Re: [Cooker] ftp/shorewall oddity
Oden Eriksson [EMAIL PROTECTED] writes: torsdagen den 6 november 2003 17.25 skrev Austin: Hey, I just updated my server to 9.2 and the oddest thing happened. I opened the ftp port using drakfirewall, and I can use ftp via the command line, but I can't use ftp:// through browser, and I can't use curl or wget over ftp. Anyone know what the hell is going on? I hope this isn't standard in 9.2! Thanks, Austin I think there is a bug that was reported earlier regarding this. The shorweall stuff does not load the ip_conntrack_ftp module or something like that. lsmod? Shouldn't this be cause for a update (florin?) I have already reccomended that all my packages that I have put on my web side go to the updates ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] ftp/shorewall oddity
Oden Eriksson [EMAIL PROTECTED] writes: fredagen den 7 november 2003 03.22 skrev Austin: On Thu, 2003-11-06 at 12:37, Oden Eriksson wrote: I think there is a bug that was reported earlier regarding this. The shorweall stuff does not load the ip_conntrack_ftp module or something like that. Yep, that fixed it. Should be an erratum at least. Austin Yes. Florin? this was a shorewall bug at some point ... simply update shorewall to the latest version ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
Dominique Petitpierre [EMAIL PROTECTED] writes: Hello, On 5-Nov-03 at 10:33, Florin ([EMAIL PROTECTED]) wrote: have you also tried the latest luca's package ? http://people.mandrakesoft.com/~florin/www/rpms/cooker/RPMS/i586/nss_ldap-211-3mdk.i586.rpm I could not download this: the directory seems empty today. I have removed all the packages (I have kept the src though) because everything is in cooker now ... I tried, on Mandrake 9.2, the version from http://www.comedia.it/~bluca/cooker/errata/ and it works fine: # rpm -ivh -p http://www.comedia.it/~bluca/cooker/errata/nss_ldap-211-3mdk.i586.rpm Retrieving http://www.comedia.it/~bluca/cooker/errata/nss_ldap-211-3mdk.i586.rpm warning: /var/tmp/rpm-xfer.9riEy1: V3 DSA signature: NOKEY, key ID 49aa3db1 Preparing...### [100%] 1:nss_ldap ### [100%] # cp /etc/ldap.conf.rpmsave /etc/ldap.conf # getent passwd etutest1 etutest1:x:147989:4:ETUTEST Accesinfo:/home/etutest1:/bin/tcsh So both versions 207 and 211 compiled by Luca Berra work fine on Mandrake 9.2. Best regards, Dominique -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] ftp/shorewall oddity
[EMAIL PROTECTED] (Oden Eriksson) writes: Shouldn't this be cause for a update (florin?) I have already reccomended that all my packages that I have put on my web side go to the updates ... Ok, cool. Thanks Florin. ... but this doesn't mean that they will really go to the updates ... I can only reccomend and express my point of view ... but I'm not the one that takes decisions in this matter ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
have you also tried the latest luca's package ? http://people.mandrakesoft.com/~florin/www/rpms/cooker/RPMS/i586/nss_ldap-211-3mdk.i586.rpm -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
# wget http://people.mandrakesoft.com/~florin/www/rpms/cooker/RPMS/i586/nss_ldap-211-3mdk.i586.rpm --08:39:43-- http://people.mandrakesoft.com/0.00E+00florin/www/rpms/cooker/RPMS/i586/nss_ldap-211-3mdk.i586.rpm = `nss_ldap-211-3mdk.i586.rpm' Resolving people.mandrakesoft.com... done. Connecting to people.mandrakesoft.com[80.67.180.163]:80... connected. HTTP request sent, awaiting response... 403 Forbidden 08:39:44 ERROR 403: Forbidden. ok, my mistake. This you work now ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
[EMAIL PROTECTED] (Dominique Petitpierre) writes: Hello, On Mandrake 9.2 (Download version) I have observed a symptom that is similar to the one discussed in the cooker mailing list thread [CHRPM] nss_ldap-211-1mdk on September 18 and 19 (http://www.mail-archive.com/[EMAIL PROTECTED]/msg124027.html): After configuring ldap, commands fail with the following error message: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen I tried the rpm distributed with 9.2 (nss_ldap-207-2mdk.i586.rpm) as well as both version available at http://peoples.mandrakesoft.com/~florin/www/rpms/ldap/: nss_ldap-207-2mdk.i586.rpm 18-Sep-2003 13:32 90K nss_ldap-211-2mdk.i586.rpm 18-Sep-2003 12:38 89K Why don't you try the latest version I have uploaded here ... http://people.mandrakesoft.com/~florin/www/rpms/cooker/RPMS/i586/nss_ldap-211-1mdk.i586.rpm -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
Hi, It's quite funny to see all this energy in a long thread ... without testing the latest version of the package. I'm not saying here that the latest version works for your ... but it works here and in some production sites ... have a nice day, Luca Berra [EMAIL PROTECTED] writes: Buchan, it _IS_ a bug in nss_ldap package in short dbopen is db1 syntax dbX (for X1) provide a db_185.h wrapper for dbopen nss_ldap looked for dbX/db_185.h (for X =3) db4 has db4/db_185.h patch is at: http://www.comedia.it/~bluca/cooker/errata/nss_ldap-207-4.0.92mdk/nss_ldap-207-db4.patch.bz2 fixed rpms at: http://www.comedia.it/~bluca/cooker/errata/nss_ldap-207-4.0.92mdk.i586.rpm http://www.comedia.it/~bluca/cooker/errata/pam_ldap-164-4.0.92mdk.i586.rpm http://www.comedia.it/~bluca/cooker/errata/nss_ldap-207-4.0.92mdk.src.rpm btw (i commented out buildrequires for gdbm-devel and libldap-devel-static, since i don't see them used anywhere) Buchan, Dominique could you please test it? Vincent, can you add this to errata? L. P.S. sorry for large cc list, but i wan't to be sure you see it (message has been quoted fully for people wo don't read cooker) On Sat, Nov 01, 2003 at 01:34:43AM +0200, [EMAIL PROTECTED] wrote: On 31-Oct-03 at 17:32, Buchan Milne ([EMAIL PROTECTED]) wrote: But, I don't see the problem: [EMAIL PROTECTED] bgmilne]$ grep ^passwd /etc/nsswitch.conf passwd: files ldap [EMAIL PROTECTED] bgmilne]$ wc -l /etc/passwd 38 /etc/passwd Same for me here, so far. [EMAIL PROTECTED] bgmilne]$ getent passwd|wc -l 187 Here I get the same symptom as before. # getent passwd|wc -l getent: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen 0 # getent passwd root root:x:0:0:root:/root:/bin/bash # getent passwd etutest1 getent: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen May be you have a ldap.conf file that does not trigger the call to dbopen? - could you send me the relevant part of your ldap.conf? Here is mine: # egrep -v '^#|^$' /etc/ldap.conf host myhost.unige.ch base ou=people,dc=unige,dc=ch ldap_version 3 scope sub pam_filter objectclass=posixAccount pam_login_attribute unigeChStudentUid pam_member_attribute gid pam_password clear nss_base_passwd ou=People,dc=unige,dc=ch?sub nss_base_shadow ou=People,dc=unige,dc=ch?sub ssl on sslpath /etc/ssl/certs/cert7.db Maybe it is this ^^^ ? (I don't see the point in wanting to verify the SSL cert against the commercial CAs when I use my own CA cery anyway, which is available and configured) nss_map_attribute uid unigeChStudentUid pam_template_login_attribute unigeChStudentUid That configuration did work with Mandrake 9.0. Here is mine, we have production machines running with configs like this, Mandrake 9.0 through 9.2: [EMAIL PROTECTED] bgmilne]$ egrep -v '^#|^$' /etc/ldap.conf host bgmilne.cae.co.za base dc=cae,dc=co,dc=za ldap_version 3 scope one pam_filter objectclass=posixaccount pam_login_attribute uid pam_password md5 nss_base_passwd ou=People,dc=cae,dc=co,dc=za nss_base_shadow ou=People,dc=cae,dc=co,dc=za nss_base_group ou=Group,dc=cae,dc=co,dc=za ssl start_tls tls_cacertfile /etc/ssl/ca.crt tls_checkpeer yes TLS_CACERT /etc/ssl/ca.crt Or maybe dbopen is provided by another library loaded at runtime not in the dependancies shown by ldd. It would be strange though: You would expect all symbols of a dynamic libraries to be resolved within the dependancies. [ Florin: is it OK that dbopen is not defined in the dynamic libraries? ] - Any suggestion on where to look now to figure this out? Maybe try without the certdb, since this seems to be about the only thing that has anything to do with libdb (besides libsasl)? Regards, Buchan -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
[EMAIL PROTECTED] (Luca Berra) writes: On Sat, Nov 01, 2003 at 01:10:53PM +0100, Florin wrote: Hi, It's quite funny to see all this energy in a long thread ... without testing the latest version of the package. I'm not saying here that the latest version works for your ... but it works here and in some production sites ... Florin, I really want to help people out, not disrespecting anybody work. I'd love if people did not assume I am an idiot unless the opposite is proven. On a contrary, I really appreciate your work ... I'll have a closer look and sync it with the cooker packages. Thank you. I was simply mentioning that I have uploaded another nss_ldap package ... since my link was mentioned. Sorry, i did urpmi -s nss_ldap from a current cooker, and i forgot something could be found somewhere else. anyway i provided a description of the bug and a patch. could you please add an hdlist to http://people.mandrakesoft.com/~florin/www/rpms/cooker/ so we can add it as an urpmi source. please tell me: which is the correct latest version of the package? http://people.mandrakesoft.com/~florin/www/rpms/ldap/nss_ldap-211-2mdk.src.rpm this one is now removed, it was only a test ... http://people.mandrakesoft.com/~florin/www/rpms/cooker/SRPMS/nss_ldap-211-1mdk.src.rpm which seems to be newer I suppose the latter is. I checked against that as well, and since you did not fix the db4 bug it is still there. ok, I'll add your patch. If you don't beleive it is a bug please read my mail again, all of it. ok, So i have spent some more energy in providing fixed nss_ldap-211 rpms I called them -3mdk to avoid further confusion. I also uploaded a newer 207 with fixed buildrequires I hope someone will consider those worth an errata and that no more energy is wasted in squashin a silly bug. oh, yeah, it will be good to add this in the errata, I agree with you .. have a nice day, and a nice day to you as well, L. Luca Berra [EMAIL PROTECTED] writes: Buchan, it _IS_ a bug in nss_ldap package in short dbopen is db1 syntax dbX (for X1) provide a db_185.h wrapper for dbopen nss_ldap looked for dbX/db_185.h (for X =3) db4 has db4/db_185.h patch is at: http://www.comedia.it/~bluca/cooker/errata/nss_ldap-207-4.0.92mdk/nss_ldap-207-db4.patch.bz2 fixed rpms at: http://www.comedia.it/~bluca/cooker/errata/nss_ldap-207-4.0.92mdk.i586.rpm http://www.comedia.it/~bluca/cooker/errata/pam_ldap-164-4.0.92mdk.i586.rpm http://www.comedia.it/~bluca/cooker/errata/nss_ldap-207-4.0.92mdk.src.rpm btw (i commented out buildrequires for gdbm-devel and libldap-devel-static, since i don't see them used anywhere) -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
Luca Berra [EMAIL PROTECTED] writes: So i have spent some more energy in providing fixed nss_ldap-211 rpms I called them -3mdk to avoid further confusion. I also uploaded a newer 207 with fixed buildrequires I had a look at your packages and they seem fine to me ... so I have copied on my web site aswell ... thank you for your work again. And, again, I would recommend this for an errata. cheers, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
[EMAIL PROTECTED] (Vincent Danen) writes:
simply install the cooker/9.2 nss_ldap package and you'll get the famous
open_db error ...
Ok... I'm confused.
Where does this bug exhibit itself? Only in cooker? Or with 9.2, and
under what conditions? Surely a buildrequires error would make it
work, or not, for all installs, no?
I'm using nss_ldap-207-2mdk here on a workstation and a laptop and I
don't see the errors you describe with dbopen and getent. Just tried
it on both and re-read your message, but I'm still confused.
If this is a buildrequires problem, and nss_ldap is broken, then
shouldn't it be broken *everywhere*? Why would you get the dbopen
errors and I don't?
Ohhh... wait a sec. Your cert7.db file is what is causing the problem?
When nss_ldap tries to open it to get the cert before connecting to
the LDAP server, right?
So your -3mdk packages fix that? No more dbopen errors when nss_ldap
tries to open your cert7.db file?
If yes, and it's verified that it works, then I'll build packages to
put into updates. I don't use a db here and really have no clue how to
make a db file to test this, so unless you can give me a quick test
howto kinda thing, I have to rely on your testing results to put it
through.
Thanks
---
MandrakeSoft Security; http://www.mandrakesecure.net/
Online Security Resource Book; http://linsec.ca/
lynx -source http://linsec.ca/vdanen.asc | gpg --import
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
--Apple-Mail-1--794018339
content-type: application/pgp-signature; x-mac-type=70674453;
name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (Darwin)
iD8DBQE/o+xpIEPQ5f5vKv0RAv4AAKCEPFYn7KpHVY63OgI96Id8yRKKfgCgmei2
oGML7XhdelfMAakLLFvMIbw=
=2u8i
-END PGP SIGNATURE-
--Apple-Mail-1--794018339--
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
Re: [Cooker] [Bug 6254] [icewm-light] New: Multibyte character cannot be displayed in icewm menu
have you tried to remove your existing .icewm directory and restart icewm ? [EMAIL PROTECTED] ([wtzhu]) writes: http://qa.mandrakesoft.com/show_bug.cgi?id=6254 Summary: Multibyte character cannot be displayed in icewm menu Product: icewm-light Version: 1.2.9-2mdk Platform: PC OS/Version: All Status: UNCONFIRMED Severity: major Priority: P2 Component: i18n AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] My OS: Mandrake Linux 9.2 (FiveStar) on an i586 PC icewm version: icewm-1.2.13-0.3.1mdk.i586, icewm-light-1.2.13-0.3.1mdk.i586 locale: zh_CN Chinese characters cannot be displayed in icewm starting menu as well as right click pop-up menu. The problem may be due to font loading. I've tried to startx manually and step by step from the text console: # X (Enter. Everything is OK.) # export DISPLAY=0:0 (Enter. Everything is OK.) # /usr/X11R6/bin/icewm-session (Enter. Something wrong but not fatal.) While loading icewm, it gives lots of messages as the following: ... IceWM: Warning: Could not load font -*--16-*. IceWM: Warning: Could not load font -*--16-*. IceWM: Warning: Could not load font -*--16-*. IceWM: Warning: Could not load font -*--16-*. IceWM: Warning: Could not load font -*--16-*. IceWM: Warning: Could not load font -*--16-*. ... RPMS shipped in Mandrake Linux 9.0 (icewm-1.2.0-5mdk, icewm-light-1.2.0-5mdk) work well in FiveStar. RPMS shipped in Mandrake Linux 9.1 (icewm-1.2.6-1mdk, icewm-light-1.2.6-1mdk) may also work but modifications to /usr/X11R6/lib/X11/icewm/preferences are needed. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] ADSL + postfix default config = open relay?
