Re: GNUCash 1.4.4 ??
%% "Christopher W. Aiken" <[EMAIL PROTECTED]> writes: cwa> Is there a Debianized version of gnucash 1.4.4 or 1.4.5?? cwa> Where can I find it? Helix has a copy of 1.4.5 available. Add this to your sources.list: deb http://spidermonkey.helixcode.com/distributions/debian unstable main Please don't do this without thinking about it! Once you start including Helix GNOME packages it could get a bit sticky going back to Debian GNOME packages. There have been some discussions on this lately: see the Debian Weekly News. -- --- Paul D. Smith <[EMAIL PROTECTED]> Network Management Development "Please remain calm...I may be mad, but I am a professional." --Mad Scientist --- These are my opinions---Nortel Networks takes no responsibility for them.
Re: GNUCash 1.4.4 ??
On Thu, Aug 31, 2000 at 11:37:37PM -0400, Christopher W. Aiken wrote: > Is there a Debianized version of gnucash 1.4.4 or 1.4.5?? > Where can I find it? Helix Code has 1.4.5-helix1 -- /bin/sh ~/.signature: Command not found
Re: Apps Crashing a Lot
On Wed, Aug 30, 2000 at 09:27:50AM +0800, CHEONG, Shu Yang [Patrick] wrote: > Have you guys tried ctrl+alt+backspace to get back to the console instead of > (i) rebooting the box and (ii) telnetting from another machine to issue a > init 1!!! If that doesn't work, try ctrl+alt+FX (where X is the number > representing the console 1 to 6). You also might want to determine the > reason(s) for the "crashes"...it may be caused by a rogue app or > something...such feedback to the developers is important as bugs can then > get fixed promptly and everyone can go about their daily lives again! or compile in the LOVELY magic sysrq into your kernel, and discover the joys of: (yeah - I know you only need ctrl *OR* alt, but I can never remember which one, so I just use both) ctrl-alt-sysrq-s (sync all disks) ctrl-alt-sysrq-u (unmount all disks) ctrl-alt-sysrq-b (reboot) those keys work for me about 99% of the time (even when the rest of the system is crashed) - and only requires a fsck about 1 time in 20 for me :) lovely thing (although I rarely have to use it (unless it's user error like trying to run enlightenment and netscape with no swap)) - Brian -- .oO(You know you've been using computers too long when you can actually come up with something that can be abbreviated as "lgtkmozembed") (quoted from GyrosGeie on irc #mashpotato)
Re: howto recreate /dev/null ?
On Thu, Aug 31, 2000 at 08:58:43PM -0700, Jeremiah Hunter Savage wrote: > Okay, > > This is definitely a newbie question. I keep on reading about sending > things to /dev/null. So I thought I would give a try: > > mv file /dev/null > > Yes I was root. > So how do I recreate /dev/null? hmm. i'm a second-iteration newbie, so i may be off base. i'll give it a try, anyhow. are you saying you DO NOT ALREADY have a 'null' entry under the '/dev' directory? it's hard for me to believe. if you truly don't have any such item, i'm not sure how to create it; but it shoula been created when you formatted your linux/unix system... what it's for, is this: say you have a program that generates lots of output for debugging and so forth, but there's no option to turn of the verbose data. if you run such a task via cron, you'll get periodic emails from cron showing you what output your process generated, even if you're done debugging it and don't need to see the output any more. the way we unix/linux folk discard the output from any process, is to redirect it to /dev/null. some background, in case you're not up on redirecting: # mkdir redirect # cd redirect # date Thu Aug 31 23:26:48 CDT 2000 # date > today # note -- there's nothing printed to your console here! when we put "greater-than filename" after a command we're telling unix point the output from this command to that file. redirected! # ls today # cat today Thu Aug 31 23:26:49 CDT 2000 so instead of printing the date to our screen, it went into the file 'today' which is what we told it to do. cool, eh? # cat < today Thu Aug 31 23:26:49 CDT 2000 here, 'cat' just repeats its own input, which is now coming from the file 'today'. the > and < act as arrows where we can tell linux/unix where to get input from, and where to send output to. # date > today # cat today Thu Aug 31 23:26:57 CDT 2000 as you can see, any "cmd > file" clobbers the contents of the file, so anything that had been in there, is gone; it's replaced with the output of the command. # date >> today # date >> today # cat today Thu Aug 31 23:26:57 CDT 2000 Thu Aug 31 23:27:08 CDT 2000 Thu Aug 31 23:27:11 CDT 2000 using ">>" redirects the printed output to the file just as ">" does, but it only APPENDS, leaving previous data in the file, as it was. very handy. back to the /dev/null concept: # ls -l /dev/null crw-rw-rw- 1 root root 1, 3 May 9 21:30 /dev/null the leading 'c' tells us it's a "character special file" meaning that linux/unix knows that when something is directed TO that file or FROM that file, we don't just read or write -- we do something specific to that 'device'. in this case, READ always returns EOF and WRITE always disappears as if into a black hole. if yours is not a 'c'=character-special device, then you've clobbered it and you'll need help from someone more knowledgeable than i! (it's probably in a manpage somewhere, if you can figure out which one...) what's redirecting to '/dev/null' good for? here's an example. if you're not running 'fetchmail' as its own background daemon, to yank your email from various servers, you can have cron do it for you. the thing is, you get lots of tripe in the output. it tells you all about how each message contains X octets, and how it's downloading the data... none of which you really need. 15 * * * * fetchmail > /dev/null 2>&1 a crontab entry like this will run fetchmail every hour at 15 minutes past the hour; any printing to STDOUT will be sent to /dev/null, and with the 2>&1 syntax, STDERR gets set to what STDOUT is, which means it also disappears into /dev/null. moving something to /dev/null via mv xyz.pdq /dev/null may attempt to REPLACE /dev/null with whatever file that was; if it goes ahead, your 'bitbucket' facility will be ruined -- /dev/null would just be a file that you append to and append to and append to! you can also use /dev/null for STDIN as in somecommand < /dev/null in which case for ANY 'read' that the command does from STDIN, it'll get EOF forever.
Re: last rc. file ???
Oh haha sorry, you gotta run update-modules after making the changes to /etc/modutils/* -chris On Thu, 31 Aug 2000, Debian Ghost wrote: > Hello Krzys, > Thank you for the speedy reply. > I have tried your suggestions and still receive a message that basically > says I have not passed the proper arguements. I put the entry in the alias > file and also put the entry in options. I am unsure why it still is not > working. Is there anything else I can check? > > Adding Swap: 321292k swap-space (priority -1) > ad1848/cs4248 codec driver Copyright (C) by Hannu Savolainen 1993-1996 > cs4232: dma, dma2, irq and io must be set. > > Thanks a lot! > > D. Ghost > > > > On Thu, 31 Aug 2000, Krzys Majewski wrote: > > > Type > > runlevel > > This will print a number, say 2. So go to /etc/rc2.d. Type > > ls > > The last listed file is the last rc file run. Or was that your question. > > What you want to do is install the modutils package, put the cs4232 > > arguments in /etc/modutils/options: > > options cs4232 io-0x534 irq=5 dma=1 dma2=3 > > > > and put something like > > > > alias sound-slot-0 cs4232 > > > > in your /etc/modutils/aliases. > > > > Something like that, anyway. -chris > > > > On Thu, 31 Aug 2000, Debian Mail wrote: > > > > > D Ghost here. > > > I have a quick question here. > > > > > > What is the last rc file to run? > > > > > > I need to add a modprobe line to load my sound card. > > > > > > I have the module in /etc/modules but it seems not to load until I do > > > > > > modprobe cs4232 io-0x534 irq=5 dma=1 dma2=3 > > > > > > > > > Basically, I'm looking for something like rc.local? > > > > > > Advice appriciated! > > > > > > D Ghost > > > > > > 'space ghost in europe' > > > > > > > > > -- > > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > > > > > > > > -- > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > > > >
Re: howto recreate /dev/null ?
> This is definitely a newbie question. I keep on reading about sending > things to /dev/null. So I thought I would give a try: > > mv file /dev/null mknod /dev/null c 1 3 It will create character ('c') device file /dev/null with major number 1 and minor number 3. Exactly what you need. Do not forget to allow everyone to write into /dev/null: chmod a+w /dev/null -- Alexey Vyskubov (at home) Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
howto recreate /dev/null ?
Okay, This is definitely a newbie question. I keep on reading about sending things to /dev/null. So I thought I would give a try: mv file /dev/null Yes I was root. So how do I recreate /dev/null? Jeremiah
Re: Directory always defaults to /usr/bin
Hi Kent, Quoth Kent Pirkle, > I double checked...I am starting X from my home directory. I had a similar problem once, with every program that I launched defaulting to ~/.gnome-desktop. I tracked down the problem to a gnome-panel setting (all these programs had been launched from the gnome panel, which had messed up it's CDW, somehow). Have a look in your ~/.gnome directory and see if you can find any configuration files for the panel which have /usr/bin/ in them, this might be your problem. You could probably start by doing an rgrep for /usr/bin/ in ~/.gnome and see what you come up with (I have no idea what file I changed, so I can't tell you exactly where to look). This solved my problem, may solve yours too. HTH damon -- Damon Muller ([EMAIL PROTECTED]) / It's not a sense of humor. * Criminologist / It's a sense of irony * Webmeister / disguised as one. * Linux Geek / - Bruce Sterling - Running Debian GNU/Linux: Doing my bit for World Domination (tm) - pgpDWflMB6adS.pgp Description: PGP signature
Re: sunrpc
Debian Ghost <[EMAIL PROTECTED]> writes: > Dear Olaf, > Thank you for the reply! > I am not so sure I understand what RPC servers are. Same here :-( > Does it have something to do with an NFS type service? Yes, I remember I had to put portmap in my /etc/hosts.allow to get NFS to work. I have ALL:ALL in /etc/hosts.deny. > I do not know that I use any RPC servers or services. That > is why I am considering turning down the sunrpc service. Thinking about this myself too, but I'm not sure what's gonna break. > Would this be wise? If you don't need it, yes. Just junk all servers you don't need. I'd even consider purging them ;-) > Thanks! No thanks. BTW, you cc'd to debin-user :-) > D. Ghost > > On 1 Sep 2000, Olaf Meeuwissen wrote: > > > Debian Mail <[EMAIL PROTECTED]> writes: > > > > > D Ghost here, > > > I've searched and looked for documentation on what sunrpc is and what > > > starts/stops it in debian. I have checked inetd.conf and it is not started > > > in there. I want to not run this deamon. How do I "turn it off" ? > > > > This service is provided by `portmap'. Remove `/etc/rc?.d/S18portmap' > > to stop it from being started, but note that any RPC servers that are > > invoked will more than likely refuse to start or just simply crash. -- Olaf Meeuwissen Epson Kowa Corporation, Research and Development
GNUCash 1.4.4 ??
Is there a Debianized version of gnucash 1.4.4 or 1.4.5?? Where can I find it? TIA...cwa -- --- Christopher W. Aiken, Scenery Hill, Pa, USA chris at cwaiken dot com, www.cwaiken.com Preferred O/S: Debian 2.2 Potato
loony lilo looping
Hello everyone, I am running Debian 2.2 on an AMD K6-2 400 dual boot system. Things have been great until I tried to recompile my kernel (2.2.15) to include PPP support. Everything appeared to compile fine but I was rushing through things and rather then putting the new one in /boot/ and then linking to it from /vmlinuz, I just copied the new one to /vmlinuz (and yes, everything was backed up). So here comes the fun part... I then rebooted, everything was the same. Realized that I forgot to run lilo, did it and rebooted. Rather then getting the "LILO:" prompt, I got 'L' and then a constant looping of " 01" over and over again. Booted off the installation disk, realized the mistake I made with the link but didn't think that much of it since it probably doesn't matter if vmlinuz is the kernel or a link to it. I then put the files back as they were and changed lilo. conf to what it was, ran lilo, and the same thing happened. Put the kernel on the floppy and it booted so after much fiddling, I have determined that somehow i have screwed up lilo. I've looked at the lilo mini how to and the lilo crash whatever how to but have had no luck. even trying to dig through the list archives. I can provide any other info that may be needed. I've recompiled the kernel before but haven't ran into trouble with lilo like this. Thanx in advance for any help. -Malcolm PS - please reply directly as I am not on the list. Thanx!
