Securing/encrypting a remote server

[Justin]

I'm interested in encrypting/securing a server that I'm only going to have
remote access to. Since somebody else will be setting it up the best I have
been able to come up with is to have it setup with a normal LVM scheme, then
add an encrypted tmp home and swap which I would mount/activate manually.

I toyed with unlocking the root fs via ssh with busybox/dropbear, but I
could never get it to work right. Plus, as I understand it, luks uses the
initial passphrase for encryption, so even if you revoke that key and create
another one, it's still a rather huge security issue.

Does anybody else have any ideas? Do I need a /var/tmp as well or could I
bind mount tmp to both?

And yes, I know all of the issues that come with a machine not being
physically secured, but I figure I should do what I can anyway, eh?

Re: wi-fi security?

[Johann Spies]

On Wed, Aug 05, 2009 at 03:28:21PM -0500, Preston Boyington wrote:
> Paul E Condon wrote:
> 
> 
> wicd has been flawless for me since i started using it.

After playing with wicd for a week or three I went back to
network-manager.  I cannot remember what my problem with wicd was, but
it was just easier to use network-manager in the end.

Regards
Johann

-- 
Johann Spies  Telefoon: 021-808 4599
Informasietegnologie, Universiteit van Stellenbosch

 "Rest in the LORD, and wait patiently for him: fret not
  thyself because of him who prospereth in his way,
  because of the man who bringeth wicked devices to pass."
Psalms 37:7 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Safe-upgrade of "dash" fails

[Sven Joachim]

On 2009-08-06 00:11 +0200, Jack Knowlton wrote:

> Coming back from a month-long trip, I decided to safe-upgrade my debian
> unstable desktop. Among the hundreds of new packages, apt seemed eager to
> install (or upgrade, I'm not sure) dash.

This is intended.

> Unfortunately, something seems to have gone terribly wrong and I would
> like to complete successfully the upgrade before rebooting the box. Here's
> what aptitude is complaining about:
>
> Unpacking dash (from .../dash_0.5.5.1-2.3_amd64.deb) ...
> Adding `diversion of /bin/sh to /bin/sh.distrib by dash'
> Adding `diversion of /usr/share/man/man1/sh.1.gz to
> /usr/share/man/man1/sh.distrib.1.gz by dash'
> dpkg (subprocess): unable to exec dpkg-deb to get filesystem archive: No
> such file or directory

That sounds as if you had lost dpkg-deb, which would be very worrisome.
Did you upgrade dpkg as well, and did anything go wrong with it?  Check
whether /usr/bin/dpkg-deb exists and is executable, and look into
/var/log/dpkg.log for recently installed/upgraded/removed packages.

Sven


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Johann Spies]

On Wed, Aug 05, 2009 at 12:37:30PM -0600, Paul E Condon wrote:
> On 2009-08-05_14:27:26, Johann Spies wrote:
> > On Wed, Aug 05, 2009 at 07:45:48AM -0400, Zachary Uram wrote:
> > > Got a new laptop and was wondering about wifi security. I've never
> > > used wifi before. I wanted to go to some of the local coffee shops
> > > that offer free wii but I need to know:
> > > 
> > > 1) How do I setup wifi in Linux?
> > 
> > The easiest way is to use network-manager.  If you click on the Icon
> > in your toolbar it should show you the detected networks.  You can use
> > the "Create New Wireless Network..." or "Connect to Hidden Wireless
> > Network..." to set up connections.
> 
> I am having some difficulty with network-manager. Aptitude says it is
> installed on my Acer Aspire one, but I don't have an Icon in my
> toolbar that leads me to a place where I am offered either of these
> two options (which both have specific mention of "Wireless
> Network"). 

I normally don't have this problem on Ubuntu laptops but on Debian I
had to run 'nm-applet' to get the Icon up on the Panel.  It might help
if you put it in the startup-applications.

Regards
Johann
-- 
Johann Spies  Telefoon: 021-808 4599
Informasietegnologie, Universiteit van Stellenbosch

 "Rest in the LORD, and wait patiently for him: fret not
  thyself because of him who prospereth in his way,
  because of the man who bringeth wicked devices to pass."
Psalms 37:7 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: qemu slowness

[jeremy jozwik]

On Wed, Aug 5, 2009 at 3:50 PM, Mark Allums wrote:
> VirtualBox-OSE is an application that you can install like qemu and run
> windows inside, and it is very easy to set up and use.  It has very good
> hardware support, so audio probably wouldn't be a problem, it runs fast, and
> whatever guest OS you choose to run can easily be started and stopped at
> will.

so ive got my virtualbox setup[massively faster by the way] running a
windows xp. added the audio as host driver null and pulse but still no
noises emitting. [and yes, speakers are on and un-muted ;) ]


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Nick Lidakis]

On Wed, Aug 05, 2009 at 07:45:48AM -0400, Zachary Uram wrote:

> 2) How do I make my laptop more secure so others on wifi network can't
> steal or sniff my packets?
> 

If you're using Gmail over wifi you should be logging in with
https:gmail.com. Using https encrypts not just the login but the entire
session. You should see, in Firefox, the little yellow lock in the
lower right hand corner of the screen to validate this.

I don't know if the other webmail services offfer this feature.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Raquel]

On Wed, 5 Aug 2009 22:04:13 -0600
Paul E Condon  wrote:

> 
> I find myself with a very puzzling problem. I want to look at wicd,
> but I can't. When I tried to install it with aptitude, I could not
> find it using / search. 

