Re: [Cooker] Too many unneeded packages
Granted, gphoto2 is only 70k, libgphoto2 only 515k and efax is only some 200k in size - but this adds up! Not just that, but from a security point of view, the less stuff installed, the less chance of being r00ted. After all, if a vulnerability is later found in a package you don't even use, a local or remote exploit won't make you a happy camper. However, a reported vulnerability for a package you do NOT have installed can simply be ignored by you. Thanks... Dan.
Re: [Cooker] Whois
Terrible Tom [EMAIL PROTECTED] writes: On Friday 27 April 2001 22:22, you wrote: bash: whois: command not found What happened to whois? take that back, you're right it is gone :( (chmou@no)[~]-% urpmf bin/whois fwhois:/usr/bin/whois I recommend getting whois from http://www.linux.it/~md/software/ http://www.linux.it/~md/software/whois_4.5.6.tar.gz It will automatically grab the proper whois server based on country code, and then pull up the record. Works great ! Thanks... Dan.
Re: [Cooker] RC1 feedback
First off in the slides that run during the package installation, The wording needs to change. "Thanks to have chosen Linux-Mandrake" Just doen't sound right. how about "Thank you for chosing Linux-Mandrake" or something along those lines. That should be... "Thank you for choosing Linux-Mandrake" ^ Thanks... Dan.
[Cooker] help: ext2 superblock disk problems
It appears I screwed up a LM7.1 campus production server by trying to add a windows partition for backup purposes with PowerQuest Drive Image 3. At first I created ok at the end of the disk, and DI3 saw that but would not write the image file (of Linux partitions) to that C: drive. I copied the contents of /dev/hda6 (/var) and /dev/hda7 (var/lib) to a scratch partition (/dev/hda10). Then I used a win98 bootup disk, and Partition Magic 5 to delete those partitions as a merged FAT32 partition. When I tried to reboot, it complained about a kernel panic with no init= set, and suggested passing it to Grub/Lilo. I am able to win98 boot into it, however even the LM7.1 bootup disk did not work (same error as regular bootup). I booted up with Tom's Root Boot disk, and I can mount the windows partition, but none of the Linux ones. I tried to mount the /boot partition with... # mount -t ext2 /dev/hda1 /mnt EXT2-fs: 03:0a: couldn't mount because of unsupported optional features. mount: wrong fs type, bad option, bad superblock on /dev/hda1 or too many mounted filesystems. I then tried... # e2fsck /dev/hda1 Filesystem has unsupported features. The superblock could not be read or does not describe a correct superblock. Try using a different superblock size such as:[-b 8193] Still no luck. Ok, so using PM5 after I initially created the partitions with 'fdisk' was not a smart move (in hindsight), but how do I fix that now ? Is there another utility that could help ? Other suggestions ? Thanks... Dan.
Re: [Cooker] Before you release 8.0 - RPM very huge bug!!!
(1) We assume that when you want a server installed, that most probably means that you want it activated because you will use it ; Not necessarily. The assumption was not 100% valid because the logic is: when I install something it doesn't mean that I want it to run right away. For example: I agree with all points tha Prana made. Services should only be started when they are PROPERLY and SECURELY configured. Let the user decide when that is, not the OS. I still especially suggest that an expert install means that we want the above before *we* are ready to let users use the service. Experts know hoe to start the services they want, let us do it. Just because we install a service, does not mean we are immediately ready to run it. People who have worked in government, universities, or large corporate companies will understand the politics involved, and how sometimes decisions move slowly. Yuch! Thanks... Dan. University of Calgary Library and Computing Services
RE: [Cooker] Mandrake 7.2 + 8.0 bloated and resource hog!
Don, I see this as a VERY SERIOUS issue that needs to be looked into. RPM CAN NOT re-enable services that I've disabled! Strongly agree ! There are some services that should be enabled by default, in my opinion: Workstation installs: xfs, cups/lpd, crond, drakfont, gpm, harddrake, kudzu, sound, network, usb, sshd (if installed), xinetd (but none of the services), numlock This looks good. Development installs: Probably similar to the above.. Server installs: cups/lpd, crond, network, usb, sshd, xinetd (maybe some of the services), nfs, smb, httpd, ypserv (if installed), ldap, mysql, named, postfix, portmap, etc. Disagree. Yes, these can be part of the installation, but absolutely do NOT turn on the services which are for remote access, like nfs, smb, httpd, ypserv, mysql, named, ... People installing servers are more knowledgeable about Unix/Linux, and they (like me) will turn them on when ready. First an administrator needs to put security TCP wrappers in place, one service at a time. Thanks... Dan.