Re: sunrpc (fwd)
-- Forwarded message -- Date: Thu, 31 Aug 2000 23:21:16 -0500 (EST) From: Debian Ghost <[EMAIL PROTECTED]> To: Olaf Meeuwissen <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: sunrpc Dear Olaf, Thank you for the reply! I am not so sure I understand what RPC servers are. Does it have something to do with an NFS type service? I do not know that I use any RPC servers or services. That is why I am considering turning down the sunrpc service. Would this be wise? Thanks! D. Ghost On 1 Sep 2000, Olaf Meeuwissen wrote: > Debian Mail <[EMAIL PROTECTED]> writes: > > > D Ghost here, > > I've searched and looked for documentation on what sunrpc is and what > > starts/stops it in debian. I have checked inetd.conf and it is not started > > in there. I want to not run this deamon. How do I "turn it off" ? > > This service is provided by `portmap'. Remove `/etc/rc?.d/S18portmap' > to stop it from being started, but note that any RPC servers that are > invoked will more than likely refuse to start or just simply crash. > > -- > Olaf Meeuwissen Epson Kowa Corporation, Research and Development >
Firewall and Security
Hi, I have been looking at setting up a couple of Debian boxes at work to help with our cable modem development and have the following specs for what I need to do. VPN on corporate network joining 2 sites. Machine will be a gateway to corp intranet and internet. Need Samba to support shared filespace for network of 10-15 NT machines at each site, shared area for both sites to access as well. DHCP/TOD server for cable modems, headend and CPE's. Support ftp from NT desktop to corp dmz machine - use ssh ? Support reflections X from NT to Sun servers - use ssh ? Can have static IP's for NT boxes and Linux SNMP stations. Eventually I would like to get all the NT machines running Linux but at the moment we are in the final development/test phase so do not have the time, also the development toolkit runs on either WinXX or Solaris :-(. I have a Debian box at home and an NT box I can experiment with, also have a Sun I can get working for reflections X experiments. The basics are already running but I did not set it up and it needs redoing as whoever set it up did not do it very well. We will have an old machine as a mirror while the update is done, half of the facilities are not working as is anyway (like Samba, X and half the tools and install are missing). Here is a rough diagram: Site 1 Site 2 NT1-Corp NT1 : + Debian1 -- Debian 2 -+ NT15 - NT15 | Samba Samba | | DHCP DHCP | | TOD TOD| CMTS+ + CMTS | | CM's---CPE CPE---CM's Thats it, any tips or suggestions ? I have got all the FAQ's down and read most of them, time to Just Do IT I suppose. Thanks, Richard.
Re: last rc. file ???
Hello Krzys, Thank you for the speedy reply. I have tried your suggestions and still receive a message that basically says I have not passed the proper arguements. I put the entry in the alias file and also put the entry in options. I am unsure why it still is not working. Is there anything else I can check? Adding Swap: 321292k swap-space (priority -1) ad1848/cs4248 codec driver Copyright (C) by Hannu Savolainen 1993-1996 cs4232: dma, dma2, irq and io must be set. Thanks a lot! D. Ghost On Thu, 31 Aug 2000, Krzys Majewski wrote: > Type > runlevel > This will print a number, say 2. So go to /etc/rc2.d. Type > ls > The last listed file is the last rc file run. Or was that your question. > What you want to do is install the modutils package, put the cs4232 > arguments in /etc/modutils/options: > options cs4232 io-0x534 irq=5 dma=1 dma2=3 > > and put something like > > alias sound-slot-0 cs4232 > > in your /etc/modutils/aliases. > > Something like that, anyway. -chris > > On Thu, 31 Aug 2000, Debian Mail wrote: > > > D Ghost here. > > I have a quick question here. > > > > What is the last rc file to run? > > > > I need to add a modprobe line to load my sound card. > > > > I have the module in /etc/modules but it seems not to load until I do > > > > modprobe cs4232 io-0x534 irq=5 dma=1 dma2=3 > > > > > > Basically, I'm looking for something like rc.local? > > > > Advice appriciated! > > > > D Ghost > > > > 'space ghost in europe' > > > > > > -- > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > >
Re: netscape/mailcap
I've tried: renaming the .netscape directory to .netscape_bak and opening a new netscape moving .mailcap files and opening netscape removed plugger specifying netscape to open html files in applications directory in netscape nothing works. What file is overriding these and causing the error below? thanks oh.. Now that I think about it, since I installed netscape 4.75, I've been getting a box called ..huffman (encoding?) that pops up when a .jpg image is called from a mail or url. That never happened before. anyone else experienced this? Dale L . Morris ([EMAIL PROTECTED]) wrote: > Something overwrote my .mailcap file and I'm receiving the following > error message when I use netscape and clik on a text/html link: > > Netscape subprocess diagnostics (stdout/stderr) > ex/vi: Vi's standard input and output should be a terminal
Re: sound blaster live
Wilson Fung wrote: > > That I haven't tried, I guess I will. Thanx for the suggestion, but which > debs am I actually looking for. > As I mentioned you'll find these in the unstable branch: alsa-base_0.5.9b-1.deb alsa-headers_0.5.9b-1.deb alsa-modules-2.2.17_0.5.9b-1+2.2.17pre6-1.deb alsa-utils_0.5.9-1.deb alsaconf_0.4.3b-2.deb alsalib0.3.0_0.4.1e-5.deb asmixer_0.5-6.deb libasound1-dev_0.5.9-1.deb libasound1_0.5.9-1.deb I don't remember which order you'll need to install these in or if you even need all of them. But if you start with one of them and try to install it (i.e. dpkg -i alsa-utils_0.5.9-1.deb), it'll either install or tell you which package you need to install first -- so you install that one first! It takes a little patience, but will hopefully work. You might also try pointing dselect to the unstable branch and going that route so it'll take care of the dependencies for you, but this might cause dselect to try to install a whole bunch of other files -- I don't remember if I ever tried this, but this theoretically is the easiest approach. Good luck, David Bellows
Re: sunrpc
Debian Mail <[EMAIL PROTECTED]> writes: > D Ghost here, > I've searched and looked for documentation on what sunrpc is and what > starts/stops it in debian. I have checked inetd.conf and it is not started > in there. I want to not run this deamon. How do I "turn it off" ? This service is provided by `portmap'. Remove `/etc/rc?.d/S18portmap' to stop it from being started, but note that any RPC servers that are invoked will more than likely refuse to start or just simply crash. -- Olaf Meeuwissen Epson Kowa Corporation, Research and Development
sunrpc
D Ghost here, I've searched and looked for documentation on what sunrpc is and what starts/stops it in debian. I have checked inetd.conf and it is not started in there. I want to not run this deamon. How do I "turn it off" ? :) Thanks for any info! Debian Ghost 'space ghost on debian'
Re: speaker volume
Console shmonsole. What you want to do is open up the machine, find the speaker, rip it out, and throw it somewhere far. Note the place where it lands though. If your motherboard/memory/cache ever fails you might need the speaker to beep X number of times to identify the problem. I think the answer to your question is something like echo -e "\\33[10;${HERTZ}]\\33[11;${MILLISECONDS}]" >> /dev/console where HERTZ is the frequency you desire and MILLISECONDS is the duration. I usually set both to zero and put the whole thing in my ~/.bashrc. -chris On Fri, 1 Sep 2000, Stefan Nantz wrote: > Hello All, > > every time the PCMCIA gets started it beebs very loudly. how can I change the > speker volume from the console ? > > Best Regards > > Stefan > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
Re: sound blaster live
That I haven't tried, I guess I will. Thanx for the suggestion, but which debs am I actually looking for. Wilson Fung wrote: > > I have a sound blaster live value card, and guess what, I'm new to linux. I > downloaded the ALSA 0.59 driver, compiled it and when I modprobe it, it says > unresolved symbols in snd.o and emu10k1.o. Am I missing something? > You might also try downloading the latest .debs from the unstable branch and installing these, then run alsaconf. This worked fine for me. It did take a little patience to get the correct packages installed in the correct order, but Debian always tells you what package it needs first. David Bellows -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Re: Configuring Mouse in X
I had the same problem, use the X Server ver. 3.3.6-11 rather than 3.3.6-10 which comes with d 2.2 Stefan On Thu, 31 Aug 2000, Mark Simos wrote: > most laptop internal mice connect to the "ps2" port in windows and the > hardware > handles whether either or both the internal and external work, so you might > try > that... > > my $.02 > > Mark > > > "I. Tura" wrote: > > > Better refer to a laptop list in [EMAIL PROTECTED] > > > > Best, > > > > Ignasi > > > > At 11.30 30/8/00 EDT, [EMAIL PROTECTED] ha escrit: > > >Hi, > > >I just installed all the files for X Free 86 3.3.6 onto my system, and I'm > > >having a little trouble (ironically). While I'm quite sure of how to get > > >my > > >card and monitor up, I can not get my mouse to work at all. I have a > > >Compaq > > >Presario 1800XL 190 Laptop, which uses a touch pad for mouse control. > > >While > > >I do have an external mouse I'm sure I could make work, I will need the > > >touchpad for using the system on the road and such. Thanks for any help in > > >advance. > > > > > >-Chris > > > > > > > > >-- > > >Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < > > /dev/null > > > > > > > ---\ > > From Barcelona... \ \\___ > > / / ___\_'_\ > > Still nationalizing the LAN! /\¬___/ > > --/ > > > > ___ > > > > Do You Yahoo!? > > > > Achetez, vendez! À votre prix! Sur http://encheres.yahoo.fr > > > > -- > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > -- > Mark Anthony Simos, MCSE > Poet, Playwright, Swing Dancer > > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
Re: last rc. file ???
Type runlevel This will print a number, say 2. So go to /etc/rc2.d. Type ls The last listed file is the last rc file run. Or was that your question. What you want to do is install the modutils package, put the cs4232 arguments in /etc/modutils/options: options cs4232 io-0x534 irq=5 dma=1 dma2=3 and put something like alias sound-slot-0 cs4232 in your /etc/modutils/aliases. Something like that, anyway. -chris On Thu, 31 Aug 2000, Debian Mail wrote: > D Ghost here. > I have a quick question here. > > What is the last rc file to run? > > I need to add a modprobe line to load my sound card. > > I have the module in /etc/modules but it seems not to load until I do > > modprobe cs4232 io-0x534 irq=5 dma=1 dma2=3 > > > Basically, I'm looking for something like rc.local? > > Advice appriciated! > > D Ghost > > 'space ghost in europe' > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
speaker volume
Hello All, every time the PCMCIA gets started it beebs very loudly. how can I change the speker volume from the console ? Best Regards Stefan
Re: sound blaster live
Wilson Fung wrote: > > I have a sound blaster live value card, and guess what, I'm new to linux. I > downloaded the ALSA 0.59 driver, compiled it and when I modprobe it, it says > unresolved symbols in snd.o and emu10k1.o. Am I missing something? > You might also try downloading the latest .debs from the unstable branch and installing these, then run alsaconf. This worked fine for me. It did take a little patience to get the correct packages installed in the correct order, but Debian always tells you what package it needs first. David Bellows
last rc. file ???
D Ghost here. I have a quick question here. What is the last rc file to run? I need to add a modprobe line to load my sound card. I have the module in /etc/modules but it seems not to load until I do modprobe cs4232 io-0x534 irq=5 dma=1 dma2=3 Basically, I'm looking for something like rc.local? Advice appriciated! D Ghost 'space ghost in europe'
Re: Is monitor flicker a function of video card or monitor?