[EMAIL PROTECTED] (Bruno Prior) writes: My ISP has just pointed out to me that I was running an open relay, which is highly embarrassing. I have been running postfix without causing a problem until I switched to an ADSL connection. The notes in postfix/main.cf seem to make it pretty clear what the problem is: my ISP's subnet had been added as a trusted subnet, as ADSL counts as a dialup connection, which meant that anyone on their network could relay through my mail server. Obviously, the fault is principally mine, for not being more careful when I set ADSL up - the information is all there if you look for it. But I was wondering how many people would look for it. Because, if you setup ADSL using drakconnect, you wouldn't have a clue you needed to edit main.cf to prevent this. Would it be a good idea to either enhance drakconnect to make this change automatically (if you could figure out a sensible way to deduce the appropriate list of trusted clients), or at least flag up a warning, to stop other people making this mistake? Hi there, This is FALSE. The default postfix configuration is binded to localhost. So if, for some season, you bind your localhost to your external IP address, then your postfix is, indeed, acting as a open relay. You might have miscofigured your network ... cheers, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 6245] [icewm-light] Mis-configured toolbar file due to an obvious typo
http://qa.mandrakesoft.com/show_bug.cgi?id=6245 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution||INVALID --- Additional Comments From [EMAIL PROTECTED] 2003-10-28 12:15 --- No, this is not a typo: xvt is a link to a terminal. That link is automatically updated according to the update-alternatives program and the different terminals priorities. Example: [EMAIL PROTECTED] florin]# update-alternatives --display xvt xvt - status is auto. link currently points to /usr/X11R6/bin/rxvt /usr/bin/gnome-terminal - priority 10 /usr/X11R6/bin/rxvt - priority 20 /usr/X11R6/bin/xterm - priority 18 Current `best' version is /usr/X11R6/bin/rxvt. -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: In file usr/X11R6/lib/X11/icewm/toolbar there is a badly written line: prog Terminal terminals_section.png xvt It should have been written as: prog Terminal terminals_section.png rxvt
Re: [Cooker] bind-9.2.3-1mdk
[EMAIL PROTECTED] (Oden Eriksson) writes: Hi (Florin). For some reason this happens in a real world situation: # /etc/rc.d/init.d/named restart Stopping named: [ OK ] named: already [EMAIL PROTECTED] init.d]# # /etc/rc.d/init.d/named restart Stopping named: rndc: connect failed: connection refused [FAILED] Starting named: [ OK ] Proposed fix: --- /etc/rc.d/init.d/named 2003-10-24 21:13:10.0 +0200 +++ /etc/rc.d/init.d/named.oden 2003-10-25 18:32:33.0 +0200 @@ -54,6 +54,7 @@ echo return $RETVAL } + sleep 1 success echo return $RETVAL indeed, the rndc command needs some time to shutdown named ... I'll add sleep 2 (RedHat does the same thing actually) ... fixed in 2mdk thx for the bug report ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] Re: The idnkit, something for Mandrake 10 or aware ISP's? + Bind 9.2.3
http://people.mandrakesoft.com/~florin/www/rpms/cooker Oden Eriksson [EMAIL PROTECTED] writes: Hi. I'm evaluating IDN (international domain names) right now and made a rediffed patch for latest bind. The patch makes host, nslookup and dig IDN aware and links against the libidnkit1 library from contribs. Here's packages: http://www.deserve-it.com/Cooker/RPMS/idnkit-tools-1.0-1mdk.i586.rpm http://www.deserve-it.com/Cooker/RPMS/libidnkit1-devel-1.0-1mdk.i586.rpm http://www.deserve-it.com/Cooker/RPMS/libidnkit1-1.0-1mdk.i586.rpm http://www.deserve-it.com/Cooker/RPMS/bind-devel-9.2.3-0.rc4.3mdk.i586.rpm http://www.deserve-it.com/Cooker/RPMS/bind-utils-9.2.3-0.rc4.3mdk.i586.rpm http://www.deserve-it.com/Cooker/RPMS/bind-9.2.3-0.rc4.3mdk.i586.rpm http://www.deserve-it.com/Cooker/SRPMS/bind-9.2.3-0.rc4.3mdk.src.rpm http://www.deserve-it.com/Cooker/SRPMS/idnkit-1.0-1mdk.src.rpm Here's output from the bind stuff: [EMAIL PROTECTED] i586]# nslookup www.räksmörgås.se Server: 192.168.100.1 Address:192.168.100.1#53 Non-authoritative answer: www.räksmörgås.se canonical name = ext.nic-se.se. Name: ext.nic-se.se Address: 212.247.3.81 [EMAIL PROTECTED] i586]# host www.räksmörgås.se www.räksmörgås.se is an alias for ext.nic-se.se. ext.nic-se.se has address 212.247.3.81 [EMAIL PROTECTED] i586]# dig www.räksmörgås.se ; DiG 9.2.3rc4 www.räksmörgås.se ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 42689 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;www.räksmörgås.se. IN A ;; ANSWER SECTION: www.räksmörgås.se. 33468 IN CNAME ext.nic-se.se. ext.nic-se.se. 2615IN A 212.247.3.81 ;; AUTHORITY SECTION: nic-se.se. 3359IN NS dns5.telia.com. nic-se.se. 3359IN NS orebro.dns.swip.net. nic-se.se. 3359IN NS ns.nic-se.se. ;; ADDITIONAL SECTION: ns.nic-se.se. 3359IN A 212.247.3.78 dns5.telia.com. 83136 IN A 194.22.190.13 orebro.dns.swip.net.4889IN A 192.71.180.45 ;; Query time: 2 msec ;; SERVER: 192.168.100.1#53(192.168.100.1) ;; WHEN: Thu Oct 9 16:56:53 2003 ;; MSG SIZE rcvd: 210 [EMAIL PROTECTED] i586]# nslookup www.gällivare.se 194.117.184.29 Server: 194.117.184.29 Address:194.117.184.29#53 Name: www.gällivare.se Address: 194.117.184.29 Quite funny! Here's output of idnconv from the idnkit: [EMAIL PROTECTED] i586]# echo www.räksmörgås.se | idnconv www.xn--rksmrgs-5wao1o.se You should also be able to surf to htp://www.räksmörgås.se with Mozilla v1.4. I think this is interesting as it seems we now have some sort of a established standard for international domain names..., that wasn't true when I tried this last time (maybe 2 years ago?). Cheers. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] new shorewall version 1.4.7
[EMAIL PROTECTED] [EMAIL PROTECTED] writes: hi can someone add the new shorewall version at the cooker ? There is an very good option. Traffic Accounting http://www.shorewall.net/Accounting.html Thanks good morning, I have already said that my updates can be found at : http://people.mandrakesoft.com/~florin/www/rpms/cooker cheers, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] [Bug 6191] [dhcp-server] Will not start with DDNS updates
[EMAIL PROTECTED] (Buchan Milne) writes: [florin] wrote: http://qa.mandrakesoft.com/show_bug.cgi?id=6191 fixed here http://peoples.mandrakesoft.com/~florin/www/rpms/cooker So how soon are these going to be available officially? I need to decide between 9.1 and 9.2 for a new server for a client ... and it's going to need dhcp and shorewall ... Hi, These are already official packages, otherwise you wouldn't know about it ... We're about to finish the distro for the 64 architecture ... and then cooker will reopen again ... so the packages will be updated ... in the meanwhile use my web site .. if you need those packages ... have a nice day, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 6191] [dhcp-server] Will not start with DDNS updates enabled
http://qa.mandrakesoft.com/show_bug.cgi?id=6191 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2003-21-10 12:32 --- fixed here http://peoples.mandrakesoft.com/~florin/www/rpms/cooker -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: dhcpd produces an error saying it cannot parse old style dns update code. I have rebuilt using the rc12 sources from ISC, and this now works perfectly. I noticed that the .src.rpm actually conatins rc11 is ISC's dhcp
Re: [Cooker] [Bug 6191] [dhcp-server] Will not start with DDNS updates
[EMAIL PROTECTED] (Buchan Milne) writes: Florin wrote: [EMAIL PROTECTED] (Buchan Milne) writes: So how soon are these going to be available officially? I need to decide between 9.1 and 9.2 for a new server for a client ... and it's going to need dhcp and shorewall ... Hi, These are already official packages, otherwise you wouldn't know about it ... IMHO, official packages for a release are in: Mandrake/release and Mandrake/updates/release on the official mirrors. like: ftp://mandrake.redbox.cz/Mandrake/updates/9.2/RPMS/ We're about to finish the distro for the 64 architecture ... and then cooker will reopen again ... so the packages will be updated ... in the meanwhile use my web site .. if you need those packages ... IMHO this should not be necessary, broken packages which can be fixed should be fixed by bugfix updates. I would like to know when these packages will be available as official updates for 9.2. Otherwise, when does the official time for starting support for 9.2 start? It seems at present real support for a distro can only be guaranteed for 2 distros concurrently (ie at present 9.0 and 9.1). 8.2 has been unsupported for a few weeks now, but I want to upgade servers running 8.2 to something that will be supported for more than a year (and no, the clients can't afford CS 2.1, but might manage a ProSuite). It doesn't seem that 9.2 is supported yet ... (Note, I can happily support my own machines, but I can't sell solutions to clients and say that I am their only means of supporting their machines if they have paid for a product - so this is more of a complaint about business than about the packages themselves) If the packages are in QA, that's fine (my ProSuite order hasn't shipped yet I guess), but your answer implied there would not be updates (only new packages in cooker). Regards, Buchan Hi, I'm only a developper, I have given you the fixes that will be added in the official distro soon. If you don't want them it's fine by me. Some other people asked me to make my changes available because I cannot upload them because cooker is frozen. Then simply wait for the official mirroring ... I cannot tell you anything about that ... just wait or ask [EMAIL PROTECTED] cheers, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 6086] [shorewall] Shorewall fails to load modules in 9.2RC2
http://qa.mandrakesoft.com/show_bug.cgi?id=6086
--- Additional Comments From [EMAIL PROTECTED] 2003-20-10 11:15 ---
As I said ... the package is already available at the following link:
http://people.mandrakesoft.com/~florin/www/rpms/cooker
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
I installed Mandrake9.2RC2 with shorewall firewall and was having problems
making ftp transfers. After some investigation I determined that the problem was
that shorewall wasn't loading the ip_conntrack_ftp kernel module although that
module was listed in /etd/shorewall/modules.
The reason why the module wasn't being loaded is that the kernel module is
compressed in a file called ip_conntrack.o.gz and shorewall was searching for a
file called ip_conntrack_ftp.gz The patch bellow fixes the problem:
--- shorewall-1.4.6c/firewall.orig 2003-10-04 16:41:40.0 +0100
+++ shorewall-1.4.6c/firewall 2003-10-04 16:42:58.0 +0100
@@ -2694,7 +2694,7 @@
if [ -z `lsmod | grep $modulename` ]; then
shift
- for suffix in o gz ko ; do
+ for suffix in o o.gz ko ; do
modulefile=$MODULESDIR/${modulename}.${suffix}
if [ -f $modulefile ]; then
[Cooker] [Bug 6086] [shorewall] Shorewall fails to load modules in 9.2RC2
http://qa.mandrakesoft.com/show_bug.cgi?id=6086
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution||FIXED
--- Additional Comments From [EMAIL PROTECTED] 2003-07-10 18:56 ---
this should be fixed in the 1.4.7 version, wait for the unfrozen cooker packages
or, eventually, use the ones on my web site :
http://people.mandrakesoft.com/~florin/www/rpms/cooker
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
I installed Mandrake9.2RC2 with shorewall firewall and was having problems
making ftp transfers. After some investigation I determined that the problem was
that shorewall wasn't loading the ip_conntrack_ftp kernel module although that
module was listed in /etd/shorewall/modules.
