Re: Mais où est passée ma RAM ? Suite...

[Tonio]

Asus P5K-E avec 4Go de ram ddr2 800, elle fonctionne à sa fréquence 
optimale, même avec une Debian en x86 (noyau bigmem).

($ cat /proc/meminfo
MemTotal:  4150860 kB)
Les 4Go sont reconnus.

Gigabyte GA-MA69VM-S2 idem, 4Go ddr2 800 et aucun problème, testé avec 
Debian x86_64 et OpenSuse x86.


Si on compile le noyau il faut utiliser l'option 64GO et non 4GO, 
sinon seul 3Go sont mappés. L'option 64GO active Intel PAE par défaut.


Thomas


Super précisions.

Merci beaucoup.

Antoine.

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Conseil sur les Mises à Jour (Lenny)

[Philippe Merlin]

Bonjour,
Tout d'abord je suis en Lenny et  depuis quelques jours après un :
apt-dist upgrade j'ai ce message
Calcul de la mise à jour... Fait
Les paquets suivants ont été conservés :
  gnome-bin libgnorba27 libgnorbagtk0
utilisant kde cela ne me gène pas beaucoup, cependant je n'aime pas ce 
message.
J'ai fait un apt-get -s install gnome-bin libgnorba27 libgnorbagtk0
et j'obtiens :
Les paquets suivants contiennent des dépendances non satisfaites :
  gnome-bin: Dépend: liborbit0ldbl (= 0.5.17) mais ne sera pas installé
  libgnorba27: Dépend: liborbit0ldbl (= 0.5.17) mais ne sera pas installé
  libgnorbagtk0: Dépend: liborbit0ldbl (= 0.5.17) mais ne sera pas installé
E: Paquets défectueux

Ultime tentative :
un apt-get -s install liborbit0ldbl
.
Les paquets suivants ont été installés automatiquement et ne sont plus 
nécessaires :
  libsuitesparse libneon27-gnutls
Veuillez utiliser « apt-get autoremove » pour les supprimer.
Les paquets supplémentaires suivants seront installés :
  gnome-bin libgnorba27 libgnorbagtk0
Paquets suggérés :
  gnome-core
Les paquets suivants seront ENLEVÉS :
  gconf libgconf11 libgnome-vfs-common libgnome-vfs0 liboaf0 liborbit0 oaf
Les NOUVEAUX paquets suivants seront installés :
  liborbit0ldbl
Les paquets suivants seront mis à jour :
  gnome-bin libgnorba27 libgnorbagtk0
3 mis à jour, 1 nouvellement installés, 7 à enlever et 0 non mis à jour.
N'étant pas un spécialiste Gnome le fait d'enlever oaf et gconf es ce 
dangereux ?
Je ne sais que faire Wait and see ou .
Merci pour vos conseils.
Philippe MERLIN

Re: Conseil sur les Mises à Jour (Lenny)

[Yannick Palanque]

2008-04-17T10:51:12+0200, Philippe Merlin
[EMAIL PROTECTED]:

 Je ne sais que faire Wait and see ou .

Je dirais qu'il faut faire ça et attendre que les futures mise à jour
arrivent.

-- 
Yannick Palanque


-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

debian pdc samba et xp

[Frédéric LAURENT]

Bonjour à tous,
Je remet le couvert...
J'avais un superbe serveur samba en PDC qui fonctionnait parfaitement et 
ses clients xp jusqu'au jour ou catastrophe disque qui casse. Soit 
j'avais fait des sauvergardes.
J'ai donc reinstallé une debian toute fraiche et j'ai récupérer mon 
ancien /etc malheureusement, j'ai quelques soucis.
En effet, lorsque je loggue une station XP, je récupère bien mes profils 
sur le serveurs mais je n'est plus accés à la majorité des programmes de 
la station XP. Mon menu démarrer est en deux parties, la partie de 
gauche qui sont les programmes les plus courant utilisés sont absents 
comme si je n'avez pas assez de droits.
Je me suis aperçu que si je bascule dans les droits d'utilisateurs le 
groupe mondomaine\none dans les administrateurs, tout fonctionne 
normalement.Mais pas dans le groupe des utilisateurs normaux, ni avec 
pouvoirs.
Quelqu'un a t'il un tuyau car je ne peux bien sur pas laisser les 
stations xp en admin...


Ps: Désolé...presque hors sujet.

Merci d'avance.
Fred.

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

driver quickcam

[Jean Louis BOURDIAU]

Bjour Debian
 
Je cherche désesperemment le pilote pour un webam assez ancienne + de 5 ans
 
quickcam for notebook pro - lens4.9 mm
 
j' ai trové cette référence, mais la photo de la cam ne correspond pas à la 
mienne, et le pilote ne la reconnait pas.
 
Please help
 
Merci
 
Jean LouisJean-Louis BOURDIAU  Compagnie du RioAPDO 822 MALABOGuinée 
EquatorialeTel: +240 099 122/123 cel:+204 27 15 48  fax  +240 099 128

Re: Conseil sur les Mises à Jour (Lenny)

[Thibaut Paumard]

Le 17 avr. 08 à 10:51, Philippe Merlin a écrit :


un apt-get -s install liborbit0ldbl
.
Les paquets suivants ont été installés automatiquement et ne sont plus
nécessaires :
  libsuitesparse libneon27-gnutls
Veuillez utiliser « apt-get autoremove » pour les supprimer.
Les paquets supplémentaires suivants seront installés :
  gnome-bin libgnorba27 libgnorbagtk0
Paquets suggérés :
  gnome-core
Les paquets suivants seront ENLEVÉS :
  gconf libgconf11 libgnome-vfs-common libgnome-vfs0 liboaf0  
liborbit0 oaf

Les NOUVEAUX paquets suivants seront installés :
  liborbit0ldbl
Les paquets suivants seront mis à jour :
  gnome-bin libgnorba27 libgnorbagtk0
3 mis à jour, 1 nouvellement installés, 7 à enlever et 0 non mis à  
jour.


J'ai vu passer ces mises à jour (sous SID), mon GNOME se porte bien.

T.

Re: driver quickcam

[Sébastien NOBILI]

Le jeudi 17 avril 08 à 13:26, Jean Louis BOURDIAU a écrit :
| 
|Bjour Debian

Bonjour,

|Je cherche désesperemment le pilote pour un webam assez ancienne + de 5 ans
| 
|quickcam for notebook pro - lens4.9 mm
| 
|j' ai trové cette référence, mais la photo de la cam ne correspond pas à la
|mienne, et le pilote ne la reconnait pas.

Quel pilote ? Y-a-t-il des messages (certainement) dans
/var/log/messages lors du branchement ? Lesquels ?

En général, spca5xx gère les quickcam (du moins la mienne). Il n'est pas
inclus par défaut dans le noyau, il faut le générer avec
module-assistant : m-a a-i spca5xx

|Please help
| 
|Merci

Pas de quoi
Seb

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: driver quickcam

[bm]

Jean Louis BOURDIAU a écrit :


Bjour Debian
 
Je cherche désesperemment le pilote pour un webam assez ancienne + de 5 ans
 
quickcam for notebook pro - lens4.9 mm
 
j' ai trové cette référence, mais la photo de la cam ne correspond pas à 
la mienne, et le pilote ne la reconnait pas.
 



Peux tu nous donner le résultat des commandes lspci et lsusb ?



Bernard

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Mais où est passée ma RAM ? Suite...

[Damien VAILLANT]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tonio a écrit :
 Thierry Chatelet a écrit :
 On Tuesday 15 April 2008 22:02:19 Tonio wrote:
  
 Clevo M660SRU
 

 Au vu des caractéristiques, t' as même de la chance d' avoir 3 Gb de
 RAM C'est un achat internet ou en direct? Moi, j'essaierais de le
 retourner. A moins que, malgres la ram manquante, tu en sois
 satisfait. Dans ce cas, leur revendre la RAM supperflux.
 Thierry

   
 Merci beaucoup pour les réponses.
 
 C'est un achat en direct et je suis retourné pour demander des
 explications et une solution, et je me suis fait rembarrer au motif de :
 Vous avez ce que vous avez demandé, quand bien même il m'avait été au
 préalable affirmé qu'une telle configuration fonctionnerait.
 
 Ce qui me laisse perplexe (en dehors de l'inadéquation entre
 spécification technique et matériel installé) c'est que le vendeur (qui
 n'était pas le monteur) affirme qu'aucune carte mère actuelle (pour
 portable ou pc classique) ne gère 4 Go.  Y'a t'il des personnes qui
 puissent infirmer ou confirmer ce point, que je sois un peu moins largué
 pour pouvoir reprendre cette affaire sur des bases plus équilibrées ?
 
 Antoine
 
 
 
Bonjour,
J'ai trouvé ça:
http://www.materiel.net/ctl/PC_de_bureau/35009-Prodige_Audio.html
Il y a 3 config. sur ce cite avec 4 Go. D'après les dires de ton
vendeur, materiel.net est un magicien!!

Bon courage...
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIBi9SyOzw+3PC3p0RAjOQAJ0WmiNrrqa4GxL2HyhxNs5rB4oJXgCcC7sk
wbt8ola/NYB7DS+rYGF9JvA=
=EvxI
-END PGP SIGNATURE-

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: lenny et wifi en général, plusparticuliè rement rt61 de chez ralink(était Re: [en fait, pas résolu]etch/wifi/rt61pci (carte dwl-g510) )

[debian list]

dans la même thématique, je m'aperçois en fait que la majorité de mes
problèmes sont avec des livebox.

- nos client en dlink (3) : l'installation wifi fonctionnent bien en wpa
(wep j'y arrive jamais du premier coup : je perd toujours 1 heure au moins
la dessus)

- en livebox (pro ou 'pas pro') (~200) : j'y arrive jamais :
 * les livebox pros ou en choix de protocole Wep, wpa, 'wpa ou wep' :
les clients sont toujours dans ce dernier mode si je passe la livebox en
'wpa' seul le ssid (via iwconfig apparaît correctement), mais impossible
de pinger la passerelle , mais du coup les postes du client n'ont plus
accès au net 
 * les livebox 'pas pro' : cela n'a jamais fonctionné.



Du coup je me dis que je suis complétement à la ramasse, j'arrive pas à
faire fonctionner ce wifi de .. alors que tous le monde y arrive (en
plus sur la boite de la cart e wifi y'a bien un ptit pinguoin d'afficher !)


Concernant le wep (pour les livebox) je me demande si c'est pas parce que
le pilote enverrais le ssid en même temps que la clef (j'ai l'impression
qu'en wep on envois en broadcast la clef en aveugle, le point d'accès qui
reconnais la clef valide l'accès quelquesoit le ssid)

Ensuite mon problème et que je n'ais pas de livebox (au taf ou chez moi)
car je suis chez free (avec mon wifi en wpa qui marche impec accessoirement
en wpa) et que non client sont un peu dispersé sur notre héxagone

si ça peux faire avancer le schmilblic

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

RE : Re: RE : Re: RE : Re: connexion à distance via ssh par putty

[ben durand]

Ca marche, merci.
à tous ! ;)
Ben 


--- Alexandre Mackow [EMAIL PROTECTED] a écrit
:

 ben durand a écrit :
  Merci pour vos réponses, je vais essayer.
  J'essaie de pinguer sur mon adresse ip de la
  livebox,
  comme je ne suis pas chez moi, et je ne parviens
  pas. 
  Est-ce normal ? 
 
  Oui, par défaut les box (en tout cas la free
 box),
  ne répondent pas au ping.
  
  Donc, pour pinguer et me connecter, je dois
 configurer
  dyndns et ensuite pinguer sur le hostname dyndns ?
 
  
 
 Non,
 dyndns ne fait que transcrire ton IP en nom ..
 Pour activer le ping il faut l'activer sut ta
 console de gestion (ce qui 
 n'a, au passage , aucun intérêt).
 Le seul truc a faire c'est de rediriger ton port 22
 vers ton serveur 
 Linux... ensuite ca roulera même si ta box ne répond
 pas au ping.
 
 ++
 
 -- 
 Lisez la FAQ de la liste avant de poser une question
 :
 http://wiki.debian.org/DebFrFrenchLists
 Vous pouvez aussi ajouter le mot ``spam'' dans vos
 champs From et
 Reply-To:
 
 To UNSUBSCRIBE, email to
 [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact
 [EMAIL PROTECTED]
 
 


__
Do You Yahoo!?
En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible 
contre les messages non sollicités 
http://mail.yahoo.fr Yahoo! Mail 

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Passage de debian lenny (testing) vers etch(stable)

[jerome moliere]

Bonjour a tous,
ma question est surement surprenante mais bon c'est comme cela!!!
je veux faire mumuse (un peu serieux) avec de la virtualisation sur mon
laptop qui est actuellement en lenny hors sous lenny à l'instant t:
- virtual box est cassé
- pas de noyau xenifie pour utiliser le tout bel hypervisor en version 3.1
-(

donc je voudrai repasser en stable mais bon vais je tout casser au passage
ou cela a des chances de bien se passer ? -)

je prevois un nouveau backup  avant de le faire ou pas ?

merci pour vos lumieres
Jerome

-- 
Jerome Moliere - Mentor/J
http://romjethoughts.blogspot.com/
auteur Eyrolles

Re: Passage de debian lenny (testing) vers etch(stable)

[David Prévot]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

jerome moliere a écrit :
 Bonjour a tous,
 ma question est surement surprenante mais bon c'est comme cela!!!

Pas surprenante, récurrente [0]...

[0] http://lists.debian.org/debian-user-french/2008/04/msg00145.html

Amicalement

David

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIB1v218/WetbTC/oRAksrAJ9tQbHQ15tkVtnGi0qWguviZkWtAgCgiAer
crsXuqe46llCipVWXcGkC9U=
=pZHr
-END PGP SIGNATURE-

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Mais où est passée ma RAM ? Suite...

[Pascal Hambourg]

Sylvain Sauvage a écrit :

Damien VAILLANT, mercredi 16 avril 2008, 18:57:47 CEST


Oui, mais j'ai lu sur le net que certain utilisateur ont eu des problème
de ralentissement en dépassant cette barre des 3 Go, bien se renseigner
avant.


  J'ai une Asus A8N-E depuis 3 ans (Athlon64 « de base »), elle
supporte jusqu'à 4 Gio (mais je n'en ai mis que jusqu'à 2).

  J'ai beau avoir fouillé le manuel, je n'arrive pas à retrouver
où c'était dit, mais remplir les 4 slots mémoire oblige le
chipset à réduire la vitesse de la mémoire (de 400 MHz à 366 MHz,
de mémoire).


C'est certainement une limite liée à la charge des lignes du bus mémoire.


  Mais ça ne l'empêche pas de gérer 4 Gio, ça explique juste le
ralentissement.


Et encore, je doute fort que le passage de 400 à 366 MHz ait une 
influence notable en dehors d'applications très intensives pour la 
mémoire. Par contre l'activation du PAE coûte un peu en temps 
processeur. Et si les performances sont fortement diminuées, il y a 
peut-être encore des histoires de fin de mémoire non cachée comme au bon 
vieux temps des chipsets Triton pour Pentium.


--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Passage de debian lenny (testing) vers etch(stable)

[Sébastien NOBILI]

Le jeudi 17 avril 08 à 16:00, jerome moliere a écrit :
| 
|Bonjour a tous,

Bonjour,

|ma question est surement surprenante mais bon c'est comme cela!!!
|je veux faire mumuse (un peu serieux) avec de la virtualisation sur mon
|laptop qui est actuellement en lenny hors sous lenny à l'instant t:
|- virtual box est cassé
|- pas de noyau xenifie pour utiliser le tout bel hypervisor en version 3.1
|-(
|donc je voudrai repasser en stable mais bon vais je tout casser au passage
|ou cela a des chances de bien se passer ? -)

troll
Une Debian ça ne se casse pas !!!
/troll

Par défaut, APT refuse de revenir en arrière. Heureusement, on peut
jouer sur les priorités des paquets via le fichier /etc/apt/preferences.

La commande apt-cache policy permet de voir les priorités des différents
dépôts :
[EMAIL PROTECTED]:~# apt-cache policy
Fichiers du paquet :
 100 /var/lib/dpkg/status
 release a=now
 500 http://security.debian.org etch/updates/main Packages
 release v=4.0,o=Debian,a=stable,l=Debian-Security,c=main
 origin security.debian.org
 500 http://debian.ens-cachan.fr etch/main Packages
 release v=4.0r3,o=Debian,a=stable,l=Debian,c=main
 origin debian.ens-cachan.fr

Dans la page de manuel de apt_preferences on lit ça :
P  1000 
  Cette priorité entraîne l'installation du paquet même s'il s'agit d'un
  retour en arrière.

C'est à dire qu'une priorité de 1001 permettra le downgrade.

En ajoutant les lignes suivantes dans le fichiers de préférences, on
donne une priorité de 1001 aux paquets de la branche stable de l'archive
officielle
Package: *
Pin: release a=stable, o=Debian
Pin-Priority: 1001

Je crois que c'est suffisant. Un aptitude dist-upgrade fera alors le
downgrade.

Il sera de bon goût de simuler le downgrade avant de le lancer
réellement (argument « -s » de aptitude).

Dernier point, DPKG risque de se plaindre que tel paquet tente de
remplacer un fichier de tel autre (les fichiers sont des fois déplacés
d'un paquet à un autre). Il se plaindra aussi qu'on lui demande
d'installer une version antérieure. On peut éviter ça en ajoutant les lignes
suivantes dans le fichier /etc/apt/apt.conf :
DPkg 
{
  Options {
   --force-downgrade;
   --force-overwrite;
  }
};

mavie
J'ai retranscrit la procédure depuis ce dont je me souviens. Il manque
peut-être des choses mais ça m'a l'air complet.

J'avais fait un passage furtif depuis Etch vers Lenny, puis retour à
Etch, justement à cause du non-support Xen dans Lenny.

J'avais aussi fixé une priorité de -1 sur /var/lib/dpkg/status, ce qui
est assez rigolo car le système supprime alors tous les paquets
installés ! Je le déconseille à quiconque veut garder son système en
état de fonctionnement...

En tout cas, malgré tout ce que je lui ai fait subir, mon système est
toujours intègre et dans un état strictement identique à celui dans
lequel il était avant. Vive Debian !!!
/mavie

|je prevois un nouveau backup  avant de le faire ou pas ?