Re: [Cooker] shutdown on Linux
I want to allow non-root users to shutdown and reboot the PC. According to the shutdown man page : If shutdown is called with the -a argument (add this to the invocation of shutdown in /etc/inittab), it checks to see - my /etc/inittab file contains... # Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -a -t3 -r now if the file /etc/shutdown.allow is present. It then comĀ # cat /etc/shutdown.allow root dwoods Thanks... Dan.
Re: [Cooker] CVS news
from the quill of Chmouel Boudjnah [EMAIL PROTECTED] on scroll [EMAIL PROTECTED] "Brian J. Murrell" [EMAIL PROTECTED] writes: Thanks Chmouel! I think. It looks and functions just like cvsweb. What is better about it? try open .sh file to see colors... OK, cool. Is that the extent of the difference to cvsweb though? I don't mean to be critical, at all Chmouel. I am just trying to find out what new cool stuff this tool does. -- Brian J. Murrell How about installing it and trying it out for yourself, and then you can compare the differences for yourself. It is always your choice as to which you want to use. Thanks... Dan.
Re: [Cooker] xinetd problem in 7.2 ?
Yo, Yo Yo, Thanks to Chmouel and Geoffrey. :) On Wed, Nov 22, 2000 at 03:56:56PM -0700, Daniel Woods wrote: I would like to find out more about xinetd, any docs besides man pages ? I got xinetd-2.1.8.9pre12-2mdk.i586.rpm from current 7.2 version. When trying to install xinet*, I get ... # rpm -ivh xinet* error: failed dependencies: /etc/init.d is needed by xinetd-2.1.8.9pre12-2mdk Why is it looking for /etc/init.d instead of /etc/rc.d/init.d on my LM7.1 system ?(I see nothing relevant in the changelog). Because of fhs compliance you need things like this. Install latest filesystem /initscripts and things should be gone. Be careful since these are base system packate, just warning so that you don't screw your system .. I got the 7.2 version of initscripts and updated my 7.1 system and it works. I was then able to install xinetd-* and update wu-ftpd-* I am trying to install 'wu-ftpd-2.6.1-7mdk.i586.rpm' which depends on error: failed dependencies: xinetd is needed by wu-ftpd-2.6.1-7mdk Trying to install both at the same time still gives the /etc/init.d error on my LM7.1 server. xinetd is now the choice over inetd. Any real world examples beyond the man pages ? Mainly IP restricted ftp, telnet, pop3 and imap (yes, I mainly use ssh). Thanks... Dan.
[Cooker] xinetd problem in 7.2 ?
I would like to find out more about xinetd, any docs besides man pages ? I got xinetd-2.1.8.9pre12-2mdk.i586.rpm from current 7.2 version. When trying to install xinet*, I get ... # rpm -ivh xinet* error: failed dependencies: /etc/init.d is needed by xinetd-2.1.8.9pre12-2mdk Why is it looking for /etc/init.d instead of /etc/rc.d/init.d on my LM7.1 system ?(I see nothing relevant in the changelog). I am trying to install 'wu-ftpd-2.6.1-7mdk.i586.rpm' which depends on error: failed dependencies: xinetd is needed by wu-ftpd-2.6.1-7mdk Trying to install both at the same time still gives the /etc/init.d error on my LM7.1 server. Thanks... Dan.
Re: [Cooker] ext3
Is ext3 avalible during install on cooker and 7.2 or do you have to use ext2 then add ext3? Also what is involved with converting ext2 to ext3 partitions? ext3 is not available yet. Currently Partition Magic, Drive Image, and Ghost have support for ext2. Does anyone know if they will likely support ext3 before reiserfs ? To me this is a good reason to make ext3 available to us in the next release. Thanks... Dan.