On Thu, 31 Aug 2000, Krzys Majewski wrote: > Can I take advantage of a new video card to reduce the flicker I > see in X Windows, or is this strictly a function of the monitor? Both. In your case, it's probably the monitor. Your video card is kind of low-powered too. The thing that determines flicker is the refresh rate. This is not able to exceed the VertRefresh line in XF86Config and it too is limited by the monitor itself. Unfortunately, a monitor is also limited by the maximum dot-clock it can support (this is also called bandwidth) and the horizontal sync rate. If the dot-clock is higher than the monitor can support, the image becomes blurry and it becomes impossible to distinguish individual dots. If the horizontal sync is too high, the monitor can't display a stable picture (and it's no good for the monitor, either). My monitor (an NEC XV17) is 5 years old and has, even for the time, a pretty low H-sync of 65.5 KHz, and lowish bandwidth of 85MHz which I run at 100MHz. This is good enough for me to get 1152x864 at about 70 Hz refresh rate (or 1280x1024 at about 62 Hz - most unpleasant flicker and the wrong aspect ratio too). As resolution increases, both horizontal and vertical frequency increase. This is why refresh rates are lower at higher resolutions. Horizontal sync rates tend to place the limit on maximum resolution. The dot-clock is equal to the H-sync times the refresh rate times the vertical frequency, and refresh rate cannot exceed vertical frequency. So you might find that your monitor has plenty of vertical frequency available to display whatever refresh rate you want, but cannot use it at high resolutions because you will exceed your bandwidth. You can push the limits with your rated bandwidth (in an emergency, you can sometimes double it) to buy refresh rate, but your picture quality will decrease, and it will increase the wear on the monitor. You should try to avoid exceeding your vertical sync rate and never ever exceed the horizontal sync rate. Although dot-clock cannot exceed the bandwidth of the monitor, it cannot exceed the capabilities of your video card. This is usually determined by the video card's RAMDAC. My video card (A #9 771 with an S3-968 chip) has a pretty good 170MHz maximum dot clock; I think the average mach64 is stumbling around at 100MHz or so. Of course you don't lose anything if this is higher than your monitor bandwidth. XFree86 should tell you when it starts up, anyway. > I copied the modelines from my old machine to my new machine and they > work fine, but I'm wondering if I can do better. Typically modelines are monitor-limited. The only case where they would not be is if your video card is limited by the dot clock. > Any pointers to rtfm on the meaning of things like "hsync" and "vsync" > and "dot clock" also appreciated. Look for the XFree86-Video-Timings or Modelines HOWTO. If you can't find it, I'll send it to you. >VendorName "Magnavox" # I typed this in >ModelName "CM2015D1" # I typed this in See if you can't dig the specs up somewhere. >HorizSync 31.5 - 53 >VertRefresh 50-90 >Modeline "1024x768c" 65.01024 1036 1180 1304 768 771 777 802 -hsync > -vsync You can almost certainly do better than that - if your monitor is 17" or larger. If it's only 14" or 15" you might have fairly accurate readings there. Any 17" or better monitor will have a better HorizSync and bandwidth than that and, by extension, better refresh rates. That is only 65MHz of bandwidth, not very much.
Re: 3 off. cds = mirror - non free ?
> Are all the files of the distribution (except non- free) contained in > the (three official cds+ the non_us cd)? > According to http://cdimage.debian.org/lastmin.html: Official Potato 2.2 rev0 series Not all packages from section `contrib' are included on the CDs, since they depend on non-free packages that are also not on the CDs. > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null -- -- Shaul Karl <[EMAIL PROTECTED]> Donate free food to the world's hungry: see http://www.thehungersite.com
Re: sound blaster live
tried it, same messagesT_T Go to opensource.creative.com click on the link at the bottom for latest source snapshots download the newest tarbal and read the readme. This is far and away the best way to make a sblive work. -- Original Message -- From: "Wilson Fung" <[EMAIL PROTECTED]> Date: Fri, 01 Sep 2000 00:15:33 GMT >I have a sound blaster live value card, and guess what, I'm new to linux. I >downloaded the ALSA 0.59 driver, compiled it and when I modprobe it, it says >unresolved symbols in snd.o and emu10k1.o. Am I missing something? > >Wil > >_ >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > >Share information about yourself, create your own public profile at >http://profiles.msn.com. > > >-- >Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Re: Directory always defaults to /usr/bin
Kent, if the reason for your "default" directory is as Nate suggests, the next level of explanation is that, unless you take some action in the script at startup, it will use the current directory as its "default". As a first cut at "fixing" this, you can edit the 'startx' script in /usr/bin/X11 so the first line executed is 'cd $HOME', forcing the script and all applications it starts to use the user's home directory as the current one. Nate Amsden wrote: > > i've only had this happen when i ran 'startx' from somewhere other then > my home dir, in which case all x apps will default to the dir you ran > 'startx' in. > > nate > > Kent Pirkle wrote: > > > > I've noticed that all my applications will default to /usr/bin > > instead of the /home/kmp directory that they should default to. > > > > Netscape, Gnome-apps, virtually any application that opens an > > application to save or load something does this. > > > > Any ideas how I can change this? > > > > Thanks, > > > > Kent > > > > -- > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > -- > ::: > ICQ: 75132336 > http://www.aphroland.org/ > http://www.linuxpowered.net/ > [EMAIL PROTECTED] > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null -- Bob McGowan Staff Software Quality Engineer VERITAS Software [EMAIL PROTECTED]
Re: Directory always defaults to /usr/bin
On Thu, Aug 31, 2000 at 05:43:31PM -0700, Nate Amsden wrote: > i've only had this happen when i ran 'startx' from somewhere other then > my home dir, in which case all x apps will default to the dir you ran > 'startx' in. I double checked...I am starting X from my home directory.
[squadboy@mail.sisna.com: Re: sound blaster live]
If he's on kernel 2.4.x it's directly supported. That's how I did my SB Live. Though he did say he was pretty new so maybe a new kernel compile isn't something he wants to jump into. Bill - Forwarded message from Ray Percival <[EMAIL PROTECTED]> - Envelope-to: [EMAIL PROTECTED] X-Envelope-Sender: [EMAIL PROTECTED] Date: Thu, 31 Aug 2000 18:58:35 -0600 From: "Ray Percival" <[EMAIL PROTECTED]> Reply-To: <[EMAIL PROTECTED]> To: , "Wilson Fung" <[EMAIL PROTECTED]> Subject: Re: sound blaster live X-Mailer: Resent-Message-ID: <[EMAIL PROTECTED]> Resent-From: debian-user@lists.debian.org X-Mailing-List: archive/latest/105803 X-Loop: debian-user@lists.debian.org Precedence: list Resent-Sender: [EMAIL PROTECTED] Resent-Bcc: Resent-Date: Thu, 31 Aug 2000 20:05:05 -0500 Go to opensource.creative.com click on the link at the bottom for latest source snapshots download the newest tarbal and read the readme. This is far and away the best way to make a sblive work. -- Original Message -- From: "Wilson Fung" <[EMAIL PROTECTED]> Date: Fri, 01 Sep 2000 00:15:33 GMT >I have a sound blaster live value card, and guess what, I'm new to linux. I >downloaded the ALSA 0.59 driver, compiled it and when I modprobe it, it says >unresolved symbols in snd.o and emu10k1.o. Am I missing something? > >Wil > >_ >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > >Share information about yourself, create your own public profile at >http://profiles.msn.com. > > >-- >Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null - End forwarded message -
Re: sound blaster live
Go to opensource.creative.com click on the link at the bottom for latest source snapshots download the newest tarbal and read the readme. This is far and away the best way to make a sblive work. -- Original Message -- From: "Wilson Fung" <[EMAIL PROTECTED]> Date: Fri, 01 Sep 2000 00:15:33 GMT >I have a sound blaster live value card, and guess what, I'm new to linux. I >downloaded the ALSA 0.59 driver, compiled it and when I modprobe it, it says >unresolved symbols in snd.o and emu10k1.o. Am I missing something? > >Wil > >_ >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > >Share information about yourself, create your own public profile at >http://profiles.msn.com. > > >-- >Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > >
Re: mutt
Hello, I would suspect plugger as the problem. Looks like it overwrote netscape's mime entry for text/html or something strange like that. I've had problems with plugger in the past and ended up axing it. Tal On Thu, 31 Aug 2000 17:35:19 -0700, Dale L . Morris said: : Something overwrote my .mailcap file and I'm receiving the following : error message when I use netscape and clik on a text/html link: : : Netscape subprocess diagnostics (stdout/stderr) :ex/vi: Vi's standard input and output should be a terminal : : I don't know if this happened when I: : 1.) installed 'plugger' : 2.) upgraded to netscape 4.75 : 3.) ran install plugins from realplayer : : What do I need to add to my .mailcap file to get 'er back to normal? : : thanks : -- dale : : : -- : Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null : : -- | Tal Danzig | Join #libranet on the | | [EMAIL PROTECTED] | openprojects IRC network | | http://www.libranet.com| Tal Danzig | | The TOP Desktop! | [EMAIL PROTECTED]|
netscape 4.72 problems with gnome
All of a sudden Netscape Communicator 4.72 is taking a long time to 'start', and it seems to lock up all of gnome as well. After a few minutes the home page opens and everything else works. While Netscape is 'initializing' the mouse cursor moves, but anything on the desktop that I click on does not respond. I can switch to another vterm and kill netscape, at which point gnome becomes alive again. This behavior just started, I haven't upgraded anything for some time. (VIRUS?). Maybe I should un-install netscape and re-install 4.75. Mozilla (M15) works, but is about %50 slowler than netscape.
mkboot 'No such file or directory"
Title: mkboot 'No such file or directory" I am unable to successully execute "mkboot". I logged on as "root" and encounter the following problems. Case 1: "mkboot vmlinuz" - produces the following <><><><><><><><><><><><><><>><> robbie:/# mkboot vmlinuz Insert a floppy diskette into your boot drive, and press . Creating a lilo bootdisk... mkdir /tmp/boot687 mke2fs -q /dev/fd0 mke2fs 1.12, 9-Jul-98 for EXT2 FS 0.5b, 95/08/09 mount -t ext2 /dev/fd0 /tmp/boot687 cd /tmp/boot687 cp vmlinuz /boot/boot.b . cp: vmlinuz: No such file or directory set +e; cd /; umount /dev/fd0; rmdir /tmp/boot687 There was a problem creating the boot diskette. Please make sure that you inserted the diskette into the correct drive and that the diskette is not write-protected. Would you like to try again? (y/n) n <><><><><><><><><><><><><><>><> Example 2: "mkboot" produces the following <><><><><><><><><><><><><><>><> Error: Can't read /boot/vmlinuz. <><><><><><><><><><><><><><>><> The file permissions for vmlinuz are "lrwxrwxrwx" and the file "points" to boot/vmlinuz-2.2.12 the permissions for boot/vmlinuz-2.2.12 are " rwxr-xr-x ". It appears that it's something trivial, like an incorrect path etc. any help would be appreciated. Thanks dick robbie
Re: Directory always defaults to /usr/bin
i've only had this happen when i ran 'startx' from somewhere other then my home dir, in which case all x apps will default to the dir you ran 'startx' in. nate Kent Pirkle wrote: > > I've noticed that all my applications will default to /usr/bin > instead of the /home/kmp directory that they should default to. > > Netscape, Gnome-apps, virtually any application that opens an > application to save or load something does this. > > Any ideas how I can change this? > > Thanks, > > Kent > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null -- ::: ICQ: 75132336 http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED]
Directory always defaults to /usr/bin
I've noticed that all my applications will default to /usr/bin instead of the /home/kmp directory that they should default to. Netscape, Gnome-apps, virtually any application that opens an application to save or load something does this. Any ideas how I can change this? Thanks, Kent
mutt
Something overwrote my .mailcap file and I'm receiving the following error message when I use netscape and clik on a text/html link: Netscape subprocess diagnostics (stdout/stderr) ex/vi: Vi's standard input and output should be a terminal I don't know if this happened when I: 1.) installed 'plugger' 2.) upgraded to netscape 4.75 3.) ran install plugins from realplayer What do I need to add to my .mailcap file to get 'er back to normal? thanks -- dale
Re: What are the Essential Packages?
On Thu, Aug 31, 2000 at 03:35:28PM -0700, Joey Hess wrote: > > If you want to learn more, go to > > > > http://www.linuxfromscratch.org > > I don't understand what linuxfromscratch has to do with this. Isn't that > about doing without any distribution? Yes. Note that I said "If you want to learn *more*..." I stand by that. If one wants to learn MORE about the bare minimum needed to run Linux, then that is one way to go. I did give a additional suggestion that _entailed_ installing base and going on from there. No where did the poster indicate he didn't know how to begin an install. > Whereas I have even less compassion for people who flame others without > reading what they wrote. :-P If the shoe fits... -- Bob Bernstein at Esmond, R.I., USA
sound blaster live
I have a sound blaster live value card, and guess what, I'm new to linux. I downloaded the ALSA 0.59 driver, compiled it and when I modprobe it, it says unresolved symbols in snd.o and emu10k1.o. Am I missing something? Wil _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Re: samba problems (rather Access programmers)
> I have a friend who wants to get rid of NT and change to linux+Samba but > we have "minor" problems. The first is : the stupid Access programers > coded the path into code statically. So the program search the dbm files > at \\SERVER\\ACCDOC and more he has to "map" the "network drive" under E: > . But the ACCDOC is under a folder SOLTSYS. So the structure is > Soltsys\accdoc . Here comes the problem. The Soltsys at server has to be > seen as P: . Summarize : \\SERVER\SOLTSYS has to be mapped as P: and > \\SERVER\SOLTSYS\ACCDOC has to be mapped as E: . The rules from our > smb.conf are included. Please help me set up the directory structure and > shares that the users can access the dirs with right "mapped drivers". > Any help appriciated. > Thanks, > Ago With... [SOLTSYS] comment = Soltsys path = /home/soltsys public = yes writeable = yes printable = no write list = @users create mask = 0765 [ACCDOC] comment = Soltsys path = /home/soltsys/accdoc public = yes writeable = yes printable = no write list = @users create mask = 0765 you get two shares in the guindoz browser; just map them to the letter you'd like. HTH Christoph Simon [EMAIL PROTECTED] -- ^X^C q quit :q ^C end x exit ZZ ^D ? help shit .
