Re: [arch-general] [aur-general] [arch-dev-public] final leg of /lib removal
On 04/07/12 00:43, Dave Reisner wrote: On Wed, Jul 04, 2012 at 06:42:09AM +0800, Oon-Ee Ng wrote: On the flip side, most custom kernel users should be more savvy than the average, do I don't see much of a problem. I maintain two aur kennels, shall I implement the move now (seems like it'd work even before kmod upgrades)? No, this won't work pre-kmod update. You either read modules from /lib/modules or /usr/lib/modules. Not both. I guess you could rebuild it now with a depends on kmod = 9-2 to avoid a premature update. kmod should probably also have a depends on the newer linux package version so that you can't install the new linux package with older kmod, or old linux with new kmod.
Re: [arch-general] Dropping Oracle OpenOffice
Ng Oon-Ee wrote: Dedicated to the relatively-closed and more-constrained version of whats in the repos. Sure =) The distros have jumped fast, but I'm wondering about the Windows users of openoffice, seems to me none of them would try libreoffice just because its there (and frankly the politics of the thing just doesn't cut it with most users in that camp). Idle thoughts... Their problem is that they don't have an upgrade path. Distros can (and should) show libreoffice-X.Y as updates to openoffice X.(Y-1) so the update can go smoothly. But Windows users don't have that. I installed libreoffice on windows today at work. OpenOffice had warned me about a new version and only after it had downloaded and extracted everything and it opened the installer splash screen with the Oracle logo did I notice. I cancelled the install and went to libreoffice.org, but most users won't be aware of the issue and so will continue using the Oracle version.
Re: [arch-general] Build in clean chroot
Baho Utot wrote: This gives me an error /build/PKGBUILD: line 25: cd: /trinity.source/kdepim: Too many levels of symbolic links I want to symlink the svn repo to inside the chroot so when makechrootpkg -c -r chrootdir creates the clean copy it doesn't have to copy the entire svn source code to the clean copy, as it is almost 2G is size. Anyone know of a way to get around this? symlinks can't go out of chroots. So /home+build/../trinity.source inside the chroot is /../trinity.source and the parent of root being root, resolves to /trinity.source which is /home+build/trinity.source. In summary: the symlink points to itself. The solution is to use mount --bind /trinity.source /home+build/trinity.source
Re: [arch-general] [signoff] kernel26-2.6.37.3-1
Tobias Powalowski wrote: Hi guys, - bump to latest version greetings tpowa X still broken :(
Re: [arch-general] Arduino 64 Wiki page
Ivan S. Freitas wrote: I would be grateful for feedback to help improve the quality of the document and if possible help testing that my experience was not a fluke. After adding the user in the uucp group, is rebooting really necessary? I think that a logout/login would be enough. Even a newgrp uucp should do it (provided you then launch the arduino IDE from that console) __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] [core/filesystem 2010.10-1 - 2010.12-1] breaks makepkg and firefox
MartÃn Cigorraga escribió: Thanks for your quick answer. @cantabile, @Dave Since I didn't upgraded core/filesystem package I have no issues with makepkg and FF. In fact I already installed Dropbox by downloading the PKGBUILD and the rest of the files and running makepkg as usual and even up- dated aur/calibre-bzr and bleachbit-svn with yaourt without problems. The problem here is the core/filesystem package that somehow mess my system rendering FF and makepkg unusable - either way makepkg is invoked, via CLI or thru a pacman wrapper like yaourt). Regarding the 'missing' package I was talking about core/filesystem. When I said I didn't find the package in www.archlinux.org/packages I was talking about core/filesystem which I tried to find with the x86_64 filter - my bad, I apologize for that. The package of course is located here: http://www.archlinux.org/packages/core/any/filesystem/ My desire when mailing to the list was to know if anyone else were expe- rimenting the same issue as I. Just a crazy though: can this be a permissions issue? Works for me. What are your /tmp permissions after installing the filesystem package? That's where the used in lines 268 and 272 will be creating a temporary file with random name. It's odd that it would be returning an errno=0 instead of EPERM, though. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] Adobe Releases New 64-bit Flash Plugin For Linux