C'est toujours plus prudent (/etc, /home, /root, /var)

|merci pour vos lumieres
|Jerome

Pas de quoi.
Seb

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Passage de debian lenny (testing) vers etch(stable)

[jerome moliere]

c'est vraiment tres sympa à toi à toi et à sylvain..
désolé pour le bruit, dans ma precipitation j'ai pas consulte les archives
MEA CULPA
je vois que je ne suis pas le seul à me retrouver dans cette situation
je vais suivre cela à la lettre ce week end apres bakcup du /etc et du /home
et on verra bien ce que cela donnera!!!
effectivement repartir sur des bases saines ne ferait pas de mal dans le
pire des cas
avez vous teste virtual box ? un retour d'experience ? compare a xen ?
j'imaginais un truc je ne sai spas si c'est debile ou pas:
- une distrib de base (etch) me servant juste de conteneur (dom0 dans le
vocable xen)
- une image domU (dans le vocable xen) avec  une lenny pour mon desktop
- d'autres images de etch ou autre pour faire des serveurs à la demande
quand je veux simuler du clustering...

vous en dites quoi ?
mon laptop est actuellement un acer ferrari 1005W avec 4Go RAM
et le prochain est commande et c'est un XPS 1330 avec 4Go RAM 2.5Ghz et disk
7200Trs/mn

encore merci
jerome

Le 17/04/08, Sébastien NOBILI [EMAIL PROTECTED] a écrit :

 Le jeudi 17 avril 08 à 16:00, jerome moliere a écrit :
 |
 |Bonjour a tous,

 Bonjour,


 |ma question est surement surprenante mais bon c'est comme cela!!!
 |je veux faire mumuse (un peu serieux) avec de la virtualisation sur
 mon
 |laptop qui est actuellement en lenny hors sous lenny à l'instant t:
 |- virtual box est cassé
 |- pas de noyau xenifie pour utiliser le tout bel hypervisor en
 version 3.1
 |-(
 |donc je voudrai repasser en stable mais bon vais je tout casser au
 passage
 |ou cela a des chances de bien se passer ? -)


 troll
 Une Debian ça ne se casse pas !!!
 /troll

 Par défaut, APT refuse de revenir en arrière. Heureusement, on peut
 jouer sur les priorités des paquets via le fichier /etc/apt/preferences.

 La commande apt-cache policy permet de voir les priorités des différents
 dépôts :
 [EMAIL PROTECTED]:~# apt-cache policy
 Fichiers du paquet :
   100 /var/lib/dpkg/status
  release a=now
   500 http://security.debian.org etch/updates/main Packages
  release v=4.0,o=Debian,a=stable,l=Debian-Security,c=main
  origin security.debian.org
   500 http://debian.ens-cachan.fr etch/main Packages
  release v=4.0r3,o=Debian,a=stable,l=Debian,c=main
  origin debian.ens-cachan.fr

 Dans la page de manuel de apt_preferences on lit ça :
 P  1000
   Cette priorité entraîne l'installation du paquet même s'il s'agit
 d'un
   retour en arrière.

 C'est à dire qu'une priorité de 1001 permettra le downgrade.

 En ajoutant les lignes suivantes dans le fichiers de préférences, on
 donne une priorité de 1001 aux paquets de la branche stable de l'archive
 officielle
 Package: *
 Pin: release a=stable, o=Debian
 Pin-Priority: 1001

 Je crois que c'est suffisant. Un aptitude dist-upgrade fera alors le
 downgrade.

 Il sera de bon goût de simuler le downgrade avant de le lancer
 réellement (argument « -s » de aptitude).

 Dernier point, DPKG risque de se plaindre que tel paquet tente de
 remplacer un fichier de tel autre (les fichiers sont des fois déplacés
 d'un paquet à un autre). Il se plaindra aussi qu'on lui demande
 d'installer une version antérieure. On peut éviter ça en ajoutant les
 lignes
 suivantes dans le fichier /etc/apt/apt.conf :
 DPkg
 {
   Options {
--force-downgrade;
--force-overwrite;
   }
 };

 mavie
 J'ai retranscrit la procédure depuis ce dont je me souviens. Il manque
 peut-être des choses mais ça m'a l'air complet.

 J'avais fait un passage furtif depuis Etch vers Lenny, puis retour à
 Etch, justement à cause du non-support Xen dans Lenny.

 J'avais aussi fixé une priorité de -1 sur /var/lib/dpkg/status, ce qui
 est assez rigolo car le système supprime alors tous les paquets
 installés ! Je le déconseille à quiconque veut garder son système en
 état de fonctionnement...

 En tout cas, malgré tout ce que je lui ai fait subir, mon système est
 toujours intègre et dans un état strictement identique à celui dans
 lequel il était avant. Vive Debian !!!
 /mavie


 |je prevois un nouveau backup  avant de le faire ou pas ?


 C'est toujours plus prudent (/etc, /home, /root, /var)


 |merci pour vos lumieres
 |Jerome


 Pas de quoi.
 Seb


 --
 Lisez la FAQ de la liste avant de poser une question :
 http://wiki.debian.org/DebFrFrenchLists
 Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
 Reply-To:

 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact
 [EMAIL PROTECTED]




-- 
Jerome Moliere - Mentor/J
http://romjethoughts.blogspot.com/
auteur Eyrolles

Dr Azizan (click on ¨rsvp¨invitation)

[Dr Aziza Coker]

You are invited to Dr Azizan (click on ¨rsvp¨invitation) .


By your host Dr Aziza Coker:


 Date:  Thursday April 17, 2008

 Time:  4:00 pm - 5:00 pm (GMT +02:00 Egypt)

Will you attend? RSVP to this invitation at:

 
http://calendar.yahoo.com/dr_azizan_c59?v=126a1=0iid=exAHNYxbaKr5%40FTMwhh6t%403%40a4gk%40IyfypEdIh%40%40igid=qhaExNtbdMr7%40Fw4DxpLQrd%40BIcka6hwB%40%40wVU7aqwv%40

Copyright © 2008 All Rights Reserved
 www.yahoo.com

Privacy Policy:
 http://privacy.yahoo.com/privacy/us

Terms of Service:
 http://docs.yahoo.com/info/terms/

Desinstallation d'un service

[Fabien R]

Hello,

J'ai installé motion sous unstable. Le pb est qu'il démarre 
automatiquement au boot.
Existe-t-il un moyen d'êmpecher ce démarrage proprement (i.e. sans 
supprimer manuellement les liens dans /etc/rc*) ?


-
Fabien

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Desinstallation d'un service

[Thibaut Paumard]

Le 17 avr. 08 à 17:40, Fabien R a écrit :

Hello,

J'ai installé motion sous unstable. Le pb est qu'il démarre  
automatiquement au boot.
Existe-t-il un moyen d'êmpecher ce démarrage proprement (i.e. sans  
supprimer manuellement les liens dans /etc/rc*) ?




La façon Debian d'éditer ces liens est start-stop-daemon (voir sa  
page man). Il est parfois possible de désactiver/configurer les  
services au moyen d'un fichier sous /etc/default.


Cordialement, Thibaut.

Re: Desinstallation d'un service

[Edi Stojicevic]

* Fabien R [EMAIL PROTECTED] [2008-04-17 17:40:08 +0200] wrote :

 Hello,

'lut

 J'ai installé motion sous unstable. Le pb est qu'il démarre  
 automatiquement au boot.
 Existe-t-il un moyen d'êmpecher ce démarrage proprement (i.e. sans  
 supprimer manuellement les liens dans /etc/rc*) ?

 -
 Fabien

man update-rc.d

De rien ;)

-- 
. ''`.  (\___/) E d i   S T O J I C E V I C
: :'  : (='.'=) http://www.debianworld.org 
`. `~'  ()_() GPG: 0x1237B032
  `-

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Desinstallation d'un service

[Damien VAILLANT]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Fabien R a écrit :
 Hello,
 
 J'ai installé motion sous unstable. Le pb est qu'il démarre
 automatiquement au boot.
 Existe-t-il un moyen d'êmpecher ce démarrage proprement (i.e. sans
 supprimer manuellement les liens dans /etc/rc*) ?
 
 -
 Fabien
 
update-rc.d ?
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIB3HWyOzw+3PC3p0RAkL9AKCMS0f6FDVO4hkFOrIOCPoY7lQGLgCbB1pd
qg0crbtYlSeABGz2Yxajzok=
=soxJ
-END PGP SIGNATURE-

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Desinstallation d'un service

[Thibaut Paumard]

Le 17 avr. 08 à 17:45, Thibaut Paumard a écrit :


Le 17 avr. 08 à 17:40, Fabien R a écrit :

Hello,

J'ai installé motion sous unstable. Le pb est qu'il démarre  
automatiquement au boot.
Existe-t-il un moyen d'êmpecher ce démarrage proprement (i.e. sans  
supprimer manuellement les liens dans /etc/rc*) ?




La façon Debian d'éditer ces liens est start-stop-daemon (voir sa  
page man).


Désolé, mémoire défaillante. update-rc.d, comme le note Edi.

T.

Re: Desinstallation d'un service

[Fabien R]

Edi Stojicevic wrote:

* Fabien R [EMAIL PROTECTED] [2008-04-17 17:40:08 +0200] wrote :

  

Hello,



'lut

  
J'ai installé motion sous unstable. Le pb est qu'il démarre  
automatiquement au boot.
Existe-t-il un moyen d'êmpecher ce démarrage proprement (i.e. sans  
supprimer manuellement les liens dans /etc/rc*) ?


-
Fabien



man update-rc.d

De rien ;)

  

Super !

Merci :-)

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Desinstallation d'un service

[Edi Stojicevic]

* Fabien R [EMAIL PROTECTED] [2008-04-17 17:56:16 +0200] wrote :

 Edi Stojicevic wrote:
 * Fabien R [EMAIL PROTECTED] [2008-04-17 17:40:08 +0200] wrote :

   
 Hello,
 

 'lut

   
 J'ai installé motion sous unstable. Le pb est qu'il démarre   
 automatiquement au boot.
 Existe-t-il un moyen d'êmpecher ce démarrage proprement (i.e. sans   
 supprimer manuellement les liens dans /etc/rc*) ?

 -
 Fabien
 

 man update-rc.d

 De rien ;)

   
 Super !

 Merci :-)

Une vieille doc que j'avais fait :

http://www.debianworld.org/update-rc.d

@+
-- 
. ''`.  (\___/) E d i   S T O J I C E V I C
: :'  : (='.'=) http://www.debianworld.org 
`. `~'  ()_() GPG: 0x1237B032
  `-

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: driver quickcam

[thveillon.debian]

bm a écrit :

Jean Louis BOURDIAU a écrit :


Bjour Debian
 
Je cherche désesperemment le pilote pour un webam assez ancienne + de 
5 ans
 
quickcam for notebook pro - lens4.9 mm
 
j' ai trové cette référence, mais la photo de la cam ne correspond 
pas à la mienne, et le pilote ne la reconnait pas.
 



Peux tu nous donner le résultat des commandes lspci et lsusb ?



Bernard

Tu as une table de compatibilité ici : 
http://www.quickcamteam.net/hcl/linux/logitech-webcams


Tes meilleurs chances sont avec pwc ou gspca, ils sont tous les deux sur 
les dépôts Debian mais pwc doit être compilé avec module-assistant.


Thomas

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

cupsys

[antoine]

Bonjour,

Cupsys a toujours bien marché sous ma Debian Etch.

Puis un jour, mon imprimante Epson C60 ne démarrre plus.
(Elle marche parfaitement sous windows- XP)

http://localhost:631
et impossible de dialoguer = error partout, sans autres indications

Je désinstalle tous les paquets cupsys , les réinstalle, relance cupsys et 
pareil !

Que se passe t-il ?

antoine

Re: suspend/hibernate sur dell xps m1330 avec debian sid

[Jerome Moinet]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Loran 42o a écrit :
 Bonjour,

Bonjour,

Désolé pour le retard à la réponse.

 je viens de commander ce portable avec SE Ubuntu.
 Je souhaite y mettre Debian mais:
 Avez vous réussi à avoir une machine pleinement fonctionnelle sous Lenny ?

Pas essayé finalement, mais ok en sid, tout fonctionne (hdmi pas testé)
sauf les boutons multimédia qui ne fonctionnent qu'avec le lecteur gnome
qui va bien (je sais plus laquelle, mais c'est celui par défaut).

 Qu'en est-il finalement de la télécommande avec ce modèle ? oublie ou non
 prévue ?

visiblement c'est une remote bluetooth, et comme je n'ai pas ajouté
l'option bluetooth, j'ai pas eu la remote. A confirmer.


 Est-il possible d'avoir la resolution maximal (1200*800) ?

oui. Le branchement sur un 20 pouces marche très bien aussi, en 1600x(je
sais plus)

 La webcam avec écran classique (non LCD) est-elle fonctionnelle ?
 
bonne question, pas testé, mais je pense que oui.

 j'ai enfin une dernière question, est-il prévu un cd de restauration de la
 version Ubuntu modifiée par Dell au cas où je n'arriverai pas installer
 correctement Lenny ?

Visiblement non (seulement cd ubuntu de base livré avec), mais la
première chose que j'ai faite avant même de booter l'ubuntu, c'est de
booter avec une knoppix et de faire un dd | gz vers un disque usb, ce
qui résout la question :)

Au final une belle petite machine. Je regrette néanmoins d'avoir gardé
la CG intel et pas pris la nvidia qui est plus puissante et de ne pas
avoir pris le bluetooth (finalement il semblerait que ce soit utile ce
gadget, pour la remote ou une souris sans fil, par exemple. Pour le
reste, je vois pas...). Le 15 (M1530) au lieu du 13 aurait été aussi
pas mal, si ils proposaient ce modèle.

cdlt,

jerome


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIB82g3ygQTLujCrQRAtp2AKCndpZ14Hh91ah56Uo8SS7onXOFiACeJWSe
yZW0NuZT6IKxhr6CpAZhK9Y=
=KwUW
-END PGP SIGNATURE-

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: cupsys

[Steve]

Le 17-04-2008, à 21:48:23 +0200, [EMAIL PROTECTED] ([EMAIL PROTECTED]) a écrit :

 Lignes : 18
 
 Bonjour,

Salut Antoine,

 Cupsys a toujours bien marché sous ma Debian Etch.
 
 Puis un jour, mon imprimante Epson C60 ne démarrre plus.
 (Elle marche parfaitement sous windows- XP)
 
 http://localhost:631
 et impossible de dialoguer = error partout, sans autres indications

Error n'est pas vraiment un message intéressant. Peux-tu mettre ici tous
les messages qui te semblent pertinents ?

 Je désinstalle tous les paquets cupsys , les réinstalle, relance cupsys 
 et 
 pareil !

Une question de droits peut-être ?

 Que se passe t-il ?

On va le découvrir ...

 antoine

Steve

-- 
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/DebFrFrenchLists
Vous pouvez aussi ajouter le mot ``spam'' dans vos champs From et
Reply-To:

To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Fujitsu-Siemens RX100 S5

[Albert]

Marcin Owsiany pisze:

On Thu, Apr 17, 2008 at 02:00:44PM +0200, Albert wrote:
  

Bios data check successful
Error: General Protection Fault at :



Nie mam takiego komputera, ale na początek spróbuj czy któraś z rzeczy
opisanych na
http://www.us.debian.org/releases/stable/i386/ch03s06.html.en#id2533470
nie ponosi winy.

  
W biosie wyłączyłem mu rozpoznawanie dysku SATA jako raid i potem 
również wyłączone zostało sata jako AHCI i jak system się zainstalował i 
uruchomił poprawnie


pozdrawiam

Albert


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: CPU al 95%

[Salvador Garcia Z.]

Puedes usar aptitude para revisar tus dependencias, si no tienes mucha
experiencia es lo mejor que te recomiendo para solucioinar prblemas de
dependencias, se entra por consola.

-- 
Desarrollo de Software
DEB-SA

Configurar shorewall para un portátil: No cierra puertos

[Pedro Jose]

Hola lista!!

A raíz del aviso de rkhunter, me he empezado a preocupar por la
seguridad, y he instalado shorewall. Todos los manuales que he visto
eran para un ordenador con varios interfaces distintos, pero yo
utilizo la misma tarjeta para todo. Me he echo un análisis de puertos,
y he visto los siguientes abiertos:

Si hago el análisis sobre localhost:

Puerto  Estado  Servicio
25  opensmtp
111 opensunrpc
113 openauth
139 opennetbios-ssn
445 openmicrosoft-ds
631 openipp
915 opendesconocido
47700   opendesconocido
53595   opendesconocido

Si hago el análisis sobre 127.0.0.1

Puerto  Estado  Servicio
25  opensmtp
111 opensunrpc
113 openauth
139 opennetbios-ssn
445 openmicrosoft-ds
631 openipp
915 opendesconocido
37368   opendesconocido
47700   opendesconocido

Si hago el análisis sobre mi ip (cogida por dhcp):

Puerto  Estado  Servicio
111 opensunrpc
113 openauth
139 opennetbios-ssn
445 openmicrosoft-ds
47700   opendesconocido
58538   opendesconocido
58793   opendesconocido

La primera duda que tengo es porqué los puertos son distintos
dependiendo de sobre qué ip hago el análisis, pues todas son la misma
máquina:

He configurado shorewall con los siguientes parámetros:

/etc/shorewall/interfaces:

#ZONE  INTERFACE  BROADCAST  OPTIONS  GATEWAY
neteth0   detect dhcp
netath0   detect dhcp
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

/etc/shorewall/policy

fwnetACCEPT
netallDROP
allallREJECT

/etc/shorewall/rules

DROP net $FW tcp 111
DROP net $FW tcp 113
DROP net $FW tcp 139
DROP net $FW tcp 445
DROP net $FW tcp 35872
DROP net $FW tcp 47700
DROP net $FW tcp 50804

/etc/shorewall/zones

#ZONE  DISPLAY OPTIONS
fw firewall
netipv4
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Si en rules le tengo dicho que cierre esos puertos, ¿por qué no me los cierra?


-- 
Saludos,


Pedro

RE: Acceder a red de oficina via VPN - iptables

[Elvis Aaron Presley]

 Creo que lo correcto sería establecer la política por defecto en drop y
luego ir abriendo... Tú lo que haces es establecer la política por defecto
en accept, luego aceptar (es redundante) algunas cosas y al final denegar
todo. Mareas mucho la perdiz. Además tendría q estar en otro orden para que
funcionara. Si quisieramos hacerlo a tu forma (que no es la correcta) sería
así: política por defecto en aceppt, luego deniego todo y al final acepto
las excepciones... El orden lo tienes cambiado e influye.

Un saludo.

Elvis

-Mensaje original-
De: KEBRA [mailto:[EMAIL PROTECTED] 
Enviado el: jueves, 17 de abril de 2008 1:30
Para: debian-user-spanish@lists.debian.org
Asunto: Acceder a red de oficina via VPN - iptables

Estimados, hace unos días que intento conectarme a la red de mi trabajo
donde hay un router NORTEL el cual tiene la capacidad de configurar tuneles
VPN. Está todo bien configurado ya que tengo usuarios que desde distintas
partes del mundo se conectan a la red local de la empresa y trabajan
perfectamente.
Mi problemita es que desde mi casa no logro conectarme al trabajo, a menos
que salga directamente a Internet, sin pasar por mi firewall.

Iptables NO es mi fuerte, y he configurado el firewall con ayuda de colegas,
pero en este punto me he trabado más de la cuenta.

