RE: delete file based on content
Please ignore former post. It was an ID10T error on my part. -Original Message- From: Tom [mailto:[EMAIL PROTECTED] Sent: Monday, January 05, 2004 5:41 PM To: [EMAIL PROTECTED] Subject: Re: delete file based on content On Mon, Jan 05, 2004 at 05:35:26PM -0600, Michael Martinell wrote: [snip] I tried the following: grep -li Processing completed correctly * This gave me the list of logs that were complete. How can I send the results of this to the rm command. The redirection that I tried did not seem to work. #rm `grep -li Processing completed correctly *` This worked nicely at the command line, however when I put in into a script I received the error rm :too few arguments Any other thoughts? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: delete file based on content
(oops, list reply) On Mon, Jan 05, 2004 at 06:08:02PM -0600, Michael Martinell wrote: #rm `grep -li Processing completed correctly *` Any other thoughts? grep -Zli Processing completed correctly * | xargs -r0 rm -v -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: delete file based on content
On Mon, 05 Jan 2004 18:18:00 -0600, Michael Martinell wrote: Please ignore former post. It was an ID10T error on my part. -Original Message- From: Tom [mailto:[EMAIL PROTECTED] Sent: Monday, January 05, 2004 5:41 PM To: [EMAIL PROTECTED] Subject: Re: delete file based on content On Mon, Jan 05, 2004 at 05:35:26PM -0600, Michael Martinell wrote: [snip] I tried the following: grep -li Processing completed correctly * This gave me the list of logs that were complete. How can I send the results of this to the rm command. The redirection that I tried did not seem to work. #rm `grep -li Processing completed correctly *` This worked nicely at the command line, however when I put in into a script I received the error rm :too few arguments Any other thoughts? You would get that, at the command line or in a script, if there were no filenames returned by grep (i.e. none to delete). You can check by simply typing rm by itself and you'll get the same error message. To suppress the error message, you could do this: rm `grep -li Processing completed correctly *` 2/dev/null man bash /^REDIRECTION ...for information on what I added. -- paul Programming without a hex editor is like watchmaking without a hammer. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: devfs and Linux LVM
On Mon, 05 Jan 2004 15:35:12 -0800, ope wrote: If devfsd is a debian install (dpkg -l devfsd will tell you), it should be set up fine. And, if you can see your devices as /dev/ide/... then it is all fine. Yes, devfsd is installed and I can see the devices via the full devfs path. You are correct that you need to use the /dev/ide/... device names for LVM. You can use the old device names (/dev/hd??) for mount. Probably most all non-lvm commands. Certainly the fdisk family, for example. This is probably where I went wrong. I created the volume groups using the standard /dev/hda[1-9] rather than the full path. I reconfigured and everything looks good so far. Thanks again for all of your help. You are welcome. Glad it seems to be sorted out. -- paul Programming without a hex editor is like watchmaking without a hammer. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
ATI Radeon driver + Linux2.6?
Hello! I've recently installed a 2.6.0 kernel, and I have a problem with the graphics in X. The problem is that I can't succesfully recompile the fglrx driver, so the system uses MESA instead of the graphic libraries provided by the official ATI package. Is it possible to use the Ati FireGL drivers with 2.6? This is what happens when I try to compile the fglrx: cd /lib/modules/fglrx/build_mod/ ./make.sh Initializing... Probing for VMA API version... Check result are inconsistent!!! none of the probed versions did succeed. Aborting module build. With the 2.4.22 kernel this firegl works very good. Björn Johansson [EMAIL PROTECTED]
Evolution + multi accounts + Sync with laptop
hi i use evolution on my desktop which has some pop and imap accounts. some of them have subdirectories. mail format is mbox. i would like to be able to sync my emails between desktop and laptop ; i thought of setting up an imap server on my desktop, and then retrieve pop imap mails via fetchmail, then procmail for sorting them. the only pblm is when i wanna compose a mail ... if i don't create each popimap accounts in mail client (evolution) i'm not gonna be able to choose from which identity i send the mail ... Any ways to bypass this ? thks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.6.0 Cannot Mount Root FS
Hello! I had the same problem. You must do: make mrproper Then: make menuconfig Without "make mrproper" you get kernel panic. Björn Johansson [EMAIL PROTECTED]
Re: ATI Radeon driver + Linux2.6?
