Re: The right way to power off a computer as non-root
on Thu, Jan 03, 2002 at 08:45:43PM -0500, P Prince ([EMAIL PROTECTED]) wrote: > Well, what about su? > > [EMAIL PROTECTED] su > [EMAIL PROTECTED]'s password: > [EMAIL PROTECTED] shutdown -h now > > > I had two ideas of making this possible. The one is to make it sudo-able and > > the other is to put the executable into a special group (e.g. poweroffer) > > Sudo is a security hole. In the context of what you've just stated, it's less a security hole than the alternative you've provided. If your alternative to sudo is su, you've just addressed the problem of providing a user unintentional full root access...by providing her intentional full root access. Because of the inherent granularity of the GNU/Linux security model, implementing controlled security on a GNU/Linux system takes some thinking. For those wanting more background on this topic, Ethan Benson and I discussed the topic on list some time back. > There are three ways to use it, one good, one questionable, and one > stupid. Note that the sudoers manpage itself makes the same observation. > The good way is to set your user account to have full root privs via > sudo. This is very handy to have, because you can do root things > without having to su. You also log *all* sudo events, the command issued, and its arguments. > The questionable way is to allow certain users to execute a certain > set of programs as root. If the alternative is direct root access (which is denied or otherwise prohibited), this accomplishes two things: - All root accesses are tied to a user account. With appropriate (this means off-system) logging, you can at least retroactively restrict that user's access to systems. The problem of "mystery root events" (I've seen same, in an environment where workstation root passwords were shared...not mine however) is at least reduced to "root event from account X". - A shared root password isn't needed. Users with sudo root access need to practice good password discipline, but the cleanup required after (or before) a problem / transfer / termination is greatly reduced. - The solution is scalable. A users permissions can be increased or decreased within sudo. su doesn't offer this same level of control. > It works well, but if you are not extremely careful about write > permissions on the executables and all of their parent directories, > you can make it possible to overwrite an allowed program with one of > your own. Even more likely, you can force trusted programs to execute > non-trusted programs with the same effective UID. There are more problems with this, and they're the same ones you'd have with a shared root account, excepting the comments I've made above. > The stupid way to use it is to allow a user full root privs, with some > restrictions. Agreed. From man (5) sudoers: SECURITY NOTES It is generally not effective to "subtract" commands from ALL using the '!' operator. A user can trivially circumvent this by copying the desired command to a different name and then executing that. Other things to watch for are *any* command that allows shell access. This restricts the utility of sudo with, say, editors and other interactive tools. But it should generally be rarely required with same. Note that if a user is allowed to create or move arbitrary files with root privileges, they can replace files to provide themselves a root shell. Security is a process, not a state. Peace. -- Karsten M. Self http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? Home of the brave http://gestalt-system.sourceforge.net/Land of the free We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org Geek for Hire http://kmself.home.netcom.com/resume.html pgpg9d0xQL0IH.pgp Description: PGP signature
Re: Solved: Re: gv: various font errors, "code 1 in findfont"
on Thu, Jan 03, 2002 at 04:23:07AM -0800, Eric G. Miller (egm2@jps.net) wrote: > On Wed, 2 Jan 2002 12:00:00 -0800, "Karsten M. Self" > wrote: > > > on Wed, Jan 02, 2002 at 09:03:18AM -0800, Craig Dickson ([EMAIL PROTECTED]) > > wrote: > > > Karsten M. Self wrote: > > > > > > > I'm finding gv is almost unusable under Sid due to font errors, e.g.: <...> > > > Do you have the GS_LIB environment variable set to these two directories? > > > If not, try that and see if it helps. > > > > Interesting. I've got that in my /etc/profile (I *thought* I'd added > > something like it), added Dec 13: > > > > export GS_LIB=/usr/share/gs/6.51:/usr/share/fonts/type1/gsfonts > > > > ...but the value doesn't seem to be getting propogated (I'm starting via > > wdm). I've changed /etc/environment to just source /etc/profile. > > > > Setting that value (forced in my ~/.bashrc) seems to fix things. > > After updating gs-aladdin & gs-common today, I started to see these > errors as well. But, the problem is not that you should need a GS_LIB > environment variable, but that gs-common seems to not invoke the > proper "defoma" install/update script. So, I looked at the > README.defoma for gs-common, and right there is a line about updating > defoma via "defoma update gs" -- sure enough, it works. Hmmm... I just ran that as root, launched a new shell, unset GS_LIB, and tried viewing a ps page: $ df | mapage -1 | gv -letter -magstep -1 - ...which doesn't work. I get the same font errors. Restoring the environment variable works. Odd. -- Karsten M. Self http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? Home of the brave http://gestalt-system.sourceforge.net/Land of the free We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org Geek for Hire http://kmself.home.netcom.com/resume.html pgpF6deVRyr48.pgp Description: PGP signature
Re: how to get rid of sendmail X-Authentication-Warning?
> > O PrivacyOptions=needmailhelo,novrfy,noexpn,noreceipts,noverb > > > > But it still generates these lines. > > Are you sure that sendmail is reading /etc/mail/trusted-users.db? Did > you rebuild trusted-users.db after edited /etc/mail/trusted-users? Hm, actually I thought that it's trusted-users is not a database but just a plain text file. But just to be sure, I edited my sendmail.cf: Ft/etc/mail/trusted-users %[^\#] Troot Tdaemon Tspiegl Tmail And it _still_ generates the X-Authentication-Warning. I don't get it. Andy. -- Dr. Andy Spiegl, Radio Marañón, Jaén, Perú E-Mail: [EMAIL PROTECTED], [EMAIL PROTECTED] URL: http://spiegl.de, http://radiomaranon.org.pe PGP/GPG: see headers o _ _ _ --- __o __o /\_ _ \\o (_)\__/o (_) -o) - _`\<,__`\<,__>(_) (_)/<_\_| \ _|/' \/ /\\ (_)/ (_) (_)/ (_) (_)(_) (_)(_)' _\o__\_v War doesn't decide who is right, only who is left.
Re: OT: Language War (Re: "C" Manual)
Richard Cobbe wrote:
>
> Lo, on Thursday, January 3, Erik Steffl did write:
>
> > what's the difference? the point is you can assign almost anything to
> > anything, and yet there is no segfault - i.e. the strength of types has
> > nothing (sort of) to do with segfaults... the resource allocation is
> > crucial...
>
> Type safety (plus dynamic allocation) implies advanced memory
> management. The converse is not true: you can slap Boehm's conservative
> GC onto a C++ program, but you can still get segmentation faults:
>
> char str[] = { 'b', 'a', 'd', ' ', 's', 't', 'r', 'i', 'n', 'g' };
> // note the lack of a terminating '\0'!
> cout << str;
>
> No allocation issues involved. As Ben Collins pointed out elsewhere in
> this thread (bit of a tree-shaped thread, isn't it?), this won't
> necessarily cause a segfault, but it can. It's also a violation of
> type-safety: cout expects a null-terminated string, and as far as the
> compiler is concerned, str fits this. However, there's no runtime check
> in the output routine to verify that this is, in fact, the case. Ooops.
that's not really good analysis of what's actually going on. the str
is actually array of characters, it's not really a string (there's no
such thing in c++ language, there is a string as part of standard
library (runtime?-))
so the problem here is that the actual value of the variable is not
according the specs for cout, it's of correct type (char *). And str
certainly evaluates to char *, not a random collection of bits (it's not
really a char * but it doesn't matter in this case)
I don't see any type related problem here. cout assumes something
about the value, it's not true, BOOM!
> Therefore, I claim that type safety is a more fundamental concept than
> resource mangement.
well, why?
> > that's all interesting, but the point was that the perl type system is
> > as weak as I can imagine yet it doesn't lead to segfaults... it's the
> > resource allocation!
>
> Type safety != `strong' types. They're orthogonal. (Well, sort of. It
> turns out that `strong types' isn't a very well-defined concept;
> language researchers prefer to discuss compile-time type verification.
> *That* definitely has nothing to do with type safety.)
>
> > If you cannot make sure that MyUserType variable will only be assigned
> > MyUserType values then you have (almost) NO type safety.
>
> That's only meaningful if you can declare a variable to be MyUserType at
> runtime. This does not apply to a whole variety of languages, many of
> which are still type-safe.
>
> (I think I'm just going to decide that Perl's type system is on crack.
pretty much, it's quite strange.
> But what do you expect when a linguist designs a programming language?)
perl?
> > > In any case, memory allocation errors aren't the only cause of
> > > segmentation faults---how about walking off the end of an array? Here,
> > > I claim that Perl *does* maintain type-safety, although in a seriously
> > > fscked-up way: it simply expands the array to make the reference valid.
> >
> > it's not the types! it doesn't care about types at all. it just makes
> > sure you always have a place to store whatever you are about to store.
> > what does that have with types? not much. it has to know what are you
> > trying to store but it doesn't care at all what was there before, what's
> > the type of variable where you are storing it. again, I find it pretty
> > strange to call that kind of behaviour 'type safety'.
>
> Yes, it *is* types. Remember the definition of type-safety:
>
> If an expression E is determined at compile time to have type T,
> then evaluating E will have one of two results:
>
> 1) The value of E is a valid object of type T and not just some
>random collection of bits we're misinterpreting as a T.
perl definitely doesn't satisfy this one, or only in very pervert way.
the objects (any variables, not objects as in OO) can evaluate as
different things (e.g. scalar versus array context), even as nothing,
it's just that perl handles nothing better then C (it doesn't do
anything with nothing, because it knows what's allocated).
the other thing is that often it is not evaluated at compile time...
> 2) a well-defined runtime error occurs (e.g., Java's
>ArrayBoundsException).
or segfault? just kidding...
is java type-safe? http://www.research.att.com/~vj/bug.html
perl often does not give you any error message, it just does something
it consider OK to do...
> There are no other possibilities.
>
> In this particular case, Perl chooses to use the memory allocation
> system to satisfy type safety (it creates a new T, initializes it, and
> returns it). It's not the only possibility, though; Java would throw an
> exception in this case. No allocation involved.
you just wrote there are no other possibilites and then two lines
later you list another possiblity (what perl does).
P
Re: NIST time
Gary Turner writes: > As a matter of possible general interest, NIST makes available source and > binaries (Mac & Win) on their site. >From nistime.man: Description This program connects to the daytime service on the NIST time server time_a.timefreq.bldrdoc.gov using tcp/ip port 13. Pretty limited. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI
Re: ssh2 denials
perhaps you should put something from /lib/security .. At 10:13 PM 1/3/02 -0600, shock wrote: * nate ([EMAIL PROTECTED]) spake thusly: > > > I'm using ssh2 (www.ssh.com), and I'm trying to login to my home > > machine from the office. After entering "ssh home", I'm presented > > with the password prompt. I enter my password, and am presented > > with the > > is ssh2 from www.ssh.com on the server or on the client? > if its on the server be sure its compiled with pam otherwise > it probably will not authenticate right with the password .. this may be obvious to many, but not to me. configure --help reveals: --with-daemon-pam-service-name=name what the heck to do i do with this? what do i use for 'name'? -- ) ,_),_) (-(__ |_ _ _ |/ ) | |(_)(_ |\ ( \_, ___ | http://www.exitwound.org: hard to find| | http://www.buckowensfan.com : he's the man| ___ | Moe: Wanna play poker tonight? Joe: I can't. | | It's the kids' night out. Moe: So? Joe: I | | gotta stay home with the nurse. | ___ -BEGIN GEEK CODE BLOCK- | Version: 3.1 | | GJ/IT d- s: a C+++>$ UL P+++ L+++ E--- W++| | N+@ o K- w O- M- V PS+ PE Y+ PGP++ t+@ 5@ X++ | | R tv+@ b+ DI D+ G++ e h r+++ y+++ | --END GEEK CODE BLOCK-- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] Petre L. Daniel,System Administrator Canad Systems Pitesti Romania, http://www.cyber.ro email:[EMAIL PROTECTED] tel:+4048220044 +4048206200
Re: ssh2 denials
* nate ([EMAIL PROTECTED]) spake thusly: > > > I'm using ssh2 (www.ssh.com), and I'm trying to login to my home > > machine from the office. After entering "ssh home", I'm presented > > with the password prompt. I enter my password, and am presented > > with the > > is ssh2 from www.ssh.com on the server or on the client? > if its on the server be sure its compiled with pam otherwise > it probably will not authenticate right with the password .. this may be obvious to many, but not to me. configure --help reveals: --with-daemon-pam-service-name=name what the heck to do i do with this? what do i use for 'name'? -- ) ,_),_) (-(__ |_ _ _ |/ ) | |(_)(_ |\ ( \_, ___ | http://www.exitwound.org: hard to find| | http://www.buckowensfan.com : he's the man| ___ | Moe: Wanna play poker tonight? Joe: I can't. | | It's the kids' night out. Moe: So? Joe: I | | gotta stay home with the nurse. | ___ -BEGIN GEEK CODE BLOCK- | Version: 3.1 | | GJ/IT d- s: a C+++>$ UL P+++ L+++ E--- W++| | N+@ o K- w O- M- V PS+ PE Y+ PGP++ t+@ 5@ X++ | | R tv+@ b+ DI D+ G++ e h r+++ y+++ | --END GEEK CODE BLOCK--
Re: NIST time
On Thu, 03 Jan 2002 10:47:21 -0800, Paul E Condon wrote: >I want to automate the time/date setting on my computer( Potato ). >I suppose there is a program that accesses NIST time server and >allows me to update. > >What is the name of the debian package to do this? > >Paul As a matter of possible general interest, NIST makes available source and binaries (Mac & Win) on their site. Makefiles are also available. I use the automated updates on a couple of winboxes, but not on the linux yet. http://www.boulder.nist.gov/timefreq/service/its.htm gt Yes I fear I am living beyond my mental means--Nash
Opera and anti-aliasing fonts
i've finally become enamored with KDE's anti-aliasing fonts. they look great in konqueror. opera, however, seems to use it's own font scheme. does anyone know what needs to be done to make opera use the anti-aliasing fonts? -- ) ,_),_) (-(__ |_ _ _ |/ ) | |(_)(_ |\ ( \_, ___ | http://www.exitwound.org: hard to find| | http://www.buckowensfan.com : he's the man| ___ | It is far better to be deceived than to be| | undeceived by those we love. | ___ -BEGIN GEEK CODE BLOCK- | Version: 3.1 | | GJ/IT d- s: a C+++>$ UL P+++ L+++ E--- W++| | N+@ o K- w O- M- V PS+ PE Y+ PGP++ t+@ 5@ X++ | | R tv+@ b+ DI D+ G++ e h r+++ y+++ | --END GEEK CODE BLOCK--
iptables redir of 80 to 8080
how can i redirect the 80 port to 8080,like i want all clients that try to browse web pages to collect data from my squid.. instead of direct access..? thx.. Petre L. Daniel,System Administrator Canad Systems Pitesti Romania, http://www.cyber.ro email:[EMAIL PROTECTED] tel:+4048220044 +4048206200
Re: problems with php4 in woody....
