Re: error
On Fri, 5 Dec 2003 23:16:07 -0600 "Norman Lane" <[EMAIL PROTECTED]> wrote: > I attempted to file a complaint on line. Each time I was informed that the phone > number (my phone number) was incorrect; yet, my phone number, 972 727 7260 is > registered on the Do Not Call list. I could not file my complaint except by calling > 1 888 382 l222. > Norman Lane > Stand by. I'm about to put a call through. (What is happening to this list?) Regards, David. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, 5 Dec 2003 21:00:02 -0800 Paul Johnson <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Fri, Dec 05, 2003 at 08:19:25PM -0800, Tom wrote: > > The unfortunate thing about people like you is you go from this bizarre > > self-loathing to crass commercialism (usually around 27). > > You know, murphy really ought to be making sure the addresses used to > post to this list are valid. Yes. And the ones behind those addresses also. Regards, David. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Linux Kernel Security - Can it ever be 100%
On Fri, 5 Dec 2003 20:58:40 -0800 Tom <[EMAIL PROTECTED]> wrote: > On Fri, Dec 05, 2003 at 11:43:23PM -0500, Joey Hess wrote: > [great stuff which is absolutely correct] > > However, I "Tom Ballard" have figured it all out. > The problem with all of computer science is the left hand doesn't know > > what the right hand is doing. All of these problems are finite and > can be handled in an "a priori" way. The problem is computer science > grew up not knowing that so we pretend we don't immediately know > everything and compute in an "a posteori way". > > What I'm talking about is tearing down the concept of a general > purpose computer. The only reason I can't run all my programs in a > single memory space and know just exactly what the heck is going to > happen is it makes poor economic sense to work that way. > > Consider a SQL Server for example. For any given schema which will > a maximum of contain {N1...Nm} records, I can compute "a priori" the > exact disk location of any record. If memory wasn't so fucking slow > and there were plenty of it, we could assemble any image of this very > quickly. All I need is a simple "I/O monster" that does this one > fixed task in an "a priori way". > > So the problem is general purpose computers. We need to be able to > produce fixed-function devices in a one-off fashion. > > [This rant is probably full of shit] :-) Yes. For a start, please allow me to refer you to Emmanuel Kant with reference to 'a priori.' Regards, David. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, Dec 05, 2003 at 04:49:33PM -0700, Thanasis Kinias wrote: > scripsit Tom: > > (dating from the 17th century; their descendents are today's Lib-Dems) > or with a rather na?ve progressive view of history as the story of > continual progress. The latter is the way the term tends to be used > generically by historians. Either way, the term evokes a rather > old-fashioned classical liberalism. before you write the thesis, the english and american whigs deserve a little more attention on your part. they were/are not at all the same. ben -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
[CKCNEWS] - Your December Newsletter is Ready
Hello , Your copy of the CKC Newsletter has just been uploaded to our website and is ready for your review. This issue contains the following: 1. CKC Performance Events 2. Featured Article I - Vet Tech: What is Lyme Disease? 3. CKC's Breed Of The Month - The Havanese 4. Featured Article II - Pet FOOD Questions 101 5. Snapshot of the Month - The DOG Who Stole Christmas 6. On the Work Front - A New Addition. You copy is available here: http://www.ckcusa.com/cgi-bin/arp3/arp3-t.pl?l=1 Thank you for being a customer, Continental Kennel Club, Inc. If you wish to cancel your subscription, simply click once on the link below. http://www.ckcusa.com/cgi-bin/arp3/arp3-un.pl?c=30395&p=5661 Powered by AutoResponse Plus http://www.autoresponseplus.com/link.php?a=secure -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, Dec 05, 2003 at 10:42:33AM -0600, Hoyt Bailey wrote: > > I believe Mr sanders is a member of the socialist party. > > check out bernie.house.gov while he lends himself to socialist issues, bernie is an independent. ben -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: xscreensaver error: usage: xscreensaver-getimage [ -display host:dpy.screen ] [ -v ] window-id
On Fri, Dec 05, 2003 at 09:21:40PM -0800, Karsten M. Self wrote: > The problem is the system call within the hacks themselves. If you > noted, I was running antspotlight from the command line. My bad, I should read more carefully. You did indeed point out that is was internal to the hacks. In mitigation I offer that there are at least two hacks that *do* in fact have bad command-line arguments (xmountains is one) and I should take my own advice and file a bug about it. > Among the broken hacks: antspotlight, gflux (-mode grab), flipscreen3d, > and glslideshow. Ok. Tested all of those here. They all work, and can grab the desktop, except for glslideshow. It works if I let it use the desktop image, but has this in .xsession-errors if I point it at a directory of images: X error in xscreensaver-getimage: X Error of failed request: BadMatch (invalid parameter attributes) Major opcode of failed request: 72 (X_PutImage) Serial number of failed request: 35 Current serial number in output stream: 37 xscreensaver-getimage: target pixmap 0x426 unexpectedly deleted xscreensaver-getimage: target pixmap 0x426 unexpectedly deleted The other hacks you list all work properly here. -- Marc Wilson | You can always pick up your needle and move to [EMAIL PROTECTED] | another groove. -- Tim Leary signature.asc Description: Digital signature
Re: Linux Kernel Security - Can it ever be 100%
On Fri, Dec 05, 2003 at 08:58:40PM -0800, Tom wrote: > On Fri, Dec 05, 2003 at 11:43:23PM -0500, Joey Hess wrote: > [great stuff which is absolutely correct] > > However, I "Tom Ballard" have figured it all out. > The problem with all of computer science is the left hand doesn't know > what the right hand is doing. All of these problems are finite and can > be handled in an "a priori" way. The problem is computer science grew > up not knowing that so we pretend we don't immediately know everything > and compute in an "a posteori way". > > What I'm talking about is tearing down the concept of a general purpose > computer. The only reason I can't run all my programs in a single > memory space and know just exactly what the heck is going to happen is > it makes poor economic sense to work that way. > > Consider a SQL Server for example. For any given schema which will > a maximum of contain {N1...Nm} records, I can compute "a priori" the > exact disk location of any record. If memory wasn't so fucking slow > and there were plenty of it, we could assemble any image of this very > quickly. All I need is a simple "I/O monster" that does this one fixed > task in an "a priori way". > > So the problem is general purpose computers. We need to be able to > produce fixed-function devices in a one-off fashion. > > [This rant is probably full of shit] :-) > Yes. ;-) -- Paul E Condon [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Opposed: (was Re: RFC: Create d-user-woody, d-user-sarge maillists, deactivate d-user)
on Mon, Dec 01, 2003 at 02:28:52AM -0800, Hereon ([EMAIL PROTECTED]) wrote: > Request For Comment on: > Enhancing the Debian mailing lists by: > Creating debian-user-woody and debian-user-sarge mailing lists, > and deactivating debian-user. > > Summary: > > 1) The Debian user community is substantially suboptimally served >with the existence of the current debian-user list. Bollox. Your demonstration and proof are ... nil. > 3) The Debian community would be much better served >a) by the creation now of two new mailing lists, called: > 1) debian-user-woody, or possibly debian-user-stable, > or possibly debian-user-3 There is an existing "debian-testing" list. It sees, substantially, no traffic. http://lists.debian.org/stats/debian-testing.png http://lists.debian.org/stats/debian-user.png Similar problems exist for trying to create 'noob' lists. It's the blind-leading-the-blind problem, with experts not choosing to participate. There is a similar problem in IRC with #debian and #knoppix lists (nobody wants to support #knoppix...). There's also the small issue of your nomencalture, which would require creating (and retiring) lists on each Debian release. Generally, geographic localization seems to be a better basis for partitioning lists -- you tend to get folks you've met face to face, and are in (respectively) beer-buying, or bat-wielding, range. > 4) This message is requesting: >1) Comment regarding specific suggestions of how the situation > could be inproved through the creation of 1 or more additional > lists to augment or replace debian-user, Given current evidence, none. >2) "Seconds" (to the motion) for the request of these changes. Move to table. I see this proposal as groundless, misguided, redundant, and harmful. I oppose it. Peace. -- Karsten M. Self <[EMAIL PROTECTED]>http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? Transported to a surreal landscape, a young girl kills the first woman she meets and then teams up with three complete strangers to kill again - Marin IJ's synopsis of "The Wizard of Oz" pgp0.pgp Description: PGP signature
error
I attempted to file a complaint on line. Each time I was informed that the phone number (my phone number) was incorrect; yet, my phone number, 972 727 7260 is registered on the Do Not Call list. I could not file my complaint except by calling 1 888 382 l222. Norman Lane
Re: Kernel upgrade time
On Thu, 2003-12-04 at 15:15, David Palmer. wrote: > On Thu, 4 Dec 2003 05:10:31 -0800 > Tom <[EMAIL PROTECTED]> wrote: > > > On Thu, Dec 04, 2003 at 06:41:30AM -0600, Hoyt Bailey wrote: > > > > > > > On Wed, Dec 03, 2003 at 03:15:06PM -0800, Tom wrote: > > > > > > Fact: Closer to 5 pints than 5 gallons. > > > > > > > > gallons of blood. A swimming pool holds about 25,000 gallons of > > > > > fluid. > > > > > > > > Sorry, I forgot how my story goes: the human body holds about 1 > > > > gallon of blood. It's been 13 years since I told this story much. > > > > Yeah, I butchered that part of the story. I wonder if I can still > > find my copy of "Brought to Light". That and the "Butter Battle Book" > > helped me form my worldview -- I'm fully aware (in quantitative terms) > > of all the murders and evil our side has done, and yet I know at a > > deeper level the guys who did it are on my side and aren't scary. > > > > I guess if you're not on my side they're scary. > > > I simply don't understand this concept of 'sides.' > I thought, all being the same species, that we were all on the same > side. > This 'us and them' concept is just a political tool. > Regards, > > David. Well, there is *SCO* ;) -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
installed new kernel, but lost internal network
Hi, I am doing masquarading using my Debian machine running Sarge. Earlier I was running the default kernel that comes with Woody (2.4.18-bf14 or something). Today I upgraded to the new kernel: /var/log# apt-get -u install kernel-image-2.4.22-1-686 kernel-doc-2.4.22 kernel-headers-2.4.22-1 kernel-pcmcia-modules-2.4.22-1-686 pcmcia-cs hotplug usbutils fxload hotplug-utils And after this, I lost one of the NICs. I have two NICs, one is 192.168.0.1 connected to the ADSL moden, and the other is 192.168.0.2 connected to the internal LAN. So when I booted into the new kernel, the second NIC RLT8139 was not detected. But when I did pppoeconf, it listed only 1 NIC and asked if I had more which were not detected. I said Yes, and it hen allowed me to install the module for the RLT NIC. And after that it reported 2 NICs fine. So after configuring ppp0, I could browse the net, but my internal LAN machine can't. I can't even ping that machine. I am running the same iptables rules as before. Here is what I get: /var/log# ping 192.168.0.10 PING 192.168.0.10 (192.168.0.10): 56 data bytes ping: sendto: Operation not permitted ping: wrote 192.168.0.10 64 chars, ret=-1 ping: sendto: Operation not permitted ping: wrote 192.168.0.10 64 chars, ret=-1 --- 192.168.0.10 ping statistics --- 2 packets transmitted, 0 packets received, 100% packet loss I get this evenif I do "/etc/initd/iptables clear". Here is my interfaces file: /etc/network# more interfaces # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) # The loopback interface auto lo iface lo inet loopback # The first network card - this entry was created during the Debian installatio n # (network, broadcast and gateway are optional) auto eth0 iface eth0 inet static address 192.168.0.1 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 #gateway 192.168.0.0 auto eth1 iface eth1 inet static address 192.168.0.2 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 #gateway 192.168.0.2 Any idea what could have gone wrong during installation of thsi new kernel? More information is below. Thanks, ->HS /var/log# route -n Kernel IP routing table Destination GatewayGenmask Flags Metric RefUse Iface 65.94.50.1 0.0.0.0255.255.255.255 UH0 00 ppp0 192.168.0.0 0.0.0.0255.255.255.0 U 0 00 eth0 192.168.0.0 0.0.0.0255.255.255.0 U 0 00 eth1 0.0.0.0 65.94.50.1 0.0.0.0 UG0 00 ppp0 /var/log# ifconfig eth0 Link encap:Ethernet HWaddr 00:04:75:8A:D6:DF inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5932 errors:0 dropped:0 overruns:0 frame:0 TX packets:2601 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1995603 (1.9 MiB) TX bytes:324216 (316.6 KiB) Interrupt:9 Base address:0xd800 eth1 Link encap:Ethernet HWaddr 00:50:BA:50:03:87 inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:272 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:19882 (19.4 KiB) TX bytes:0 (0.0 b) Interrupt:9 Base address:0xd000 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:117 errors:0 dropped:0 overruns:0 frame:0 TX packets:117 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:9793 (9.5 KiB) TX bytes:9793 (9.5 KiB) ppp0 Link encap:Point-to-Point Protocol inet addr:65.94.50.150 P-t-P:65.94.50.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:668 errors:0 dropped:0 overruns:0 frame:0 TX packets:501 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:391058 (381.8 KiB) TX bytes:57560 (56.2 KiB) /var/log# lspci 00:00.0 Host bridge: Intel Corp. 82845 845 (Brookdale) Chipset Host Bridge (rev 03) 00:01.0 PCI bridge: Intel Corp. 82845 845 (Brookdale) Chipset AGP Bridge (rev 03) 00:1e.0 PCI bridge: Intel Corp. 82801BA/CA/DB/EB PCI Bridge (rev 12) 00:1f.0 ISA bridge: Intel Corp. 82801BA ISA Bridge (LPC) (rev 12) 00:1f.1 IDE interface: Intel Corp. 82801BA IDE U100 (rev 12) 00:1f.2 USB Controller: Intel Corp. 82801BA/BAM USB (Hub #1) (rev 12) 00:1f.4 USB Controller: Intel Corp. 82801BA/BAM USB (Hub #2) (rev 12) 01:00.0 VGA compatible controller: nVidia Corporation NV11 [GeForce2 MX/MX 400] (rev b2) 02:0a.0 Ethernet controller: 3Com Corporation 3c905C-TX/TX-M [Tornado] (r
