Re: Debian Server restored after Compromise
On Thu, 13 Jul 2006 23:23:22 +0200 (CEST) "Gudjon I. Gudjonsson" <[EMAIL PROTECTED]> wrote: >How worried should I be? Do you think it is OK to wait for an > official Debian packaged kernel or should I download some tonight from > kernel.org and compile myself? Be worried if you allow untrusted users shell access to your systems. I'm no security expert, but I'm willing to bet that there are tens (if not hundreds) of 0-day local exploits in the Linux 2.6 source code. 'Security' within a source tree that incorporates ~10MB of patches per month is an illusion (in my humble opinion). Don't get me wrong, I run a server with a 2.6 kernel, but be aware that if a malicious user ever gains access to an unprivileged account, they would have no trouble in compromising the system. --Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Tyan S2877 no network? like to end up with something close to sarge...
On Fri, 5 May 2006 08:48:43 -0400 [EMAIL PROTECTED] (Lennart Sorensen) wrote: > On Thu, May 04, 2006 at 11:19:56PM -0400, Anthony DeRobertis wrote: > > yaird is far easier to backport, and pulls in barely any > > dependencies. > > It also (last I tried it) does not support: > passing root= arguments, it hard codes the root location. This makes > fixing things very difficult. > Does not support md raid, nor lvm. > > In all it is almost useless in that state. I tried that first since > yes it was much easier to backport, but it simply was unusuable for > anything but the most primitive of systems. From man yaird: --- The following configurations are supported: SATA, SCSI, IDE, USB storage, DASD, LVM2, mdadm, cryptsetup, cryptsetup-luks, USB keyboards, NFS root, EVMS. Not yet supported: swsusp, firewire, loopback, loopaes, dmraid. --- Works great for me with root on LVM2 (on an i386 box, admittedly). --Adam
Re: quake4 on debian amd64
On Tue, 2006-01-31 at 09:40 -0600, Michael Langley wrote: > It literally takes me 2 to 3 minutes > to have everything setup and ready with the installers from > nvidia.com. 2-3 minutes will become 2-3 hours when you need to remove all the cruft that was put in non-standard locations by your DIY installation. > I would much rather do it that way and know everything > works, and why everything works, than depend on a package. In that case, why are you using Debian? It sounds like you'd be better suited to a source based distribution like Gentoo, or Linux From Scratch. If you're looking for an insight into "why everything works" on Debian, make use of apt-get source and dpkg-buildpkg. Also, the line wrapping on your MUA needs fixing; replying is difficult when the entire body of the message is on one line. Best regards, -- Adam James <[EMAIL PROTECTED]> PROOF OF GOD'S EXISTENCE #97: ARGUMENT FROM DESIGN (I), aka PALEY'S ARGUMENT, aka TELEOLOGICAL ARGUMENT (III) (1) If there is a designer, then God must exist. (2) If I find a watch in a forest, there must be a designer. (3) [Throws watch into forest.] (4) Therefore, God exists. signature.asc Description: This is a digitally signed message part
Re: iTunes in 32bit chroot?
On Sat, 2006-01-14 at 19:47 +1300, Chris Bannister wrote: > I noticed your sig did not render correctly in my mailer. > The delimiter for a sig should be -- not -- Thank you for pointing this out Chris. Should be fixed now. Regards, -- Adam James <[EMAIL PROTECTED]> PROOF OF GOD'S EXISTENCE #238: ARGUMENT FROM CAN'T-BE-A-RACIST (1) Martin Luther King, Jr. believed in God. (2) I don't think you want to say Dr. King was a fool? (3) That's what I thought. (4) Therefore, God exists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: iTunes in 32bit chroot?
On Thu, 2006-01-12 at 17:13 +0900, Craig Hagerman wrote: > On 1/12/06, Jaime Ochoa Malagón <[EMAIL PROTECTED]> wrote: > And I suggest try amarok I'm realy enjoy using it... > and the pluggin of kxdocker... > > > Thanks for the suggestion Jaime, amaroK looks nice. I'll give it a > try. If you want to use amaroK with the Xine plugin on AMD64 you'll need to recompile the package from source without libtunepimp2-dev. See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336437 for details. Of course you can use the (arts|gstreamer)-engines, however if you want gapless playback Xine is the only choice. -- Adam James <[EMAIL PROTECTED]> PROOF OF GOD'S EXISTENCE #322: ARGUMENT FROM ARTIFACT (1) Archeologists found the remains of a boat from Jesus' time. (2) So the Bible is true. (3) Therefore, God exists.