El firewall está montado en un etch 4.0, con dos tarjetas de red, una que
conecta al modem ADSL configurada como eth1 (conecta como ppp0) y otra
conectada al switch como eth0.

Adjunto el script de iptables a ver si alguien con mas experiencia que yo
puede ver el error.



echo -n Aplicando reglas de Firewall...

## Aplicamos Flush de reglas
iptables -F
iptables -X
iptables -Z
iptables -t nat -F

## Establecemos politica por defecto
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT

## Empezamos a filtrar
## El localhost se deja
/sbin/iptables -A INPUT -i lo -j ACCEPT

# Al firewall tenemos acceso desde la red local iptables -A INPUT -s
10.0.0.0/24 -i eth0 -j ACCEPT

## http
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 80 -j ACCEPT

## https 443
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 443 -j ACCEPT

## Consulta de DNS
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 53 -j ACCEPT
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p udp --dport 53 -j ACCEPT

## Mulita
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport 61116 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p udp --dport 61117 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport 4662 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p udp --dport 4672 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p udp --dport 4662 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport 4672 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp -j ACCEPT iptables -A FORWARD
-s 10.0.0.2 -i eth0 -p udp -j ACCEPT iptables -t nat -A PREROUTING -p tcp
--dport 61116:61119 -j DNAT --to
10.0.0.2:61116

##VPN
iptables -A OUTPUT -p tcp --dport 500 -j ACCEPT iptables -A FORWARD -i ppp0
-p tcp --dport 500 -j ACCEPT iptables -t nat -A PREROUTING -i ppp0 -p 17
--dport 500 -j DNAT --to 10.0.0.2:500


iptables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT iptables -A
OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT iptables -A INPUT -p udp
--sport 50 --dport 50 -j ACCEPT iptables -A OUTPUT -p udp --sport 50 --dport
50 -j ACCEPT iptables -A INPUT -p 50 -j ACCEPT iptables -A OUTPUT -p 50 -j
ACCEPT ## Torrent iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport
42218 -j ACCEPT iptables -t nat -A PREROUTING -p tcp --dport 42218:42220 -j
DNAT --to
10.0.0.2:42218


## Gmail
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 465 -j ACCEPT
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 995 -j ACCEPT

 Aceptamos ingresos con ssh solo desde la red local iptables
-A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT  La siguiente linea
hablilita ssh desde el exterior. Cerrada esta mejor.
###iptables -A INPUT -p tcp --dport 22 -j ACCEPT

### Logueamos ###
#iptables -j LOG

# Y denegamos el resto. Si se necesita alguno, ya avisaran iptables -A
FORWARD -s 10.0.0.0/24 -i eth0 -j DROP

# Ahora hacemos enmascaramiento de la red local # y activamos el BIT DE
FORWARDING (imprescindible!) iptables -t nat -A POSTROUTING -s
10.0.0.0/24 -o ppp0 -j MASQUERADE

# Con esto permitimos hacer forward de paquetes en el firewall, o sea # que
otras maquinas puedan salir a traves del firewall.
echo 1  /proc/sys/net/ipv4/ip_forward

## Y ahora cerramos los accesos indeseados del exterior:

# Nota: 0.0.0.0/0 significa: cualquier red

# Cerramos el rango de puerto bien conocido iptables -A INPUT -s 0.0.0.0/0
-p tcp --dport 1:1024 -j DROP iptables -A INPUT -s 0.0.0.0/0 -p udp --dport
1:1024 -j DROP

# Cerramos un 

RE: Acceder a red de oficina via VPN - iptables

[Elvis Aaron Presley]

 Además, que no lo había puesto... En una vpn estándar pptp los puertos que
se utilizan son el 1723 de tcp y el 47 ip. Y esos no los veo por ningún lado
en tu script... Deberías especificar q tipo de vpn es (L2tp?) y si usas los
puertos estándar.

Un saludo.

Elvis

-Mensaje original-
De: Elvis Aaron Presley [mailto:[EMAIL PROTECTED] 
Enviado el: jueves, 17 de abril de 2008 10:29
Para: debian-user-spanish@lists.debian.org
Asunto: RE: Acceder a red de oficina via VPN - iptables

 Creo que lo correcto sería establecer la política por defecto en drop y
luego ir abriendo... Tú lo que haces es establecer la política por defecto
en accept, luego aceptar (es redundante) algunas cosas y al final denegar
todo. Mareas mucho la perdiz. Además tendría q estar en otro orden para que
funcionara. Si quisieramos hacerlo a tu forma (que no es la correcta) sería
así: política por defecto en aceppt, luego deniego todo y al final acepto
las excepciones... El orden lo tienes cambiado e influye.

Un saludo.

Elvis

-Mensaje original-
De: KEBRA [mailto:[EMAIL PROTECTED] Enviado el: jueves, 17 de abril de
2008 1:30
Para: debian-user-spanish@lists.debian.org
Asunto: Acceder a red de oficina via VPN - iptables

Estimados, hace unos días que intento conectarme a la red de mi trabajo
donde hay un router NORTEL el cual tiene la capacidad de configurar tuneles
VPN. Está todo bien configurado ya que tengo usuarios que desde distintas
partes del mundo se conectan a la red local de la empresa y trabajan
perfectamente.
Mi problemita es que desde mi casa no logro conectarme al trabajo, a menos
que salga directamente a Internet, sin pasar por mi firewall.

Iptables NO es mi fuerte, y he configurado el firewall con ayuda de colegas,
pero en este punto me he trabado más de la cuenta.

El firewall está montado en un etch 4.0, con dos tarjetas de red, una que
conecta al modem ADSL configurada como eth1 (conecta como ppp0) y otra
conectada al switch como eth0.

Adjunto el script de iptables a ver si alguien con mas experiencia que yo
puede ver el error.



echo -n Aplicando reglas de Firewall...

## Aplicamos Flush de reglas
iptables -F
iptables -X
iptables -Z
iptables -t nat -F

## Establecemos politica por defecto
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT

## Empezamos a filtrar
## El localhost se deja
/sbin/iptables -A INPUT -i lo -j ACCEPT

# Al firewall tenemos acceso desde la red local iptables -A INPUT -s
10.0.0.0/24 -i eth0 -j ACCEPT

## http
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 80 -j ACCEPT

## https 443
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 443 -j ACCEPT

## Consulta de DNS
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 53 -j ACCEPT
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p udp --dport 53 -j ACCEPT

## Mulita
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport 61116 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p udp --dport 61117 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport 4662 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p udp --dport 4672 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p udp --dport 4662 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport 4672 -j ACCEPT
iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp -j ACCEPT iptables -A FORWARD
-s 10.0.0.2 -i eth0 -p udp -j ACCEPT iptables -t nat -A PREROUTING -p tcp
--dport 61116:61119 -j DNAT --to
10.0.0.2:61116

##VPN
iptables -A OUTPUT -p tcp --dport 500 -j ACCEPT iptables -A FORWARD -i ppp0
-p tcp --dport 500 -j ACCEPT iptables -t nat -A PREROUTING -i ppp0 -p 17
--dport 500 -j DNAT --to 10.0.0.2:500


iptables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT iptables -A
OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT iptables -A INPUT -p udp
--sport 50 --dport 50 -j ACCEPT iptables -A OUTPUT -p udp --sport 50 --dport
50 -j ACCEPT iptables -A INPUT -p 50 -j ACCEPT iptables -A OUTPUT -p 50 -j
ACCEPT ## Torrent iptables -A FORWARD -s 10.0.0.2 -i eth0 -p tcp --dport
42218 -j ACCEPT iptables -t nat -A PREROUTING -p tcp --dport 42218:42220 -j
DNAT --to
10.0.0.2:42218


## Gmail
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 465 -j ACCEPT
iptables -A FORWARD -s 10.0.0.0/24 -i eth0 -p tcp --dport 995 -j ACCEPT

 Aceptamos ingresos con ssh solo desde la red local iptables
-A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT  La siguiente linea
hablilita ssh desde el exterior. Cerrada esta mejor.
###iptables -A INPUT -p tcp --dport 22 -j ACCEPT

### Logueamos ###
#iptables -j LOG

# Y denegamos el resto. Si se necesita alguno, ya avisaran iptables -A
FORWARD -s 10.0.0.0/24 -i eth0 -j DROP

# Ahora hacemos enmascaramiento de la red local # y activamos el BIT DE
FORWARDING (imprescindible!) iptables -t nat -A POSTROUTING 

Re: controladora intel PRO/Wireless 2200BG

[andres felipe uran cano]

bueno puede ser tambien una solucion pero actualizando el kernel tambien
funciono sin tantas complicaciones asi que tambien es una solucion muy
razonable (tambien intente con el firmware v3.0)

pues eso creo xD

Saludos

-- 
[EMAIL PROTECTED]

Blog personal: http://anduran.blogspot.com

Re: Configurar shorewall para un portátil: No cierra puertos

[Miguel Da Silva - Centro de Matemática]

Pedro Jose escribió:

Hola lista!!

A raíz del aviso de rkhunter, me he empezado a preocupar por la
seguridad, y he instalado shorewall. Todos los manuales que he visto
eran para un ordenador con varios interfaces distintos, pero yo
utilizo la misma tarjeta para todo. Me he echo un análisis de puertos,
y he visto los siguientes abiertos:

Si hago el análisis sobre localhost:

Puerto  Estado  Servicio
25  opensmtp
111 opensunrpc
113 openauth
139 opennetbios-ssn
445 openmicrosoft-ds
631 openipp
915 opendesconocido
47700   opendesconocido
53595   opendesconocido

Si hago el análisis sobre 127.0.0.1

Puerto  Estado  Servicio
25  opensmtp
111 opensunrpc
113 openauth
139 opennetbios-ssn
445 openmicrosoft-ds
631 openipp
915 opendesconocido
37368   opendesconocido
47700   opendesconocido

Si hago el análisis sobre mi ip (cogida por dhcp):

Puerto  Estado  Servicio
111 opensunrpc
113 openauth
139 opennetbios-ssn
445 openmicrosoft-ds
47700   opendesconocido
58538   opendesconocido
58793   opendesconocido

La primera duda que tengo es porqué los puertos son distintos
dependiendo de sobre qué ip hago el análisis, pues todas son la misma
máquina:

He configurado shorewall con los siguientes parámetros:

/etc/shorewall/interfaces:

#ZONE  INTERFACE  BROADCAST  OPTIONS  GATEWAY
neteth0   detect dhcp
netath0   detect dhcp
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

/etc/shorewall/policy

fwnetACCEPT
netallDROP
allallREJECT

/etc/shorewall/rules

DROP net $FW tcp 111
DROP net $FW tcp 113
DROP net $FW tcp 139
DROP net $FW tcp 445
DROP net $FW tcp 35872
DROP net $FW tcp 47700
DROP net $FW tcp 50804

/etc/shorewall/zones

#ZONE  DISPLAY OPTIONS
fw firewall
netipv4
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Si en rules le tengo dicho que cierre esos puertos, ¿por qué no me los cierra?




Hola...

1) la PC es la misma, pero la interface que usa para conectarse a ella 
es distinta. No es solo la IP que cambia, sino la interface también.


2) estás confundiendo lo que quiere decir cerrar un puerto con 
shorewall (en verdad con iptables). El puerto sigue abierto, lo que 
shorewall/iptables es bloquear los paquetes que lleguen a este puerto. 
El puerto se cierra definitivamente dando de baja la aplicación que lo 
abre.


Saludos.
--
Miguel Da Silva
Administrador de Red
Centro de Matemática - http://www.cmat.edu.uy
Facultad de Ciencias - http://www.fcien.edu.uy
Universidad de la República - http://www.rau.edu.uy


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Cambiar Tema usplash

[mariodebian]

 Creo que usplash está siendo sustituido por splashy allá donde se usaba, y 
 los 
 temas de splashy son más sencillos de hacer. Ahora que splashy por fin 
 ha caído a testing igual funciona sin problemas.
 Si estás en etch no te lo recomiendo, da bastantes problemas.
 


He ledo esto mismo varias veces y no se de donde se ha sacado esa
noticia tan absurda.


Usplash es lo que usa Ubuntu por defecto y le da bastantes vueltas a
splashy sobre todo en mostrar texto o tiempos de espera, la única
ventaja de splashy es poder usar cualquier cosa como fondo, en ubuntu
está optimizado y el png de fondo de compila como una estructura de
caracteres.


Para cambiar el tema de usplash:

update-alternatives --config usplash-artwork.so

dpkg-reconfigure linux-image-$(uname -r)

(los .so hay que instalarlos con update-alternatives --install ...)


-- 
http://soleup.eup.uva.es/mariodebian


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Re: Configurar shorewall para un portátil: No cierra puertos

[Pedro Jose]

Muchas gracias por la respuesta. Al final lo que he echo ha sido coger
los archivos de ejemplo de shorewall para una interfaz, de manera que
se han quedado así:

/etc/shorewall/rules

Ping/REJECT net $FW
ACCEPT  $FW net icmp

/etc/shorewall/policy

$FW net ACCEPT
net $FW DROPinfo
net all DROPinfo
all all REJECT  info

/etc/shorewall/interfaces

net eth0detect  dhcp,tcpflags,logmartians,nosmurfs
net ath0detect  dhcp,tcpflags,logmartians,nosmurfs

/etc/shorewall/zones

fw  firewall
net ipv4

Lo que ocurre es que me da fallo shorewall.conf en la línea

SUBSYSLOCK=/var/lock/subsys/shorewall
He leído que en debian es en /var/state/shorewall, pero no tengo el
directorio state. La he comentado. ¿Es seguro hacerlo o tengo que
redirigir hacia otro archivo?

Se supone que debería tener filtrados todos los puertos, pero al hacer
nmap localhost:

Starting Nmap 4.53 ( http://insecure.org ) at 2008-04-17 14:52 CEST
SCRIPT ENGINE: rpcinfo.nse is not a file.
SCRIPT ENGINE: Aborting script scan.
Interesting ports on localhost (127.0.0.1):
Not shown: 1707 closed ports
PORTSTATE SERVICE VERSION
25/tcp  open  smtpExim smtpd 4.69
111/tcp open  rpcbind  2 (rpc #10)
113/tcp open  ident
139/tcp open  netbios-ssn Samba smbd 3.X (workgroup: ALDEA)
445/tcp open  netbios-ssn Samba smbd 3.X (workgroup: ALDEA)
631/tcp open  ipp CUPS 1.2
670/tcp open  unknown

Tengo muchos puertos abiertos. Luego, si ejecuto un escaneador de
puertos online, me detecta los puertos 23 y 80 abiertos, pero no sé
como cerrarlos, puesto que no tengo apache ni ningún servidor web
conectado.

¿Es mi configuración actual segura? ¿Qué tengo que hacer para filtrar
esos puertos y dejar el sistema más seguro?

Re: Cambiar Tema usplash

[Pedro Jose]

Una preguntilla, ¿se supone que usplash tiene que verse también al
apagar el ordenador? En ubuntu se ve, pero a mí en el portátil solo se
ve al iniciar, no al apagar.

Re: Configurar shorewall para un portátil: No cierra puertos

[Santiago José López Borrazás]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

El 17/04/08 15:07, Pedro Jose escribió:
(...)
 Lo que ocurre es que me da fallo shorewall.conf en la línea
 
 SUBSYSLOCK=/var/lock/subsys/shorewall He leído que en debian es en
 /var/state/shorewall, pero no tengo el directorio state. La he comentado.
 ¿Es seguro hacerlo o tengo que redirigir hacia otro archivo?

Pónlo como sigue:

SUBSYSLOCK=

Reinicia el Shorewall y ya está.

(...)
 Tengo muchos puertos abiertos. Luego, si ejecuto un escaneador de puertos
 online, me detecta los puertos 23 y 80 abiertos, pero no sé como
 cerrarlos, puesto que no tengo apache ni ningún servidor web conectado.

En cuanto a esto que comentas, es tu router, no tu sistema. Por lo tanto,
los puertos que están abiertos, son los que tienes de tu router, no de tu
sistema.

- --
Slds de Santiago José López Borrazás
Conocimientos avanzados en seguridad informática.
Conocimientos avanzados en redes.
-BEGIN PGP SIGNATURE-

iQIVAwUBSAdNjbuF9/q6J55WAQp/0w/+PQ9Rad8FGdb5IP52djwD3Oz9SUIdPDzH
CkcoNshtt1ml0oZxnXQyiBRMENViXwdMbCK4XGHrdZ5CJJJRoMr7w1D2L23vEqID
KzLmYg5t4zCOKN1FMVhc28xbu8QCKDne5QCpUEuxjh0Mktsze1YS7DuOX74d4XMQ
c2ilSiwCf6flnJ1wLDz3jYEwQlxCOJQ/60h9BM8Dad1e7Vd7MDDoPmXm4f1EovrG
62M2CQrt0mC5wILe4KfSfLXCUd5//cXnFk1ewL8+6yxNjQMxoJv7OY9X1itbIDzv
kHkYNILFLs+xzqOSK47DaFpsli0iZnNE2qHPdoT7hhO41IgpZ8Aw7aZQrRZWvI2N
ycaIEz+jLdfarIcBfbepS4de8UC28cp4r7sBBaKbzm5LgSwhFsUP24a17i5sbnNa
d0FmLJWp/RTEyedsY/rgXmd3I0Kcs4lz5F/zOKoPYTiMPtDLflHDFZX+rLqjIKSB
i9b17ICZrolKenBiJQl6YWebkpzYimgxIZy61MPn3jEAP4QWu+2IBzy1vtAB5xkX
fu8XxibBb/sk27Jzi7fmdEMhDMyACeuXHUNzK8EcO0cwReFWbqBCNwNv3ObLkgWO
37nf7Us9Ho0DuWgmh3tYRBQ6A86FW/x89F0JGurwThr3GzKD6WSlVwn2FdcAwRGk
YaRA8HSTSQ8=
=m1oE
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Cambiar Tema usplash

[mariodebian]

El jue, 17-04-2008 a las 15:09 +0200, Pedro Jose escribió:
 Una preguntilla, ¿se supone que usplash tiene que verse también al
 apagar el ordenador? En ubuntu se ve, pero a mí en el portátil solo se
 ve al iniciar, no al apagar.
 


Creo que es un fallo del script en Debian:

De /etc/init.d/usplash

(aprox línea 90)

  stop)
if grep -q splash /proc/cmdline; then
usplash_write TIMEOUT 15
fi
;;


Para que usplash se arranque cuando estamos apagando/reiniciando,
primero hay que tener en grub (# defoptions=vga=791 splash) y segundo
ese trozo de código debería ser algo como esto:

 stop)
if grep -q splash /proc/cmdline; then
[ -f /etc/usplash.conf ]  . /etc/usplash.conf
if [ $xres ]  [ $xres != 0 ]  \
   [ $yres ]  [ $yres != 0 ]; then
/sbin/usplash -c -x $xres -y $yres 
else
/sbin/usplash -c 
fi
sleep 1
/sbin/usplash_write PULSATE
/sbin/usplash_write TIMEOUT 15

fi
;;


Pruébalo.