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
on Fri, Dec 05, 2003 at 11:45:25PM +0100, Mariano Kamp ([EMAIL PROTECTED]) wrote: > On Friday 05 December 2003 23:22, Paul E Condon wrote: > > On Fri, Dec 05, 2003 at 11:07:24PM +0100, Mariano Kamp wrote: > > > Hi, > > > > > > I bought one of the "cheap" PCs from a german discounter. I am > > > wondering if anybody has been able to install Debian on it? Any pointers > > > would be nice. > > > > > > www.linux-hardware.de wasn't helpful. > > > > > > Allmost all the components are unknown when looking at the /proc/pci > > > output. This is interesting, because I believe they used "brand" > > > components. My guess is that they are a little bit modified to make sure > > > that prices are not easily comparable. Is this likely to be true? > > > > > > Cheers, > > > Mariano > > > > If this is the PC for which you say in, an earlier email, that you > > can install Knoppix on it, then you can also install Debian, but not > > as easily. Knoppix is based on Debian. One way to get Debian is to > > install Knoppix and then convert it to Debian by downloading > > packages over the internet. > > Paul, > > thanks for taking the time. > > Yet, it is the same pc. What I don't want is a Knoppix System. First: Knoppix is (largely) the same as Debian. The packaging system is identical, the default packages differ somewhat. More significantly: get a Knoppix disk. Use it to identify the HW on the system. The 'lshw' command is useful, as is my own system-info script: http://twiki.iwethey.org/Main/LinuxSystemInfoScript > Yes, in theory it should work on Debian when it works on Knoppix, but > when having to use the old installer then the modules are very much > out of date. Then use debootstrap to perform a chroot install under Knoppix as described in the Debian Installation Manual. Or use another installer: http://linuxmafia.com/faq/Debian/installers.html > In this particular example, I don't get the network up, so it is > pretty much pointless to use the old installer. Btw. The old installer > was not even able to cope with a 160GB hd. Google "large disk HOWTO". bf2.4 install option may help you. Or a chroot (my own preference), as mentioned above. Peace. -- Karsten M. Self <[EMAIL PROTECTED]>http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? With Ahnold as gropenator, we've once again got a Kennedy in office. And when he says "Ich bin ein Berliner", you'll know he means it. pgp0.pgp Description: PGP signature
Re: No need for 2.4.23 (re compromise)
On Sat, Dec 06, 2003 at 01:07:31AM +, Mark C wrote: > On Fri, 2003-12-05 at 15:47, Bill Moseley wrote: > > > I'm using that last one, 2.4.20. > > same here from the debian sources, but with a few added patches, > there is no need to download a new kernel, just get the source you have > for the currently running kernel, apply this patch: I already built 2.4.23. Good to get my cpu a bit of exercise once in a while. > > -- cut - > --- 1.31/mm/mmap.c Fri Sep 12 06:44:06 2003 > +++ 1.32/mm/mmap.c Thu Oct 2 01:18:19 2003 > @@ -1041,6 +1041,9 @@ > if (!len) > return addr; > > + if ((addr + len) > TASK_SIZE || (addr + len) < addr) > + return -EINVAL; > + So that's the brk bug? Doesn't take much code to wreck havoc, does it. || (addr + len) < addr. Hum. So, wrap around overflow? -- Bill Moseley [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: xscreensaver error: usage: xscreensaver-getimage [ -display host:dpy.screen ] [ -v ] window-id
on Fri, Dec 05, 2003 at 08:12:25PM -0800, Marc Wilson ([EMAIL PROTECTED]) wrote: > On Fri, Dec 05, 2003 at 08:29:33AM -0800, Karsten M. Self wrote: > > > > > No Google hits, strace doesn't help much. Sounds like someone got their > > args wrong. > > So LOOK at their arguments, fix them, and then file a bug. The > "Advanced" button on the "Settings" pane of every graphics hack is > what you want. Not. The problem is the system call within the hacks themselves. If you noted, I was running antspotlight from the command line. Among the broken hacks: antspotlight, gflux (-mode grab), flipscreen3d, and glslideshow. Other hacks work correctly with screengrabs: decayscreen, distort, jigsaw, ripple (-water), slidescreen, spotlight, zoom, and others. While my initial post may not have been clear: it appears the hacks themselves have incorrect system calls. I was looking for corroboration. Peace. -- Karsten M. Self <[EMAIL PROTECTED]>http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? STATE OF THE ART Expensive, loud and fragile. Occasionally functions for brief periods. In computer hardware terms, the "art" may be pottery - l'Inq http://www.theinquirer.net/ pgp0.pgp Description: PGP signature
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, Dec 05, 2003 at 09:00:02PM -0800, Paul Johnson wrote: > On Fri, Dec 05, 2003 at 08:19:25PM -0800, Tom wrote: > > The unfortunate thing about people like you is you go from this bizarre > > self-loathing to crass commercialism (usually around 27). > > You know, murphy really ought to be making sure the addresses used to > post to this list are valid. You're drunk now aren't you? Did you even try sending a message to this "from" line? Or is that just another thing you think you know? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 08:19:25PM -0800, Tom wrote: > The unfortunate thing about people like you is you go from this bizarre > self-loathing to crass commercialism (usually around 27). You know, murphy really ought to be making sure the addresses used to post to this list are valid. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0WJRUzgNqloQMwcRAuagAJ0XkHXbr617dJIYFLOPKcPRBlwXBgCgkImZ VuKvdFxeFhgAGn75OD7xYfM= =VTAe -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Linux Kernel Security - Can it ever be 100%
On Fri, Dec 05, 2003 at 11:43:23PM -0500, Joey Hess wrote: [great stuff which is absolutely correct] However, I "Tom Ballard" have figured it all out. The problem with all of computer science is the left hand doesn't know what the right hand is doing. All of these problems are finite and can be handled in an "a priori" way. The problem is computer science grew up not knowing that so we pretend we don't immediately know everything and compute in an "a posteori way". What I'm talking about is tearing down the concept of a general purpose computer. The only reason I can't run all my programs in a single memory space and know just exactly what the heck is going to happen is it makes poor economic sense to work that way. Consider a SQL Server for example. For any given schema which will a maximum of contain {N1...Nm} records, I can compute "a priori" the exact disk location of any record. If memory wasn't so fucking slow and there were plenty of it, we could assemble any image of this very quickly. All I need is a simple "I/O monster" that does this one fixed task in an "a priori way". So the problem is general purpose computers. We need to be able to produce fixed-function devices in a one-off fashion. [This rant is probably full of shit] :-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Linux Kernel Security - Can it ever be 100%
Dave wrote: > Recent discussions in this group have raised as many questions for me as > they have answered, and raised doubts in my mind that the security of the > Linux kernel will ever be as good as I would like it to be. Is there a > fundamentally simple and 100% effective way to stop kernel exploits, or > will we be forever locked in a race between white hats and black hats? I'm afraid that there is a stock answer one receives when one asks questions like these on internet discussion lists. I won't bother to give it as I'm sure someone will before this mail propigates out. > I am still hoping kernel security will eventually be as good as the security > of a typical microprocessor instruction set. Throw a trillion bad inputs > at an x86 microprocessor, and you will never take over the "supervisor" > mode. Touching faith in hardware. Pity it doesn't live up to it. Hardware is put together by humans, using tools increasingly similar to the tools we use to write software, and humans make mistakes. There has been at least one mistake in Intel hardware which had effects as bad as you describe; I alluded to it in my earlier mail. I think you'll find that a trillian bad inputs thrown at the linux kernel or any random setuid program are also unlikly to get you root (maybe a crash if you're lucky), but careful study and a targeted attack has much better luck. > [1] Are the parts of the kernel that need to be fast the same parts that > read input from a user process, It depends on your workload, but under most, yes, syscalls are very frequent, and their speed is essential. Something as simple as getting the current time, which is perhaps the most common syscall on desktop machines, involves passing a pointer to the kernel for it to write the time to. (However, that syscall has been at least partly moved to user space; I forget the details). > or can we say that 95% of user inputs can > be passed through robust, standardized validation routines with no > performance degradation noticeable to the user? e.g. When the user > process says "Here's a pointer to my data.", should a kernel routine just > start stuffing a buffer, or call a common routine that at leasts checks > the length of the data to be stuffed. If "blind buffer stuffing" were > limited to just those routines where this transaction was time-critical, > then those few routines could get a lot of scrutiny for buffer overflows. I think that you'll find that all accesses of data in user space by syscalls goes through a set of functions that do size checking and other checks. I think you'll find that the kernel is not in the business of trading off correctness for speed and instead they generally manage both. Except, of course, when mistakes are made. Some of the relevant code is several of the files in kernel/ or fs/read_write.c/open.c, depending on which syscalls you're intrested in, plus linux/arch/i386/lib/usercopy.c, and linux/include/asm-i386/uaccess.h If you're looking for more assurance than that, I think you'll quickly fall into a need for formal correctness proofs, which are probably very difficult for something with the scope of the linux kernel. > [3] I'm not sure what is meant by "tainted inputs" here. My guess is we > are talking about inputs that would pass simple validation checks (string > lengths, number ranges, membership in an allowed set) but still cause a > subtle problem later. It seems like that kind of problem would be very > unlikely, and almost impossible to exploit for anything other than causing > a crash. I'm comparing this situation to the comparable vulnerability with > microprocessor instruction sets, and we don't see that happening. There is vast potential for that kind of thing, particularly in the syscalls that manipulate files. Lots of potential for races, many ways to add malicious data to try to mess the kernel up (think of chains of recursive symlinks, for example). There have been many fixes in this area in the past. -- see shy jo signature.asc Description: Digital signature
Re: fetchmail problem (maybe bug)
on Fri, Dec 05, 2003 at 07:49:40PM -0800, Marc Wilson ([EMAIL PROTECTED]) wrote: > On Fri, Dec 05, 2003 at 08:51:37AM -0800, Karsten M. Self wrote: > > > I'm using fetchmail 5.9.11-6.2 from woody since a while without any problems, > > > but now mail retrieval fails with the following error messages: > > > > > > fetchmail: POP3> RETR 1 > > > fetchmail: POP3< -ERR cannot open disk file error 2 > > > fetchmail: cannot open disk file error 2 > > > fetchmail: POP3> QUIT > > > fetchmail: POP3< +OK POP3 server closing connection > > > fetchmail: client/server protocol error while fetching from mail.epost.de > > > > In this case, malformed headers in some spam is rejected by your local > > MTA. The result is that messages aren't delivered. > > Uh, no, if you'll note from the direction of the arrows (and the OP's > later message where he telnet's to the POPd), the error about the disk > file is coming from the POP server, and has nothing to do with the > local MTA or fetchmail itself. Possible. As I'd indicated, I run across this periodically. At unpredictable times, without access to the file in question, and generally with a primary objective of clearing the problem and retrieving my mail successfully. So I may have bits wrong. OTOH, when I've seen the error, the indication of where the problem is has been vague. This is consistent with posts I've seen from others. And I resolved the problem previously by bypassing the local MTA, as described. > Now... why the remote might be having problems opening a disk file, I > have no idea, but the problem isn't on the local end. Somewhat consistent with the other characteristics described by the OP, through. Peace. -- Karsten M. Self <[EMAIL PROTECTED]>http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? The golden rule of technical design: complexity is the enemy. pgp0.pgp Description: PGP signature
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, Dec 05, 2003 at 07:37:05PM -0800, Paul Johnson wrote: > On Fri, Dec 05, 2003 at 07:27:02PM -0800, Tom wrote: > > Anyway, thanks for making me glad I'm American paul! > > Learned it in school, not off the net. Heard it within the last month > on The History Channel as well, though the name of the program it was > on escapes me at the moment. Collective, rampant ignorance of history > and failing to learn from it's mistakes is one American tradition that > makes me say I have the grave misfortune of being American. The unfortunate thing about people like you is you go from this bizarre self-loathing to crass commercialism (usually around 27). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: xscreensaver error: usage: xscreensaver-getimage [ -display host:dpy.screen ] [ -v ] window-id