The reason why the module wasn't being loaded is that the kernel module is
compressed in a file called ip_conntrack.o.gz and shorewall was searching for a
file called ip_conntrack_ftp.gz The patch bellow fixes the problem:
--- shorewall-1.4.6c/firewall.orig 2003-10-04 16:41:40.0 +0100
+++ shorewall-1.4.6c/firewall 2003-10-04 16:42:58.0 +0100
@@ -2694,7 +2694,7 @@
if [ -z `lsmod | grep $modulename` ]; then
shift
- for suffix in o gz ko ; do
+ for suffix in o o.gz ko ; do
modulefile=$MODULESDIR/${modulename}.${suffix}
if [ -f $modulefile ]; then
Re: [Cooker] acid snort gui
[EMAIL PROTECTED] (Oden Eriksson) writes: Hi. Maybe this is something for a gui packager: http://www.maximumunix.org/ACID-XML/ ? I'll have a look ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] dhcp, squid, bind, snort, ohphone
[EMAIL PROTECTED] (Eric Fernandez) writes: Florin wrote: Hi, Cooker is frozen so if you need one of the packages I maintain ... see http://people.mandrakesoft.com/~florin/www/RPMS/cooker have a nice day, Thanks Any chance they will go to the updates (I think about ohphone, which does not start for some people) in any future ? Eric all these packages will get to cooker as soon it becomes unfrozen... but not to the already finished 9.2 cheers, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] dhcp, squid, bind, snort, ohphone
[EMAIL PROTECTED] (Eric Fernandez) writes: Florin wrote: all these packages will get to cooker as soon it becomes unfrozen... but not to the already finished 9.2 cheers, Actually, I meant : in the 9.2 official updates folder ? Eric of course they will get to the official updates ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 5893] [drakxtools] Connection sharing always disabled
http://qa.mandrakesoft.com/show_bug.cgi?id=5893 --- Additional Comments From [EMAIL PROTECTED] 2003-25-09 11:40 --- Hi, did you get the latest files from my web site ? http://people.mandrakesoft.com/~florin/www/rpms/drak_gw_firewall/ ok, drakgw seems to work for you Some hopefuly usefull piece of information: For drakfirewall you also can choose your internet interface. Did you enter ppp+ ? drakgw and drakfirewall read the /etc/sysconfig/network-scripts/net_cnx_up file that will be provided with the right information by drakconnect. I have added the options both to drakfirewall and drakgw to choose that internet interface in the case you have configured the internet access using some other tool ... -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: On MDK 9.2RC2 I try to enable internet connection sharing but get no connection via the client network. I am using a Speedtouch USB modem as the connection I wish to share. When I re-check Internet Connection Sharing, I am told it is set up but currently disabled. I try to enable it but it never does. No error message. It simply always stays in a disabled state. I had a similar problem with MDK 9.1 and resolved it by using an IPtables script instead.
Re: [Cooker] [Bug 5893] [drakxtools] Connection sharing always disabled
[EMAIL PROTECTED] ([home]) writes: Yes, I downloaded and installed the latest files before following the other instructions. Drakgw did correctly pick up ppp+ but drakfirewall only shows the tickboxes for which services I would like the internet to connect to, there is no way to choose the interfaces on that dialogue box. well in that case READ my mails ... I told you that you can use my files on the link I have given you with the latest changes ... in these changes YOU CAN CHOOSE YOUR INTERFACE. I used webmin to _view_ settings but not to change them. I still have no route to the internet from the client machine, not after drakgw or after drakfirewall. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] [Bug 5926] [bind] [PATCH] make /etc/init.d/named work again
[EMAIL PROTECTED] log]# grep named /etc/passwd /etc/group /etc/passwd:named:x:25:25:Bind User:/var/named: /etc/group:named:x:25: And here is my /var/log/syslog after doing /etc/init.d/named start : Sep 25 18:49:24 localhost named[3622]: starting BIND 9.2.3rc2 -u named Sep 25 18:49:24 localhost named[3622]: using 1 CPU Sep 25 18:49:24 localhost named[3624]: loading configuration from '/etc/named. conf' sep 25 18:49:24 localhost named: Démarrage de named succeeded Sep 25 18:49:24 localhost named[3624]: no IPv6 interfaces found Sep 25 18:49:24 localhost named[3624]: listening on IPv4 interface lo, 127.0.0. 1#53 Sep 25 18:49:24 localhost named[3624]: listening on IPv4 interface eth0, 192. 168.0.1#53 Sep 25 18:49:24 localhost named[3624]: command channel listening on 127.0.0. 1#953 Sep 25 18:49:24 localhost named[3624]: couldn't open pid file '/var/run/named. pid': Permission denied Sep 25 18:49:24 localhost named[3624]: exiting (due to early fatal error) The problem is that /var/run/named.pid cammot be written by user named ! Looking at directory /var/run tells me : drwxr-xr-x 12 root root 904 sep 25 19:01 /var/run/ I simply upgraded bind to latest cooker version :S So what's wrong ? the error message is clear enough ... you cannot modify the /var/run/named/named.pid normally, the file should /var/run/named/named.pid in the /etc/named.conf configuration file you should have, in the options section, something like this: pid-file /var/run/named/named.pid; Note: I have already give examples of configuration files in /usr/share/doc/bind-9.2.3/dhcp-dynamic-dns-examples/bind/etc/named.conf cheers, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] [Bug 4424] [drakxtools] Drakefirewall doesn't work with dialup connexion
[EMAIL PROTECTED] ([tulear999]) writes: http://qa.mandrakesoft.com/show_bug.cgi?id=4424 --- Additional Comments From [EMAIL PROTECTED] 2003-23-09 23:52 --- Ok I tried your files, it seems to work fine :-)) Must I close the bug ? Will it be included in 9.2 final ? sure, you can close the bug as will commit the changes to the CVS ... and no, it's too late for 9.2, that's why I put my actual work on the web site to make it available to everyone ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] dhcp, squid, bind, snort, ohphone
Hi, Cooker is frozen so if you need one of the packages I maintain ... see http://people.mandrakesoft.com/~florin/www/RPMS/cooker have a nice day, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 5926] [bind] [PATCH] make /etc/init.d/named work again
http://qa.mandrakesoft.com/show_bug.cgi?id=5926
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution||INVALID
--- Additional Comments From [EMAIL PROTECTED] 2003-24-09 10:31 ---
[EMAIL PROTECTED] root]# rpm -q bind --scripts
preinstall scriptlet (using /bin/sh):
/usr/share/rpm-helper/add-user bind $1 named /var/named /bin/false
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
I upgraded to latest version of bind, but
named now fails to load because there's no user named :
--- /etc/init.d/named.bak 2003-09-18 11:21:23.0 +0200
+++ /etc/init.d/named 2003-09-19 18:56:56.0 +0200
@@ -32,7 +32,7 @@
if [ -n ${ROOTDIR} -a x${ROOTDIR} != x/ ]; then
OPTIONS=${OPTIONS} -t ${ROOTDIR}
fi
-daemon named -u named ${OPTIONS}
+daemon named ${OPTIONS}
RETVAL=$?
[ $RETVAL -eq 0 ] touch /var/lock/subsys/named
echo
[Cooker] [Bug 5926] [bind] [PATCH] make /etc/init.d/named work again
http://qa.mandrakesoft.com/show_bug.cgi?id=5926
--- Additional Comments From [EMAIL PROTECTED] 2003-24-09 11:40 ---
http://peoples.mandrakesoft.com/~florin/www/RPMS/cooker
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
I upgraded to latest version of bind, but
named now fails to load because there's no user named :
--- /etc/init.d/named.bak 2003-09-18 11:21:23.0 +0200
+++ /etc/init.d/named 2003-09-19 18:56:56.0 +0200
@@ -32,7 +32,7 @@
if [ -n ${ROOTDIR} -a x${ROOTDIR} != x/ ]; then
OPTIONS=${OPTIONS} -t ${ROOTDIR}
fi
-daemon named -u named ${OPTIONS}
+daemon named ${OPTIONS}
RETVAL=$?
[ $RETVAL -eq 0 ] touch /var/lock/subsys/named
echo
[Cooker] [Bug 5931] [bind] bind's imortal
http://qa.mandrakesoft.com/show_bug.cgi?id=5931
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution||FIXED
--- Additional Comments From [EMAIL PROTECTED] 2003-24-09 11:54 ---
http://peoples.mandrakesoft.com/~florin/www/RPMS/cooker
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
After chrooting bind a service named restart does not seem to kill bind,
Luca Berra suggested that it could be a bug in the killproc routine.
Here's more info:
http://archives.mandrakelinux.com/cooker/2003-09/msg06310.php
http://archives.mandrakelinux.com/cooker/2003-09/msg06319.php
Proposed fix (workaround):
Use /usr/sbin/rndc -c ${ROOTDIR}/etc/rndc.conf stop instead of killproc
named.
This bug is marked as a blocker because QA does not seem to have tested this
at all... (no sane person should run bind unless it is jailed in a chroot)
[Cooker] [Bug 5893] [drakxtools] Connection sharing always disabled
http://qa.mandrakesoft.com/show_bug.cgi?id=5893
--- Additional Comments From [EMAIL PROTECTED] 2003-24-09 12:10 ---
Hi, I need more infos please.
_d_r_a_k_g_w
1. use drakgw and configure your gateway
2. what is the result of the following command ?
grep -v '^$' /etc/shorewall/{zones,interfaces,masq,policy,rules} | grep -v ':#'
_d_r_a_k_f_i_r_e_w_a_l_l
3. use drakfirewall
4. what is the result of the following command ?
grep -v '^$' /etc/shorewall/{zones,interfaces,masq,policy,rules} | grep -v ':#'
cheers,
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
On MDK 9.2RC2 I try to enable internet connection sharing but get no connection
via the client network.
I am using a Speedtouch USB modem as the connection I wish to share.
When I re-check Internet Connection Sharing, I am told it is set up but
currently disabled. I try to enable it but it never does. No error message. It
simply always stays in a disabled state.
I had a similar problem with MDK 9.1 and resolved it by using an IPtables script
instead.
[Cooker] [Bug 5926] [bind] [PATCH] make /etc/init.d/named work again
http://qa.mandrakesoft.com/show_bug.cgi?id=5926
--- Additional Comments From [EMAIL PROTECTED] 2003-24-09 12:14 ---
[EMAIL PROTECTED] root]# grep named /etc/passwd /etc/group
/etc/passwd:named:x:72:72:system user for bind:/var/named:/bin/false
/etc/group:named:x:72:
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
I upgraded to latest version of bind, but
named now fails to load because there's no user named :
--- /etc/init.d/named.bak 2003-09-18 11:21:23.0 +0200
+++ /etc/init.d/named 2003-09-19 18:56:56.0 +0200
@@ -32,7 +32,7 @@
if [ -n ${ROOTDIR} -a x${ROOTDIR} != x/ ]; then
OPTIONS=${OPTIONS} -t ${ROOTDIR}
fi
-daemon named -u named ${OPTIONS}
+daemon named ${OPTIONS}
RETVAL=$?
[ $RETVAL -eq 0 ] touch /var/lock/subsys/named
echo
[Cooker] [Bug 5834] [drakxtools] Initial Cancel button doesn't work
http://qa.mandrakesoft.com/show_bug.cgi?id=5834 [EMAIL PROTECTED] changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution||WORKSFORME --- Additional Comments From [EMAIL PROTECTED] 2003-24-09 15:32 --- It works fine here ... -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: Distribution: Mandrake 9.2 RC2 Language: es_ES, iso-8859-15 Problem: first Cancel button doesn't work.
Re: [Cooker] bind-9.2.3-0.rc4.1mdk
http://peoples.mandrakesoft.com/~florin/www/rpms/cooker
[EMAIL PROTECTED] (Oden Eriksson) writes:
BIND 9.2.3rc4 is now available.
If you have installed BIND 9.1.3-P1, BIND 9.1.3-P2, BIND 9.2.2-P1,
BIND 9.2.2-P2, BIND 9.2.3rc2 or BIND 9.2.3rc3 it is recommended that
you upgrade. These versions generate false postives when applying
delegation-only tests.
If you are using root-delegation-only LV needs to be added to the
exclude list.
e.g.
root-delegation-only exclude { DE; LV; MUSEUM; };
[...]
--- 9.2.3rc4 released ---
1512. [bug] Extend the delegation-only logging to return query
type, class and responding nameserver.
1511. [bug] delegation-only was generating false positives
on negative answers from subzones.
--- 9.2.3rc3 released ---
1510. [func] New view option root-delegation-only. Apply
delegation-only check to all TLDs and root.
Note there are some TLDs that are NOT delegation
only (e.g. DE, LV and MUSEUM) these can be excluded
from the checks by using exclude.
root-delegation-only exclude { DE; LV: MUSEUM; };
1509. [bug] Hint zones should accept delegation-only. Forward
zone should not accept delegation-only.
1508. [bug] Don't apply delegation-only checks to answers from
forwarders.
1507. [bug] Handle BIND 8 style returns to NS queries to parents
when making delegation-only checks.
1506. [bug] Wrong return type for dns_view_isdelegationonly().
New packages:
http://www.deserve-it.com/Cooker/SRPMS/bind-9.2.3-0.rc4.1mdk.src.rpm
http://www.deserve-it.com/Cooker/RPMS/bind-devel-9.2.3-0.rc4.1mdk.i586.rpm
http://www.deserve-it.com/Cooker/RPMS/bind-utils-9.2.3-0.rc4.1mdk.i586.rpm
http://www.deserve-it.com/Cooker/RPMS/bind-9.2.3-0.rc4.1mdk.i586.rpm
Changelog entry:
* Tue Sep 23 2003 Oden Eriksson [EMAIL PROTECTED] 9.2.3-0.rc4.1mdk
- 9.2.3rc4 (fixes bind bugs 1511 and 1512)
* Sat Sep 20 2003 Oden Eriksson [EMAIL PROTECTED] 9.2.3-0.rc3.1mdk
- 9.2.3rc3 (fixes bind bugs 1509, 1508, 1507 and 1506)
- added P3 to make nslookup shut up about possible deprecation, i think
we will notice this ourselves eventually anyhow...
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
Re: [Cooker] bind-9.2.3-0.rc4.1mdk
[EMAIL PROTECTED] (Oden Eriksson) writes: tisdagen den 23 september 2003 12.10 skrev Florin: http://peoples.mandrakesoft.com/~florin/www/rpms/cooker He he he, funny. Will it make it into 9.2? no, that's why I have put these packages on the website ... in the meanwhile ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 5915] [ohphone] OhPhone does not start
http://qa.mandrakesoft.com/show_bug.cgi?id=5915 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2003-23-09 12:04 --- Cooker is frozen ... in the meanwhile .. here you can find the latest package http://peoples.mandrakesoft.com/~florin/www/rpms/cooker/ -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: Hi, the Application start up fails with this message: ohphone: relocation error: ohphone: undefined symbol: _ZTI15H323VideoDevice I think it's due to pwlib or openh323lib. Regards Anes
[Cooker] [Bug 5893] [drakxtools] Connection sharing always disabled
http://qa.mandrakesoft.com/show_bug.cgi?id=5893 --- Additional Comments From [EMAIL PROTECTED] 2003-23-09 13:40 --- please try the following link: http://peoples.mandrakesoft.com/~florin/www/rpms/drak_gw_firewall/ -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: On MDK 9.2RC2 I try to enable internet connection sharing but get no connection via the client network. I am using a Speedtouch USB modem as the connection I wish to share. When I re-check Internet Connection Sharing, I am told it is set up but currently disabled. I try to enable it but it never does. No error message. It simply always stays in a disabled state. I had a similar problem with MDK 9.1 and resolved it by using an IPtables script instead.