-- 
http://soleup.eup.uva.es/mariodebian


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Re: Cambiar Tema usplash

[Jorge Barreiro Gonzalez]

O Xoves 17 Abril 2008 14:55, mariodebian escribiu:
  Creo que usplash está siendo sustituido por splashy allá donde se usaba,
  y los temas de splashy son más sencillos de hacer. Ahora que splashy por
  fin ha caído a testing igual funciona sin problemas.
  Si estás en etch no te lo recomiendo, da bastantes problemas.

 He ledo esto mismo varias veces y no se de donde se ha sacado esa
 noticia tan absurda.

Había sacado esa conclusión de aquí: 
http://ubuntuforums.org/showthread.php?p=3440101#post3440101
pero ahora q lo releo parece que simplemente es una encuesta entre usuarios y 
que los desarrolladores no tienen pensado cambiar nada.


 Usplash es lo que usa Ubuntu por defecto y le da bastantes vueltas a
 splashy sobre todo en mostrar texto o tiempos de espera, la única
 ventaja de splashy es poder usar cualquier cosa como fondo, en ubuntu
 está optimizado y el png de fondo de compila como una estructura de
 caracteres.


Ni idea de cual va mejor, mis intentos de instalar usplash en mi debian 
tampoco han conseguido nada bueno.

 Para cambiar el tema de usplash:

 update-alternatives --config usplash-artwork.so

 dpkg-reconfigure linux-image-$(uname -r)

 (los .so hay que instalarlos con update-alternatives --install ...)

Re: Configurar shorewall para un portátil: No cierra puertos

[Miguel Da Silva - Centro de Matemática]

Pedro Jose escribió:

Muchas gracias por la respuesta. Al final lo que he echo ha sido coger
los archivos de ejemplo de shorewall para una interfaz, de manera que
se han quedado así:

/etc/shorewall/rules

Ping/REJECT net $FW
ACCEPT  $FW net icmp

/etc/shorewall/policy

$FW net ACCEPT
net $FW DROPinfo
net all DROPinfo
all all REJECT  info

/etc/shorewall/interfaces

net eth0detect  dhcp,tcpflags,logmartians,nosmurfs
net ath0detect  dhcp,tcpflags,logmartians,nosmurfs

/etc/shorewall/zones

fw  firewall
net ipv4

Lo que ocurre es que me da fallo shorewall.conf en la línea

SUBSYSLOCK=/var/lock/subsys/shorewall
He leído que en debian es en /var/state/shorewall, pero no tengo el
directorio state. La he comentado. ¿Es seguro hacerlo o tengo que
redirigir hacia otro archivo?

Se supone que debería tener filtrados todos los puertos, pero al hacer
nmap localhost:

Starting Nmap 4.53 ( http://insecure.org ) at 2008-04-17 14:52 CEST
SCRIPT ENGINE: rpcinfo.nse is not a file.
SCRIPT ENGINE: Aborting script scan.
Interesting ports on localhost (127.0.0.1):
Not shown: 1707 closed ports
PORTSTATE SERVICE VERSION
25/tcp  open  smtpExim smtpd 4.69
111/tcp open  rpcbind  2 (rpc #10)
113/tcp open  ident
139/tcp open  netbios-ssn Samba smbd 3.X (workgroup: ALDEA)
445/tcp open  netbios-ssn Samba smbd 3.X (workgroup: ALDEA)
631/tcp open  ipp CUPS 1.2
670/tcp open  unknown

Tengo muchos puertos abiertos. Luego, si ejecuto un escaneador de
puertos online, me detecta los puertos 23 y 80 abiertos, pero no sé
como cerrarlos, puesto que no tengo apache ni ningún servidor web
conectado.

¿Es mi configuración actual segura? ¿Qué tengo que hacer para filtrar
esos puertos y dejar el sistema más seguro?


Estos puertos son los básicos de una instalación que tenga Samba, CUPS 
y Exim.


Seguramente (o casi seguramente) no necesitarás Exim, así que lo podés 
sacar de tu sistema (creo que al intentar esto te contesta el sistema 
que lo sustituirá por un cliente smtp más liviano).


Bueno... si el shorewall está levantado y funcionando, no te preocupes, 
o mejor dicho, te preocupes menos. Iptables estará haciendo su trabajo y 
no deberías tener problemas.


Shorewall solo lo conozco de nombre. En casa terminé haciendo el 
firewall a mano con las reglas que me parecieron conveniente y está 
funcionando bien. :)


Enfin, para resumir... si las reglas de Iptables (ejecutando iptables 
-L) te muestra lo que configuraste con Shorewall, entonces listo. Es 
cuestión de estar un poco atento y disfrutar de tu conexión.


Saludos.
--
Miguel Da Silva
Administrador de Red
Centro de Matemática - http://www.cmat.edu.uy
Facultad de Ciencias - http://www.fcien.edu.uy
Universidad de la República - http://www.rau.edu.uy


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: GrubGFX

[Esclarecio]

Hola,

Eso me ha ocurrido en 2 situaciones:

1.)Cuando intento usar x86 sobre x86_64.

2.)Grub no se queria instalar con grub-install  Tube que entrar en
consola ejecutar grub y luego introducir los comandos a mano root -
hd


No se si esto te servira de algo.

2008/4/17, Alien Torres [EMAIL PROTECTED]:
 Uso Lenny y he instentado instalar GrubGFX y recibo el siguiente error:

  dpkg -i grub-gfxboot_0.97-5_i386.deb

  grub-install /dev/sda6
  The file /boot/grub/stage1 not read correctly.

  Alguien sabe porque sucede esto???

  Salu2
  Alien!


  --
  To UNSUBSCRIBE, email to
 [EMAIL PROTECTED]
  with a subject of unsubscribe. Trouble? Contact
 [EMAIL PROTECTED]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Configurar shorewall para un portátil: No cierra puertos

[Pedro Jose]

Hola:

Una preguntilla: ¿Donde guarda shorewall los logs? ¿Hay algún
front-end que te muestre los avisos en el escritorio? Solo encuentro
shorewall-init.log en /var/log, pero solo muestra el inicio del
cortafuegos, no los mensajes de el. Por otra parte, aunque esta regla
DROP fw $FW tcp 111 por ejemplo es la que funciona, ¿qué quiere decir?
Porque yo la he puesto por descarte, porque en realidad no entiendo
muy bien su significado. Entiendo cortar del firewall al firewall, y
no la veo muy lógica. ¿Cómo se escribiría una regla que me cortase el
acceso a un puerto desde fuera de la máquina pero no lo cortase
accediendo desde la misma máquina. Por ejemplo, que yo me pudiese
conectar a cups con localhost:631 pero alguien de mi red no.

En cuanto a Exim, es curioso, pero no lo tengo instalado, ¿porqué me aparecera?


  Estos puertos son los básicos de una instalación que tenga Samba, CUPS y
 Exim.

  Seguramente (o casi seguramente) no necesitarás Exim, así que lo podés
 sacar de tu sistema (creo que al intentar esto te contesta el sistema que lo
 sustituirá por un cliente smtp más liviano).

  Bueno... si el shorewall está levantado y funcionando, no te preocupes, o
 mejor dicho, te preocupes menos. Iptables estará haciendo su trabajo y no
 deberías tener problemas.

  Shorewall solo lo conozco de nombre. En casa terminé haciendo el firewall a
 mano con las reglas que me parecieron conveniente y está funcionando bien.
 :)

  Enfin, para resumir... si las reglas de Iptables (ejecutando iptables -L)
 te muestra lo que configuraste con Shorewall, entonces listo. Es cuestión de
 estar un poco atento y disfrutar de tu conexión.


  Saludos.
  --
  Miguel Da Silva
  Administrador de Red
  Centro de Matemática - http://www.cmat.edu.uy
  Facultad de Ciencias - http://www.fcien.edu.uy
  Universidad de la República - http://www.rau.edu.uy


  --
  To UNSUBSCRIBE, email to
 [EMAIL PROTECTED]
  with a subject of unsubscribe. Trouble? Contact
 [EMAIL PROTECTED]




-- 
Saludos,


Pedro

Error del reloj de sistema al arrancar Lenny

[Pedro Jose]

Hola:

Al arrancar Lenny me da este fallo dos veces:

Setting the system clock
select() to /dev/rtc to wait for clock tick timed out
Unable to set system clock (y aquí me pone la fecha)

Revisando /var/log/syslog me aparecen un monton de estos avisos todos los días:

kernel: Time: tsc clocksource has been installed
kernel: Time: hpet clocksource has been installed
kernel: hpet clockevent registered

El caso es que en gnome el reloj se muestra bien. He intentado
cambiarlo en la BIOS, pero no se por qué no me deja cambiarla. Puede,
que al ser un portatil, esté protegida esa opción.

¿Son importantes esos avisos? ¿Qué puedo hacer para eliminarlos?

-- 
Saludos,


Pedro

Error de iptables

[Pedro Jose]

A la vista del warning que me dio rkhunter con pulseaudio, revisando
logs he visto esto:

pulseaudio[3836]: main.c: Called SUID root and real-time/high-priority
scheduling was requested in the configuration. However, we lack the
necessary priviliges:
pulseaudio[3836]: main.c: We are not in group 'pulse-rt' and PolicyKit
refuse to grant us priviliges. Dropping SUID again.
pulseaudio[3836]: main.c: For enabling real-time scheduling please
acquire the appropriate PolicyKit priviliges, or become a member of
'pulse-rt', or increase the RLIMIT_NICE/RLIMIT_RTPRIO resource limits
for this user.
pedro-portatil pulseaudio[3836]: main.c: setrlimit(RLIMIT_NICE, (31,
31)) failed: Operación no permitida
pulseaudio[3836]: main.c: setrlimit(RLIMIT_RTPRIO, (9, 9)) failed:
Operación no permitida

¿Qué significa? ¿Está comprometido pulseaudio? ¿Es un bug?



-- 
Saludos,


Pedro

¿Pulseaudio intenta conectarte como root?

[Pedro Jose]

Perdón por el anterior mensaje, me equivoqué en el título. Lo cambio en este:

A la vista del warning que me dio rkhunter con pulseaudio, revisando
 logs he visto esto:

 pulseaudio[3836]: main.c: Called SUID root and real-time/high-priority
 scheduling was requested in the configuration. However, we lack the
 necessary priviliges:
 pulseaudio[3836]: main.c: We are not in group 'pulse-rt' and PolicyKit
 refuse to grant us priviliges. Dropping SUID again.
 pulseaudio[3836]: main.c: For enabling real-time scheduling please
 acquire the appropriate PolicyKit priviliges, or become a member of
 'pulse-rt', or increase the RLIMIT_NICE/RLIMIT_RTPRIO resource limits
 for this user.
 pedro-portatil pulseaudio[3836]: main.c: setrlimit(RLIMIT_NICE, (31,
 31)) failed: Operación no permitida
 pulseaudio[3836]: main.c: setrlimit(RLIMIT_RTPRIO, (9, 9)) failed:
 Operación no permitida

 ¿Qué significa? ¿Está comprometido pulseaudio? ¿Es un bug?



 --
 Saludos,



 Pedro


-- 
Saludos,


Pedro

Ayuda DNS/BIND

[Fidel Domínguez Valero]

Hola amigos
Quisiera aprender a configurar un DNS y no tengo ninguna referencia al
respecto, si alguien me pudiera dar el link o mandarme por correo
algun manual para lograr esto lo agradeceria

Gracias de antemano
Salu2

fide

-- 
_
Admin. de Red
Fidel Domínguez Valero
Jabber UID: [EMAIL PROTECTED]
GNU/LINUX User #433411

Re: Ayuda DNS/BIND

[Adrian Chapela]

Fidel Domínguez Valero escribió:

Hola amigos
Quisiera aprender a configurar un DNS y no tengo ninguna referencia al
respecto, si alguien me pudiera dar el link o mandarme por correo
algun manual para lograr esto lo agradeceria
  

Es lo que me aparece poniendo en google bind.

http://www.isc.org/index.pl?/sw/bind/index.php

Gracias de antemano
Salu2

fide

  



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Error del reloj de sistema al arrancar Lenny

[Marcel Rodolfo Sanchez Gongora]

El jue, 17-04-2008 a las 18:49 +0200, Pedro Jose escribió:
 Hola:
 
 Al arrancar Lenny me da este fallo dos veces:
 
 Setting the system clock
 select() to /dev/rtc to wait for clock tick timed out
 Unable to set system clock (y aquí me pone la fecha)
 
 Revisando /var/log/syslog me aparecen un monton de estos avisos todos los 
 días:
 
 kernel: Time: tsc clocksource has been installed
 kernel: Time: hpet clocksource has been installed
 kernel: hpet clockevent registered
 
 El caso es que en gnome el reloj se muestra bien. He intentado
 cambiarlo en la BIOS, pero no se por qué no me deja cambiarla. Puede,
 que al ser un portatil, esté protegida esa opción.

El problema es introducido por el kernel 2.6.24 o al menos a mi me
sucedía con este kernel y no con los anteriores. Solución que quede
con 2.6.22 que está más estable que el primero.

-- 
Marcel Sánchez Góngora
Debian Lenny GNU/Linux
Linux User #382151
Est. IV año
Universidad de las Ciencias Informáticas
Mañana te darás cuenta que hoy no sabes nada


signature.asc
Description: Esta parte del mensaje está firmada	digitalmente

Re: Error del reloj de sistema al arrancar Lenny

[Santiago José López Borrazás]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

El 17/04/08 19:45, Marcel Rodolfo Sanchez Gongora escribió:
 El problema es introducido por el kernel 2.6.24 o al menos a mi me
 sucedía con este kernel y no con los anteriores. Solución que quede
 con 2.6.22 que está más estable que el primero.

Yo tengo kernel 2.6.24.3-1 (compilado por mí), y no he visto ni ese
problema. De hecho, tengo NTP.

- --
Slds de Santiago José López Borrazás
Conocimientos avanzados en seguridad informática.
Conocimientos avanzados en redes.
-BEGIN PGP SIGNATURE-

iQIVAwUBSAedOruF9/q6J55WAQpHPA//QCOIqRdO/AJkZOwIyX5OaAV17oEKed2S
+yaqAhavXsc6CUlmQo4cDJ84PVvXwXwUWOroqsFZ3KQVGWk0UlpeI8Xq50yBbaFb
VyJ5dJBZEul0G+uLIJvaR18B2ESCceyfBTy+gpbctsVmlY/3vRsa32638S5oz3oH
mwxo/FwI+WufGKTtVrkvi5vAVVWt5tE9b7qfR+5B+fVyRII7Pw3S2E9nGyVYPDHd
M7eww9zpsiLuaUWBERI7BekVp0GMThAm8Ynl7tTBZnCnsOZez5Oq/E1PUJS4FLz1
ct1CLoB3pd1cSlkvgLj4HZcVi2I/41+Q59DDTBEwI6dPWCrdbLOb5QWNRU7LVAJs
vdfoci+Q0b0frOISpboEcLlTaBp/jCr9PnDR7qSzFjSNmdjz4B3wr/F3vRNntnlW
VpXHywbwiVXr5nlQi9p1SnYc4EwDJtpAvx2SOry80OJxYC/7rh8gZLq4EcDs7k+f
9yi0iYzoBRuga1ruGVjX+wX7S6ivTAkWeJJ9Af5Seunl1unzTzwZXkzUW+R+0ZuP
gc/5trhF3IczAU8iQkdIGq2XMYiBa+97636aBkzbgX3lQmaXdieh7/H2FLHzgcT7
l4GIFTkDnsOS0hpdlyX5Iq0Bl437oLsUlS9J94CE5JHKoBz1EuGEARW7aBAdRGQ0
x2TbQzlc5Hc=
=VG4o
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Error del reloj de sistema al arrancar Lenny

[mrsanchez]

El jue, 17-04-2008 a las 20:55 +0200, Santiago José López Borrazás
escribió:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512
 
 El 17/04/08 19:45, Marcel Rodolfo Sanchez Gongora escribió:
  El problema es introducido por el kernel 2.6.24 o al menos a mi me
  sucedía con este kernel y no con los anteriores. Solución que quede
  con 2.6.22 que está más estable que el primero.
 
 Yo tengo kernel 2.6.24.3-1 (compilado por mí), y no he visto ni ese
 problema. De hecho, tengo NTP.
Quizás sea por este ultimo detalle... el kernel no esta tomando la hora
del BIOS sino de servidores de tiempo. En mi caso el error lo da
intentado tomar la hora del sistema

Re: Cambiar Tema usplash

[Pedro Jose]

Hola:

Pues lo he probado, he vuelto a general el initdr, he reiniciado, he
vuelto a reiniciar, pero sigo sin verlo al apagar el ordenador.

El 17/04/08, mariodebian [EMAIL PROTECTED] escribió:
 El jue, 17-04-2008 a las 15:09 +0200, Pedro Jose escribió:

  Una preguntilla, ¿se supone que usplash tiene que verse también al
   apagar el ordenador? En ubuntu se ve, pero a mí en el portátil solo se
   ve al iniciar, no al apagar.
  



 Creo que es un fallo del script en Debian:

  De /etc/init.d/usplash

  (aprox línea 90)

   stop)
 if grep -q splash /proc/cmdline; then
 usplash_write TIMEOUT 15
 fi
 ;;


  Para que usplash se arranque cuando estamos apagando/reiniciando,
  primero hay que tener en grub (# defoptions=vga=791 splash) y segundo
  ese trozo de código debería ser algo como esto:

   stop)
 if grep -q splash /proc/cmdline; then
 [ -f /etc/usplash.conf ]  . /etc/usplash.conf
 if [ $xres ]  [ $xres != 0 ]  \
[ $yres ]  [ $yres != 0 ]; then
 /sbin/usplash -c -x $xres -y $yres 
 else
 /sbin/usplash -c 
 fi
 sleep 1
 /sbin/usplash_write PULSATE
 /sbin/usplash_write TIMEOUT 15

 fi
 ;;


  Pruébalo.



  --
  http://soleup.eup.uva.es/mariodebian




-- 
Saludos,


Pedro

Re: Error del reloj de sistema al arrancar Lenny

[Santiago José López Borrazás]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

El 17/04/08 21:19, mrsanchez escribió:
 Quizás sea por este ultimo detalle... el kernel no esta tomando la hora
 del BIOS sino de servidores de tiempo. En mi caso el error lo da
 intentado tomar la hora del sistema

Eso se puede comprobar con varias cosas.

Mira y revisa el fichero /etc/adjtime

TAl como esto:

0.00 1208460768 0.00
1208460768

Si en las primeras cifras, que tienes de mi fichero /etc/adjtime no aparecen
con los '0' correctamente, editalo y haz esto:

hwclock --systohc

Si no te lo hace, y tienes problemas, ponlo bien, y luego haz:

hwclock --hctosys

En mi caso está funcionando perfectamente, y no tengo desincronizaciones
horarias.