On Tue, Jan 06, 2004 at 01:30:26AM +0100, Bj?rn Johansson wrote: Is it possible to use the Ati FireGL drivers with 2.6? I don't know about this specific case, but binary drivers usually won't work for a whole new kernel. Maybe a driver for 2.4.22 will work fine with 2.4.23, but probably not with 2.6. You might have to wait until ATI releases drivers for 2.6. Bijan -- Bijan Soleymani [EMAIL PROTECTED] http://www.crasseux.com signature.asc Description: Digital signature
Re: fetchmail: lock creation failed
Jan Minar wrote: On Mon, Jan 05, 2004 at 09:41:55AM -0500, Thomas H. George wrote: With no fetchmail to feed mail to mutt and so no threading I have lost the thread and must re-post. If you want to read the thread, look among the headers of any mail on this list, for `List-Archive:'. As advised I re-copied /oldhome/tom to /home/tom with tar. This did not solve the problem. It wasn't supposed to, really. There is no .fetchmail.pid file in /oldhome/tom or anywhere else. Ooops. I thought ~/.fetchmail.pid was _the_ lockfile. Did you mean running fetchmail as user tom, or a sitewide fetchmail started at bootup? Or a fetchmail run by another user maybe? When it was working I alway ran it as user tom from my home directory. I tried dpkg -- purge fetchmail followed by apt-get -f install fetchmail. This did not solve the problem. Should be ``dpkg --purge'' (without the space after `--'). The space was a typo in the email, I did the purge correctly. Any more suggestions? Yes: strace(1). Look especially for the open(), and anything from the stat() family (man 2 stat). Final two lines of strace fetchmail run from /home/tom: open(/home/tom/.fetchmail.pid, O_WRONLY|O_CREAT|O_EXCL|O_SYNC, 0666) = -1 EACCESS (Permission Denied) write (2, fetchmail: lock creation failed. ..., 33) = 33 I tried creating a file .fetchmail.pid with chown tom and chmod 666. This gave the same result with (File Exists) instead of (Permission Denied). I also found and read /usr/share/doc/fetchmail/README.Debian.gz which notes the program wont run if there is no /etc/fetchmailrc file. I copied /usr/share/doc/fetchmail/examples/fetchmailrc.exampe to /etc/fetchmailrc and edited the last lines to read poll mail.spininternet.com with protocol pop3 user 'xyz' there with password * is 'tom' here and changed the file to be chmod 0600, chown fetchmail. This is apparently not enough as /etc/init.d/fetchmail debug-run does nothing so /etc/init.d/fetchmail debug-run strace -o /tmp/strace.out as suggested in README.Debian.gz produces no output. However, strace -o /tmp/strace.out fetchmail run from /home/tom works/ There is clearly a mis-connect somewhere. whereis fetchmail reports one /usr/bin/fetchmail and the man file. Does any of this provide a clue as to what is going on? Tom HTH. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: 56K Modems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Jan 05, 2004 at 06:11:31PM +0800, csj wrote: Because I need my mobo's lone serial port for my UPS, I got a usb-serial converter (modules usbserial and pl2303) to connect my serial modem to (dev/ttyUSB0). I get respectable 46K speeds and the coolness of USB. Seems like it would be easier (and retro-cool) to go hit Wacky Willy's[1] or similar store and pick up an old PCI serial I/O board. Then you get the geek factor of actually using /dev/ttyS2 or /dev/ttyS3 [1] http://www.wackywillys.com/ - -- .''`. Paul Johnson [EMAIL PROTECTED] : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQE/+gqDUzgNqloQMwcRAnoCAKCzHL0sMw3VnpJjB8Ye/wzEoCMbGgCdGeEv OYgjLcfcmHL5zLamiEHnlio= =jRIx -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wireless setup
- Original Message - From: Jan Minar [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, January 05, 2004 1:19 PM Subject: Re: wireless setup On Mon, Jan 05, 2004 at 12:12:46PM +0100, Benedict Verheyen wrote: Any comments on this setup? Just one general one: network with wires where you can, employ wireless only when you must. If your business depends on the networking, go for the licensed bands (i.e. not 2.4 / 5 GHz). Use wireless only where you can clearly benefit from the coverage, mobility, lower link-setup cost, generally areas where it is impossible or impractical to use Ethernet friends. Backup with wires when possible, nevertheless. Wireless technology isn't really suited to replace existing wired networks, but rather to complement them. The wired networks are more widely deployed, for a longer time, i.e. more tested generally cheaper. It's easier to avoid interferences, including DoS attacks. E.g. 802.11g is orders-of magnitude slower than the 100Mbps switched Ethernet, especially where the bands get crowded (many networks/clients in the same area attempting to talk at the same time). Not only the raw speed is lower, but the latency is greater, and the packet-loss is significant--something at least pre-2.6 TCP/IP stack will not be happy about. And just as a matter of fact, D-Link is a crap. What products do you suggest then? I checked netgear and they seem to have properly supported hardware for linux. I check change the D-Link stuff to: WGR614 Cable/DSL Wireless Router 54 Mbps/2.4 GHz WGE101 54 Mbps Wireless Ethernet Bridge WG311 54 Mbps Wireless PCI Adapter I have 2 questions though: 1. As stated in the original message, can i connect a bridge with another bridge? (1 bridge on cable modem, 1 on eth0 of server) 2. To manage both the bridge and router, the OS is not important since it can all be run from a browser? Regards, Benedict -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Mount failed: Invalid argument