[Cooker] [Bug 5846] [icewm] New IceWM is broken
http://qa.mandrakesoft.com/show_bug.cgi?id=5846 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution||WORKSFORME --- Additional Comments From [EMAIL PROTECTED] 2003-22-09 10:48 --- Icewm is used on a daily basis in the RD and it works fine for all of us ... and of course, you must be kidding, the ./icewm/preferences is a custom configuration file, so we are not going to erase with the general one ... what a strange idea !! -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: icewm-1.2.13-0.3.1mdk installed this morning runs but is completely unusable: There is no taskbar/toolbar or any menus available; left, right and middle click of the mouse buttons do nothing. CTRL-ALT-BSPC is disabled or not working(cannot quit X / icewm) requiring user to go to VC and kill the icewm-session. Oddly( since it is in the middle of the preferences file) the DesktopBackgroundImage gets loaded but apparently nothing else. I waited ~ 2 minutes for IceWM to load the first time; normally it takes about 5 seconds to load everything. It worked before the 9-9.2 upgrade _and_ it was working with RC2 version(quite nICEly I will add) before the new cooker version was installed. Probably a config error somewhere(Ima-huntin) but the upgrade should not have done that. Note that someone with only IceWM installed will not have a readily available/usable X system if they get this bug too so I marked it blocker.
[Cooker] [Bug 4424] [drakxtools] Drakefirewall doesn't work with dialup connexion
http://qa.mandrakesoft.com/show_bug.cgi?id=4424 --- Additional Comments From [EMAIL PROTECTED] 2003-22-09 17:56 --- Can you please test the files at http://peoples.mandrakesoft.com/~florin/www/rpms/drak_gw_firewall/ Remark: make sure you backup your existing files first -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: REOPENED creation_date: description: I've got ADSL connexion an an ethernet card (eth0) When using Drakefirewall, shorewall configuration file /etc/shorewall/interfaces is net eth0detect so I cannot surf on Internet (I'm using ppp0). The workaround is to change this line to net ppp0detect and it works but not trivial for a newbie Don't Drakefirewall should ask which interface is use for internet access to enable a right configuration ?
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNB IDIwMDAuOC4zMAIDCncqMAkGBSsOAwIaBQCgggIPMBgGCSqGSIb3DQEJAzEL BgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAzMDkxODE2NTUxOVowIwYJ KoZIhvcNAQkEMRYEFJViktcdWF6wAyOuFG/zVHpdyHVzMFIGCSqGSIb3DQEJ DzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGrBgkrBgEEAYI3EAQxgZ0w gZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQ BgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRD ZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDCncqMIGtBgsqhkiG9w0BCRACCzGBnaCBmjCB kjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UE BxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRp ZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBS U0EgMjAwMC44LjMwAgMKdyowDQYJKoZIhvcNAQEBBQAEggEAw5Rm0ppbjb30 zGw2MR3AjGWLyHoIpdXjTqVO5MhfZLugVvkgc/iY2f/UCfkQy7lRBUcyDarw ukIGHOsDfK0AnFZK2CbbHZVgQfDCBIoC2HMErYQgjCM7sHkV0SqEfW4uJFW4 o1ATlAWgEOaASoDYOSuiIVN5PaeV1zg4Heyopgf7KtA3zsJNOJ5uXNE6ynMm pQii1wDmVJNHeNyyJfYi1ls7Uf3la3/OF4gcRAtG3WcfYMg5l7BUZw9fdHS9 ziuJdZxDJlTodjqb4I+O8KB36/lFWGKflsXf8pZqpBiPAFtQ07LMuAlvpoBD bPP961/S+/Txh6G+jdnpJ44z6I8Fwg== --ms040307020106070405000807-- -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
[EMAIL PROTECTED] (Stefan van der Eijk) writes: This is a cryptographically signed message in MIME format. --ms090903010403020401070506 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit After updating to nss_ldap-211-1mdk I'm getting errors as such: $ ls -l total 68060 ls: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen [EMAIL PROTECTED] stefan]$ ssh kenobi.mandrakesoft.com ssh: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen Anybody else? yes, I have it too ... so I think the best thing will be to go back to the 207 version for the moment ... Florin [EMAIL PROTECTED] 211-1mdk - 211 -=-=-=- --ms090903010403020401070506 Content-Type: application/x-pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=smime.p7s Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH AQAAoIIJODCCAvowggJjoAMCAQICAwp3KjANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmlj YXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0Eg MjAwMC44LjMwMB4XDTAzMDgwMjA3NDYyOFoXDTA0MDgwMTA3NDYyOFowQDEf MB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjEdMBsGCSqGSIb3DQEJ ARYOc3RlZmFuQGVpamsubnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDM24sJxi1DuOCz6MIa3Sdvb0VDHKVmUA+U2nAaKxZINAFAanawKYmQ wgVYbfeMSoo1JVc1/kx6ul20S5fWE2bavjOk9LqLEfwfKwjn/qCf7qSaHXr9 izzp8lCbJF1iC8lNwiInNqrvfSoFgatE+pQtVBuYxQR2wATkByvZ94Ehh/dm ttzXTtMdkdDERr82gOnY/CC2JevKMxKU+FwSQLP7/mVNxsmS3ruddQc89+at YNblIiBYnggoQoAMCqtvlNjyHSe2SDMc6EXthcfySJapVoS7/tbGaZE1+ZZK OWEO7utTW6vghh8ZXUXrDq9toe6uhCaKHPEeHM8S42G4DMghAgMBAAGjKzAp MBkGA1UdEQQSMBCBDnN0ZWZhbkBlaWprLm51MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAyeOHUJR03+LRw7lsrMqb1d1PtTfDdfvbskf86JbF gP+JoemFqaGgGzTcVN8aqK6rpGuAoHVJwlhMIxRtmpVpPGkzEZIc9T03GfuC kxWA4KOiSwW6j1JLgti2jhrl8+k8vBxzSm3jqk8uXSKobfjfOR3xKCo4ZLpo L958/boUN70wggL6MIICY6ADAgECAgMKdyowDQYJKoZIhvcNAQEEBQAwgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNB IDIwMDAuOC4zMDAeFw0wMzA4MDIwNzQ2MjhaFw0wNDA4MDEwNzQ2MjhaMEAx HzAdBgNVBAMTFlRoYXd0ZSBGcmVlbWFpbCBNZW1iZXIxHTAbBgkqhkiG9w0B CQEWDnN0ZWZhbkBlaWprLm51MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAzNuLCcYtQ7jgs+jCGt0nb29FQxylZlAPlNpwGisWSDQBQGp2sCmJ kMIFWG33jEqKNSVXNf5MerpdtEuX1hNm2r4zpPS6ixH8HysI5/6gn+6kmh16 /Ys86fJQmyRdYgvJTcIiJzaq730qBYGrRPqULVQbmMUEdsAE5Acr2feBIYf3 Zrbc107THZHQxEa/NoDp2PwgtiXryjMSlPhcEkCz+/5lTcbJkt67nXUHPPfm rWDW5SIgWJ4IKEKADAqrb5TY8h0ntkgzHOhF7YXH8kiWqVaEu/7WxmmRNfmW SjlhDu7rU1ur4IYfGV1F6w6vbaHuroQmihzxHhzPEuNhuAzIIQIDAQABoysw KTAZBgNVHREEEjAQgQ5zdGVmYW5AZWlqay5udTAMBgNVHRMBAf8EAjAAMA0G CSqGSIb3DQEBBAUAA4GBAMnjh1CUdN/i0cO5bKzKm9XdT7U3w3X727JH/OiW xYD/iaHphamhoBs03FTfGqiuq6RrgKB1ScJYTCMUbZqVaTxpMxGSHPU9Nxn7 gpMVgOCjoksFuo9SS4LYto4a5fPpPLwcc0pt46pPLl0iqG343zkd8SgqOGS6 aC/efP26FDe9MIIDODCCAqGgAwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkq hkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29u c3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZp c2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSsw KQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4X DTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIxCzAJBgNVBAYTAlpB MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNl czEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCB nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3jMypmPHCSVFPtJueCdngcXa iBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHDT6Jl2w36S/HW 3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSb VIoTh/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwx GjAYBgNVBAMTEVByaXZhdGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8C AQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBADGxS0dd+QFx5fVT bF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3UFWobPcN rUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+d AvNa28o89kTqJmmHf0iezqWf54TYyWJirQXGMYID1TCCA9ECAQEwgZowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNB IDIwMDAuOC4zMAIDCncqMAkGBSsOAwIaBQCgggIPMBgGCSqGSIb3DQEJAzEL BgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAzMDkxNzE4MDkyMFowIwYJ KoZIhvcNAQkEMRYEFI2MRW4wzHhD6HINlQpVnTdXJ2bjMFIGCSqGSIb3DQEJ DzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGrBgkrBgEEAYI3EAQxgZ0w gZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQ BgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRD
Re: [Cooker] Re: [CHRPM] icewm-1.2.13-0.3.1mdk
[EMAIL PROTECTED] (Yura Gusev) writes: Florin wrote: Florin can you please remove hardcoded ISO encoding in IceWM themes? whichones ? -=-=-=- Name: icewm Version : 1.2.13 Release : 0.3.1mdk Packager: Florin [EMAIL PROTECTED] -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] nss_ldap-211-1mdk
[EMAIL PROTECTED] (Stefan van der Eijk) writes: [EMAIL PROTECTED] (Stefan van der Eijk) writes: This is a cryptographically signed message in MIME format. --ms090903010403020401070506 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit After updating to nss_ldap-211-1mdk I'm getting errors as such: $ ls -l total 68060 ls: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen [EMAIL PROTECTED] stefan]$ ssh kenobi.mandrakesoft.com ssh: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen Anybody else? yes, I have it too ... so I think the best thing will be to go back to the 207 version for the moment ... Yes, I agree. Leave 211 for after 9.2. Can you try the 211-2mdk package at http://people.mandrakesoft.com/~florin/www/rpms/ldap and tell me if it works for you ? If not, what is your /etc/ldap.conf file ? thank you, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] firewall problems, ports not open
[EMAIL PROTECTED] (Luca Berra) writes:
On Tue, Sep 16, 2003 at 06:15:00PM +0200, Florin wrote:
:
seriuosly i think you meant
grep -v -e '^$' -e '^#' /etc/shorewall/{zones,interfaces,masq,policy,rules}
oups, I meant
grep -v ^$ /etc/shorewall/{zones,interfaces,masq,policy,rules} | grep -v :#
which is still worse than what i suggested, and works with bash but not
zsh.
It really is better to be safe (i.e. quoting strings) than sorry.
L.
Ok wise guy ... than simply discuss on the semantics of the shell commands
instead of giving me the result I asked you for ... maybe you could give
some shell lessons then ... and good luck with your problem.
have a nice day,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
Re: [Cooker] firewall problems, ports not open
[EMAIL PROTECTED] (Luca Berra) writes:
On Mon, Sep 15, 2003 at 06:18:02PM +0200, Florin wrote:
whart is the result of the following command ?
grep -v ^$ /etc/shorewall/{zones,interfaces,masq,policy,rules} | grep -v #:
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.
:
seriuosly i think you meant
grep -v -e '^$' -e '^#' /etc/shorewall/{zones,interfaces,masq,policy,rules}
oups, I meant
grep -v ^$ /etc/shorewall/{zones,interfaces,masq,policy,rules} | grep -v :#
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
Re: [Cooker] firewall problems, ports not open
[EMAIL PROTECTED] (Keld Jørn Simonsen) writes:
Using RC2 drakfirewall I did not get the ports open.
I have configured ssh and 1720 for gnomemeeting, but when I try
a nmap -p 1-2000 localhost these ports do not show up.
Best regards
keld
whart is the result of the following command ?
grep -v ^$ /etc/shorewall/{zones,interfaces,masq,policy,rules} | grep -v #:
cheers,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 4424] [drakxtools] Drakefirewall doesn't work with dialup connexion
http://qa.mandrakesoft.com/show_bug.cgi?id=4424 --- Additional Comments From [EMAIL PROTECTED] 2003-11-09 18:40 --- fixed -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: I've got ADSL connexion an an ethernet card (eth0) When using Drakefirewall, shorewall configuration file /etc/shorewall/interfaces is net eth0detect so I cannot surf on Internet (I'm using ppp0). The workaround is to change this line to net ppp0detect and it works but not trivial for a newbie Don't Drakefirewall should ask which interface is use for internet access to enable a right configuration ?
Re: [Cooker] prelude-0.4.2-7 pb.
[EMAIL PROTECTED] (Oden Eriksson) writes: måndagen den 8 september 2003 21.29 skrev Warly: Florin [EMAIL PROTECTED] writes: [EMAIL PROTECTED] (Warly) writes: guran [EMAIL PROTECTED] writes: Hi [EMAIL PROTECTED] guran]# urpmi prelude Some package requested cannot be installed: prelude-0.4.2-7mdk.i586 (due to unsatisfied libssl.so.0) (Y/n) [EMAIL PROTECTED] guran]# urpmf libssl.so.0 libopenssl0.9.7:/usr/lib/libssl.so.0.9.7 [EMAIL PROTECTED] guran]# Yes prelude is in cooker a very old version I never find time to update Florin propose himself to update it, but I guess he has forgotten. you forgot to assign me the package ... so I don't get the reminders ;o) I'll do it ASAP ... Well it seems that Oden has done the job, maybe could you just have a look at his packages? No, I only did 2 packages, the core as I understand it. I stopped this as I understood Florin was about to do it, or if someone else allready had done it. Well, I think my 2 packages is pretty mandrake'ish and should not need too much fine tuning. These packages are here: http://www.deserve-it.com/Cooker/ ok, I'll finish the job then ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] prelude-0.4.2-7 pb.