Re: finding tarbal on fat partition [yet another data recovery problem]
- - David Wroght, > Quoting hawk (hawk@fac13.ds.psu.edu): The original partition table was: Primary1 Primary2 Primary3 Extended EXT2 FAT0 UFS FAT1 FAT2 Spare That is, there was plenty of unused space in the extended partition. However, FreeBSD can't handle these, so I needed a primary partition large enough to take the tarball. All of my primaries were taken, so I deleted the extended partition, knowing that I could recreate it later. The new table became Primary1 Primary2 Primary3 Empty Primary 4 EXT2 FAT0 UFS (FAT1 FAT 2) FAT 4 > Are we to assume that you deleted the extended partition because > you already had three primary partitions before it in the table? Yes. In hindsight, it would have made more sense to delete 2 and use that entry where I created FAT4, or to have untarred in linux while FAT4 was still a primary, but it had been a very long day fighting with the machine, and I wasn't thinking that clearly any more. > What, FAT1 FAT2 and FAT4. Are we to guess that you've tried to put > all three in the new extended partition? Yes. I'd learned in the past when DR-DOS shifted my partition table (1-2-3 become 2-3-4, 4 gets lost. I've seen this about 3 times from DR-DOS fdisk on at least two different machines) that you can recreate the extended partion and recover your logicals. It didn't occur to me that I couldn't make the primary a logical . . . > I take it the two former *logical* partitions survived, and that the > singular partition with the backup did not. And that you redeleted > the extended partition before you tried to recreate FAT4 as a > primary partition. Yes. I deleted FAT4, then gave the area from FAT1, FAT2, and FAT4 to the extended, and recreated all three on their former cylinder boundaries. > I think you have trampled on the start of your FAT4 partition if > and when you tried to make it a logical partition. Each and every > logical partition has an extended partition table at its start, so > you should have left a gap before FAT4 when you first created it. this makes sense, and is consistent with the error messages. > (This might have allowed you to recreate FAT4 as a primary partition, > though I have no idea whether it would help in changing it into a > logical partition.) > You might as well try. I don't think you can recover the partition > because (I would imagine, I haven't done the arithmetic) both FATs > have probably been overwritten by the extended partition table. --
Re: finding tarbal on fat partition [yet another data recovery problem]
Quoting hawk (hawk@fac13.ds.psu.edu): > > *sigh* I've found more ways to lose data . . . > > This time, I needed to switch a system from FreeBSD to Debian. I wrote > down the cylinder information for my two fat partitions in the extended > partition, deleted the extended partition, and created a new fat > partition as partition 4 after them. Are we to assume that you deleted the extended partition because you already had three primary partitions before it in the table? i.e. Primary1 Primary2 Primary3 Extended Spare FAT1 FAT2 to Primary1 Primary2 Primary3FAT4 Otherwise why did you bother to delete the extended partition? > I tarred /home and /etc separately and without compression to this new > partitiion. These are the only two files that have ever been in that > partition. > > I then installed debian where FreeBSD used to be, deleted partition 4, > created the extended partition again, and used the cylinder information > to recreate the three fat partitions. What, FAT1 FAT2 and FAT4. Are we to guess that you've tried to put all three in the new extended partition? > The two former extended partitions survived. The partitions with the > backup did not, and I can't mount it. I've tried recreating it as a > primary, but still no dice. I take it the two former *logical* partitions survived, and that the singular partition with the backup did not. And that you redeleted the extended partition before you tried to recreate FAT4 as a primary partition. I think you have trampled on the start of your FAT4 partition if and when you tried to make it a logical partition. Each and every logical partition has an extended partition table at its start, so you should have left a gap before FAT4 when you first created it. (This might have allowed you to recreate FAT4 as a primary partition, though I have no idea whether it would help in changing it into a logical partition.) > I don't really need to recover the partition (though this would be > easiest if it's possible). I just need those tarballs (actually, just > the first) back. > > Is my best bet going to be to feed the output of dd to tar? Or is > there a better way to do this? You might as well try. I don't think you can recover the partition because (I would imagine, I haven't done the arithmetic) both FATs have probably been overwritten by the extended partition table. If this is a complete load of rubbish, could you *start* your next posting with an explanation of your partition table before you commenced. I've been engaged in a four-day conversation on another list with someone having trouble setting up W98, Mandrake and Boot Magic, and I *still* haven't seen his partition table:- PARTITION TABLES AREN'T CLASSIFIED INFORMATION! Cheers, -- Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA Disclaimer: These addresses are only for reaching me, and do not signify official stationery. Views expressed here are either my own or plagiarised.
samba problems (rather Access programmers)
Hello ! I have a friend who wants to get rid of NT and change to linux+Samba but we have "minor" problems. The first is : the stupid Access programers coded the path into code statically. So the program search the dbm files at \\SERVER\\ACCDOC and more he has to "map" the "network drive" under E: . But the ACCDOC is under a folder SOLTSYS. So the structure is Soltsys\accdoc . Here comes the problem. The Soltsys at server has to be seen as P: . Summarize : \\SERVER\SOLTSYS has to be mapped as P: and \\SERVER\SOLTSYS\ACCDOC has to be mapped as E: . The rules from our smb.conf are included. Please help me set up the directory structure and shares that the users can access the dirs with right "mapped drivers". Any help appriciated. Thanks, Ago [global] netbios name = SERVER workgroup = SOLTESZ server string = SERVER browseable = yes hosts allow = 192.168.1. 127. log file = /var/log/smb.% max log size = 150 security = user encrypt passwords = yes smb password file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n \ *passwd:*all*authentication*tokens*updated*successfully* include = /etc/samba/smb.conf.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.1.100/255.255.255.0 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U name resolve order = wins lmhosts bcast wins support = yes dns proxy = yes [homes] comment = Home Directories browseable = no writeable = yes [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = yes writeable = no share modes = no [Profiles] path= /home/profiles browseable = no guest ok = yes [public] comment = Soltsys path = /home/soltsys public = yes writeable = yes printable = no write list = @users create mask = 0765 -- Irish Linux Users' Group: [EMAIL PROTECTED] http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information. List maintainer: [EMAIL PROTECTED]
Re: What are the Essential Packages?
Bob Bernstein wrote: > On Thu, Aug 31, 2000 at 07:27:55AM -0700, Tech Support Guy wrote: > > > I'd like to install Debian 2.2, but I'm having trouble > > figuring out which packages to download. > > Safe route for you is to use a basic workstation configuration and go from > there. Let Debian pick packages for you first few times around. You may > think you don't need certain packages but my guess is you aren't yet in a > position to make that judgement. If you were you wouldn't be asking this > question. > > If you want to learn more, go to > > http://www.linuxfromscratch.org I don't understand what linuxfromscratch has to do with this. Isn't that about doing without any distribution? The poster merely needs to read the debian install guide, and download the boot disk, root disk, and base system disks/tarball. This will give you a functioning system in about 60mb; you can then download whatever else you need on the fly with apt. > > I noticed > > that I won't be using many of the packages that come > > with the distribution, and don't want to waste time > > downloading them or, worse, downloading and burning a > > CD image. > > Somehow I find it hard to summon up much compassion for people who don't > want to "waste time" learning about Linux! Whereas I have even less compassion for people who flame others without reading what they wrote. :-P -- see shy jo
Re: easy numlock question
On Wed, Aug 30, 2000 at 09:29:43PM -0400, Mark Simos wrote: > well, leaving it in the rc2.d directory as per the initial suggestion, > it ain't running > at boot time . i am a little new to *nix, so bear with me :) > > the file is as follows: > -rwxr-xr-x1 rootroot 82 Aug 29 18:27 s20setleds It has to be S20setleds. FYI: all scripts with a "S" will be started with "start" as an argument when your system enters a runlevel. all scripts that start with a "K" are executed with "stop" when your system goes to a lower runlevel. > > i did notice that the rest of the entries in the dir are links > (symbolic i guess) > The correct way is save it as /etc/init.d/setleds a run "update-rc.d setleds start 20 2 ." like some people corrected me. regards, -- Staf Wagemakers email : [EMAIL PROTECTED] homepage : http://www.digibel.org/~staf
Re: LI after Install
On Thu, Aug 31, 2000 at 11:47:25AM +0900, Jack Morgan wrote: > I installed debian on a new HDD and after installing the base I get LI at > boot time? Any suggestions as to what I did wrong? I guess your kernel is below the 1024 limit... The easiest way to avoid these problems is to created a small /boot partition at the beginning of your hd at the installation. Since you've installed the base already, you could try to boot with the Debian rescue floppy ( type rescue=/dev/your_root_partition at the boot prompt ) and rerun lilo with the "-L" option. -- Staf Wagemakers email : [EMAIL PROTECTED] homepage : http://www.digibel.org/~staf
problems with NIS/netgroups in potato
Today I upgraded a server from slink to potato - it's an internal testing/intranet server. The upgrade went fairly well, but even though I had done extensive tests on other servers first, I still came up against problems. The immediate problem on completing the upgrade of most packages was that users were unable to log in via ssh using password authentication. I thought this might be due to the new version of ssh, but later, users accessing fileshares via Appletalk were unable to authenticate either. After a while, I realised the problem was down to NIS in some way. I have one server (running slink currently) which has a central password database shared via NIS (it does use shadow passwords). I also have a netgroup specified, which contains users that are allowed to use the intranet server. Previously, the intranet server was set up as an NIS client, with the following line in /etc/passwd [EMAIL PROTECTED]:: (similarly in /etc/shadow) This allowed everyone in the intra group to be authenticated. Somehow.. the various upgrades to libc/nis etc in potato has broken this. I can still 'ypcat netgroup' and see the list of users, but all attempts at logins via ssh or any other means resulted in: Aug 31 21:07:39 devon sshd[9063]: Failed password for xx I solved the problem by explicitly naming each user in the password files e.g. +username:: Can anyone tell me if this problem can be fixed, or can I assume it will be fixed when I upgrade my NIS master server to potato? Thanks -- Dafydd Tomos
Re: OT: new video card darker than old
13:28:47<~>$ apt-cache search perch 13:28:56<~>$ -chris > now getting ready to perch, > > bentley taylor > (potato on 2.2.16)
finding tarbal on fat partition [yet another data recovery problem]
*sigh* I've found more ways to lose data . . . This time, I needed to switch a system from FreeBSD to Debian. I wrote down the cylinder information for my two fat partitions in the extended partition, deleted the extended partition, and created a new fat partition as partition 4 after them. I tarred /home and /etc separately and without compression to this new partitiion. These are the only two files that have ever been in that partition. I then installed debian where FreeBSD used to be, deleted partition 4, created the extended partition again, and used the cylinder information to recreate the three fat partitions. The two former extended partitions survived. The partitions with the backup did not, and I can't mount it. I've tried recreating it as a primary, but still no dice. I don't really need to recover the partition (though this would be easiest if it's possible). I just need those tarballs (actually, just the first) back. Is my best bet going to be to feed the output of dd to tar? Or is there a better way to do this? hawk, master of damaging partitions --
Re: OT: new video card darker than old
...same here. (i just thought it was something funny about netscape, which is where i noticed it.) i wonder what gives? now getting ready to perch, bentley taylor (potato on 2.2.16) // Krzys Majewski wrote: > [snip] > my ATI Xpert 98 makes X seem a bit darker > than ... [snip] > -chris > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
Re: debian-user-digest Digest V100 #586
I use "adduser user group" to add users to a particular group. Then, I use "groups" to lists which users are in which groups. Just another way to do it! Scott Quoting Preben Randhol ([EMAIL PROTECTED]): > "Paul D. Smith" <[EMAIL PROTECTED]> wrote on 31/08/2000 (17:08) : > > > > Add yourself (and any other users you want to have access) to the > > "audio" group. Note that anyone in the "audio" group has rw access to > > these devices. This goes for other device access as well. > Odd I must have done something else wrong as it didn't work when I tried > it the first time, but now it does. Thanks. You only pick up your groups when you login.