Re: [Cooker] Apache Freshen killed my log files
I did a rpm -Fvh of my apache and it killed my log files How?!! Is it too much to ask that the installation scripts not delete apache log files ever? Please?? Ciao ST Lim Or even worse, the 3.14 rpm from 7.2 installed on top of LM7.1 changed the httpd owner to a new user called 'apache' ! Frankly I would like to know about changes like this *before* I upgrade, not after as I scramble around to fix things. The standard user for this purpose has always been nobody or www. Could the install script not check if those are already being used, and such a user exists, and then leave the current setup alone ? Thanks... Dan.
Re: [Cooker] chrooted Bind
Is it possible to perform an installation of chrooted bind?? That is can I do rpm -ivh --prefix=chroot bind? I have a problem with the updated files for bind. It is not able to perform named-xfers... That is: 1. I have the chroot directory install. 2. Modified /etc/init.d/named so that it reads: daemon named -u named -g named -t chroot 3. Added the file /usr/sbin/named-xfer to chroot/usr/sbin/named-xfer with permissions 0755. 4. Restarted the server and got the message: Nov 14 13:11:49 www named[6343]: chrooted to chroot Nov 14 13:11:49 www named[6343]: group = named Nov 14 13:11:49 www named[6343]: user = named Nov 14 13:11:49 www named[6343]: Ready to answer queries. Nov 14 13:11:49 www named[6346]: can't exec /usr/sbin/named-xfer: Permission denied in syslog 5. How?? I use user 'dns' instead of 'named' to not confuse it with the program. Here's a listing of user 'dns'... # ls -l /home/dns drwx--2 dns dns 4096 Sep 9 12:13 dev/ drwx--2 dns dns 4096 Nov 2 12:32 etc/ drwx--2 dns dns 4096 Nov 11 10:29 lib/ drwx--3 dns dns 4096 Sep 4 17:30 usr/ drwx--5 dns dns 4096 Nov 11 10:33 var/ ### Each program/file is copied from the system so that it has 'dns' permission ### and any compromise is restricted to user 'dns'. -rw-r--r--1 dns dns 2048 Nov 2 12:32 /home/dns/etc/named.conf -rwxr-x---1 dns dns 5262426 Sep 5 18:33 /home/dns/lib/libc.so.6* -rwxr-x---1 dns dns483816 Sep 5 18:33 /home/dns/lib/ld-linux.so.2* crw-rw-r--1 dns dns1, 3 Sep 4 17:30 /home/dns/dev/null -rwxr-x---1 dns dns583356 Nov 10 14:09 /home/dns/usr/sbin/named* -rwxr-x---1 dns dns309116 Nov 10 14:09 /home/dns/usr/sbin/named-xfer* -rwxr-x---1 dns dns 39708 Nov 10 14:09 /home/dns/usr/sbin/ndc* lrwxrwxrwx1 dns dns18 Nov 11 10:33 /home/dns/var/named.log - /var/log/named.lo -rw-r-1 dns dns 2769 Sep 4 04:07 /home/dns/var/named/named.ca -rw-r-1 dns dns 330 Nov 2 11:11 /home/dns/var/named/named.local -rw-r-1 dns dns 828 Nov 2 11:16 /home/dns/var/named/com.mysite -rw-r-1 dns dns 0 Nov 11 10:41 /home/dns/var/lock/subsys/named ### I also made these links (ln -s) to make sure things point to the right place. /etc/named.conf - /home/dns/etc/named.conf /var/named - /home/dns/var/named/ ### I modified /etc/rc.d/init.d/named (latest bind security fix) to look like this... ### (Perhaps Mandrake can make similar changes) #!/bin/sh # # named This shell script takes care of starting and stopping # named (BIND DNS server). # # chkconfig: 2345 55 45 # description: named (BIND) is a Domain Name Server (DNS) \ # that is used to resolve host names to IP addresses. # probe: true CHROOT=/home/dns # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] exit 0 [ -f $CHROOT/usr/sbin/named ] || exit 0 [ -f $CHROOT/etc/named.conf ] || exit 0 RETVAL=0 # See how we were called. case "$1" in start) # Start daemons. echo -n "Starting named: " daemon $CHROOT/usr/sbin/named -u dns -g dns RETVAL=$? [ $RETVAL -eq 0 ] touch $CHROOT/var/lock/subsys/named echo ;; stop) # Stop daemons. echo -n "Shutting down named: " killproc $CHROOT/usr/sbin/named RETVAL=$? [ $RETVAL -eq 0 ] rm -f $CHROOT/var/lock/subsys/named echo ;; status) $CHROOT/usr/sbin/ndc status exit $? ;; restart) $0 stop $0 start ;; reload) $CHROOT/usr/sbin/ndc reload exit $? ;; probe) # named knows how to reload intelligently; we don't want linuxconf # to offer to restart every time $CHROOT/usr/sbin/ndc reload /dev/null 21 || echo start exit 0 ;; *) echo "Usage: $CHROOT/usr/sbin/named {start|stop|status|restart}" exit 1 esac exit $RETVAL ### This has been working well for me. Thanks... Dan.