Yo hago ahora mismo:

[EMAIL PROTECTED]:~# hwclock --systohc
[EMAIL PROTECTED]:~#

Y luego:

[EMAIL PROTECTED]:~# cat /etc/adjtime
0.00 1208462204 0.00
1208462204
LOCAL
[EMAIL PROTECTED]:~#

Y todo O.K.

- --
Slds de Santiago José López Borrazás
Conocimientos avanzados en seguridad informática.
Conocimientos avanzados en redes.
-BEGIN PGP SIGNATURE-

iQIVAwUBSAerlbuF9/q6J55WAQq4Ng/+KHgThRQt/sgjk12CauG03M1TPHErjHhD
ySRzn1SV2FrEgdQ8HRZh6xONF1yj8KGwqg8M/I2/3o7FAeZaFXnciQjO6QmK2rxw
DGTLR1dTC8Ub8cJYjG5r+U8+WLD5rrhUXJUcLQ5O2moX6EB6BvxtuX574QM/Nbrc
ifET08esq6XqwuroUKRia1mIqziWslmmVLdqf4tEF+eLHJbWEOeDmX4mm/RVnQSQ
Z3+uPgmBHWCAUF1aK6wlXgKPf1L24ewOb5TUfM7/YMF2F24gJQZRifUeXs1aZ5az
nlMLZ8/B9J+m+B233NnPnwr9pkVBfh4gtslVHWooxzvTnHNgYmfwG915YNJi650d
dmpn77Pf6fNdRgisb84MZ1+UEww7X8EINuZwoMVaS69VJqZ7OatFDQM4n1uFMGgi
+9IoF2k930hO0a2dScevhN6Im4wWh0bIkEFBbP+sAzwxz9rAMQVQt1rZwYLYmwKg
0J7tAQZj4TfQ73z7FPrg9wF75/DoUFXfdG5K6nz0MtuZyyUW3hiy1nTrbah+ZBkD
3oBRWwln54xVU3szz/ZO3fAZ2v8S9XGKHedlsO82MAAEwY59wfsMsmssnkID5Y2K
kg50RljRUzT1WW6peuX9AVASmpNvg4SSScteMjPoNG/+ZJqhL7yXhrFduq25f9nq
LaBtw9CEGho=
=a1NX
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: ¿Pulseaudi o intenta conectarte como root?

[Luis Rodrigo Gallardo Cruz]

On Thu, Apr 17, 2008 at 06:52:47PM +0200, Pedro Jose wrote:
 Perdón por el anterior mensaje, me equivoqué en el título. Lo cambio en este:
 
 A la vista del warning que me dio rkhunter con pulseaudio, revisando
  logs he visto esto:
 
  pulseaudio[3836]: main.c: Called SUID root and real-time/high-priority
  scheduling was requested in the configuration. However, we lack the
  necessary priviliges:
  [ y más mensajes del estilo ]
 
  ¿Qué significa? ¿Está comprometido pulseaudio? ¿Es un bug?

Pulseaudio intenta usar la prioridad 'realtime' para asegurar que no
hay cortes en el audio por que otro proceso lo interrumpe. Pero para
poder usar esa prioridad es necesario que el proceso corra como root y
algunas otras condiciones. Los mensajes que estás recibiendo lo que
avisan es que las condiciones no se cubren y por lo tanto pulseaudio
no podrá usar esa prioridad. Nada de que preocuparse, a menos que
hagas edición de audio.


signature.asc
Description: Digital signature

Re: Cambiar Tema usplash

[Moises Brenes]

Que tal!

He instalado usplash con el tema de 'Debian' para probarlo en Debian
Lenny, y trabaja correctamente.

@@

El asunto es que no he podido cambiar el skin por defecto por uno
personalizado y que trabaje correctamente.

@@

Ya que, al arrancar desde el menu del GRUB me sale con que :

 usplash: No usable theme found for 1024x768
 screen Init Failed

@@

Despues de mucho rato con esto, instale el usplash-switcher(para saber
si el problema esta en el tema en si o en el procedimiento que lleve a
cabo para instalarlo/configurarlo) e intente cargar la aplicacion y me
sale con este mensaje :

 Loading /usr/lib/usplash/sibu-theme.so failed:
/usr/lib/usplash/sibu-theme.so: undefined symbol: usplash_theme

@@
He utilizado una imagen en varios formatos :

png en 1024x768 con paleta de 16 colores
png en 800x600 con paleta de 16 colores
png en 640x480 con paleta de 16 colores

@@
Hasta he cambiado la conf. en /etc/usplash.conf(los valores x,y) por
cada imagen que utilice, tambien los parametros para cargar la imagen
del kernel:

 vga=791 (788 y 785 respectivamente) quiet splash


Este es el procedimiento que he seguido por cada ocacion que he
intentado crear un tema:

$ pngtobogl usplash-artwork.png  usplash-artwork.c

$ gcc -Os -g -I/usr/include/bogl -fPIC -c usplash-artwork.c -o usplash-artwork.o

$ gcc -shared -Wl,-soname,usplash-artwork.so usplash-artwork.o -o sibu-theme.so

# cp sibu-theme.so /usr/lib/usplash/sibu-theme.so

# update-alternatives --install /usr/lib/usplash/usplash-artwork.so
usplash-artwork.so /usr/lib/usplash/sibu-theme.so  55

# update-alternatives --config usplash-artwork.so

...
Hay 2 alternativas que proveen `usplash-artwork.so'.

  Selección Alternativa
---
  1/usr/lib/usplash/debian-theme.so
 *+2/usr/lib/usplash/sibu-theme.so
...

# dpkg-reconfigure linux-image-$(uname -r)



-- 
シャカ
mbrenes.blogspot.com | sibu.homelinux.org
debian gnu/linux

Para que no se me olvide http://wiki.debian.org/Normas_Lista_Gmail

Re: Error del reloj de sistema al arrancar Lenny

[Santi Saez]

Pedro Jose escribió:

Hola:

Al arrancar Lenny me da este fallo dos veces:

Setting the system clock
select() to /dev/rtc to wait for clock tick timed out
Unable to set system clock (y aquí me pone la fecha)

Revisando /var/log/syslog me aparecen un monton de estos avisos todos los días:

kernel: Time: tsc clocksource has been installed
kernel: Time: hpet clocksource has been installed
kernel: hpet clockevent registered

El caso es que en gnome el reloj se muestra bien. He intentado
cambiarlo en la BIOS, pero no se por qué no me deja cambiarla. Puede,
que al ser un portatil, esté protegida esa opción.

¿Son importantes esos avisos? ¿Qué puedo hacer para eliminarlos?
  


Hola Pedro,

¿Que placa base tienes? En algunos servidores de DELL y de Apple, ocurre 
ese problema, es ya conocido y existe forma para callarlo en Debian, 
te paso un enlace que te podrá ser de interés:


* hwclock: select() to /dev/rtc to wait for clock tick timed out
http://woop.es/index.php/topic,16.0.html

Saludos,

--
Santi SAez


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

squid

[Bayardo Sanchez]

necesito hacer un acl que me permita solo visitar unas 10 paginas web y el
resto bloquearlas

-- 
Bayardo Sánchez García
Web Developer - Internet Portals
Linux User: #418392
Ubuntu User #14171
Kernel 2.6.20-15-server
MINED- Las Plamas, NI (505) 266-7395
America Central - Managua, NI (505) 249-2853 -  4886876
Blog:http://d3b14n.wordpress.com/
IM msn messenger: [EMAIL PROTECTED]

Re: squid

[Ricardo Eureka!]

2008/4/17, Bayardo Sanchez [EMAIL PROTECTED]:
 necesito hacer un acl que me permita solo visitar unas 10 paginas web y el
 resto bloquearlas


Y que necesitas de esta lista?

 --
 Bayardo Sánchez García
 Web Developer - Internet Portals
 Linux User: #418392
 Ubuntu User #14171
  Kernel 2.6.20-15-server
 MINED- Las Plamas, NI (505) 266-7395
 America Central - Managua, NI (505) 249-2853 -  4886876
 Blog:http://d3b14n.wordpress.com/
 IM msn messenger: [EMAIL PROTECTED]


-- 
Ricardo A.Frydman
Administrador de Sistemas Unix Semi-Senior

Re: squid

[Bayardo Sanchez]

Bueno no manejo mucho el squid en mi empresa todas las pc estan con dhcp son
250 pc con el squid quiero restringir todas las paginas web y dejar una
lista de solo las que necesito que miren igual dejar a 4 pc que solo accesen
a messenger de ahi que ninguna pueda accesar. agradeceria mucho su ayuda

2008/4/17, Ricardo Eureka! [EMAIL PROTECTED]:

 2008/4/17, Bayardo Sanchez [EMAIL PROTECTED]:

  necesito hacer un acl que me permita solo visitar unas 10 paginas web y
 el
  resto bloquearlas
 


 Y que necesitas de esta lista?

  --

  Bayardo Sánchez García
  Web Developer - Internet Portals
  Linux User: #418392
  Ubuntu User #14171
   Kernel 2.6.20-15-server
  MINED- Las Plamas, NI (505) 266-7395
  America Central - Managua, NI (505) 249-2853 -  4886876
  Blog:http://d3b14n.wordpress.com/
  IM msn messenger: [EMAIL PROTECTED]



 --
 Ricardo A.Frydman
 Administrador de Sistemas Unix Semi-Senior




-- 
Bayardo Sánchez García
Web Developer - Internet Portals
Linux User: #418392
Ubuntu User #14171
Kernel 2.6.20-15-server
MINED- Las Plamas, NI (505) 266-7395
America Central - Managua, NI (505) 249-2853 -  4886876
Blog:http://d3b14n.wordpress.com/
IM msn messenger: [EMAIL PROTECTED]

formatear memoria

[Reiniel Gonzalez Martinez]

Espero que alguien me ayude. Cuales son los comandos que podria utilizar para 
formatear mi mp3. 

No me pinchaba lo del manual, infle e instale FreeBsD

RES: SAMBA + LDAP

[Rogério Oliveira Naressi]

  Thiago,

  Uso aqui na empresa Debian Etch, LDAP e Samba.
  Quando instalei fiz uma cola para lembrar o que foi feito, segue no final
para dar uma olhada.
  Lógico que não é um material didático, mas acho que vai ser útil

  Rogério Naressi

Instituto de Pesquisas e Estudos Florestais - 40 anos
Avenida Pádua Dias, 11 - 13.400-970 - Piracicaba, SP
Caixa Postal 530 - Telefone: (19) 2105-8620
Visite nosso site: http://www.ipef.br 
  
___
De: Thiago [mailto:[EMAIL PROTECTED] 
Enviada em: quarta-feira, 16 de abril de 2008 18:59
Para: debian-user-portuguese@lists.debian.org
Assunto: SAMBA + LDAP

Boa noite pessoal, tudo bem? 
Estive lendo a lista de discurssão mas ainda não consigo fazer com que tanto
Clientes Linux e Windows se conectem em um Servidor Linux (Debian). Vocês
podem me indicar algum endereço ou me passar alguma apostila onde ensine
como eu possa fazer tudo (Configurar Servidor com Samba, LDAP e PAM; E os
Clientes WINDOWS e LINUX (UBUNTU) )?
Espero contar com a ajuda de vocês.
Até mais pessoal,
--

I N S T R U Ç Õ E S
===

Apache, PHP, PHPLdapAdmin:
- apt-get install apache2 apache2-doc ssl-cert
- incluir AddDefaultCharset ISO-8859-1 em /etc/apache2/conf.d/charset
- mkdir /etc/apache/ssl
- acrescentado -days 365 no script make-ssl-cert
- make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem 
- a2enmod ssl authnz_ldap
- Listen 443 em /etc/apache2/ports.conf
- configurar arquivo defaul do apache conforme desejado
- apt-get install php5 php-pear php5-ldap
- apt-get install phpldapadmin libapache2-mod-php5
- /etc/php5/apache2/php.ini incluir extension=ldap.so
- /etc/phpldapadmin/config.php definir $ldapservers-...('dc=aaa,dc=bbb') e
não usar tls

Certificado (instrucoes openLDAPsegura):
- apt-get install openssl
- /usr/lib/ssl/openssl.cnf definir unique_subject = no
- mkdir /root/certificados e copiar script para gerar
- /usr/lib/ssl/misc/CA.sh -newca
- openssl req -new -nodes -keyout newreq.pem -out newreq.pem
- /usr/lib/ssl/misc/CA.sh -sign
- cp demoCA/cacert.pem /etc/ldap/certificados/cacert.pem
- cp newcert.pem /etc/ldap/certificados/servercrt.pem
- cp newreq.pem /etc/ldap/certificados/serverkey.pem
- chmod 644 /etc/ldap/certificados/serverkey.pem

OpenLDAP:
- apt-get install slapd ldap-utils db4.2-util
- dpkg-reconfigure slapd
  Omit OpenLDAP server configuration? NO
  DNS domain name: aaa.bbb
  Name of your organization: AAA
  Database backend to use: BDB
  Do you want your database to be removed when slapd is purged? NO
  Move old database? YES
  Allow LDAPv2 protocol? NO
- instrucoes itens 1 a 4 LDAP /usr/share/doc/smbldap-tools/README.Debian
- /etc/ldap/slapd.conf 
  - TLSCACertificateFile /etc/ldap/certificados/cacert.pem
  - TLSCertificateFile /etc/ldap/certificados/servercrt.pem
  - TLSCertificateKeyFile /etc/ldap/certificados/serverkey.pem
- /etc/default/slapd:
  - SLAPD_CONF=/etc/ldap/slapd.conf
  - SLAPD_SERVICES=ldap://127.0.0.1:389/ ldaps://ip_do_seu_servidor:636/
ldapi:
- /etc/ldap/ldap.conf:
  - PORT 636
  - TLS_CACERT /etc/ldap/certificados/cacert.pem
  - TLS_REQCERT demand
 
Samba, smbldap-tools:
- apt-get install samba samba-doc smbldap-tools
- instrucoes itens 1 a 5 SAMBA /usr/share/doc/smbldap-tools/README.Debian
- net getlocalsid SID para pegar o SID
- instrucoes itens 1 a 5 SMBLDAP-TOOLS
/usr/share/doc/smbldap-tools/README.Debian
- ldaptls=1 (alterar certificado)
- smbldap-populate

Acesso:
- apt-get install libnss-ldap nscd libpam-ldap
- dpkg-reconfigure libnss-ldap
  LDAP server Uniform Resource Identifier: ldap://127.0.0.1/
  Distinguished name of the search base: dc=aaa,dc=bbb
  Does the LDAP database require login? no
  Special LDAP privileges for root? yes 
  Make the configuration file readable/writeable by its owner only? yes
- alterar /etc/nsswitch.conf: acrescentar ldap na frente de passwd, group
  (exemplo: /usr/share/doc/libnss-ldap/examples/nsswitch.ldap)
- dpkg-reconfigure libpam-ldap
  LDAP server Uniform Resource Identifier: ldap://127.0.0.1/
  Distinguished name of the search base: dc=aaa,dc=bbb
  Make local root Database admin: yes
  Does the LDAP database require login? no
  Local crypt to use when changing passwords. crypt
- alterar /etc/pam.d/common-{account,auth,password} (item 6 site
www.nomis52.net)


Material para consulta:
http://www.debian-administration.org/articles/349
http://www.ldap.org.br/modules/ldap/files/files///openldap+tls-ssl.pdf
http://www.nomis52.net/?section=docspage=samldap

Re: modulos

[Gunther Furtado]

2008/4/16, Sylvio Dias Jacome [EMAIL PROTECTED]:

  olá, tentando fazer a webcam funcionar aqui ficou um monte de modulos 
 instalados, do driver spca5xx, gspca.
  como faço para remove-los?



Verifique se no diretório /usr/src existem arquivos que começam com
spca5xx e gspca e que terminem por .deb e envie o comando, como
root:

# dpkg --purge spca5xx* gspca*

Abraço,

-- 
Gunther Furtado
[EMAIL PROTECTED]

Re: DMI info

[Bruno Schneider]

On Fri, Apr 11, 2008 at 9:45 AM, Marcelo Laia wrote:

  Estou examinando o DMESG do meu micro e encontrei as informacoes
  abaixo e nao sei o que fazer com elas.

  ACPI: DMI System Vendor: Dell Inc.
  ACPI: DMI Product Name: Latitude D630
  ACPI: DMI Product Version:
  ACPI: DMI Board Name: 0KU184
  ACPI: DMI BIOS Vendor: Dell Inc.
  ACPI: DMI BIOS Date: 01/30/2008
  ACPI: Please send DMI info above to [EMAIL PROTECTED]
  ACPI: If acpi_osi=Linux works better, please notify [EMAIL PROTECTED]

  Ele esta sugerindo que eu use acpi_osi=Linux em algum local que eu
  nao sei onde. Alem disso, se ele sugere que eu envie a saida para o
  e-mail, entao ha algo de errado?


Não está sugerindo que use acpi_osi=Linux. Está dizendo que se ***
funcionar melhor com esse parâmetro, seria bom você notificar o
endreço em questão. Isso certamente é um parâmetro a ser passado para
o kernel no boot via grub ou lilo.

Acredito que você cortou a parte mais importante do texto, que falaria
que um problema foi encontrado. Lendo esse trecho eu não identifico
nenhum aviso de problema.

Antes de prosseguir, sugiro ler
http://en.wikipedia.org/wiki/Desktop_Management_Interface .

-- 
Bruno Schneider
http://www.dcc.ufla.br/~bruno/

Re: lentidão na resolução de nomes

[Marcello Barreto de Medeiros]

Olá Fábio,
fico grato com a dica, mas como mostrei nos testes, não aparenta ser um 
problema de bloqueio de ICMP nem tampouco server com carga alta. O load Average 
do server fica o tempo todo em zero e o consumo de rede dele não chega a 1 Mb/s.

Citando mais uma vez os testes, você pode ver que quando pingo o google 
pelo nome, ao enviar 10 pacotes demorou mais de 50 segundos e pingando somente 
o IP demorou menos de 10 segundos. Mas, note também que o tempo de resposta é o 
mesmo, algo em torno de 200ms.

On Thu, 17 Apr 2008 09:49:21 -0300
Fábio Rabelo [EMAIL PROTECTED] wrote:

 Marcello Barreto de Medeiros escreveu:
  Olá Pessoal,
  tenho um problema de lentidão em resolução de nomes há algum tempo e 
  não vejo onde está o problema. A configuração do bind não tem nenhuma 
  modificação, apenas o padrão após apt-get install bind9 e chrooted em 
  /var/lib/named.