Thanks nate Well, I'm not trying to use virtual hosts... I'm trying to run php from users directories (ie ~username), and instead of executing the php files, the browser asks what to do with the files and let's you download them... This same files work fine with apache and php4 under potato, but I can't make it work in woody... Any ideas? Thanks! On Fri, 2002-01-04 at 03:28, nate wrote: > > > Hello there! I'm having problems getting php4 to work in woody... > > It all installs good, the httpd.conf file has the line to load the > > module, etc... But php files don't run, thet get downloaded when > > looked at with a browser... Mime types has an entry for php, so... > > Can anyone help me here??? > > what does it say? heres how i have a virtualhost > setup to use php: > NameVirtualHost 10.121.110.48 > > ServerName webmail.linuxpowered.net > ServerAdmin [EMAIL PROTECTED] > DocumentRoot /home/squirrel/public_html > ScriptAlias /cgi-bin/ /home/squirrel/cgi_bin/ > ErrorLog /var/log/apache-ssl/webmail.linuxpowered.net/error.log > CustomLog /var/log/apache-ssl/webmail.linuxpowered.net/access.log > combinedAddType application/php4script .php > Action application/php4script /cgi-bin/php > DirectoryIndex index.php > > > in the /home/squirrel/cgi_bin directory i have a link: > lrwxrwxrwx1 root root 21 Dec 23 19:10 php -> > /usr/lib/cgi-bin/php4 > in my config symlinks only are followed if the ownership > is the same, so it must be root if /usr/lib/cgi-bin/php4 > is root. > > i do the same on other systems..always worked. don't know > where i saw it, i too had problems when i first started to > try to use php .. > > nate > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: Samba printing problem
On Thu, Jan 03, 2002 at 10:07:48PM -0500, Jeff Self wrote: | On Thu, 2002-01-03 at 13:03, dman wrote: [bunch of stuff] | Thanks for the info. I tried what you recommended and the Windows | machine doesn't even see a printer now. That's no good. Here's parts of my smb.conf : [global] printing = cups load printers = yes ; ; A "magic" section. ; [printers] comment = All Printers available = yes ; spool dir directory = /tmp printable = yes public = yes writable = yes create mode = 0666 browseable = yes guest ok = yes guest account = nobody HTH, -D -- Python is executable pseudocode. Perl is executable line noise.
Re: OT: Language War (Re: "C" Manual)
On Thu, 03 Jan 2002 17:34:00 -0600 (CST), Richard Cobbe wrote:
>
>Lo, on Thursday, January 3, Erik Steffl did write:
>
>> what's the difference? the point is you can assign almost anything to
>> anything, and yet there is no segfault - i.e. the strength of types has
>> nothing (sort of) to do with segfaults... the resource allocation is
>> crucial...
>
>Type safety (plus dynamic allocation) implies advanced memory
>management. The converse is not true: you can slap Boehm's conservative
>GC onto a C++ program, but you can still get segmentation faults:
>
>char str[] = { 'b', 'a', 'd', ' ', 's', 't', 'r', 'i', 'n', 'g' };
>// note the lack of a terminating '\0'!
>cout << str;
>
>No allocation issues involved. As Ben Collins pointed out elsewhere in
>this thread (bit of a tree-shaped thread, isn't it?), this won't
>necessarily cause a segfault, but it can. It's also a violation of
>type-safety: cout expects a null-terminated string, and as far as the
>compiler is concerned, str fits this. However, there's no runtime check
>in the output routine to verify that this is, in fact, the case. Ooops.
Neophyte that I am, I feel like I'm bringing a knife to this gunfight.
This example looks to be a cheat, in that you've defined an array and
then treated it as a string (legal). Had you defined a string, it would
be null terminated and index addressable. In any normal array operation
wouldn't you be checking for array limits? The fact that you *can*
screw up doesn't mean you have to. This strikes me as falling under the
heading of programmer or logic error, just as is freeing the pointer
that another pointer points to. If you are nesting pointers, don't you
create a means to track dependencies? In a relatively low-level
language like c/c++, isn't the programmer responsible for code
integrity?
>
>Therefore, I claim that type safety is a more fundamental concept than
>resource mangement.
>
Is there a difference? Again, my ignorance knowing no bounds. Doesn't
the type define the required allocation? And if typing is loose or
undefined doesn't allocation depend on ad hoc testing? In the example
above, is it a type, or allocation error if the *programmer* decides to
access str[10]? (If I counted right, that's the next byte after the
array bloc.)
This discussion has merit, not from the religious aspect of angels
dancing on pinheads, but rather will the pin hold my note on the cork
board?
gt
Yes I fear I am living beyond my mental means--Nash
Re: problems with php4 in woody....
> Hello there! I'm having problems getting php4 to work in woody... > It all installs good, the httpd.conf file has the line to load the > module, etc... But php files don't run, thet get downloaded when > looked at with a browser... Mime types has an entry for php, so... > Can anyone help me here??? what does it say? heres how i have a virtualhost setup to use php: NameVirtualHost 10.121.110.48 ServerName webmail.linuxpowered.net ServerAdmin [EMAIL PROTECTED] DocumentRoot /home/squirrel/public_html ScriptAlias /cgi-bin/ /home/squirrel/cgi_bin/ ErrorLog /var/log/apache-ssl/webmail.linuxpowered.net/error.log CustomLog /var/log/apache-ssl/webmail.linuxpowered.net/access.log combinedAddType application/php4script .php Action application/php4script /cgi-bin/php DirectoryIndex index.php in the /home/squirrel/cgi_bin directory i have a link: lrwxrwxrwx1 root root 21 Dec 23 19:10 php -> /usr/lib/cgi-bin/php4 in my config symlinks only are followed if the ownership is the same, so it must be root if /usr/lib/cgi-bin/php4 is root. i do the same on other systems..always worked. don't know where i saw it, i too had problems when i first started to try to use php .. nate
Re: ssh2 denials
> I'm using ssh2 (www.ssh.com), and I'm trying to login to my home > machine from the office. After entering "ssh home", I'm presented > with the password prompt. I enter my password, and am presented > with the is ssh2 from www.ssh.com on the server or on the client? if its on the server be sure its compiled with pam otherwise it probably will not authenticate right with the password .. nate
Re: OT: Language War (Re: "C" Manual)
Phil Beder wrote: ... > I wish I was a good enough programmer to contribute to this great project. > Maybe one day when I understand more about Linux I could write a more user > friendly help interface with clear syntax, option, and flag usage. by that time you'll swear by man pages! :-)) erik
Re: Samba printing problem
On Thu, 2002-01-03 at 13:03, dman wrote: > On Thu, Jan 03, 2002 at 12:34:51PM -0500, Jeff Self wrote: > | I'm having a heckuva time getting a Win 2K machine to print. On my > | debian system, I have CUPS installed and its working. I've got an Epson > | Stylus Color 600 connected to /dev/lp0 and I'm using the gimp printer > | drivers. I've installed cupsys, cupsys-bsd, cupsys-client, > | cupsys-driver-gimpprint, and cupsys-pstoraster. I'm running Debian > | unstable. > | > | My /etc/printcap.cups file contains the following line in it: > | > | epson600: > | > | Is this all it needs? > > It doesn't even need to exist. > > | I made one change to my cupsysd.conf file. I added the following line to > | the section: > | Allow From *.mydomain.name > > This is for the web interface. > > | I've added the following lines to my smb.conf file: > | > | [Global] > | load printers = yes > | printing = cups > > so far so good > > | printcap name = /etc/printcap.cups > > irrelevant since you have already told it that cups is the printing > backend > > | [printers] > | comment = All Printers > | path = /var/spool/cups/tmp/ > > Bad choice. Don't mess with cups' spool. I use /tmp. This path is > just a temporary holding place for the file while the client machines > sends it. Once it is there it is spooled using 'lp' or 'lpr'. > > | printer name = epson600 > > You don't need this line -- the [printers] section is a magic one that > holds general printer config. samba will create entries named for > each of the printers that exist according to the above confing (cups > in your case). > > | public = yes > | create mode = 0700 > > | print command = /usr/bin/lpr -P %p -o raw %s > | lpq command = /usr/bin/lpstat -o %p > | lprm command = /usr/bin/cnacel %p-%j > > These three lines aren't neede if you have the cupsys-bsd package > installed. Setting "printing=cups" above sets the commands > appropriately (for the *BSD interface). Also note that your print > command is incorrect -- it is the command's responsibility to delete > the temporary file when it is done sending it to the spooler. > > | available = yes > | > | Windows 2000 sees the printer and lets me install the drivers for it, > | but won't let me print to it. It says 'Access Denied, Unable to Connect' > | > | My /var/spool/cups directory is owned by lp and the group is sys. It has > | 700 privileges. My log file is telling me I have insufficient > | permissions to open spool file /var/spool/cups/tmp. > > This is what is causing the "Access Denied" message in windows. > > | This is driving me crazy. > > Use /tmp as the path instead and all should be well. > > HTH, > -D Thanks for the info. I tried what you recommended and the Windows machine doesn't even see a printer now.
problems with php4 in woody....
Hello there! I'm having problems getting php4 to work in woody... It all installs good, the httpd.conf file has the line to load the module, etc... But php files don't run, thet get downloaded when looked at with a browser... Mime types has an entry for php, so... Can anyone help me here??? Thanks!
Re: OT: Language War (Re: "C" Manual)
On Thu, Jan 03, 2002, Phil Beder wrote: > Thank you!! > > The diversity of point of view and depth of knowledge of the participants > of this group is truly phenomenal. A simple question (in essence "where > should I start") yielded me not only an interesting variety of response to > that question, but a road map, complete with pitfalls and milestones and a > vision of where I should end-up. > > Questions I would have never though to ask were answered, as the ping pong > ball of opinion flew around. Why use a low level language like "C" for GUI > applications -vs.- why not when one language will do the trick. The > benefits of being able to allocate and access memory locations directly. > Old standards -vs.- ANSI 99. Types, Classes, Portablilty!! . . . WOW > > I understand now why "C" was creating such a stir back in 1989 when I first > started into programming. It's abilities both as a low level and high > level language are, I believe, what make it so universally accepted. With > "C" a programmer enjoys the flexibility to write a function many different > ways, which means I don't think I would look forward to maintaining "C" > code written by a bunch of programmers with diverse views (but I guess I > sure would learn a lot). > > Thanks for your help, . . . all of you. I'll be sure to avoid the rest of > Herb Schildts books (I got a small inexpensive programmers reference of "C" > keywords & functions and some common "C++" functions that has comes in > handy for figuring-out usage and syntax). After what you guys said, Ill > bet his ears are ringing. I haven't found the Kernighan and Ritchie book > in my local bookstore. I have been using a "C for Linux" book which seems > to get right to the point and I appreciate the direct application to Linux > and the gcc compiler. Hi, No comments to add about the language wars, but as far as books go, I find often the easiest method by which to determine what books are worth looking at and what are junk, is by publisher. I don't think it's an anomoly that out of 30+ computer science books I have around, almost all are published by O'Reilly, Addison Wesley, PTR/Prentice Hall, John Wiley, and New Riders. These publishers, IMHO, uniformlly produce much higher quality CS/IT books than most others. I've found generally that Que, Sams, IDG/Hungry Minds, and others (I can't remember right now) are significantly worse, and rarely even consider them. I suggest a similar strategy might prove useful to you as well. I also recommend bookpool.com (standard no affiliation disclaimer) as a great place to shop online, especially for price and customer service. HTH, Daniel > I wish I was a good enough programmer to contribute to this great project. > Maybe one day when I understand more about Linux I could write a more user > friendly help interface with clear syntax, option, and flag usage. > > Thanks again > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Daniel A. Freedman Laboratory for Atomic and Solid State Physics Department of Physics Cornell University
Re: location of mysql files?
Jason M. Harvey <[EMAIL PROTECTED]> wrote: > i would like to know as well... how to back-up a mysql database. Try mysqldump: $ mysqldump nuke >nuke.sql HTH, Craig -- Craig Holyoak [EMAIL PROTECTED] http://www.uq.net.au/craigh/
Re: location of mysql files?
hello, i would like to know as well... how to back-up a mysql database. i have php-nuke installed it comes with a .sql file. you first create the new database, then mysql nuke < nuke.sql i'm hoping there's some way to do the opposite... to create an .sql file to be later re-imported to another mysql server. any thoughts? tia, jason On Wed, Jan 02, 2002 at 06:36:59AM -0800, Abner Gershon wrote: | I recently have begun using MySQL on my desktop | non-networked pc. I have created several tables and | databases. I would like to know the location in my | file system I could find these for back up puposed. I | tried to use find utility but could not find these on | my hard drive. | Please email cc: as I am subscribed only to digested | forum. Thanks. | -- registered linux user #202942 http://counter.li.org/ http://www.theigloo.dhs.org
DWN:Pinnign Unstable and APT::Default-Release.
Last issue of DWN had a piece which included a suggestion about using
apt to follow testing (or stable) but still have some packages from
unstable (testing).
In short, it was suggested to have the following in /etc/apt/prefernces:
Package: *
Pin: release a=unstable
Pin-Priority: 50
When I tried to follow this suggestion I got apt trying to have me use
many packages from unstable.
The solution was to add
// Options for APT in general
APT
{
Default-Release "testing";
};
to my /etc/apt/apt.conf file. This let me actually follow testing,
which is what I want.
--
Shaul Karl
email: shaulka(at-no-spam)bezeqint.net
Please replace (at-no-spam) with an at - @ - character.