On Fri, Dec 05, 2003 at 08:29:33AM -0800, Karsten M. Self wrote: > No Google hits, strace doesn't help much. Sounds like someone got their > args wrong. So LOOK at their arguments, fix them, and then file a bug. The "Advanced" button on the "Settings" pane of every graphics hack is what you want. -- Marc Wilson | Nothing astonishes men so much as common sense and [EMAIL PROTECTED] | plain dealing. -- Ralph Waldo Emerson signature.asc Description: Digital signature
Re: ye olde upgrade vs. dist-upgrade
On Thu, Dec 04, 2003 at 04:31:25PM +0100, John L. Fjellstad wrote: > Marc Wilson wrote: > > > Is there a reason to not actually bother reading the man page for apt-get > > and learning the difference between the two targets? > > Why do you bother answer, when giving the answer makes you so uncomfortable? I don't know... why do you bother to subscribe to a mailing list, when you can't be bothered to *read* it before whining about someone else's posting? Or did you not notice that I *did* define the terms? Let me guess... you're one of those "special" people who should *never* be required to do anything heavy, like read for themselves. -- Marc Wilson | A triangle which has an angle of 135 degrees is [EMAIL PROTECTED] | called an obscene triangle. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ye olde upgrade vs. dist-upgrade
On Fri, Dec 05, 2003 at 08:38:02AM -0800, Bill Moseley wrote: > -u enables APT::Get::Show-Upgraded to true which lists what packages are > going to be updated, but, IIRC, APT::Get::Show-Upgraded is true by > default. Yeah. It didn't used to be so, and many people change it so that it's not. Using the '-u' option is therefore the only way to get apt to show you what it's going to do. Using the '-s' option, on the other hand, *does* the operation, but doesn't actually do it. Think "simulate". ^_^ > Yes, I understand the difference between update and dist-upgrade as the > manual describes it and as it's be re-quoted here a few times. > > My question is if sources.list specifies "woody" instead of "stable" so > dist-upgrade will not someday upgrade to sarge" and since a "stable" > distribution should not change dependencies, IS there a difference > between using "upgrade" vs. "dist-upgrade" in that case? Yes, there is. For all the reasons stated earlier in this thread. It doesn't matter where the packages come from, it only matters what dependency solution you allow apt to come up with. The difference being that apt will potentially not upgrade some packages that have available upgrades, due to some other package having to change state. > I've always used dist-upgrade. IIRC, I have had problems in the past > just using "upgrade" with broken dependencies. I also (IIRC) have seen > posts here about not using "upgrade" in Sid. But reading the manual it > seems like "upgrade" should be fine, but more and more packages will be > left out of the upgrade due to changing dependencies that happen in Sid. Correct. The "upgrade" target does *not* "break" dependencies. It cannot, because it does not establish them and has no control over them. Packages establish dependencies. All apt can do is try to solve for a solution that fits the parameters (and abilities) you've given it. If that solution means that a package doesn't get upgraded without intervention, then that package just doesn't get upgraded. That's hardly the life-threatening event your average Sid cluebie tries to make it out to be. -- Marc Wilson | The public is an old woman. Let her maunder and [EMAIL PROTECTED] | mumble. -- Thomas Carlyle -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
> > Yes, in theory it should work on Debian when it works on Knoppix, > That is only true to a degree. Klaus Knopper has a lot of very good > scripts to do hardware detection instead of the usual startup from > /etc/init.d > When you do a hd install from Knoppix, you do not get those scripts. > > E.g. in my case I have Backstreet Ruby and two AT IBM keyboards plugged > into the "regular" DIN keyboard outlet and the usual "mouse" outlet. > Then I have 2 mice in the USB slots. Knoppix gets this right, but its HD > installation gets it wrong and I have to adjust things manually. > > Personally I find the HD install a waste: way too much stuff from all > over the place. His CD is a gem though. Thanks to you (and the others) for sharing your insights. I tend to agree and after beeing able to get my hands on a current version of the installer I don't see why I should use Knoppix for my permanent Linux boxes. The installation is running at the moment, but after having a peek at /proc/pci the installation with the new installer looks **very** good to me. I'll still use Knoppix to show Linux to co-workers though ;-) Cheers, Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: fetchmail problem (maybe bug)
On Fri, Dec 05, 2003 at 08:51:37AM -0800, Karsten M. Self wrote: > > I'm using fetchmail 5.9.11-6.2 from woody since a while without any problems, > > but now mail retrieval fails with the following error messages: > > > > fetchmail: POP3> RETR 1 > > fetchmail: POP3< -ERR cannot open disk file error 2 > > fetchmail: cannot open disk file error 2 > > fetchmail: POP3> QUIT > > fetchmail: POP3< +OK POP3 server closing connection > > fetchmail: client/server protocol error while fetching from mail.epost.de > > In this case, malformed headers in some spam is rejected by your local > MTA. The result is that messages aren't delivered. Uh, no, if you'll note from the direction of the arrows (and the OP's later message where he telnet's to the POPd), the error about the disk file is coming from the POP server, and has nothing to do with the local MTA or fetchmail itself. Now... why the remote might be having problems opening a disk file, I have no idea, but the problem isn't on the local end. -- Marc Wilson | Today, THREE WINOS from DETROIT sold me a framed [EMAIL PROTECTED] | photo of TAB HUNTER before his MAKEOVER! signature.asc Description: Digital signature
Re: debian-installer beta - where?
On Saturday 06 December 2003 01:30, Joey Hess wrote: > lloyd wrote: > > the links on gluck to the debian-installer beta are broken - where can i > > get the i386 iso's? > > http://www.mmweg.rwth-aachen.de/~sebastian.ley/d-i/ Great... The new installer is just wonderful. It solved my problems mentioned in the other Thread "Cheap PC etc.". The installation is not finished yet, but it looks **very** promissing. Cheers, Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, Dec 05, 2003 at 07:26:52PM -0800, Paul Johnson wrote: > On Fri, Dec 05, 2003 at 06:54:48PM -0800, Tom wrote: > > This is so profoundly offensive I cannot believe you offensive. > > What you are saying is so self-evidently wrong it's laughable. > > Go take US History sometime. Go read about the effect the US revolution had on ending monarchies in Europe and how all the African colonies emulated us. Can you point to a single link backing up what you say? (Not a blog. A real history text that says the Founding Fathers were drunks and were absolutely stupid.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 07:27:02PM -0800, Tom wrote: > Anyway, thanks for making me glad I'm American paul! Learned it in school, not off the net. Heard it within the last month on The History Channel as well, though the name of the program it was on escapes me at the moment. Collective, rampant ignorance of history and failing to learn from it's mistakes is one American tradition that makes me say I have the grave misfortune of being American. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0U7hUzgNqloQMwcRAh6IAJ4pwZdWmIyCP11FbZNcqDhzibb9pACggZ/3 f/Cl+Ut/RmSY1UkW5VXgLDk= =bgKV -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, Dec 05, 2003 at 05:47:46PM -0800, Paul Johnson wrote: > On Fri, Dec 05, 2003 at 06:17:17AM -0800, Tom wrote: > > Don't second-guess them; they was smart! > > They weren't smart, they were drunk; there's a difference. We don't > even trust drunks to drive these days. They fall well short of the > pedestal people put them on. > > 1) They thought the electoral college was a good idea. This has The idea of the electoral college is against the "Tyranny of the Majority." We are not a democracy. George Washington could have been King and willingly gave up power. I tried to google for "founding fathers drunks" to see if there was any basis in what you are saying, but have you noticed in the last few days all of the first 1000 hits Google returns are 'blogs? It's absolutely useless. Anyway, thanks for making me glad I'm American paul! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 06:54:48PM -0800, Tom wrote: > This is so profoundly offensive I cannot believe you offensive. > What you are saying is so self-evidently wrong it's laughable. Go take US History sometime. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0Ux8UzgNqloQMwcRApe2AJ9EaAKtocAruXyDobohjIVLjFIt+ACglFbS XY/IOtvP+3ZdlKM6M9wZpA0= =l77g -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Unidentified subject!
On Fri, 5 Dec 2003 13:32:37 -0800 (PST) bob nole <[EMAIL PROTECTED]> wrote: > you are a animal raper > > How did he find out? Regards, David. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RocketRAID 100 and Linux Booting - HELP!
I don't see anywhere information on setting up the booting of Linux with the RocketRAID. I tried to write the MBR of the designated BOOT drive and even though lilo said that it had done it, I get a never ending flow of 01's on the screen instead of a lilo boot screen. More information: The operating system is a Linux2.4.20 Kernel compiled from kernel.org source. The distribution is Debian 3.0 (but like I said, I built my own kernel) and I am using the standard lilo distribution that came with it. The RR100 is in a P4 2.4GHz and supports two 200G WesternDigital Drives (each on its own Cable as the master.) Additionally, there are two 80G Maxtors on the MSI motherboards IDE controllers (one is shared with the CD/RW) The RR100 is a new addition and intended to replace the two 80G's The system currently boots to the first 80G and I built a kernel with the Open Source RR100 RAID driver and it works great. I can see the two 200G drives as a SINGLE (RAID1) 200G SCSI drive. I was able to partition, format and copy the full system from the 80G drives to the 200G drive. Now I am attempting to write a boot record to the RAID array so that I can remove the two 80G drives. As part of making the boot process work, I also compiled IDE HPT370 support into the kernel. Without it, the native IDE driver would see the HPT370 chips and try to enable the drives. This would result in multiple "interrupt lost" errors. Now with the support compiled in, the errors are gone and the SCSI device still works great. My first attempt at making the system boot was to tell lilo to write the MBR to the /dev/sda device (RR100). didn't work (and I figure its because the SCSI driver does not load till after the boot) My second attempt was to have lilo write the MBR to /dev/hde (RR100 first IDE drive) didn't work My final attempt was to have lilo write the MBR to /dev/hdg (RR100 second IDE drive) didn't work Before each attempt at booting, I disabled the two 80G drives (they are in carriers so I just unjack them) and this leaves the RR100 as the only harddrive in the system (I confirmed this in the bios). I have also gone into the RR100 bios and set the first drive of the set to be the Boot Drive. So now I have had lilo on all occasions tell me that the MBR was updated successfully only to have the system boot and display a never ending stream of 01 01 01's to the console. Any ideas would be greatly appreciated... Here is some output from a lilo run [EMAIL PROTECTED]:/home/keith# dpkg-reconfigure lilo Running /usr/sbin/liloconfig LILO, the LInux LOader, sets up your system to boot Linux directly from your hard disk, without the need for a boot floppy. You already have a LILO configuration in the file /etc/lilo.conf Checking your /etc/lilo.conf for incompatible options... Install a boot block using your current LILO configuration? [Yes] == WARNING: Even if lilo runs successfully, see /usr/share/doc/lilo/INCOMPAT.gz for changes in the usage of the /etc/lilo.conf file. If needed: edit /etc/lilo.conf and rerun '/sbin/lilo -v' Running lilo... LILO version 22.2, Copyright (C) 1992-1998 Werner Almesberger Development beyond version 21 Copyright (C) 1999-2001 John Coffman Released 05-Feb-2002 and compiled at 20:57:26 on Apr 13 2002. MAX_IMAGES = 27 Reading boot sector from /dev/hde Warning: /dev/hde is not on the first disk Merging with /boot/boot-menu.b Boot image: /vmlinuz -> /boot/vmlinuz-2.4.20-idepci Added Linux_2.4.20 Boot image: /vmlinuz.raid -> /boot/vmlinuz-2.4.20-raid Added RAID.2.4.20 * Boot image: /vmlinuz.old -> /boot/vmlinuz-2.2.20-idepci Added Linux_2.2.20 /boot/boot.2100 exists - no backup copy made. Writing boot sector. And the top of the lilo.conf file that produced it. # Support LBA for large hard disks. # lba32 # Overrides the default mapping between harddisk names and the BIOS' # harddisk order. Use with caution. #disk=/dev/hde # bios=0x81 #disk=/dev/sda # bios=0x80 # Specifies the boot device. This is where Lilo installs its boot # block. It can be either a partition, or the raw device, in which # case it installs in the MBR, and will overwrite the current MBR. # boot=/dev/hde # Specifies the device that should be mounted as root. (`/') # root=/dev/sda1 And the IDE and SCSI section of the boot screen (when booting off the 80G drive) Uniform Multi-Platform E-IDE driver Revision: 6.31 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx ICH4: IDE controller on PCI bus 00 dev f9 PCI: Device 00:1f.1 not available because of resource collisions ICH4: BIOS setup was incomplete. ICH4: chipset revision 1 ICH4: not 100% native mode: will probe irqs later ide0: BM-DMA at 0xfc00-0xfc07, BIOS settings: hda:DMA, hdb:DMA ide1: BM-DMA at 0xfc08-0xfc0f, BIOS settings: hdc:pio, hdd:DMA HPT370A: IDE controller on
Re: Anyone used a Lindows Laptop?
