Please Do Not Use the EskimoNorth Yahoo Group For Status

     Please do not use the EskimoNorth user group on Yahoo Groups for status because I can not post there.  This is what I get when I try:


Hello,

Your message to the EskimoNorthUsers group was not approved.
The owner of the group controls the content posted to it and has the
right to approve or reject messages accordingly.

In this case, your message was automatically rejected because the
moderator didn’t approve it within 14 days. We do this to provide a
high quality of service for our users.

A complete copy of your message has been attached for your
convenience.

Thank you for choosing Yahoo Groups


     Instead first check https://www.eskimo.com/news and if no response there, then check https://www.facebook.com/EskimoNorth.  I will post in one of these two locations or both.

Mail Rejection

     Something got damaged with mx2’s postfix configuration and it caused it to reject e-mail with “Server configuration error” messages.

     I did postfix check but it did not complain.  So I copied mx1’s configuration, which was not experiencing these errors and just corrected hostname and path to TLS certs on mx2 and restarted postfix and the errors stopped.

SmallTalk

     For those of you who have an interest in the SmallTalk programming language, GNU SmallTalk with all the bindings, libraries, Emacs extensions, etc, has been installed on the web server, and the Ubuntu, Mint, and Debian shell servers.

CentOS6 Development Tools 6

     I have installed development tools 6 on CentOS6.  This makes gcc-6 and related tools available.  They are enabled by default on bash, but for other shells you will need to source the following:

     source /opt/rh/devtoolset-6/enable

Kernel Upgrades

     I have upgraded the kernels on Centos6, Mail, Mx1, Mx2, Radius1, and Scientific from 2.6.32 to 3.10.107 to eliminate a vulnerability being exploited by some Linux Ransomware making the rounds presently.

     I initially upgraded to 4.11.8 but discovered that pine and dovecot do not work properly with this kernel version under RHEL-6 based machines.  It does work fine under Ubuntu so I don’t know if it is an incompatibility of how some library interfaces with the kernel or exactly what is wrong, I just know it does not work properly but 3.10.107 does seem to be okay.

Web Server Upgraded Apache HTTPD 2.4.26

     Our web server software has been upgraded to Apache httpd 2.4.26.

     This primarily improves HTTP 2.0, it does some things to further enhance speed, reliability, and security for this new HTTP protocol.  There are minor improvements to other aspects of Apache as well.

Apache HTTP Server 2.4.26 Released

June 19, 2017

The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.4.26 of the Apache HTTP Server (“Apache”). This version of Apache is our latest GA release of the new generation 2.4.x branch of Apache HTTPD and represents fifteen years of innovation by the project, and is recommended over all previous releases. This release of Apache is a security, feature, and bug fix release.

We consider this release to be the best version of Apache available, and encourage users of all prior versions to upgrade.

Apache HTTP Server 2.4.26 is available for download from:

http://httpd.apache.org/download.cgi

Please see the CHANGES_2.4 file, linked from the download page, for a full list of changes. A condensed list, CHANGES_2.4.26 includes only those changes introduced since the prior 2.4 release. A summary of all of the security vulnerabilities addressed in this and earlier releases is available:

http://httpd.apache.org/security/vulnerabilities_24.html

This release requires the Apache Portable Runtime (APR), minimum version 1.5.x, and APR-Util, minimum version 1.5.x. Some features may require the 1.6.x version of both APR and APR-Util. The APR libraries must be upgraded for all features of httpd to operate correctly.

Apache HTTP Server 2.4 provides a number of improvements and enhancements over the 2.2 version. A listing and description of these features is available via:

http://httpd.apache.org/docs/2.4/new_features_2_4.html

This release builds on and extends the Apache 2.2 API. Modules written for Apache 2.2 will need to be recompiled in order to run with Apache 2.4, and require minimal or no source code changes.

http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/VERSIONING

When upgrading or installing this version of Apache, please bear in mind that if you intend to use Apache with one of the threaded MPMs (other than the Prefork MPM), you must ensure that any modules you will be using (and the libraries they depend on) are thread-safe.

Please note that Apache Web Server Project will only provide maintenance releases of the 2.2.x flavor through June of 2017, and will provide some security patches beyond this date through at least December of 2017. Minimal maintenance patches of 2.2.x are expected throughout this period, and users are strongly encouraged to promptly complete their transitions to the the 2.4.x flavor of httpd to benefit from a much larger assortment of minor security and bug fixes as well as new features.

Debian Stretch Initial Impressions and Observations

     Debian stretch appears to use memory extremely efficiently.  With a full Mate Desktop and X session running, bash shell, synaptic installing 4000+ packages, the total amount of system memory used is less than 600Mb.  This is considerably less than Jessie.  It is unusual and refreshing to see an operating system slim down rather than bloat out.

 

Debian Upgraded to Debian9 (stretch)

     Debian has been upgraded to Debian 9 (Stretch)

PRETTY_NAME="Debian GNU/Linux 9 (stretch)"
NAME="Debian GNU/Linux"
VERSION_ID="9"
VERSION="9 (stretch)"
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

     Because an in-place upgrade failed, a full install was required.  Consequently, some of the programs that were previously available may not be installed or may not be properly configured.  If you encounter something that is not functioning properly or is missing, please e-mail nanook@eskimo.com.

 

Debian Maintenance

     The debian folks have kicked out a new version of stretch already, v9.01, and I’ve confirmed, by loading into a separate virtual machine, that the install disk iso does work this time.

     I am therefore taking debian.eskimo.com offline for a while to upgrade it to stretch.

Debian In Service

     The live CD ISO image of Debian Stretch is broken, the Network install also failed, the in place upgrade failed, so I’ve reverted to debian Jessie until such time as they get their act together and fix their install media.  It’s incredible to me that an operating system would be released that is so broken it can’t be installed.