[EMAIL PROTECTED] (Warly) writes: guran [EMAIL PROTECTED] writes: Hi [EMAIL PROTECTED] guran]# urpmi prelude Some package requested cannot be installed: prelude-0.4.2-7mdk.i586 (due to unsatisfied libssl.so.0) (Y/n) [EMAIL PROTECTED] guran]# urpmf libssl.so.0 libopenssl0.9.7:/usr/lib/libssl.so.0.9.7 [EMAIL PROTECTED] guran]# Yes prelude is in cooker a very old version I never find time to update Florin propose himself to update it, but I guess he has forgotten. you forgot to assign me the package ... so I don't get the reminders ;o) I'll do it ASAP ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] about shorewall update
[EMAIL PROTECTED] (Jan Ciger) writes: J.A. Magallon wrote: |I guess it depends upon what you're doing. In my case, the default |settings blocked traffic to my gateway, both in and out, and effectively |shut down the network. | | | | I really find more useful a combination of a 5 line iptables | script to do plain forwarding and portsentry. I do not know why portsentry | was killed from the distro. | | So you could separate 'security' from 'internet sharing'. This has nothing to do with internet sharing, this problem happened to me too - shorewall disables also *outgoing* connections from your machine by default. Blocking all incoming things is OK, but outgoing ? That's a bit of an overkill. In a standard msec level, it should just block incoming connections, maybe with the exception of ssh port and allow all outgoing ones, so that you could get a decent configuration out of the box. On higher levels, let's lock down everything, the admin should know what to do to enable it again and a clueless idiot will not put up an unprotected server. Hello, Let's not mix msec and shorewall, shall we ? If you want to allow everything from your own private computer, (firewall or the computer on your private lan) simply change the policy, this can be done in one line ... So I don't understand the point of this discussion ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 5168] [Installation] 9.2 RC1 - strange packets on network
http://qa.mandrakesoft.com/show_bug.cgi?id=5168 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |NEEDINFO Ever Confirmed||1 --- Additional Comments From [EMAIL PROTECTED] 2003-04-09 12:39 --- We are talking about your firewall, right ? Are you using shorewall ? In that case check its configuration ... -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEEDINFO creation_date: description: I just installed MDK 9.2RC1. Every time that I log on, my router sends me an alert which I did not see under 9.1. Actually, I get several of them every time I login on RC1 - 3 or 4 each time. I don't know if this is a problem, or just an annoyance. But, it didn't happen before. Alert Information about Your router Time: Mon Sep 1 20:34:57 2003 Message: **Smurt** ICMP Source: 192.168.2.115, 0 Destination: 192.168.2.255, 0
[Cooker] [Bug 4999] [libkrb51-devel] /usr/include/com_err.h is missing
http://qa.mandrakesoft.com/show_bug.cgi?id=4999 [EMAIL PROTECTED] changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2003-03-09 11:40 --- ok, I have hopefuly fixed it in 3mdk /usr/include/ext2fs/ext2_err.h:#include et/com_err.h /usr/include/ext2fs/ext2fs.h:#include com_err.h /usr/include/ext2fs/ext2fs.h:#include et/com_err.h /usr/include/ss/ss_err.h:#include et/com_err.h /usr/include/kadm5/adb_err.h:#include et/com_err.h /usr/include/kadm5/adb.h:#include et/com_err.h /usr/include/kadm5/admin.h:#include et/com_err.h /usr/include/kadm5/chpass_util_strings.h:#include et/com_err.h /usr/include/kadm5/kadm_err.h:#include et/com_err.h /usr/include/kerberosIV/kadm_err.h:#include et/com_err.h /usr/include/kerberosIV/krb_err.h:#include et/com_err.h /usr/include/profile.h:#include et/com_err.h /usr/include/krb5.h:#include et/com_err.h /usr/include/krb5.h:#include et/com_err.h /usr/include/krb5.h:#include et/com_err.h /usr/include/krb5.h:#include et/com_err.h /usr/include/krb5.h:#include et/com_err.h -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: Hi. I'm trying to rebuild php-kadm5 from contribs on klama but keep getting: gcc -I. -I/home/oden/RPM/BUILD/kadm5-0.2.3 -DPHP_ATOM_INC -I/home/oden/RPM/BUILD/kadm5-0.2.3/include -I/home/oden/RPM/BUILD/kadm5-0.2.3/main -I/home/oden/RPM/BUILD/kadm5-0.2.3 -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/Zend -I/usr/include/php/TSRM -I/usr/include/krb5 -DHAVE_CONFIG_H -O2 -fomit-frame-pointer -pipe -march=i586 -mcpu=pentiumpro -c /home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c -fPIC -DPIC -o kadm5.lo In file included from /home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c:32: /usr/include/kadm5/admin.h:44:28: com_err.h: No such file or directory /home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c: In function `kadm5_error': /home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c:439: warning: deprecated use of label at end of compound statement make: *** [kadm5.lo] Error 1 For some reason this file is missing all of a sudden. I cannot find why looking(skimming) in the CVS online browser. The header file must have been there at some point because I have built php-kadm5-4.3.2_0.2.3-1mdk around Thu Jun 05 2003. Well, anyway the header is present in the krb5-1.3 source, would have been nice if it was present in the krb5-devel package too.
[Cooker] [Bug 5000] [cyrus-imapd-devel] Requires is wrong
http://qa.mandrakesoft.com/show_bug.cgi?id=5000 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2003-03-09 11:48 --- fixed in 3mdk -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: RESOLVED creation_date: description: Hi. This development package should not require cyrus-imapd.
Re: [Cooker] [Bug 4999] [libkrb51-devel] /usr/include/com_err.h is
[EMAIL PROTECTED] (Thierry Vignaud) writes: Buchan Milne [EMAIL PROTECTED] writes: As you see here: /usr/include/kadm5/admin.h:44:28: com_err.h: No such file or directory I cannot edit this file, it's clearly a krb5-devel issue. Sure I can work around it, but that's not the point. The header is present in MDK 9.0 and MDK 9.1 but not in Cooker/9.2. Sure, but in Mandrake 9.0 and 9.1 there was an unnecessary conflict between ext2fs-devel and krb5-devel, which was mentioned at the time we went from kerberos 1.2 to kerberos 1.3. there never were any such conflict in either mdk9.0 or mdk9.1. this conflicts only occured in cooker for a few days. as you signaled it, this conflict happened when updating krb5 in late july, that is quite some time *after* mdk9.1 release. I'm sorry to say this ... but Buchan is right ... :o) -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 4999] [libkrb51-devel] /usr/include/com_err.h is missing
http://qa.mandrakesoft.com/show_bug.cgi?id=4999
[EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution||INVALID
--- Additional Comments From [EMAIL PROTECTED] 2003-29-08 15:12 ---
You simply don't have the %{_includedir}/et directory in your includes path
For your package, simply use the following line ...
%make EXTRA_INCLUDES=-I%{_includedir}/et
--
Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date:
description:
Hi.
I'm trying to rebuild php-kadm5 from contribs on klama but keep getting:
gcc -I. -I/home/oden/RPM/BUILD/kadm5-0.2.3 -DPHP_ATOM_INC
-I/home/oden/RPM/BUILD/kadm5-0.2.3/include
-I/home/oden/RPM/BUILD/kadm5-0.2.3/main -I/home/oden/RPM/BUILD/kadm5-0.2.3
-I/usr/include/php -I/usr/include/php/main -I/usr/include/php/Zend
-I/usr/include/php/TSRM -I/usr/include/krb5 -DHAVE_CONFIG_H -O2
-fomit-frame-pointer -pipe -march=i586 -mcpu=pentiumpro -c
/home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c -fPIC -DPIC -o kadm5.lo
In file included from /home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c:32:
/usr/include/kadm5/admin.h:44:28: com_err.h: No such file or directory
/home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c: In function `kadm5_error':
/home/oden/RPM/BUILD/kadm5-0.2.3/kadm5.c:439: warning: deprecated use of label
at end of compound statement
make: *** [kadm5.lo] Error 1
For some reason this file is missing all of a sudden. I cannot find why
looking(skimming) in the CVS online browser. The header file must have been
there at some point because I have built php-kadm5-4.3.2_0.2.3-1mdk around Thu
Jun 05 2003.
Well, anyway the header is present in the krb5-1.3 source, would have been nice
if it was present in the krb5-devel package too.
Re: [Cooker] Re: Cyrus-imapd 2.1.15 - Too late to get into Cooker?
I have just uploaded the 2.1.15 version .. [EMAIL PROTECTED] (Luca Olivetti) writes: This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --enig78622A72184A8ABE779C9291 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit magic wrote: Luca / Buchan, I just saw where cyrus 2.1.15 was released.e? http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrusmsg=24390 Is there time to get this in into cooker (with all your 2.1.14 patches)? The ipv6 patch is available but the autocreate patch for 2.1.15 isn't available yet (do you remember who wanted that?) and I hadn't the time yet to check if the previous one applies cleanly. Anyway I'm pretty busy with real (note the quotes) work now and I will be for at least one more week, so I hadn't time to build and test 2.1.15. The modifications are minor though. Bye -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: Cyrus-imapd 2.1.15 - Too late to get into Cooker?
[EMAIL PROTECTED] (magic) writes: Florin wrote: I have just uploaded the 2.1.15 version .. Florin, Did you manage to get the autocreate patch in? yep, I have updated the patch and applied it, yes -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] bind-9.2.3-0.rc1.1mdk
Hello there, Did I refuse the ldap patch for bind ? Hm ... I don't remember ... can you point me again to the direction of that patch ? A remark though, I have tried another proposed patch for dhcp-server ... but ... I have some compilation problems ... maybe it's for openldap 1* ... cheers, On 26. August 2003 at 17:02, Florin wrote: Name: bind Version : 9.2.3 Release : 0.rc1.1mdk florin, please, it is possible to add ldap support via sdb backend? it is trivial to patch and i think, that this don't downgrade security of package. one thing which is maybe unaceptable is dependency on libldap2 package. AFAIK, modular concept isn't supported in case of bind, then maybe would be better think support ldap source of zones via rpmbuild option. =20 as we can see, mandrake have excelent ldap support for most applications, bind could be another one. now i running myself patched bind 9.2.2 without any problems. unfortunatelly florin recently refuse my patch in this version, then i try again here :) --=20 member of Advanced InternetWorks group - http://www.ainetworks.sk professional home page - http://tibor.pittich.sk personal home page - http://c0re.phuture.sk --zS7rBR6csb6tI2e1 Content-Type: application/pgp-signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/S47vD+AyEdKmHUQRAqDsAJ93ApIfmZWgzQWoxPkPzsze3ecr6gCgj7FG 0Fa1vIs16IoWm2AX/u+w5gY= =dqIF -END PGP SIGNATURE- --zS7rBR6csb6tI2e1-- -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re2: pam_ldap-164-1mdk - bug report
/tr tr td colspan=2strongfont color=#ffWarning/font: please write in english only/strong /td /tr tr td align=rightstrongSummary:/strong/td td colspan=3input size=60 value=Not updating/changing ldap password name=short_desc /td /tr tr td valign=top align=rightstrongDescription:/strong/td td colspan=3textarea name=comment rows=10 wrap=hard cols=80 In cases where you have a system amp; ldap user (with same uid) the system password is changed, when the ldap password should have been changed (not good)... Not sure exactally where the issue is, but pam_ldap-161-1.1mdk works (in conjunction) with both nss_ldap-204-1.1mdk amp; 207-1mdk. Additional Info: /etc/pam.d/system-auth -- #%PAM-1.0 auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 minlen=2 dcredit=0 ucredit=0 ucredit=0 password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/pam_ldap.so use_authtok password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so /etc/pam.d/passwd - #%PAM-1.0 auth sufficient /lib/security/pam_ldap.so auth required /lib/security/pam_pwdb.so shadow nullok account sufficient /lib/security/pam_ldap.so account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so retry=3 minlen=4 dcredit=0 ucredit=0 password sufficient /lib/security/pam_ldap.so use_authtok password required /lib/security/pam_pwdb.so use_authtok nullok md5 shadow /textarea br /td /tr /tbody /table br br Text version:br br nbsp; In cases where you have a system amp; ldap user (with same uid) the system password is changed, when the ldap password should have been changed (not good)...br br Not sure exactally where the issue is, but pam_ldap-161-1.1mdk works (in conjunction) with both nss_ldap-204-1.1mdk amp; 207-1mdk.br br br Additional Info:br /etc/pam.d/system-authbr --br #%PAM-1.0br authnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp;nbsp; /lib/security/pam_env.sobr authnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp; sufficientnbsp;nbsp;nbsp; /lib/security/pam_unix.so likeauth nullokbr authnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp; sufficientnbsp;nbsp;nbsp; /lib/security/pam_ldap.so use_first_passbr authnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp;nbsp; /lib/security/pam_deny.sobr br accountnbsp;nbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp;nbsp; /lib/security/pam_unix.sobr accountnbsp;nbsp;nbsp;nbsp; sufficientnbsp;nbsp;nbsp; /lib/security/pam_ldap.sobr br passwordnbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp;nbsp; /lib/security/pam_cracklib.so retry=3 minlen=2 dcredit=0nbsp; ucredit=0 ucredit=0br passwordnbsp;nbsp;nbsp; sufficientnbsp;nbsp;nbsp; /lib/security/pam_unix.so nullok use_authtok md5 shadowbr passwordnbsp;nbsp;nbsp; sufficientnbsp;nbsp;nbsp; /lib/security/pam_ldap.so use_authtokbr passwordnbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp;nbsp; /lib/security/pam_deny.sobr br sessionnbsp;nbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp;nbsp; /lib/security/pam_limits.sobr sessionnbsp;nbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp;nbsp; /lib/security/pam_unix.sobr br /etc/pam.d/passwdbr -br #%PAM-1.0br authnbsp;nbsp;nbsp;nbsp;nbsp;nbsp; sufficientnbsp;nbsp; /lib/security/pam_ldap.sobr authnbsp;nbsp;nbsp;nbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp; /lib/security/pam_pwdb.so shadow nullokbr br accountnbsp;nbsp;nbsp; sufficientnbsp;nbsp; /lib/security/pam_ldap.sobr accountnbsp;nbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp; /lib/security/pam_pwdb.sobr br passwordnbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp; /lib/security/pam_cracklib.so retry=3 minlen=4 dcredit=0 ucredit=0br passwordnbsp;nbsp; sufficientnbsp;nbsp; /lib/security/pam_ldap.so use_authtokbr passwordnbsp;nbsp; requirednbsp;nbsp;nbsp;nbsp; /lib/security/pam_pwdb.so use_authtok nullok md5 shadowbr br /body /html --080204070108020107050403-- -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] Re: cyrus-imapd-2.1.4-2mdk
I'm working on the new kerberos packages and I will use these options --with-system-et \ --with-system-ss \ ... so the problem will be solved .. I doesn't compile for the moment so I have to do some more digging ... then I will update the sasl stuff ... Buchan Milne [EMAIL PROTECTED] writes: On Sat, 19 Jul 2003, Luca Olivetti wrote: I just uploaded to ftp://ftp.linux-mandrake.com/incoming cyrus-imapd-2.1.14-2mdk. It's also available (as ever) at http://perso.wanadoo.es/olivetti/cyrus/ with binaries rpms for 8.2/9.0/9.1 (buchan, these are not good for you, since the 9.1 one is compiled with libdb4.0 and IIRC you're experimenting with 4.1, anyway the srpm should do, since it incorporates your changes). Florin, I noticed that in your spec file you removed the buildrequire for e2fsprogs, why? (look at the changelog: I removed it too once but readded it in 2.1.5-2mdk since it is necessary to find the headers for the system libcom_err, otherwise cyrus would compile its own replacement). I think recent krb5-devel provides headers for libcom_err (actually conflicts with libext2fs2-devel IIRC). I guess ideally libcom_err should be split out? Speaking of kerberos, I see 1.3 final is out now. There are some advantages to compiling samba3 against kerberos 1.3 ... Florin, any chance you can update to it? Regards, Buchan -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] Re: cyrus-imapd-2.1.4-2mdk
Buchan Milne [EMAIL PROTECTED] writes: On Sat, 19 Jul 2003, Luca Olivetti wrote: I just uploaded to ftp://ftp.linux-mandrake.com/incoming cyrus-imapd-2.1.14-2mdk. It's also available (as ever) at http://perso.wanadoo.es/olivetti/cyrus/ with binaries rpms for 8.2/9.0/9.1 (buchan, these are not good for you, since the 9.1 one is compiled with libdb4.0 and IIRC you're experimenting with 4.1, anyway the srpm should do, since it incorporates your changes). Florin, I noticed that in your spec file you removed the buildrequire for e2fsprogs, why? (look at the changelog: I removed it too once but readded it in 2.1.5-2mdk since it is necessary to find the headers for the system libcom_err, otherwise cyrus would compile its own replacement). I think recent krb5-devel provides headers for libcom_err (actually conflicts with libext2fs2-devel IIRC). I guess ideally libcom_err should be split out? The devel conflicts are in the distro for some time now ... maybe a good solution would be to take the libs and create a lib package and put the right conflicts into it ... Speaking of kerberos, I see 1.3 final is out now. There are some advantages to compiling samba3 against kerberos 1.3 ... Florin, any chance you can update to it? Regards, Buchan -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] prelude?