(at-no-spam) is meant for unsolicitate mail senders only.
ssh2 denials
I'm using ssh2 (www.ssh.com), and I'm trying to login to my home machine from the office. After entering "ssh home", I'm presented with the password prompt. I enter my password, and am presented with the password prompt again. This occurs three times, then the connection is broken. Following is an excerpt from the lg files on my home machine: Jan 3 13:48:26 exitwound sshd2[8715]: DNS lookup failed for "168.72.18.130". Jan 3 13:48:32 exitwound sshd2[8715]: password authentication failed. Connection from 168.72.18.130 denied. Authenticationas user stephen was attempted. I've never had this problem before, although I've never attempted to connect from this particular office. (I have successfully connected from other locations.) Any thoughts on what I need to do to correct whatever the problem might be would be greatly appreciated. Thanks! -- ) ,_),_) (-(__ |_ _ _ |/ ) | |(_)(_ |\ ( \_, ___ | http://www.exitwound.org: hard to find| | http://www.buckowensfan.com : he's the man| ___ | The hardest thing is to disguise your | | feelings when you put a lot of relatives on | | the train for home. | ___ -BEGIN GEEK CODE BLOCK- | Version: 3.1 | | GJ/IT d- s: a C+++>$ UL P+++ L+++ E--- W++| | N+@ o K- w O- M- V PS+ PE Y+ PGP++ t+@ 5@ X++ | | R tv+@ b+ DI D+ G++ e h r+++ y+++ | --END GEEK CODE BLOCK--
Re: Linux Networking Books
On Fri, Jan 04, 2002 at 12:31:47PM +1000, Penguin wrote: | I would like to do these things: | | - Setup a 128K ISDN multilink PPP connection | - Build a firewall with ipchains or iptables | - Run a web server and an FTP server | - Run a private service on port 666 | - Log all traffic going in and out (the data part of TCP and UDP packets) of | my ISDN modem connection, except for web, FTP and mail ports (But I would | like to investigate what happens when I use the web, but only log for a | little while and see what happens, then turn it off to prevent my log files | bloating to 100's of megabytes when I run my webserver!) | - Get a general knowledge of networking with Linux and security issues | | Can anybody recommend a book (or books) for me to read, suitable for someone | who is not very clueful on these things? I don't know of any dead-tree books, but the IPTABLES and NAT howto's (from "Rusty", the guy who wrote ipchains and iptables) are really good at explaining (some of) the details of IP networking. With that info you'll be able to create the firewall and log traffic. As for running a web server, 'apt-get install apache' and stick your files where it can find them. There are apache manuals on the web if you want to get more into it. FTP is not recommended, unless perhaps it is anonymous ftp and then you might as well just serve the files with apache. One of the main problems with ftp is it sends your password in cleartext. Anyone with a packet sniffer will then have your password. Running a "private service" is just a matter of running the daemon, then disallowing public use of it. That can be done via firewall rules and/or the protocol of the service. -D -- The crucible for silver and the furnace for gold, but the Lord tests the heart. Proverbs 17:3
Re: OT: Language War (Re: "C" Manual)
Thank you!! The diversity of point of view and depth of knowledge of the participants of this group is truly phenomenal. A simple question (in essence "where should I start") yielded me not only an interesting variety of response to that question, but a road map, complete with pitfalls and milestones and a vision of where I should end-up. Questions I would have never though to ask were answered, as the ping pong ball of opinion flew around. Why use a low level language like "C" for GUI applications -vs.- why not when one language will do the trick. The benefits of being able to allocate and access memory locations directly. Old standards -vs.- ANSI 99. Types, Classes, Portablilty!! . . . WOW I understand now why "C" was creating such a stir back in 1989 when I first started into programming. It's abilities both as a low level and high level language are, I believe, what make it so universally accepted. With "C" a programmer enjoys the flexibility to write a function many different ways, which means I don't think I would look forward to maintaining "C" code written by a bunch of programmers with diverse views (but I guess I sure would learn a lot). Thanks for your help, . . . all of you. I'll be sure to avoid the rest of Herb Schildts books (I got a small inexpensive programmers reference of "C" keywords & functions and some common "C++" functions that has comes in handy for figuring-out usage and syntax). After what you guys said, Ill bet his ears are ringing. I haven't found the Kernighan and Ritchie book in my local bookstore. I have been using a "C for Linux" book which seems to get right to the point and I appreciate the direct application to Linux and the gcc compiler. I wish I was a good enough programmer to contribute to this great project. Maybe one day when I understand more about Linux I could write a more user friendly help interface with clear syntax, option, and flag usage. Thanks again
Re: emergency shutdown?
I, like at least 75% of people, don't run telnetd. _Tech On 2 Jan 2002, Brian Nelson wrote: > "Karsten M. Self" writes: > > > on Wed, Jan 02, 2002 at 12:38:34PM +, Simon R Tod ([EMAIL PROTECTED]) > > wrote: > > > > Don't cross-post. Reply sent to debian-user only. > > > > > My laptop's been left on for the past 48 hours. > > > > Six days here. Uptimes of up to 22 days. > > > > > When I came back to it this morning it was very hot, the fan was > > > kicking in evert minute or two and everything was working really > > > slowly > > > > Not unusual if it's working hard or swapping heavily. > > > > > It's now just ceased up completely. The text has disappeared off my > > > xterm and I can't get any movement out of the mouse. > > > > Ditto. > > > > > I don't see how I can do anything but just turn the power off, leave > > > it for a few hours to cool down then reboot. > > > > Try switching to a console. Sometimes your X session is less > > responsive. If you've got a network, try ssh'ing into the box. > > Actually, telnet's better if the box is really struggling, presumably > because setting up an encrypted session takes more CPU power. > > When my box has been really unresponsive, I could usually get in with > telnet, but ssh would time out. > > -- > Brian Nelson <[EMAIL PROTECTED]> > [EMAIL PROTECTED] > http://bignachos.com > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: emergency shutdown?
Simon, rescue.bin is the size of an *unformatted* floppy. -Tech On Wed, 2 Jan 2002, Simon R Tod wrote: > That should be perfectly straightforward... but while a floppy has > 1457664 bytes on it, rescue.bin is 1474560 bytes, so won't fit! The > rescue.bin file on http:///images-1.20/ will fit on a standard > floopy, but how does this differ from the /images-1.44/ version? > > Thanks. > > > Jason Wood wrote: > > > > > > > You can download a linux rescue disk from debian. > > > > Take a look in here : > > > > http://ftp.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/ > > > > Download rescue.bin and then, if your on windows, use rawrite2 to put it > > onto > > a floppy. DON'T just copy the file onto the disk or it won't work. > > > > You can download rawrite2 if you look in : > > > > http://ftp.debian.org/debian/dists/woody/main/disks-i386/current/dosutils/ > > > > > Have fun... > > > > Jason Wood > > -- > [EMAIL PROTECTED] > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: emergency shutdown?
Simon, Is this thing still on, while you wait to see what to do with it? Just reboot it. It's not a problem. If it turns out to be a problem (5% chance), you can download a rescue floppy image from the internet and create a rescue disk with a Windows machine. If you have any Debian install cd's or floppies around, they'll have a rescue function. -Tech
Re: The right way to power off a computer as non-root
> Hello, Hello, > I use my computer as a workstation and thus I think it would be a good idea > to be able to switch it of as user without being root. Well, what about su? [EMAIL PROTECTED] su [EMAIL PROTECTED]'s password: [EMAIL PROTECTED] shutdown -h now > I had two ideas of making this possible. The one is to make it sudo-able and > the other is to put the executable into a special group (e.g. poweroffer) Sudo is a security hole. There are three ways to use it, one good, one questionable, and one stupid. The good way is to set your user account to have full root privs via sudo. This is very handy to have, because you can do root things without having to su. The questionable way is to allow certain users to execute a certain set of programs as root. It works well, but if you are not extremely careful about write permissions on the executables and all of their parent directories, you can make it possible to overwrite an allowed program with one of your own. Even more likely, you can force trusted programs to execute non-trusted programs with the same effective UID. The stupid way to use it is to allow a user full root privs, with some restrictions. This is off topic, but most likely useful. > and then make the binaries suid-root executable for this group and put the > users which ought to be allowed to poweroff the workstation into this group. This sounds like the best way. It seemes simpler just to su root. > Of course this would be possible with gdm, but due to some other problems > with gdm I reported a time ago which I still have not fixed I don't want to > use gdm. Ok. > thanks, > thomas -Tech > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: make-kpkg exists, right?
On Thursday 03 January 2002 19:03 pm, Seneca Cunningham wrote: > icosagon:/usr/src/kernel-source-2.4.16# ls /usr/bin/perl > ls: /usr/bin/perl: No such file or directory There's your problem. > icosagon:/usr/src/kernel-source-2.4.16# ls /usr/bin/perl* > /usr/bin/perl-5.6 /usr/bin/perl5.6.1 /usr/bin/perldoc.stub I'd guess there should be a symlink from one of the specific versions of perl to /usr/bin/perl. In any case, I wouldn't be surprised if you have other problems with perl scripts. Fixing your perl installation may solve lots of problems for you. -- Bud Rogers <[EMAIL PROTECTED]> All things in moderation. And not too much moderation either.
Re: dpkg files list errors
On Thu, Jan 03, 2002 at 05:18:10PM -0800, ben wrote: > On Thursday 03 January 2002 05:02 pm, Colin Watson wrote: > > On Thu, Jan 03, 2002 at 04:36:05PM -0800, ben wrote: > > > where does dpkg read its files lists from? i'm getting empty files list > > > errors when i attempt to use dpkg in almost any form, specifically for > > > files that are installed and functional. > > > > Sounds like /var/lib/dpkg/info/.list is corrupted. > > is there any way i can reconstruct the particular files mentioned in the > errors? Somebody might disagree with me here, but I think the safest way is probably to remove /var/lib/dpkg/info/.list and reinstall . -- Colin Watson [EMAIL PROTECTED]
FW: ATI Radeon 32MB AGP 3D-Card DDR
-Original Message- From: justin cunningham [mailto:[EMAIL PROTECTED] Sent: Thursday, January 03, 2002 5:07 PM To: '[EMAIL PROTECTED]' Subject: RE: ATI Radeon 32MB AGP 3D-Card DDR Ati's site said linux= denied. So try http://lhd.zdnet.com/db/dispproduct.php3?DISP?2650 -Original Message- From: Penguin [mailto:[EMAIL PROTECTED] Sent: Thursday, January 03, 2002 5:57 PM To: debian-user@lists.debian.org Subject: ATI Radeon 32MB AGP 3D-Card DDR Can I use this video card with Potato, on a Potato 2.2r4 CD set without having to download any extra software for it? Is it listed in the list of video cards when I use `XF86Setup?' What about the PCI version, ATI Radeon 32MB PCI 3D Card (with video out) SDR? What is DDR and SDR? Which is the best card, the AGP one or the PCI one? Thanks heaps! James -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: make-kpkg exists, right?
D-Man [EMAIL PROTECTED]; on behalf of; dman [EMAIL PROTECTED] wrote: > I think you can just hardlink /usr/bin/perl5.6.1 (or > /usr/bin/perl-5.6) to /usr/bin/perl. > > # ln /usr/bin/perl5.6.1 /usr/bin/perl I did it, and it works now. Thanks. Seneca [EMAIL PROTECTED]
Re: dpkg files list errors
On Thursday 03 January 2002 05:02 pm, Colin Watson wrote: > On Thu, Jan 03, 2002 at 04:36:05PM -0800, ben wrote: > > where does dpkg read its files lists from? i'm getting empty files list > > errors when i attempt to use dpkg in almost any form, specifically for > > files that are installed and functional. > > Sounds like /var/lib/dpkg/info/.list is corrupted. is there any way i can reconstruct the particular files mentioned in the errors?
Linux Networking Books
I would like to do these things: - Setup a 128K ISDN multilink PPP connection - Build a firewall with ipchains or iptables - Run a web server and an FTP server - Run a private service on port 666 - Log all traffic going in and out (the data part of TCP and UDP packets) of my ISDN modem connection, except for web, FTP and mail ports (But I would like to investigate what happens when I use the web, but only log for a little while and see what happens, then turn it off to prevent my log files bloating to 100's of megabytes when I run my webserver!) - Get a general knowledge of networking with Linux and security issues Can anybody recommend a book (or books) for me to read, suitable for someone who is not very clueful on these things? With Thanks James
Re: ATI Radeon 32MB AGP 3D-Card DDR
On Fri, Jan 04, 2002 at 11:56:40AM +1000, Penguin wrote: | Can I use this video card with Potato, on a Potato 2.2r4 CD set without | having to download any extra software for it? You can use nearly any card in SVGA mode (they're all still backwards compatible, right?) or the framebuffer is a great way to forget about the headaches of X. | Is it listed in the list of video cards when I use `XF86Setup?' What | about the PCI version, ATI Radeon 32MB PCI 3D Card (with video out) | SDR? PCI vs. AGP is a small matter of hardware bridges. The X server doesn't see the difference, I don't thihk. | What is DDR and SDR? Likely Double Data Rate and Single Data Rate. The new "DDR RAM" is memory (SDRAM) that has twice the throughput capacity (hence "Double" Data Rate). SDR RAM is regular old SDRAM. | Which is the best card, the AGP one or the PCI one? AGP because the AGP bus is faster than the PCI bus and it is a dedicated bus. Whether or not that makes a difference in your usage of it, I don't know. Likely it doesn't for me, but why waste a PCI slot when you can't use the AGP slot for anything else anyways? HTH, -D -- Religion that God our Father accepts as pure and faultless is this: to look after orphans and widows in their distress and to keep oneself from being polluted by the world. James 1:27
Re: make-kpkg exists, right?
On Thu, Jan 03, 2002 at 08:03:14PM -0500, Seneca Cunningham wrote: | Steve Mayer <[EMAIL PROTECTED]> wrote: | > make-kpkg is a perl script. Make sure that you have perl installed in | > the location specified on the first line of the make-kpkg script. | | icosagon:/usr/src/kernel-source-2.4.16# whereis perl | perl: /usr/lib/perl /usr/share/perl | | first line of make-kpkg is #! /usr/bin/perl | | icosagon:/usr/src/kernel-source-2.4.16# ls /usr/bin/perl | ls: /usr/bin/perl: No such file or directory | icosagon:/usr/src/kernel-source-2.4.16# ls /usr/bin/perl* | /usr/bin/perl-5.6 /usr/bin/perl5.6.1 /usr/bin/perldoc.stub Ooh, there's the problem. Steve wins the prize :-). On my system $ ls -l /usr/bin/perl* -rwxr-xr-x3 root root 707692 Dec 3 10:05 /usr/bin/perl -rwxr-xr-x3 root root 707692 Dec 3 10:05 /usr/bin/perl-5.6 -rwxr-xr-x3 root root 707692 Dec 3 10:05 /usr/bin/perl5.6.1 $ dpkg -S /usr/bin/perl perl-base: /usr/bin/perl $ dpkg -l perl-base ii perl-base 5.6.1-6The Pathologically Eclectic Rubbish Lister. $ diff -b /usr/bin/perl /usr/bin/perl5.6.1 $ I think you can just hardlink /usr/bin/perl5.6.1 (or /usr/bin/perl-5.6) to /usr/bin/perl. # ln /usr/bin/perl5.6.1 /usr/bin/perl | I don't know perl yet, so I'm not sure about it. If you want, I can attatch | my copy of make-kpkg, but it is 978 lines long. No need to, the problem is not with make-kpkg itself, but that /usr/bin/perl doesn't exist on your system. -D -- If we confess our sins, He is faithful and just and will forgive us our sins and purify us from all unrighteousness. I John 1:9
Re: make-kpkg exists, right?