 Bom dia ...
 Lentidão no ping não significa lentidão na resolução de nomes 
 Se houvesse algum atraso na resolução de nomes o que ocorreria seria um 
 longo tempo entre o enter apoós o comando ping e o início das linhas 
 com o resultado ...
 Este atraso no ping pode ter várias origens, as mais comuns são :
 Falta de banda = muitos provedores de acesso fazem traffic shaping o 
 que limita a sua banda de acesso, e consequentemente os pacotes de icmp 
 são os mais afetados por terem baixa prioridade nos roteadores .
 Roteadores mau configurados = Como no caso anterior, como os pacotes 
 icmp tem prioridade baixa eles são os que mais sofrem atrasos nos casos 
 em que os roteadores não foram devidamente configurados ( a Telefonica 
 no municipio de São Paulo é um caso gritante deste problema !!! ) .
 Servidor lento na resposta = muitos servidores de alto tráfego levam 
 muito tempo para responder a um ping, isto é absolutamente normal ...
 
 Tente pingar neste endereço : matrox.com
 
 os tempos típicos de resposta aquí em casa ( São Paulo, SP com ajatom ) 
 é de 70 ms .
 
 Fábio Rabelo
 
  Abaixo segue uma amostra do problema:
 
  [EMAIL PROTECTED]:/home/marcello# time ping www.google.com.br -c 10
  PING www.l.google.com (64.233.169.104) 56(84) bytes of data.
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=1 ttl=236 
  time=212 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=2 ttl=236 
  time=215 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=3 ttl=236 
  time=228 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=4 ttl=236 
  time=202 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=5 ttl=236 
  time=205 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=6 ttl=236 
  time=258 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=7 ttl=236 
  time=227 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=8 ttl=236 
  time=259 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=9 ttl=236 
  time=428 ms
  64 bytes from yo-in-f104.google.com (64.233.169.104): icmp_seq=10 ttl=236 
  time=213 ms
 
  --- www.l.google.com ping statistics ---
  10 packets transmitted, 10 received, 0% packet loss, time 47626ms
  rtt min/avg/max/mdev = 202.887/245.183/428.468/63.962 ms
 
  real0m57.956s
  user0m0.010s
  sys 0m0.000s
 
 
  [EMAIL PROTECTED]:/home/marcello# time ping 64.233.169.104 -c 10
  PING 64.233.169.104 (64.233.169.104) 56(84) bytes of data.
  64 bytes from 64.233.169.104: icmp_seq=1 ttl=236 time=201 ms
  64 bytes from 64.233.169.104: icmp_seq=2 ttl=236 time=287 ms
  64 bytes from 64.233.169.104: icmp_seq=3 ttl=236 time=279 ms
  64 bytes from 64.233.169.104: icmp_seq=4 ttl=236 time=218 ms
  64 bytes from 64.233.169.104: icmp_seq=5 ttl=236 time=269 ms
  64 bytes from 64.233.169.104: icmp_seq=6 ttl=236 time=514 ms
  64 bytes from 64.233.169.104: icmp_seq=7 ttl=236 time=245 ms
  64 bytes from 64.233.169.104: icmp_seq=8 ttl=236 time=229 ms
  64 bytes from 64.233.169.104: icmp_seq=9 ttl=236 time=240 ms
  64 bytes from 64.233.169.104: icmp_seq=10 ttl=236 time=259 ms
 
  --- 64.233.169.104 ping statistics ---
  10 packets transmitted, 10 received, 0% packet loss, time 9000ms
  rtt min/avg/max/mdev = 201.855/274.704/514.844/84.015 ms
 
  real0m9.262s
  user0m0.000s
  sys 0m0.010s
 
 

 

RE: Webcam

[marcelo]

Em Qui, 2008-04-17 às 00:19 -0300, [EMAIL PROTECTED] escreveu:
  Não deu certo
 
 Mande-nos a saída do dmesg e do lsusb... Faça o seguinte:

Olá senhores. Aproveitando o tópico:

Encontrei algumas informações sobre este assunto, mas mesmo assim não
consegui colocá-la para funiconar. O que fiz foi o seguinte, baseando-me
no
http://hamacker.wordpress.com/2007/10/22/instalando-uma-webcam-microdia/

Identificada a câmera: Microdia

Procurei na net e encontrei o módulo correspondente: uvcvideo

Baixei o módulo e instalei: 

svn checkout 
http://svn.berlios.de/svnroot/repos/linux-uvc/linux-uvc/trunk/
cd trunk/
make
make install
depmod -a
modprobe uvcvideo
gstreamer-properties

Na aba vídeo, quando tentei setar para o V4l, deu o seguinte erro:
'Video for Linux (v4l)': Device /dev/video0 does not exist. 
[v4l_calls.c(168): gst_v4l_open (): /pipeline0/v4lsrc2]

Pesquisando, o udev é o responsável pela montagem automática do dispositivo. 
Com alternativa, criei um link simbólico:

ln -s /dev/v4l/video0 /dev/video
ln -s /dev/v4l/video0 /dev/video0

Também não funcionou.

Com um pouco mais de pesquisa, pelo que entendi, depende do ID da
câmera. No caso, a minha com o ID ID 0c45:6270 não é suportada.

Mando abaixo o procedimento pedido pelo Polegato

 1. Reinicie a máquina e logue na interface gráfica se necessário;
Ok

 2. Abra um terminal (no Debian/Gnome fica em
 Aplicações-Acessórios-Terminal;
ok

 3. Conecte a câmera e depois digite no terminal lsusb e depois pressione
 a tecla [Enter];
 4. Retire a câmera e depois digite no terminal dmesg|tail -n 30 (sem as
 aspas) e depois pressione a tecla [Enter];

Didático... =)

[EMAIL PROTECTED]:~$ sudo lsusb

Bus 005 Device 004: ID 0c45:6270 Microdia U-CAM PC Camera NE878
Bus 005 Device 001: ID :  
Bus 004 Device 001: ID :  
Bus 003 Device 001: ID :  
Bus 002 Device 001: ID :  
Bus 001 Device 001: ID :  

[EMAIL PROTECTED]:~$ dmesg|tail -n 30

usb 5-2: USB disconnect, address 3
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xe0 on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e060 keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xe0 on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e060 keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xe0 on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e060 keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
atkbd.c: Unknown key released (translated set 2, code 0xff on
isa0060/serio0).
atkbd.c: Use 'setkeycodes e07f keycode' to make it known.
input: AT Translated Set 2 keyboard as /class/input/input6
agpgart: Found an AGP 3.5 compliant device at :00:00.0.
agpgart: Putting AGP V3 device at :00:00.0 into 8x mode
agpgart: Putting AGP V3 device at :01:00.0 into 8x mode
usb 5-2: new high speed USB device using ehci_hcd and address 4
usb 5-2: configuration #1 chosen from 1 choice
usb 5-2: USB disconnect, address 4

 5. Selecione tudo o que apareceu no terminal pressionando o botão esquerdo
 (apontador) do mouse e arrastando para selecionar e soltando-o quando
 terminar, depois clica com o botão direito (menu suspenso) sobre a seleção
 e depois clique em copiar
 6. Abra um novo e-mail e cole esses dados no corpo, depois nos envie este
 e-mail.

Feito e no aguardo.

Marcelo


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Webcam

[Davi Vidal]

Em Thursday 17 April 2008, marcelo escreveu:
 Em Qui, 2008-04-17 às 00:19 -0300, [EMAIL PROTECTED] escreveu:
   Não deu certo
 
  Mande-nos a saída do dmesg e do lsusb... Faça o seguinte:

 Olá senhores. Aproveitando o tópico:

 Encontrei algumas informações sobre este assunto, mas mesmo assim não
 consegui colocá-la para funiconar. O que fiz foi o seguinte, baseando-me
 no
 http://hamacker.wordpress.com/2007/10/22/instalando-uma-webcam-microdia/

 Identificada a câmera: Microdia

 Procurei na net e encontrei o módulo correspondente: uvcvideo

 Baixei o módulo e instalei:

[...]

A primeira coisa que eu faço nessas situações é pegar um CD do Ubuntu e 
rodar. Explico: o Ubuntu configura quase tudo sozinho, aí eu tenho como saber 
se o dispositivo não é suportado mesmo ou se eu estou fazendo besteira.

Tentou isso?

Abraço,
-- 
Davi Vidal
--
E-mail: [EMAIL PROTECTED]
MSN   : [EMAIL PROTECTED]
GTalk : [EMAIL PROTECTED]
Skype : davi vidal
YIM   : davi_vidal
ICQ   : 138815296

FW: modulos

[Sylvio Dias Jacome]

 From: [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: RE: modulos
 Date: Thu, 17 Apr 2008 12:58:12 -0300
 
 
 olha o que deu no output
 
 sdj-debian:/usr/src# dpkg --purge spca5xx* gspca*
 dpkg: você precisa especificar pacotes com seus próprios nomes, não citando 
 os nomes dos arquivos em que eles vêm
 
 Digite dpkg --help para ajuda sobre instalação e desinstalação de pacotes [*];
 Use `dselect' ou `aptitude' para gerenciamento amigável de pacotes;
 Digite dpkg -Dhelp para uma lista de valores de marcas de debug do dpkg;
 Digite dpkg --force-help para uma lista de opções para forçar certas 
 operações;
 Digite dpkg-deb --help para ajuda sobre manipulação de arquivos *.deb;
 Digite dpkg --license para licença de direitos autorais e falta de garantia 
 (GNU GPL) [*].
 
 Opções marcadas com [*] produzem muita saída de texto - passe-a por `less' ou 
 `more' !
 
 
 Date: Thu, 17 Apr 2008 09:01:57 -0300
 From: [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: Re: modulos
 CC: debian-user-portuguese@lists.debian.org
 
 2008/4/16, Sylvio Dias Jacome :

  olá, tentando fazer a webcam funcionar aqui ficou um monte de modulos 
 instalados, do driver spca5xx, gspca.
  como faço para remove-los?


 
 Verifique se no diretório /usr/src existem arquivos que começam com
 spca5xx e gspca e que terminem por .deb e envie o comando, como
 root:
 
 # dpkg --purge spca5xx* gspca*
 
 Abraço,
 
 -- 
 Gunther Furtado
 [EMAIL PROTECTED]
 
 _
 Cansado de espaço para só 50 fotos? Conheça o Spaces, o site de 
 relacionamentos com até 6,000 fotos!
 http://www.amigosdomessenger.com.br

_
Instale a Barra de Ferramentas com Desktop Search e ganhe EMOTICONS para o 
Messenger! É GRÁTIS!
http://www.msn.com.br/emoticonpack

Re: Webcam

[marcelo]

Em Qui, 2008-04-17 às 12:33 -0300, Davi Vidal escreveu:

   A primeira coisa que eu faço nessas situações é pegar um CD do Ubuntu e 
 rodar. Explico: o Ubuntu configura quase tudo sozinho, aí eu tenho como saber 
 se o dispositivo não é suportado mesmo ou se eu estou fazendo besteira.
 
   Tentou isso?

Quase... 
Tentei no ruindows XP e ele não encontrou o driver. Identificou o
dispositivo como USB 20 e ficou pesquisando por horas...

Vou tentar com o ubuntu.

Opa! Esqueci de dizer. sistema: Debian Lenny, kernel 2.6.24.1-486 Gnome
2.22.

Obrigado desde já.

[]s


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Hub

[Sylvio Dias Jacome]

Olá, minha conexão de rede usa um hub, é dsl mas o modem dsl está ligado no 
hub, só que quando tento usar a webcam no amsn aprece o seguinte:
You are behind a route
Ip restrict NAT
no tutorial do amsn diz que tem que configurar o router pra liberar o amsn.
Como faço isso?
_
Cansado de espaço para só 50 fotos? Conheça o Spaces, o site de relacionamentos 
com até 6,000 fotos!
http://www.amigosdomessenger.com.br

Re: FW: modulos

[Gunther Furtado]

Em 17/04/08, Sylvio Dias Jacome[EMAIL PROTECTED] escreveu:


  
   From: [EMAIL PROTECTED]
   To: [EMAIL PROTECTED]
   Subject: RE: modulos
   Date: Thu, 17 Apr 2008 12:58:12 -0300
  
  
   olha o que deu no output
  
   sdj-debian:/usr/src# dpkg --purge spca5xx* gspca*
   dpkg: você precisa especificar pacotes com seus próprios nomes, não 
 citando os nomes dos arquivos em que eles vêm
  
   Digite dpkg --help para ajuda sobre instalação e desinstalação de pacotes 
 [*];
   Use `dselect' ou `aptitude' para gerenciamento amigável de pacotes;
   Digite dpkg -Dhelp para uma lista de valores de marcas de debug do dpkg;
   Digite dpkg --force-help para uma lista de opções para forçar certas 
 operações;
   Digite dpkg-deb --help para ajuda sobre manipulação de arquivos *.deb;
   Digite dpkg --license para licença de direitos autorais e falta de 
 garantia (GNU GPL) [*].

Bom, relendo a minha mensagem anterior achei-a muito ruim, desculpe
pela confusão!

O que o dpkg está pedindo é para você completar o nome do pacote,
certo? Pois bem, o nome do pacote pode ser descoberto com os comandos:

# dpkg -l | grep spca5xx
e
# dpkg -l | grep gspca

e depois rodar os comandos que mencionei antes.

Espero ter ajudado melhor desta vez.

[...]

Um abraço,

-- 
Gunther Furtado
[EMAIL PROTECTED]

Re: Webcam

[marcelo]

Em Qui, 2008-04-17 às 12:32 -0300, Davi Vidal escreveu:

   Ah se todos fizessem como você. :-) É gratificante saber que tem gente 
 que 
 corre atrás da solução de seus próprios problemas... :-)

Obrigado. Também compartilho desta opnião. =)

novela
Continuando a saga. No ruindows, ele não encontrou o driver
automaticamente. Pesquisando no Google, depois de encontrar duas páginas
com drivers pagos, onde obtive a informação que o driver correspondente
a meu ID (final 6270), era o SN9C201 - lembrando: webcam ID 0e45:6270
Microdia U-CAM PC Camera NE 878). Novamente recorri ao oráculo e
encontrei em http://www.sonix.com.tw o dito cujo. Aí foi só rodar o
executavel e ele conseguiu instalar o dito cujo.
/novela

Agora vou tentar no ubuntu e fazer um novo teste.

[]s




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Webcam

[hamacker]

Ao testar a webcam, experimente testar com v4l e v4l2, note o 2
na frente. Pois voce encontrará alguns compativeis com v4l2, mas não
são compativeis ou não parecem relacionados quando se vl4 (sem o final
2).

Muita gente instalava corretamente essa webcam, mas só experimentava
com o v4l onde ela simplesmente não aparecia, mas em programas
usando o v4l2 ela funcionava perfeitamente.

Em 17/04/08, marcelo[EMAIL PROTECTED] escreveu:

  Em Qui, 2008-04-17 às 12:32 -0300, Davi Vidal escreveu:

 Ah se todos fizessem como você. :-) É gratificante saber que tem 
 gente que
   corre atrás da solução de seus próprios problemas... :-)

  Obrigado. Também compartilho desta opnião. =)

  novela
  Continuando a saga. No ruindows, ele não encontrou o driver
  automaticamente. Pesquisando no Google, depois de encontrar duas páginas
  com drivers pagos, onde obtive a informação que o driver correspondente
  a meu ID (final 6270), era o SN9C201 - lembrando: webcam ID 0e45:6270
  Microdia U-CAM PC Camera NE 878). Novamente recorri ao oráculo e
  encontrei em http://www.sonix.com.tw o dito cujo. Aí foi só rodar o
  executavel e ele conseguiu instalar o dito cujo.
  /novela

  Agora vou tentar no ubuntu e fazer um novo teste.

  []s





  --
  To UNSUBSCRIBE, email to [EMAIL PROTECTED]
  with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

OFFTOPIC - Fisl ao vivo???

[Bruno Buys]

Alguém tá conseguindo sintonizar as streams do fisl9 em
http://stream.softwarelivre.org:8000/???
Estou tentando, mas só vejo uma tela vazia e sem som

Re: Webcam

[marcelo]

Em Qui, 2008-04-17 às 16:11 -0300, hamacker escreveu:
 Ao testar a webcam, experimente testar com v4l e v4l2, note o 2
 na frente. Pois voce encontrará alguns compativeis com v4l2, mas não
 são compativeis ou não parecem relacionados quando se vl4 (sem o final
 2).
 
 Muita gente instalava corretamente essa webcam, mas só experimentava
 com o v4l onde ela simplesmente não aparecia, mas em programas
 usando o v4l2 ela funcionava perfeitamente.

Opa!

Continua com o erro apontado anteriormente, tanto para um como para
outro /dev/video0 não encontrado ou não existe.

[EMAIL PROTECTED]:$ sudo gstreamer-properties
gstreamer-properties-Message: Skipping unavailable plugin 'artsdsink'
gstreamer-properties-Message: Skipping unavailable plugin 'pulsesink'
gstreamer-properties-Message: Skipping unavailable plugin 'sdlvideosink'
gstreamer-properties-Message: Skipping unavailable plugin 'v4lmjpegsrc'
gstreamer-properties-Message: Skipping unavailable plugin 'qcamsrc'
gstreamer-properties-Message: Skipping unavailable plugin 'esdmon'
gstreamer-properties-Message: Skipping unavailable plugin 'pulsesrc'
gstreamer-properties-Message: Error running pipeline 'Video for Linux
(v4l)': Device /dev/video0 does not exist. [v4l_calls.c(168):
gst_v4l_open (): /pipeline0/v4lsrc3]
gstreamer-properties-Message: Error running pipeline 'Video for Linux 2
(v4l2)': Cannot identify device '/dev/video0'. [v4l2_calls.c(429):
gst_v4l2_open (): /pipeline1/v4l2src2:
system error: Arquivo ou diretório não encontrado]
[EMAIL PROTECTED]:$

Obrigado de qualquer forma.

[]s



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Webcam

[hamacker]

Aí já está parecendo que faltam arquivos, acho que de tanto arrumar,
algumas coisas agora parecem estar faltando. :)

loucura, loucura e loucura... :)


Em 17/04/08, marcelo[EMAIL PROTECTED] escreveu:

  Em Qui, 2008-04-17 às 16:11 -0300, hamacker escreveu:

  Ao testar a webcam, experimente testar com v4l e v4l2, note o 2
   na frente. Pois voce encontrará alguns compativeis com v4l2, mas não
   são compativeis ou não parecem relacionados quando se vl4 (sem o final
   2).
  
   Muita gente instalava corretamente essa webcam, mas só experimentava
   com o v4l onde ela simplesmente não aparecia, mas em programas
   usando o v4l2 ela funcionava perfeitamente.


 Opa!

  Continua com o erro apontado anteriormente, tanto para um como para
  outro /dev/video0 não encontrado ou não existe.