[EMAIL PROTECTED] (Warly) writes: Michael Scherer [EMAIL PROTECTED] writes: On Tuesday 15 July 2003 21:16, Per Øyvind Karlsen wrote: prelude in cooker is ancient and won't even rebuild, is there any plans on fixing/updating this one..? http://www.prelude-ids.org/ the problem was a licensing issue, IIRC. and, someone said that prelude will change its license and be linkeable with openssl, so, one day, prelude will come bask Just need to add honeyd-sensor, libsafe-sensor and so on. If anybody volunteer to update it, I would gracefully thank her. Laurent once said he would like. Now that he has the net back home, maybe will he? I'm already packaging snort ... so I can take it ... if you want ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] [BUG] squid-2.5.STABLE3-1
Norman Zhang [EMAIL PROTECTED] writes: Hi, Florin wrote: The latest squid-2.5.STABLE3 from http://www.squid-cache.org/ allows users to tied authentication with winbind for selective usergroups to access the web. This can be compiled with --enable-external-acl-helpers=winbind_group. Unfortunately this not available for squid-2.5.STABLE2-2 from cooker. Are there plans to upgrade the RPM in cooker with this particular option enabled? sure, I'll do it ASAP, [EMAIL PROTECTED] nzhang]# rpm -Uvh squid-2.5.STABLE2-2mdk.i586.rpm Preparing...### [100%] 1:squid ### [100%] [EMAIL PROTECTED] nzhang]# rpm -Uvh squid-2.5.STABLE3-1mdk.i586.rpm error: failed dependencies: perl(Authen::Smb::Smb) is needed by squid-2.5.STABLE3-1mdk Regards, Norman I have noticed that ... how come we didn't have this message before ... or maybe this package has just gone from the distro ... Maybe I should add the perl-Auth-Smb package ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [Contrib-Rpm] cyrus-imapd-2.1.14-1mdk
Luca Olivetti [EMAIL PROTECTED] writes: Florin wrote: %changelog +* Wed Jul 16 2003 Florin [EMAIL PROTECTED] 2.1.14-1mdk +- 2.1.14 +- add mbexamine + * Sun Apr 27 2003 Luca Olivetti [EMAIL PROTECTED] 2.1.12-7mdk - removed cyrus user creation on build host - cvt_cyrusdb_all script (source15) now uses 'file --version' to Mmm, isn't this missing the fixes and adjustments I made in 2.1.13-1mdk, 2.1.13-2mdk and buchan made in 2.1.13-3mdk? (note that patch11 should be no longer needed with 2.1.14): Maybe so ... but the problem you don't seem to use our package ... but your own ... so I have always problems with the changelogs ... and the diffs ... * Wed Jun 18 2003 Buchan Milne [EMAIL PROTECTED] 2.1.13-3mdk - Require perl-devel - Don't require libdb4.0, 9.0 and later should do auto-requires. - Compiled against db4.1, sasl2 * Tue Jun 10 2003 Luca Olivetti [EMAIL PROTECTED] 2.1.13-2mdk - default location for ssl certificates moved to /etc/ssl/cyrus-imapd/ - added patch 11 to fix problems with berkeley db 4.1 * Wed May 09 2003 Luca Olivetti [EMAIL PROTECTED] 2.1.13-1mdk - 2.1.13 (bug fix and security audit release) - changed the obsolete Prereq syntax to Requires(pre,post,preun,postun) - changed as well BuildPrereq to BuildRequires - added missing Requires(pre,post,preun,postun) (fixes bug 3838) - added Conflicts: courier-imap to make distlint happy (I don't like to have this conflict but...) - patch to select syslog facility (now using mail instead of local6) - removed logrotate script - some ideas/fixes taken from Simon Matters' redhat package: cron.daily job to backup mailboxes.db updated cvt_cyrusdb_all changed exec path to /usr/lib/cyrus-imapd added murder package added forcedowncase and munge8bit patches added build time options for full directory hash and idled Bye -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] squid-2.5.STABLE3
Norman Zhang [EMAIL PROTECTED] writes: Hi, The latest squid-2.5.STABLE3 from http://www.squid-cache.org/ allows users to tied authentication with winbind for selective usergroups to access the web. This can be compiled with --enable-external-acl-helpers=winbind_group. Unfortunately this not available for squid-2.5.STABLE2-2 from cooker. Are there plans to upgrade the RPM in cooker with this particular option enabled? Regards, Norman sure, I'll do it ASAP, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Requires cyrus-sasl
David Walser [EMAIL PROTECTED] writes: There are some packages that have a Requires: cyrus-sasl, but don't those things really only require libsasl2? cyrus-sasl would only actually be needed if you're actually gonna use sasl authentication right? Even in that case, would it even need to be on every machine using sasl authentication? Right ... you only need the libsasl requires ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker-firewall] Does MNF support 5 network cards?
Hi, I was wondering if MNF (with all current software updates applied) supports the use of a fifth network card. I have four cards configured and working properly, but attempts to configure an additional card have failed. I have tried four different brands of cards (two of which use the common 'tulip' driver) in both of the remaining PCI slots, but a fifth card is not detected automatically by MNF, nor when I try to manually configure it with the web-based front end. please use [EMAIL PROTECTED] for MNF questions ... But let's go back to those sheep ... simply edit, by hand the /var/lib/naat/configuration file and add the fith card variables. For example, if you see Eth3IP= than also add an extra line called Eth4IP= and so on Thank you in advance for any help. Bye, Phil -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] Re: icewm
Per Øyvind Karlsen [EMAIL PROTECTED] writes: I updated the icewm rpms, but I ran into problems with the menu items, the text won't show up in the menu, therefore I did'nt want to upload them, but if you or anyone else would like to merge my changes and fix it the rpms are available: Hello, What text are we talking about ? Did you make sure to remove your ~/.icewm own options in order to not overwrite the package menu ? http://terror.sintrax.net/~hawkeye/icewm/icewm-1.2.9-1mdk.i586.rpm http://terror.sintrax.net/~hawkeye/icewm/icewm-1.2.9-1mdk.src.rpm http://terror.sintrax.net/~hawkeye/icewm/icewm-gnome-1.2.9-1mdk.i586.rpm http://terror.sintrax.net/~hawkeye/icewm/icewm-light-1.2.9-1mdk.i586.rpm * Thu Jul 03 2003 Per Ãyvind Karlsen [EMAIL PROTECTED] 1.2.9-1mdk 1.2.9 use double %%'s in changelog to avoid macros gettin expanded updated url rm -rf $RPM_BUILD_ROOT at the beginning of %%install regenerated P0 dropped P5 remove the programs file drop FAQ* from %%doc add the icewmtray file -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Re: [CHRPM] pwlib-1.5.0-9mdk
[EMAIL PROTECTED] (Oden Eriksson) writes: torsdagen den 3 juli 2003 15.24 skrev Frederic Crozat: On Thu, 03 Jul 2003 15:14:31 +0200, Oden Eriksson wrote: torsdagen den 3 juli 2003 12.30 skrev Frederic Crozat: On 9.1: I don't support 9.1 :)) I want it to work as the versions in 9.1 won't. you're trying to say that gnomemeeting doesn't work on 9.1 ? Executing(0nstall): /bin/bash -e /home/oden/RPM/temp/rpm-tmp.23500 + umask 022 + cd /home/oden/RPM/BUILD + cd pwlib-1.5.0 + rm -rf /home/oden/RPM/temp/pwlib-1.5.0-9mdk-root + install -d /home/oden/RPM/temp/pwlib-1.5.0-9mdk-root/usr/lib /home/oden/RPM/temp/pwlib-1.5.0-9mdk-root/usr/include/ptclib /home/oden/RPM/temp/pwlib-1.5.0-9mdk-root/usr/include/ptlib/unix/ptlib /home/oden/RPM/temp/pwlib-1.5.0-9mdk-root/usr/bin /home/oden/RPM/temp/pwlib-1.5.0-9mdk-root/usr/share/pwlib + make PREFIX=/home/oden/RPM/temp/pwlib-1.5.0-9mdk-root/usr install make/ptlib.mak:42: /usr/share/pwlib/make/common.mak: No such file or directory make: *** No rule to make target `/usr/share/pwlib/make/common.mak'. Stop. error: Bad exit status from /home/oden/RPM/temp/rpm-tmp.23500 (0nstall) It build fine here... Did you have an old version of pwlib installed on your system or not ? No. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] opengk-1.1.1-1mdk
Hello, There is a new pwlib and a new openh323 that will sonn be updated in cooker, then I will be able to rebuild opengk ... Oden Eriksson [EMAIL PROTECTED] writes: Hi. On 9.1: urpmi opengk To satisfy dependencies, the following packages are going to be installed (12 MB): opengk-1.1.1-1mdk.i586 openh323_1-1.11.2-5mdk.i586 pwlib1-1.4.7-3mdk.i586 Is this OK? (Y/n) installing /home/Mandrake-9.1/Mandrake/RPMS2/pwlib1-1.4.7-3mdk.i586.rpm /home/Mandrake-9.1/Mandrake/RPMS3/opengk-1.1.1-1mdk.i586.rpm /home/Mandrake-9.1/Mandrake/RPMS2/openh323_1-1.11.2-5mdk.i586.rpm Preparing...## 1:pwlib1 ## 2:openh323_1 ## 3:opengk ## /usr/bin/opengk: relocation error: /usr/bin/opengk: undefined symbol: __ti5PHTML ??? And as a side note, I tried several hours yesterday to update all of the apps from http://www.openh323.org/ using the cooker src rpms on my local machine, but failed. I think this is the strangest stuff I have ever touched..., the build mechanism is a mess... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] Re: opengk-1.1.1-1mdk
Hi, The problem is that pwlib and openh323 are the main libraries required for these applications ... and this is synchronised with gnomemeeting. This last package often brings some patches to the libraries and do not always uses the latest libraries packages. Openmcu, opengk, ohphone always depend on the latest libraries versions ... so sometimes we cannot recompile ... until the next pwlib-openh323-gnomemeeting versions ... I'm not sure I make myself clear here ... Oden Eriksson [EMAIL PROTECTED] writes: Hi. On 9.1: urpmi opengk To satisfy dependencies, the following packages are going to be installed (12 MB): opengk-1.1.1-1mdk.i586 openh323_1-1.11.2-5mdk.i586 pwlib1-1.4.7-3mdk.i586 Is this OK? (Y/n) installing /home/Mandrake-9.1/Mandrake/RPMS2/pwlib1-1.4.7-3mdk.i586.rpm /home/Mandrake-9.1/Mandrake/RPMS3/opengk-1.1.1-1mdk.i586.rpm /home/Mandrake-9.1/Mandrake/RPMS2/openh323_1-1.11.2-5mdk.i586.rpm Preparing...## 1:pwlib1 ## 2:openh323_1 ## 3:opengk ## /usr/bin/opengk: relocation error: /usr/bin/opengk: undefined symbol: __ti5PHTML ??? And as a side note, I tried several hours yesterday to update all of the apps from http://www.openh323.org/ using the cooker src rpms on my local machine, but failed. I think this is the strangest stuff I have ever touched..., the build mechanism is a mess... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Postfix sasl
[EMAIL PROTECTED] (Pierre BETOUIN) writes: It seems that postfix (package 9.1) is broken for sasl support. I'll try to make a bug report (bugzilla) as soon as possible. Postfix uses libsasl2-* but plugins are threated with libsasl7-plug*... Cooker package doesn't work : same problem. Regards. so what would you recommend ? Pierre BETOUIN Le jeu 26/06/2003 =E0 12:19, Florin a =E9crit : ([EMAIL PROTECTED])[~]- /RPMS/*sasl*=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 /RPMS/cyrus-sasl-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-plug-p= lain-2.1.13-2mdk.i586.rpm /RPMS/cyrus-sasl-debug-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-plug-s= asldb-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-plug-s= rp-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-devel-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-1.5.28= -6mdk.i586.rpm /RPMS/libsasl2-plug-anonymous-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-a= nonymous-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-crammd5-2.1.13-2mdk.i586.rpm/RPMS/libsasl7-plug-c= rammd5-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-digestmd5-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-d= igestmd5-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-gssapi-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-g= ssapi-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-login-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-l= ogin-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-ntlm-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-p= lain-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-otp-2.1.13-2mdk.i586.rpm --=20 Pierre BETOUIN GnuPG key : lynx -dump perso.club-internet.fr/unsignedchr/GnupgKey.asc | gpg --import --=-q3ZKgCTx4WyGcq65Jwrp Content-Type: application/pgp-signature; name=signature.asc Content-Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?= -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQA+/EYSLNWSQpTZyyMRAlZqAJ958TG9/KsCPk4b8zzwh7PpZxBJTACdF/Q4 miKtl8xwLYq9MuUKHJqSJ00= =10NB -END PGP SIGNATURE- --=-q3ZKgCTx4WyGcq65Jwrp-- -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Postfix sasl