Ok to answer my own query, I have managed to find some good reviews on the Lindows Mobile PC and in a place I probably should have thought about earlier. After giving up on google, I had a closer look at the Lindows.com site and found that they have some pretty vigorous forums there, and they can easily be searched. As a guest you can only post to some of them but you can read all of them. If you go to https://forum.lindows.com/forum/search.php?Cat= and put "mobile pc" into the search box it will bring back quite a few threads on the Lindows Mobile Pc. Although there seem to be some concerns with not everything in the laptop being supported by Lindows, power managemenmt, disabling the Compactflash card reader if you added more than 256 MB of RAM, the general impression I got was as far as the actual laptop itself went it was quite good. It has no CDROM but as the CDROM in my ibook broke about 1 month after I got it (something the apple repair people had seen before!) and I managed fine without it that is actually an advantage as I don't need to pay for something I won't use. The battery life of about 2 hours seems a bit low given the low power consumption of the CPU but that might have been improved with Lindows 4.0. I does sound like a good deal and given it is so much cheaper than any of the other laptops that I looked at that even came close to its weight range I think I will go ahead and purchase it. Also it was the only non-apple (after my recent experience with Apple there was no way I was going to give them another cent) laptop that I could find that didn't involve paying the microsoft tax. I hope that won't be the case for that much longer, as I did like the look of some of the IBM laptops and I have heard that there linux support is great. Unfortunately however you can't buy them without a having to pay for Windows as well. Anyway will give a follow up when I get the laptop and get a feel of how it works cheers John www.ngogeeks.com On Fri, 5 Dec 2003 17:24:17 +1100 John <[EMAIL PROTECTED]> wrote: > Hi > > I have just started looking for a new laptop courtesy of the logic > board on my ibook dying and being hit for a Aust $935 bill for a new > one. I have been looking at the Lindows Mobile PC which I could get > for Aust $1165 from sub300.com. I have been trying to find some > reviews by people who have purchased a Lindows Laptop but have not had > much luck? I have seen a few posts that say describe upgrading the > Lindows to Debian Unstable and it sounds quite easy. Just wondering if > anyone has used this laptop and has any comments. > > Thanks for any help > > John > > www.ngogeeks.com > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
On Fri, Dec 05, 2003 at 05:47:46PM -0800, Paul Johnson wrote: > On Fri, Dec 05, 2003 at 06:17:17AM -0800, Tom wrote: > > Don't second-guess them; they was smart! > > They weren't smart, they were drunk; there's a difference. We don't > even trust drunks to drive these days. They fall well short of the > pedestal people put them on. This is so profoundly offensive I cannot believe you offensive. What you are saying is so self-evidently wrong it's laughable. Yes, Paul, they were so stupid they changed the history of the planet. This stupid rant is *so* off the mark I can't even get mad about it, because it bears no relation to reality whatsoever. > > 1) They thought the electoral college was a good idea. This has >burned us over the years by making it easier to rig presidential >elections and gives states with large populations of stupid people >(ie California[1]) disproportionately large say. > > 2) The vast majority of the time they spent writing the "framework" >for the US was spent in a pub across the street from Independence >Hall in a drunken haze. > > > > [1] Though I'm sure if they thought a state inhabited almost entirely > by retards could one day exist, much less become very populated, they > would probably have realized how retarded the idea was even through > their drunken stupor. > > -- > .''`. Paul Johnson <[EMAIL PROTECTED]> > : :' : > `. `'` proud Debian admin and user > `- Debian - when you have better things to do than fix a system > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
debian install + lvm
I found out something that was bothering me for a while and I finally figured it out. I was unable to run X-Windows as non-root user. I was installing Debian with an LVM configuration for the disk. As part of this config, I was putting /tmp into a LVM partition /dev/hda1 -> swap /dev/hda2 -> boot /dev/hda3 -> root /dev/hda4 -> LVM -> home, tmp, usr, usr/local, var, opt the problem I ran into was this: Do the ABSOLUTE minimum install, then install the lvm modules and a 2.4 kernel. Configure LVM and fstab. When you reboot the new /tmp (/dev/hda4/vg/tmp) will have the wrong permissions and X, man, and others will all fail to run. I don't think there is any kind of "fix" for this in the installation process as it is today. But I thought this would be of interest to someone else out there. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Anyone used a Lindows Laptop?
Thanks for your reply Kev On Fri, 5 Dec 2003 04:07:14 -0500 [EMAIL PROTECTED] wrote: > > the first thing laptop mfgrs leave out is battery life. So, I checked > and it has 2 hrs max. so, that was a deal breaker for me. I have had a > little experience with lindows 3.0 desktop. It was based on stable I > think. And you could do some selective apt-geting. But from my very > limited stable->unstable attempt, it didnt work. Also, it had only > root logon. and it disabled virtual terminals, so you could not fix > things if they went very wrong. But the newer version may be better. > BTW to you have a link so that I can check outt he 'lindows upgrade' > article. HTH I am afraid I can't remember where I saw the link, at the time I read it I wasn't looking for a new laptop so didn't bother booking marking it although I wish I had now. cheers John -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Server Compromise -- A Fire Drill ??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 08:30:11AM -0600, John Hasler wrote: > Dave writes: > > He or she had intimate knowledge of the various Debian servers. > > I see no evidence that the cracker had anything other than public > information. Wait...Debian Developer passwords are public information? When did this change? - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0UFqUzgNqloQMwcRAt+zAKC5kqTt0NWQkuA+etXVPO43wmaaqQCgh7Py LIrPzY6xqzuOtScdS0XMpjU= =D2Vv -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Server Compromise -- A Fire Drill ??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 04:32:47PM -0500, Paul Morgan wrote: > Personally, I think that the best test of Gates' character is that the > highly moral Warren Buffet chooses him as a friend. Well, in every circle of friends, there's the relatively amoral renegade and a whore. I'll leave it as an excersize to the reader if Buffet's the whore, Gates the renegade, or both. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0UCJUzgNqloQMwcRAlA4AJ9fFxvBGwaaWKIwDCMDPu53Lmj1rQCfU/Iv Bv3NPdDfHE/Ty0EIH7qyzIE= =0DLF -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Server Compromise -- A Fire Drill ??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, Dec 04, 2003 at 04:57:55PM -0500, ScruLoose wrote: > It's "cracker". Not "hacker". > http://web.bilkent.edu.tr/Online/Jargon30/JARGON_C/CRACKER.HTML This is a *very* outdated mirror of The Jargon File, please kick the maintainer into updating. http://ursine.ca/jargon/html/C/cracker.html Entry from current Jargon File. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0TxCUzgNqloQMwcRArzhAJ4ioc/hIq+zCul6XIWGvCNGb0UoAwCg0fvX Wudo9qvW6cTf0bvVA14M4vA= =8CXM -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RAID question - dying
On Fri, 5 Dec 2003, Paul Morgan wrote: > > - disks doesn't fail as often as a power supply > > -- hint.. add a nice fan for each disk > > > > My experience is the opposite: I have never had a power supply fail, but I > have had several disks fail. everybody's experiences will be different because: - some people buy good products, some people buy cheap stuff - some people add fans where needed, some people dont - there are always exception to the rule of "good stuff" ( like ibm's major [EMAIL PROTECTED] with their deskstar series of drives, ( caused them to sell their entire disk drive division to hitachi ( -- just kidding .. but the timing is good for a joke given the same system ... things that should die first would be based on MTBF ... ( mean time between failure ) all rated at 25C Warranty period is probably closely related to MTBF ... - fans ( typically no warranty ... ) - power supplies ( some have 100,000 hrs if you believe it ) which confirms Pauls experiences w/ power supply vs disks example: http://www.sparklepower.com/pdf/FSP300-60GRE.pdf - disks ( typically warrantied for 1-3 yrs ) - cpu has an mtbf around 30,000 hrs ( about 5 yrs ) http://www.Linux-1U.net/CPU/ -- notice that your cpu lifespan dies 2x faster for each 10C increase in temp c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 02:11:30AM -0700, Thanasis Kinias wrote: > ...and hence not a member of any `third' party -- or am I missing > something? Confusingly enough, there's an Independent Party here. So more people claim to be Independents then actually are. If you have no party affiliation, you register as "Non-affiliated Voter." - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0TgfUzgNqloQMwcRAjUSAJ4vgDFR81RJi5ZXrgSt/JthqSmrxgCeIcjb 711EsGjE21crKtnYCajW/8E= =nnu1 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 01:39:06AM -0800, Tom wrote: > On Thu, Dec 04, 2003 at 10:15:11PM -0700, Thanasis Kinias wrote: > > > I was aware of the indepentents; `nonzero' referred to members of > > organized `third' parties, which could run party lists under a > > Scottish-style system. AFAIK there are no party members in the Congress > > that are not Democrats or Republicans. > > You conveniently ignored the quote by the Indian fellow who complained > about how there are too many political parties. And conveniently ignores that New Hampshire has a Socialist US House member, IIRC (it's either NH or VT, and I could be wrong about which house of congress, and more than a day's drive from Oregon, it's not like it matters here anyway). > Now it was "King Andrew" Jackson who was the alleged tyrant. If he was so bad, how come he's featured in technicolor on $20? > But the Whigs were the Republicans/Democrats No, that would be the Democratic Republicans. The Whigs were the major party opposing DR. The Democratic Republicans split sometime after. > before they started using the Race-issue in an obnoxious way to do > shitty things to people, like the Democrats do now. Last I checked, most people running around in bedsheets and lighting wooden crosses on the lawns of black people claim to be Republicans. The whole not caring about your fellow man seems to mesh nicely between those two groups. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0Td9UzgNqloQMwcRAr9CAJ4w9uNY49v8CNqvvSp1D9chnmcgngCfWFqW n2NCBZo8bYSTVQjk6bIRCyU= =LKqJ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
xserver 30 seconds startup delay with usb?