I'm trying to install Debian from CD on a (B700mhz AMD system with 500mb RAM. (BRight now I am stuck in the middle of (Binstallation. I have made it as far as disk (Bformatting, but cannot "mount"(?) the root (Bpartition. (BWhen I try to mount dev/hda1 as the root file (Bsystem, I get a [Mount failed: Invalid argument] (Berror, and cannot proceed beyond that point. That (Berror doesn't make sense to me, since I am using (Bthe installation system setup menus, not the (Bcommand line, and cannot add any arguments. (B (BI am working with a 80gb Seagate hard disk. I (Bcreated 3 primary partitions: (B (B 5gb for the boot partition (B 1gb for the swap partition (B 75gb for everything else (B (BI succeeded in creating the partitions, (Binitializing all 3 partitions, and activating the (Bswap partition. Next, it says I have to "mount" a (Bpartition as the root, and I have tried numerous (Btimes, but always get the [invalid argument] (Berror. (B (BCan anyone out there give me some pointers? (B (B-- (B (B^^ Douglas Dreistadt ^^ (B^^ [EMAIL PROTECTED] ^^ (B^^^^ (B (B (B (B (B-- (BTo UNSUBSCRIBE, email to [EMAIL PROTECTED] (Bwith a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ifconfig eth0 shows errors building
On Mon, 05 Jan 2004 22:04:24 +0100, Sturla Holm Hansen wrote Looks like bad cabling or a bogged down net to me, notice that the collision-count is pretty high out too. My guess is you have a bad nic or bad cabling/bogged net... Thanks for the input everyone!! Replaced the hub with another and bingo. Had to wait until everyone went home, but its worth it to find out its the network and not my Debian System. Cool! Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem running foomatic-filters postinst script
On Mon, Jan 05, 2004 at 01:35:14PM +0100, Jan Minar wrote: Look through the headers of any message on this list for a word `archive'. Or use google for that matter. I'm not sure if that was meant to be insulting, or was simply confused. -- Carl Fink [EMAIL PROTECTED] Jabootu's Minister of Proofreading http://www.jabootu.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Dell 8600 WUXGA (NVidia chipset)
Hi, all. Just got a good deal on a Dell 8600 with a WUXGA display (1920x1200). Got it running at 1600x1200 with Xandros 1.0 (Debian-based, the former Corel Linux, and apparently what LindowsOS is based on), but trying to get it to the full width. lspci says it has an unknown NVidia chipset... 01:00.0 VGA compatible controller: nVidia Corporation: Unknown device 0324 (rev a1) Does anyone know if this chip is handled in the newer kernels (I ran 2.6.0 on my last laptop for a while, but can't seem to get xandros to come up off a customized kernel) or a newer version of XFree86. I've poked around tuxmobil etc, and there's supposed to be a NVidia driver, but it's not clear that it would work with this model, plus I'd rather avoid a proprietary driver (I've not been able to back out installs of proprietary software very well in the past). Any help (experience or speculation) appreciated, especially combos and configs (XF86Config-4 and kernel) known to work on this (a bit too proprietary in retrospect) beast. Oh, I'm running Xandros 1.0 but with a lot of stuff upgraded to debian testing. Any tips for vanilla Debian are also welcome, as I wouldn't mind switching back to that (I'm not getting that much use out of the Xandros added-value stuff, except for eye-candy, which is readily available elsewhere). By the way, Xandros' X startup seems to have a pretty good try-and-fallback startup system for X; I'm trying to figure out how it works. -- Tony -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Is there any encrypted or secure NFS?
On Mon, 2004-01-05 at 07:49, Rohit Kumar Mehta wrote: Mark Roach wrote: Get it properly encrypted at a lower level with ipsec, and you can go about your business (whee, telnet's back). This might be encrypted, but hardly secure, for instance if user A has physical access to NFS client and user B has physical access to nfs client, what prevents user A from accessing user B's files through VPN? File permissions. -- Mark Roach -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Is there any encrypted or secure NFS?
On Mon, Jan 05, 2004 at 09:14:27PM -0500, Mark Roach wrote: This might be encrypted, but hardly secure, for instance if user A has physical access to NFS client and user B has physical access to nfs client, what prevents user A from accessing user B's files through VPN? File permissions. Even so, you'd have this problem with or without an IPSec VPN. The VPN's job, in this case, is lower-layer encryption. File systems on your host/NFS Client are out of the spectrum of what a VPN can do. A VPN is only going to protect your data from snoopers of NFS packets. signature.asc Description: Digital signature
Two nics; only one works at a time
I've got a freshly installed Debian Stable box with two NICs, a 3c509 and a 3c509c. In /etc/network/interfaces, I have them defined thusly: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 dhcp When I (re)start networking, ifconfig shows both cards to be configured with all the proper numbers, but networking out is iffy (I haven't been able to pin down a pattern), and I can ping from a different subnet the eth1 card but never the eth0 card. If I comment out one of the cards (it doesn't matter which one) in interfaces and restart networking, I can then ping from the different subnet the card not commented out. In other words, both cards work, but only one at a time. I've also tried static IP addresses with essentially the same results. I've booted off a Knoppix 3.3 CD, and both cards worked as expected, and I was able to ping both cards from a different subnet. I actually wiped the drive and did a clean install of Stable, only to find the same results afterward. I also upgraded from the 2.2 kernel to 2.4.18-1-686; it made no difference. I've been googling all day trying to find an answer, and haven't hit the right answer yet. If this isn't solved by tomorrow, the decision makers are going to go with Redhat (because we're in a time crunch). Does anyone have any insight as to what I need to do to get both NICs working properly? Thanks! -- Kent -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: /etc/mail/aliases.db out of date