Christian Larsson wrote: I know it doesn't adress the problem with flash, but are a side note. Most of us only use flash in order to view flash videos, an most of the time we also would like to download them. For this ytmp ( http://aur.archlinux.org/packages.php?ID=40172) is a great substitute and let you view the videos in your own movieplayer or download them. youtube is not such a big problem nowadays, since you can use the html5 beta and many players can play them diractly. OTOH other sites using their own system (metacafe, some newspapers...) are inaccessible. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] Licensing of Arch Wiki content
Ananda Samaddar wrote: I notice it's all under GFDL 1.2. I'm wanting to use a Gentoo doc for the Arch Security stuff but it's under a CC-SA attribution license which is incompatible with GFDL. Would it be possible to allow Wiki content under a CC licenses? I can't see it being too controversial a choice, as in CC licenses are now widely accepted. Even the venerable RMS uses CC licenses for his personal stuff as does a lot of the FSF/GNU stuff. Ananda I assume this ask to have GFDL CC-BY-SA content coexist at the wiki. The existing content can only be relicensed by its authors. The GFDL 1.3 gateway expired on August 1, 2009. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] BASH no longer does 'for i in $(ls); do ls $i; done'??
David C. Rankin wrote: Guys, I'm usually quite good at one-liners, but my simple ones no longer work in Arch. Same cli works fine in suse. What have I messed up? To wit: What could keep the simple cli from working on Arch? I know this stuff worked before updates this morning... What should I look at? Bash was updated from 4.1.5(2) to 4.1.7(2). I can't reproduce it, though. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] Package signing
Ng Oon-Ee wrote: Under which circunstances would you envision the need to trust an old, compromised signature? New install, dev for a coupl of [extra] packages has already left the team. Having to recompile everytime a dev leaves the team is additional (unnecessary) hassle IMO, especially for bigger packages (openoffice and sons, I'm looking at you). If the user is trustable, I wouldn't remove the user key until after he doesn't maintain any package any more (even though he can have its access revoked). If you need for some reason to keep them as trusted while revoking the key, you could sign the other dev package, thus taking responsibility on the integrity of that package (some users may disagree and reject your packages because they don't accept your policy). __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] A peculiar LDAP setup
Piyush P Kurur wrote: Hi, We have configured a set of machines to authenticate against an LDAP database. For some machines we do not want the users to login via their normal shell but some custom program runs for them. For example if some one tries to login to the smtp server via ssh, they get authenticated via LDAP but their default shell fo smtp should be say a program that sets up the email forwarding. More generally is there a way, by mucking around in the pam config or ldap config to ignore certain fields in the ldap database and fill it with some default values. Is there a way to achieve this apart from inelegent ways like copying the ldap database locally and creating a /etc/passwd file ? Best Regards ppk Look for ForceCommand in sshd_config(5) __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] manage starting and stopping processes with less typing
Seems my message didn't get through.
It was just doing
rc() { /etc/rc.d/$*; }
And to get completion,
complete -o filenames -W $(cd /etc/rc.d/ echo *) rc
That requires a relogin / sourcing the profile again to update
the completion (could be avoided with another function) but
it's neat and simple.
But that leaves me updating multiple .bashrc files (root, david,
testacct1,
etc..) on each box. If you just symlink them, they are there for all -- no
editing involved.
You still have to add the symlinks on each box (and you will forget to
add some symlink
on one computer after an install).
For the multiple accounts, you can add the scripts to /etc/bash.bashrc.local
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Re: [arch-general] kaffeine [sigh] is there an alternative that:...