Any ideas on why starting X or changing virtual terminals to the X window (C-A-F7) might pause for 30 seconds with a blank screen or at best the background and window outlines showing. Seems like it is timing out waiting for something? Perhaps associated with usb or a usb mouse? This is occurring on a Dell OptiPlex GX270 with an Intel 82865G Integrated Graphics Device (i810), currently up to date with unstable but with the xserver-xfree86 from experimental (for support of the chipset) 4.3.0-0pre1v4. Regards, Graham -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: boot time RAID drive detection order
On Fri, 5 Dec 2003, bruce edge wrote: > If one has 2 IDE disks connected, both of which have RAID autodetect > partitions, but are incompatible with the other drive, what determines > which one wins? the bios if hda is not found, it will go to hdb, than to hdc or whatever you set in the bio you should use a boot order of: fd->cdrom->hda->hdc->hdb->hdd ... - some bios tries to get fancy and call it hd0, hd1, first drive, second drive, third drive, and other whacky names to confuse us - not sure, but maybe it just boots from the drive the responded faster ?? > The case I've seen is that hdb is winning out over hda, and I was > wondering why, and, if there's anything that can be done to force one or > the other? probably because you didnt install a proper "boot sector" info onto hda i suspect you can copy the boot info from hdb onto hda and it will start booting from hda, except the other choice could be neither will boot afterward .. :-0 - so make sure you can boot off floppy and cdrom before playing with boot info ( lilo, grub, syslinux, loadlin, ... ) c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 06:17:17AM -0800, Tom wrote: > Don't second-guess them; they was smart! They weren't smart, they were drunk; there's a difference. We don't even trust drunks to drive these days. They fall well short of the pedestal people put them on. 1) They thought the electoral college was a good idea. This has burned us over the years by making it easier to rig presidential elections and gives states with large populations of stupid people (ie California[1]) disproportionately large say. 2) The vast majority of the time they spent writing the "framework" for the US was spent in a pub across the street from Independence Hall in a drunken haze. [1] Though I'm sure if they thought a state inhabited almost entirely by retards could one day exist, much less become very populated, they would probably have realized how retarded the idea was even through their drunken stupor. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0TVCUzgNqloQMwcRAm0xAJoDIESRlpIxZuugyc6uP5YfssjhsACgtEw2 8knOyzQdfcJaCuRv0/gYZwE= =9ZGY -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: FWD: Can't Get Past "Install the Base System"
> - Forwarded message from "Dave L. Thompson" <[EMAIL PROTECTED]> - > > From: "Dave L. Thompson" <[EMAIL PROTECTED]> > Date: Fri, 5 Dec 2003 14:42:18 -0500 > To: [EMAIL PROTECTED] > Subject: Can't Get Past "Install the Base System" > X-Spam-Status: No, hits=-4.6 required=10.0 tests=BAYES_00,HTML_60_70, > HTML_FONTCOLOR_UNKNOWN,HTML_MESSAGE autolearn=no version=2.60 > > I am a newbie Debian installer, and I'm installing Debian on a Dell PC > with the seven CD's I downloaded from the Debian site. I have been > unable to get past the "Install the Base System" portion. I've > confirmed that dists/woody/main/binary-i386/Release is present on the > installation CD, but anytime I try to use it, I get the following error: > > > > "The installation program couldn't find any directory containing a file > basedebs.tar or dists/woody/main/binary-i386/Release." The last time I saw this, the user had booted from some CD other than CD #1 and still had that CD in the drive. The base files are on CD #1, so be sure that's the one you have in the drive. -- Debian GNU/Linux Operating System By the People, For the People Chris Tillman (a people instance) toff one at cox dot net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 08:01:00AM -0600, Kent West wrote: > and at this time pick from the Big Two to avoid "throwing away" your > vote. I was with you up until you said this. How does this change anything? The general election is the one that counts. The only time you throw away your vote is if you vote for what you believe to be a lesser candidate and try to justify it by saying you're throwing your vote away otherwise. That is exactly the kind of thinking that perpetuates America's binary political system. > You've still done what you've set out to do; get your 3rd-party some > name recognition by putting them on the ballot. Two serious problems with that: 1) "Third parties" already get on the general ballot. Claiming victory when they get to this point instead of backing them up through the general elections is counterproductive. 2) Not all parties hold primaries. I know the Socialist Party (at least locally) doesn't hold primaries unless there's more than one candidate running for the same office. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0TOfUzgNqloQMwcRAmG6AKDRzWbofGg6HirOXKCjYfiVH+ivWQCglBdD +j5m97TUW7WDEpEhqHYclgo= =NxHG -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Linux Kernel Security - Can it ever be 100%
Recent discussions in this group have raised as many questions for me as they have answered, and raised doubts in my mind that the security of the Linux kernel will ever be as good as I would like it to be. Is there a fundamentally simple and 100% effective way to stop kernel exploits, or will we be forever locked in a race between white hats and black hats? I am still hoping kernel security will eventually be as good as the security of a typical microprocessor instruction set. Throw a trillion bad inputs at an x86 microprocessor, and you will never take over the "supervisor" mode. Here are some recent discussions with question numbers in right margin. On Thu, 04 Dec 2003 20:50:17 +0100, Joey Hess <[EMAIL PROTECTED]> wrote: >Dave wrote: >> User: CallService DestroyFileSystem >> OS: Sorry, no such service. >> User: CallService 227 >> OS: Sorry, no such service. >> User: CallService 226 >> 226> OpenForWrite >> Sorry, you don't have permission to write to someone else's files. >> 226> PokeMemory >> Sorry, service 226 has no such command. >> 226> SaveThisData >> Sorry, your data exceeds the size of my buffer. >> 226> > >You've just described the essense of the unix system call API. The only >difference is that since using a syscall each time to access memory >would be very slow, syscalls are instead used to set up memory regions, [1] >which are protected by the processor's MMU and which processes cannot >write outside of. cat /proc/self/maps > >Any API of this sort is still vulnerable to bugs in the validation of >the data and commands though, such as the lack of bounds checking in the >brk() hole. It's also vulnerable to bugs in the processor, such as the [2] >old Intel f00f bug. On Fri, 05 Dec 2003 03:00:15 +0100, Isaac To <[EMAIL PROTECTED]> wrote: >> "Dave" == Dave <[EMAIL PROTECTED]> writes: > >Dave> So how many daemons and kernel routines need both root access and >Dave> input from a user process? > >Remember that *all* kernel routines are running in kernel-mode of the >processor, i.e., having even higher permission than a normal root process. >And most of the inputs taken by system calls are tainted with user inputs. [3] >Even worse, the kernel is performance critical. Adding all of these, you'll [1] >understand why it is so hard to make sure everything is correct. That's why >some people advocate micro-kernels, to reduce the "source of power" to a [4] >very small code base that can be monitored in an easier way. But we are not >at that point yet, so the race between white-hat and black-hat hackers >*will* continue. In any case, even if we are in a micro-kernel like Hurd, a >bug in the core servers (e.g., the authentication server, the filesystem >server or the Unix API server) can easily give out arbitrary power to the >user, so it is important to make sure core servers are bug-free in any case. >The only question is "how many code are in the core servers". Questions: I'm raising these questions not to push my non-expert solutions to the problems of OS security, but to stimulate discussion and gain some understanding of the fundamental problems the kernel developers are facing. I know from my own projects in electronic design that what seems simple to the non-expert can be devilishly difficult. [1] Are the parts of the kernel that need to be fast the same parts that read input from a user process, or can we say that 95% of user inputs can be passed through robust, standardized validation routines with no performance degradation noticeable to the user? e.g. When the user process says "Here's a pointer to my data.", should a kernel routine just start stuffing a buffer, or call a common routine that at leasts checks the length of the data to be stuffed. If "blind buffer stuffing" were limited to just those routines where this transaction was time-critical, then those few routines could get a lot of scrutiny for buffer overflows. [2] It seems to me that a bounds check on any number from a user process could be a fast "getnumber( num, min, max )" routine. Again, any kernel routine that really couldn't live with this small delay, and had to process un-validated user data, would get special scrutiny. I'm guessing two or three routines, but I really don't know. [3] I'm not sure what is meant by "tainted inputs" here. My guess is we are talking about inputs that would pass simple validation checks (string lengths, number ranges, membership in an allowed set) but still cause a subtle problem later. It seems like that kind of problem would be very unlikely, and almost impossible to exploit for anything other than causing a crash. I'm comparing this situation to the comparable vulnerability with microprocessor instruction sets, and we don't see that happening. [4] Linus rejected the micro-kernel architecture in 1991, and it seems *very* unlikely that the whole thing will be re
Re: Java, mplayer
Bijan Soleymani wrote: Joel Konkle-Parker <[EMAIL PROTECTED]> writes: Why can't Sun's j2re and mplayer be provided in non-free or contrib? I've read various things about how their legal status is incompatible with Debian's DFSG, but I thought that's what non-free was for in the first place. Things in non-free must be freely distributable in binary form. I don't think Sun's java allows that. I think it even puts restrictions on that. Part of the agreement that licensed distributros must sign with Sun is that they will not distribute any other implementations. This would make it impossible for Debian distribute Sun's Java simultaneously with free iwplementations (like Kaffe). [BTW, IANAL] -Roberto pgp0.pgp Description: PGP signature
DO NOT hijack threads!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Dec 05, 2003 at 09:37:30AM -0800, Keith Goettert wrote: > I am using a Hipoint IDE RAID card. That's nice. And most of us use threaded mail readers. Start a new thread by sending a new email to [EMAIL PROTECTED], NOT by replying to other list traffic. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/0S2aUzgNqloQMwcRAreZAJ9HENrBkC23h9BgGCKpEt51mo4w1wCfdmDT 6dQT7vei8aNQ088MPGZ2ol4= =YgZ6 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PATH statement in X
Mark Roach wrote: > So, add UserPath and/or SystemPath lines to your kdmrc and see if they > take effect... But that doesn't my first question, which is where all the places the PATH is set when you are using X-Window (kdm). The UserPath and SystemPath is not set in kdmrc, so it has to have been set somewhere. The PATH statement is spread out through a couple of Xsessions, but neither builds up the give me the path I currently have. So my question still stand. -- John L. Fjellstad web: http://www.fjellstad.org/ Quis custodiet ipsos custodes -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: No need for 2.4.23 (re compromise)
On Fri, 2003-12-05 at 15:47, Bill Moseley wrote: > I'm using that last one, 2.4.20. same here from the debian sources, but with a few added patches, there is no need to download a new kernel, just get the source you have for the currently running kernel, apply this patch: -- cut - --- 1.31/mm/mmap.c Fri Sep 12 06:44:06 2003 +++ 1.32/mm/mmap.c Thu Oct 2 01:18:19 2003 @@ -1041,6 +1041,9 @@ if (!len) return addr; + if ((addr + len) > TASK_SIZE || (addr + len) < addr) + return -EINVAL; + /* * mlock MCL_FUTURE? */ -- cut - and recompile, this was taken originally from, Debian Planet. Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Investigation Report after Server Compromises
On Fri, 05 Dec 2003 16:28:06 -0800, Vineet Kumar wrote: > * Paul Morgan ([EMAIL PROTECTED]) [031205 14:24]: >> On Thu, 04 Dec 2003 18:05:15 -0800, Vineet Kumar wrote: >> >> > * Paul Morgan ([EMAIL PROTECTED]) [031204 12:32]: >> >> I have all services locked down to localhost; my only connections to >> >> the outside world are mail, news via nntpcached, web via squid... I run >> >> Apache but it too is locked down to localhost. My mail is run through my >> > >> > this ... >> > >> >> ISP's (earthlink's) virus and spam filters before I get it (otherwise I'd >> >> be getting like 10 Svens per day). I do see, from time to time, Apache >> >> refusing connections attempts which are generally attacks by Windoze worms. >> > >> > ... and this do not add up. Methinks your apache is not "locked down to >> > localhost." >> > >> >> 150.140.128.174 - - [03/Dec/2003:08:52:40 -0500] "GET >> /.hash=0df2df7b5aeac6aabb9ad2e00c0d150f831f HTTP/1.1" 403 322 "-" "-" >> >> [Wed Dec 3 08:52:40 2003] [error] [client 150.140.128.174] client denied by server >> configuration: /var/www/.hash=0df2df7b5aeac6aabb9ad2e00c0d150f831f > > That's fine. I just wouldn't consider it "locked down to localhost" if > it's listening on any external interface. I'd use the Listen directive > to have it bind to only 127.0.0.1:80 (and additionally use iptables to > block incoming access). Relying on the server's configuration alone to > reject incoming connections is subject to break if the server is broken. > If it only ever bound to 127.0.0.1, any attempts to connect to an > external address will get RST from TCP before apache ever knows anything > about it. > > good times, > Vineet > -- I appreciate the advice, but I've left it like that out of a somewhat perverse interest in seeing what shows up. I have had some success in getting a couple of people booted off their ISPs. Nice to do a tiny bit of fighting back :) -- paul "The number of UNIX installations has grown to 10, with more expected." (The UNIX Programmer's Manual, 2nd Edition, June 1972) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Where to get the new installer?
On Saturday 06 December 2003 01:53, Mariano Kamp wrote: > Hi Richard, > > Richard Lyons <[EMAIL PROTECTED]> wrote: > >[··] > > > >My experience with Knoppix was excellent. I used it on two systems > >(laptop and desktop) and both are now mostly unstable - only bit of > >knoppix obviously remaining being the X splashscreen. It certainly > >solved some hardware issues for me - and a lot of time. > > ok, great. All there is left is the splash? Nothing nasty with > different /etc or kernel compiles? I'm sure there are other things there too, but nothing that has been nasty for me. YMMV. (I'm only a beginner with Debian). Someone here on d-u commented today that the Knoppix install puts far too much stuff on the h.d., but I was just pleased to have my network card recognised and configured, which otherwise was going to need a kernel compile. It gave me a complete working system: now I just purge a couple of things each time I update. In a year or two it'll be pruned more to what I need... > Ok, I just read on debian-announce > that the system will be back on really soon. If that is not going to > happen tomorrow I'll give the knoppix hd installer a shot and try to > work on the X issue. Good luck, either way. -- richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Investigation Report after Server Compromises
* Paul Morgan ([EMAIL PROTECTED]) [031205 14:24]: > On Thu, 04 Dec 2003 18:05:15 -0800, Vineet Kumar wrote: > > > * Paul Morgan ([EMAIL PROTECTED]) [031204 12:32]: > >> I have all services locked down to localhost; my only connections to > >> the outside world are mail, news via nntpcached, web via squid... I run > >> Apache but it too is locked down to localhost. My mail is run through my > > > > this ... > > > >> ISP's (earthlink's) virus and spam filters before I get it (otherwise I'd > >> be getting like 10 Svens per day). I do see, from time to time, Apache > >> refusing connections attempts which are generally attacks by Windoze worms. > > > > ... and this do not add up. Methinks your apache is not "locked down to > > localhost." > > > > 150.140.128.174 - - [03/Dec/2003:08:52:40 -0500] "GET > /.hash=0df2df7b5aeac6aabb9ad2e00c0d150f831f HTTP/1.1" 403 322 "-" "-" > > [Wed Dec 3 08:52:40 2003] [error] [client 150.140.128.174] client denied by server > configuration: /var/www/.hash=0df2df7b5aeac6aabb9ad2e00c0d150f831f That's fine. I just wouldn't consider it "locked down to localhost" if it's listening on any external interface. I'd use the Listen directive to have it bind to only 127.0.0.1:80 (and additionally use iptables to block incoming access). Relying on the server's configuration alone to reject incoming connections is subject to break if the server is broken. If it only ever bound to 127.0.0.1, any attempts to connect to an external address will get RST from TCP before apache ever knows anything about it. good times, Vineet -- http://www.doorstop.net/ -- "Extremism in the defense of liberty is no vice. Moderation in the pursuit of justice is no virtue." -- Barry Goldwater signature.asc Description: Digital signature
Re: RAID question
On Fri, 05 Dec 2003 15:38:51 -0800, Alvin Oga wrote: > > > > generic disk failures ... > - use SMART, enabled in the kernel and in the bios > > - disks doesn't fail as often as a power supply > -- hint.. add a nice fan for each disk > My experience is the opposite: I have never had a power supply fail, but I have had several disks fail. -- paul "The number of UNIX installations has grown to 10, with more expected." (The UNIX Programmer's Manual, 2nd Edition, June 1972) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: debian-installer beta - where?
lloyd wrote: > > the links on gluck to the debian-installer beta are broken - where can i > get the i386 iso's? http://www.mmweg.rwth-aachen.de/~sebastian.ley/d-i/ -- see shy jo signature.asc Description: Digital signature
Re: [OT] Slashdot and media accuracy
ScruLoose writes: > Half of the stuff that gets called "campaign contribution" in the US > would get both parties ten years in jail if you tried it in any other > democracy in the world. And half of the stuff that gets called "campaign contribution" in other parts of the world would get both parties ten years in jail if you tried it in the US. Look up Kohl in Germany, Berlusconi in Italy, political use of Government owned television in France, and the political power of British labor unions. > How Enron donating a billion dollars (that it got from stockholders by > fraud) to G. W. Bush's presidential campaign... No presidential campaign has ever approached a billion dollars in total cost. -- John Hasler [EMAIL PROTECTED] (John Hasler) Dancing Horse Hill Elmwood, WI -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
blackhats - Re: Debian Server Compromise -- A Fire Drill ??