Sorry about the delay, but I left the computers for a moment, and everyone wanted me to have a byte to eat. So in the order that I received the questions and responses, I have my response and/or output. J.A.Serralheiro <[EMAIL PROTECTED]> wrote: > just compile the kernel the generalw way. make-kpkg will create a package > that u install as if some some software package. > > cd to /usr/src/linux and read README file. There u will find all the > instructions u need to compile the kernel without relying on the debian > weay Right now, I want to try to get the debian way to work for me. D-Man [EMAIL PROTECTED]; on behalf of; dman [EMAIL PROTECTED] wrote: > Is /usr/bin in your PATH? Is /usr/bin/make-kpkg executable? /usr/bin is in my PATH icosagon:/usr/src/kernel-source-2.4.16# ls -l /usr/bin/make-kpkg -rwxr-xr-x1 root root30651 Dec 21 16:27 /usr/bin/make-kpkg ben <[EMAIL PROTECTED]> wrote: > use the full path, ie /usr/bin/make-kpkg clean icosagon:/usr/src/kernel-source-2.4.16# /usr/bin/make-kpkg clean bash: /usr/bin/make-kpkg: No such file or directory Steve Mayer <[EMAIL PROTECTED]> wrote: > make-kpkg is a perl script. Make sure that you have perl installed in > the location specified on the first line of the make-kpkg script. icosagon:/usr/src/kernel-source-2.4.16# whereis perl perl: /usr/lib/perl /usr/share/perl first line of make-kpkg is #! /usr/bin/perl icosagon:/usr/src/kernel-source-2.4.16# ls /usr/bin/perl ls: /usr/bin/perl: No such file or directory icosagon:/usr/src/kernel-source-2.4.16# ls /usr/bin/perl* /usr/bin/perl-5.6 /usr/bin/perl5.6.1 /usr/bin/perldoc.stub Rick Macdonald <[EMAIL PROTECTED]> wrote: > No, by the error message it's finding make-kpkg fine or you'd get "bash: > qwer-qwerq: command not found". It's a perl script, and it's also finding > perl fine, or you'd get "bad interpreter: No such file or directory". I > think the perl script is executing a command or loading or accessing > something that isn't being found. I don't know perl yet, so I'm not sure about it. If you want, I can attatch my copy of make-kpkg, but it is 978 lines long. I want to get my system fully working eventually, so I might try the non-debian way later on, but for now I want to continue trying with the debian way. Should I see about downloading kernel-package from potato? Thanks for any help, Seneca [EMAIL PROTECTED]
Re: dpkg files list errors
On Thu, Jan 03, 2002 at 04:36:05PM -0800, ben wrote: > where does dpkg read its files lists from? i'm getting empty files list > errors when i attempt to use dpkg in almost any form, specifically for files > that are installed and functional. Sounds like /var/lib/dpkg/info/.list is corrupted. -- Colin Watson [EMAIL PROTECTED]
RE: Debian Lists, USENET & Spam
Something interesting I read that might interest you too http://www.webtechniques.com/archives/2001/08/champeon/ -Original Message- From: Joey Hess [mailto:[EMAIL PROTECTED] On Behalf Of Joey Hess Sent: Thursday, January 03, 2002 4:37 PM To: debian-user@lists.debian.org Subject: Re: Debian Lists, USENET & Spam John Hasler wrote: > I'd rank the Web equal to or above Usenet. I receive a substantial amount > of spam at my debian.org address, and it can only be obtained via the Web. Well, or on cd. -- see shy jo, who sees a new market for debian source cd's :-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
shell-init: could not get current directory: getcwd: cannot access....
Hello there! I just installed woody on one of my servers, and everytime i do something like with apt-get or restarting a service or almost any other thing i get the following message: shell-init: could not get current directory: getcwd: cannot access parent directories: No such file or directory the task seems to perform ok but that message bothers me... Can anyone help me with this? Thanks!
ATI Radeon 32MB AGP 3D-Card DDR
Can I use this video card with Potato, on a Potato 2.2r4 CD set without having to download any extra software for it? Is it listed in the list of video cards when I use `XF86Setup?' What about the PCI version, ATI Radeon 32MB PCI 3D Card (with video out) SDR? What is DDR and SDR? Which is the best card, the AGP one or the PCI one? Thanks heaps! James
x authority problems
Given root access on a remote machine, I'd like to be able to execute an x application on the remote machine's local desktop. For example, if I secure shelled into a remote machine as "user" and "user" happened to be logged onto X, I'd like to be able to execute "export DISPLAY=:0" from my secure shell terminal and then be able to execute any X app and have it show up on user's desktop. X security seems to be rather complicated. Could someone point me in the direction of some relatively concise documentation? Or... Another way to do it, I suppose, would be to see who presently is running X and then do a "su $XOWNER". Given root access, subsequent commands would then work. Is there a simple way to see who owns the X process? Any other solutions to the problem would be appreciated. Thanks. --Greg
dpkg files list errors
where does dpkg read its files lists from? i'm getting empty files list errors when i attempt to use dpkg in almost any form, specifically for files that are installed and functional.
Re: Debian Lists, USENET & Spam
John Hasler wrote: > I'd rank the Web equal to or above Usenet. I receive a substantial amount > of spam at my debian.org address, and it can only be obtained via the Web. Well, or on cd. -- see shy jo, who sees a new market for debian source cd's :-)
RE: /var/log/messages notifyd on MUA server
Excerpt from: http://www.dartmouth.edu/pages/softdev/blitz.html Mailing List There is a mailing list for discussion of BlitzMail system administration. To join the list send a message to [EMAIL PROTECTED] with the word "subscribe" in the body of the message. To send mail to the list send it to [EMAIL PROTECTED] . You can also send mail directly to the BlitzMail developers at [EMAIL PROTECTED] . -Original Message- From: Ted Knab [mailto:[EMAIL PROTECTED] On Behalf Of Thedore Knab Sent: Thursday, January 03, 2002 7:14 AM To: debian-user@lists.debian.org Subject: /var/log/messages notifyd on MUA server I have found the following error in /var/log/messages: Does anyone know what this mean ? This machine is running blitzmail an MUA. Jann 3 10:05:31 blitzhost notifyd: atpread: short packet ignored Jan 3 10:06:06 blitzhost last message repeated 2 times Jan 3 10:06:16 blitzhost notifyd: atpread: short packet ignored Jan 3 10:06:52 blitzhost last message repeated 2 times Jan 3 10:08:31 blitzhost last message repeated 6 times Ted Knab -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Lists, USENET & Spam
Alec writes: >> Debian mailing lists are mirrored on (interfaced to) USENET under >> linux.debian.*, and our email addresses aren't even scrambled! >> Debian mailing lists are archived on the Web and our email addresses aren't >>even scrambled! John writes: > USENET is probably the number one source for the email address snooping > spammers. > I'd rank the Web equal to or above Usenet. I receive a substantial amount > of spam at my debian.org address, and it can only be obtained via the Web. So far, so true -- for the initial harvest. Then the rascals sell, rent, share, lend, trade, & otherwise broadcast their loot. Wendell Cochran West Seattle
Re: how to get rid of sendmail X-Authentication-Warning?
On Thu, Jan 03, 2002 at 04:23:26PM -0500, Andy Spiegl wrote (1.00): > > my sendmail configs use these privacy options: > > O PrivacyOptions=novrfy,noexpn > And mine - as I already wrote :-) > # privacy flags > O PrivacyOptions=needmailhelo,novrfy,noexpn,noreceipts,noverb > > But it still generates these lines. Are you sure that sendmail is reading /etc/mail/trusted-users.db? Did you rebuild trusted-users.db after edited /etc/mail/trusted-users? M
Re: make-kpkg exists, right?
On Thu, 3 Jan 2002, dman wrote: > On Thu, Jan 03, 2002 at 06:23:43PM -0500, Seneca Cunningham wrote: > | Right now my system is half-working and is a combination of potato and > | woody. I am trying to compile a new kernel after having a number of problems > | with my system. The instructions for compiling a new kernel say to enter in > | "make-kpkg clean", but that doesn't work on my system. > | > | icosagon:/usr/src/kernel-source-2.4.16# make-kpkg clean > | bash: /usr/bin/make-kpkg: No such file or directory > | icosagon:/usr/src/kernel-source-2.4.16# whereis make-kpkg > | make-kpkg: /usr/bin/make-kpkg > | icosagon:/usr/src/kernel-source-2.4.16# cd /usr/bin > | icosagon:/usr/bin/# ls make-kpkg > | make-kpkg > | > | First it claims that make-kpkg isn't a file or directory, then it tells me > | where it is. Unlike make-kpkg, the manpage can be accessed. I have > | reinstalled kernel-package three or four times, with the most recent time > | being from a second download. I am attempting to use the version of > | kernel-package that is in woody. What do I need to do to get further in my > | attempt to compile a kernel? > > Is /usr/bin in your PATH? Is /usr/bin/make-kpkg executable? No, by the error message it's finding make-kpkg fine or you'd get "bash: qwer-qwerq: command not found". It's a perl script, and it's also finding perl fine, or you'd get "bad interpreter: No such file or directory". I think the perl script is executing a command or loading or accessing something that isn't being found. ...RickM...
guppi package
Are there any plans to make a stand-alone guppi package (currently only libguppi exists, essentially for invocation by gnumeric and gnucash)? As a sysadmin for a scientific lab, it would be a nice tool for my users, but given the hell that is compiling bonobo applications, I won't realistically be compiling it myself.
PCMCIA: MegaHertz modem and init/getty
I got this MegaHertz XJ2288 modem, and when i insert it to see if it could detect the card, it fires off a bunch of message about the usage of getty, then it says init: ID "S" respawning too fast: disabled for 5 minutes. It seems that cardmgr can recognize the card, but how can I get this thing to work? Calyth
Re: NIST time
Paul E Condon writes: > I guess it is not NTP... It is NTP. > ...since that requires that the other host is running NTP deamon. It does. Chronyd is both an NTP server and an NTP client. > What method does it use. NTP. > Maybe it should be substituted for NTP. For most purposes chrony is an interoperable plug-in replacement for ntpd. However, ntpd supports esoteric hardware such as atomic clocks, and is also the reference implementation of NTP. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI
Re: make-kpkg exists, right?
On Thu, Jan 03, 2002 at 06:23:43PM -0500, Seneca Cunningham wrote: | Right now my system is half-working and is a combination of potato and | woody. I am trying to compile a new kernel after having a number of problems | with my system. The instructions for compiling a new kernel say to enter in | "make-kpkg clean", but that doesn't work on my system. | | icosagon:/usr/src/kernel-source-2.4.16# make-kpkg clean | bash: /usr/bin/make-kpkg: No such file or directory | icosagon:/usr/src/kernel-source-2.4.16# whereis make-kpkg | make-kpkg: /usr/bin/make-kpkg | icosagon:/usr/src/kernel-source-2.4.16# cd /usr/bin | icosagon:/usr/bin/# ls make-kpkg | make-kpkg | | First it claims that make-kpkg isn't a file or directory, then it tells me | where it is. Unlike make-kpkg, the manpage can be accessed. I have | reinstalled kernel-package three or four times, with the most recent time | being from a second download. I am attempting to use the version of | kernel-package that is in woody. What do I need to do to get further in my | attempt to compile a kernel? Is /usr/bin in your PATH? Is /usr/bin/make-kpkg executable? -D -- If we confess our sins, He is faithful and just and will forgive us our sins and purify us from all unrighteousness. I John 1:9
Re: make-kpkg exists, right?
just compile the kernel the generalw way. make-kpkg will create a package that u install as if some some software package. cd to /usr/src/linux and read README file. There u will find all the instructions u need to compile the kernel without relying on the debian weay On Thu, 3 Jan 2002, Seneca Cunningham wrote: > Right now my system is half-working and is a combination of potato and > woody. I am trying to compile a new kernel after having a number of problems > with my system. The instructions for compiling a new kernel say to enter in > "make-kpkg clean", but that doesn't work on my system. > > icosagon:/usr/src/kernel-source-2.4.16# make-kpkg clean > bash: /usr/bin/make-kpkg: No such file or directory > icosagon:/usr/src/kernel-source-2.4.16# make-kpkg --help > bash: /usr/bin/make-kpkg: No such file or directory > icosagon:/usr/src/kernel-source-2.4.16# make-kpkg > bash: /usr/bin/make-kpkg: No such file or directory > icosagon:/usr/src/kernel-source-2.4.16# whereis make-kpkg > make-kpkg: /usr/bin/make-kpkg > icosagon:/usr/src/kernel-source-2.4.16# cd /usr/bin > icosagon:/usr/bin/# ls make-kpkg > make-kpkg > > First it claims that make-kpkg isn't a file or directory, then it tells me > where it is. Unlike make-kpkg, the manpage can be accessed. I have > reinstalled kernel-package three or four times, with the most recent time > being from a second download. I am attempting to use the version of > kernel-package that is in woody. What do I need to do to get further in my > attempt to compile a kernel? > > Thanks for any help, > > Seneca > [EMAIL PROTECTED] > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
Re: iptables ruleset
On Thu, 03 Jan 2002, Martin A. Hansen wrote: > any suggestions on how to set up a strong firewall rule set will be > appreciated! I don't believe the standard ipmasq setup provides any form of firewalling. I have attached the script that I'm currently using. Feel free to use it if it suits you. A couple of notes: o I'm running this on an old 486. Ipmasq is by default set up so that it will reinitialize the iptable rules whenever a new interface is set up. This took to long on my computer, so I have disabled it. This means that my script needs to be able to work without knowing the IP address of my server. This isn't really a problem. o I deleted all the files from /etc/ipmasq/rules and installed the script as /etc/ipmasq/rules/A00doitall.rul mode 755. Yet another optimization for my old computer... o This need a 2.4 kernel o The script currently assumes that eth0 and ppp0 are internal, and that ppp1 and ippp* are external. You need to change the line starting with "EXTERNAL=" to change this and delete the line with ppp0 at the end if it is an external interface. o The script works with multiple external interfaces if needed. o My internal network uses 192.168.1.xxx. Search and replace if you use a different block. o I allow the following connections from the outside: TCP: ssh to the server gnutella and napster connections will be forwarded to a specific computer (192.168.1.8) in the private network UDP: two ports are open for replies to get DNS and ntpdate working. you need to configure bind to use 1053 as source port if you have it installed. ICMP: Incoming pings are blocked, everything else gets through (important!) o All the rules that log information should be rate-limited, but currently aren't. This could be used for a DoS attack. I'd be very interested to hear comments about the security of this setup. Walter # wh, 11.9.2001 # === Set variables and do sanity checks === PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin IPTABLES=/sbin/iptables EXTERNAL=`enumerate-if | grep -E '^(ippp|ppp1)'` if [ ! -e /proc/net/ip_forward -a ! -e /proc/sys/net/ipv4/ip_forward ]; then echo "IP Forwarding has not been enabled in the kernel." exit 1 fi if [ ! -e /proc/net/ip_masquerade -a ! -e /proc/net/ip_tables_names ]; then echo "IP Masquerade has not been enabled in the kernel." exit 1 fi # === Put everything to the default state first === echo 1 >/proc/sys/net/ipv4/ip_forward #echo 1 >/proc/sys/net/ipv4/ip_always_defrag $IPTABLES -P INPUT DROP $IPTABLES -P OUTPUT DROP $IPTABLES -P FORWARD DROP $IPTABLES -F INPUT $IPTABLES -F OUTPUT $IPTABLES -F FORWARD $IPTABLES -t mangle -P PREROUTING ACCEPT $IPTABLES -t mangle -P OUTPUT ACCEPT $IPTABLES -t mangle -F PREROUTING $IPTABLES -t mangle -F OUTPUT $IPTABLES -t nat -P PREROUTING ACCEPT $IPTABLES -t nat -P POSTROUTING ACCEPT $IPTABLES -t nat -P OUTPUT ACCEPT $IPTABLES -t nat -F PREROUTING $IPTABLES -t nat -F POSTROUTING $IPTABLES -t nat -F OUTPUT # === Allow everything over loopback and ppp0 === $IPTABLES -A INPUT -j ACCEPT -i lo $IPTABLES -A INPUT -j LOG -i ! lo -s 127.0.0.1/255.0.0.0 $IPTABLES -A INPUT -j DROP -i ! lo -s 127.0.0.1/255.0.0.0 $IPTABLES -A INPUT -j ACCEPT -i ppp0 # === Allow everything with correct IP in over eth0 === $IPTABLES -A INPUT -j ACCEPT -i eth0 -d 255.255.255.255/32 $IPTABLES -A INPUT -j ACCEPT -i eth0 -s 192.168.1.0/24 $IPTABLES -A INPUT -j ACCEPT -i eth0 -d 224.0.0.0/4 -p ! tcp for i in $EXTERNAL; do # === Drop incoming packets with local addresses === $IPTABLES -A INPUT -j LOG -i $i -s 192.168.1.0/24 $IPTABLES -A INPUT -j DROP -i $i -s 192.168.1.0/24 # === Check everything else that comes in from the outside === # Allow TCP if initiated from the inside $IPTABLES -A INPUT -j ACCEPT -i $i --protocol tcp \! --syn # Allow incoming ssh, but log it $IPTABLES -A INPUT -j LOG -i $i --protocol tcp --destination-port ssh $IPTABLES -A INPUT -j ACCEPT -i $i --protocol tcp --destination-port ssh # Reject identd lookups: Gives better performance and prevents clutter in the logs $IPTABLES -A INPUT -j REJECT -i $i --protocol tcp --destination-port auth # Allow incoming UDP to port 1053. Bind is configured to use # 1053 as the source port for its queries $IPTABLES -A INPUT -j ACCEPT -i $i --protocol udp --destination-port 1053 # Allow incoming UTP to port 123. This is for ntpdate. $IPTABLES -A INPUT -j ACCEPT -i $i --protocol udp --destination-port 123 # Log other people's pings $IPTABLES -A INPUT -j LOG -i $i --protocol icmp --icmp-type echo-request # Allow ICMP but no pings $IPTABLES -A INPUT -j ACCEPT -i $i --protocol icmp --icmp-type \! echo-request # Everything else coming in is logged and denied # Masquerade packets to the outside $IPTABLES -t nat -A POSTROUTING -o $i -s 192.168.1.0/24 -j MASQUERADE $IPTABLES -A FORWARD -i eth0 -o $i -s
screen capture
on Thu, 03 Jan 2002 12:53:36PM -0800, Chad Morgan insinuated: > I know there is a way to capture the screen, I just don't know how > to do it. use xv, the "grab" option. <[EMAIL PROTECTED]>-- -http://www.sccs.swarthmore.edu/~nori/jnl/daily.html
Re: OT: Language War (Re: "C" Manual)
Lo, on Thursday, January 3, Erik Steffl did write:
> what's the difference? the point is you can assign almost anything to
> anything, and yet there is no segfault - i.e. the strength of types has
> nothing (sort of) to do with segfaults... the resource allocation is
> crucial...