  [EMAIL PROTECTED]:$ sudo gstreamer-properties
  gstreamer-properties-Message: Skipping unavailable plugin 'artsdsink'
  gstreamer-properties-Message: Skipping unavailable plugin 'pulsesink'
  gstreamer-properties-Message: Skipping unavailable plugin 'sdlvideosink'
  gstreamer-properties-Message: Skipping unavailable plugin 'v4lmjpegsrc'
  gstreamer-properties-Message: Skipping unavailable plugin 'qcamsrc'
  gstreamer-properties-Message: Skipping unavailable plugin 'esdmon'
  gstreamer-properties-Message: Skipping unavailable plugin 'pulsesrc'
  gstreamer-properties-Message: Error running pipeline 'Video for Linux

 (v4l)': Device /dev/video0 does not exist. [v4l_calls.c(168):

 gst_v4l_open (): /pipeline0/v4lsrc3]
  gstreamer-properties-Message: Error running pipeline 'Video for Linux 2
  (v4l2)': Cannot identify device '/dev/video0'. [v4l2_calls.c(429):
  gst_v4l2_open (): /pipeline1/v4l2src2:
  system error: Arquivo ou diretório não encontrado]
  [EMAIL PROTECTED]:$

  Obrigado de qualquer forma.


  []s



  --
  To UNSUBSCRIBE, email to [EMAIL PROTECTED]
  with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Webcam

[Junior Polegato - Linux]

marcelo escreveu:

Continua com o erro apontado anteriormente, tanto para um como para
outro /dev/video0 não encontrado ou não existe.
  


Olá,

  Primeiro de tudo precisa fazer /dev/video0 aparecer e ser real, 
isto é, ter um módulo no kernel que responda pelas requisições em 
/dev/video0. Precisa encontrar o módulo certo.


   Não conseguiu enviar o lsusb e o final do dmesg antes, durante e 
depois de colocar e tirar a câmera?



[]'s
Junior Polegato


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Webcam

[Fabiano Manoel de Andrade]

Em Qui, 2008-04-17 às 16:12 -0300, marcelo escreveu:
 Em Qui, 2008-04-17 às 12:32 -0300, Davi Vidal escreveu:
 
  Ah se todos fizessem como você. :-) É gratificante saber que tem gente 
  que 
  corre atrás da solução de seus próprios problemas... :-)
 
 Obrigado. Também compartilho desta opnião. =)
 
 novela
 Continuando a saga. No ruindows, ele não encontrou o driver
 automaticamente. Pesquisando no Google, depois de encontrar duas páginas
 com drivers pagos, onde obtive a informação que o driver correspondente
 a meu ID (final 6270), era o SN9C201 - lembrando: webcam ID 0e45:6270
 Microdia U-CAM PC Camera NE 878). Novamente recorri ao oráculo e
 encontrei em http://www.sonix.com.tw o dito cujo. Aí foi só rodar o
 executavel e ele conseguiu instalar o dito cujo.
 /novela
 
 Agora vou tentar no ubuntu e fazer um novo teste.
 
 []s


Olá.
Tente fazer o seguinte. Remova a webcam e remova o módulo sn9c102
(modprobe -r sn9c102) e adicione esse módulo ao
arquivo  /etc/modprobe.d/blacklist com a linhas
blacklist sn9c102

Instale o drive gspca
#aptitude install modules-assistant
# m-a prepare
# m-a a-i gspca
e então insira a webcam. Use o programa camorama para vereficar se foi
instalada corretamente.
Abraço.
Fabiano.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: debian tabanlı sistem taşıma ve 64 bit

[Cafer Şimşek]

Merhaba İlker Hocam,

Yüzde 90 oranında sorunsuz olarak geçiş yapabilirsin. Ama yine de her
ihtimale karşı, kritik dosyaların yedeğini almayı ihmal etme.

Çalıştırılabilir bir dosyanın 32 bit mi yoksa 64 bit mi olduğunu file
komutuyla anlayabilirsin. Mesela 64 bitlik bir sistemde şunu görmelisin:

[EMAIL PROTECTED]:~$ file /usr/sbin/mysqld
/usr/sbin/mysqld: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for
GNU/Linux 2.6.8, dynamically linked (uses shared libs), stripped
[EMAIL PROTECTED]:~$ 


32 bitlik bir sistemde (veya 64 bitlik sistemde 32 bitlik olarak derlenmiş
bir ikili dosyada) ise bu çıktı şu şekilde olacaktır:

[EMAIL PROTECTED]:~$ file  /usr/sbin/mysqld
/usr/sbin/mysqld: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV),
for GNU/Linux 2.4.1, dynamically linked (uses shared libs), for GNU/Linux
2.4.1, stripped
[EMAIL PROTECTED]:~$ 


Sevgiler.

--
Cafer Şimşek


On 4/17/08 8:07 AM, ilker AYDIN [EMAIL PROTECTED] wrote:

 Selamlar
 
 Birbirinin bire bir aynısı olan 2 eş makinem var,
 
 İlk Makinemde debain 4.0 32 bit kurulu
 samba+mysql+postfix+squid+clamav+openfire kurulu sistem gayet iyi upime 74
 gun oldu bile.
 
 Şimdi eş olan ikinci makineye amd64 bit dvdlerden debian kurdum,
 güncellemeleri yaptım.
 
  
 
 dpkg --set-selections  selections.txt
 apt-get deselect-upgrade
 
 ile dosyaları taşiıyıp /etc altındaki ilgili ayarları kopyalayarak sistemi
 taşırım diye düşünüyorum, fikirleriniz bekliyorum.
 
  
 
 birde çalışan uygulamanın misal mysql sunucunun 64bit olduğuna nasıl ikna
 olabilirim?
 
  
 

RE: debian tabanlı sistem taşıma ve 64 bit

[ilker AYDIN]

Çok teşekkür ederim üstadım.


-Original Message-
From: Cafer Şimşek [mailto:[EMAIL PROTECTED] 
Sent: Thursday, April 17, 2008 9:31 AM
To: ilker AYDIN; debian-user-turkish@lists.debian.org
Subject: Re: debian tabanlı sistem taşıma ve 64 bit

Merhaba İlker Hocam,

Yüzde 90 oranında sorunsuz olarak geçiş yapabilirsin. Ama yine de her
ihtimale karşı, kritik dosyaların yedeğini almayı ihmal etme.

Çalıştırılabilir bir dosyanın 32 bit mi yoksa 64 bit mi olduğunu file
komutuyla anlayabilirsin. Mesela 64 bitlik bir sistemde şunu görmelisin:

[EMAIL PROTECTED]:~$ file /usr/sbin/mysqld
/usr/sbin/mysqld: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for
GNU/Linux 2.6.8, dynamically linked (uses shared libs), stripped
[EMAIL PROTECTED]:~$ 


32 bitlik bir sistemde (veya 64 bitlik sistemde 32 bitlik olarak derlenmiş
bir ikili dosyada) ise bu çıktı şu şekilde olacaktır:

[EMAIL PROTECTED]:~$ file  /usr/sbin/mysqld
/usr/sbin/mysqld: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV),
for GNU/Linux 2.4.1, dynamically linked (uses shared libs), for GNU/Linux
2.4.1, stripped
[EMAIL PROTECTED]:~$ 


Sevgiler.

--
Cafer Şimşek


On 4/17/08 8:07 AM, ilker AYDIN [EMAIL PROTECTED] wrote:

 Selamlar
 
 Birbirinin bire bir aynısı olan 2 eş makinem var,
 
 İlk Makinemde debain 4.0 32 bit kurulu
 samba+mysql+postfix+squid+clamav+openfire kurulu sistem gayet iyi upime 74
 gun oldu bile.
 
 Şimdi eş olan ikinci makineye amd64 bit dvdlerden debian kurdum,
 güncellemeleri yaptım.
 
  
 
 dpkg --set-selections  selections.txt
 apt-get deselect-upgrade
 
 ile dosyaları taşiıyıp /etc altındaki ilgili ayarları kopyalayarak sistemi
 taşırım diye düşünüyorum, fikirleriniz bekliyorum.
 
  
 
 birde çalışan uygulamanın misal mysql sunucunun 64bit olduğuna nasıl ikna
 olabilirim?
 
  
 

Re: Support for VESA Textmode 132x60

[Joey Schulze]

Ron Johnson wrote:
  I'm seeking information on modern graphic cards (PCI, PCIe) that
  support VESA BIOS mode 0x010C, a special text mode that works with
  132x60 characters.  Linux supports this mode when the graphics board
  provides this particular mode.
  
  Unfortunately, not many of current video cards support this VESA mode,
  thus the nice text mode is not available.
  
  Therefore, I have started a Wiki page to collect information on the
  availability of this particular text mode in graphic cards:
  
http://wiki.debian.org/TextMode_132x60
  
  I hope this list is helpful for others who are interested in such a
  text mode.
  
  If you work with a modern graphics card and have definitive knowledge
  whether or not this mode is supported, it would be nice to drop me a
  line or add that information to said page right away on your own.
 
 Can you remind us how to activate this on-the-fly with lilo (so
 that I don't have to edit /etc/lilo.conf?

Sure, just add 'vga=ask' to the kernel commandline.  Just press left or
right shift (both work), select the kernel and add the string.  The
kernel will then ask which VGA mode you'd like to use.  Once you know
the mode number you can safely add it to lilo.conf.

Regards,

Joey

-- 
Let's call it an accidental feature.  -- Larry Wall

Please always Cc to me when replying to me on the lists.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: creating a ProDOS boot diskette

[Mark Allums]

Hal Vaughan wrote:
 On Wednesday 16 April 2008, Ron Johnson wrote:
 On 04/16/08 21:15, PETER EASTHOPE wrote:
 Folk,

 I have a copy of ProDOS-System.zip which unzips
 to Apple II System Disk 3.2.dc.

 Can a Debian make a ProDOS boot diskette?
 Should dd work?
 dd should be able to do it, if the hardware is capable.  But I doubt
 it, since PC-style floppy drives are soft-sector, and IIRC the
 Apple drives were hard-sector.

 I think Apple drives were soft sector,

Apple drives were indeed soft sector, originally, they had 13 sectors, 
then they did a firmware update that increased them to 16 sector.  (The 
firmware update involved physically pulling and replacing a socketed 
IC on one of the circuit boards inside the drive.)


There were hardware differences with the Woz Mazchine floppy design 
and the IBM compatible design.  An IBM 5 1/4 inch drive could be made to 
 read and write Apple disks with the aid of some extra hardware, it 
involved using a (8-bit) card on the ISA bus and the use of a special 
Y-cable that connected between that card, the floppy controller card, 
and the floppy drive.


The same setup could also be used to defeat any floppy-based 
copy-protection scheme.  I owned one of these (still have it in a closet 
somewhere) and used it to back up games.  The Apple disk reading 
capability came in handy, once.


Mark Allums


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Support for VESA Textmode 132x60

[Joey Schulze]

Luis Ariel Lecca wrote:
On 04/16/08 11:15, Joey Schulze wrote:
 I'm seeking information on modern graphic cards (PCI, PCIe) that
 support VESA BIOS mode 0x010C, a special text mode that works with
 132x60 characters. Linux supports this mode when the graphics board
 provides this particular mode.
 
Did you probe using framebuffer ? (which uses graphic mode)...its slower
than VESA BIOS support...

The framebuffer is irrelevant when you want a text mode, and - as you
write yourself - it's also slower.  The real text mode is the
interesting mode.  

Regards,

Joey

-- 
Let's call it an accidental feature.  -- Larry Wall

Please always Cc to me when replying to me on the lists.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: [OT] How to add fortune output to terminal

[Martin Schulze]

Bob Proulx wrote:
 s. keeling wrote:
  Another common practice is to set PS1 in .bash_profile, then call
  .bashrc from .bash_profile.
   if [ ! -z $PS1 ]; then
 
 The PS1 is set by default for interactive shells and not set for
 non-interactive shells.  So the test for $PS1 works without needing to
 set it.  This is in the default Debian /etc/skel/.bashrc too.
 
  The intent being to not clutter up the environment any more than is
  necessary.
 
 Note: Some versions of bash read the .bashrc when it determines that
 it is started over a remote shell.  By splitting the .bashrc into an
 interactive and non-interactive section then aliases can be loaded
 over a remote shell and made available to the command while not
 breaking things for a non-interactive environment.  Not that I would
 advocate doing that.  The feature was removed from the bash upstream
 due to various problems.  Debian Etch has patches specifically for
 this situation.  See /usr/share/doc/bash/README.Debian.gz .

Another way to do this is:

if [ -n $PS1 -a $TERM != dumb ]; then
  # aliases and the like for interactive use
else
  # non-intreactive
fi

TERM=dumb is set by dumb terminal emulations such as M-x shell in Emacs,
in case you wonder.  Colour definitions should be outside.

Regards,

Joey

-- 
Let's call it an accidental feature.  -- Larry Wall

Please always Cc to me when replying to me on the lists.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: command line browser questions: - javascript - lynx history

[Daniel Dalton]

On Wed, 16 Apr 2008, Celejar wrote:


I believe so; you would probably get the source deb and build it
yourself with JS configured.


Will look into that when I get a chance. Thanks.


NN_il_Confusionario that much Javascript content is unnecessary, my


Yes, I agree... I would use firefox if I could, but unfortunately more
sites work with lynx than talk with firefox... :-)


I rarely have any real problems with FF (IW); most of my difficulties
derive from the fact that I am unwilling to install Flash, but my
impression from this list is that there's actually quite good Flash
support via the flash plugin, at least on i386 and possibly other
architectures that can use some sort of wrapper.  What sites give you


Yes, flash is ok on my sighted brothers debian box...


trouble with FF?


Its the fact I'm blind actually, firefox works fine with them... Just orca 
doesn't read them well...
Like firefox and flash and everything would be fine on this box for a 
sighted person since I'm totally blind and use braille and speech that is 
where the problem is...

Either hoping for orca to improve, or hoping for a cmd solution...


great problem is that my consumer wireless AP / switch / router
interfaces all require Javascript, so I can't modify their
configurations from the cli.


Uh... My router seems to work fine, but I mostly ssh in anyway.
Openwrt's web gui seems to be pretty good... :-)


That's fine if your router runs Openwrt; mine (Trendnet TEW-452BRP)


Yes, I know.


isn't listed as supported (but it's also not on the unsupported page).


I wouldn't try it then...

--
Daniel Dalton

http://members.iinet.net.au/~ddalton/
[EMAIL PROTECTED]


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: creating a ProDOS boot diskette

[Richard Lyons]

On Thu, Apr 17, 2008 at 01:04:14AM -0400, Hal Vaughan wrote:
[...]
 Hal
 (Who still misses his Apple //e with a *fully socketed* motherboard, a 
 whopping 5 MB hard drive and who actually enjoyed programming in 6502 
 Assembler!)

ooh, you're making me misty-eyed.  That 6502 Assembler _was_ fun.  And
the excitement when the upgrade card to 64MB arrived...  

richard


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: creating a ProDOS boot diskette

[Richard Lyons]

On Thu, Apr 17, 2008 at 07:54:19AM +0200, Richard Lyons wrote:

 On Thu, Apr 17, 2008 at 01:04:14AM -0400, Hal Vaughan wrote:
 [...]
  Hal
  (Who still misses his Apple //e with a *fully socketed* motherboard, a 
  whopping 5 MB hard drive and who actually enjoyed programming in 6502 
  Assembler!)
 
 ooh, you're making me misty-eyed.  That 6502 Assembler _was_ fun.  And
 the excitement when the upgrade card to 64MB arrived...  

Oops, I mean KB of course.

richard


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY

[martin f krafft]

also sprach Bernardo Dal Seno [EMAIL PROTECTED] [2008.04.11.0035 +0200]:
   In the tcpdump output, I see a lot of duplicate packets, but
   otherwise can't figure out what's going on.
 
 I can see only one duplicate packet:
 
14.908203 192.168.254.246 - 213.203.238.82 SSHv2 [TCP Retransmission] 
  Client: Diffie-Hellman GEX Init

There'll be more if I just keep waiting.

 Have you filtered the tcpdump (Wireshark?) output?

Nope.

22.576404 192.168.254.246 - 213.203.238.82 SSH Encrypted
request packet len=560
 
 And this is an encrypted packet, so the Diffie-Hellman exchange
 should be completed.

Okay, so let's assume the DH exchange completes fine, why is the
session then not established?

23.876222 213.203.238.82 - 192.168.254.246 TCP [TCP ACKed lost segment] 
  22  59447 [ACK] Seq=1 Ack=586 Win=54 Len=0 TSV=747577555 TSER=4288622
 
 This packet is very strange.  It's an ACK for a previous connection,
 with sequence number 1, i.e., the server has not sent any byte, while
 acknowledges 585 bytes sent from the client.  This is strange because
 even if you tenet to an Ssh server you get a response containing the
 version of the server.  Do you remember if you have done something in
 particular to get that?

Nope. Well, I flew into Barcelona and tried to connect to the
KubiWireless network here.

   Does anyone have any clue what's going on here? Is
   SSH2_MSG_KEX_DH_GEX_INIT so complex that it manages to screw over
   crap networks?
 
 I don't understand what's happening, but maybe some packet has
 been filtered from the dump.  Do you have a firewall? Does it
 reject any packet?

Well, a packet filter runs on 213.203.238.82, but it allows SSH
traffic and RELATED,ESTABLISHED.

Thanks for your time,

-- 
 .''`.   martin f. krafft [EMAIL PROTECTED]
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems
 
one should never do anything that
 one cannot talk about after dinner.
-- oscar wilde


digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)

Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY

[martin f krafft]

also sprach martin f krafft [EMAIL PROTECTED] [2008.04.16.1857 +0200]:
  I don't understand what's happening, but maybe some packet has
  been filtered from the dump.  Do you have a firewall? Does it
  reject any packet?
 
 Well, a packet filter runs on 213.203.238.82, but it allows SSH
 traffic and RELATED,ESTABLISHED.

FWIW, I get pretty much exactly the same behaviour, whether I try my
machines, university ones, .debian.org ones, or any other SSH server
out there, basically.

Unfortunately, I can't really cooperate with anyone out there on it,
since, well, I cannot talk to the net. UDP kinda works. TCP
like HTTP, SMTP, IRC, or SSH do not.

-- 
 .''`.   martin f. krafft [EMAIL PROTECTED]
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems
 
obviously i was either onto something, or on something.
 -- larry wall on the creation of perl


digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)

dictionaries-common package

[Jude DaShiell]

Why is it ddpart has to be used to get dictionaries-common off of debian 
systems?




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: command line browser questions: - javascript - lynx history

[NN_il_Confusionario]

On Wed, Apr 16, 2008 at 11:17:05PM -0400, Celejar wrote:
 On Thu, 17 Apr 2008 11:45:30 +1000 (EST)
 Daniel Dalton [EMAIL PROTECTED] wrote: 
  On Mon, 14 Apr 2008, Celejar wrote:
  If I was to use elinks must I compile from source to get javascript 
  support? 
 I believe so; you would probably get the source deb and build it
 yourself with JS configured.