Re: [Cooker] Crufty Perl Installation in 7.2
I believe you need to get perl-devel-5.600-17mdk to have the *.h files it may be looking for. I should have double-checked first, but it appears that there is no devel package as I thought. I don't have it on my system and 'perl -MCPAN -e shell' works for me. Thanks... Dan.
Re: [Cooker] postfix rpm loses man pages
I updated my LM7.1 version of postfix with the devel version postfix-19991231_pl08-5mdk.i586.rpm No problem updating, except that I no longer have man pages for any of the postfix programs ex: man postfix, man 1 postfix, man postmap, ... I installed the devel groff-* packages but the problem still exists for user root or non-root. I saw that the new files have group 'man' in /usr/share/man/man1 -rw-r--r--1 root man 803 Oct 3 12:16 postlog.1.bz2 -rw-r--r--1 root man 1704 Oct 3 12:16 postmap.1.bz2 -rw-r--r--1 root man 1002 Oct 3 12:16 postsuper.1.bz2 -rw-r--r--1 root root 2503 Sep 30 17:43 rand.1.bz2 -rw-r--r--1 root root 8395 Sep 30 10:46 refer.1.bz2 # ll /usr/bin/man -rwxr-sr-x1 root man 36720 Jul 6 08:41 /usr/bin/man* Even changing the permission of the bz2 files to root does not help. I tried bunzip2'ing and re-bzip2'ing a file but no change. I still use the 7.1 /usr/lib/libbz2.so.0 file. I was not allerted of any other dependencies, so what else is there ? P.S. I want to upgrade via latest RPM because I discovered that the postfix version in 7.1 has a bug fixed in patch level 2 (as per Wietse). I was not able to send to [EMAIL PROTECTED] but [EMAIL PROTECTED] works. The LM7.2 version corrects the problem but I have no man pages :( Could others verify if they get a man page with 'man postfix' ! Has anyone else seen this problem, or solved it ? Thanks... Dan.
Re: [Cooker] Crufty Perl Installation in 7.2
One of the biggest timesavers that I had come across is years was the CPAN shell for installing perl modules (perl -MCPAN -e shell), ... Yes, very nice ! ... perl is broken on Mandrake 7.2, I am kind of at a loss here. Short of removing everything perl and perl related and recompiling perl from scratch,.. I'm not sure how to handle this. Any ideas? Thanks, Aaron Newsome I believe you need to get perl-devel-5.600-17mdk to have the *.h files it may be looking for. Chances are that you had installed this in 7.1, and now you need to do it again for 7.2 BTW,.. rpm -q -a | grep perl reports perl-base-5.600-17mdk perl-5.600-17mdk ... Thanks... Dan.