[EMAIL PROTECTED] (Pierre BETOUIN) writes: --=-kfCsqXnPC9xnCUhTdZVj Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hello, Why can't we find the directory /usr/lib/sasl when cyrus-sasl and postfix are both installed ? what cyrus-sasl are we talking about ? I was thinking to enable sasl support in postfix (http://www.mandrakesecure.net/en/docs/postfix-sasl.php) but it seems to be strange, isn't it ?) Thx. Pierre --=20 Pierre BETOUIN GnuPG key : lynx -dump perso.club-internet.fr/unsignedchr/GnupgKey.asc | gpg --import --=-kfCsqXnPC9xnCUhTdZVj Content-Type: application/pgp-signature; name=signature.asc Content-Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?= -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQA++sizLNWSQpTZyyMRAsQdAJ92+oFPRB9tgGgJJjrAFbgNgKNjfgCfZQ/V Hfl3A4tO4NU1VOpwJt38Sh4= =JFG6 -END PGP SIGNATURE- --=-kfCsqXnPC9xnCUhTdZVj-- -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Postfix sasl
([EMAIL PROTECTED])[~]- /RPMS/*sasl* /RPMS/cyrus-sasl-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-plug-plain-2.1.13-2mdk.i586.rpm /RPMS/cyrus-sasl-debug-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-plug-sasldb-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-plug-srp-2.1.13-2mdk.i586.rpm /RPMS/libsasl2-devel-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-anonymous-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-anonymous-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-crammd5-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-crammd5-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-digestmd5-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-digestmd5-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-gssapi-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-gssapi-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-login-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-login-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-ntlm-2.1.13-2mdk.i586.rpm /RPMS/libsasl7-plug-plain-1.5.28-6mdk.i586.rpm /RPMS/libsasl2-plug-otp-2.1.13-2mdk.i586.rpm [EMAIL PROTECTED] (Pierre BETOUIN) writes: --=-kfCsqXnPC9xnCUhTdZVj Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hello, Why can't we find the directory /usr/lib/sasl when cyrus-sasl and postfix are both installed ? I was thinking to enable sasl support in postfix (http://www.mandrakesecure.net/en/docs/postfix-sasl.php) but it seems to be strange, isn't it ?) Thx. Pierre --=20 Pierre BETOUIN GnuPG key : lynx -dump perso.club-internet.fr/unsignedchr/GnupgKey.asc | gpg --import --=-kfCsqXnPC9xnCUhTdZVj Content-Type: application/pgp-signature; name=signature.asc Content-Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?= -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQA++sizLNWSQpTZyyMRAsQdAJ92+oFPRB9tgGgJJjrAFbgNgKNjfgCfZQ/V Hfl3A4tO4NU1VOpwJt38Sh4= =JFG6 -END PGP SIGNATURE- --=-kfCsqXnPC9xnCUhTdZVj-- -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] shorewall error?
Jiøí Èerný [EMAIL PROTECTED] writes: Hi, after upgrading of shorewall to shorewall-1.4.4b-1mdk I got this error (important part of it): Masqueraded Subnets and Hosts: iptables: Invalid argument Processing /etc/shorewall/stop ... Processing /etc/shorewall/stopped ... /sbin/service: line 148: 17950 Terminated $debug $servicedir/$service $options this is caused by line eth0 eth1 in masq file. Do you know where s problem? have you tried shorewall check ? thanks, Jiri Cerny -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] Postfix auth using saslauthd - pam
Warly [EMAIL PROTECTED] writes: Guillaume Cottenceau [EMAIL PROTECTED] writes: [EMAIL PROTECTED] writes: I think changing to sasl2 in postfix was a bit premature, since the dependencies are quite complex ... this is AFAIK how it works: Openldap, postfix, cyrus, should be compiled against the same libsasl. Openldap, sasl should be compiled against the same version of db4, and they Buildrequire each other. Since postfix will segfault if two different sasl versions are used together when using ldap, maybe sasl1 should be simply removed from cooker, what do you think warly? That way, it will prevent from bad bugreports of segfaults, and force people to rebuild faster :). Is there anything that should still badly need sasl1 in the 9.2? AFAIK we tried but failed for 9.1 cos of some Florin packages, Florin, can you confirm? openldap still depends on libsasl1 ... we will eventually upgrade openldap, make sure that everything works ... and maybe move sasl1 in the contribs or get rid of it ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] kerberized telnetd and ftpd
Tibor Pittich [EMAIL PROTECTED] writes: hello i would like again open discussion about $subj. in fact, we have in mandrake distro started from 8.0 kerberized telnet and ftp services. it is ok, for kerberized networks, but i think that this isn't optimal for most of mandrake servers.. my general argument, why these packages could be replaced with non kerberized versions is that these kerberized services don't have pam support and this is general inconsistency in fully pam-ified distro, as mandrake is. i nominate for non kerberized ftp client my likemftp package which is in contrib. this is solid ftp client, which is default client into netbsd distribution i don't know, what telnet daemons is available with pam functionality, but i hope that only one must exists :) but your package will not support kerberos authentication, right ? so, if we move it in the main distro ... we will have to rename the existing ftp package. Maybe you would like to move entire kerberos in the contribs ... but the krb5libs are required for plenty of packages ... so, any ideas, solutions ? -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] kerberized telnetd and ftpd
yes, this is true, but it don't want support kerberos :) maybe you don't want kerberized packages ... so, if we move it in the main distro ... we will have to rename the existing ftp package. Maybe you would like to move entire kerberos in the contribs ... but the krb5libs are required for plenty of packages ... so, any ideas, solutions ? my idea is: recompile all these packages without kerberos support and make decision about policy that we don't want kerberized packages into main. after this, move all main krb (libs + apps) stuff to contrib. if someone want kerberized version, then he can rebuild packge --with-krb or similar.. so your idea would be to remove all kerberos in the contribs ... recompile all the packages without kerberos ... the eventually recompile them again if somebody want them ... remove kerberos support at install ... and move your ftpsomething package from contrib to main ? hmm, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] kerberized telnetd and ftpd
add a pam_krb5 module to pam package (this module exist, check: http://www.kernel.org/pub/linux/libs/pam/modules.html - Kerberos) and implement kerberos authentication mechanism via pam, not via directly linking kerberos libs into daemons.. /contrib/RPMS/pam_krb5-1.56-2mdk.i586.rpm i think this is crystal clear solution to non kerberized enviroment. if someone want krb5, then change configuration of desired application and add this into pam configuration file (this is similar like ldap authorization, or sql or radius, or something else..) ... and move your ftpsomething package from contrib to main ? this is not required :) it was only my tip to default ftp client only. i only want to tell, that i think: directly linked kerberos libraries into apps isn't clear solutions and systematic for some systems which want krb5 support.. it can be optionally, not by default.. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 3282] [xli] xloadimage binary is missing from xli package
http://qa.mandrakesoft.com/show_bug.cgi?id=3282 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |NEEDINFO --- Additional Comments From [EMAIL PROTECTED] 2003-03-24 16:10 --- this is fixed now ... and might be uploaded in cooker soon eventually --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEEDINFO creation_date: description: The xloadimage binary is missing from the xli package. This is required by gpg (gnupg) to add a JPG photo to a key. xli provides xloadimage, but doesn't include it in the package.
[Cooker] [Bug 3350] [squid] Error in squid.conf after Drakwizard configuration
http://qa.mandrakesoft.com/show_bug.cgi?id=3350 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |NEEDINFO --- Additional Comments From [EMAIL PROTECTED] 2003-03-17 12:10 --- I'm only responsible for the squid package but not for the wizard stuff ... --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEEDINFO creation_date: description: I installed squid from drakwizard and I choosed to use 8080 port. When I launch squid service it's OK, but when I stop service I've got the message Arrêt de squid : 2003/03/15 18:37:24| parseConfigFile: line 1594 unrecognized: '8080# icp_port'. The error is line 1594 into /etc/squid/squid.conf
[Cooker] [Bug 2128] [shorewall] Drakefirewall doesn't work with dialup connexion
http://qa.mandrakesoft.com/show_bug.cgi?id=2128 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |NEEDINFO --- Additional Comments From [EMAIL PROTECTED] 2003-03-13 13:50 --- you're supposed to use drakfirewall and then use drakgw ... and you will be asked for the net interface ... --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEEDINFO creation_date: description: I've got ADSL connexion an an ethernet card (eth0) When using Drakefirewall, shorewall configuration file /etc/shorewall/interfaces is net eth0detect so I cannot surf on Internet (I'm using ppp0). The workaround is to change this line to net ppp0detect and it works but not trivial for a newbie Don't Drakefirewall should ask which interface is use for internet access to enable a right configuration ?
[Cooker] drakgw
Hello,
I've made a small modification to the /usr/sbin/drakgw file:
1. manual modifications
the line
if_(@cards 1, loc_interface = [ grep { $_ ne $device } @cards ]),
has to be replaced with
loc_interface = [ grep { $_ ne $device } @cards ],
and the line
my $internal_domain_name =
network::network::read_dhcpd_conf()-{domain_name}[0] ||=
network::network::read_resolv_conf_raw()-{nameserver}[0] ||=
homeland.net;
has to be replace with
my $internal_domain_name = network::network::read_dhcpd_conf()-{domain_name}[0] ||=
network::network::read_resolv_conf_raw()-{search}[0] ||= homeland.net;
2. or get the latest drakgw file from:
http://cvs.mandrakesoft.com/cgi-bin/cvsweb.cgi/gi/perl-install/standalone/drakgw
3. or wait and get the latest drakxtools-newt package
hope it helps,
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 2648] [shorewall] shorewall disable any ppp connectivity
http://qa.mandrakesoft.com/show_bug.cgi?id=2648 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |NEEDINFO --- Additional Comments From [EMAIL PROTECTED] 2003-03-11 18:30 --- please retrieve the latest /usr/sbin/drakgw file : http://cvs.mandrakesoft.com/cgi-bin/cvsweb.cgi/gi/perl-install/standalone/drakgw --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEEDINFO creation_date: description: After enabling shorewall, (and enabling all the services proposeb by default) i can use ethernet connection, but ppp connexion stop to work. ppp atblishies the link, but that's all.
[Cooker] [Bug 3121] [drakconf] Accidental use of DrakGW causes LAN internet connection to fail irrepairably
http://qa.mandrakesoft.com/show_bug.cgi?id=3121 [EMAIL PROTECTED] changed: What|Removed |Added Status|UNCONFIRMED |NEEDINFO --- Additional Comments From [EMAIL PROTECTED] 2003-03-11 18:30 --- please retrieve the latest /usr/sbin/drakgw file : http://cvs.mandrakesoft.com/cgi-bin/cvsweb.cgi/gi/perl-install/standalone/drakgw --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEEDINFO creation_date: description: Several of my friends had this bug as well in mandrake 9. If someone with one ethernet card attempts to run drakgw to share internet on a LAN (dhcp) internet connection, then it results in the internet no longer being available. If one attempts to disable Internet Connection Sharing, then one still can't get online. Also, on reboot Mandrake Control Center reports Internet Connection Sharing to be still on. In Mnadrake 9.0 it was possible to get back online after disabling ICS, but on reboot it would be enabled again. In the 9.1 RC2 I found that the internet was unaccessable even after manually disabling ICS. A linux n00b pointed this out after thinking Sharing the internet connection would allow him to see other windoze computers on the network. Maybe word this wizard a bit clearer.