Re: Can't mount '/' after kernel recompilation
only thing i can think of is you installed the incorrect driver for that controller, on boot you should see the drive being detected by the HPT366 controller.(i used to have a bp6) can you confirm that the drive is indeed being detected. Should show something similar to: May 6 09:12:38 aphro kernel: HPT366: onboard version of chipset, pin1=1 pin2=2 May 6 09:12:38 aphro kernel: HPT366: IDE controller on PCI bus 00 dev 98 May 6 09:12:38 aphro kernel: HPT366: not 100% native mode: will probe irqs later May 6 09:12:38 aphro kernel: ide0: BM-DMA at 0xb400-0xb407, BIOS settings: hda:DMA, hdb:pio May 6 09:12:38 aphro kernel: HPT366: IDE controller on PCI bus 00 dev 99 May 6 09:12:38 aphro kernel: HPT366: not 100% native mode: will probe irqs later May 6 09:12:38 aphro kernel: ide1: BM-DMA at 0xc000-0xc007, BIOS settings: hdc:pio, hdd:pio May 6 09:12:38 aphro kernel: hda: IBM-DJNA-371800, ATA DISK drive May 6 09:12:38 aphro kernel: ide0 at 0xac00-0xac07,0xb002 on irq 18 May 6 09:12:38 aphro kernel: hda: IBM-DJNA-371800, 17206MB w/1966kB Cache, CHS=34960/16/63, UDMA(66) nate Wilson Yau wrote: > > > > > do you have the filesystem of your '/' build statically into the > > kernel? > > Yes. > > > do you have the support for your hd build statically into the kernel? > > Yes. > > Any clue? > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null -- ::: ICQ: 75132336 http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED]
RE: potato-update and symbolic links in /etc
Dear Mr. Bouwman: You wrote: > During my slink-life I have developed the habit > to make symbolic links of all those configuration files in /etc > and its subdirectories that I have changed myself. > The real files are in /local/etc . > This system has advantages and drawbacks. > The big question now is what happens to this structure when > during the update to potato some of these symlinked configuration > files have to be updated as well ? I presume your symlinks get moved to foo.rc.dpkg-old, and the new file is installed as foo.rc (unless the package does something fancy in the way of parsing and propagating mods). Not too dreadful, but, IMHO, suboptimal. I've found RCS to be the answer. It allows me to keep all my back versions easily accessible, yet completely out of dpkg's way---no changes it makes touch my backup info, but the files are exactly how and where it expects. Anytime I want to know what I've done, I ask for the differences between the last release version (that I used) and the current. To know what dpkg is proposing, toss foo.rc.dpkg-new into the RCS archive, and compare *that* against the last-used release version, and decide whether it's easier to re-do the mods, or blow off the new version. It even keeps track of when and (if I write log entries) why I made the changes. (To top it off, if you use the One True Editor <*cough*>emacs it's effectively painless. :-) To adopt this mechanism, just: # mkdir RCS # ci -l foo.rc # ci -l foo.rc # For the full effect, read up on the commands ci, co, rcsdiff, and rlog. You could even put the RCS storage into effect with your current files, replacing the symlinks, and _then_ upgrade. Best wishes, Max Hyre
OT: new video card darker than old
OK now this is _really_ off-topic: my ATI Xpert 98 makes X seem a bit darker than my old mach32 card. It's also a different X server. It's not a big deal really, but I'm curious if this is normal. -chris
Is monitor flicker a function of video card or monitor?
Can I take advantage of a new video card to reduce the flicker I see in X Windows, or is this strictly a function of the monitor? I copied the modelines from my old machine to my new machine and they work fine, but I'm wondering if I can do better. My new machine has an agp ATI Xpert98 (mach64) video card, as opposed to the (vlb?) Mach32 (Graphics ultra pro or something like this) card on my old 486. Same old "Enhanced VGA" monitor though. I have no docs on the monitor. Any pointers to rtfm on the meaning of things like "hsync" and "vsync" and "dot clock" also appreciated. Here's the relevant stuff from /etc/XF86Config: Section "Monitor" Identifier "Primary Monitor" VendorName "Magnavox" # I typed this in ModelName "CM2015D1" # I typed this in HorizSync 31.5 - 53 VertRefresh 50-90 Modeline "1024x768c" 65.01024 1036 1180 1304 768 771 777 802 -hsync -vsync EndSection Section "Device" Identifier "Primary Card" VendorName "Unknown" BoardName "ATI Xpert 98" Chipset "mach64" VideoRam8192 EndSection Section "Screen" Driver "Accel" Device "Primary Card" Monitor "Primary Monitor" DefaultColorDepth 16 SubSection "Display" Depth16 Modes"1024x768c" EndSubSection EndSection -chris
Re: cable connection stopped working
Yeah, apparently some of the modems memorize the hardware address of the ethernet card, so if you change the card, you have to turn off the modem for a few minutes. -chris On Wed, 30 Aug 2000, Michael Smith wrote: > BTW, I've hooked up several boxen to @home, and sometimes the "modem" needs > to be > turned off. That's my big troubleshooting step if I can't ping the outside. > > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
Re: Tape backup tool ?
On Thu, Aug 31, 2000 at 07:43:17PM +0200, Oliver Schoenknecht wrote: > Hello everyone, > > just wanted to ask if you know any good backup programs for KDE / > Gnome that do it with my Tandberg SLR5-SCSI-streamer... I heard of > taper which is more or less a console-driven tool but am also > searching for a graphical frontend like Backup Exec and ArcServe on > Win$... Any ideas ? tar -- Karsten M. Self http://www.netcom.com/~kmself Evangelist, Opensales, Inc.http://www.opensales.org What part of "Gestalt" don't you understand? Debian GNU/Linux rocks! http://gestalt-system.sourceforge.net/K5: http://www.kuro5hin.org GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0 pgpvMIa7bBRqx.pgp Description: PGP signature
Re: Sed replace and add a line
"Christopher W. Aiken" wrote: > > On Thu, Aug 31, 2000 at 12:13:33PM +, Jaume Teixi wrote: > -|I'm trying to use sed to search pattern 228 and add a line as follows: > -| > -|288 > -|229 > -| > -|I type: > -|sed /s/228/'\n 229`/ My copy of sed complains when I type in the pattern you have supplied. The leading slash is "extra" and you have one each of a single quote and a backquote. So I'm assuming you wanted to use the substitute instruction to somehow "replace" 228 with 228229. Try this: $ sed 's/228/228 > 229/' ... The newline you type between the 228 and 229 is "embedded" in the pattern, because of the single quotes surrounding the substitute instruction. Also you must include 228 in the replacement part of the substitute to get it back. There are ways to tell sed to insert/append lines that will work also: $ sed '/228/a\ > 229' ... The initial /228/ is used as an address to locate the line to append after. Each line to insert/append (there can be more than one) must end in a backslash, EXCEPT for the last line. The 'a' appends after the current line, the 'i' inserts before the current line. > > Try changing the "\n" to a "Ctrl-V Ctrl-M" > This will not produce the desired appearance. Control-M is a carriage return. The result (once the substitute is fixed: s/228/228^M229/) is to print the 228, a return (minus the linefeed), then 229, which results in overprinting the 228. -- Bob McGowan Staff Software Quality Engineer VERITAS Software [EMAIL PROTECTED]
Re: join us!
"Kurt Seifried" wrote: ... >Problem: user can enter Lilo commands at the Lilo prompt ... >Additional solution: remove/replace password in lilo.conf after setting it >(i.e. set password, run lilo, remove password). You may not have noticed mbr: bash-2.04$ dpkg --status mbr Package: mbr Status: install ok installed Priority: required Section: base Installed-Size: 42 Maintainer: Santiago Vila <[EMAIL PROTECTED]> Version: 1.1.2-1 Description: Master Boot Record for IBM-PC compatible computers. This is used in booting Linux from the hard disk. The MBR runs first, then transfers control to LILO, which transfers control to the Linux kernel. As far as I can see, install-mbr can be used to second-guess the BIOS on available boot devices, and by default allows one to boot from floppy even if the BIOS has floppy-booting disabled (or after the hard disk). You get the mbr prompt if you press Ctrl too early when waiting for the lilo prompt. If you are making a big thing of security against those with physical access, you need to mention this package, which is required and is silently installed in a Debian installation. (It exists because the standard pc MBR is a non-free Microsoft product.) -- Oliver Elphick[EMAIL PROTECTED] Isle of Wight http://www.lfix.co.uk/oliver PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47 GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C " ...Take heed, and beware of covetousness; for a man's life consisteth not in the abundance of the things which he possesseth." Luke 12:15
RE: Config'ing new 3Com NIC
> What exactly do I need to put into /etc/network/interfaces for this NIC > to have it go up at boot-time? > (Will be using DHCP for a cable modem connection on the NIC :) if you look in /etc/network/interfaces, it points you to related man pages with examples.
RE: potato-update and symbolic links in /etc
On 31-Aug-2000 Egbert Bouwman wrote: > During my slink-life I have developped the habit > to make symbolic links of all those configuration files in /etc > and its subdirectories that I have changed myself. > The real files are in /local/etc . > This system has advantages and drawbacks. > The big question now is what happens to this structure when > during the update to potato some of these symlinked configuration > files have to be updated as well ? > egbert whenever you change a config file, dpkg knows it. This is accomplished thru md5sums. When you update a package with changed conffile(s), dpkg will ask you do you want to: keep your file take the new one show the difference with diff send this to background and do something on my own If you choose to take the new file, the old file will be written to foo.dpkg-old. If you choose to keep your file, the new one will be written to foo.dpkg-dist.
RE: potato update question
apt-cdrom add does all the work for you. And you must add each cd rom.
Config'ing new 3Com NIC
Hello I got a new NIC for my system! It's a 3Com Etherlink XL PCI 3C900B-TPO. Apparently, dmesg reports nothing about it when rebooting: pcnet32.c: PCI bios is present, checking for devices... Found PCnet/PCI at 0xffe0, irq 10. eth0: PCnet/PCI 79C970 at 0xffe0, 08 00 09 9e 73 2e assigned IRQ 10. pcnet32.c:v1.25kf 26.9.1999 [EMAIL PROTECTED] That's only my primary NIC I've been using all the time so far. Has anyone got the same NIC working on his system? Which things do I need to enable / which drivers need compiling into the kernel? What exactly do I need to put into /etc/network/interfaces for this NIC to have it go up at boot-time? (Will be using DHCP for a cable modem connection on the NIC :) Cheers Sven -- I can't be wrong, my modem's got error-correction.
Re: GMT to Normal Time
"michael d. ivey" wrote: >On Thu, Aug 31, 2000 at 04:51:31AM -0500, Paul T.McNally wrote: >> Is there anyway I can get my clock to reflect the time I live in? > >use the TZ environment variable to specify the time zone for the apps that >need to know local time. Use tzconfig to set the default for all users. -- Oliver Elphick[EMAIL PROTECTED] Isle of Wight http://www.lfix.co.uk/oliver PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47 GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C " ...Take heed, and beware of covetousness; for a man's life consisteth not in the abundance of the things which he possesseth." Luke 12:15
Re: join us!
On Thu, Aug 31, 2000 at 10:03:59AM -0600, Kurt Seifried wrote: > So did you fix the root hack in pre10, the DOS in rc1, or the typo in the > install script? Oh yeah, I gotta read the changelog to find out, > wheep. Well, you're going to have to read it somewhere, yes? And now you know where! > As for Apache, 1.3.12 has been out 6+ months, freezing software and > using a version much older doesn't make much sense to me What does that mean, "doesn't make much sense to me?" I have just read through this whole thread and in it are two very good explanations of why this is done here, and many many other places, as noted, all over the industry. I can't help but think what a review of OpenBSD by you would look like! I would like to see you take on Theo for insisting (still) on bind4, not 8! But his reasoning is exactly what's been described here! Sure, you can install bind8 if you wish on obsd - there's a package for it - but just try to tell them it's bind8 that belongs in the distro. Whoosshhh. > Yup. And for gods sake, document it somehwere that you need to read the > changelogs. I've actually gotten several emails from smart Linux people > (i.e. people that also write/manage online Linux related publications) Oh, you mean "Linux journalists?" Hmmm... You were looking much better when you just admitted that you didn't do your homework; continuing this attack is getting very old. Changelogs are standard components of the apparatus that comprises how software is distributed, not just in Linux but all over the industry. Why do you think those files are there? Insisting that you should be informed that they ought to be actually *read* is like asking someone to remind you to be careful when you fire up your chainsaw. > I am not going to sit down and read /usr/doc/* just on a whim, neither are > most users or even people trying to do a review On a "whim?" I gotta tell you Kurt, you are all over the court, and you are not doing yourself any favors by persisting in this. Only your best friends will tell you: chill out; get some sleep; and stop reacting all over the place. Do yourself a favor and stay off these lists for a few days. Your ego is getting in your way. Come back when your head clears. -- Bob Bernstein at Esmond, R.I., USA
Tape backup tool ?