Re: Different directories for AMD64 Debian
On Wed, 2006-01-11 at 22:33 +0100, Christoph Anton Mitterer wrote: > Is my distribution now a real pure 64 bit sys? (Of course except the > ia32-libs stuff). Yes. If you haven't already, read the Debian AMD64 how-to: https://alioth.debian.org/docman/view.php/30192/21/debian-amd64-howto.html Lots of useful information and some workarounds for those pieces of software that remain 32bit only. Have fun. -- Adam James <[EMAIL PROTECTED]> PROOF OF GOD'S EXISTENCE #8: ARGUMENT FROM MIRACLES (1) My aunt had cancer. (2) The doctors gave her all these horrible treatments. (3) My aunt prayed to God and now she doesn't have cancer. (4) Therefore, God exists. signature.asc Description: This is a digitally signed message part
Re: Questions about the nvidia packages.
On Wed, 2006-01-11 at 16:49 +0100, Christoph Anton Mitterer wrote: > 1) I'm using my own kernel created with make-kpkg. > With my old i386 system I've always used the vanilla sources but now > I'll give the debian sources a try. > So I've installed linux-tree-something. > > First of all is there documentation about how the "Debian-kernel-way > works"? I mean there is the linux-source-xx package and the > linux-patch-debian-xxx. http://newbiedoc.sourceforge.net/system/kernel-pkg.html > 3) About the same as 1) (-> patches): Whats the Debian-way of creating > external (not from the vanilla sources) modules? Is there some good > document or so (for the whole Debian-way in kernel/patches/modules > matters?). See URL above. > 4) Last but not least: > My graphic card requires one of the newer drivers from nvidia (it does > not work correctly with the 7147). Why are the packages for newer > versions in i386 but not amd64? Randall Donald is the DD who maintains all the nvidia packages. He also maintains a web page with news about his work @ http://people.debian.org/~rdonald/ An unofficial package repository is also provided, which you can access by adding the following to your source.list: deb http://people.debian.org/~rdonald/nvidia unstable/amd64/ deb http://people.debian.org/~rdonald/nvidia unstable/all/ One you have the nvidia-kernel-source package installed, it's just a case of: make-kpkg --rootcmd=fakeroot --append-to-version=xxx --added-modules=nvidia-kernel modules_image This results in the creation of a nvidia-kernel*.deb image, which you can install with dpkg. Note that the nvidia-glx package will _not_ install until after nvidia-kernel. I'm running a 2.6.15 kernel with the latest .8178 nvidia drivers here, and haven't experienced any problems whatsoever. HTH -- Adam James <[EMAIL PROTECTED]> PROOF OF GOD'S EXISTENCE #313: ARGUMENT FROM WHEAT (1) A grain of wheat will always fall to the ground and the outer shell dies. (2) But see, eventually the grain will grow into a fuller, more vital form. (3) Hey, that's kinda like the Resurrection! (4) Therefore, God Exists. signature.asc Description: This is a digitally signed message part
Re: Upgrade
On Tue, 2006-01-10 at 22:09 +0100, Nonno wrote: > Hi, > I read this message: > "packages.debian.org is down at the moment due to performance issues. > [...] > > May be the reason I don't get kernel upgrade? This has nothing to do with access to the Debian package archives, which are mirrored across the world. It just means you can't search for package information on the web. Anyone with a Debian system can get the same (and more) information using apt-cache, dpkg etc. -- Adam James <[EMAIL PROTECTED]> PROOF OF GOD'S EXISTENCE #150: ARGUMENT FROM THE FOUNDING FATHERS (II) (1) The Declaration of Independence includes the words "God" and "Creator". (2) Only a Christian would include the words "God" and "Creator"! (3) Therefore this is a Christian Nation. (4) A Christian Nation couldn't last over 200 years without God's help. (5) Therefore, God exists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: lm_sensors package
On Mon, 2006-01-09 at 18:05 +0100, Emmanuel Fleury wrote: > I would like to know how many of these chipsets are supported right now > on AMD64 motheboards. I have an Asustek A8NE-FM and it seems to me that > the thermal sensors are not supported at all. > > Can somebody give me some hints where to find experimental drivers or a > way to develop mine by myself ? The A8N-E uses the it8712 chip for hardware monitoring, you'll need these kernel options in order to access it: CONFIG_I2C=m CONFIG_I2C_ISA=m CONFIG_HWMON=m CONFIG_HWMON_VID=m CONFIG_SENSORS_IT87=m 'modprobe it87' should load the correct modules, then sensors should autodetect the chip. On my nForce3 system I get the following output: $ sensors it8712-isa-0d00 Adapter: ISA adapter