[Cooker] [Bug 342] [kernel] drakfirewall entries listed twice (not fully superimposed)
http://qa.mandrakesoft.com/show_bug.cgi?id=342 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |NEEDINFO --- Additional Comments From [EMAIL PROTECTED] 2003-03-11 18:30 --- please retrieve the latest /usr/sbin/drakgw file : http://cvs.mandrakesoft.com/cgi-bin/cvsweb.cgi/gi/perl-install/standalone/drakgw --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEEDINFO creation_date: description: During installation, the default setting for my computer was ENABLE ALL. In that case all options were listed twice, and not fully superimposed. Like having too much to drink. Unchecking ENABLE ALL made one of the layers go away. Checking/unchecking showed reproducible results
[Cooker] [Bug 2648] [shorewall] shorewall disable any ppp connectivity
http://qa.mandrakesoft.com/show_bug.cgi?id=2648 --- Additional Comments From [EMAIL PROTECTED] 2003-03-07 11:40 --- this won't be fixed ... --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: UNCONFIRMED creation_date: description: After enabling shorewall, (and enabling all the services proposeb by default) i can use ethernet connection, but ppp connexion stop to work. ppp atblishies the link, but that's all.
[Cooker] [Bug 1222] [dhcpcd] namserver not set when using dhcp
http://qa.mandrakesoft.com/show_bug.cgi?id=1222
--- Additional Comments From [EMAIL PROTECTED] 2003-03-07 18:50 ---
ok, this is fixed now ...
make sure that the /sbin/dhclient-script file is like this :
function make_resolv_conf() {
if [ -n $new_domain_name -o -n $new_domain_name_servers ]; then
[ -n $new_domain_name ] echo search $new_domain_name /etc/resolv.conf
for nameserver in $new_domain_name_servers; do
or wait for the next dhcp-client package ...
--- You are receiving this mail because: ---
You are on the CC list for the bug, or are watching someone who is.
--- Reminder: ---
assigned_to: [EMAIL PROTECTED]
status: NEW
creation_date:
description:
domainname is set but no nameserver entry is created in resolv.conf. (DHCP is
being served from MNF 8.2) Non 9.1 clients are working fine.
[Cooker] Re: Wrong / missing dependencies
Olivier Thauvin [EMAIL PROTECTED] writes:
L'installation a échoué:
ImageMagick == 5.5.4.4-6mdk est nécessaire à perl-Magick-5.5.4.4-6mdk
libsasl%{major} est nécessaire à cyrus-sasl-2.1.10-3mdk
libphp_common430 == 430-10mdk est nécessaire à php-cgi-4.3.1-10mdk
Florin: you're in cc about libsasl ;)
thanks, this should be fixed in the 4mdk release ... sorry for the typo
--
Florin http://www.mandrakesoft.com
http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 2707] [gnomemeeting] Error while opening video device
http://qa.mandrakesoft.com/show_bug.cgi?id=2707 --- Additional Comments From [EMAIL PROTECTED] 2003-03-06 11:30 --- this is due to a kernel module modification ... --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: UNCONFIRMED creation_date: description: When I go to run GnomeMeeting in 9.1, as it always worked with my USB webcam in 9.0, it begins to try and open the video device but always gives me this error in 9.1: Error while opening video device /dev/video0, channel 0. The chosen Video Image will be transmitted during calls. If you didn't choose any image, then the default GnomeMeeting logo will be transmitted. Notice that you can always transmit a given image or the GnomeMeeting logo by choosing Picture as video device. Your driver doesn't support the YUV420P format. Please check your kernel driver documentation in order to determine which Palette is supported. Set it as GnomeMeeting default with: gconftool --set /apps/gnomemeeting/devices/color_format YOURPALETTE --type string Not sure why this is, but thought I'd mention it, since it never said this in 9.0
Re: [Cooker] [Bug 2648] [shorewall] shorewall disable any ppp connectivity
oh, ok, sorry for asking ... Greg Meyer [EMAIL PROTECTED] writes: On Wednesday 05 March 2003 04:32 am, Florin wrote: is that a bug ? I was not reporting a bug, I was trying to help out by attempting to verify the bug and was not able to, so I commented about it. Cheers /g [EMAIL PROTECTED] (cybercfo) writes: http://qa.mandrakesoft.com/show_bug.cgi?id=2648 --- Additional Comments From [EMAIL PROTECTED] 2003-03-05 04:29 --- I had to manually install shorewall and iptables, but I was not able to reproduce this. I was able to conenct to the external network and a scan of the cooker pc by another host on the network shows all ports stealthed. --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: UNCONFIRMED creation_date: description: After enabling shorewall, (and enabling all the services proposeb by default) i can use ethernet connection, but ppp connexion stop to work. ppp atblishies the link, but that's all. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] [Bug 2678] [drakconf] The internet-sharing doesn't work after restart
http://qa.mandrakesoft.com/show_bug.cgi?id=2678 --- Additional Comments From [EMAIL PROTECTED] 2003-03-04 21:30 --- make sure you have got the latest shorewall and drakxtools-newt packages. what is the result of the chkconfig --list shorewall command ? --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: UNCONFIRMED creation_date: description: When starting the assistent for sharing of the internet-connection and the DHCP server everything works fine and other computers in the network get their connection. After rebooting the server, the connection is lost and other computers are not able any more to connect to the internet any more through the LAN, even though there is a connection established between the server and the internet. I have to restart the assisten with creating a new configuration - after that it works again - until the next reboot. This problem wasn't there in Mandrake 9.0
[Cooker] [Bug 2522] [gnomemeeting] Gnomemeeting crash at startup
http://qa.mandrakesoft.com/show_bug.cgi?id=2522 --- Additional Comments From [EMAIL PROTECTED] 2003-02-28 17:50 --- check out the latest cooker packages ... pwlib, openh323, gnomemeeting --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. --- Reminder: --- assigned_to: [EMAIL PROTECTED] status: NEW creation_date: description: I immediately get a segmentation fault when I attempt to run the program. No other error messages are displayed. version: gnomemeeting-0.96-3mdk
Re: [Cooker] Upgraded LDAP - Database gone?
I'll have look at cyrus-sasl and openldap during the next week and hopefully fix all the problems ... [EMAIL PROTECTED] (Stefan van der Eijk) writes: This is a cryptographically signed message in MIME format. --ms030707030204090209080500 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit It does on my box... Want my openldap-servers package? Indeed - I rebuild the package and forced an install. Now I can login with Samba again. Strange. Stefan, thanks a LOT for your time and help! OK, so what needs to happen here to fix this for 9.1?? I diffed the requires of openldap on 9.0 and current cooker: [EMAIL PROTECTED] bgmilne]$ diff -u /tmp/ldapreqs-9.0.txt ldapreqs-cooker.txt |grep -v ^ - --- /tmp/ldapreqs-9.0.txt 2003-02-27 17:15:28.0 +0200 +++ ldapreqs-cooker.txt 2003-02-27 17:12:37.0 +0200 @@ -5,15 +5,18 @@ - -libcrypto.so.0 +libcrypto.so.0.9.7 +libcrypt.so.1(GLIBC_2.0) +libc.so.6(GLIBC_2.3) +libgdbm.so.2 - -libldap2 = 2.0.25 +libldap2 = 2.0.27 @@ -25,7 +28,7 @@ - -libssl.so.0 +libssl.so.0.9.7 BuildConflicts: gdbm-devel ? good point. That's the same thing I see here: http://eijk.homelinux.org/build/cooker/requires/i586/openldap-2.0.27-4mdk.src.rpm.txt Requires openldap-servers 15d14 libgdbm.so.2 21d19 libm.so.6 Thing is, there is nothing wron with running the DB as it is now (as long as you've installed it on openldap = 3mdk). You just need to find some way to migrate your DB if you're running an openldap 3mdk installation. Florin has a point here, but no upgrade path for those users (including myself). I guess I didn't get that point across when I was discussing it with him. Now that this is showing up with more people, the itch factor may go up a bit... Stefan --ms030707030204090209080500 Content-Type: application/x-pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=smime.p7s Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH AQAAoIIJODCCAvowggJjoAMCAQICAwgEEDANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmlj YXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0Eg MjAwMC44LjMwMB4XDTAyMDgwMTIyMTUxNVoXDTAzMDgwMTIyMTUxNVowQDEf MB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjEdMBsGCSqGSIb3DQEJ ARYOc3RlZmFuQGVpamsubnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDf36lgjGx2bh4PcdhCQoIIeMrSU7prnQmi/QEqK+Ax228hwGJpW6vl IjpZTwYpdCXVna7aN0k00BMzbFimvcQu/CrRTcfCZtxNixFTDIkniDtixA2d cQu++B6GD8Uhy8FWGl0qMeWmR6lfWosmvv2DEPZsdIrKPYCyu0f0WzF8/S+j BBH+Dx3iUv4yI/fXosDMxOpFNbzgb4aeFGxPKbqvgiK5ZO45tUOaf73PoUwL qeAZ7AxjFFYKm4UbLeDRhEn6eROzUZHPbutkOZG2QSZmZdkqOv9MoEExH7N+ icBzDXBxoKbAG/TyZwI1sSbH2725EM0hK2tMgHrAUARe1LVDAgMBAAGjKzAp MBkGA1UdEQQSMBCBDnN0ZWZhbkBlaWprLm51MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAJIPU9ELs9Sh2xngPjTZPkyXnXMSgptBlTWt4z9od O4ENPUoAsMP0088nugWAswcE4Mhot7PYx53Se5Cc24M25LOKPd9zLv6pok+v IPJjvZOihEXbWKNEdi5t7sCrUodH1GiVDVujiex8GiCK95s4bDSEZS0HHli2 Dpl3l4SituwwggL6MIICY6ADAgECAgMIBBAwDQYJKoZIhvcNAQEEBQAwgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNB IDIwMDAuOC4zMDAeFw0wMjA4MDEyMjE1MTVaFw0wMzA4MDEyMjE1MTVaMEAx HzAdBgNVBAMTFlRoYXd0ZSBGcmVlbWFpbCBNZW1iZXIxHTAbBgkqhkiG9w0B CQEWDnN0ZWZhbkBlaWprLm51MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA39+pYIxsdm4eD3HYQkKCCHjK0lO6a50Jov0BKivgMdtvIcBiaVur 5SI6WU8GKXQl1Z2u2jdJNNATM2xYpr3ELvwq0U3HwmbcTYsRUwyJJ4g7YsQN nXELvvgehg/FIcvBVhpdKjHlpkepX1qLJr79gxD2bHSKyj2AsrtH9FsxfP0v owQR/g8d4lL+MiP316LAzMTqRTW84G+GnhRsTym6r4IiuWTuObVDmn+9z6FM C6ngGewMYxRWCpuFGy3g0YRJ+nkTs1GRz27rZDmRtkEmZmXZKjr/TKBBMR+z fonAcw1wcaCmwBv08mcCNbEmx9u9uRDNIStrTIB6wFAEXtS1QwIDAQABoysw KTAZBgNVHREEEjAQgQ5zdGVmYW5AZWlqay5udTAMBgNVHRMBAf8EAjAAMA0G CSqGSIb3DQEBBAUAA4GBACSD1PRC7PUodsZ4D402T5Ml51zEoKbQZU1reM/a HTuBDT1KALDD9NPPJ7oFgLMHBODIaLez2Med0nuQnNuDNuSzij3fcy7+qaJP ryDyY72TooRF21ijRHYube7Aq1KHR9RolQ1bo4nsfBogivebOGw0hGUtBx5Y tg6Zd5eEorbsMIIDODCCAqGgAwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkq hkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29u c3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZp c2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSsw KQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4X DTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIxCzAJBgNVBAYTAlpB MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNl czEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCB nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3jMypmPHCSVFPtJueCdngcXa iBmClw7jRCmKYzUqbXA8
Re: [Cooker] drakconnect,fw,gw
- drakconnect is used for the network configuration (local or for the Internet) - drakfirewall will configure shorewall (shorewall.net), so therefore your firewall and allow disallow some traffic - drakgw will simply allow you to use one internet connection for a whole network (masquerade the private network). This also configures shorewall ... but only the masquerading side ... they are three different tools ... [EMAIL PROTECTED] (Steffen Barszus) writes: Hi! Seeing a lot of people with problems with the above, I wonder if there is any documentation. There should be a documantation what all the apps are doing and how they are thought to do things and what are the future goals. Further I don't see 3 apps for the same thing, there should be one app draknetwork, that should be aware of all this and the goals of that tool should be well defined and also how the would be reached. This needs to be discussed and then be implemented. I see this is not something for the upcoming release but should be kept in mind for future releases. Things I see what are needed: - documentation (too many questions about how all this should work) - a common dialup framework (the needs of a lot of dial up users are pretty much the same, the common use of that should be taken in account. Starting a dialup-connection only as root is not acceptable. Maybe SuSE and kinternet can give an idea how it should be done). - a discussion about the needs and how to integrate them all. I may have not enough insight in all this but maybe I'm in parts right with what I said. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
[Cooker] drakgw and the latest iptables
A simple rebuild of the iptables package fixes the masquerading problem ... make sure you get the latest iptables package and you won't get the invalid command error message with the latest kernel ... -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
Re: [Cooker] drakgw, shorewall and the latest kernel
there is a problem in the current kernel ... on the masquerading side ... this might be your problem ... for the moment, the masquerading is broken and this is required by drakgw ... [EMAIL PROTECTED] (Francisco) writes: In my case the same computer with 9.0 in several partitions has perfect the masquering, the 9.1 rc1 is in hdb13 and I can configure the masquering and the shorewall, but: Masquering: when I try to activate, it crashes hand send me again to the mandrake control center for internet configurations Shorewall: I select the options (activated ssh, ftp and cups) and OK; it seems fine, but if I return to the shorewall configuration, nothing has been recorded. Under 9.0 shorewall is runing fine. Francisco Alcaraz Murcia (Spain) El Miércoles, 26 de Febrero de 2003 22:45, Adam Williamson escribió: On Wed, 2003-02-26 at 20:57, Florin wrote: Hello again, eth1 should appear in the masq zone ... and not in the loc zone ... but then you need an older kernel in order to have your masquerading working because it's broken in the current kernel ... as I previously said. How come you have it duplicated ? ... I cannot reproduce that here ... I have 4 nics and they are not duplicated ... Additional: I just verified that if I do urpme shorewall and then rm -rf /etc/shorewall, so there's *no* existing shorewall configuration at all, and then run drakgw (allowing it to install a fresh copy of shorewall itself), it *still* generates an invalid /etc/shorewall/interfaces file placing eth1 in both the loc and masq zones. So it's not anything to do with the prior configuration of shorewall. -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