On Fri, Jan 02, 2004 at 11:23:13PM -0500, Frederic Lavoie wrote: Hello, I have this error : Dec 20 04:00:04 eglantin sm-mta[15923]: alias database /etc/mail/aliases.db out of date Even if I do a newaliases the error still there. Is is logical? What is the problem? The file itself has a good date. If you have any feel free to contact me.: -rw-r--r--1 root smmsp 12288 Nov 30 22:04 aliases.db No, it's not very logical, at least at first sight. All the error is saying is that the timestamp on /etc/mail/aliases.db is older than the one in the /etc/aliases file and you should therefore run 'newaliases'. However, you explained you did this already and it didn't seem to fix the problem. Pay attention to the output of the 'newaliases' command and see if it is using the default aliases file you expect. Just to give you an idea, I upgraded Sendmail on a Red Hat box recently and it created a new aliases file under the /etc/mail directory. I wasn't aware of it and continued editing my usual /etc/aliases file, but my changes were never taking effect. After a few minutes pulling my hair, I realized all of a sudden that 'newaliases' was reading input from /etc/mail/aliases. Perhaps something similar may be happening to you here. Nitebirdz http://www.sacredchaos.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Cursor problems
On Mon, Jan 05, 2004 at 10:41:26AM -0500, Robert C. Thyberg wrote: I put this on the debian-laptop list but got no response. Have tried the Debian support pages but found no help there. I was advised to try this list by Tapio Lehtonen. What: SONY VAIO F490 650Mhz Intel, 18GB HDD Debian 3.0 rev2 woody, new install Problem: Can't get arrow shaped cursor in GUI or block in console. Cursor is a three quarter inch square of vertical lines or hash in both GUI and in console. . Top left corner of square is the point which works but is very hard on the eyes. gpm is installed Square cursor in KDE and GNOME and Konqueror and all GUI stuff. Same kind of cursor on the console I had a similar problem, but only in X, and on entirely different hardware. You can try my solution, and if it doesn't work, no harm done. In the section of your /etc/X11/XF86Config-4 file that talks about your video card (should be a Device section), add the line: Option SWCursor on HTH, Paul -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ATI Radeon driver + Linux2.6?
Björn Johansson wrote: Hello! I've recently installed a 2.6.0 kernel, and I have a problem with the graphics in X. The problem is that I can't succesfully recompile the fglrx driver, so the system uses MESA instead of the graphic libraries provided by the official ATI package. Is it possible to use the Ati FireGL drivers with 2.6? This is what happens when I try to compile the fglrx: cd /lib/modules/fglrx/build_mod/ ./make.sh Initializing... Probing for VMA API version... Check result are inconsistent!!! none of the probed versions did succeed. Aborting module build. With the 2.4.22 kernel this firegl works very good. Björn Johansson [EMAIL PROTECTED] ATI's 3.7.0 version of fglrx work fine in 2.6 kernels (I am running it now on 2.6.1-rc1-mm2). But I have never seen the error you describe. -Roberto signature.asc Description: OpenPGP digital signature
Re: Find command to display attributes
On Mon, Jan 05, 2004 at 05:50:08PM +0100, VEGH Karoly wrote: [EMAIL PROTECTED]:~/test$ find . -name *[123]* -exec ls -l {} \; With GNU find: find . -name *[123]* -ls -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Is there any encrypted or secure NFS?
On Mon, 5 Jan 2004, Brett Carrington wrote: On Mon, Jan 05, 2004 at 09:14:27PM -0500, Mark Roach wrote: This might be encrypted, but hardly secure, for instance if user A has physical access to NFS client and user B has physical access to nfs client, what prevents user A from accessing user B's files through VPN? File permissions. wont help ... the user has acces to their files on the other end Even so, you'd have this problem with or without an IPSec VPN. The VPN's job, in this case, is lower-layer encryption. File systems on your host/NFS Client are out of the spectrum of what a VPN can do. A VPN is only going to protect your data from snoopers of NFS packets. maybe places where the cracker can see your credit card ( sensitive data ) - while you're away from your desk - while its still in netscape cache - in transit to the webstore - while its in memory (-- you've got bigger problems --) - vpn/ssh snoopping of the wire (-- you've gove bigger problems--) - from your home network ssh'd/vpn'd into the corp lan - trash can - i think the major comment, was what if the dude just sits at the terminal while your away .. - encrypted traffic or encrypted fs will not prevent the cracker from seeing the good data they're not supposed to have seen - always passwd protect your screen and always use different passwds for each pc encryption is still uselsess if you use ez 2 remember pass phrase or words from the dictionary or common phrases and misstyped passwds .. or written down on a piece of paper that is easy to find on the keyboard, monitor, mousepad, drawers, rolodex, bookmarkers, ... - it's even more trivial to go snooping if you use passwdless logins - allowing nfs just makes all the snooping easier ... too many old holes - that may or may not be patched nfs -- Not For Security setting up and properly running a secure nfs is a whole other ballgame c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
non-US
Hi Listreaders, did i miss something, or has there been no package update in non-US since 20th of November? -- Regards,| Debian GNU / / _ _ _ _ _ __ __ . | / /__ / / / \// //_// \ \/ / Martin Helas| // /_/ /_/\/ /___/ /_/\_\ mailto:[EMAIL PROTECTED] | because reboots are for hardware upgrades. PGP-Fingerprint: 1474 4CAC EF5C ECFA E29E 2CB1 7929 AB90 F7AC 3AF signature.asc Description: Digital signature
Re: Is there any encrypted or secure NFS?