Joe(theWordy)Philbrook wrote: On Tue, Mar 30, 2010 at 01:12:15PM +0200, Linas wrote: If your main problem is to create playlists for a recursive music tree, I guess that this would work with pretty much all players: find /path/to/music music-list.m3u $PLAYER music-list.m3u One shortcoming of this way is that you might need a expert shell script to update the lists containing the file, plus that filename handling needs some work with shell scripts. Actually though *_IF_* the $PLAYER doesn't choke on the lines representing each directory itself being included with the list of the music files within it, so that I don't have to edit the resulting .m3u file. Then it looks like updating would be handled by simply letting the command overwrite the old .m3u with the new contents... So I guess it wouldn't require that fancy a shell script. Probably even I could write one... find -type f :) You may want a script to automatically update the list, run it manually or from cron, add -name constraints for some file types... I just wanted to remind you that you can use it. Advanced options are an exercise for the reader :) __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] Issue with man
Damien Churchill wrote: I've got a rather confusing issue with man. Whenever I try and view a man page I just end up with a blank screen. http://www.imagebam.com/image/41dd5973332829 This occurs for any page, even for local ones. I was wondering if anyone would be able to shed any light on why this is occuring? Thanks, Damien Does less work with other files? What happens if you use a different pager? Eg. PAGER=more man ls __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] fdisk vs cfdisk... And is my drive borked or what?
On 18/03/10 12:52, Mauro Santos wrote: On 03/18/2010 09:10 AM, Joe(theWordy)Philbrook wrote: 0xf, 5, Who cares which it's called? As long as it contains the logical partitions... But the ending sector thing will bug me if I don't fix it. So for my piece of mind I'm gonna have to do something... Gparted (which is just a frontend for parted) may be able to resize your extended partition without touching any of the logical partitions inside (you may need to delete your last partition first though, it all depends on what alignment gparted will try to use), however I try not to use gparted because once it wrecked havoc during a resize operation, because of that and because I have a big enough spare disk, I always do a full backup before any major partition changes. Your primary partitions are safe but the logical ones can just vanish if things go wrong. I guess that if you take note of the start and end sectors for all partitions you can recreate the layout if anything goes wrong (I have never tried it though so I can't say how well that will work). It works. But you should copy the values *in sectors*. It's amazing how different tools interpret the same values on different actual positions. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] fdisk vs cfdisk... And is my drive borked or what?
Joe(theWordy)Philbrook wrote: Any way I only mention it because When I got around to installing Arch on one of the two partitions I recovered from Sabayon, I skipped the installation step of letting cfdisk touch my partitions and simply selected the partition I previously prepared for it with mkfs.ext3. But later as working my way through the beginners guide in the wiki, the clear explanation of why distro's like to use UUID instead of /dev/Xdx# sold me on using persistent (BUT HUMAN READABLE!!!) entries like: /dev/disk/by-label/Arch_lap-7 /dev/disk/by-label/SWP_lap-12 Especially since there was a wealth of how-to info right there in the wiki... But in the process I happened to do an: fdisk /dev/sda Which complained about a dos compatibility flag and that I should change the display/entry units to sectors. This showed me a small bit of unused space above my last logical partition (/dev/sda12)... It shows those two warnings with the default call. AFAIK it is unrelated to your actual partition contents. Anyway I decided to look at it with cfdisk (which I haven't used in years but remembered as being easier to work with than fdisk...) But all I got from cfdisk was. = FATAL ERROR: Bad primary partition 3: Partition ends after end-of-disk = Press any key to exit cfdisk Which considering the recent testdisk repair, frightened be a bit. But it also frustrated me. Especially since fdisk didn't show anything like that... Unless maybe: When cfdisk /dev/sda says partition 3: is it counting from 0? That is, does it mean /dev/sda4 ??? Because that's my extended partition... And a close look at the ending cylinder/sector of /dev/sda4 is a slightly higher number than it reports the total cylinders/sectors to be... Could be. I've pasted