[Cooker] postfix rpm loses man pages
I updated my LM7.1 version of postfix with the devel version postfix-19991231_pl08-5mdk.i586.rpm No problem updating, except that I no longer have man pages for any of the postfix programs ex: man postfix, man 1 postfix, man postmap, ... I installed the devel groff-* packages but the problem still exists for user root or non-root. I saw that the new files have group 'man' in /usr/share/man/man1 -rw-r--r--1 root man 803 Oct 3 12:16 postlog.1.bz2 -rw-r--r--1 root man 1704 Oct 3 12:16 postmap.1.bz2 -rw-r--r--1 root man 1002 Oct 3 12:16 postsuper.1.bz2 -rw-r--r--1 root root 2503 Sep 30 17:43 rand.1.bz2 -rw-r--r--1 root root 8395 Sep 30 10:46 refer.1.bz2 # ll /usr/bin/man -rwxr-sr-x1 root man 36720 Jul 6 08:41 /usr/bin/man* Even changing the permission of the bz2 files to root does not help. I tried bunzip2'ing and re-bzip2'ing a file but no change. I still use the 7.1 /usr/lib/libbz2.so.0 file. I was not allerted of any other dependencies, so what else is there ? P.S. I want to upgrade via latest RPM because I discovered that the postfix version in 7.1 has a bug fixed in patch level 2 (as per Wietse). I was not able to send to [EMAIL PROTECTED] but [EMAIL PROTECTED] works. The LM7.2 version corrects the problem but I have no man pages :( Thanks... Dan.
Re: [Cooker] ssh
I personally think that it should default to secure, and only go into "insecure" mode if a checkbox or other prompt is chosen for home desktop pc. Agreed ! That would give a "best of both worlds" solution... leaving it up to the user to decide what is best for him/her, and if they dont know what they are doing, by choosing "home workstation" or Home Desktop or what-have- you, they are given the current non-ssh installation, but "expert" and "custom" get ssh and disabled (to remote hosts) telnet. Actually, I think the home users should have it turned on by default since *they* are the ones that get r00ted ! Those of us doing server or expert installs will also *expect* it. Thanks... Dan.
[Cooker] Where's sounddrake ?
I wanted to upgrade my LM7.1 version of sounddrake to see if my sound card could be auto-recognized. However I don't find *any* sounddrake in devel or cooker ? What happened ? Thanks... Dan.
Re: [Cooker] Where's sounddrake ?
Am 2000-10-26, um 13:16:01 (-0600) schrieb Daniel Woods: I wanted to upgrade my LM7.1 version of sounddrake to see if my sound card could be auto-recognized. However I don't find *any* sounddrake in devel or cooker ? What happened ? You have to update detect-lst, detect and harddrake. SoundDrake like EtherDrake are now wizards of HardDrake. Run HardDrake and go into the Soundcard submenu. Click on Run configuration tool then. Great. I uninstalled the LM7.1 rpms, and installed 7.2beta harddrake RPM. My sound card is in the list now (VT82c686 - via82cxxx_audio). However trying to use it gave me "can't locate module sound-slot-0". I don't know where that is, nor is via82cxxx_audio in 7.1. Thanks... Dan.
Re: [Cooker] 7.1 Install chokes with NTFS partitions
It assigns sda1, sda5, sda6, sda7, sda8 and sda9 to the 6 partions on the SCSI drive. It skips minor(?) numbers 2, 3 and 4. Note that there are 3 NTFS5 partitons on the drive but they are not consecutive. The SCSI drive is set up, in order, as : fat32, ntfs5, fat32, ntfs5, ntfs5, fat32. Furthermore, (the real problem) when partitioning and formatting the blank IDE drive, Drakx assigns the partitions without using the minor numbers 2, 3, and 4; i.e., the first partition gets assigned as hda1 but the second is hda5, third is hda6, fourth is hda7, and so forth. Perhaps who misunderstand how formating works. Your *primary* partitions will be in hda1, hda2, hda3, hda4. *Logical* partitions start from hda5 and onwards. Most likely you first partition is primary partition 1 (hda1), and your second partition is an *extended* partition. Within the extended partition, your *logical* partitions will start from hda5, and so on... Thanks... Dan.
Re: [Cooker] i486 Release?
I'd like to see a 7.2/486 ISO not long after the 7.2/586 is released. Don Head [[EMAIL PROTECTED]] For that matter, why not also have a 686 version ;) Thanks... Dan.