Type safety (plus dynamic allocation) implies advanced memory
management. The converse is not true: you can slap Boehm's conservative
GC onto a C++ program, but you can still get segmentation faults:
char str[] = { 'b', 'a', 'd', ' ', 's', 't', 'r', 'i', 'n', 'g' };
// note the lack of a terminating '\0'!
cout << str;
No allocation issues involved. As Ben Collins pointed out elsewhere in
this thread (bit of a tree-shaped thread, isn't it?), this won't
necessarily cause a segfault, but it can. It's also a violation of
type-safety: cout expects a null-terminated string, and as far as the
compiler is concerned, str fits this. However, there's no runtime check
in the output routine to verify that this is, in fact, the case. Ooops.
Therefore, I claim that type safety is a more fundamental concept than
resource mangement.
> that's all interesting, but the point was that the perl type system is
> as weak as I can imagine yet it doesn't lead to segfaults... it's the
> resource allocation!
Type safety != `strong' types. They're orthogonal. (Well, sort of. It
turns out that `strong types' isn't a very well-defined concept;
language researchers prefer to discuss compile-time type verification.
*That* definitely has nothing to do with type safety.)
> If you cannot make sure that MyUserType variable will only be assigned
> MyUserType values then you have (almost) NO type safety.
That's only meaningful if you can declare a variable to be MyUserType at
runtime. This does not apply to a whole variety of languages, many of
which are still type-safe.
(I think I'm just going to decide that Perl's type system is on crack.
But what do you expect when a linguist designs a programming language?)
> > In any case, memory allocation errors aren't the only cause of
> > segmentation faults---how about walking off the end of an array? Here,
> > I claim that Perl *does* maintain type-safety, although in a seriously
> > fscked-up way: it simply expands the array to make the reference valid.
>
> it's not the types! it doesn't care about types at all. it just makes
> sure you always have a place to store whatever you are about to store.
> what does that have with types? not much. it has to know what are you
> trying to store but it doesn't care at all what was there before, what's
> the type of variable where you are storing it. again, I find it pretty
> strange to call that kind of behaviour 'type safety'.
Yes, it *is* types. Remember the definition of type-safety:
If an expression E is determined at compile time to have type T,
then evaluating E will have one of two results:
1) The value of E is a valid object of type T and not just some
random collection of bits we're misinterpreting as a T.
2) a well-defined runtime error occurs (e.g., Java's
ArrayBoundsException).
There are no other possibilities.
In this particular case, Perl chooses to use the memory allocation
system to satisfy type safety (it creates a new T, initializes it, and
returns it). It's not the only possibility, though; Java would throw an
exception in this case. No allocation involved.
Richard
Re: ftp.uk.debian.org down?
On Thu, Jan 03, 2002 at 11:54:13AM +0100, Franois Chenais wrote: > Happy new year ! > > the ftp.uk.debian.org seems to be down. any idea ? www.uk.debian.org was also poorly earlier today. Both seem ok at the moment. Brian.
make-kpkg exists, right?
Right now my system is half-working and is a combination of potato and woody. I am trying to compile a new kernel after having a number of problems with my system. The instructions for compiling a new kernel say to enter in "make-kpkg clean", but that doesn't work on my system. icosagon:/usr/src/kernel-source-2.4.16# make-kpkg clean bash: /usr/bin/make-kpkg: No such file or directory icosagon:/usr/src/kernel-source-2.4.16# make-kpkg --help bash: /usr/bin/make-kpkg: No such file or directory icosagon:/usr/src/kernel-source-2.4.16# make-kpkg bash: /usr/bin/make-kpkg: No such file or directory icosagon:/usr/src/kernel-source-2.4.16# whereis make-kpkg make-kpkg: /usr/bin/make-kpkg icosagon:/usr/src/kernel-source-2.4.16# cd /usr/bin icosagon:/usr/bin/# ls make-kpkg make-kpkg First it claims that make-kpkg isn't a file or directory, then it tells me where it is. Unlike make-kpkg, the manpage can be accessed. I have reinstalled kernel-package three or four times, with the most recent time being from a second download. I am attempting to use the version of kernel-package that is in woody. What do I need to do to get further in my attempt to compile a kernel? Thanks for any help, Seneca [EMAIL PROTECTED]
FW: (Fwd) Re: Lost in apt-get
...forgot to post to list -Original Message- From: justin cunningham [mailto:[EMAIL PROTECTED] Sent: Thursday, January 03, 2002 2:39 PM To: 'Hélio Perroni Filho' Subject: RE: (Fwd) Re: Lost in apt-get http://newbiedoc.sourceforge.net/system/apt-get-intro.html -Original Message- From: Hélio Perroni Filho [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 02, 2002 3:58 PM To: debian-user@lists.debian.org Subject: Re: (Fwd) Re: Lost in apt-get > I dont quite get it, lets say i apt-get install a package... so it > fetches the necessary files, downloads, and installs them.. but, > where does apt-get leaves the binaries? i mean for example, i apt- > get'ed xmms , and it downloaded and installed.. but i have no clue > on how to launch it. Most of the times binaries will be at /usr/bin/, /usr/local/bin or /usr/X11R6/bin -- which hopefully are in your $PATH -- and have the same name as the program itself, with all letters in lower-case. So, the first thing to try after installing a new package is just to type its name in a terminal window (in your example, just try entering "xmms" and see what happens). If that doesn't work, you can try "dpkg -L ", which will list the files (with complete path) owned by the package, and then search for something that looks like a binary. Until we meet again... Hélio Perroni Filho -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Xfree 4.1 Sig 11 (woody)
On Thu, 3 Jan 2002 14:25:46 -0800 (PST) "nate" <[EMAIL PROTECTED]> wrote: > > > > > Just guessing: Maybe a hardware error? Maybe something related to > > java threads? > > i suppose its possible its a hardware error..(hope not!!) > i don't think i had anything java related running. i was > using a www-based program called DEMARC(demarc.org) its > fully server-side though ..i was doing some intensive > table rendering in the browser though(3000-6000 rows per > table). though that shouldn't of crashed X haven't > had any crashes since my post .. Fortunately, RAM isn't that expensive anymore; if memtest86 doesn't find anything, maybe you triggered a rare race in X. -- Christoph Simon [EMAIL PROTECTED] --- ^X^C q quit :q ^C end x exit ZZ ^D ? help .
SOLVED Can't access aliased ip address
It turns out it was in fact a firewall problem. I discovered that I wasn't resetting the firewall to no restrictions right. I thought that resetting the policy would reset all of the rules and didn't realize I needed to do a flush first. Now that I think about it makes good sense to do it this way. Now I just need to go in and see which rule was causing the problem. Thanks for the help Chad
anyone have experience with portslave ?
i'm looking to build a dialup server using debian, and would like radius/radius accounting support, from the looks of it, 'portslave' can do this. sourceforge says the status is pre alpha ..and there are no bugs filed against it in the debian buglist.. has anyone used it? is there a better way ? thanks! nate
Re: OT: Language War (Re: "C" Manual)
Richard Cobbe wrote:
>
> Lo, on Thursday, January 3, William T Wilson did write:
>
> > On Wed, 2 Jan 2002, Richard Cobbe wrote:
> >
> > > I'll agree that the two are related; in fact, I'd go so far as to say
> > > that if a language supports dynamic memory allocation and type-safety,
> > > it *has* to have some sort of automatic storage management system.
> >
> > I don't think that necessarily follows; a manual mechanism for freeing
> > resources would then just set the reference to a NULL value.
>
> Not in the general case, no.
>
> std::string *s = new string("foo");
> std::string *s2 = s;
>
> delete s;
>
> If we assume a variant of C++ that extends delete to set its argument
> pointer to NULL, you still have the problem of s2 hanging around. In
> the general case, it's not so obvious that you've got two pointers to
> reset.
unless, of course, you also keep track of who points to given piece of
memory ;-) whoops...
erik
Re: APT failing installing kdebase-crypto on Woody
OK, I will try to do that in the future. Thanks for answering anyway! Pontus On Thu, 3 Jan 2002 23:12:57 +0100 martin f krafft <[EMAIL PROTECTED]> wrote: > also sprach Pontus Edvardsson <[EMAIL PROTECTED]> > [2002.01.03.2235 +0100]:> I'm trying to install and enable SSL on my > Woody (2.4.17) without luck.> I've tried a few times now, and everytime > the following error occurs... I> installed OpenSSL wich went fine, > thinking that would help, but didn't.> Please tell me what can be done? > How do I fix it or where can I find info> about it? > > please do make an effort to read the archives and/or bugreports on a > package, before you post to the list. this question has been asked a > number of times! > > anyway, it's a bug and it's been filed, and it's been fixed, so either > jist --force-overwrite, wait until it reaches woody, or get > kdebase3-crypto from unstable... > > -- > martin; (greetings from the heart of the sun.) > \ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] > > you will be run over by a beer truck. >
Re: Xfree 4.1 Sig 11 (woody)
> > Just guessing: Maybe a hardware error? Maybe something related to > java threads? i suppose its possible its a hardware error..(hope not!!) i don't think i had anything java related running. i was using a www-based program called DEMARC(demarc.org) its fully server-side though ..i was doing some intensive table rendering in the browser though(3000-6000 rows per table). though that shouldn't of crashed X haven't had any crashes since my post .. hmm thanks nate
Howto print from Opera using CUPS?
I have just found the excellent browser Opera 6.0 (TP2), but cannot seem to print. Has anyone configured this to work with CUPS installed? Thanks, Pontus
Re: NVidia GeForce MX problems - "no screens found"
>Current (as of today) Woody system, NVidia GeForce MX AGP card, >Debian packaged nv driver. XF86cfg starts fine and allows me to build >the XF86Config file, but when I try to start the server I get the "no >screens found" error. /var/log/XFree86.0.log is below. Hi Michael don't know if this can help you but I installed the driver for my Geforce2 MX400 from the drivers I found on their website (www.nvidia.org) ... their package also provide a README where typical problems are discussed. Gregor
Re: pine?