Hello everyone, just wanted to ask if you know any good backup programs for KDE / Gnome that do it with my Tandberg SLR5-SCSI-streamer... I heard of taper which is more or less a console-driven tool but am also searching for a graphical frontend like Backup Exec and ArcServe on Win$... Any ideas ? Thanks a lot for your help, Oliver -- Mit freundlichem Gruss [EMAIL PROTECTED] Oliver Schoenknecht Join us at http://www.kapa.de KOSTENLOS! Online-Auktion bei KAPA! Teilnahme unter: http://www.flohmarkt.kapa.de
Re: filtering out ads
On Thu, Aug 31, 2000 at 12:24:37PM -0400, hawk wrote: > > > Thanks to both for my banner-free browsing. > > > GAT - Gif Animation Toggle - is another great browsing plus. > > Is there one of these for linux, or do you mean as a browser feature? > so far, the only way I've encountered on linux is to edit the > executable to change the name of the string that causes animation to > something that will never be encountered. GAT is a binary which does this edit for you. It toggles the state of the string. I found it after reading through the Junkbuster FAQ, which mentions animated gifs. I've used it on several versions of Netscape Navigator, and even Mozilla, though you have to run it on the gif object file, not the Mozilla binary itself. In Mozilla it affects *all* animated gifs, including several associated with the application GUI itself (load bar, logo/lizard animation, etc.). The hand edit is the equivalent. -- Karsten M. Self http://www.netcom.com/~kmself Evangelist, Opensales, Inc.http://www.opensales.org What part of "Gestalt" don't you understand? Debian GNU/Linux rocks! http://gestalt-system.sourceforge.net/K5: http://www.kuro5hin.org GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0 pgpdAdbvnc3LC.pgp Description: PGP signature
repartitioning hard disk
Le jeu, 31 aoû 2000 21:05:39 stefan goemana écrit : > Hello, Hi ! > 2) I plan to cut the drive in 2 parts with fips. The filesystem on the > second partition is also FAT32 or will > it be FAT16? You will create unused disk space with fips, then you'll have to use fdisk or similar to create a partition into that space. So you'll be able to partition it as you want. > 3) Now my drive letters are >C: hard disk >D: CD-ROM >E: zip-drive > If I reboot and Win98 starts (I hope) what will happen with these drive > letters? (P.S.: I have not changed the 2nd partition to ext2) Since there won't be any partitions created, the drive letters won't change... If you create a new FAT partition, it will take the D letter and move the other two devices (cdrom + zip) to E and F Hope that helps Florian
repartitioning hard disk
Hello, I want to install linux on my PC at home. Now, I run Win98 2nd Ed. on a FAT32 filesystem. I only have one big partion (i.e. the C drive). I want to create more partitions in a "safe" manner and I am not sure how to do this. I also don't want to buy Partition Magic so I was thinking of using the fips tool (anybody tried this?). I have some small questions. 1) First I should defragment the C-drive (under Win98) to get everything in the beginning of the disk. I have read something about files that can not be removed. How do I find out that I do not have such files at the end of the disk and what can I do about it? 2) I plan to cut the drive in 2 parts with fips. The filesystem on the second partition is also FAT32 or will it be FAT16? Can I simply use fdisk (from linux) to change this fs to ext2 and then create more linux partitions from this drive? 3) Now my drive letters are C: hard disk D: CD-ROM E: zip-drive If I reboot and Win98 starts (I hope) what will happen with these drive letters? (P.S.: I have not changed the 2nd partition to ext2) Greetings, Stefan. * SIEMENS ATEA NV * * * * ICN D NC A: * *Ir. Stefan Goeman * *Tel: +32 14 253020* *e-mail: [EMAIL PROTECTED] * * * * P.S.: Linux is great!! *
Re: join us!
Paul D. Smith writes: > What kinds of problems are you seeing? I find the Web interface (the only one available to me as a section adminstrator) just about completely unusable for editing. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI
Re: What are the Essential Packages?
On Thu, Aug 31, 2000 at 07:27:55AM -0700, Tech Support Guy wrote: > I'd like to install Debian 2.2, but I'm having trouble > figuring out which packages to download. Safe route for you is to use a basic workstation configuration and go from there. Let Debian pick packages for you first few times around. You may think you don't need certain packages but my guess is you aren't yet in a position to make that judgement. If you were you wouldn't be asking this question. If you want to learn more, go to http://www.linuxfromscratch.org > I noticed > that I won't be using many of the packages that come > with the distribution, and don't want to waste time > downloading them or, worse, downloading and burning a > CD image. Somehow I find it hard to summon up much compassion for people who don't want to "waste time" learning about Linux! -- Bob Bernstein at Esmond, R.I., USA
Re: join us!
> OK, 2 to 5 minutes downtime to disable. Big Whoop. Maybe should be > done. But, have you ever tried to administer 200 computers? How many > people know the BIOS password? Do the primary users know it? Can they > reboot their own machine? Does an administrator have to visit every > machine every time it needs to be rebooted? Do you write down lists > of 200 passwords? I never said it was a great solution, but due to the crapulent management nature of PC hardware there isn't much choice. Deal with it. Set bios passwords, and yes, I guess you need to write them down. If a machine needs to boot from removable media then chances are you need atech to visit and fix it. Of course there are large lists of default BIOS passwords floating around to :P. You can't exactly blame me for something the PC industry decided to do years ago. > This is actually one of only two reasonable points in the discussion. > The other point was that better documentation is needed. Better documentaiton is ALWAYS needed, I should know, I spend a lot of time writing Linux security documentaiton and publishing it online for free, as far as I know I'm the only game in town (with a minor exception being a redhat install/security guide in PDF, url escapes me at the moment). http://www.securityportal.com/lskb/ > I take it then that you have now retracted the version-itis > (use the latest version no matter how many new holes may have been > introduced) argument. I see no mention of the "I didn't install > MD5 because I can't read recommendations during the setup process", so, > are we down to nothing but the LILO setup? (And the need for more > documentation?) Actually no, I am still annoyed with debian's versioning (lack of) and making major software changes without really changing version numbers. My point on MD5/crypt is crypt is the default, and most users would read the text and be scared off of MD5. Red Hat for example makes MD5 and shadow the default, you have to go choose them and disable them if you do not want them (meaning most redhat users install with shadow and md5). -Kurt
Re: join us!
On Thu, Aug 31, 2000 at 10:26:20AM -0600, Kurt Seifried wrote: > BTW Idon't know if anyone actually "got it" but the point of my article was > more that Debian is trying to improve security, but seems to be missing > major things. I suppose I should have stated this more obviously (like in H1 > at the top). Sigh, anyways for next time I will be less subtle. Bruce > Schneier's new book (secret's and lies) covers this too, people view > security as a number of small unrelated problems, when in fact you have to > treat it as an entire, complex, system. For example: Protecting boot up: > > Problem: User can boot off off removable media > Solution: Change BIOS settings, Debian can't really do this, however they > may wish to document it. I have at: > http://www.securityportal.com/lskb/1000/kben1001.html OK, 2 to 5 minutes downtime to disable. Big Whoop. Maybe should be done. But, have you ever tried to administer 200 computers? How many people know the BIOS password? Do the primary users know it? Can they reboot their own machine? Does an administrator have to visit every machine every time it needs to be rebooted? Do you write down lists of 200 passwords? > > Problem: user can enter Lilo commands at the Lilo prompt > Debian's solution (partial): install sulogin, thus requiring user to enter a > root password for runlevel 1, this still allows the user to enter command > arguments however. > Real solution: use "restricted" and "password", set lilo.conf mode 600, now > the user must get root to read file or some other exploit to read file (then > they could read /etc/shadow, or whatever as well). > Additional solution: remove/replace password in lilo.conf after setting it > (i.e. set password, run lilo, remove password). > > Problem: users with physical access can compromise security. > Yes but there is a big difference between hitting ctrl-alt-del, tryping > "Linux init=/bin/sh" then making them bring a boot disk, or if you locked > the BIOS down stealing the machine/etc. I love visiting computers labs with > Linux machines, I have yet to find one where lilo was restricted/password > protected yet, many use sulogin, but that doesn't work so well. > This is actually one of only two reasonable points in the discussion. The other point was that better documentation is needed. > As you can see booting the computer (even looking at it in pure overview > terms) is quite complex and there are many interactions (i.e. OS security is > pointless if the attacker has a boot disk and can use it). However with a > few simple steps you can plug all the holes possible short of sending a > debian representitive to the persons house/business to install debian > securely for them. The effort put into sulogin would have been better placed > in making the install script go "would you like to protect boot up > blahblahblah Y/n:" followed by "set a lilo password:". As I pointed out to > one person using sulogin and not securing Lilo is like putting a nice > expensive dead bolt lock on a screen door. > I take it then that you have now retracted the version-itis (use the latest version no matter how many new holes may have been introduced) argument. I see no mention of the "I didn't install MD5 because I can't read recommendations during the setup process", so, are we down to nothing but the LILO setup? (And the need for more documentation?) > Kurt Seifried > SecurityPortal, your focal point for security on the net > http://www.securityportal.com/ > > > > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
Re: join us!
BTW Idon't know if anyone actually "got it" but the point of my article was more that Debian is trying to improve security, but seems to be missing major things. I suppose I should have stated this more obviously (like in H1 at the top). Sigh, anyways for next time I will be less subtle. Bruce Schneier's new book (secret's and lies) covers this too, people view security as a number of small unrelated problems, when in fact you have to treat it as an entire, complex, system. For example: Protecting boot up: Problem: User can boot off off removable media Solution: Change BIOS settings, Debian can't really do this, however they may wish to document it. I have at: http://www.securityportal.com/lskb/1000/kben1001.html Problem: user can enter Lilo commands at the Lilo prompt Debian's solution (partial): install sulogin, thus requiring user to enter a root password for runlevel 1, this still allows the user to enter command arguments however. Real solution: use "restricted" and "password", set lilo.conf mode 600, now the user must get root to read file or some other exploit to read file (then they could read /etc/shadow, or whatever as well). Additional solution: remove/replace password in lilo.conf after setting it (i.e. set password, run lilo, remove password). Problem: users with physical access can compromise security. Yes but there is a big difference between hitting ctrl-alt-del, tryping "Linux init=/bin/sh" then making them bring a boot disk, or if you locked the BIOS down stealing the machine/etc. I love visiting computers labs with Linux machines, I have yet to find one where lilo was restricted/password protected yet, many use sulogin, but that doesn't work so well. As you can see booting the computer (even looking at it in pure overview terms) is quite complex and there are many interactions (i.e. OS security is pointless if the attacker has a boot disk and can use it). However with a few simple steps you can plug all the holes possible short of sending a debian representitive to the persons house/business to install debian securely for them. The effort put into sulogin would have been better placed in making the install script go "would you like to protect boot up blahblahblah Y/n:" followed by "set a lilo password:". As I pointed out to one person using sulogin and not securing Lilo is like putting a nice expensive dead bolt lock on a screen door. Kurt Seifried SecurityPortal, your focal point for security on the net http://www.securityportal.com/
Re: filtering out ads
> Thanks to both for my banner-free browsing. > GAT - Gif Animation Toggle - is another great browsing plus. Is there one of these for linux, or do you mean as a browser feature? so far, the only way I've encountered on linux is to edit the executable to change the name of the string that causes animation to something that will never be encountered. hawk --
Re: join us!