Re: [Cooker] security
I lent my 7.2b3 CDs to a friend of mine who is I have to say very happy with his Linux. I encountered some differences between his system and mine where security is concerned. I presume he just installed his version with a different install setting than myself. When he starts up his machine which is set to go straight into init 5, he is automatically logged in. On my system I get the GDM login screen (how it should be!). How can I set his computer *not* to automatically log him in. Another security feature is that his normal users are able to use commands like lsmod, whereas on my system I have to be root to do this. How do I make his system more secure? Is there a Mandrake tool to change Mandrake security levels? try 'msec 3' and/or install the *secure* kernel version (look for crypto downloads). Thanks... Dan.
Re: [Cooker] My request (including security) for Mandrake 7.2final
1) Security I will be really glad if most of the unnecessary services are turned off for default install, including but not limited to, inetd daemon. It minimizes or prevents the chance any attacks such as Denial of service and buffer overflow. Let's take a look at the last big security problem: It's done for most servers. Please give us a list of exact services you would like to see disabled, if you want more precise answer.. Definitely, all services should be off until the user can enable them later when they actually need it. Let newbie users learn on the newbie list when they want to use something. If not, they WILL get cracked. A newbie who installs a fresh LM7.1 and does not know to get updates, WILL be r00ted because of rpd.statd and wu-ftpd services running. No one except experts *may* need sunrpc (port 111) service, and they want a chance to set it up before turning on the service. The only service that should be on is sshd with tcp-wrappers set to localhost or LAN. Have OpenSSH sshd installed by default for the user, and prompt them for a passphrase, RSA (ssh1) and DSA (ssh2), to put in the ~user/.ssh/ directory. The *ONLY* /etc/inetd.conf services possibly installed should be no more than ftp and telnet WITH tcp-wrappers set to allow ONLY from localhost or LAN. Setup a good default /etc/rc.d/rc.firewall (well commented) which blocks spoofing attempts, etc. No users (not even server installs) need httpd, postfix, pop3, imap,, named, snmpd, linuxconf, webmin, portmap, netfs, xfs (only for remote X-sessions), kheader (?), pcmcia (only for laptops), pretty much all K* services, etc until they NEED to use them and they configured them properly. If the Mandrake install process has setup good (secure) defaults, then the user only needs to 'service xxx start' to start using it. Try and chroot jail as many services as possible, like postfix and named dns. I only have the following in my rc3.d and rc5.d directories for a server that has X installed... S09sound - ../init.d/sound* S10network - ../init.d/network* S20random - ../init.d/random* S30syslog - ../init.d/syslog* S40crond - ../init.d/crond* S50inet - ../init.d/inet* # tcp-wrapped ftp and telnet S55named - ../init.d/named*# chroot'ed DNS S55sshd - ../init.d/sshd* S80postfix - ../init.d/postfix* S85httpd - ../init.d/httpd* S85numlock - ../init.d/numlock* S99local - ../rc.local* I only turn on gpm (console mouse) and kudsu (hardware detect) as required. I also install the secure kernel, msec 3, run bastille-linux, install portsentry and logcheck (from http://www.psionic.com). My 2+1 cents (tax in Canada) ;) Thanks... Dan.
Re: [Cooker] Logitechl Cordless Wheel Mouse
On Sat, 23 Sep 2000, you wrote: Does anyone knows how the Logitech Cordless Wheel Mouse is compatible with, so that I can use the Wheel on it too ? Daniel PS: Basic "Mouse" Stuff is working fine, just the Wheel ;) I use it, wheels works and also last installer detect it(as logitech mouse man : you need move mouse and wheel during test also if at beginning cursor disappears...;o) - Franco Silvestro I don't know about the 'cordless' part, but you can try reading how to get a Logitech Wheel Mouse working at... http://www.freezer-burn.org/stories.php?story=24 Thanks... Dan.
[Cooker] mouseconfig resets XF86Config
I realize this is the cooker list for 7.2 testing, but thought that someone else could test this problem on 7.2 and see if it also happens with XFree86 4.x Last night I was using mouseconfig to change the mouse setting. After doing so, regular user accounts could no longer 'startx'. This is on a recently re-installed LM7.1, with XFree86 3.3.6, and medium security. It seems that mouseconfig resets the permission of /etc/X11/XF86Config back to 640, instead of 644 (root:root). Thanks... Dan.