I am quite sure that among prebuild debian packages only the
experimental elinks (partially) supports javascript:

$ apt-cache pkgnames|grep elinks
elinks-data
elinks-doc
elinks-lite
elinks

$ apt-cache policy elinks
elinks:
  Installed: (none)
  Candidate: 0.11.1-1.2etch1
  Version table:
 0.12~20080127-2 0
899 http://ftp.it.debian.org experimental/main Packages
 0.11.3-6 0
900 http://ftp.it.debian.org unstable/main Packages
 0.11.3-5 0
998 http://ftp.it.debian.org testing/main Packages
 0.11.1-1.2etch1 0
999 http://ftp.it.debian.org stable/main Packages
999 http://security.debian.org stable/updates/main Packages
 0.10.4-7.1 0
999 http://ftp.it.debian.org oldstable/main Packages
999 http://security.debian.org oldstable/updates/main Packages

$ apt-cache show elinks|grep ^Depends:
Depends: elinks-data (= 0.12~20080127-2), guile-1.8-libs, libbz2-1.0, libc6 (= 
2.7-1), libexpat1 (= 1.95.8), libgmp3c2, libgnutls26 (= 2.2.0-0), libgpmg1 
(= 1.20.0), libidn11 (= 0.5.18), libltdl3 (= 1.5.2-2), liblua50 (= 5.0.3), 
liblualib50 (= 5.0.3), libmozjs0d (= 1.8.1.5), libperl5.8 (= 5.8.8), 
libruby1.8 (= 1.8.6.111), libsmbclient (= 3.0.2a-1), python2.4 (= 2.3.90), 
zlib1g (= 1:1.2.0.2)
Depends: elinks-data (= 0.11.3-6), libbz2-1.0, libc6 (= 2.7-1), libexpat1 (= 
1.95.8), libgnutls26 (= 2.2.0-0), libgpmg1 (= 1.20.0), libidn11 (= 0.5.18), 
liblua50 (= 5.0.3), liblualib50 (= 5.0.3), libperl5.8 (= 5.8.8), libruby1.8 
(= 1.8.6.114), zlib1g (= 1:1.1.4)
Depends: elinks-data (= 0.11.3-5), libbz2-1.0, libc6 (= 2.7-1), libexpat1 (= 
1.95.8), libgnutls26 (= 2.2.0-0), libgpmg1 (= 1.20.0), libidn11 (= 0.5.18), 
liblua50 (= 5.0.3), liblualib50 (= 5.0.3), libperl5.8 (= 5.8.8), libruby1.8 
(= 1.8.6.114), zlib1g (= 1:1.1.4)
Depends: libbz2-1.0, libc6 (= 2.3.5-1), libexpat1 (= 1.95.8), libgnutls13 (= 
1.4.0-0), libgpmg1 (= 1.19.6-1), liblua50 (= 5.0.3), liblualib50 (= 5.0.3), 
libperl5.8 (= 5.8.8), zlib1g (= 1:1.2.1), debconf
Depends: libbz2-1.0, libc6 (= 2.3.2.ds1-21), libexpat1 (= 1.95.8), 
libgnutls11 (= 1.0.16), libgpmg1 (= 1.19.6-1), liblua50 (= 5.0.2-5), 
liblualib50 (= 5.0.2-5), libperl5.8 (= 5.8.4), zlib1g (= 1:1.2.1), debconf

(note the libmozjs0d in the first line only)

However, the sources for elinks in experimental compile fine even under sarge.

The instructions for activating javascript (and in particoular
installing the needed debian packages) are in

elinks-0.12~20080127/doc/ecmascript.txt

  What is its javascript like? Does it work with youtube for example?
 I have no idea.

I also have no idea. I have just tried to visit youtube with my newly
compiled elinks, but I have to admit that I am not able to navigate
youtube (yes, I am too stupid to be able to use modern websites and GUIs)

   great problem is that my consumer wireless AP / switch / router
   interfaces all require Javascript, so I can't modify their
   configurations from the cli.
  
  Uh... My router seems to work fine, but I mostly ssh in anyway.
  Openwrt's web gui seems to be pretty good... :-)
 
 That's fine if your router runs Openwrt; mine (Trendnet TEW-452BRP)
 isn't listed as supported (but it's also not on the unsupported page).

I have forgotten to say other thing about such equipements:

beware of apparently slight changes. I have seen two such equipements by
edimax, with the same model number, same (very low) price, and with
_exactly_ the same external look (but _slightly_ different heavvy paper
box). One has telnet, the other one not. The files that one sees by ftp
are quite different (but the important file, the configuration file, is
almost the same). One web interface is usable without javascript (once
one already knows which pages to visit), the other one is not
(fortunately, it is the one with telnet which has the most unfriendly
web interface).

-- 
Chi usa software non libero avvelena anche te. Digli di smettere.
Informatica=arsenico: minime dosi in rari casi patologici, altrimenti letale.
Informatica=bomba: intelligente solo per gli stupidi che ci credono.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: shell scripting

[Jude DaShiell]

If you don't mind specifying your reference file on the command line as a 
shell script parameter, you can use $1 inside the shell script to pick its 
name up and do things with it.





--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Lenny d-i and KDE

[Thierry Chatelet]

On Thursday 17 April 2008 03:19:28 Andrew Sackville-West wrote:
 On Wed, Apr 16, 2008 at 08:29:42PM +0100, Michael C wrote:
  Eduardo M KALINOWSKI wrote:
  On Wed, Apr 16, 2008 at 1:37 PM, Michael C [EMAIL PROTECTED] wrote:
   Sorry Andrew --- I didn't make myself nearly clear enough --- is the
   Lenny d-i *net* install CD able to provide for a KDE-only
  installation?
 
  The net install includes only the base system. It does not come with
  KDE, it'll have to be installed later via the internet or other more
  difficult means.
 
  Oh I see ;) -- I'd envisaged something akin to Etch's net installer
  (which presented an option to download and install the Gnome desktop)
  from when it was still the Testing branch.

 there is an option to select the Desktop task, but I don't know that
 it differentiates between flavors of desktop. I haven't installed in
 quite a while now, so I can't speak to that. You should investigate
 the `tasksel` command as that's the one that allows these selections.

 Of course, you could just install the base system and then use your
 favorite package manager to install the desktop/wm of your choice.

 A

Usually, if you go in expert mode, ie enter at the boot prompt:
expert tasks=standard, kde-desktop
you should get a system with kde on it. But it is/was broken lately, and would 
give you a gnome + kde desktop.
See here:
http://www.debian.org/devel/debian-installer/errata

where you get this:

KDE and Xfce CDs also install GNOME
This is due to a change in tasksel for which we've neglected to update the 
tools used to build CD images. It is possible to work around this issue by 
booting the installer with an extra option: install desktop=kde, or install 
desktop=xfce.
The problem has already been fixed for weekly built CD images. 

Thierry


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

bsdgames emacs package conflict

[Jude DaShiell]

The conflict is wider than that since dictionaries-common and dpkg are 
also involved in the fighting here.  For some reason dpkg persists in 
trying to get a lock when it fails the first time.  Probably some 
misconfigured dpkg default I'll find later can help me abbreviate future 
output in similar situations.  I can do apt-get -q -q install emacs 
bsdgames and get similar output except that bsdgames in this instance will 
fail to install.  The other consideration is if I don't even attempt to 
install bsdgames and say do something like apt-get -q install emacs 
planner-el the planner-el package which is an emacs add-on looses the 
fight.  I predict much the same will be found with the remaining emacs 
add-ons and possibly all of them.  It needs resources to check this out I 
haven't got available.  If that looping by dpkg isn't a bad default dpkg 
configuration setting then dictionaries-common is probably causing dpkg 
itself to go into error state and dpkg doesn't have an exception properly 
defined to throw and get more specific about this error situation.

cut here.
Script started on Thu 17 Apr 2008 04:30:50 AM EDT
ns:~# apt-get --quiet --quiet install bsdgaem  mes emacs
Preconfiguring packages ...
Selecting previously deselected package dictionaries-common.
(Reading database ... 36433 files and directories currently installed.)
Unpacking dictionaries-common (from .../dictionaries-common_0.98.5_all.deb) ...
Adding `diversion of /usr/share/dict/words to 
/usr/share/dict/words.pre-dictionaries-common by dictionaries-common'
Selecting previously deselected package wamerican.
Unpacking wamerican (from .../wamerican_6-2.1_all.deb) ...
Selecting previously deselected package bsdgames.
Unpacking bsdgames (from .../bsdgames_2.17-14_i386.deb) ...
Selecting previously deselected package emacsen-common.
Unpacking emacsen-common (from .../emacsen-common_1.4.17_all.deb) ...
Selecting previously deselected package emacs22-common.
Unpacking emacs22-common (from .../emacs22-common_22.2+1-1_all.deb) ...
Selecting previously deselected package emacs22-bin-common.
Unpacking emacs22-bin-common (from .../emacs22-bin-common_22.2+1-1_i386.deb) ...
Selecting previously deselected package libxmu6.
Unpacking libxmu6 (from .../libxmu6_2%3a1.0.4-1_i386.deb) ...
Selecting previously deselected package libxpm4.
Unpacking libxpm4 (from .../libxpm4_1%3a3.5.7-1_i386.deb) ...
Selecting previously deselected package xaw3dg.
Unpacking xaw3dg (from .../xaw3dg_1.5+E-15_i386.deb) ...
Selecting previously deselected package emacs22.
Unpacking emacs22 (from .../emacs22_22.2+1-1_i386.deb) ...
Selecting previously deselected package emacs.
Unpacking emacs (from .../emacs_22.2+1-1_all.deb) ...
Setting up dictionaries-common (0.98.5) ...
Updating OpenOffice.org's dictionary list... done.
Setting up wamerican (6-2.1) ...
Setting up bsdgames (2.17-14) ...
Setting up emacsen-common (1.4.17) ...
emacsen-common: Handling install of emacsen flavor emacs
Setting up emacs22-common (22.2+1-1) ...
Setting up emacs22-bin-common (22.2+1-1) ...
Setting up libxmu6 (2:1.0.4-1) ...
Setting up libxpm4 (1:3.5.7-1) ...
Setting up xaw3dg (1.5+E-15) ...
Setting up emacs22 (22.2+1-1) ...
emacs-install emacs22
install/dictionaries-common: Byte-compiling for emacsen flavour emacs22
E: Could not get lock /var/lib/dpkg/lock - open (11 Resource temporarily 
unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg/), is another 
process using it?

Reading package lists... 0%

Reading package lists... 0%

Reading package lists... 7%

Reading package lists... Done

Building dependency tree... 0%

Building dependency tree... 0%

Building dependency tree... 4%

Building dependency tree... 50%

Building dependency tree... 50%

Building dependency tree... 82%

Building dependency tree

Reading state information... 0%

Reading state information... 0%

Reading state information... Done

Reading extended state information... 0%

Reading extended state information... 0%

Reading extended state information... 70%

Reading extended state information

Initializing package states... 0% 


Initializing package states... Done

Reading task descriptions... 0%


Reading task descriptions... 0%

Reading task descriptions... Done 
W: Could not lock the cache file; this usually means that dpkg or another apt tool is already installing packages.  Opening in read-only mode; any changes you make to the states of packages will NOT be preserved!

E: Could not get lock /var/lib/dpkg/lock - open (11 Resource temporarily 
unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg/), is another 
process using it?
E: Could not get lock /var/lib/dpkg/lock - open (11 Resource temporarily 
unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg/), is another 
process using it?

Reading package lists... 0%

Reading package lists... 100%

Reading package lists... Done

Building dependency tree... 0%

Building dependency tree... 0%

Building 

gdm/kdm/wdm-problem: wrong rc.init order?

[Johann Spies]

Over the last few years I have found this on several Debian computers
and occasionaly also on an Ubuntu PC:

When booting to a graphical user interface using the displaymanagers
mentioned in the subject line, I end up with a computer that does not
respond to any keyboard action on the login screen.  My workaround
lately is to then use the mouse to select the xmcd-chooser, cancel it
when it comes up and then I can login.  Otherwise I just configure my
computer not to start up with one of those display managers and use
startx or start one of them by hand. (eg. /etc/init.d/gdm start).

I suppose this is a bug, but that is not the case on every
computer.  I have Debian Lenny on two PC's and on a laptop and it is
only happening on one PC.  Both PC's in this case using 64-bit setups.

Any idea on what is causing it?

Regards
Johann
-- 
Johann Spies  Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch

 But as many as received him, to them gave he power to 
  become the sons of God, even to them that believe on 
  his name.John 1:12 


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: command line browser questions: - javascript - lynx history

[Daniel Dalton]

On Thu, 17 Apr 2008, NN_il_Confusionario wrote:


On Wed, Apr 16, 2008 at 11:17:05PM -0400, Celejar wrote:

On Thu, 17 Apr 2008 11:45:30 +1000 (EST)
Daniel Dalton [EMAIL PROTECTED] wrote:

On Mon, 14 Apr 2008, Celejar wrote:
What is its javascript like? Does it work with youtube for example?

I have no idea.


I also have no idea. I have just tried to visit youtube with my newly
compiled elinks, but I have to admit that I am not able to navigate
youtube (yes, I am too stupid to be able to use modern websites and GUIs)


Damn, I'll try later, but that's quite sad...
Hopefully I can get access to more websites with it though.
How about hotmail.com
Can you access that? Or does it give you javascript errors?

Thanks,

--
Daniel Dalton

http://members.iinet.net.au/~ddalton/
[EMAIL PROTECTED]


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: migrating to 64 bit...

[michael]

On Wed, 2008-04-16 at 08:12 -0700, Andrew Sackville-West wrote:
 On Wed, Apr 16, 2008 at 10:55:57AM +0100, michael wrote:
 
  On 16 Apr 2008, at 02:37, Douglas A. Tutty wrote:
  On Tue, Apr 15, 2008 at 12:32:26PM -0500, Sam Leon wrote:
  Could one easily upgrade to an amd64 system just by formating /,
  reinstalling with the proper arch, and then reinstalling all the apps
  that were installed and hopefully all the conf files in /home/user  
  will
  be compatible with the arch change of kde and other apps? (of course 
  I
  am only talking about if you have /home and a separate partition)
 
  Only formatting / will only work if you don't have a separte /usr or
  /var...
 
  I run amd64 Etch and have an i386 chroot for iceweasel with flash.
  Prior to that I had i386 Sarge on a different box.  The configs in / 
  home
  worked just fine.  I always migrate /etc by hand when I do a new
  install.
 
 
  I presume you have iceweasel in an i386 chroot since there's no working 
  flash for the 64 bit? This is something I am thinking of doing. I am 
  starting from amd64 Etch (no other Debian on the system). Do I really 
  need to install a full i386 Etch as implied by the Debian manual
  http://www.debian.org/doc/manuals/reference/ch-tips.en.html#s-chroot
  or is there a quicker/shorter way (that wastes less disk space)?
 
 when I migrated to amd64, I did nothing special for flash, and it
 seems to just work... (Now I'm thinking I need to go check). In
 theory, in sid, you use nsplugin-wrapper to allow 32bit flash to run
 on 64bit systems.

what about running Java apps? I thought nsplugin-wrapper didn't support
that?

but generally, I'm eager to learn how to do a small chroot for iceweasel


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: command line browser questions: - javascript - lynx history

[NN_il_Confusionario]

On Thu, Apr 17, 2008 at 07:31:41PM +1000, Daniel Dalton wrote:
 On Thu, 17 Apr 2008, NN_il_Confusionario wrote:
 I have just tried to visit youtube with my newly
 compiled elinks, but I have to admit that I am not able to navigate
 youtube (yes, I am too stupid to be able to use modern websites and GUIs) 
 Damn, I'll try later, but that's quite sad...
 Hopefully I can get access to more websites with it though.
 How about hotmail.com
 Can you access that? Or does it give you javascript errors?

with 'o' key  in links (Option manager) I have activated two keys for
ECMAScript 

Enable
Script error reporting

I have no javascript errors; for example I am now in
http://m.it.youtube.com/details?v=jcvfaMRf2P0warned=1v2=1
(but I do not know if javascript was needed to reach tha page).

The problem for me with youtube is that *I* am not able to navigate
youtube. Up to now I had to use youtube only one time, about 9 months
ago, and it took me at lest 5 minutes with firefox to find what to do in
the page to find the link to download the file. I have no understanding
of the logic behind any kind of modern interfaces.

With hotmail.com on the other hand I have an error:

ReferenceError: onLoad_Login is not defined

and then the page says

   JavaScript required to sign in

   Windows Live ID requires JavaScript to sign in. This web browser either does 
not support
   JavaScript, or scripts are being blocked.

-- 
Chi usa software non libero avvelena anche te. Digli di smettere.
Informatica=arsenico: minime dosi in rari casi patologici, altrimenti letale.
Informatica=bomba: intelligente solo per gli stupidi che ci credono.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: migrating to 64 bit...

[Jochen Schulz]

michael:
 On Wed, 2008-04-16 at 08:12 -0700, Andrew Sackville-West wrote:
 
 when I migrated to amd64, I did nothing special for flash, and it
 seems to just work... (Now I'm thinking I need to go check). In
 theory, in sid, you use nsplugin-wrapper to allow 32bit flash to run
 on 64bit systems.
 
 what about running Java apps? I thought nsplugin-wrapper didn't support
 that?

Java *applications* do work, only the browser plugin doesn't. But hey,
recently I read that Sun might release a 64Bit plugin in 2009. :)

J.
-- 
I enjoy shopping, eating, sex and doing jigsaw puzzles of idealised
landscapes.
[Agree]   [Disagree]
 http://www.slowlydownward.com/NODATA/data_enter2.html


signature.asc
Description: Digital signature

Re: migrating to 64 bit...

[michael]

On Thu, 2008-04-17 at 14:28 +0200, Jochen Schulz wrote:
 michael:
  On Wed, 2008-04-16 at 08:12 -0700, Andrew Sackville-West wrote:
  
  when I migrated to amd64, I did nothing special for flash, and it
  seems to just work... (Now I'm thinking I need to go check). In
  theory, in sid, you use nsplugin-wrapper to allow 32bit flash to run
  on 64bit systems.
  
  what about running Java apps? I thought nsplugin-wrapper didn't support
  that?
 
 Java *applications* do work, only the browser plugin doesn't. But hey,
 recently I read that Sun might release a 64Bit plugin in 2009. :)

Thanks for the clarification... but it confirms that, for now, I should
perhaps try a chroot for just 32 bit iceweasel, so my Q remains - 

 I presume you have iceweasel in an i386 chroot since there's no
working 
 flash for the 64 bit? This is something I am thinking of doing. I am 
 starting from amd64 Etch (no other Debian on the system). Do I really 
 need to install a full i386 Etch as implied by the Debian manual
 http://www.debian.org/doc/manuals/reference/ch-tips.en.html#s-chroot
 or is there a quicker/shorter way (that wastes less disk space)?


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]