On Mon, 2004-01-05 at 21:25, Brett Carrington wrote: On Mon, Jan 05, 2004 at 09:14:27PM -0500, Mark Roach wrote: This might be encrypted, but hardly secure, for instance if user A has physical access to NFS client and user B has physical access to nfs client, what prevents user A from accessing user B's files through VPN? File permissions. Even so, you'd have this problem with or without an IPSec VPN. The VPN's job, in this case, is lower-layer encryption. File systems on your host/NFS Client are out of the spectrum of what a VPN can do. A VPN is only going to protect your data from snoopers of NFS packets. Right, which is why I pointed to file permissions instead of the VPN as the protecting factor here. I don't really know what Rohit was suggesting as an alternative, but if he thinks there is any security mechanism that can protect against all attacks regardless of whether the attacker has root, he is mistaken. rantAt some point there has to exist a status of trusted. Unless you want to lock your computer in a vault, set bios and lilo passwords, buy a van-eck cage, and carry your keyboard with you at all times, you are probably better off protecting yourself from the class of attackers who pose an actual (plausible) threat./rant -- Mark Roach -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mount failed: Invalid argument
* Douglas Dreistadt [EMAIL PROTECTED] [2004-01-05 20:34]: I'm trying to install Debian from CD on a 700mhz AMD system with 500mb RAM. Right now I am stuck in the middle of installation. I have made it as far as disk formatting, but cannot mount(?) the root partition. When I try to mount dev/hda1 as the root file system, I get a [Mount failed: Invalid argument] error, and cannot proceed beyond that point. That error doesn't make sense to me, since I am using the installation system setup menus, not the command line, and cannot add any arguments. perhaps /dev/hda1 rather than dev/hda1 I am working with a 80gb Seagate hard disk. I created 3 primary partitions: 5gb for the boot partition 1gb for the swap partition 75gb for everything else if they are in that order and the drive is hda then the root partition would be /dev/hda3 not /dev/hda1 I succeeded in creating the partitions, initializing all 3 partitions, and activating the swap partition. Next, it says I have to mount a partition as the root, and I have tried numerous times, but always get the [invalid argument] error. Can anyone out there give me some pointers? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Two nics; only one works at a time
* Kent West [EMAIL PROTECTED] [2004-01-05 22:03]: I've got a freshly installed Debian Stable box with two NICs, a 3c509 and a 3c509c. In /etc/network/interfaces, I have them defined thusly: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 dhcp When I (re)start networking, ifconfig shows both cards to be configured with all the proper numbers, but networking out is iffy (I haven't been able to pin down a pattern), and I can ping from a different subnet the eth1 card but never the eth0 card. If I comment out one of the cards (it doesn't matter which one) in interfaces and restart networking, I can then ping from the different subnet the card not commented out. In other words, both cards work, but only one at a time. I've also tried static IP addresses with essentially the same results. I've booted off a Knoppix 3.3 CD, and both cards worked as expected, and I was able to ping both cards from a different subnet. I actually wiped the drive and did a clean install of Stable, only to find the same results afterward. I also upgraded from the 2.2 kernel to 2.4.18-1-686; it made no difference. I've been googling all day trying to find an answer, and haven't hit the right answer yet. If this isn't solved by tomorrow, the decision makers are going to go with Redhat (because we're in a time crunch). Does anyone have any insight as to what I need to do to get both NICs working properly? Kent, What is the output of the 'route' command when you have the interfaces up with and without knoppix? Lou -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ifconfig eth0 shows errors building
On Mon, 5 Jan 2004 15:22:27 -0700 Nate Duehr [EMAIL PROTECTED] wrote: On Monday 05 January 2004 01:20 pm, Jacob S. wrote: I've had similar errors with several Rev. 5 LNE100TX cards that looked like you describe. I tried kernels 2.2.15, 2.2.19, 2.4.18 as well as the latest drivers from www.scyld.com and ifconfig always showed the same thing. The cards and network connection have always worked fine for me, it just looks bad when you run ifconfig. Define fine... what was your max throughput on those cards? I highly doubt those aren't real errors. Ethernet's just pretty forgiving. Can you really push full data rate with those kinds of errors showing up? I highly doubt it. Fine = No noticeable difference in speed vs. other computers and network cards that aren't exhibiting the problem. I don't have any logs I can show from it right now, but in my case it looked like data was being shown in the wrong columns, not that anything was malfunctioning. The OP has already responded and their situation was obviously not the same as what I described. Nonetheless, my problem was not specific to just one of my network cards, but all of the LNE100TX Rev. 5 Linksys cards I had at that time. Jacob - GnuPG Key: 1024D/16377135 Slight disorientation after prolonged system uptime is normal for new Linux users. Please do not adjust your browser. pgp0.pgp Description: PGP signature
unable to login; pam broken?