Re: [Cooker] Linux VPN Masquerade
Does anyone know if the VPM Masqarading patch is in any of the Mandrake kernels? If not, I'd like to put in a request for it. (I want to be able to work from home behind my IP masq box :) http://www.wolfenet.com/~jhardin/ip_masq_vpn.html Yup it's already merged in my current kernel tree Just to confirm... do you mean your recently released 2.2.17 final kernel, or do you mean your development version (not accessible to us yet) ? Since you say "current", I am guessing you mean 2.2.17 final. Thanks... Dan.
Re: [Cooker] Linux VPN Masquerade
On Sat, 9 Sep 2000, Steve Fox wrote: Does anyone know if the VPM Masqarading patch is in any of the Mandrake kernels? If not, I'd like to put in a request for it. (I want to be able to work from home behind my IP masq box :) http://www.wolfenet.com/~jhardin/ip_masq_vpn.html I would second that... a secure kernel with VPN support, please ;) Thanks... Dan.
[Cooker] crypto cooker of sftp ?
Where are the *secure* packages for cooker ? I was looking for the Mandrake version of sftp from http://www.xbill.org/sftp/download/sftp-0.9.5-1.i386.rpm As well, the cooker versions of openssh. Going to ftp://ftp.linuxberg.com/pub/distributions/Mandrake/Mandrake-crypto/7.1/ shows me Netscape 4.73, openssh-2.1.1p3 (latest is openssh-2.1.1p4). sftp here is still version 0.7-3mdk Thanks... Dan.
Re: [Cooker] Bundle::CPAN install problems with openssl
However I still have the following problem (as before)... [...] Checking for OpenSSL-0.9.3a or newer... I could not find your OpenSSL in `/usr/local/ssl' Please provide OpenSSL-0.9.3a installation directory (get from http://www.openssl.org/ if you don't have it; please note that SSLeay is no longer supported, see README) (C-c to abort): do you have openssl-devel installed? also try and tell it that it's in /usr/lib/ssl Did not, but now I installed openssl-devel-0.9.5a-3mdk from cooker. Same problem exists when I tried /usr/lib/ssl CPAN.pm: Going to build S/SA/SAMPO/Net_SSLeay.pm-1.05.tar.gz ... Checking for OpenSSL-0.9.3a or newer... I could not find your OpenSSL in `/usr/local/ssl' Please provide OpenSSL-0.9.3a installation directory (get from http://www.openssl.org/ if you don't have it; please note that SSLeay is no longer supported, see README) (C-c to abort): /usr/lib/ssl/ I could not find your OpenSSL in `/usr/lib/ssl/' I looked into the Makefile.pl script and determined that it was expecting {path}/bin/openssl So trying /usr instead of /usr/bin *did* work. However, it hung when Net::SSLeay tried 'make test', and refused to 'make install' (as part of cpan install). I then went to the directory where cpan downloaded the source, and then ran 'make install' from command line, and this worked. After modifying "ssl=1" in /etc/webmin/miniserv.conf, I now have secure SSL (https://) to my webmin web pages. Thanks... Dan.
[Cooker] Bundle::CPAN install problems with openssl
*** I am trying to update a Perl module using CPAN installation alias cpan='perl -MCPAN -e shell'# auto-installing Perl modules via CPAN *** I installed all the cooker Perl5.6-* RPMs required and openssl-*. I want Net_SSLeay-* to have webmin more secure via SSL. # cpan cpan shell -- CPAN exploration and modules installation (v1.52) ReadLine support enabled cpan install Net::SSLeay ... Net_SSLeay.pm-1.05/SSLeay.pm CPAN.pm: Going to build S/SA/SAMPO/Net_SSLeay.pm-1.05.tar.gz Checking for OpenSSL-0.9.3a or newer... I could not find your OpenSSL in `/usr/local/ssl' Please provide OpenSSL-0.9.3a installation directory (get from http://www.openssl.org/ if you don't have it; please note that SSLeay is no longer supported, see README) (C-c to abort): /usr/bin/ *** From here I can't get pass this to point to L-M's RPM of openssl # rpm -ql openssl-0.9.5a-3mdk /usr/bin/c_rehash /usr/bin/openssl /usr/doc/openssl-0.9.5a /usr/doc/openssl-0.9.5a/CHANGES /usr/doc/openssl-0.9.5a/LICENSE /usr/lib/libcrypto.so.0 /usr/lib/libcrypto.so.0.9.5 /usr/lib/libssl.so.0 /usr/lib/libssl.so.0.9.5 *** And then I try to update my version of CPAN to 1.57 cpan install Bundle::CPAN Running make for R/RB/RBS/File-Spec-0.82.tar.gz ... File-Spec-0.82/Makefile.PL Removing previously used /root/.cpan/build/File-Spec-0.82 CPAN.pm: Going to build R/RB/RBS/File-Spec-0.82.tar.gz Checking if your kit is complete... Looks good Error: Unable to locate installed Perl libraries or Perl source code. It is recommended that you install perl in a standard location before building extensions. Some precompiled versions of perl do not contain these header files, so you cannot build extensions. In such a case, please build and install your perl from a fresh perl distribution. It usually solves this kind of problem. (You get this message, because MakeMaker could not find "/usr/lib/perl5/5.6.0/i386-linux/CORE/perl.h") *** I can't find any perl.h in /usr/lib/perl5/ *** Why does the cooker versions of Perl5.6 break the availability of using CPAN for auto-installs (a common thing to use) ? Thanks... Dan.