On Thu, Aug 31, 2000 at 10:03:59AM -0600, Kurt Seifried wrote: > > Personally, when I see "1.2.0pre10-4", I think, "This is not the same as > the > > original/base 1.2.0pre10." Depending on how the numbering is implemented, > it > > has been updated 3 or 4 times since the original 1.2.0pre10. So I would > not > > expect it to have the same bugs. > > So did you fix the root hack in pre10, the DOS in rc1, or the typo in the > install script? Oh yeah, I gotta read the changelog to find out, > wheep.Making major changes to software (plugging root hacks counts I > think) and not modifying the software revision (ok, the Debian package > number is revised, but that means nothing unless you read the changelog) is > just a bad idea. Also when the main change in a software package is bug > fixes and not feature additions I think it might be sane to upate the > package, As for Apache, 1.3.12 has been out 6+ months, freezing software and > using a version much older doesn't make much sense to me (and let's face it, > some software packages, like Apache, do an extremely good QA job and > generally don't ship broken stuff, OTOH big billy bobs irc client version > .34 is another story). Regarless of how good of a QA job they do, it doesn't mean squat when you have to assure compability for 6 supported architectures. Taking new versions to fix security problems, along with all the code changes, in this fashion, is a management nightmare. There is no way to get out a timely and stable fixed package using this method. There's no way to test things enough. So you use the current *known good with one exception* version, and fix it instead. This way you can sleep at night and retain your sanity. > > > As for the "code freeze", well the code is NOT frozen if Debian is > > > backporting changes into it, Apache 1.3.9 as shipped by Debian for > example > > > is more like a 1.3.9 sortof 10/11/12 but not really. While the argument > "we > > > are not adding new features" can be used, the fact of the matter is that > > > Debian is making (in some cases significant) changes to code that > changes > > > behaviour (like fixing root hacks, cross site scripting vulnerability, > > > whatever). > > > > Would you be more comfortable if it were called a "feature freeze"? > > Yup. And for gods sake, document it somehwere that you need to read the > changelogs. I've actually gotten several emails from smart Linux people > (i.e. people that also write/manage online Linux related publications) going > "hey, that's news to me too". I am not going to sit down and read /usr/doc/* > just on a whim, neither are most users or even people trying to do a review > (i.e. I wouldn't mind seeing you guys writing a review of say TurboLinux =). I'de like to see you coordinate 6 architectural builds of some fairly large packages and ensure stability, and compability for each one, just to get a security update out. After all, we are talking about fixing the bugs, not "ooh, we have a reason to get version 1.0-foo into stable now!" You are right, users cannot be expected to read the changelogs all the time. However, there is no easier way to dessiminate this information other than a) security announcements, and b) changelogs, readily available with the packages. You, as a journalist, yes, we can expect you to read this, or alteast contact some real Debian folks ([EMAIL PROTECTED] maybe?) before making assumptions. Obviously no one can write a review of an operationg system without knowledge of that system, or without further investigation into that OS's structure and inner-workings. Remember, Debian is volunteers, so you wont get a big corporate marketing department spilling off "oh we are great, we have " and so on. You'll get very intelligent, and yes, sometimes harsh folks, who do nothing but work on this all day long, and know what they are talking about. They will give you straight answers, and most of them time, when you speak intelligently yourself, and show an interest, rather than negativity, they are even open to suggestions. -- ---===-=-==-=---==-=-- / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=--===-=-=-=-===-==---=--=---'
IRC proxying
Hello everybody, I have found the bounce IRC proxy in 2.3 debian. Does anyone of you knows of security issues with this proxy ? May I recommend it safely to my school (that has cut our irc access lately for security reasons) ? Thx in advance
Re: join us!
> Personally, when I see "1.2.0pre10-4", I think, "This is not the same as the > original/base 1.2.0pre10." Depending on how the numbering is implemented, it > has been updated 3 or 4 times since the original 1.2.0pre10. So I would not > expect it to have the same bugs. So did you fix the root hack in pre10, the DOS in rc1, or the typo in the install script? Oh yeah, I gotta read the changelog to find out, wheep.Making major changes to software (plugging root hacks counts I think) and not modifying the software revision (ok, the Debian package number is revised, but that means nothing unless you read the changelog) is just a bad idea. Also when the main change in a software package is bug fixes and not feature additions I think it might be sane to upate the package, As for Apache, 1.3.12 has been out 6+ months, freezing software and using a version much older doesn't make much sense to me (and let's face it, some software packages, like Apache, do an extremely good QA job and generally don't ship broken stuff, OTOH big billy bobs irc client version .34 is another story). > > As for the "code freeze", well the code is NOT frozen if Debian is > > backporting changes into it, Apache 1.3.9 as shipped by Debian for example > > is more like a 1.3.9 sortof 10/11/12 but not really. While the argument "we > > are not adding new features" can be used, the fact of the matter is that > > Debian is making (in some cases significant) changes to code that changes > > behaviour (like fixing root hacks, cross site scripting vulnerability, > > whatever). > > Would you be more comfortable if it were called a "feature freeze"? Yup. And for gods sake, document it somehwere that you need to read the changelogs. I've actually gotten several emails from smart Linux people (i.e. people that also write/manage online Linux related publications) going "hey, that's news to me too". I am not going to sit down and read /usr/doc/* just on a whim, neither are most users or even people trying to do a review (i.e. I wouldn't mind seeing you guys writing a review of say TurboLinux =). > Dave -Kurt
Re: lynx gone mad!
On Thu, 31 Aug 2000 19:35:34 +051800, USM Bish wrote: >"w3m" ! Is this a text base browser like lynx which >you can work on console? How does it manage frames? Try 'links' (not lynx :-) It has perfect frame support, just like a graphical browser. Has some minor codepage issues, though... http://artax.karlin.mff.cuni.cz/~mikulas/links/ Kofa
Re: join us!
Kurt Seifried said: > Debian ProFTPD 1.2.0pre10 revision 3 has the root hack mentioned above > however fixed in 1.2.0pre10revision 4, revision 5 also fixes some of the > problems that were possible in rc1 Personally, when I see "1.2.0pre10-4", I think, "This is not the same as the original/base 1.2.0pre10." Depending on how the numbering is implemented, it has been updated 3 or 4 times since the original 1.2.0pre10. So I would not expect it to have the same bugs. > As for the "code freeze", well the code is NOT frozen if Debian is > backporting changes into it, Apache 1.3.9 as shipped by Debian for example > is more like a 1.3.9 sortof 10/11/12 but not really. While the argument "we > are not adding new features" can be used, the fact of the matter is that > Debian is making (in some cases significant) changes to code that changes > behaviour (like fixing root hacks, cross site scripting vulnerability, > whatever). Would you be more comfortable if it were called a "feature freeze"? -- "Two words: Windows survives." - Craig Mundie, Microsoft senior strategist "So does syphillis. Good thing we have penicillin." - Matthew Alton Geek Code 3.1: GCS d- s+: a- C++ UL++$ P+>+++ L+++> E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r++ y+
Re: RW access to /dev/dsp /dev/audio /dev/mixer ?
Quoting Preben Randhol ([EMAIL PROTECTED]): > "Paul D. Smith" <[EMAIL PROTECTED]> wrote on 31/08/2000 (17:08) : > > > > Add yourself (and any other users you want to have access) to the > > "audio" group. Note that anyone in the "audio" group has rw access to > > these devices. This goes for other device access as well. > Odd I must have done something else wrong as it didn't work when I tried > it the first time, but now it does. Thanks. You only pick up your groups when you login. Cheers, -- Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA Disclaimer: These addresses are only for reaching me, and do not signify official stationery. Views expressed here are either my own or plagiarised.
Re: RW access to /dev/dsp /dev/audio /dev/mixer ?
"Paul D. Smith" <[EMAIL PROTECTED]> wrote on 31/08/2000 (17:08) : > > Add yourself (and any other users you want to have access) to the > "audio" group. Note that anyone in the "audio" group has rw access to > these devices. This goes for other device access as well. > > You can either edit /etc/groups directly, or use the "usermod -G" command > to change the groups a user belongs to. Note that if you use usermod > you must list all the groups you want; this sets the list, it doesn't > add to it. Odd I must have done something else wrong as it didn't work when I tried it the first time, but now it does. Thanks. -- Preben Randhol - Ph.D student - http://www.pvv.org/~randhol/ "i too once thought that when proved wrong that i lost somehow" - i was hoping, alanis morisette
Re: join us!
%% John Hasler <[EMAIL PROTECTED]> writes: jh> Paul D. Smith writes: >> IMHO, FAQ-O-Matic is a _very cool_ tool... jh> But a real PITA to administer. Hmm. Well, we use a pretty large FOM internally at work here, and I haven't noticed that it's a _huge_ PITA :). Mostly seems pretty self-administrating, and almost all the admin I've done has been through the web interface (although I had to play with the search update cron job due to permission issues). What kinds of problems are you seeing? -- --- Paul D. Smith <[EMAIL PROTECTED]> Find some GNU make tips at: http://www.gnu.org http://www.paulandlesley.org/gmake/ "Please remain calm...I may be mad, but I am a professional." --Mad Scientist
Re: lynx gone mad!
"w3m" ! Is this a text base browser like lynx which you can work on console? How does it manage frames? I have w3mir installed, but that's not a browser. USM Bish On Thu, Aug 31, 2000 at 10:50:40AM +1100, Shao Zhang wrote: > give w3m a go! It is far better than lynx IMHO. And it renders both > frame/table nicely. > > apt-get install w3m w3m-ssl > > Shao. >
Re: RW access to /dev/dsp /dev/audio /dev/mixer ?
%% Preben Randhol <[EMAIL PROTECTED]> writes: pr> How does a user get access to /dev/dsp /dev/audio /dev/mixer ? pr> The default setup is : pr> crw-rw1 root audio ... pr> should one do chmod o+rw or is there a better way? Add yourself (and any other users you want to have access) to the "audio" group. Note that anyone in the "audio" group has rw access to these devices. This goes for other device access as well. You can either edit /etc/groups directly, or use the "usermod -G" command to change the groups a user belongs to. Note that if you use usermod you must list all the groups you want; this sets the list, it doesn't add to it. -- --- Paul D. Smith <[EMAIL PROTECTED]> Network Management Development "Please remain calm...I may be mad, but I am a professional." --Mad Scientist --- These are my opinions---Nortel Networks takes no responsibility for them.
Re: join us!
On Thu, Aug 31, 2000 at 07:18:18AM -0600, Kurt Seifried wrote: > > Yes I read the update. I'd be happy to review your articles for you, but I > > don't think you should stop at one reviewer. Debian is a very big project > and I'm > > still finding my way around parts of it. You may have been in contact with > Ben > > Collins. If so I suggest you ask him too. > > Yeah, he did email me, not terribly friendly. I think it's rather obvious I > researched the article if I was taking apart files like lilo.conf/etc. My appologies, but you did touch a nerve. Anyone in a place of high visibility and large influence is expected to hold to higher standards than everyone else. Sucks I know, but you have to carry that responsibility, or you get problems like this one. > Ben Collins wrote: > > "If you would have bothered to check the changelogs for the packages you > noted as having "root hacks in them", you would have noticed that every > daemon you pointed out is not vulnerbale to the holes you point out. Here is > a list:" > > One question: where is it explicitly stated that Debian backports fixes and > that one needs to read /usr/doc/*/changelog? This is ludicrous. Backporting fixes is done everywhere in the industry at every level. Just because someone is running Solaris 5.5.1, is it a vulnerable system? No, you have to run the patch checks to see if it is secured. On Windows95/98/2k/NT, the version level means nothing, even the SP# means nothing, because patches are seperate pieces even then. Now this is at a higher level, but we still see it in lower levels. Let's take the Linux kernel. You'll notice that security fixes for that come about well before there is a version increase, and most distributions release a patched version well before they wait for a version increase to be made available. GLibc is the same way, and even RedHat will patch up the current version and release (I know this from experience). Now, let's look at the reasoning Debian has for this. We'll inspect the release cycle as it goes. Debian unstable, oh the glory of mass uploads and new packages abound the project. Bleeding edge releases of major and unknown software enter the project. Many of these programs have major bugs in them. When new version of the program come out, hey, they just get packaged up and tossed in, hopefully not introducing any new bugs. Even if they do, it's ok, we're "unstable". Now, along comes the initial freeze. No new packages are allowed in, and new uploads are done in semi-caution. We're nearing release, and adding too many new features always invites more new bugs. If major security concerns arise, fix as needed, however it's needed. Down the road, we enter a "deep freeze". Oh shit! We're getting ready to release. Boot-floppies and CD images start being tested very heavily. Surely we don't take any new packages. New features are moot at this point. The only uploads allowed are ones fixing fairly important bugs (What we call Release Critical, see our website for details, in the Bug Tracking System). If a security problem comes along, it has to be fixed, however, we'll take the case of Apache like this: Apache 1.3.9 is in the current frozen. We have to fix the bugs, but since then Apache 1.3.12 has been released. We don't want this new version. The current version has proven to contain no bugs in our BTS, the only problem being this security flaw. This new verion may contain new unforseen bugs that will require fixing again in the near future and maybe even some incompatibilites that will require some hacking in order to make upgrades easy. Do we take this extremely new version or do we side with caution and backport the fixes? Obviously, for the sake of a more stable, bug-free distribution, we fix the known bugs, and avoid introducing new ones. The changes get noted in the packages' changelog (every Debian package has a Debian changelog in the doc dir, it's documented that way). This same thing happens after freeze. The current release gets patched to fix *known* bugs, and we avoid at all costs introducing new ones. IMO, this is a lot smarter than just taking the newest version. And anyone who says anything different is just a version number junky, and not really concerned or knowledgable about what it takes to produce a bug free distribution. -- ---===-=-==-=---==-=-- / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=--===-=-=-=-===-==---=--=---'
Re: GMT to Normal Time
On Thu, Aug 31, 2000 at 04:51:31AM -0500, Paul T.McNally wrote: > Is there anyway I can get my clock to reflect the time I live in? I > thought it would be cool to have my time set to GMT, but there are lots > of little things I need to reflect the time I know. [EMAIL PROTECTED]:~$ date Thursday Aug 31 15:01:39 UTC 2000 [EMAIL PROTECTED]:~$ TZ="EST5EDT" date Thursday Aug 31 11:01:45 EDT 2000 use the TZ environment variable to specify the time zone for the apps that need to know local time. -- michael d. ivey[McQ] : "Furious activity is no substitute <[EMAIL PROTECTED]> : for understanding." http://gweezlebur.com/~ivey/ :-- H. H. Williams encrypted email preferred :
Re: lynx gone mad!