On Thu, Jan 03, 2002 at 01:12:31PM -0600, Colin Watson wrote: > On Thu, Jan 03, 2002 at 11:43:59AM -0600, Michael Jinks wrote: > > The "./debian/rules" command fails; the first error I notice is: > > > > cc -O2 -g -DLNX -DSYSTYPE=\"LNX\" -DMOUSE -c -o addrbook.o addrbook.c > > make[1]: cc: Command not found > > The gcc package should install a link in /usr/bin/cc. What does > '/usr/sbin/update-alternatives --display cc' say? sh-2.03# /usr/sbin/update-alternatives --display cc cc - status is manual. link currently points to /usr/bin/gcc /usr/bin/gcc - priority 20 slave cc.1.gz: /usr/man/man1/gcc.1.gz Current `best' version is /usr/bin/gcc. But /usr/bin/cc didn't exist; I made the link manually. Solved that problem, but now I get different ones: ... ar ru libpico.a attach.o ansi.o basic.o bind.o browse.o buffer.o composer.o display.o file.o fileio.o line.o osdep.o pico.o random.o region.o search.o spell.o tinfo.o window.o word.o ranlib libpico.a cc -O2 -g -Dlnx -DPOSIX -DJOB_CONTROL -DMOUSE -DTERMCAP_WINS main.c libpico.a -lncurses -o pico /opt/bin/ld: /usr/lib/libncurses.so: mkdir: invalid version 2 (max 0) /usr/lib/libncurses.so: could not read symbols: Bad value collect2: ld returned 1 exit status make[1]: *** [pico] Error 1 make[1]: Leaving directory `/usr/src/pine/pine-3.96M/pico' ... ... make[2]: Entering directory `/usr/src/pine/pine-3.96M/pine/osdep' cc -o includer includer.c /opt/bin/ld: /lib/libc.so.6: _dl_sysdep_start: invalid version 7 (max 6) /lib/libc.so.6: could not read symbols: Bad value collect2: ld returned 1 exit status make[2]: *** [includer] Error 1 make[2]: Leaving directory `/usr/src/pine/pine-3.96M/pine/osdep' rm -f os.c ln -s osdep/os-lnx.c os.c cc -O2 -g -DLNX -DSYSTYPE=\"LNX\" -DMOUSE -c -o os.o os.c cc: os.c: No such file or directory cc: No input files make[1]: *** [os.o] Error 1 make[1]: Leaving directory `/usr/src/pine/pine-3.96M/pine' Further down there are more errors as a result of pine not being built. So, missing libraries maybe, or a version mismatch of some kind? Thanks... -m
Re: NIST time
"Paul E Condon" <[EMAIL PROTECTED]> writes: > Craig Dickson wrote: > > > Sam Varghese wrote: > > > > > i used ntpdate initially but have now swicthed to chrony. the same > > > guy who wrote pppconfig has written this utility and like pppconfig > > > it is simple and works well. > > > > Is ntpdate not simple, or does it not work well? What caused you to want > > to switch? I use ntpdate and it seems to do the job nicely, but if there > > is a real advantage to chrony, I might give it a try. > > > > Craig > > > > My experience with this issue may be interesting to others... > > 1. ntp-simple does not exist in Packages.gz as downloaded today from > ftp.us.debian.org > > 2. It was not clear from the messages in dselect that ntp.deb and > ntpdate.deb are cryptically incompatible. Both need to listen on a > particular socket that is dedicated to the NTP protocol. During rc2, > ntpdate is run first and ntp is then started. This is fine, because > ntpdate really doesn't start a deamon. It just runs ntpdate once to > update the system clock, and then ntp deamon gets started. But if you > try to run ntp from the command line, it gives an error message. So be > sure NOT to install ntp.deb, if you want to be able the check your > ntpdate installation from the command line. I don't know if I'd use the word incompatible. The two are really complimentary. They're designed to work as you stated. First you sync with ntpdate and then start the ntp daemon to run continuously and keep your clock in sync. In fact, if your time/date is too far off the ntp daemon will refuse to reset your clock. That's one of the reasons to run ntpdate prior to starting the ntp daemon, and once you're running the ntp daemon there's no reason to run ntpdate. ntpdate is used to get your clock in the ballpark, and the ntp daemon is designed to keep it there. Also, I believe, the daemon doesn't make large changes to the time, but instead incrementally adjusts your clock to match the ntp server. ntpdate just sets your clock to the correct time. If you do install ntp before ntpdate, you can always: /etc/init.d/ntp stop /etc/init.d/ntpdate start /etc/init.d/ntp start > 3. My reading of stuff on the NIST time web site leads me to believe > that NTP (the protocol) is poorly designed and obsolescent. But don't > ask me to defend that. Read what they say, and draw your own > conclusions. I think it's more the case that it's serious overkill for someone that just wants reasonable accuracy on his/her desktop system, like on the order of milliseconds, instead of picoseconds. It's a very complex protocol, from what I understand, but pretty accurate. Also, because of it's complexity, it's become a nightmare to maintain/expand it's features. From http://www.boulder.nist.gov/timefreq/service/its.htm: The Network Time Protocol (NTP) is the most complex and sophisticated of the time protocols, and the one that provides the best performance. > 4. Documentation for ntp indicates that the software has been updated > with a view to working on future very fast LANs, very fast > Internet. I, personnally, think this is a foolish waste of effort. The > time information that is available from GPS will always be somewhat > better, and never worse, than what is available via land lines and > packet forwarding. I guess I'm a little confused by this. I agree with the conjecture, but how does the GPS time get translated to computer? Last time I looked, admittedly a long time ago, hardware to perform such a function was rather pricey. I think the idea behind the development of the ntp protocol and the software to support it was to work on fast LANs for organizations where time accuracy/synchronization on/between computers is critical to something they do. I don't think the idea behind it's design was to sync your desktop computer at home. Just turns out it is (or was) the only thing available to perform that function. > IMO, the best next step in development of time on the internet would > be to introduce a protocol that did not require a special socket > assignment on the client. I think NIST has already made some progress > on this (see point 3, above) I agree here. Such a system makes much more sense for those of us where picosecond accuracy isn't necessary. But ntp will certainly have a role to play in other arenas. Gary
scam warning (FW: IMPORTANT)
I just got this message. Looks like the scammers are getting smarter -- sent directly to me with no trail in the Received: headers (all the received headers are my school accounts forwarding to other school accounts and eventually to my house). Just beware :-). Funny, as I snipped out most of the noise, I noticed that james wants a "trust wordy" partner. Hehe. -D - Forwarded message from james langa <[EMAIL PROTECTED]> - Received: from pony-express.cs.rit.edu ([129.21.30.24]) by localhost with esmtp (Exim 3.33 #1 (Debian)) id 16MGB3-i7-00 for <[EMAIL PROTECTED]>; Thu, 03 Jan 2002 17:17:33 -0500 Received: from vms4.rit.edu (vms4.isc.rit.edu [129.21.3.15]) by pony-express.cs.rit.edu (8.9.3/8.9.3) with ESMTP id RAA03543 for <[EMAIL PROTECTED]>; Thu, 3 Jan 2002 17:10:06 -0500 (EST) Received: from conversion.ritvax by ritvax.isc.rit.edu (PMDF V5.2-32 #40294) id <[EMAIL PROTECTED]> for [EMAIL PROTECTED] (ORCPT rfc822;[EMAIL PROTECTED]); Thu, 3 Jan 2002 17:10:06 EST Received: from ritvax.isc.rit.edu by ritvax.isc.rit.edu (PMDF V5.2-32 #41784) id <[EMAIL PROTECTED]> for [EMAIL PROTECTED] (ORCPT rfc822;[EMAIL PROTECTED]); Thu, 03 Jan 2002 17:10:05 -0500 (EST) Received: from conversion.ritvax by ritvax.isc.rit.edu (PMDF V5.2-32 #41784) id <[EMAIL PROTECTED]> for [EMAIL PROTECTED] (ORCPT rfc822;[EMAIL PROTECTED]); Thu, 03 Jan 2002 17:10:04 -0500 (EST) Received: from vmsmx.rit.edu ([64.110.64.19]) by ritvax.isc.rit.edu (PMDF V5.2-32 #41784) with SMTP id <[EMAIL PROTECTED]> for [EMAIL PROTECTED] (ORCPT rfc822;[EMAIL PROTECTED]); Thu, 03 Jan 2002 17:10:04 -0500 (EST) Date: Thu, 03 Jan 2002 23:02:27 From: james langa <[EMAIL PROTECTED]> Subject: IMPORTANT To: [EMAIL PROTECTED] Message-id: <[EMAIL PROTECTED]> X-VMS-To: IN%"[EMAIL PROTECTED]" MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT FROM: COL. JAMES LANGA. DEMOCRATIC REPUBLIC OF CONGO. [EMAIL PROTECTED] Dear Sir, SEEKING YOUR IMMEDIATE ASSISTANCE. Please Permit me to make your acquaintance in so informal a manner. This is necessitated by my urgent need to reach a dependable and trust wordy foreign partner. [ lots of stuff snipped ] - End forwarded message - -- How great is the love the Father has lavished on us, that we should be called children of God! 1 John 3:1
Re: Pause
On Thu, Jan 03, 2002 at 01:48:44PM -0800, L Vogtmann wrote: > On Wednesday 02 January 2002 09:09 pm, Karsten M. Self wrote: > > on Wed, Jan 02, 2002 at 07:26:13PM -0800, Paul A. Thomas > > ([EMAIL PROTECTED]) wrote: > > > Searching reveals ways to pause help files if you don't wish to use a > > > pipe command... is there a keyboard stroke which corresponds to the > > > 'pause' key when the initial boot takes place? The commands ^S ^Q or > > > Left Shift PgUp & PgDn would seem to be made for browsing help files or > > > other text displays. > > > > ^S and ^Q were far more useful on 300 baud modems. > > > > Use a pager -- more, less, most, etc. > > I think he means for the boot up messages from the kernel. You can't use a > pager there. You can, however, use ^S and ^Q - at least on any Linux machine I've ever used. -- Colin Watson [EMAIL PROTECTED]
Re: OT: Language War (Re: "C" Manual)
Lo, on Thursday, January 3, William T Wilson did write:
> On Wed, 2 Jan 2002, Richard Cobbe wrote:
>
> > I'll agree that the two are related; in fact, I'd go so far as to say
> > that if a language supports dynamic memory allocation and type-safety,
> > it *has* to have some sort of automatic storage management system.
>
> I don't think that necessarily follows; a manual mechanism for freeing
> resources would then just set the reference to a NULL value.
Not in the general case, no.
std::string *s = new string("foo");
std::string *s2 = s;
delete s;
If we assume a variant of C++ that extends delete to set its argument
pointer to NULL, you still have the problem of s2 hanging around. In
the general case, it's not so obvious that you've got two pointers to
reset.
Re: APT failing installing kdebase-crypto on Woody
also sprach Pontus Edvardsson <[EMAIL PROTECTED]> [2002.01.03.2235 +0100]: > I'm trying to install and enable SSL on my Woody (2.4.17) without luck. > I've tried a few times now, and everytime the following error occurs... I > installed OpenSSL wich went fine, thinking that would help, but didn't. > Please tell me what can be done? How do I fix it or where can I find info > about it? please do make an effort to read the archives and/or bugreports on a package, before you post to the list. this question has been asked a number of times! anyway, it's a bug and it's been filed, and it's been fixed, so either jist --force-overwrite, wait until it reaches woody, or get kdebase3-crypto from unstable... -- martin; (greetings from the heart of the sun.) \ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] you will be run over by a beer truck. pgpbjJZx88Jrd.pgp Description: PGP signature
Re: Pause
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 02 January 2002 09:09 pm, Karsten M. Self wrote:
> on Wed, Jan 02, 2002 at 07:26:13PM -0800, Paul A. Thomas
([EMAIL PROTECTED]) wrote:
> > Searching reveals ways to pause help files if you don't wish to use a
> > pipe command... is there a keyboard stroke which corresponds to the
> > 'pause' key when the initial boot takes place? The commands ^S ^Q or
> > Left Shift PgUp & PgDn would seem to be made for browsing help files or
> > other text displays.
>
> ^S and ^Q were far more useful on 300 baud modems.
>
> Use a pager -- more, less, most, etc.
I think he means for the boot up messages from the kernel. You can't use a
pager there.
"dmesg" will show you the last kernel messages. Use it after boot to see
what the kernel spits out when it boots.
- --
vmann
reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))
GnuPG/PGP Fingerprint CE80 018B D825 6DF1 4990 C15F E11A B17E 4A0C D133
Sair Linux and GNU Certified Administrator #563619
Whidbey Linux Users Group - http://www.wlug.net
http://vmann.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8NNG84RqxfkoM0TMRAhmWAJ4jWEYdGcxhUvnKUSMNsetVBCGjNACbBfbM
AGHBXO34Vmrnj9ab5eR4nGM=
=0Rjs
-END PGP SIGNATURE-
Re: LNX-BBC (was Re: emergency shutdown?)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 03 January 2002 04:30 am, dman wrote:
> On Wed, Jan 02, 2002 at 06:50:30PM -0800, Karsten M. Self wrote:
> | (and the compressed loopback filesystem means I can't see what's
> | actually there).
>
> Couldn't you use dd to dump it to a file, then uncompress it and mount
> it?
Nah, they use one of them new fangled compressed loop (cloop) filesystems.
It's not your ordinary gzipped ramdisk image. (Block level compression, they
include a cloop.o module on the disk to be able to mount it when the disk
boots.)
I agree with earlier posts, LNX-BBC is a great rescue system. Everyone in
our user group has one.
- --
vmann
reduce(lambda x,y:x+y,map(lambda
x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b'))) GnuPG/PGP Fingerprint CE80
018B D825 6DF1 4990 C15F E11A B17E 4A0C D133 Sair Linux and GNU Certified
Administrator #563619
Whidbey Linux Users Group - http://www.wlug.net
http://vmann.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8NNEv4RqxfkoM0TMRAjDuAJ4+f2OlXEq7sFv5hZnNFBfEcc5TzQCfYtdY
RGlwXHN4fsmZyLeBu6T8nCE=
=kWyW
-END PGP SIGNATURE-
Re: Can't access aliased ip address
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 02 January 2002 07:02 pm, Jason M. Harvey wrote:
> yes, ipmasqadm should work for the port forwarding. actually, i know
> someone else who uses ipmasqadm to forward telnet traffic from his
> external ip to another pc with a private ip.
> having other users who may/will want pcanywhere may definitly be an
> issue for you to consider! i've never used it myself... one of these
> years i have to install it just to see what options it has - like
> specifying other ports! (yes, i'm stuck with that other os at my job!)
I know this isn't much to add, but it is an idea to look at if other users
might want pcanywhere access.
(Mind you, I'm not very experienced with advanced routing configurations, but
I'm fairly certain this is possible.)
Find out the IP address of the user with DSL who wants in to his system.
Then write a rule specifying that a request for the pcanywhere port on the
firewall from this (and only this) IP should go to _his_ internal machine.
Add more rules like this for other users.
I would say that is more secure than having multiple ports open for
pcanywhere, and much easier for your clients, as they wouldn't have to
reconfigure.
(Mind you, each person would require another line in your firewall script,
and no dynamic IP's)
- --
vmann
reduce(lambda x,y:x+y,map(lambda
x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b'))) GnuPG/PGP Fingerprint CE80
018B D825 6DF1 4990 C15F E11A B17E 4A0C D133 Sair Linux and GNU Certified
Administrator #563619
Whidbey Linux Users Group - http://www.wlug.net
http://vmann.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8NNEf4RqxfkoM0TMRAmcMAJ9aMJ8lMf4zq1sn8NoScsX0EG/m6gCggSiH
cpdAjKQ2/I0HVvWib1JG5xE=
=JGWK
-END PGP SIGNATURE-
Re: Can I set up a kde desktop background with xearth and xfishtank
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 02 January 2002 03:51 pm, Alan Chandler wrote:
> I would like to set up my kde desktop (all of them?) with xearth (as the
> desktop background) and xfishtank as either a background on top of xearth
> or as a screensaver. Failing all of that I would like to set up xearth as
> a screen saver
K -> Preferences -> Look & Feel -> Desktop
Fourth check box down on Desktop tab, "Support Programs in Desktop Window"
must be checked.
