sure it has permissions of at least 755 (read/execute for everyone). Make sure your home directory has permissions of at least 711 (execute for everyone). PHP is allowed as well as CGI access through su_exec. Upload files via scp or sftp through your ssh client. Your web URL will be http://www.trilug.org/~username/. For CGI/su_exec access, give your executables the ".cgi" extension, and make sure they have permission 755 or less (su_exec doesn't like group write permission). (You can even use permission 700 since su_exec runs as your user id.) 6. Reporting Problems, Getting Help 6.1. Ways to report problems or get help o Bugzilla (http://bugzilla.trilug.org/) is the preferred method to report a problem or request an enhancement. o Send mail to the Sys mailing list (sys(at)trilug.org) to contact the system administrators. This is the address to request accounts, to reset forgotten passwords, or to ask questions. Also, try contacting one of the sysadmins via IRC (see below). o Join the hosting list (http://www.trilug.org/mailman/listinfo/hosting) if you want to join the discussion of the TriLUG cluster; the initiative to host open-source projects, or discuss ways you can help o Join the main TriLUG list (http://www.trilug.org/mailman/listinfo/trilug) is for open (unmoderated) discussion of all things Linux, *BSD, Free Software, and/or Open Source related; here you can ask general Linux questions not related to the Member Services o Send mail to the steering committee list (steering(at)trilug.org) if you have a concern or comment for the steering committee. 6.2. What if all TriLUG services are down and I can't use any of the above mailing lists or TriLUG email? o You can see if anyone is on IRC, channel #trilug on irc.freenode.net. This does not depend on any of TriLUG's servers. o Some current steering committee members' non-Trilug email addresses: Chris Knowles: chrisk(at)nc.rr.com, Tanner Lovelace lovelace(at)wayfarer.org, Jeremy Portzer portzerj(at)yahoo.com o Generally, someone on the steering committee will probably notice pretty quickly if TriLUG services go down, so just be patient. *grin*