Re: [Cooker] Bundle::CPAN install problems with openssl
On Fri, 18 Aug 2000, Daniel Woods wrote: *** I am trying to update a Perl module using CPAN installation alias cpan='perl -MCPAN -e shell'# auto-installing Perl modules via CPAN I see this got posted 3 times, but I know for a fact I only sent it once. So please don't yell at me for this. Denis admitted on the expert list that there are "bumps" right now with their systems. Thanks... Dan.
[Cooker] ImageMagick and Netscape
Being new to the cooker list, I would to get some feedback on proper use and reporting expectations. I wanted to update to Netscape 4.74 on my LM7.1 version. I got the files from cooker and found it had dependancies, which I got. Problem was that at some point I found it hard to figure out what RPMs I needed to get. I found out about rpmfind and this has helped. Throughout the whole process (at some point), I was not able to install ImageMagick-5_2_2-6mdk_i586.rpm because of rpm -Uvh ImageMagick-5_2_2-6mdk_i586.rpm error: failed dependencies: ImageMagick-lib = 5.2.2 is needed by ImageMagick-5.2.2-6mdk libdps.so.1 is needed by ImageMagick-5.2.2-6mdk libdpstk.so.1 is needed by ImageMagick-5.2.2-6mdk I installed ImageMagick-lib, and rpmfind told me it wanted to install to transfer ftp://rpmfind.net/linux/MandrakeCooker/cooker/Mandrake/RPMS/XFree86-libs-4.0.1-6mdk.i586.rpm So it requires XFree86 version 4 to be installed. I am not ready to install this now, so I have given up on ImageMagick (not important). Same is true for perl-Magick-5_2_2-6mdk_i586.rpm My questions... 1/ are cooker users expected to download and use *all* of the latest, or is it acceptable to grab only the wanted modules ? 2/ is the next release of LM expecting to use XFree86 version 4 only ? 3/ do I report problems with installs here, even if I don't use the full cooker distro ? Thanks... Dan.
Re: [Cooker] PHP and MySQL problems
On Sat, 12 Aug 2000 [EMAIL PROTECTED] wrote: There seems to be a definite problem with MySQL support in the latest PHP/Apache RPMs. I've got all of the RPMs installed and PHP support enabled, the php.ini says to load mysql.so, but no matter what, making MySQL calls fails with: I also seemed to run into this problem (possibly already reported). I installed the latest cooker Apache modules and MySQL-3.23.22-* versions. When trying to install mod_php3-mysql-3_0_16-7mdk_i586.rpm , I get error: failed dependencies: mysql-shared-libs is needed by mod_php3-mysql-3.0.16-7mdk libmysqlclient.so.6 is needed by mod_php3-mysql-3.0.16-7mdk # rpmfind mysql-shared-libs(also libmysqlclient.so.6) ftp://rpmfind.net/linux/Mandrake/7.1/Mandrake/RPMS2/MySQL-shared-libs-3.22.32-5mdk.i586.rpm Thanks... Dan.