$ ldapsearch -H ldaps://127.0.0.1/ -b dc=mydomain -x ldap_bind: Can't contact LDAP server (-1)

It turns out that the problem was in my /etc/ldap.conf file

http://www.openldap.org/lists/openldap-software/200409/msg00060.html

suggested using -d 1

The interesting line was

TLS: could not load verify locations (file:/etc/ldap/slapd.pem',dir:').

Ah! I'd renamed that file... so it was trying to validate the self signed server cert which wasn't working... ok

However the openldap howto http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html recommended putting both the public and private key into the same file. Since it appears i need to distribute the key to my client machines it'd be really nice if they were seperate.

Ok now I get it...

In the ldap.conf file you need to make sure that TLS_CACERT is pointing to either the certificate (for self signed certs) or the certificate authority chain (for trusted certs)

Note it's also important for the base to be set properly in /etc/ldap/ldap.conf (it certainly cuts down on the amount of typing one needs to do)

To get apache to work I needed to add LDAPTrustedCA /etc/ldap/mus-slapd.crt.pem LDAPTrustedCAType BASE64_FILE to get apache to me happy with my cert, and i still think its using ssl and not tls.

installed pam_ldap and nss_ldap, they both wanted a proxy user for authentication, and also the admin user for changing passwords.

Tailor http://nautilus.homeip.net/~lele/projects/tailor/ allows syncing between multiple source code control systems, and since there's several projects in unpleasant sccs's i thought I'd try converting them to darcs

• orange

orange certainly looks promising other than the fact they have bugs, don't have doc strings, and lack unit tests. though their tutorials were pretty straightforward.

Unfortunately they're a bunch of OSS windows developers, so their code is sitting in CVS (blech) so I wanted to convert out of it

My first attempts with earlier versions of tailor didn't work so I upgraded to the latest version, and it had problems as well.

What I ended up doing was checking the HEAD out of cvs first, and then telling tailor to convert it to a darcs repo, I don't know if this'll work when they commit something, but it's worth trying.

I used the following to start creating the config file.

$ tailor --verbose -s cvs -R :pserver:cvs@estelle.fri.uni-lj.si:/CVS --module orange -r INITIAL --subdir orange orange > orange.tailor

the file ended up like this

[DEFAULT] verbose = True

[py] target = darcs:targetpy start-revision = HEAD root-directory = /home/diane/src/orange state-file = orange.state source = cvs:sourcepy subdir = orange.cvs

[darcs:targetpy]

[cvs:sourcepy] module = orange repository = :pserver:cvs@estelle.fri.uni-lj.si:/CVS

[csrc] target = darcs:targetc start-revision = HEAD root-directory = /home/diane/src/orange/orange.cvs state-file = orange.state source = cvs:sourcec subdir = source

[darcs:targetc]

[cvs:sourcec] module = source repository = :pserver:cvs@estelle.fri.uni-lj.si:/CVS

• compclust

both chris and I want to try using darcs with compclust but that'll require 2way syncing.

http://www.darcs.net/pipermail/darcs-users/2005-January/005070.html

debian currently has diskless and lessdisks.

Diskless appears to be an NFS root system where apps run on the client Lessdisks is a terminal based system that runs software on the server.

First off we want a version of grub that has has pxegrub apt-get source grub

I then edited the debian/rules file and added the following --enable-diskless (several net cards)

apt-get install lessdisks

I mostly followed along the lessdisks-doc/install

On the router I added the following to dnsmasq.conf (I really should back that bugger up)

# configure network booting #dhcp-vendorclass=pxe,PXEClient dhcp-boot=net:/tftpboot/pxegrub,dara,192.168.1.13

dhcp-option=17,/var/lib/lessdisks #root-path dhcp-option=42,192.168.1.1 #ntp-server dhcp-option=48,192.168.1.13 #font-server dhcp-option=49,192.168.1.13 #x-display-manager dhcp-option=66,dara.ghic.org # tftp-server-name dhcp-option=pxe,67,pxegrub #bootfile-name dhcp-option=69,192.168.1.13 #smtp-server

sigh the pxe client wasn't smart enough to boot off of a different computer than what we started with. So i tried with dara being the dhcp server, i got further but then ran into problems with not being able to load pxegrub from things other than /tftpboot

pxegrub had problems, when i switched to pxelinux.0, installed the default file into pxelinux.cfg (and then copied all of /var/lib/lessdisks/boot into /tftpboot I was able to boot. Unfortunately the kernel they installed doesn't support the ethernet card on my amd64 box.

What do i have to do to get a tftp server to server files off of something other than /tftpboot (or is just the pxeclient that has trouble with it?)