VCore 1: +1.10 V (min = +1.42 V, max = +1.57 V) ALARM VCore 2: +4.08 V (min = +2.40 V, max = +2.61 V) ALARM +3.3V: +6.53 V (min = +3.14 V, max = +3.46 V) ALARM +5V: +4.95 V (min = +4.76 V, max = +5.24 V) +12V: +11.65 V (min = +11.39 V, max = +12.61 V) -12V: +3.93 V (min = -12.63 V, max = -11.41 V) ALARM -5V: +4.03 V (min = -5.26 V, max = -4.77 V) ALARM Stdby: +6.85 V (min = +4.76 V, max = +5.24 V) ALARM VBat: +4.08 V fan1:0 RPM (min =0 RPM, div = 2) fan2:0 RPM (min = 2636 RPM, div = 128) fan3:0 RPM (min = 3013 RPM, div = 8) M/B Temp:+32°C (low = +15°C, high = +40°C) sensor = thermistor CPU Temp:+32°C (low = +15°C, high = +45°C) sensor = thermistor Temp3: +128°C (low = +15°C, high = +45°C) sensor = disabled Obviously the voltage readings are incorrect, so you might need to get an updated sensors.conf from CVS or do some tweaking yourself. HTH. --- Adam James [EMAIL PROTECTED] PROOF OF GOD'S EXISTENCE #264: ARGUMENT FROM PERSONAL INABILITY (1) The Bible says Jesus turned water into wine. (2) Can you turn water into wine? (3) No? Well there ya go. (4) Therefore, God exists.
Re: installing amd64 kernel
On Thu, 2005-12-22 at 15:49 -0500, Lennart Sorensen wrote: > On Thu, Dec 22, 2005 at 08:37:47PM +0000, Adam James wrote: > > Could you explain some of the reasoning behind your comment? > > > > All the partitions on my Linux systems are formatted with reiserfs > > (300GB+ of actual data), and I've yet to experience any problems. > > > > Making a statement inferring that there are well known bugs in a widely > > used piece of software without explaining what they are doesn't really > > help anyone make an informed decision. > > Well I used reiserfs 3.5 a bit and then used reiserfs 3.6 for probably 2 > years before finally going to ext3. I had files corrupted when systems > lost power in the middle of a write ending up with partially new > contensts, and partially old contents and often partially old deleted > data. ext3 in the default mode of journal=ordered doesn't ever do that. > I either get the old file or the new file. I have never gotten > something in between or worse, something else random. > > Using reiserfs on a laptop without proper suspend support for auto > suspending when the battery runs low makes you very likely to encounter > this type of corruption. Sure the fsck isn't necesary because the meta > data is perfect. The file content isn't though. ext3 only updates the > meta data after the file content is written to disk so you avoid random > data when adding to a file. I believe (but could be wrong) that ext3 > also writes changes to unused blocks, then updates meta data and frees > the old blocks. > > If reiserfs 4 does full journalling (which I believe it does) it will be > a major improvement. It is still a very complex filesystem, and > personally I prefer something that you can actually fix if it breaks > using some kind of fsck. At least xfs seems to have a decent repair > tool, while reiserfs still doesn't seem to. The rebuilddb option often > does more harm than good from the experiences I have had as well as > other users I have read messages from on reiserfs. I just want a > filesystem that stores my files, doesn't make a mess of the contents, > and can be fixed if it breaks without major data loss. I don't care if > it can delete 10 files per second. I don't really ever need to do > that. I need to sometimes write files or change files, and most of the > time read files. Reasonably fast dir lookups are nice, but ext3 has > that too. Most things that do lots of I/O use pre created files and > hence don't care how fast meta data updates can be done, while raw file > i/o is limited almost entirely by disk speed. > > The 2.6 bugs in XFS seem to be known, although last I checked they still > hadn't been tracked down. > > So that is why I only use ext3 now, and only recomend ext3. > > Len Sorensen Thanks for elucidating on your previous comments. I should add that I've not experienced any file corruption on my systems, and powercuts aren't an infrequent occurrence. However, they don't run any code that requires continuous data writes, so it may just be a matter of time. Best regards, Adam. signature.asc Description: This is a digitally signed message part
Re: installing amd64 kernel
On Thu, 2005-12-22 at 14:32 -0500, Lennart Sorensen wrote: > I wouldn't recommend reiserfs. I tried it before and ended up spending a > lot of work converting to ext3 when the bugs became too painful. ditto > for xfs under 2.6.3 - 2.6.9 (which is when I gave up on it). Could you explain some of the reasoning behind your comment? All the partitions on my Linux systems are formatted with reiserfs (300GB+ of actual data), and I've yet to experience any problems. Making a statement inferring that there are well known bugs in a widely used piece of software without explaining what they are doesn't really help anyone make an informed decision. Regards, Adam. signature.asc Description: This is a digitally signed message part