both the sector and cylinder views of my part table below, Is this anything I should be worried about??? Is there a way to fix this without destroying everything in the extended partition??? (That's a LOT of backing up to dvd, and I don't have room anyplace else...) Caveat emptor: you should have a backup before touching partitions :) That said, you only want to truncate the partitions, and since your last partition is the swap, that should be pretty safe. The process of unmounting swap partition, delete partition with fdisk, create with fdisk, reformat swap /shouldn't/ affect your data. I find an oddity on your paritition table, though. You say that /dev/sda4 is an extended partition (and you do have logical partitions) but it is listed by fdisk as having type 0xf (W95 Ext'd (LBA)) instead of 0x5 (Extended). I suspect that after testdisk restoring, some old entries got loaded? If that's really a wrong entry, you can do the fdisk delete/recreate tip to force its length to be inside the disk limits. However, fdisk won't allow you to set a partition type of 5, which is a pity when you *really* know what you are doing. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
[arch-general] Package signing (was: Arch Linux security is still poor)
I had already this email draft in my head, but Ananda 'Arch Linux security is still poor' thread, on which the point was also brought up, moved me to really write it. First off, there's an implicit level of trust on the package software, no matter which OS you use. When using Windows, you trust in Microsoft, when using Mac OS, you trust in Apple, when using a Linux distro, you trust the packagers and upstream. Either you do that or trust just whatever came installed and not install anything ever (thus not patching to new vulnerabilities). The problem with Arch current packaging system is not that you must trust people able to write in core not to add a rm -rf / (to name the classical 'attack') nor that you didn't install arch with an infected media. The problem is that every time you do pacman -Syu, you must blindly trust that your dns, network, and mirror are reliable, too. The packages are verified with a md5 from the server list, but should you update from a compromised mirror (or impersonated, eg. arp poisoning, dns spoofing, bofh proxy operator...) you have lost. A pacman -Syu from an open wifi might be enough. A later update may 'clean' it, so you may not even notice that you were once compromised. There are several ways to close the gap: *Always download the package list from ftp.archlinux.org It's the easier solution, but it only protects against the mirror operator. Moreover, it increases load on that server and makes it a single point of failure. *Package lists are signed from a trusted master key. There may be up to a key per repo. Easy to provide, allows backward compatibility. *Packages are automatically signed by ftp.archlinux.org before distributing them. Removes the dependancy over the package list. Packages can be shared securely (eg. getting a downgrade for an untrusted user). *Each developer signs its own packages prior to uploading. Each repository key signs the keys of the developers with write access. Users can blacklist or trust independent developers. Needless to say, the last solution is the one I like most. However, being more complete, it also means more work. :) The package signing could be a simple text file with filenames and hashes (preferably something more secure than md5) signed with gpg, or could be expanded if more fields are needed. Do you think this is a good idea? Which solution do you prefer? And most important, what would be needed to reach there? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] Arch is ummnn different: my 1st installation: tried to install xfce...OOPS!
Peter Cannon wrote: pacman -Si xfce|less and looked for a package that might get me to a minimal desktop I could work with. I thought maybe xfdesktop... pacman -S xfdesktop Why have you done this? If you look at the 'man' page you will see http://linux.die.net/man/1/xfdesktop xfdesktop manages the desktop itself in the Xfce 4 Desktop Environment. You should have done pacman -S xfce4 By the sound of it you've only installed part of the desktop environment. Looks like xfdesktop packages doesn't specify some of its dependancies (which is probably provided in the xfce4 group). http://www.archlinux.org/packages/?q=xfce4 should also include that there's a group with that name. I don't think it was a bad expectation from his part, looking at pacman -Ss xfce output. And even then, it could have worked, would xfdesktop have taken as dependancies the whole desktop. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] [arch-dev-public] Allow comments on closed bugs?