Check your sources.list.  wicd comes from the wicd repository rather
than Debian's.

-- 
Raquel

Question with boldness even the existence of God; because if there be
one, He must approve the homage of Reason rather than that of
blindfolded Fear.

  --Thomas Jefferson


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Manon Metten]

Hi Paul,

Sorry, made an error. You should use or course:

> # aptitude install -t lenny-backports wicd

Greetings, Manon.



On Thu, Aug 6, 2009 at 6:48 AM, Manon Metten wrote:
> Hi Paul,
>
> I'm running Lenny and found wicd on Debian Backports at:
> http://packages.debian.org/lenny-backports/wicd
>
> You should add the next line to your /etc/apt/sources.list (ie: if
> you're too using Lenny)
> deb http://www.backports.org/debian/ lenny-backports main contrib non-free
> run 'aptitude update', ignore the error msg, install the
> backports-keyring an update again:
>
> # aptitude update
> # aptitude install debian-backports-keyring
> # aptitude update
>
> Then you can install wicd as follows:
> # aptitude install -t etch-backports wicd
>
> However, when I tried this, aptitude asked if it should remove
> 'network-manager-kde'. As I'm using that app and don't have wireless,
> I cancelled the installation.
>
> Greetings, Manon.
>
>
>
> On Thu, Aug 6, 2009 at 6:04 AM, Paul E Condon 
> wrote:
>> On 2009-08-05_15:28:21, Preston Boyington wrote:
>>> Paul E Condon wrote:
>>>
>>> 
>>>
>>> > I am having some difficulty with network-manager. Aptitude says it is
>>> > installed on my Acer Aspire one...
>>>
>>> Paul, seriously take a look at wicd.  network-manager is now the second
>>> thing I uninstall on my Debian/Ubuntu machines (the first being the
>>> update-manager because I prefer to use Aptitude).
>>>
>>> wicd has been flawless for me since i started using it.
>>>
>>
>> I find myself with a very puzzling problem. I want to look at wicd,
>> but I can't. When I tried to install it with aptitude, I could not
>> find it using / search. More puzzling still - I am using approx, the
>> apt proxy, running on a lenny machine that is separate from my desktop
>> and my Acer. I know the proxy is working because I have been using it
>> for at least two months to configure two other specialized servers and
>> my desktop. I used it in the re-install of lenny today, and it worked
>> for that. I still cannot find wicd in aptitude on the Acer, even after
>> this totally new install. **But** I can find it in aptitude on my
>> desktop host. The only differences that I can think of are things that
>> surely should not affect the visibility of a package in aptitude,
>> namely:
>>
>> 1) I selected laptop in tasksel for tha Acer, but not for any of the
>> other hosts.
>>
>> 2) I use /etc/hosts on the other machines, but DHCP on the Acer (DHCP
>> is being served by my D-Link router. It has been doing it successfully
>> for a lon time for the iMacs on the LAN and it allows the Acer to
>> access the web)
>>
>> What could I be doing wrong? Any ideas, anyone? I'm really pretty
>> sure that neither of these differences is the cause of the problem.
>> I must be doing something really dumb, but I can't see what it is.
>>
>> --
>> Paul E Condon
>> pecon...@mesanetworks.net
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
>>
>>
>


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Manon Metten]

Hi Paul,

I'm running Lenny and found wicd on Debian Backports at:
http://packages.debian.org/lenny-backports/wicd

You should add the next line to your /etc/apt/sources.list (ie: if
you're too using Lenny)
deb http://www.backports.org/debian/ lenny-backports main contrib non-free
run 'aptitude update', ignore the error msg, install the
backports-keyring an update again:

# aptitude update
# aptitude install debian-backports-keyring
# aptitude update

Then you can install wicd as follows:
# aptitude install -t etch-backports wicd

However, when I tried this, aptitude asked if it should remove
'network-manager-kde'. As I'm using that app and don't have wireless,
I cancelled the installation.

Greetings, Manon.



On Thu, Aug 6, 2009 at 6:04 AM, Paul E Condon wrote:
> On 2009-08-05_15:28:21, Preston Boyington wrote:
>> Paul E Condon wrote:
>>
>> 
>>
>> > I am having some difficulty with network-manager. Aptitude says it is
>> > installed on my Acer Aspire one...
>>
>> Paul, seriously take a look at wicd.  network-manager is now the second
>> thing I uninstall on my Debian/Ubuntu machines (the first being the
>> update-manager because I prefer to use Aptitude).
>>
>> wicd has been flawless for me since i started using it.
>>
>
> I find myself with a very puzzling problem. I want to look at wicd,
> but I can't. When I tried to install it with aptitude, I could not
> find it using / search. More puzzling still - I am using approx, the
> apt proxy, running on a lenny machine that is separate from my desktop
> and my Acer. I know the proxy is working because I have been using it
> for at least two months to configure two other specialized servers and
> my desktop. I used it in the re-install of lenny today, and it worked
> for that. I still cannot find wicd in aptitude on the Acer, even after
> this totally new install. **But** I can find it in aptitude on my
> desktop host. The only differences that I can think of are things that
> surely should not affect the visibility of a package in aptitude,
> namely:
>
> 1) I selected laptop in tasksel for tha Acer, but not for any of the
> other hosts.
>
> 2) I use /etc/hosts on the other machines, but DHCP on the Acer (DHCP
> is being served by my D-Link router. It has been doing it successfully
> for a lon time for the iMacs on the LAN and it allows the Acer to
> access the web)
>
> What could I be doing wrong? Any ideas, anyone? I'm really pretty
> sure that neither of these differences is the cause of the problem.
> I must be doing something really dumb, but I can't see what it is.
>
> --
> Paul E Condon
> pecon...@mesanetworks.net
>
>
> --
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
>
>