I have a mysterious problem - I am unable to login as any user. i am also unable to su to root. Forutnately I am currently logged in, but I can't su or log in on another VC. Apparently my PAM setup is broken (from looking at strace). I recently upgraded to the latest version of sarge, I don't know if there is a known issue (nothing seems to be in the list archives). I have appended the strace from su. I am completely at a loss here, so I would appreciate any help. I can provide more info if needed. Thanks, Carl Script started on Mon Jan 5 22:25:58 2004 ]0;swedishfish ~ swedishfish ~ 10:25 PM $ stace su bash: stace: command not found ]0;swedishfish ~ swedishfish ~ 10:26 PM $ strace su execve(/bin/su, [su], [/* 25 vars */]) = 0 uname({sys=Linux, node=swedishfish, ...}) = 0 brk(0) = 0x8054780 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) open(/etc/ld.so.preload, O_RDONLY)= -1 ENOENT (No such file or directory) open(/etc/ld.so.cache, O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=41378, ...}) = 0 old_mmap(NULL, 41378, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40018000 close(3)= 0 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) open(/lib/libcrypt.so.1, O_RDONLY)= 3 read(3, \177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\t\0..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=18636, ...}) = 0 old_mmap(NULL, 181532, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40023000 old_mmap(0x40028000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x4000) = 0x40028000 old_mmap(0x40029000, 156956, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40029000 close(3)= 0 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) open(/lib/libpam.so.0, O_RDONLY) = 3 read(3, \177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\25\0\000..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=30360, ...}) = 0 old_mmap(NULL, 29324, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4005 old_mmap(0x40057000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x7000) = 0x40057000 close(3)= 0 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) open(/lib/libpam_misc.so.0, O_RDONLY) = 3 read(3, \177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\16..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=8800, ...}) = 0 old_mmap(NULL, 11880, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40058000 old_mmap(0x4005a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1000) = 0x4005a000 close(3)= 0 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) open(/lib/libc.so.6, O_RDONLY)= 3 read(3, \177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`^\1\000..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=1243076, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4005b000 old_mmap(NULL, 1253316, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4005c000 old_mmap(0x40183000, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x126000) = 0x40183000 old_mmap(0x4018c000, 8132, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4018c000 close(3)= 0 access(/etc/ld.so.nohwcap, F_OK) = -1 ENOENT (No such file or directory) open(/lib/libdl.so.2, O_RDONLY) = 3 read(3, \177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\34\0\000..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=9796, ...}) = 0 old_mmap(NULL, 8632, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4018e000 old_mmap(0x4019, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x2000) = 0x4019 close(3)= 0 munmap(0x40018000, 41378) = 0 brk(0) = 0x8054780 brk(0x8075780) = 0x8075780 brk(0) = 0x8075780 brk(0x8076000) = 0x8076000 getuid32() = 1001 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0 ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0 readlink(/proc/self/fd/0, 0x8054848, 4095) = -1 EACCES (Permission denied) fstat64(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0 stat64(/dev/pts, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 open(/dev/null, O_RDONLY|O_NONBLOCK|O_DIRECTORY) = -1 ENOTDIR (Not a directory) open(/dev/pts, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3 fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 fcntl64(3, F_SETFD, FD_CLOEXEC) = 0 getdents64(3, /* 5 entries */, 1024)= 120 stat64(/dev/pts/3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0 close(3)
unsubscribe
__ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: unable to login; pam broken?
On Mon, Jan 05, 2004 at 10:32:28PM -0500, Carl Mummert imagined: I have a mysterious problem - I am unable to login as any user. i am also unable to su to root. Forutnately I am currently logged in, but I can't su or log in on another VC. Apparently my PAM setup is broken (from looking at strace). I recently upgraded to the latest version of sarge, I don't know if there is a known issue (nothing seems to be in the list archives). I have appended the strace from su. I am completely at a loss here, so I would appreciate any help. I can provide more info if needed. Thanks, Carl This is just a shot in the dark: try upgrading your 'passwd' package... HTH, Raymond -- What difference does it make to the dead, the orphans, and the homeless, whether the mad destruction is brought under the name of totalitarianism or the holy name of liberty and democracy? (Gandhi) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Is there any encrypted or secure NFS?
On Mon, 2004-01-05 at 21:48, Alvin Oga wrote: On Mon, 5 Jan 2004, Brett Carrington wrote: On Mon, Jan 05, 2004 at 09:14:27PM -0500, Mark Roach wrote: This might be encrypted, but hardly secure, for instance if user A has physical access to NFS client and user B has physical access to nfs client, what prevents user A from accessing user B's files through VPN? File permissions. wont help ... the user has acces to their files on the other end OK, I'm obviously missing something here. Here's what I'm hearing NFS Server --- NFS Client (Home of User A and User B) The server is exporting /home which includes /home/userA and /home/userB. File permissions are set to 700 (or 770 with appropriate groups) on both home directories. The client has mounted the server's /home as /mnt/remote_homes User A wants to access user B's files that are under /mnt/remote_homes/userB. How are you suggesting that this is going to be possible? Note: if you tell me that he is going to boot off a knoppix CD and crack root on the box to su to userB, you must give me at least one example of an alternative that is not susceptible to an attack by a malicious local root Even so, you'd have this problem with or without an IPSec VPN. The VPN's job, in this case, is lower-layer encryption. File systems on your host/NFS Client are out of the spectrum of what a VPN can do. A VPN is only going to protect your data from snoopers of NFS packets. maybe [snip random security stuffs] - allowing nfs just makes all the snooping easier ... too many old holes - that may or may not be patched nfs -- Not For Security setting up and properly running a secure nfs is a whole other ballgame NFS definitely is not the right tool for every situation. There are some situations though, where it _is_ a good tool, and additional circumstances where the addition of IPSEC makes it a reasonable option when it otherwise wouldn't have been. -- Mark Roach -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
ISO9660 file naming (limits)
I want to make a cd archive of my (past) school work and remove it from my hard drive. The problem lies in name/path length limits for ISO9660 filesystems. 'mkisofs -R -J' yields output such as Using FINDR000.HH;1 for ./SE1-Software_Engineering.3010-361/src/FindRoomWindow.hh (FindRoomWindow_glade.hh) Using FINDR000.CC;1 for ./SE1-Software_Engineering.3010-361/src/FindRoomWindow_glade.cc (FindRoomWindow.cc) When I loopback mount the ISO to inspect it, the file apears normal with the complete path and name. My question is, what does the output from mkisofs mean, and will the CD have all of the files correctly named? TIA, -D -- Folly delights a man who lacks judgement, but a man of understanding keeps a straight course. Proverbs 15:21 www: http://dman13.dyndns.org/~dman/jabber: [EMAIL PROTECTED] signature.asc Description: Digital signature
Re: Is there any encrypted or secure NFS?