- --
vmann
reduce(lambda x,y:x+y,map(lambda
x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b'))) GnuPG/PGP Fingerprint CE80
018B D825 6DF1 4990 C15F E11A B17E 4A0C D133 Sair Linux and GNU Certified
Administrator #563619
Whidbey Linux Users Group - http://www.wlug.net
http://vmann.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8NNER4RqxfkoM0TMRAoYsAJ9THo0fLBz+19bli7xzhkg6NjK8bACeONlX
fR0us7xRkIYZH1tot01+1RM=
=VOZQ
-END PGP SIGNATURE-
Re: Debian and ture64 alpha compatibility
On Thu, Jan 03, 2002 at 03:50:26PM -0500, Torovezky, Gili wrote: | Hi | | Does Debian "stable" for Intel | compatible with Alpha True64 No. Intel makes the x86 architecture processors, which are different from the DEC (now Compaq) Alpha. The alpha port of Debian (stable or otherwise) should work. -D -- He who walks with the wise grows wise, but a companion of fools suffers harm. Proverbs 13:20
Re: Pakage debian
[I don't actually speak Italian, so count yourself lucky if this makes sense] On Thu, Jan 03, 2002 at 20:33:38 +0100, Denis wrote: > 1 Il nome di un programma per gestire la posta elettronica simile > all'Outlook che trovo all'interno della distribuzione Debian. Evolution (http://www.ximian.com/products/ximian_evolution/) is available in the "testing" and "unstable" distributions. > 2 Il nome di un programma simile al Windows Media Player che visualizzi > i > filmati in tutti i formati Video is still problematic. There is no single dominant file format; and most popular file formats are encumbered by patents. Popular video players include xanim, smpeg-gtv, xmps, ucbmpeg-play (all packaged) and mplayer (http://freshmeat.net/projects/mplayer/ ; packages available outside Debian IIRC). > 3 Nn riesco a trovare il koffice all'interno del cd di Debian. Pu essere > che nn c'? Se invece presente qual il nome del pakage? koffice packages for potato can be found near http://kde.tdyc.com/ > 4 Il nome di una interfaccia grafica per masterizzare i cd audio e dati. xcdroast HTH, Ray -- Does Kibo SEE the FNORDS?
Re: how to print to a printer connected to win2000prof
Kent - I may have had a similar problem such as the "cat" errors and stair-stepping. At one time I think I found that it was the last line of the magicfilter driver (the default) that was the problem (when printing plain text). I think I found that I could cat a file directly to smbclient using the command line args from the smbprint script. Try that to see if it works. I also remember running smbclient interactively and getting it to print. These two things led me to the dj550c-filter being the problem. On Thu, 3 Jan 2002, Kent West wrote: > Hans Steinraht wrote: > > > hi all, > > > > The thing I try to figure out is how I can print from my Debian sid to a > > printer that's connected to a windows 2000 proffesional machine. > > > > I have read something about it and saw that there are different ways that > > might > > work. > > Maybe someone has already experience with it and can point me to the right > > direction. > > > > thanks, > > Hans > > > > > > > > I'm not using CUPS (just lprng and samba), and have been trying for a > year and a half (off-and-on of course) to print from a Linux box to a > printer hanging off a Windows box. I'm confident that it can be done, > but the documentation is sadly lacking, or perhaps I'm just too dense to > get it. > > However, for your perusal, here's what I have, and it's fairly close: > > Contents of /etc/printcap: > > lp > :lp=/var/spool/lpd/hplj3-remote/.null > :cm=Helpdesk 3 HP LaserJet 3 > :sd=/var/spool/lpd/hplj3-remote > :sh > :pw#80 > :pl#66 > :px#1440 > :mx#0 > :if=/etc/samba/smbprint > :af=/var/spool/lpd/hplj3-remote/acct > :lf=/var/log/lp-errs > > > Output of "ls -ld /var/spool/lpd/hplj3-remote": > > drwx--2 daemon lp 1024 Jan 3 11:43 hplj3-remote/ > > > Output of ls -la /var/spool/lpd/hplj3-remote": > > drwx--2 daemon lp 1024 Jan 3 11:43 . > drwxrwsr-x5 lp lp 1024 Nov 13 09:06 .. > -rw---1 daemon lp 60 Dec 11 15:58 .config > -rw---1 daemon lp 0 Nov 26 17:01 .null > > > Contents of ".config": > server=helpdesk3 > service=zel319hp > password="myuser%myuser'spassword" > > .null is simply a "holding place" for a lock file for the "lp=" line in > my printcap as per some footnote to a HOWTO I read somewhere along the way. > > > The real magic apparently takes place in the smbprint file. This file is > in the /usr/share/doc/samba-doc/examples/examples/printing/smbprint > directory on my box, but I copied it to /etc/samba, although it might > more properly go into a /bin directory. > > The core magic of this script seems to be this section: > if [ $TRANS -eq 1 ]; then >echo translate > fi > echo "print -" > cat > ) | smbclient "$server\\$service" -U $password -N -P >> $logfile > > I'm able to successfully connect to the share/service, but according to > the log file (which I set earlier in the smbprint file to be > /tmp/smb-print.log) shows this: > > SERVER = helpdesk3 > SERVICE = zel319hp > added interface ip=xxx.yyy.zzz.qqq bcast=xxx.yyy.abc.def nmask=255.255.248.0 > Got a positive name query response from xxx.yyy.zzz.dns ( xxx.yyy.zzz.nn ) > Domain=[ACU] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] > smb: \> smb: \> echo: command not found > smb: \> cat: command not found > smb: \> ): command not found > smb: \> smb: \> echo: command not found > smb: \> smb: \> > > > In addition to this problem, I haven't been able to find any > documentation as to what the option "-P' means, which makes me suspect > that the script was written for an older version of samba that no longer > works with this script, but being a non-coder, I haven't been able to > figure out how to modify the script to work. > > In addition, I once got something out of the printer, but I had to force > a formfeed at the printer's front control panel to get the page to spit > out, and it suffered from the common stair-step problem. When I tried to > incorporate magicfilter to compensate, things just got worse, as the > documentation I found for that method seems to conflict with the docs > for this method, and in trying to figure out how things worked just > found that an if filter is apparently not treated as a script, even > though it looks (to me) like a script (try creating a "Hello world!" > script and then referencing it in the if= line in printcap -- you'd > expect to see "Hello world!" when you "print" something, but it never > worked for me, so I just got frustrated and gave up, until you asked > this question and now I'm playing again -- maybe in another half year > I'll have it figured out and can help you then). > > I could give up on lprng/magicfilter/samba and just use CUPS, but I'm > strapped for memory, and have just barely enough for X and Galeon > without any extraneous stuff -- if I ever get it working i
Re: NIST time
Craig Dickson wrote: > Sam Varghese wrote: > > > i used ntpdate initially but have now swicthed to chrony. the same > > guy who wrote pppconfig has written this utility and like pppconfig > > it is simple and works well. > > Is ntpdate not simple, or does it not work well? What caused you to want > to switch? I use ntpdate and it seems to do the job nicely, but if there > is a real advantage to chrony, I might give it a try. > > Craig > My experience with this issue may be interesting to others... 1. ntp-simple does not exist in Packages.gz as downloaded today from ftp.us.debian.org 2. It was not clear from the messages in dselect that ntp.deb and ntpdate.deb are cryptically incompatible. Both need to listen on a particular socket that is dedicated to the NTP protocol. During rc2, ntpdate is run first and ntp is then started. This is fine, because ntpdate really doesn't start a deamon. It just runs ntpdate once to update the system clock, and then ntp deamon gets started. But if you try to run ntp from the command line, it gives an error message. So be sure NOT to install ntp.deb, if you want to be able the check your ntpdate installation from the command line. 3. My reading of stuff on the NIST time web site leads me to believe that NTP (the protocol) is poorly designed and obsolescent. But don't ask me to defend that. Read what they say, and draw your own conclusions. 4. Documentation for ntp indicates that the software has been updated with a view to working on future very fast LANs, very fast Internet. I, personnally, think this is a foolish waste of effort. The time information that is available from GPS will always be somewhat better, and never worse, than what is available via land lines and packet forwarding. IMO, the best next step in development of time on the internet would be to introduce a protocol that did not require a special socket assignment on the client. I think NIST has already made some progress on this (see point 3, above)
Re: How can I get the Euro symbol?
On Thu, Jan 03, 2002 at 09:06:08PM +0100, Roberto Diaz wrote: | > > It is 'language-env'. According to 'apt-cache policy' I don't think | > > it is in potato. (potato is _really_ _really_ old) | > Many thanks, dman. What you have written makes sense to me - I shall read | > it over the next day or so and attempt to put it into practice. Shame | > about GTK, since this is what most of the apps I run use :-( | | So for sort... should we (euro-zone potaotes) upgrade to testing so we can | have our loved euro-symbol working smoothly? In GTK+ apps? Not yet. Supposedly GTK+ 1.3 (the current devel version) supports multibyte fonts. I certainly hope they release a new stable release soon! Perhaps, though, X4 will be better than X3? -D -- Come to me, all you who are weary and burdened, and I will give you rest. Take my yoke upon you and learn from me, for I am gentle and humble in heart, and you will find rest for your souls. For my yoke is easy and my burden is light. Matthew 11:28-30
APT failing installing kdebase-crypto on Woody
Hi, I'm trying to install and enable SSL on my Woody (2.4.17) without luck. I've tried a few times now, and everytime the following error occurs... I installed OpenSSL wich went fine, thinking that would help, but didn't. Please tell me what can be done? How do I fix it or where can I find info about it? "[EMAIL PROTECTED]:~# apt-get install kdebase-crypto Reading Package Lists... Done Building Dependency Tree... Done The following extra packages will be installed: kdelibs3-crypto The following NEW packages will be installed: kdebase-crypto kdelibs3-crypto 0 packages upgraded, 2 newly installed, 0 to remove and 3 not upgraded. Need to get 0B/254kB of archives. After unpacking 860kB will be used. Do you want to continue? [Y/n] (Reading database ... 36884 files and directories currently installed.) Unpacking kdelibs3-crypto (from .../kdelibs3-crypto_4%3a2.2.1-11_i386.deb) ... Adding `diversion of /usr/lib/kde2/kio_https.la to /usr/lib/kde2/kio_https-nossl.la by kdelibs3-crypto' Adding `diversion of /usr/lib/kde2/kio_https.so to /usr/lib/kde2/kio_https-nossl.so by kdelibs3-crypto' Adding `diversion of /usr/lib/libkssl.so.2.0.2 to /usr/lib/libkssl-nossl.so.2.0.2 by kdelibs3-crypto' Adding `diversion of /usr/lib/libkssl.la to /usr/lib/libkssl-nossl.la by kdelibs3-crypto' dpkg: error processing /var/cache/apt/archives/kdelibs3-crypto_4%3a2.2.1-11_i386.deb (--unpack): trying to overwrite `/usr/share/apps/kssl/caroot/ca-bundle.crt', which is also in package kdelibs3 dpkg-deb: subprocess paste killed by signal (Broken pipe) Removing `diversion of /usr/lib/kde2/kio_https.la to /usr/lib/kde2/kio_https-nossl.la by kdelibs3-crypto' Removing `diversion of /usr/lib/kde2/kio_https.so to /usr/lib/kde2/kio_https-nossl.so by kdelibs3-crypto' Removing `diversion of /usr/lib/libkssl.so.2.0.2 to /usr/lib/libkssl-nossl.so.2.0.2 by kdelibs3-crypto' Removing `diversion of /usr/lib/libkssl.la to /usr/lib/libkssl-nossl.la by kdelibs3-crypto' Selecting previously deselected package kdebase-crypto. Unpacking kdebase-crypto (from .../kdebase-crypto_4%3a2.2.1-7_i386.deb) ... Errors were encountered while processing: /var/cache/apt/archives/kdelibs3-crypto_4%3a2.2.1-11_i386.deb E: Sub-process /usr/bin/dpkg returned an error code (1) [EMAIL PROTECTED]:~# Thanks, Pontus
Re: Is http://www.linuxdoc.org up?
It does load now. But I had some problem recently :) On Thu, Jan 03, 2002 at 12:46:23AM -0800, Karsten M. Self wrote: > on Tue, Jan 01, 2002 at 09:10:25PM -0500, Seneca Cunningham ([EMAIL > PROTECTED]) wrote: > > Is http://www.linuxdoc.org up? I've tried to get through, but each > > time I've tried in the past little while my connection timed out. > > Pings and loads from here. > > -- > Karsten M. Self http://kmself.home.netcom.com/ > What part of "Gestalt" don't you understand? Home of the brave > http://gestalt-system.sourceforge.net/Land of the free > We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org > Geek for Hire http://kmself.home.netcom.com/resume.html -- ~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ + Osamu Aoki <[EMAIL PROTECTED]>, GnuPG-key: 1024D/D5DE453D + + My debian quick-reference, http://qref.sourceforge.net/quick/ +
Re: Signatures
I had same question here and someone pointed out keyserver.net had been moved to proprietary service. wwwkey.pgp.net service is still OK. (I am based on my memory) MIT site loses packet from me. PING is erratic. May be you have same problem. Good luck. On Thu, Jan 03, 2002 at 02:17:12AM -0400, William Burrow wrote: > On Wed, Jan 02, 2002 at 08:58:32PM -0800, Karsten M. Self wrote: > > > Peace. > > OK, so here is one of the few places that I get signed email fairly > often, so it is the first time it is getting a real workout. For some > reason, gnupg is unable to verify the signatures however (for example, > Karsten's). I am beginning to wonder what it is I am doing wrong? > > Here is the result from mutt running gnupg on Karsten's sig: > > gpg: Signature made Thu Jan 3 00:58:31 2002 AST using DSA key ID 55F2B9B0 > gpg: requesting key 55F2B9B0 from search.keyserver.net ... > gpg: [fd 9]: read error: Connection reset by peer > gpg: no valid OpenPGP data found. > > I have setup search.keyserver.net as the default keyserver to fetch > keys, but it seems to not give a response. When I go to > www.keyserver.net and manually enter the key ID, after a long pause I > get a blank screen. So, what is being done wrong here? > > > -- > William Burrow -- New Brunswick, Canada > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- ~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ + Osamu Aoki <[EMAIL PROTECTED]>, GnuPG-key: 1024D/D5DE453D + + My debian quick-reference, http://qref.sourceforge.net/quick/ +
Re: NIST time
Sam Varghese writes: > i used ntpdate initially but have now swicthed to chrony. the same guy > who wrote pppconfig has written this utility and like pppconfig it is > simple and works well. Thank you, but I did not write chrony. Richard Curnow is the author. I am merely the maintainer of the Debian chrony package. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI
Re: how to get rid of sendmail X-Authentication-Warning?