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Paul E Condon]

On 2009-08-05_15:28:21, Preston Boyington wrote:
> Paul E Condon wrote:
> 
> 
> 
> > I am having some difficulty with network-manager. Aptitude says it is
> > installed on my Acer Aspire one...
> 
> Paul, seriously take a look at wicd.  network-manager is now the second
> thing I uninstall on my Debian/Ubuntu machines (the first being the
> update-manager because I prefer to use Aptitude).
> 
> wicd has been flawless for me since i started using it.
> 

I find myself with a very puzzling problem. I want to look at wicd,
but I can't. When I tried to install it with aptitude, I could not
find it using / search. More puzzling still - I am using approx, the
apt proxy, running on a lenny machine that is separate from my desktop
and my Acer. I know the proxy is working because I have been using it
for at least two months to configure two other specialized servers and
my desktop. I used it in the re-install of lenny today, and it worked
for that. I still cannot find wicd in aptitude on the Acer, even after
this totally new install. **But** I can find it in aptitude on my
desktop host. The only differences that I can think of are things that
surely should not affect the visibility of a package in aptitude,
namely:

1) I selected laptop in tasksel for tha Acer, but not for any of the
other hosts.

2) I use /etc/hosts on the other machines, but DHCP on the Acer (DHCP
is being served by my D-Link router. It has been doing it successfully
for a lon time for the iMacs on the LAN and it allows the Acer to
access the web)

What could I be doing wrong? Any ideas, anyone? I'm really pretty
sure that neither of these differences is the cause of the problem.
I must be doing something really dumb, but I can't see what it is.

-- 
Paul E Condon   
pecon...@mesanetworks.net


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: nspluginwrapper problem

[jeremy jozwik]

On Wed, Aug 5, 2009 at 7:52 PM, Brian Marshall wrote:
> Why not use the flashplugin-nonfree package? It has Flash 10 without
> nspluginwrapper on amd64.
>
> --
> Brian

email composing failure...

for some reason or another that package could not be found even with
adding to the source list


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Using a package from unstable if stable has a bug?

[Graham]

On Wed, 5 Aug 2009 15:49:39 -0700
Kushal Koolwal  wrote:

> 
> Let's say the package "watchdog" in Lenny has a bug which probably
> got fixed in the later upstream versions of watchdog in Debian Sid.
> 
> So I pulled in the sources for watchdog package from Debian Sid on my
> Lenny system and compiled the watchdog package and it built without
> complaining about anything.
> 
> What are some of the ramifications using a compiled package from Sid
> in Stable?

The only big issue would be the lack of automatic updates for watchdog
from now on. However, for such packages, I check up on the updates of
said packages by doing an RSS on this type of page
http://packages.qa.debian.org/w/watchdog.html (not that I use
watchdog). That page should inform you of any new updates that the
maintainer has done on that package, and you can decide whether you
want that update or not.

> Is there any elegant way to workaround the situation? How about
> backporting? Or with the above process that I just described, did I
> just backported the package?

You have backported watchdog.

I'd advise you to check the build dependencies for any future updates.
Do an "aptitude -s build-dep watchdog/unstable" before doing the
"apt-get -t unstable source watchdog", just in case there are any build
changes (which might end up showing new build depends or that the
updated build depends can't be met by your Lenny from now on... in
which case you'll have to either build those new/updated build depends
{how much more work are you prepared to do to keep up?}, install the
packages directly from Testing or Unstable {not recommended, but can be
done if very careful} or upgrade your system to Testing or Unstable).
If the changed build depend or depend is optional (and not needed by
you) during compilation, then you could edit the debian/rules file to
remove that dependency during compile time (google about debian/rules
if you want to learn more about that sort of thing). Another file to
look at is the debian/control file, too.

Actually, it's worth looking up apt-src, too.


Graham


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: nspluginwrapper problem

[Brian Marshall]

On Wed, Aug 05, 2009 at 07:28:58PM -0700, jeremy jozwik wrote:
> [...]
> [Edit: i did a re-install and now it works. just download and extract
> the package, make folder named "plugins" to .mozilla (in home folder)
> and move file libflashplayer.so there.]
> [...]

Why not use the flashplugin-nonfree package? It has Flash 10 without
nspluginwrapper on amd64.

-- 
Brian


signature.asc
Description: Digital signature

Re: Etch to 5.0.2 upgrade failed - Encrypted filesystem will not boot

[Andrew Reid]

On Wednesday 05 August 2009 19:54:50 line...@ruiner.halo.nu wrote:
> I tried configuring fstab to use the UUID from blkid, but I had the same
> problem.  Could the problem be that the SCSI drives are not coming up until
> cryptsetup has loaded?

  This could happen if the new kernel's initramfs doesn't have
the right modules, or if the module name has changed.

  It may be related to the "driver sd needs updating" thing, but 
it seems to be contradicted by your observation that /dev/sda appears
to be present and functional from within the busybox shell.

  In principle, you should be able to run the commands to 
set up the root FS from within the shell, have you tried that?
You might get a more informative error message.