%% Mark Roach [EMAIL PROTECTED] writes: mr Note: if you tell me that he is going to boot off a knoppix CD and mr crack root on the box to su to userB, you must give me at least mr one example of an alternative that is not susceptible to an attack mr by a malicious local root Any method that forces the client to authenticate himself by more than simple UID. It must be doable since Windows SMB does it: having Administrator privileges on your Windows box doesn't give you the ability to read anyone else's files on a remote SMB share. For example, there are versions of NFS that use Kerberos for authentication. In this scenario simply being root (which given physical access to the box is obviously trivial) won't get you access to someone else's files. I don't personally know of any site that uses this, but it's in the NFS standards. You may argue that if you have root access on your target's box you can snoop enough information to fake out Kerberos, and you're probably right. You can install trojans, for starters. But at least you have to have root access on _their_ box and you have to do some work that is potentially detectable; with normal NFS all you need is root access on your _OWN_ box, plus a trivial su, which is far, far simpler to accomplish, and virtually untraceable. -- --- Paul D. Smith [EMAIL PROTECTED] HASMAT--HA Software Mthds Tools Please remain calm...I may be mad, but I am a professional. --Mad Scientist --- These are my opinions---Nortel Networks takes no responsibility for them. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ISO9660 file naming (limits)
On Mon, Jan 05, 2004 at 11:12:16PM -0500, Derrick 'dman' Hudson wrote: I want to make a cd archive of my (past) school work and remove it from my hard drive. The problem lies in name/path length limits for ISO9660 filesystems. 'mkisofs -R -J' yields output such as Using FINDR000.HH;1 for ./SE1-Software_Engineering.3010-361/src/FindRoomWindow.hh (FindRoomWindow_glade.hh) Using FINDR000.CC;1 for ./SE1-Software_Engineering.3010-361/src/FindRoomWindow_glade.cc (FindRoomWindow.cc) When I loopback mount the ISO to inspect it, the file apears normal with the complete path and name. My question is, what does the output from mkisofs mean, and will the CD have all of the files correctly named? Why don't you avoid problem by using tar on reasonably sized chunks of the file tree, and name the tar files concisely? -- Paul E Condon [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
idea search
Hi all, I trying to get a small list of programs to look at for a project of mine. Any ideas or pointers would be appreciated. I currently have a yahoo email account that I've been using Mozilla with for awhile now, so all my email is in mbox format. I want to set up a system where new mail is downloaded(via pop3), then made available through a web interface. I don't know much about webmail type servers, but if they need an underlying protocol, I prefer imap. There is only one email account with yahoo, but I also receive my yahoo business emails though them. Any server I use has to have the ability to change the address for the from: and reply-to: headers. Example: This list's mail gets delivered from the listserver to yahoo. My system periodically connects to yahoo's server, downloads and sorts the email, and then provides access to the emails through a web interface. After looking through it, I send an email. My system then sends it to yahoo's server via SMTP. This would essentially replace Mozilla with my server setup. Any ideas for what servers to use, or have I over complicated everything? Thanks for anything, Paul -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: idea search
snip On Mon, Jan 05, 2004 at 11:41:29PM -0500, [EMAIL PROTECTED] wrote: Any ideas for what servers to use, or have I over complicated everything? Thanks for anything, Paul Here are some: fetchmail for POP3, fetchyahoo (I'm pretty sure that's available in Debian) for yahoo's non-POP3 mail, and horde/imp for webmail. These are all available in Debian and just giving the documentation a read will give you the right direction. You may also like `fetchmailconf' signature.asc Description: Digital signature
install module in webmin
I installed webmin from testing, Version 1.121 I am unable to get install a new webmin snort module from snort.org via teh webmin interface. All the documentation talks about these steps for installing a module via webmin from www.webmin.com --If you are using Webmin version 0.88 or above, these updates can be --installed automatically using the 2nd and 3rd forms under Webmin Configuration - Upgrade Webmin I don't have this in my listing. I've been looking at this for awhile and cannot understand what the problem is. -- --Luke CS Sysadmin, Montana State University-Bozeman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: growisofs ejects when finished
Mark Roach wrote: On Fri, 2004-01-02 at 15:38, Jeffrey Barish wrote: I am using growisofs to backup to DVD. Whenever growisofs finishes writing, it ejects the DVD. At that point, the DVD is obviously no longer mounted. Hmm, was the (presumably blank) disk mounted to begin with? I would rather doubt it... Yes, it was mounted. growisofs objects if I try using it with a disc that is not mounted. The disc was not blank to begin with, but I use the -Z option. I would like for the DVD to remain mounted so that subsequent backups don't cost one mount (since, as I recall, each mount counts as a write). I doubt very much that this is the case... You have to mount the disc to read it, if dvd+rw has a fixed limit on the number of times you can read the data, it would have gone the way of divx Not a fixed limit, the disc just gets worn out. And it's not a limit on the number of times one can read it, it's a limit on the number of times one can rewrite it. Is there a way to do that with growisofs? Should I use another program instead to write to DVD? (I'm using DVD+RW, but my drive supports DVD-RW also. I use growisofs for backing up a lot of static data and have had no problems with it. It works for me too, I just wish it wouldn't eject when it finishes. -- Jeffrey Barish -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ls nitpick