Xavier Chantry wrote: The tiny size of the reopen textbox does not give a lot of freedom for justifications either. I think this is completely missing the point though. I don't understand why Dan is the only developer who sees that it sometimes makes sense to provide additional information on closed bug reports. (update : just saw there is also Pierre) If a bug becomes completely useless and irrelevant when it is closed, why keep it at all ? flyspray could just delete it. The moment a bug is closed is not the moment it becomes history, I can see plenty of cases where one might want to look back at a closed bug (and possibly complete or correct its contents). Now if you (and other dev) tells me that you do see that value, but there are more drawbacks caused by the big number of stupid arch users, then ok... the situation is just sad. But even then, if we consider these situations : 1) Stupid user Either keep posting stupid comments or requesting re-open. The developer just ignores it either way. Is there really a big difference between the two ? We not only assume users are stupid and will flame, but also that they will keep doing that eternally even if no one answers ? 2) Good user Won't post good additional informations because it's not possible. The reopen request just does not cut it. Anyway this is too much arguing for a relatively minor issue. Comments on closed bugs have the potential to be useful occasionally, that's all there is to it. And we are just talking about a flyspray option which can be turned on/off anytime without drawback ? It's not like it's a decision that can cause eternal pain. When it does reach the point where a developer is pissed off, you have your proof that comments on closed bugs is a bad thing, and you can justify disabling this feature. Thanks for accepting my reopening request, you can close the bug now :) Oops, cannot be done on the ML. I find that bugs should be commentable (and even reopenable!) after it was marked as 'fixed'. That's also how other trackers work. As some developers seems scared of what could happen, then there may be an additional locked flag, to close harder. Rationale for not allowing comments is I would need to stop tracking it to not have stupid reopen requests. But if it's closed and people can't post comments, you still get mails asking for a reopen. IMHO useful comments are the ones which are lost the most, since smart guys are the ones that will shut up if the bug is closed -some dumb requests are also lost but other create reopen requests. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] RAID Configuration Swap Space
Carlos Mennens wrote: Yes I am very familiar with that Wiki article but find Swap on RAID is useless, no? For my scenario I was going to do the following and please correct me if you think this is wrong: It is useful if you want to continue running the system even with a failed disk (without a restart). Otherwise, yes. The kernel will distribute stores across swap disk if they all have the same priority. Depending on your bootloader support, you may want to use --metadata=1.0 on /boot to place raid metadata at the end and make it look like a normal partition. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] [arch-dev-public] [signoff] openssh 5.4p1-2
Byron Clark wrote: On Wed, Mar 10, 2010 at 09:32:15AM -0700, Byron Clark wrote: if pidof sshd | grep -q $(cat /var/run/sshd.pid); then echo pid in /var/run/sshd.pid is valid else echo invalid pid fi Ignore that, it isn't entirely safe. You may want grep -q ^$(cat /var/run/sshd.pid)\$ __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] [arch-dev-public] [signoff] openssh 5.4p1-2
Byron Clark wrote: Unfortunately that only works if there is only one sshd process returned by pidof. Here's the case I'm worried about: /var/run/sshd.pid: 343 pidof sshd: 3433 And the case where add ^$ around the pid breaks: /var/run/sshd.pid: 343 pidof sshd: 343 2452 2453 Yes of course. I foolishly only thought how to avoid matching partial numbers despite being aware of the general problem. What we need are word boundaries: grep -q \\b$(cat /var/run/sshd.pid)\\b __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [arch-general] top posting
Aaron Griffin wrote: However, this is a mailing list. Not everyone is aware of the state of the list at any given time. It's best to bottom post and only reference relevant material so that even someone coming upon the 15th email in a chain is able to read just that email and understand it for the most part. If the 15th email just said Yeah, that's a good idea then everyone is confused And if it's a lengthy email, it doesn't make clear /which/ of the multiple ideas layed there is a good (bad) one. In such cases you should try to do an inline reply, placing the original text / paragraph, and your reply. Repeat for each piece of text you have something to say about. If there are old emails not relevant, trim them. Eg. originally I got three email levels here: Juan Diego -Patrick Burroughs - Aaron Griffin Since my answer pertains just to this last one (even though it's still related to Juan Diego's question!), I'm leaving only the last paragraph from Aaron's (I could as well kept his whole mail). Wikipedia also has a nice article about this: http://en.wikipedia.org/wiki/Posting_style __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