-- A.  

-- 
Andrew Reid / rei...@bellatlantic.net


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: nspluginwrapper problem

[jeremy jozwik]

>> When I run nspluginwrapper -i
>> /usr/lib/browser-plugins/libflashflashplayer.so the response is
>>
>> *** NSPlugin Viewer *** ERROR: libnss3.so: cannot open shared object
>> file: No such file or directory.
>>
>> I found a copy of libnss3.so in /usr/lib and added a soft link to it
>> from /usr/lib/browser-plugins but this did not resolve the problem.
>>
>> For the record my systen is Lenny with a 2-6-26-1-amd64 kernel and
>> iceape browser.  Follwing the instructions in the browser help/plugins
>> I downloaded rpm files, used alien to convert them to deb files and
>> installed   nspluginwrapper-1.0.0-2_amd64.deb and
>> nspluginwrapper-i386-1.0.0-2_amd64.deb
>>
>> The information in /usr/share/doc/nspluginwrapper-1.0.0 does not address
>> this problem.
>>
>> Any suggestions?
>>
>> Tom
i got flash 10 for 64-bit to work with out the use of nspluginwrapper.
not sure exactly what nspluginwrapper does but i managed to get flash
working with the steps below:

Adobe has finally published 64-bit vaersion of Flash for Linux.

I followed this how-to for Ubuntu 8.10, but it did not work for 64
Studio 2.1: 
http://news.softpedia.com/news/How-to-Install-Adobe-Flash-Player-64-bit-on-Ubuntu-8-10-98076.shtml

Does anybody know how to get it work?

[Edit: i did a re-install and now it works. just download and extract
the package, make folder named "plugins" to .mozilla (in home folder)
and move file libflashplayer.so there.]

the package is available here:
http://linux.softpedia.com/get/Internet/HTTP-WWW-/Adobe-Flash-Player-for-64-bit-Linux-42958.shtml


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

compiled kernel and NetXtreme II BCM5708 Gigabit Ethernet

[Daniel Bareiro]

Hi all!

I am having a problem booting with a kernel compiled using the Debian
way. In my particular case I am having this problem on Ubuntu, but I
don't believe that the problem is something specific of this
distribution and that is the reason for which I am consulting it here.

The idea is to install kernel newer than 2.6.24-19, that is the one that
Hardy Heron server has in its repositories, since by problems that I had
of excessive use of virtual memory with KVM, in the KVM mailing list
they recommended to me to use 2.6.27 or superior because it realises one
better management of memory.

Then I've downloaded to the source code of 2.6.30.3 and I compiled it
with:

# fakeroot make-kpkg clean
# fakeroot make-kpkg --initrd --append-to-version=-dgb kernel_image 
kernel_headers

Although the compilation finishes without problems, I am having a
problem booting the operating system. The interfaces fail to load. This
equipment is a Proliant DL380 G5 with two NetXtreme II BCM5708 Ethernet
Gigabit interfaces.

With kernel of the Ubuntu Hardy repositories I did not have any kind of
problem, but with kernel compiled by myself I obtain the following error
message during the boot that it suggests cannot accede to firmware of
this network interface:

Aug  4 17:38:39 ss03 kernel: [4.750023] bnx2 :03:00.0: firmware: 
requesting bnx2/bnx2-mips-06-4.6.16.fw
Aug  4 17:38:39 ss03 kernel: [4.751070] bnx2: Can't load firmware file 
"bnx2/bnx2-mips-06-4.6.16.fw"
Aug  4 17:38:39 ss03 kernel: [4.751141] bnx2 :03:00.0: PCI INT A 
disabled
Aug  4 17:38:39 ss03 kernel: [4.751167] bnx2: probe of :03:00.0 failed 
with error -2
Aug  4 17:38:39 ss03 kernel: [4.751244] bnx2 :05:00.0: PCI INT A -> GSI 
17 (level, low) -> IRQ 17

The peculiar thing is that if I do:

# rmmod bnx2
# modprobe bnx2

Yes it loads the interfaces. I read something of this in a bug report of
Debian GNU/Linux [1] and tried with the suggestion to do:

# update-initramfs -u

The files seem to be:

# find / | grep bnx
/boot/lib/modules/2.6.30.3-dgb/kernel/drivers/net/bnx2.ko
/sys/bus/pci/drivers/bnx2
/sys/bus/pci/drivers/bnx2/:03:00.0
/sys/bus/pci/drivers/bnx2/:05:00.0
/sys/bus/pci/drivers/bnx2/module
/sys/bus/pci/drivers/bnx2/uevent
/sys/bus/pci/drivers/bnx2/unbind
/sys/bus/pci/drivers/bnx2/bind
/sys/bus/pci/drivers/bnx2/new_id
/sys/bus/pci/drivers/bnx2/remove_id
/sys/module/bnx2
/sys/module/bnx2/holders
/sys/module/bnx2/version
/sys/module/bnx2/srcversion
/sys/module/bnx2/initstate
/sys/module/bnx2/refcnt
/sys/module/bnx2/sections
/sys/module/bnx2/sections/.note.gnu.build-id
/sys/module/bnx2/sections/.text
/sys/module/bnx2/sections/.exit.text
/sys/module/bnx2/sections/.devinit.text
/sys/module/bnx2/sections/.init.text
/sys/module/bnx2/sections/.devexit.text
/sys/module/bnx2/sections/.rodata
/sys/module/bnx2/sections/.rodata.str1.1
/sys/module/bnx2/sections/.smp_locks
/sys/module/bnx2/sections/__bug_table
/sys/module/bnx2/sections/.rodata.str1.8
/sys/module/bnx2/sections/__param
/sys/module/bnx2/sections/.devinit.rodata
/sys/module/bnx2/sections/.data
/sys/module/bnx2/sections/.devinit.data
/sys/module/bnx2/sections/.gnu.linkonce.this_module
/sys/module/bnx2/sections/.bss
/sys/module/bnx2/sections/.symtab
/sys/module/bnx2/sections/.strtab
/sys/module/bnx2/notes
/sys/module/bnx2/notes/.note.gnu.build-id
/sys/module/bnx2/drivers
/sys/module/bnx2/drivers/pci:bnx2
/lib/firmware/bnx2
/lib/firmware/bnx2/bnx2-rv2p-06-4.6.16.fw
/lib/firmware/bnx2/bnx2-mips-06-4.6.16.fw
/lib/firmware/bnx2/bnx2-rv2p-09-4.6.15.fw
/lib/firmware/bnx2/bnx2-mips-09-4.6.17.fw
/lib/modules/2.6.30.4-dgb/kernel/drivers/net/bnx2.ko
/lib/modules/2.6.24-19-server/kernel/drivers/net/bnx2.ko


But after boot I have again the same problem.

/etc/initramfs-tools/modules doesn't make reference to some module. I do
not see that in Ubuntu Hardy firmware-bnx2 is a package, although am not
sure either if it is necessary with kernel compiled from the sources.

With 2.6.30.4 it happens the same exactly. Somebody also had this problem
and could solve it somehow? 

Thanks in advance for your reply.

Regards,
Daniel

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494936
-- 
Fingerprint: BFB3 08D6 B4D1 31B2 72B9  29CE 6696 BF1B 14E6 1D37
Powered by Debian GNU/Linux Squeeze - Linux user #188.598


signature.asc
Description: Digital signature

Re: nspluginwrapper problem

[mrshroom]

The easiest way to fix this is install the ia32-libs with nsplugin-wrapper,

apt-get install nspluginwrapper (should handle the ia32-libs)

now all I had to do was download the libpixman deb for squeeze, open and you
will get a controll and data.  Now open the data and you should get
user/lib, take what's inside that lib and put it into your
/emul/ia32-libs/usr/lib folder... Restart Firefox (iceweasel or whatever)
and there you go, you have working flash!  I had a 32bit chroot running for
a bit, but with ia32-libs and wine I was getting glx errors =( so I had to
find this fix for myself.



Thomas H. George-3 wrote:
> 
> 
> When I run nspluginwrapper -i
> /usr/lib/browser-plugins/libflashflashplayer.so the response is
> 
> *** NSPlugin Viewer *** ERROR: libnss3.so: cannot open shared object
> file: No such file or directory.
> 
> I found a copy of libnss3.so in /usr/lib and added a soft link to it
> from /usr/lib/browser-plugins but this did not resolve the problem.
> 
> For the record my systen is Lenny with a 2-6-26-1-amd64 kernel and
> iceape browser.  Follwing the instructions in the browser help/plugins
> I downloaded rpm files, used alien to convert them to deb files and
> installed   nspluginwrapper-1.0.0-2_amd64.deb and
> nspluginwrapper-i386-1.0.0-2_amd64.deb
> 
> The information in /usr/share/doc/nspluginwrapper-1.0.0 does not address
> this problem.
> 
> Any suggestions?
> 
> Tom
> 
> Note: This is a reposting as the original sent yesterday (5 Nov 08)
> never appeared in my mail from the list and also not in the archives. 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact
> listmas...@lists.debian.org
> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/nspluginwrapper-problem-tp20371743p24839124.html
Sent from the Debian User mailing list archive at Nabble.com.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: cups undocumented deprecation

[Jude DaShiell]

Apparently cups doesn't consider root part of lpadmin group.



On Wed, 5 Aug 2009, Roger Leigh wrote:


On Wed, Aug 05, 2009 at 04:26:38AM -0400, Jude DaShiell wrote:

The command line tools in cups current debian version are deprecated and
that deprecation is undocumented.  I proved this a few minutes ago by
setting up my printer using the web interface and set printer options
after successfully adding the printer.  Before I did any of this
configuration though I erased /var/log/cups/error_log.  When I finished
selecting the printer and setting defaults for the printer using the web
interface though, I couldn't find /var/log/cups/error_log, it wasn't
there.


You probably need to restart CUPS for this to be recreated.


When I had done this using the command line tools though I got
log entries with UNAUTHORIZED printed next to each of them.  All very
interesting, the command line tools can now probably be removed since
those apparently no longer work.


All the command-line tools do work, but you may have permissions
problems.  For administrative tasks, such as adding and modifying
printers, the user needs to be a member of the lpadmin group.
Normal users also need permission to print; by default all users
should have permission, but if you get an unauthorised error, then
they might be set too strictly.  cupsd.conf has a reasonable default
configuration for these settings for a typical system.


Regards,
Roger

--
 .''`.  Roger Leigh
: :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
`. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
  `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.