On Fri, 5 Dec 2003, Benedict Verheyen wrote: > > Benedict writes: > > > Are there people out there that really do this? I mean, try to break > in > > > and post this to the people that can fix it? "blackhats" "whitehats" "grayhats" "defcon" "phrack" ... - millions of script kiddies ... - they will try to get in or do get in and leave you their rootkit they tried to use that should fail on a tightened server even if they got in thru some forgotten/unpatched vulnerability - whether people take their comments and apply patches/fixes or not is a separate issue ... - most corp/managers do NOT do anything till after its been hacked and than want to cleanup/patch/secure their boxes like it was originally proposed ( which is no longer possible - new tasks is forensics and cleanup and backups first and rewriting their security policies ) - debian folks have done a good job .. minimizing damage c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Where to get the new installer?
* Mariano Kamp <[EMAIL PROTECTED]> [031205 16:58]: > Any idea how bad it is to start out with Knoppix and then use it as a > Debian system? I've done it on different laptops and desktops without a problem. But I don't use any KDE stuff, so if there were problems there I wouldn't know about it. -- Lance Simmons signature.asc Description: Digital signature
Re: FWD: Can't Get Past "Install the Base System"
Hugo Vanwoerkom wrote: Joey Hess wrote: debian-user is not the right lists for questions about the new debian installer. Forwarding to debian-boot. It seems to me that you are trying to use the debian-installer with the Debian 3.0 (woody) CDs. The debian-installer is targeted at the next release of debian (sarge), and probably will not work with the woody CDs. I'm left wondering how you booted it -- from floppy? -- since it is not on the woody CDs you downloaded. I suggest that if you want to use the debian installer, you go to http://www.debian.org/devel/debian-installer/ , read the INSTALLATION-HOWTO there, gets: Not Found The requested URL /debian-installer/doc/INSTALLATION-HOWTO was not found on this server. Apache/1.3.26 Server at gluck.debian.org Port 80 because gluck is still down (I guess). So those of us anxious to try it will have to wait until gluck is back up. Trying my luck without gluck (oops) I got an unbootable system... Hugo. gluck is being fixed. It appears to be one of the last ones to come up from last week. I might be more up than down by now. If not now, try again in another day or two. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Java, mplayer
On Friday 05 December 2003 20:17, Joel Konkle-Parker wrote: > Couldn't tell ya. I can't see why this wouldn't work, though. Does > it just need someone to implement it? This is what you're looking for: http://www.stud.uni-karlsruhe.de/~ude2/debian/ It works really nicely for me... (Because actually the blackdown packages started crashing my eclipse after some libc update). -- --- Magnus von Koeller --- email:[EMAIL PROTECTED] address: International University Campus 9, App. 13 D-76646 Bruchsal / Germany phone:+49-7251-700-659 mobile: +49-179-4562940 web: http://www.vonkoeller.de pgp0.pgp Description: signature
Re: removing menu icons in fvwm
* Micha Feigin ([EMAIL PROTECTED]) [031205 13:24]: > How do I lose the icons in the auto generated debian menu in fvwm ? > Its nice to have a few icons, but they are too big, probably to memory > intensive and make it harder in general to find what I want. See /usr/share/doc/menu/html. In index.html therein, I found this: If you, as a system administrator, don't like the icons in the menus, simply change the icon() function from the file /etc/menu-methods/menu.h, and run update-menus. I'm sure there are also ways to set that up in your own account instead of system-wide as well. There's plenty of documentation there; I'd be surprised if you couldn't find the answer there. good times, Vineet -- http://www.doorstop.net/ -- http://www.sprintpcs-sucks.org/ signature.asc Description: Digital signature
Re: RAID question
On Fri, 5 Dec 2003, Andy Firman wrote: > On Fri, Dec 05, 2003 at 09:41:56AM +0800, Arne Goetje wrote: > > I have a mainboard (ASUS A7N8X) with onboard SATA controller (SiI 3112A) > > and am planning to plug in two SATA drives and use RAID 1 (mirroring) > > on them. Besides telling the controller to use them as a RAID array, > > what do I have to do on Linux (Debian unstable) to make it recognize > > the array? > > Is there any software for linux to detect disk failures on the RAID > > array, so that I can get alarmed when a drive gets a mad? generic disk failures ... - use SMART, enabled in the kernel and in the bios - disks doesn't fail as often as a power supply -- hint.. add a nice fan for each disk none of the "onboard raid" stuff worked in the past ... as far as i'm concerned if you use hw raid, you're stuck with the sw they give you to maintain/watch yoru raid system ... if you use sw raid, you can do anything you want imaginable within reason to baby sit your raid box c ya alvin my test for a "acceptable(working) raid system" - install raid - make sure yoou use FD raid partition type - (1) power down, unplug /dev/hda - it should boot - write a 2GB file to the remaining disk wait for it to finish - (2) power down, reconnect /dev/hda - watch it automatically resync the 2GB file - power down, unplug /dev/hdc repeat (1) - power down, reconnect /dev/hdc repeat (2) .. repeat for each disk ... == == if you have to manually touch the disks, config files, == you do NOT have a raid system == - "touch" it to coax it to boot or resync data == > > > > Any documentation on the net? > > I am getting ready to install RAID on a Debian server. > > Here are 3 references I have gathered so far to prepare: > > http://www.james.rcpt.to/programs/debian/raid1/ > > http://en.tldp.org/HOWTO/Software-RAID-HOWTO.html > > http://www.tldp.org/HOWTO/Boot+Root+Raid+LILO.html hw raid http://www.1U-Raid5.net/HW sw raid http://www.1U-Raid5.net/HowTo/SW-Raid-HOWTO.txt c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Where to get the new installer?
Hi Richard, Richard Lyons <[EMAIL PROTECTED]> wrote: >[··] > >My experience with Knoppix was excellent. I used it on two systems >(laptop and desktop) and both are now mostly unstable - only bit of >knoppix obviously remaining being the X splashscreen. It certainly >solved some hardware issues for me - and a lot of time. ok, great. All there is left is the splash? Nothing nasty with different /etc or kernel compiles? Ok, I just read on debian-announce that the system will be back on really soon. If that is not going to happen tomorrow I'll give the knoppix hd installer a shot and try to work on the X issue. Cheers, Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
boot time RAID drive detection order
If one has 2 IDE disks connected, both of which have RAID autodetect partitions, but are incompatible with the other drive, what determines which one wins? The case I've seen is that hdb is winning out over hda, and I was wondering why, and, if there's anything that can be done to force one or the other? TIA, Bruce. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: LILO
On Fri, 5 Dec 2003, Hans Olav Eggestad wrote: > I tried to install debian (v3.0) on my laptop, but LILO did not work. > Are there any alternatives? (like GRUB (which do work on my laptop > (RedHat))) what doesnt work ?? what does yoru lilo.conf look like ? what does your grub.conf and /boot/grub/menu.lst look like there's about dozens ways to automatically boot a box http://Linux-Consulting.com/Boot c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Switch to Sarge lost browser link in Mutt
scripsit John L. Fjellstad: > Arnt Karlsen wrote: > > > ..I dunno if transplarency works with Gnome (does anyone?), > > but try Konsole-1.2.3: [EMAIL PROTECTED] konsole --version > > It doesn't do transparancy under Gnome and I haven't gotten UNICODE to work > with it. As I mentioned, transparency doesn't work, but UTF-8 works just fine for me in 1.2.3. I didn't do anything to configure that; it works `out of the box' in a UTF-8 locale. -- Pax vobiscum; pax cum omnibus. Thanasis Kinias tkinias at asu.edu Doctoral Student, Department of History Arizona State University Tempe, Arizona, U.S.A. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
KDE3.1 in sid and woody
Hi I am just rebuilding Debian on my Powermac G4 having repartioned to install sid as the main system but with a "/" partition to run woody as a fallback (this is my main workstation). Both installs have worked fine (after a couple of blind alleys) and I've installed various packages using aptitude (for the first time - it is friendlier than dselect once you get used to it). For the last few hours I've been trying to get KDE 3.1 installed - part of the reason for trying sid was to avoid backporting. Both the sid and woody packages seem to be partially broken. In sid I'm using the official mirrors and aptitude reports that packages are broken. In woody I'm using http://download.kde.org and the kdebase package isn't downloading in full. Has anyone else seen this? Will these problems resolve if I wait (I've not used sid before and so I'm unfamiliar with how quickly these things get fixed). I looked at the developer archives but couldn't see anything relating to this. TIA Clive -- http://www.clivemenzies.co.uk strategies for business -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] Slashdot and media accuracy (was Re: Improved Debian Project Emergency Communications)
scripsit Tom: > You conveniently ignored the quote by the Indian fellow who complained > about how there are too many political parties. I guess it didn't occur to me you were offering it as a serious argument. I confess I didn't pay too much attention to it, as I misread it to be coming from a USian, and thought it was offered as an example of absurdity. > In my personal opinion, the culture which is most similar to America > is India, although we took different routes to get there: they've been > through Democracy, Theocracy, Tyranny, Oligarchy, Nothingorcracy, and > Sillyocracy, and so they really don't take much of anything too > seriously nowadays. Americans don't take anything too seriously > either. This is not a comparison I would make, but it is interesting to contemplate. > The "anarcho-syndicalist" comment was hopefully a self-conscious ironic > reference to Michael Palin in The Holy Grail, I hope, and not serious. No -- I actually had in mind the Catalonian workers' militias in the Spanish Civil war (the ones who considered the Comintern-allied Communists to be right-wing). It was not really serious, though; I appreciate some aspects of their political thought, but I don't think it really workable. I tend to describe myself as an anarcho-syndicalist only when talking to Americans who think that Howard Dean is a radical leftist, only to illustrate just how centrist the `left' of American politics really is. > http://gi.grolier.com/presidents/ea/side/whig.html: > "The term Whig came into common use in 1834, and persisted until the > disintegration of the party after the presidential ELECTION of 1856. [...] I tend to associate `Whig' either with the liberal opposition in Britain (dating from the 17th century; their descendents are today's Lib-Dems) or with a rather naïve progressive view of history as the story of continual progress. The latter is the way the term tends to be used generically by historians. Either way, the term evokes a rather old-fashioned classical liberalism. -- Pax vobiscum; pax cum omnibus. Thanasis Kinias tkinias at asu.edu Doctoral Student, Department of History Arizona State University Tempe, Arizona, U.S.A. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
Mariano Kamp wrote: On Friday 05 December 2003 23:22, Paul E Condon wrote: On Fri, Dec 05, 2003 at 11:07:24PM +0100, Mariano Kamp wrote: Hi, I bought one of the "cheap" PCs from a german discounter. I am wondering if anybody has been able to install Debian on it? Any pointers would be nice. www.linux-hardware.de wasn't helpful. Allmost all the components are unknown when looking at the /proc/pci output. This is interesting, because I believe they used "brand" components. My guess is that they are a little bit modified to make sure that prices are not easily comparable. Is this likely to be true? Cheers, Mariano If this is the PC for which you say in, an earlier email, that you can install Knoppix on it, then you can also install Debian, but not as easily. Knoppix is based on Debian. One way to get Debian is to install Knoppix and then convert it to Debian by downloading packages over the internet. Paul, thanks for taking the time. Yet, it is the same pc. What I don't want is a Knoppix System. I want debian. Looking at the etc directory and some other stuff, I believe there are differences between Knoppix and Debian. Yes, in theory it should work on Debian when it works on Knoppix, That is only true to a degree. Klaus Knopper has a lot of very good scripts to do hardware detection instead of the usual startup from /etc/init.d When you do a hd install from Knoppix, you do not get those scripts. E.g. in my case I have Backstreet Ruby and two AT IBM keyboards plugged into the "regular" DIN keyboard outlet and the usual "mouse" outlet. Then I have 2 mice in the USB slots. Knoppix gets this right, but its HD installation gets it wrong and I have to adjust things manually. Personally I find the HD install a waste: way too much stuff from all over the place. His CD is a gem though. Hugo. but when having to use the old installer then the modules are very much out of date. In this particular example, I don't get the network up, so it is pretty much pointless to use the old installer. Btw. The old installer was not even able to cope with a 160GB hd. Cheers, Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel options, modules, etc.