> give w3m a go! It is far better than lynx IMHO. And it renders both > frame/table nicely. I've heard this a few times, and just tried it. So far, I prefer lynx: easier to navigate, I can spawn extra instances of lynx on a link, and better frame handling: lynx uses the entire screeen, and lets you choose which frame to view. I'll keepit around in case I need to read tables, though. --
RE: easy numlock question
> no, this utility only works on the current VT which is probably tty1 > for the boot process. if you really insist on pushing this on all Works just fine on my potato! Got all 6 terminals with numlock set! > your users the place to put the mentions shell commands is > /etc/profile. > > however i would argue that numlock status is a USER preference and > thus should be left to individual users to place in thier > ~/.bash_profile if they desire this. I have found that most users want the num-lock on, I'm one of them (I'm also the main user of the system), and being the evil IT person I am, I get to enforce my evil wicked will on the underlying helpless populace. ;>} > > also its better to avoid using root privileges to implement such > minutia. I agree. Brooks
Re: ipv6
On Thu, 31 Aug 2000, Russell Coker wrote: > So I have an inet6 address on eth0 as soon as I do "modprobe ipv6". What is > the way to ping it? I don't think you can ping link addresses very easially. You should install the radvd package and give your site some real IPs, possibly following the 6to4 RFC or something. This will give your box and any other boxes on your lan ipv6 addresses. Jason
GMT to Normal Time
Is there anyway I can get my clock to reflect the time I live in? I thought it would be cool to have my time set to GMT, but there are lots of little things I need to reflect the time I know.
Re: join us!
Paul D. Smith writes: > IMHO, FAQ-O-Matic is a _very cool_ tool... But a real PITA to administer. -- John Hasler [EMAIL PROTECTED] Dancing Horse Hill Elmwood, Wisconsin
RW access to /dev/dsp /dev/audio /dev/mixer ?
How does a user get access to /dev/dsp /dev/audio /dev/mixer ? The default setup is : crw-rw1 root audio ... should one do chmod o+rw or is there a better way? -- Preben Randhol - Ph.D student - http://www.pvv.org/~randhol/ "i too once thought that when proved wrong that i lost somehow" - i was hoping, alanis morisette
Re: Frozen message
If your MTA was exim, you would find it in /var/spool/exim/input. Check /var/spool and see if you recognize your mail transport and look further in that directory path. It should be readily readable with any editor David www.richsob.com - Original Message - From: "Frederik" <[EMAIL PROTECTED]> To: Sent: Thursday, August 31, 2000 5:51 AM Subject: Frozen message > I received a notification of my mailing system saying a message was > frozen, cause it could not be delivered. It was send to @maui.kotnet.org > instead of @maui.iverlek.kotnet.org. > Any ideas where I can recover that message? (Most important) > Any idea how I can receive mail on these 2 addresses?
What are the Essential Packages?
Hi, I'd like to install Debian 2.2, but I'm having trouble figuring out which packages to download. I noticed that I won't be using many of the packages that come with the distribution, and don't want to waste time downloading them or, worse, downloading and burning a CD image. I'd prefer to install directly from the DOS partition on my harddrive. What are the essential packages for the base GNU/Linux system and X11? Thanks in advance, Jamie __ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/
Re: PPP not going
Hi Cristoph, At slack (that my friend tested) there isnt pppconfig (pppsetup I think). I think that the error is that I dont allocate an IP here (at the server). How I do this? Much thanks,Paulo Henrique Quoting Christoph Simon ([EMAIL PROTECTED]): > > > > Hi all, > > I mounted a PPP server with mgetty (Debian potato) and tried to conect > > with another Linux machine (Slack) and received the following log with an > > error at end. What is wrong? > > Thanks, Paulo Henrique > > > > rcvd [IPCP ConfNak id=0x1 ] > > sent [IPCP ConfRej id=0x2 ] > > sent [IPCP TermReq id=0x3 "Could not determine remote IP address"] > > rcvd [IPCP TermReq id=0x4 "Could not determine local IP address"] > > Your client is insisting to use this IP address which the server is > not willing to accept (or vice verse). Did you specify an IP address > in PPP config? (Nak = not acknowledged, Rej = rejected) > > HTH > > Christoph Simon > [EMAIL PROTECTED] > -- > ^X^C > q > quit > :q > ^C > end > x > exit > ZZ > ^D > ? > help > shit > . > > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
Re: join us!
%% Kurt Seifried <[EMAIL PROTECTED]> writes: ks> One question: where is it explicitly stated that Debian backports ks> fixes and that one needs to read /usr/doc/*/changelog? I'll answer this on two levels: First, if you're writing an article on a subject for publication it behooves you to find this information, even if it's not explicitly stated. In other words, if you think to yourself "hey, that's strange, this system seems to be shipping old, security-problem-ridden code!" (which you basically said you thought in your article) then you should try to find out if that's really true. One excellent way to do that is by posting one simple message to this mailing list. If this had been done, you could have blasted Debian for documentation issues, while still performing a valuable service by educating people, via your article, on how Debian handles security updates :). Second, you are absolutely, 100% correct that there is a serious lack of coherent documentation in these areas when it comes to Debian. There are a lot of things one is just kind of expected to "know"; or at least I haven't found anyplace that brings them all together. Some other examples from just the last week or so: information on Debian runlevel handling, and information on how Debian expects to share devices (group permissions for /dev/sound, etc.) The Debian Guide is great for newbies but doesn't have much information for experienced users. Manuals for newbies are very important, of course, but Debian really needs either an appendix or another document that provides this more detailed, distro-specific information. Some kind of "Introduction to Debian for UNIX Admins". I think Debian has many more experienced UNIX/Linux people migrating to it than other distros, and so this kind of "migration guide" is more important to Debian. Please don't mark this as criticism per se: I maintain a manual too and I know how hard it is. I hope this is taken as encouragement for more people to spend some time on this. IMHO, FAQ-O-Matic is a _very cool_ tool and that should definitely be revived and expanded, but a more "manual-like" document that could be shipped with Debian would be even better. Maybe even something in the install that asked if you want to read it... ks> I spoke to several friends, comp sci, one with a degree in ks> software engineering, and they all agree this is a horrible way to ks> do things (the software engineer went so far as to say "a little ks> piece of me dies everytime someon does something like that"). Uhm. Can you provide more details about exactly what they're objecting to? Backporting specific fixes to earlier releases is not only not "a horrible way to do things", but is absolutely de rigueur in the industry. You can't afford to put the entire set of potentially very destabilizing changes into a current or almost-current product! Instead, you extract the most important fixes and port them back into the stable release so people can get the benefits of that specific fix, in a stable environment. Most everybody does this. Even the Linux kernel, for example. Many of the packages which have security fixes announced on CERT, etc. provide patches for older releases in addition to saying that the latest release has fixed the problem. I just don't understand your friends' revulsion. -- --- Paul D. Smith <[EMAIL PROTECTED]> Find some GNU make tips at: http://www.gnu.org http://www.paulandlesley.org/gmake/ "Please remain calm...I may be mad, but I am a professional." --Mad Scientist
Re: Debian 2.2 and security - SecurityPortal article
On Thu, 31 Aug 2000, Leszek Gerwatowski wrote: > things like "Debian has version 1.3.9 of apache and secure version is 1.3.10 > and up so Debian isn't secure". As you can say it's also real life example. > Maybe they should be much more sceptic when thet write articles like this but > many people think like this without expressing it on paper or webpage. And we should care about this? why? The most we could do for them is to have a "please remember that Debian backports security fixes" written in the debian security page (which might be a good idea come to think of it, as it's properly heavy ammo to shot at the head of people who can't read changelogs), but IMHO a lot of users would never get that far (one hyperlink away from Debian's front page) to read it... Debian is _not_ supposed to babysit anyone. If they don't know enough to do it properly, it's their loss AND their fault, as long as it's not our doing that they couldn't find the information they needed, of course. We are not supposed to make stuff difficult on purpose, and I think it's a laudable goal to make the distro easier to use and install for everyone, but everything has a limit. Destroying frozen/stable's stability, or making a (worse ;-) ) mess of the version numbering is way beyond it. > I fully understand why Debian packages maintainers backport security fixes to > packagest in frozen instead of making new package versions. But, like we say > in > Poland, every stick has two ends (sling has even 3 ;-) ). Yes, we just have to make sure we will continue to hold the stick by the right end... which is exactly what we're doing right now, mind you ;-) > > website for a weason. Debian packages have changelogs for a reason. It's not > > as if this information is hard to find. > > Yes but, as you see, for many "normal" users it's too much work to be done to > check everything. They just take fresh distribution and say "What? Fresh dist I'd argue that these users are a lot of trouble we don't need to concern us overly with most of the time. Leave that to Corel and other people who are paid to spend a lot of their time babysitting them. BTW, I know quite a few people that are very dear to me AND who would qualify perfectly as one of your "normal" users, and I know very well the amount of work it takes to keep them going and why I do it :-) (Disclaimer: the above paragraph is only valid until someone gets into Debian's policy that our goal is to take over the world) > with old packages, even such with security holes? What's going on?". Not so > many think like "It's Debian so it's 100% secure". I think it should be solved > in some way, but i don't know how :-( The right way, which benefits the world as a whole, is to get these people to move their behinds and learn to READ docs/look for their own answers before they even think of disturbing anyone else in their lazyness. It's perfectly alright to ask for help if you can't do something, but not because you didn't even try! BTW, Debian is not 100% secure (this is not possible), and you should NEVER trust that far on security: we _need_ the peer review of people who don't trust the job to have been done right. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh pgpNUerdbBQ9K.pgp Description: PGP signature
Re: PPP not going
> > Hi all, > I mounted a PPP server with mgetty (Debian potato) and tried to conect > with another Linux machine (Slack) and received the following log with an > error at end. What is wrong? > Thanks, Paulo Henrique > > rcvd [IPCP ConfNak id=0x1 ] > sent [IPCP ConfRej id=0x2 ] > sent [IPCP TermReq id=0x3 "Could not determine remote IP address"] > rcvd [IPCP TermReq id=0x4 "Could not determine local IP address"] Your client is insisting to use this IP address which the server is not willing to accept (or vice verse). Did you specify an IP address in PPP config? (Nak = not acknowledged, Rej = rejected) HTH Christoph Simon [EMAIL PROTECTED] -- ^X^C q quit :q ^C end x exit ZZ ^D ? help shit .