--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Etch to 5.0.2 upgrade failed - Encrypted filesystem will not boot

[Alex Samad]

On Wed, Aug 05, 2009 at 06:54:50PM -0500, line...@ruiner.halo.nu wrote:
> I tried configuring fstab to use the UUID from blkid, but I had the same 
> problem.  Could the problem be that the SCSI drives are not coming up until 
> cryptsetup has loaded?

hmmm not sure, you could try 
turning of quiet mode remove the quiet from the kernel option on boot
and maybe try turning on debug (add debug to the kernal options)

anothering to try is place a shell script in
/etc/initramfs/scripts/local-top/ call something like 00mine and open a
console with something like bash  or try some command here like
cryptsetup -T1 luksOpen /dev/sda2 sda2_crypt

you will need to update you initramfs for the above 

or add to your kernel options something like break=local-top


if you are using grub you can edit the kernel options at boot time 

Alex

> 
> Here is some info on my configuration:
> 
> t...@magnesium:/etc/initramfs-tools/conf.d$ cat resume 
> RESUME=/dev/mapper/magnesium-swap_1
> t...@magnesium:/etc/initramfs-tools/conf.d$ cat /etc/fstab 
> # /etc/fstab: static file system information.
> #
> #
> proc/proc   procdefaults0   0
> /dev/mapper/magnesium-root /   ext3defaults,errors=remount-ro 
> 0   1
> /dev/sda1   /boot   ext3defaults0   2
> /dev/mapper/magnesium-swap_1 noneswapsw  0   0
> t...@magnesium:/etc$ cat /etc/crypttab 
> sda5_crypt /dev/sda5 none luks
> t...@magnesium:/etc$ ls -l /dev/mapper/
> crw-rw 1 root root  10, 63 2009-08-05 13:45 control
> brw-rw 1 root disk 254,  1 2009-08-05 13:47 magnesium-root
> brw-rw 1 root disk 254,  2 2009-08-05 13:47 magnesium-swap_1
> brw-rw 1 root disk 254,  0 2009-08-05 13:47 sda5_crypt
> t...@magnesium:/etc$ sudo update-initramfs -u
> update-initramfs: Generating /boot/initrd.img-2.6.26-2-686
> 
> 
> On Wed, Aug 05, 2009 at 04:18:47PM +1000, Alex Samad wrote:
> > 
> > do you have your root fs in fstab by LABEL or UUID if so I reported a
> > bug report against cryptsetup.
> > 
> > change to a dev like /dev/mapper/ and then run update-initramfs
> > -u 
> > 
> > On Tue, Aug 04, 2009 at 06:50:56PM -0500, line...@halo.nu wrote:
> > > Hi -
> > > 
> > > I have a Debian Etch system which I recently upgraded to v5.0.2.  The 
> > > file system was encrypted with LUKS at install time.
> > > 
> > > The upgrade appeared to go well, however when I boot into the new system, 
> > > it gives the following error:
> > > 
> > > Volume group "hostname" not found
> > > cryptsetup: Source device /dev/sda5 not found
> > > Begin: Waiting for root file system
> > > 
> > > This may be unrelated, but it also says:
> > > Driver 'sd' needs updating - Please use bus_type methods.
> > > 
> > > After 5 minutes it says:
> > > 
> > > Gave up wating for root device
> > > 
> > > And drops to a busybox shell.
> > > 
> > > The /dev/sda devices seem to come up ok, and sda is the same device name 
> > > that it had before.
> > > 
> > > When I select the old 2.6.18 kernel in the GRUB menu, it works fine and I 
> > > can access my data.   Every time I select the newer 2.6.26 kernel, I get 
> > > this error.
> > > 
> > > How can I fix this issue?
> > > 
> > > Thanks!
> > > 
> > > 
> > > 
> > 
> > -- 
> > "I can't tell you what it's like to be in Europe, for example, to be 
> > talking about the greatness of America. But the true greatness of America 
> > are the people."
> > 
> > - George W. Bush
> > 07/02/2001
> > Washington, DC
> 
> 
> 

-- 
"Oftentimes, we live in a processed world -- you know, people focus on the 
process and not results."

- George W. Bush
05/29/2003
Washington, DC


signature.asc
Description: Digital signature

Re: Etch to 5.0.2 upgrade failed - Encrypted filesystem will not boot

[lineman]

I tried configuring fstab to use the UUID from blkid, but I had the same 
problem.  Could the problem be that the SCSI drives are not coming up until 
cryptsetup has loaded?

Here is some info on my configuration:

t...@magnesium:/etc/initramfs-tools/conf.d$ cat resume 
RESUME=/dev/mapper/magnesium-swap_1
t...@magnesium:/etc/initramfs-tools/conf.d$ cat /etc/fstab 
# /etc/fstab: static file system information.
#
#
proc/proc   procdefaults0   0
/dev/mapper/magnesium-root /   ext3defaults,errors=remount-ro 0 
  1
/dev/sda1   /boot   ext3defaults0   2
/dev/mapper/magnesium-swap_1 noneswapsw  0   0
t...@magnesium:/etc$ cat /etc/crypttab 
sda5_crypt /dev/sda5 none luks
t...@magnesium:/etc$ ls -l /dev/mapper/
crw-rw 1 root root  10, 63 2009-08-05 13:45 control
brw-rw 1 root disk 254,  1 2009-08-05 13:47 magnesium-root
brw-rw 1 root disk 254,  2 2009-08-05 13:47 magnesium-swap_1
brw-rw 1 root disk 254,  0 2009-08-05 13:47 sda5_crypt
t...@magnesium:/etc$ sudo update-initramfs -u
update-initramfs: Generating /boot/initrd.img-2.6.26-2-686