- Original Message - From: "John L. Fjellstad" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 04, 2003 06:21 Subject: Re: Kernel options, modules, etc. > Hoyt Bailey wrote: > > > Ok that means I have to unpack kernel source to get the required > > documents. Thanks, > > Hoyt > > You could just install the kernel-docs... > apt-get install kernel-doc-x.y.zz > > -- Ok I'll try that. Hoyt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Where to get the new installer?
On Friday 05 December 2003 23:02, Mariano Kamp wrote: [...] > > It works with Knoppix (besides a lcd-screen issue). Any idea how > bad it is to start out with Knoppix and then use it as a Debian > system? My experience with Knoppix was excellent. I used it on two systems (laptop and desktop) and both are now mostly unstable - only bit of knoppix obviously remaining being the X splashscreen. It certainly solved some hardware issues for me - and a lot of time. -- richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
general apt problem
Hello All, I run into apt problems on a semi-regular basis, running unstable, which is fine most of the time, but from time to time I get package permissions problems, usually where one dependent package is trying to overwrite the contents of another package's contents. So, I've been over the debian docs, but I'm looking for a general strategy for solving dependency issues when they arise, so I don't have to keep messing with my system until it /just works/ again. Does anyone know if such a doc has been created? Thanks in advance Matt Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
Hi Kent, On Saturday 06 December 2003 00:19, Kent West wrote: > Mariano Kamp wrote: > > On Friday 05 December 2003 23:29, Leandro GuimarÃes Faria Corsetti Dutra > > > > wrote: > >>Em Fri, 05 Dec 2003 23:07:24 +0100, Mariano Kamp escreveu: > >>>I bought one of the "cheap" PCs from a german discounter. I am wondering > >>> if > >>>anybody has been able to install Debian on it? Any pointers would be > >>>nice. > >> > >>Which one? Pointers? > > > > Sorry? > > Pointers in the sense of links to websites I haven't been able to get > > from google myself. Best case would be a pointer to an experience report > > linux-laptop.net style. > > I believe Leandro means "which cheap pc from which german discounter", > not "which pointer". Thanks for clearing that up. The discounter is called ALDI and the Modell is Medion MD 8080 XL as described in the subject. If this is of interest I could post a /proc/pci output, but it is pretty meaningless as it in most cases says "unknown type". The box itself is a p4 3ghz, 512 mb ram, some intel board which I haven't figured out yet etc.etc. When I am able to get the network up and running an compile a current kernel I hope there will be more information. > Your original post is kind of like saying "What type oil filter do I > need for my cheap import car?" Well, I did two postings at the same time, because I thought it would be easier to divide the problem in two topics: a) Anyone also using this particular computer and help with aquiring the new installer. > It sounds like the Debian installer you have has an older kernel that > doesn't recognize your hardware. Absolutely. The via-rhine module is to old in woody (see my other posting). The module from knoppix *and* the new installer does work. Unfortunately the new alpha version of the new installer stops working at some point (usb-discover) and I am not able to get my hands on the beta version as gluck is down. So my second and more important questions is: Anybody mirroring the new installer (see other posting)? > Do you have the Woody set of CDs, or > are you installing from a disk your got when you bought a magazine two > years ago, or what? Do you have the ability to burn a new CD from the > network? If so, try getting the fourth CD in the Woody set (should have > a 2.4 kernel), or an unofficial sid CD that maybe has a newer kernel. Well, I booted from the first woody cd and apart from the installer not being able to work with my whole hdd (just 120 of 160 gb) I am able to install the base system. When trying to setup the network to upgrade to sid I have the a.m. problem with my card I am stuck so far. Thanks for taking the time. Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
Mariano Kamp wrote: On Friday 05 December 2003 23:29, Leandro GuimarÃes Faria Corsetti Dutra wrote: Em Fri, 05 Dec 2003 23:07:24 +0100, Mariano Kamp escreveu: I bought one of the "cheap" PCs from a german discounter. I am wondering if anybody has been able to install Debian on it? Any pointers would be nice. Which one? Pointers? Sorry? Pointers in the sense of links to websites I haven't been able to get from google myself. Best case would be a pointer to an experience report linux-laptop.net style. I believe Leandro means "which cheap pc from which german discounter", not "which pointer". Your original post is kind of like saying "What type oil filter do I need for my cheap import car?" It sounds like the Debian installer you have has an older kernel that doesn't recognize your hardware. Do you have the Woody set of CDs, or are you installing from a disk your got when you bought a magazine two years ago, or what? Do you have the ability to burn a new CD from the network? If so, try getting the fourth CD in the Woody set (should have a 2.4 kernel), or an unofficial sid CD that maybe has a newer kernel. -- Kent -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Server Compromise -- A Fire Drill ??
On Fri, 05 Dec 2003 16:26:07 -0600, John Hasler wrote: > I wrote: >> And then there is morality. I know you won't believe this, but almost >> all corporate executives consider themselves moral law-abiding citizens. > > Paul Morgan writes: >> Good point. And just because Bill Gates et. al have become hard-nosed >> businessmen, it does not mean they are immoral. > > I didn't say they were moral. I said that they consider themselves moral > and law-abiding. Yes, I know what you said. -- paul "The number of UNIX installations has grown to 10, with more expected." (The UNIX Programmer's Manual, 2nd Edition, June 1972) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] got a new isp
Hugo Vanwoerkom wrote: After 28 months with Mexican Prodigy switched to Mexican AT&T. The latest *scientific* results are in from the comparison between AT&T and Prodigy ISP's in Mexico: 1. Prodigy will cut off any session lasting more than 8:00 hours at exactly 8 hours. I thought it was Telmex doing that. It is Prodigy. I have suffered for 3 years with this! AT&T does not. Running now for 8 hours 35 minutes without sighup! 2. Playing mplayer to KUSC produces good results in the afternoon. I could never do that in Prodigy. *Recommendation*: if you live in Mexico do not ever get Prodigy! Hugo. BTW this is a low bandwidth connection. I cannot imagine high bandwidth ever getting here with Telmex. They say they have it. So I subscribed. After 3 weeks waiting I went to see the bosses in town. Ah, high bandwidth... No, not where you live. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
On Friday 05 December 2003 23:29, Leandro GuimarÃes Faria Corsetti Dutra wrote: > Em Fri, 05 Dec 2003 23:07:24 +0100, Mariano Kamp escreveu: > > I bought one of the "cheap" PCs from a german discounter. I am wondering > > if > > anybody has been able to install Debian on it? Any pointers would be > > nice. > > Which one? Pointers? Sorry? Pointers in the sense of links to websites I haven't been able to get from google myself. Best case would be a pointer to an experience report linux-laptop.net style. Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
no way to remove something if the control file is damaged
M> I'm trying to get rid of a package here M> or at least put it on hold, or just get apt M> to shuttup about it already, and I'm at M> a loss. Any ideas? M> # dpkg --purge --force-all sysadmin-guide M> dpkg - warning, overriding problem because --force enabled: M> Package is in a very bad inconsistent state - you should M> reinstall it before attempting a removal. M> (Reading database ... 57729 files and directories currently installed.) M> Removing sysadmin-guide ... M> error: empty control file at /usr/sbin/install-docs line 600. M> dpkg: error processing sysadmin-guide (--purge): M> subprocess pre-removal script returned error exit status 25 odd, no way to remove something if the control file is damaged. Perhaps try wget .../sysadmin-guide_0.7-2_all.deb and variations of dpkg -i sysadmin-guide_0.7-2_all.deb which other readers of this list might mention... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RAID card shows SCSI and unwanted IDE devices
Sorry about the resend. Original message got lost in a thread... I am using a Hipoint IDE RAID card. The driver that Hipoint has created makes the card appear to be a scsi device. This all works fine and I can access the array as though it was a single SCSI drive. Unfortunately, the kernel also detects the hpt370 ide controller chips and attempts to configure an hd"x" device for each drive in the array. This fails during boot with "interrupt lost" errors and greatly lengthens the boot cycle. The system runs fine except for disk utilities like Mondo that attempt to catalog the phantom drives and end up locking up the system. How can I tell the kernel not to detect these ide devices but still detect the other valid ide devices (like the CDROM and some non-RAID drives)? Boot messages follow... . . . Uniform Multi-Platform E-IDE driver Revision: 6.31 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx ICH4: IDE controller on PCI bus 00 dev f9 PCI: Device 00:1f.1 not available because of resource collisions ICH4: BIOS setup was incomplete. ICH4: chipset revision 1 ICH4: not 100% native mode: will probe irqs later ide0: BM-DMA at 0xfc00-0xfc07, BIOS settings: hda:DMA, hdb:DMA ide1: BM-DMA at 0xfc08-0xfc0f, BIOS settings: hdc:pio, hdd:DMA HPT370A: IDE controller on PCI bus 03 dev 00 HPT370A: detected chipset, but driver not compiled in! PCI: Enabling device 03:00.0 (0005 -> 0007) HPT370A: chipset revision 4 HPT370A: not 100% native mode: will probe irqs later ide2: BM-DMA at 0xbc00-0xbc07, BIOS settings: hde:pio, hdf:pio ide3: BM-DMA at 0xbc08-0xbc0f, BIOS settings: hdg:pio, hdh:pio hda: MAXTOR 6L080J4, ATA DISK drive hdb: MAXTOR 6L080J4, ATA DISK drive hdd: LITE-ON LTR-40125S, ATAPI CD/DVD-ROM drive hde: WDC WD2000JB-00EVA0, ATA DISK drive hdg: WDC WD2000JB-00EVA0, ATA DISK drive ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 ide1 at 0x170-0x177,0x376 on irq 15 ide2 at 0xcc00-0xcc07,0xc802 on irq 16 ide3 at 0xc400-0xc407,0xc002 on irq 16 blk: queue c035b4a4, I/O limit 4095Mb (mask 0x) hda: 156355584 sectors (80054 MB) w/1819KiB Cache, CHS=9732/255/63, UDMA(100) blk: queue c035b5f0, I/O limit 4095Mb (mask 0x) hdb: 156355584 sectors (80054 MB) w/1819KiB Cache, CHS=9732/255/63, UDMA(100) hde: lost interrupt hde: lost interrupt hde: lost interrupt hde: lost interrupt hde: 390721968 sectors (200050 MB) w/8192KiB Cache, CHS=24321/255/63 hde: lost interrupt hde: lost interrupt hdg: lost interrupt hdg: lost interrupt hdg: lost interrupt hdg: lost interrupt hdg: 390721968 sectors (200050 MB) w/8192KiB Cache, CHS=24321/255/63 hdg: lost interrupt hdg: lost interrupt Partition check: hda: hda1 hda2 hda3 hda4 < hda5 hda6 hda7 hda8 > hdb: unknown partition table hde:hde: lost interrupt hdg:hdg: lost interrupt . and later in the boot ... scsi0 : SCSI host adapter emulation for IDE ATAPI devices Vendor: LITE-ON Model: LTR-40125S Rev: ZS0K Type: CD-ROM ANSI SCSI revision: 02 Attached scsi CD-ROM sr0 at scsi0, channel 0, id 0, lun 0 sr0: scsi3-mmc drive: 48x/48x writer cd/rw xa/form2 cdda tray Uniform CD-ROM driver Revision: 3.12 Device Driver for HPT37x2 ATA RAID Controller Version 1.31, Compiled Nov 24 2003 08:58:36 Found Controller: HPT370 UDMA/ATA100 RAID Controller scsi1 : hpt37x2 Vendor: HPT Inc. Model: HPT37x2 RAID 1 Rev: 1.05 Type: Direct-Access ANSI SCSI revision: 02 Attached scsi disk sda at scsi1, channel 0, id 0, lun 0 SCSI device sda: 390721968 512-byte hdwr sectors (200050 MB) sda:
Re: Can't Get Past "Install the Base System"
Dave L. Thompson wrote: I am a newbie Debian installer, and I’m installing Debian on a Dell PC with the seven CD’s I downloaded from the Debian site. I have been unable to get past the “Install the Base System” portion. I’ve confirmed that dists/woody/main/binary-i386/Release is present on the installation CD, but anytime I try to use it, I get the following error: “The installation program couldn’t find any directory containing a file basedebs.tar or dists/woody/main/binary-i386/Release.” You might try installing from one of the other CDs; perhaps the one you have has a glitch. I believe the base install is on several of the CDs (although since I usually install from the network, I'm not sure of that.) (Or, if you've changed CDs during the install for any reason, go back to the original.) -- Kent -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
Em Fri, 05 Dec 2003 23:07:24 +0100, Mariano Kamp escreveu: > I bought one of the "cheap" PCs from a german discounter. I am wondering > if > anybody has been able to install Debian on it? Any pointers would be nice. Which one? Pointers? > Allmost all the components are unknown when looking at the /proc/pci > output. This is interesting, because I believe they used "brand" > components. My guess is that they are a little bit modified to make sure > that prices are not easily comparable. Is this likely to be true? Probably not. -- Leandro GuimarÃes Faria Corsetti Dutra <[EMAIL PROTECTED]> Belo Horizonte, Londrina, SÃo Paulo +55 (11) 5686 9607 http://br.geocities.com./lgcdutra/ +55 (11) 5685 2219 Soli Deo Gloria!+55 (11) 9406 7191 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: avoid running cron jobs on holidays
