Coin, Here are some news from the Pond. 1) Mailing-lists outage: A misconfiguration of our SMTP server was cause of mail subcription rejects. The applied fix was wrong and every mail between 2006-03-07 early in the morning and 2006-03-08 in the night were rejected (my bad !). This was worked out as soon as we realized what happened, and both problems are now fully solved. Apologies. 2) Backup: The new hard drive was installed in the backup server (whose hardware was upgraded in the same way). Old backups are safe, and new backups are now created. Total DC backups are now 67GB ; it was really time for upgrade ! Moreover, the old hard drive was installed on Elwing for private storage, but a check found it full of bad blocks ! 3) Security concerns about shell access: To avoid giving shell access to people having no real need for it, some adjustments were necessary to let you have the same level of service. a) Personnal web space: The personnal web spaces are now available through your FTP account into the 'www-perso-dc' directory. Ask for FTP access if you need. HurdFr users can access they personnal web spaces into the 'www-perso-hurdfr' directory the same exact way. The DC photo album upload space is in the same way accessible into the 'photos-perso-dc' directory. Please note this is only a convenient way to access ressources and a security improvement ; people having shell access may still manage their files with their account. For those who care about security, FTP is not less secure for 2 reasons: - first, catching the local password gives a relatively short range of priviledges, incomparable with having a shell account, whatever priviledges it may be granted. Look at SecurityFocus news to imagine how many local root exploits exists. - moreover, you can increase the security level by reading the next change below (Secure FTP). b) SQL administration: For those who fear about losing their shell access and be unable to manage their database, don't worry, a phpMyAdmin interface has been made public here: https://sql.duckcorp.org/ c) Shell access removal: The following users should contact us to look at their web space ACLs and dicuss about the needs that would not be fulfiled by the provided tools before their shell access is removed: - cedricburnay - js - marius - scop - valfor Note that a shell access may be reopened if necessary in the future ; this is not a punishment, but a security measure. 3) Secure FTP: You can now connect to our FTP server with a TLS-enabled client, this would secure your data transfers, and moreover, avoid any password disclosure, as the TLS mode is enabled before authentication. Don't forget to get the DC certificate here: https://www.duckcorp.org/dc/ca.crt and check the signature here: https://www.duckcorp.org/dc/ca.crt.asc (if you trust my key, of course) Free* tools supporting FTP+TLS: - on GNU/Linux and GNU/Hurd, the Netkit 'ftp-ssl' package - on Windows, FileZilla (http://filezilla.sourceforge.net/) - on Mac OS X, Cyberduck (http://cyberduck.ch/) * Free like in "free speech" see http://www.gnu.org/philosophy/free-sw.html (in french: http://www.gnu.org/philosophy/free-sw.fr.html) 4) Upgrades: a) mySQL: First, the database was cleaned, unuseful things were trashed, and a naming convention was established. If your name is Arnau, GuiHome, HurdFr or PikaPaf, then your DB users/db-names may have changed to match the convention ; don't worry, everything was renamed for you and your website is working as usual. Furthermore, the database was successfully upgraded from 4.1 to 5.0. Changelog says the most important new features are: - stored procedures - triggers - views - information schema - archive storage engine (for historical and audit data) If this software could stop crashing once and a while, it would be the best new feature ever dreamed of... By the way, don't forget to do some database management periodically to improve access to your data: - check if no indexes are missing - use ANALYSE to improve search capabilities - use OPTIMIZE to clean up unnecessary data phpMyAdmin can help you do this (with no more than 3 clicks ;-). b) BitlBee: BitlBee is an IM gateway through a nice IRC interface, you can only access it localy (if you have a shell account) at the moment, using port 6668 like you would do for any IRC server. The new 1.0.1 version was installed, fixing some nasty bugs (full changes here: http://bitlbee.org/main.php/changelog.html). The irssi scripts were upgraded too, allowing typing notification in the statusbar. You need to /reconnect to the server to benefit from these fixes. 5) Spam Learning system reminder (or not): To improve detection of spam and avoid false positives, 2 special mailboxes have been setup. You can send spams which where not detected to dc-ham(a)duckcorp.org and false positives (if not destroyed) to dc-ham(a)duckcorp.org to train the system and improve recognition. /!\ PLEASE TAKE CARE to use the "resend" function of your mailer and never use "forward", which would result in _yourself_ being considered as spam or ham /!\ This said, Have a Lot of Fun in the Pond ! -- Marc Dequènes (Duck)