On Sat, Jan 03, 2004 at 10:31:41PM -0500, Russ Schneider wrote: When you do an ls on Debian, you see something like the following: file1 file2 file3 dir1 dir2 file4 etc. When you do the same on Mandrake, you get file1 file2 file3 dir1/ dir2/ file4 You see how there's a / at the end of each directory name, making it really easy to tell at a glance what's a directory and what's not? Any way to config Debian's ls to do that? I realize it's just a nitpick, but I am curious. In your home directory, you should have a .bashrc file put there from /etc/skel when your account was created. It contains a lot of goodies that are commented out, in particular: # enable color support of ls and also add handy aliases eval `dircolors -b` alias ls='ls --color=auto' If you uncomment the above two lines, and add a -F option to the ls alias, it will walk and talk similarly to how Mandrake's ls presumably does. Run 'alias ls' on your Mandrake box to determine exactly how they've aliased it if you want to make it identical. Naturally, you will need to log in and log out again (or close and open a fresh xterm, as the case may be). You may also wish to uncomment the lines in your .bash_profile that source the .bashrc if it exists. HTH Andrew signature.asc Description: Digital signature
Re: Debian, 2.6 kernel and WIFI card on laptop ?
I posted it to the wrong group, I hope I will be luckier here :/ zeDek On 6 Jan 2004, Xavier Maillard[EMAIL PROTECTED] mused: Hi, I have asked everywhere I could about that. Nobody until now could find a solution. So I am trying as a last resort here ;) Here I have an ACER TM803 laptop running perfectly except one thing: PCMCIA. This is not that important but I prefer to be free and get rid of my wired ethernet connection when at home. I use a Debian SID GNU/Linux with a vanilla 2.6.0 kernel. All has been done accordingly to advice I receive here and there. It has support for PCMCIA devices, Wireless and orinoco support. So I am using a wireless driver from the kernel since it worked pretty well under 2.4.x for me. I also have the wireless tools suite installed and all is done in the interface files (ie /etc/network/interface). The Wireless card is Linksys WPC11 running in managed mode. I think my setup is good since it is the one that used to run under the 2.4.x kernel series. Problem is that when inserting the card, first I don't ear any 'bip' sound as it used to do. Then the card is no longer able to connect to the AP (also by linksys). I remember that not that far ago, it worked but as I faced problem keeping the connection up, I gave up and went back at my fidèle wire :) Now it just doesn't want to connect. Have anyone any clue I could follow to (at last) have this working ? Thank you. P.S: my /etc/init.d/pcmcia script file contains now a 'exit 0' at the top since I was told that PCMCIA and kernel 2.6.0 was no good. I only now use hotplug stuff as recommended. zeDek -- GNU is my religion .O. Xavier Maillard ..O Reims - France OOO +33 6 62 59 68 62 pgp0.pgp Description: PGP signature
Re: Is there any encrypted or secure NFS?
On Mon, 2004-01-05 at 23:30, Paul Smith wrote: %% Mark Roach [EMAIL PROTECTED] writes: mr Note: if you tell me that he is going to boot off a knoppix CD and mr crack root on the box to su to userB, you must give me at least mr one example of an alternative that is not susceptible to an attack mr by a malicious local root Any method that forces the client to authenticate himself by more than simple UID. It must be doable since Windows SMB does it: having Administrator privileges on your Windows box doesn't give you the ability to read anyone else's files on a remote SMB share. Two words, keystroke logger. Or, have a telnetd program set to autostart on that windows box on logon, log in to the telnet session, instant access. For example, there are versions of NFS that use Kerberos for authentication. In this scenario simply being root (which given physical access to the box is obviously trivial) won't get you access to someone else's files. I don't personally know of any site that uses this, but it's in the NFS standards. You may argue that if you have root access on your target's box you can snoop enough information to fake out Kerberos, and you're probably right. Yup. Install a key-sniffer, wait for the victim to unwittingly type his password. You can install trojans, for starters. But at least you have to have root access on _their_ box incorrect, see above. This is all a moot point though, the fact is that there is no way to secure the data going in and out of a machine such that root can't ever get at it. There are lot's of attempts at making it difficult (it's called DRM) but it is not something that is possible to completely attain. The sensible person will use the tool that makes the job difficult enough to dissuade the likely attackers based on the level of risk involved (this is assuming that security/complexity are tradeoffs, if there exists a more secure, less complex option, it's a no-brainer). I am not saying that nfs is super-secure here, so I hope nobody gets me wrong. (though I do think that in many cases it is good enough) My only point in all of this is that if you think other protocols have magic, not-even-root-can-catch-me-now-bwahahaha voodoo, you are mistaken. -- Mark Roach -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]