On Wed, Aug 05, 2009 at 04:18:47PM +1000, Alex Samad wrote:
> 
> do you have your root fs in fstab by LABEL or UUID if so I reported a
> bug report against cryptsetup.
> 
> change to a dev like /dev/mapper/ and then run update-initramfs
> -u 
> 
> On Tue, Aug 04, 2009 at 06:50:56PM -0500, line...@halo.nu wrote:
> > Hi -
> > 
> > I have a Debian Etch system which I recently upgraded to v5.0.2.  The file 
> > system was encrypted with LUKS at install time.
> > 
> > The upgrade appeared to go well, however when I boot into the new system, 
> > it gives the following error:
> > 
> > Volume group "hostname" not found
> > cryptsetup: Source device /dev/sda5 not found
> > Begin: Waiting for root file system
> > 
> > This may be unrelated, but it also says:
> > Driver 'sd' needs updating - Please use bus_type methods.
> > 
> > After 5 minutes it says:
> > 
> > Gave up wating for root device
> > 
> > And drops to a busybox shell.
> > 
> > The /dev/sda devices seem to come up ok, and sda is the same device name 
> > that it had before.
> > 
> > When I select the old 2.6.18 kernel in the GRUB menu, it works fine and I 
> > can access my data.   Every time I select the newer 2.6.26 kernel, I get 
> > this error.
> > 
> > How can I fix this issue?
> > 
> > Thanks!
> > 
> > 
> > 
> 
> -- 
> "I can't tell you what it's like to be in Europe, for example, to be talking 
> about the greatness of America. But the true greatness of America are the 
> people."
> 
>   - George W. Bush
> 07/02/2001
> Washington, DC



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Using a package from unstable if stable has a bug?

[Kushal Koolwal]

Let's say the package "watchdog" in Lenny has a bug which probably got fixed in 
the later upstream versions of watchdog in Debian Sid.

So I pulled in the sources for watchdog package from Debian Sid on my Lenny 
system and compiled the watchdog package and it built without complaining about 
anything.

What are some of the ramifications using a compiled package from Sid in Stable?

Is there any elegant way to workaround the situation? How about backporting? Or 
with the above process that I just described, did I just backported the package?

Kushal Koolwal

I do blog at http://blogs.koolwal.net/




_
Get free photo software from Windows Live
http://www.windowslive.com/online/photos?ocid=PID23393::T:WLMTAGL:ON:WL:en-US:SI_PH_software:082009

--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: qemu slowness

[Mark Allums]

Klistvud wrote:

Dne, 04. 08. 2009 07:48:50 je jeremy jozwik napisal(a):

hello list. the wife wants to watch netflix "watch instantly" videos.
it requires a program to be installed in order to watch the videos.
said program is only supported under the w and mac os.

so i figured this would be a nice time to setup a virtual machine. so
ive been poking around with qemu. so far i have a windows machine
running but its is massively slow. loading up an IE window takes for
ever. i know there is some crazy emulation voodoo going on but is
there anything i can do to speed it up?

also it has not audio!

step by step that i used to setup the machine
http://www.debian-administration.org/article/
Running_Microsoft_Windows_inside_Debian_qemu



As already said by Tzafrir, your best bet is to use kvm if your CPU 
supports it, otherwise opt for kqemu at least. Qemu all by itself is 
terribly slow, although it's a magnificient, stable piece of software. 
As for sound ... I could never make it work in Debian either, but IIRC 
it did work in openSuSE when I tried (and possibly in some other 
distros). Maybe 
it's down to package versions. Using a more recent version of qemu 
might just do the trick ... or not ...


If you're on Lenny, the package versions tend to be somewhat oldish.




I would add that there is now a huge amount of virtualization available, 
if qemu is not satisfactory, consider another choice.  Best is a machine 
with a multiple-core CPU and hardware support for virtualization, but at 
any rate, you have several choices.


If you don't mind some work (and your hardware supports it), try Xen. 
It is a little daunting to set up, but it is good not only for running 
something like windows side-by-side with Debian, but it would also be 
good to allow you to try out other interesting os'es and such.  Running 
 a Xen kernel, you could run Lenny and Sid as separate vm's (dom's) at 
the same time.


VirtualBox-OSE is an application that you can install like qemu and run 
windows inside, and it is very easy to set up and use.  It has very good 
hardware support, so audio probably wouldn't be a problem, it runs fast, 
and whatever guest OS you choose to run can easily be started and 
stopped at will.


Qemu works, but may not be your best option in Debian.  If you want to 
stick with it, as others have pointed out, it might help to not try full 
virtualization, but use kernel virtualization with kvm.


Keep us posted.