Re: Ethernet problem
On Mon, 2005-12-19 at 11:57 +0100, Jens Schwarze wrote: > [EMAIL PROTECTED] schrieb: > > >I had the same problem, just add sk98lin to /etc/modules and reboot. > > And where can I get this? (sorry I'm new with debian) When you say you're new with Debian, do you mean Linux in general or just the Debian distribution? The sk98lin module should be included with the stock Debian kernel on your system. You can type "modprobe sk98lin" at the root prompt to confirm this. If the module isn't available you'll get a "FATAL: Module x not found" error. Anyway, adding a module that doesn't exist to /etc/modules won't cause any problems, other than a "Module x not found" error on bootup. HTH, Adam. signature.asc Description: This is a digitally signed message part
Re: Opening file at boot time ( read only)
On Sun, 2005-12-18 at 20:19 +, frank smith wrote: > I ve made a mess in /etc/fstab and now cant boot my linux box > I tried to mount my other OS using fstab and now when I boot > It dumps me at the prompt ( ctl + D plus root pword) > > When I try Vi the file it's read only even though I use the Root Pword. This is likely because the partition containing /etc is mounted read only. To remount /etc read write, type the following at the root prompt: # mount / -o remount,rw This presumes you _don't_ have a partition especially for /etc, if you do the command would be: # mount /etc -o remount,rw You should then be able to edit /etc/fstab and save the changes. HTH, Adam. signature.asc Description: This is a digitally signed message part
Re: [SPAM] Re: Debian clock multi boot (It was: Burn 100min. (878MB) cd-data with k3b)
On Fri, 2005-12-16 at 13:42 -0900, Fielder George Dowding wrote: > There may come a time when this is not the case for me, so Jo, could you > elaborate on your comment, "As per the manual, you should configure > Debian to compensate for the mess Windows makes of the hardware clock." > That is, do you set the hardware clock to satisfy Windows and then set > the timezone to an appropriate offset so Linux reads the correct time? > It would seem to me this would give the wrong timestamp for email etc. > > Yes, I am looking for the manual reference, but I don't know what to > look for as I write this. As per the manual and Jo's comment further up this thread: If you were to set your Debian GNU/Linux computer to use local time, without taking account of timezones, you would lose the benefit of automatic DST changes. We do not recommend this! However, it may be necessary to compromise by setting your hardware clock to local time (see Multiboot with operating systems not understanding timezone, Section 16.3). In this document, we assume that you have configured your computer to use UTC. To change the computer to use UTC after installation, edit the file /etc/default/rcS, change the variable UTC to no. If you happened to install your system to use local time, just change the variable to yes to start using UTC. It is best to reboot after editing /etc/default/rcS to get the changes effective. Windows *is* the problem here, it expects the hardware clock to be set to local time and there is no way of changing this behaviour. Therefore you must configure Linux so that it doesn't expect the hardware clock to be set to UTC time. HTH, Adam. signature.asc Description: This is a digitally signed message part
Re: Burn 100min. (878MB) cd-data with k3b
On Fri, 2005-12-16 at 14:07 +0100, Albert Oliver Serra wrote: > Hello! > > > > it's not correct:) if I set it with 'hwclock' in debian, and run another > > OS, next debian-run will be with wrong-time. > Have you tried ntpdate??? I think it's so useful for you. NTP date will not help in this instance, as the other OS doesn't understand timezones. Debian sets the hardware clock to UTC time, and then fudges the local time from this, based on the timezone configuration (see /etc/timezone). As far as I am aware, Windows sets the hardware clock to the *local* time, thus on next boot Debian will think local time is UTC, causing the discrepancy. I'd suggest reading Chapter 16 from the Debian sysadmin manual for a solution to this (specifically section 16.3). [1] HTH, Adam. [1] http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-time.html signature.asc Description: This is a digitally signed message part