On 5. December 2003 at 10:28AM -0200, [EMAIL PROTECTED] wrote: > Em Wed, 03 Dec 2003 18:06:17 +0530, Sabar_Prabhu escreveu: > > > ur email id over the net n saw that ur an > > Which language is this? To whom are ye talking to? He's probably using a cellphone to send email, and so need to be concise. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
On Friday 05 December 2003 23:22, Paul E Condon wrote: > On Fri, Dec 05, 2003 at 11:07:24PM +0100, Mariano Kamp wrote: > > Hi, > > > > I bought one of the "cheap" PCs from a german discounter. I am > > wondering if anybody has been able to install Debian on it? Any pointers > > would be nice. > > > > www.linux-hardware.de wasn't helpful. > > > > Allmost all the components are unknown when looking at the /proc/pci > > output. This is interesting, because I believe they used "brand" > > components. My guess is that they are a little bit modified to make sure > > that prices are not easily comparable. Is this likely to be true? > > > > Cheers, > > Mariano > > If this is the PC for which you say in, an earlier email, that you can > install Knoppix on it, then you can also install Debian, but not as easily. > Knoppix is based on Debian. One way to get Debian is to install Knoppix and > then convert it to Debian by downloading packages over the internet. Paul, thanks for taking the time. Yet, it is the same pc. What I don't want is a Knoppix System. I want debian. Looking at the etc directory and some other stuff, I believe there are differences between Knoppix and Debian. Yes, in theory it should work on Debian when it works on Knoppix, but when having to use the old installer then the modules are very much out of date. In this particular example, I don't get the network up, so it is pretty much pointless to use the old installer. Btw. The old installer was not even able to cope with a 160GB hd. Cheers, Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Pinning question
On Fri, Dec 05, 2003 at 04:28:28PM -0500, Paul Morgan wrote: > On Thu, 04 Dec 2003 23:48:39 -0800, Paul Johnson wrote: > > > > Don't pin between stable and anything newer, or you'll end up just > > having some serious cascading dependencies that will result in you > > running testing or unstable in the end anyway. See also: > > apt-pinning considered harmful unless you *really* know what it's > > going to do. > > > > Use http://www.apt-get.org/ to find good backports for woody > > instead. > > I thought pinning seemed dicey when I first read up on it. > > Whenever I think of the word "pinning", I have this persistent visual > of how entymologists store insects. Blanket statements like the above aren't usually incorrect. I using pinning in one form or another on the majority of my systems, quite a few of which are stable. Pinning is a very useful feature, you just need to be aware of what it is doing. -- Jamin W. Collins Facts do not cease to exist because they are ignored. --Aldous Huxley, "Proper Studies", 1927 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Config of Gnome-terminal in Sarge
I'm working on getting my computer moved from Woody to Sarge. I have an annoying cosmetic problem with Gnome2 in Sarge. In Gnome-Terminal (GT), the fonts that can be selected in the GT 'current profile' are small letters with lots of space around them; wide separation of letters within words and approx. 1.5x line spacing. It wastes a lot of screen area. I do *not* have this problem in Multi-Gnome-Terminal (MGT), so I'm sure the problem is fixable. I suppose I could use MGT, but it does not have a working system for capturing URLs and sending them to a browser. ( At least, it doesn't work for me (tm) ) Because I have fonts I like one place in Gnome, and fonts I don't like in an other place, I suppose fonts at this level are configurable, but where do Gnome, GT, and MGT put their config stuff that is not available via the GUI tools? Having worked with Debian for a few years now, I'm really not afraid of editing a text config file. -- Paul E Condon [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
On Fri, Dec 05, 2003 at 11:07:24PM +0100, Mariano Kamp wrote: > Hi, > > I bought one of the "cheap" PCs from a german discounter. I am wondering if > anybody has been able to install Debian on it? Any pointers would be nice. > > www.linux-hardware.de wasn't helpful. > > Allmost all the components are unknown when looking at the /proc/pci > output. This is interesting, because I believe they used "brand" components. > My guess is that they are a little bit modified to make sure that prices are > not easily comparable. Is this likely to be true? > > Cheers, > Mariano > If this is the PC for which you say in, an earlier email, that you can install Knoppix on it, then you can also install Debian, but not as easily. Knoppix is based on Debian. One way to get Debian is to install Knoppix and then convert it to Debian by downloading packages over the internet. HTH -- Paul E Condon [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Unidentified subject!
Anyone? Any ideas? What is this? [EMAIL PROTECTED] wrote: you are a animal raper Do you Yahoo!? Free Pop-Up Blocker - Get it now
Re: radeon and X: was X won't start: Resolved
Mark, I laugh that you say it sounds geek. If anything, I am contra-geek, a masters student in Theology with barely any technical know-how other than how to slap a computer together. Peace, DAVE [EMAIL PROTECTED] wrote: On Thu, 04 Dec 2003 21:19:37 -0600, David Meiser wrote: Personally, "Give up" isn't in my vocab. Here's what you do (and what worked for me on my Radeon 8500): 1) download/compile/install a 2.6.0 series kernel, modularizing the Direct Rendering stuff for Radeon, and AGPGART, and whatever your motherboard and processor specific setup is Since most of this is greek I think my plan of wating for a package is best. - Please leave this. It is a filter term. ferulebezel - Mark Healey [EMAIL PROTECTED] Don't bothor CCing or emailing this address. Since spammers seem to be harvesting this list anything that doesn't come from the list server is assumed to be spam and deleted. ASUS A87V8X mobo w AMD Athalon Broadcom 4401 onboard nic with static IP Address ATI All-In-Wonder 9700 Video card. Sampo Alphascan 17mx monitor
Re: Debian Server Compromise -- A Fire Drill ??
I wrote: > And then there is morality. I know you won't believe this, but almost > all corporate executives consider themselves moral law-abiding citizens. Paul Morgan writes: > Good point. And just because Bill Gates et. al have become hard-nosed > businessmen, it does not mean they are immoral. I didn't say they were moral. I said that they consider themselves moral and law-abiding. -- John Hasler [EMAIL PROTECTED] Dancing Horse Hill Elmwood, Wisconsin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Investigation Report after Server Compromises
On Thu, 04 Dec 2003 18:05:15 -0800, Vineet Kumar wrote: > * Paul Morgan ([EMAIL PROTECTED]) [031204 12:32]: >> I have all services locked down to localhost; my only connections to >> the outside world are mail, news via nntpcached, web via squid... I run >> Apache but it too is locked down to localhost. My mail is run through my > > this ... > >> ISP's (earthlink's) virus and spam filters before I get it (otherwise I'd >> be getting like 10 Svens per day). I do see, from time to time, Apache >> refusing connections attempts which are generally attacks by Windoze worms. > > ... and this do not add up. Methinks your apache is not "locked down to > localhost." > 150.140.128.174 - - [03/Dec/2003:08:52:40 -0500] "GET /.hash=0df2df7b5aeac6aabb9ad2e00c0d150f831f HTTP/1.1" 403 322 "-" "-" [Wed Dec 3 08:52:40 2003] [error] [client 150.140.128.174] client denied by server configuration: /var/www/.hash=0df2df7b5aeac6aabb9ad2e00c0d150f831f -- paul "The number of UNIX installations has grown to 10, with more expected." (The UNIX Programmer's Manual, 2nd Edition, June 1972) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Earthlink and Swen
On Thu, 04 Dec 2003 22:56:59 -0800, Ross Boylan wrote: > On Thu, Dec 04, 2003 at 03:08:23PM -0500, Paul Morgan wrote: > ... >> I have all services locked down to localhost; my only connections to >> the outside world are mail, news via nntpcached, web via squid... I run >> Apache but it too is locked down to localhost. My mail is run through my >> ISP's (earthlink's) virus and spam filters before I get it (otherwise I'd >> be getting like 10 Svens per day). I do see, from time to time, Apache >> refusing connections attempts which are generally attacks by Windoze worms. > > I had a long talk with earthlink a month or two ago in which they told > me they were not filtering out swen (and they certainly weren't; I got > a ton). Soon after that, I did see some swen-like stuff in their spam > filter for my account (but I also saw plenty still coming at me). > > What's your basis for saying they are filtering out swen, rather than > that you're just getting less swen? I have no idea why you are attacking my veracity. My statement is fact. >From - Fri Dec 5 15:57:48 2003 X-UIDL: 1asa4W2Al3NZFop0 X-Mozilla-Status: 0001 X-Mozilla-Status2: 0800 Status: U Return-Path: <[EMAIL PROTECTED]> Received: from mail.telebit.ru ([217.107.81.59]) by coot (EarthLink SMTP Server) with ESMTP id 1asa4W2Al3NZFop0 Thu, 4 Dec 2003 23:08:41 -0800 (PST) Received: from [81.25.172.123] (HELO qivz) by mail.telebit.ru (CommuniGate Pro SMTP 4.1.6) with SMTP id 3349026; Fri, 05 Dec 2003 10:07:59 +0300 FROM: "Email System" <[EMAIL PROTECTED]> TO: "Mail Receiver" <[EMAIL PROTECTED]> SUBJECT: Failure Letter Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="tkvyqd" Date: Fri, 05 Dec 2003 10:08:00 +0300 Message-ID: <[EMAIL PROTECTED]> X-ELNK-AV: 1 --tkvyqd Content-Type: text/html Content-Transfer-Encoding: quoted-printable You currently have EarthLink Virus Blocker powered by Symantec enabled.The following attachments were infected and have been repaired:No attachments are in this category. The following infected attachments were deleted:1. fdbq.exe: [EMAIL PROTECTED] Original message text follows cid:bbhhysgma"; height=3D0 width=3D0> Hi. This is the qmail program Undeliverable to [EMAIL PROTECTED] --tkvyqd Content-Type: text/plain; name="DELETED0.TXT" Content-Transfer-Encoding: base64 Content-Id: ZmlsZSBhdHRhY2htZW50OiBmZGJxLmV4ZQ0KDQpUaGUgZmlsZSBhdHRhY2hlZCB0byB0aGlz IGVtYWlsIHdhcyByZW1vdmVkIGJlY2F1c2UgaXQgaXMgaW5mZWN0ZWQgd2l0aCB0aGUgVzMy LlN3ZW4uQUBtbSB2aXJ1cy4NCg== --tkvyqd-- -- paul "The number of UNIX installations has grown to 10, with more expected." (The UNIX Programmer's Manual, 2nd Edition, June 1972) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Cheap PC / unknown components. ALDI/Medion MD 8080 XL anyone?
Hi, I bought one of the "cheap" PCs from a german discounter. I am wondering if anybody has been able to install Debian on it? Any pointers would be nice. www.linux-hardware.de wasn't helpful. Allmost all the components are unknown when looking at the /proc/pci output. This is interesting, because I believe they used "brand" components. My guess is that they are a little bit modified to make sure that prices are not easily comparable. Is this likely to be true? Cheers, Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
debian-installer beta - where?
the links on gluck to the debian-installer beta are broken - where can i get the i386 iso's? thanks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian Server Compromise -- A Fire Drill ??
On Fri, Dec 05, 2003 at 04:32:47PM -0500, Paul Morgan wrote: > > Good point. And just because Bill Gates et. al have become hard-nosed > businessmen, it does not mean they are immoral. > Microsoft played the exact same role in its origins v. IBM as Linux is now playing to Microsoft; the upstart, force for freedom. The PC was a freedom revolution against the glass house. That's one of the things that makes me feel squirelly and uncomfortable about open source; you always have to consider "who gains by this and what's their motivation". Any philosophy which cannot account for basic facts must have foundational weaknesses. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Where to get the new installer?
Hi, I am stuck with the woody installer. It doesn't have a current rhine driver (see next posting). I tried with an alpha version of the new installer, but it always fails after discovering usb. This also happens with the new net-installer. When trying to download the beta from debian.org (http://gluck.debian.org/ cdimage/testing/netinst/i386/beta-1/sarge-i386-netinst.iso) I always get a 404. I guess this is related to the security issue. For whatever reason: I am not able to get my hands on it. When downloading sarge from one of the mirrors it comes with the old installer. Any idea where the new installer is mirrored (I found some reference to debian-developer sites, which are also down)? It works with Knoppix (besides a lcd-screen issue). Any idea how bad it is to start out with Knoppix and then use it as a Debian system? Cheers, Mariano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Unidentified subject!
you are a animal raper Do you Yahoo!? Free Pop-Up Blocker - Get it now
Re: Debian Server Compromise -- A Fire Drill ??
On Thu, 04 Dec 2003 20:13:20 -0600, John Hasler wrote: > > And then there is morality. I know you won't believe this, but almost all > corporate executives consider themselves moral law-abiding citizens. Good point. And just because Bill Gates et. al have become hard-nosed businessmen, it does not mean they are immoral. Personally, I think that the best test of Gates' character is that the highly moral Warren Buffet chooses him as a friend. -- paul "The number of UNIX installations has grown to 10, with more expected." (The UNIX Programmer's Manual, 2nd Edition, June 1972) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]