> the fastest way would be to edit sendmail.cf and > change > O PrivacyOptions=authwarnings > to > O PrivacyOptions= > or maybe > #O PrivacyOptions=authwarnings > > my sendmail configs use these privacy options: > O PrivacyOptions=novrfy,noexpn And mine - as I already wrote :-) # privacy flags O PrivacyOptions=needmailhelo,novrfy,noexpn,noreceipts,noverb But it still generates these lines. Andy. -- Dr. Andy Spiegl, Radio Marañón, Jaén, Perú E-Mail: [EMAIL PROTECTED], [EMAIL PROTECTED] URL: http://spiegl.de, http://radiomaranon.org.pe PGP/GPG: see headers o _ _ _ --- __o __o /\_ _ \\o (_)\__/o (_) -o) - _`\<,__`\<,__>(_) (_)/<_\_| \ _|/' \/ /\\ (_)/ (_) (_)/ (_) (_)(_) (_)(_)' _\o__\_v Q: How many McKinsey consultants does it take to change a light bulb? A: How many can you afford?
Re: smbclient -P
Well, $smbclient --help gives the following answer: "-Pconnect to service as a printer" Alex. --- Oleksandr Moskalenko [EMAIL PROTECTED] --- pub 1024D/6C5F196B 2001-08-17 /* http://www.tagancha.org/pgp */ Oleksandr V. Moskalenko (Alex) <[EMAIL PROTECTED]> Fingerprint = EE63 C471 ADBA 5D80 ADFB 1054 DA28 6F32 6C5F 196B
RE: What is option "-P" to smbclient?
Per "smbclient --help", -P connect to service as a printer. Regards, Greg -Original Message- From: Kent West [mailto:[EMAIL PROTECTED] Sent: Thursday, January 03, 2002 3:30 PM To: debian-user Subject: What is option "-P" to smbclient? In trying to print to a printer hanging off a Windows box, I find that the smbprint script has this line: echo "print -" cat ) | smbclient "$server\\$service" -U $password -N -P >> $logfile I have been unable to find any documentation that explains what the option "-P" is for (am I just blind?). Anyone know? Thanks! Kent -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: how to print to a printer connected to win2000prof
* Kent West ([EMAIL PROTECTED]) wrote: > Hans Steinraht wrote: > > >hi all, > > > >The thing I try to figure out is how I can print from my Debian sid to a > >printer that's connected to a windows 2000 proffesional machine. > > > > I'm not using CUPS (just lprng and samba), and have been trying for a > year and a half (off-and-on of course) to print from a Linux box to a > printer hanging off a Windows box. I'm confident that it can be done, > but the documentation is sadly lacking, or perhaps I'm just too dense to > get it. > Unfortunately, I am in a similar situation. I have to use CUPS, but it takes too much resources from my old laptop. It's a shame that it is so difficult. Alex. --- Oleksandr Moskalenko [EMAIL PROTECTED] --- pub 1024D/6C5F196B 2001-08-17 /* http://www.tagancha.org/pgp */ Oleksandr V. Moskalenko (Alex) <[EMAIL PROTECTED]> Fingerprint = EE63 C471 ADBA 5D80 ADFB 1054 DA28 6F32 6C5F 196B
Re: how to print to a printer connected to win2000prof
Hi Kent. On Thu, Jan 03, 2002 at 02:28:07PM -0600, Kent West wrote: | I'm not using CUPS (just lprng and samba), and have been trying for a | year and a half (off-and-on of course) to print from a Linux box to a | printer hanging off a Windows box. I suggest you try CUPS then. It is as simple as making a symlink (could be done automatically, maybe it is now) and telling CUPS that the printer is smb:///. | The real magic apparently takes place in the smbprint file. Perhaps, but my CUPS system is using '/usr/bin/smbspool' for handling the data transfer. | This file is | in the /usr/share/doc/samba-doc/examples/examples/printing/smbprint | directory on my box, but I copied it to /etc/samba, although it might | more properly go into a /bin directory. | | The core magic of this script seems to be this section: | if [ $TRANS -eq 1 ]; then | echo translate | fi | echo "print -" | cat | ) | smbclient "$server\\$service" -U $password -N -P >> $logfile | | I'm able to successfully connect to the share/service, but according to | the log file (which I set earlier in the smbprint file to be | /tmp/smb-print.log) shows this: | | SERVER = helpdesk3 | SERVICE = zel319hp | added interface ip=xxx.yyy.zzz.qqq bcast=xxx.yyy.abc.def nmask=255.255.248.0 | Got a positive name query response from xxx.yyy.zzz.dns ( xxx.yyy.zzz.nn ) | Domain=[ACU] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] | smb: \> smb: \> echo: command not found | smb: \> cat: command not found | smb: \> ): command not found | smb: \> smb: \> echo: command not found | smb: \> smb: \> This appears to be a messed up shell script. I'm looking at my copy of smbprint and I don't see any (syntactical) problems though. | I could give up on lprng/magicfilter/samba and just use CUPS, but I'm | strapped for memory, and have just barely enough for X and Galeon | without any extraneous stuff -- if I ever get it working it'll go into | production along with 3 clones as a web-browsing-only kiosk. On my system right now cupsd has an RSS of 1768. gvim is using more than that! (for the large files I have open) (BTW, you still need samba to use CUPS over samba, it just plugs together really easily and works too!) -D -- If we claim to be without sin, we deceive ourselves and the truth is not in us. I John 1:8
Re: What is option "-P" to smbclient?
On Thu, 3 Jan 2002, Kent West wrote:
> In trying to print to a printer hanging off a Windows box, I find that
> the smbprint script has this line:
>
> echo "print -"
> cat
> ) | smbclient "$server\\$service" -U $password -N -P >> $logfile
>
> I have been unable to find any documentation that explains what the
> option "-P" is for (am I just blind?). Anyone know?
timshel:~$ /usr/bin/smbclient
Usage: /usr/bin/smbclient service [options]
Version 2.2.2debian-2
-s smb.conf pathname to smb.conf file
-O socket_options socket options to use
-R name resolve order use these name resolution services only
-M host send a winpopup message to the host
-i scope use this NetBIOS scope
-Ndon't ask for a password
-n netbios name. Use this name as my netbios name
-d debuglevel set the debuglevel
-Pconnect to service as a printer
-p port connect to the specified port
-l log basename. Basename for log/debug files
-hPrint this help message.
-I dest IPuse this IP to connect to
-Ewrite messages to stderr instead of stdout
-U username set the network username
-L host get a list of shares available on a host
-t terminal code terminal i/o code
{sjis|euc|jis7|jis8|junet|hex}
-m max protocol set the max protocol level
-A filename get the credentials from a file
-W workgroup set the workgroup name
-TIXFqgbNan command line tar
-D directory start from directory
-c command string execute semicolon separated commands
-b xmit/send buffer changes the transmit/send buffer (default:
65520)
...RickM...
Re: What is option "-P" to smbclient?
"Kent West" <[EMAIL PROTECTED]> writes: > In trying to print to a printer hanging off a Windows box, I find that > the smbprint script has this line: > > > echo "print -" > cat > ) | smbclient "$server\\$service" -U $password -N -P >> $logfile > > I have been unable to find any documentation that explains what the > option "-P" is for (am I just blind?). Anyone know? % smbclient --help [snip] -P connect to service as a printer [snip] Gary
Re: Can't access aliased ip address
On 2002.01.02 22:19 Jor-el wrote: > The hostnames in your prev. post were truncated and it was hard to guess > how the routing was setup. > Here is an easier to read routing table: Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 216.86.213.93 0.0.0.0 255.255.255.255 UH0 00 eth0 216.86.213.94 0.0.0.0 255.255.255.255 UH0 00 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth1 216.86.213.00.0.0.0 255.255.255.0 U 0 00 eth0 0.0.0.0 216.86.213.10.0.0.0 UG1 00 eth0 > Also try the following : from B / C, do > 1. traceroute A > 2. traceroute A -s C > traceroute A works as expected. However traceroute A -s C results in: 1 traceroute: wrote 24.52.153.102 38 chars, ret=-1 *traceroute: wrote 24.52.153.102 38 chars, ret=-1 *traceroute: wrote 24.52.153.102 38 chars, ret=-1 Note: each of the above lines were preceded by: traceroute: sendto: Operation not permitted which for somereason wasn't included in the output oftraceroute A -s C > traceroute I've noticed this on a few other procedures I've tried to do, but it isn't really that big of a deal to add the other information. But I know there is a way to capture the screen, I just don't know how to do it. > On A, monitor the traffic using a filter for src = A or dst = A > and post the results. I don't think that I can do this. A is a D-Link Wireless cable modem/dsl router. I tried it anyway and didn't pick up anything from things that I know work. > > > Jan 2 15:23:46 hostname kernel: Packet log: input DENY eth0 PROTO=1 > > MACHINEA:8 IPADDRC:0 L=92 S=0x00 I=0 F=0x4000 T=43 (#9) > > > I dont know what this log entry means. Its possible that you have > a firewall problem but your symptoms are more indicative of a routing > problem. Perhaps the output of 'ipchains -L -v -n' would help (Note: I > run > iptables and I'm guessing that its options are similar to ipchains. The > -n > will produce numeric, rather than symbolic output). > That worked just fine, here is the output: Chain input (policy ACCEPT: 0 packets, 0 bytes): pkts bytes target prot opttosa tosx ifname mark outsize sourcedestination ports 39536 3757K ACCEPT all -- 0xFF 0x00 lo 0.0.0.0/00.0.0.0/0 n/a 0 0 DENY all l- 0xFF 0x00 !lo 127.0.0.0/8 0.0.0.0/0 n/a 89474 7888K ACCEPT all -- 0xFF 0x00 eth0 216.86.213.0/24 0.0.0.0/0 n/a 204K 21M ACCEPT all -- 0xFF 0x00 eth1 192.168.0.0/24 0.0.0.0/0 n/a 0 0 DENY all l- 0xFF 0x00 eth0 216.86.213.0/24 0.0.0.0/0 n/a 0 0 DENY all l- 0xFF 0x00 eth0 192.168.0.0/24 0.0.0.0/0 n/a 234K 189M ACCEPT all -- 0xFF 0x00 eth0 0.0.0.0/0216.86.213.93 n/a 0 0 ACCEPT all -- 0xFF 0x00 eth0 0.0.0.0/0216.86.213.255n/a 17858 1487K DENY all l- 0xFF 0x00 * 0.0.0.0/00.0.0.0/0 n/a Chain forward (policy DENY: 0 packets, 0 bytes): pkts bytes target prot opttosa tosx ifname mark outsize sourcedestination ports 0 0 MASQ all -- 0xFF 0x00 eth0 192.168.0.2 0.0.0.0/0 n/a 0 0 MASQ all -- 0xFF 0x00 eth0 192.168.0.21 0.0.0.0/0 n/a 4464 690K MASQ all -- 0xFF 0x00 eth0 192.168.0.22 0.0.0.0/0 n/a 443 66229 MASQ all -- 0xFF 0x00 eth0 192.168.0.23 0.0.0.0/0 n/a 257 38564 MASQ all -- 0xFF 0x00 eth0 192.168.0.24 0.0.0.0/0 n/a 58 4837 MASQ all -- 0xFF 0x00 eth0 192.168.0.25 0.0.0.0/0 n/a 0 0 MASQ all -- 0xFF 0x00 eth0 192.168.0.26 0.0.0.0/0 n/a 2606 571K MASQ all -- 0xFF 0x00 eth0 192.168.0.27 0.0.0.0/0 n/a 2641 367K MASQ all -- 0xFF 0x00 eth0 192.168.0.28 0.0.0.0/0 n/a 0 0 MASQ all -- 0xFF 0x00 eth0 192.168.0.2540.0.0.0/0 n/a Chain output (policy ACCEPT: 0 packets, 0 bytes): pkts bytes target prot opttosa tosx ifna
Re: ISDN on Potato
Am Don, 2002-01-03 um 01.02 schrieb Penguin: > Does it work? I would like to hook up a PCI ISDN-S card for a 128k dialup > ISDN connection. I will be using Potato 2.2r4. > > Cheers > James Hi! With a Fritz! PCI card I've not had any problems. You need to have task-isdn-dialup,isdnutils and preferably ipppd. Take a look at the "Debian GNU/Linux Guide," for some details. There's also a faq for i4l( it explains canal bundeling.http://www.isdn4linux.de). HTH. Eamon Roque.
Debian and ture64 alpha compatibility
Hi Does Debian "stable" for Intel compatible with Alpha True64 Regards Gili
Re: What is option "-P" to smbclient?
In older (pre-2.0) samba versions, -P flagged the connection as a printer (as opposed to disk) share. According to man smbclient, -P This option is no longer used. The code in Samba2.0 now lets the server decide the device type, so no printer specific flag is needed. so you can probably safely remove it (assuming you're using 2.0 or later). ap -- Andrew J Perrin - [EMAIL PROTECTED] - http://www.unc.edu/~aperrin Assistant Professor of Sociology, U of North Carolina, Chapel Hill 269 Hamilton Hall, CB#3210, Chapel Hill, NC 27599-3210 USA On Thu, 3 Jan 2002, Kent West wrote: > In trying to print to a printer hanging off a Windows box, I find that > the smbprint script has this line: > > echo "print -" > cat > ) | smbclient "$server\\$service" -U $password -N -P >> $logfile > > I have been unable to find any documentation that explains what the > option "-P" is for (am I just blind?). Anyone know? > > Thanks! > > Kent > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
Re: Xfree 4.1 Sig 11 (woody)
On Thu, Jan 03, 2002 at 06:24:56PM -0200, Christoph Simon wrote: | On Thu, 3 Jan 2002 12:04:53 -0800 (PST) | "nate" <[EMAIL PROTECTED]> wrote: | | > this is odd. its NEVER happened before. i was doing | > normal stuff in X and all of a sudden X crashed. ... | | > Fatal server error: | > Caught signal 11. Server aborting | | Just guessing: Maybe a hardware error? Maybe something related to java | threads? I've crashed my X server fairly consistently when exiting a Java3D app. I'm using the fbdev driver. I haven't seen any error messages though, just the gdm screen again. -D -- Microsoft: "Windows NT 4.0 now has the same user-interface as Windows 95" Windows 95: "Press CTRL-ALT-DEL to reboot" Windows NT 4.0: "Press CTRL-ALT-DEL to login"
Re: NIST time
Sam Varghese wrote: > i used ntpdate initially but have now swicthed to chrony. the same > guy who wrote pppconfig has written this utility and like pppconfig > it is simple and works well. Is ntpdate not simple, or does it not work well? What caused you to want to switch? I use ntpdate and it seems to do the job nicely, but if there is a real advantage to chrony, I might give it a try. Craig