Mark Allums






--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Safe-upgrade of "dash" fails

[Jack Knowlton]

Hi all.
Coming back from a month-long trip, I decided to safe-upgrade my debian
unstable desktop. Among the hundreds of new packages, apt seemed eager to
install (or upgrade, I'm not sure) dash.
Unfortunately, something seems to have gone terribly wrong and I would
like to complete successfully the upgrade before rebooting the box. Here's
what aptitude is complaining about:

Unpacking dash (from .../dash_0.5.5.1-2.3_amd64.deb) ...
Adding `diversion of /bin/sh to /bin/sh.distrib by dash'
Adding `diversion of /usr/share/man/man1/sh.1.gz to
/usr/share/man/man1/sh.distrib.1.gz by dash'
dpkg (subprocess): unable to exec dpkg-deb to get filesystem archive: No
such file or directory
dpkg: error processing /var/cache/apt/archives/dash_0.5.5.1-2.3_amd64.deb
(--unpack):
 subprocess dpkg-deb --fsys-tarfile returned error exit status 2
dpkg (subprocess): unable to execute new post-removal script: No such file
or directory
dpkg: error while cleaning up:
 subprocess new post-removal script returned error exit status 2
Errors were encountered while processing:
 /var/cache/apt/archives/dash_0.5.5.1-2.3_amd64.deb
E: Problem executing scripts DPkg::Post-Invoke 'if [ -d
/var/lib/update-notifier ]; then  touch
/var/lib/update-notifier/dpkg-run-stamp; fi'
E: Sub-process returned an error code
E: Sub-process /usr/bin/dpkg returned an error code (1)


I tried google-ing around for a bit but couldn't find anything useful
related to this problem.
Anyone have a quick fix for this?
Thanks.


-JK





-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Micha Feigin]

On Wed, 5 Aug 2009 17:50:29 +0100
Anthony Campbell  wrote:

> On 05 Aug 2009, Michael Ekstrand wrote:
> > > 
> > > The easiest way is to use network-manager.  If you click on the Icon
> > > in your toolbar it should show you the detected networks.  You can use
> > > the "Create New Wireless Network..." or "Connect to Hidden Wireless
> > > Network..." to set up connections.
> > 
> > I second the recommendation for network-manager.  If you don't want it
> > for some reason (e.g. you're allergic to Gnome dependencies), wicd is a
> > useful alternative.  I have also had decent success with wifi-radar some
> > time ago.
> > 
> 
> When I installed network-manager a week ago it blocked wired access to my
> router. I expect I could have reconfigured it in some way but it turned
> out to be unnecessary for my purpose so I removed it and everything
> worked normally again. This isn't an argument against using
> network-manager, just a warning of something to look out for.
> 

I guess that you setup things in /etc/network/interfaces. When using network
manager or wicd you should not have any interfaces that you want to manage with
them appear in /etc/network/interfaces. Also, by default they both try to use
dhcp to setup the nic. If you use a specific address then it needs to be setup
explicitly. They are much more useful for roaming connections (moving from wifi
to/from wired on a laptop) and are not too useful on a desktop.

> Anthony
> 
> 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Nate Bargmann]

* Zachary Uram  [2009 Aug 05 07:04 -0500]:
> Got a new laptop and was wondering about wifi security. I've never
> used wifi before. I wanted to go to some of the local coffee shops
> that offer free wii but I need to know:
> 
> 1) How do I setup wifi in Linux?

Have a supported chipset (Atheros is good)
Install the wicd package.
Enjoy!

-- 

"The optimist proclaims that we live in the best of all
possible worlds.  The pessimist fears this is true."

Ham radio, Linux, bikes, and more: http://n0nb.us/index.html


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Little OT : Software for Active Noise Cancelling or Reduction

[John Hasler]

M writes:
> i was considering to buy headphones with Active Noise Cancelling / Reduction.

> But before spend money, i'd like to know if there's a software that
> could do the same job (for free).

No.  Not feasible.
-- 
John Hasler


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Preston Boyington]

Paul E Condon wrote:



> I am having some difficulty with network-manager. Aptitude says it is
> installed on my Acer Aspire one...

Paul, seriously take a look at wicd.  network-manager is now the second
thing I uninstall on my Debian/Ubuntu machines (the first being the
update-manager because I prefer to use Aptitude).

wicd has been flawless for me since i started using it.


-- 

Arrant Drivel - really, it's just trash...
http://www.arrantdrivel.com/

Where the road takes me - a highwayman's perspective
http://www.prestonboyington.com/


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Little OT : Software for Active Noise Cancelling or Reduction

[Mirco Piccin]

Hi all,
i was considering to buy headphones with Active Noise Cancelling /
Reduction.

But before spend money, i'd like to know if there's a software that could do
the same job (for free).
Thanks in advance!

Regards
M

Re: Thinkpad T60P: bricked by grub transition

[Andrei Popescu]

On Wed,05.Aug.09, 08:53:48, Anthony Campbell wrote:
> 
> Thanks for posting this; I'll keep it in reserve. I was caught by the
> same trap on a similar machine (Thinkpad Z61M) a couple of weeks ago and
> was rescued by a knowledgeable poster on this list. I can now boot again
> although I no longer get the option to use the Lenny OS which is also
> on the disk. (Probably something to do with grub.cfg but I haven't gone
> into that.)

You could try installing the package os-prober and running update-grub.  
It did detect and added to the list my Vista recovery partition.

Regards,
Andrei
-- 
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)


signature.asc
Description: Digital signature

Re: A Laptop where all hardware is perfectly supported

[Andrei Popescu]

On Wed,05.Aug.09, 10:42:41, Johann Spies wrote:
 
> > I'm on sid. Does your xserver-xorg depend on console-setup? 
> 
> I suspect not because I did not have console-setup installed.  How do
> I configure it to use console-setup?
 
I don't think you should bother. Just set everything up via xorg.conf 
and when you do get the version that depends on console-setup it should 
automatically migrate the relevant parts to /etc/default/console-setup.  
If it doesn't it's a bug ;)

Regards,
Andrei
-- 
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)


signature.asc
Description: Digital signature

Re: How to add a printer via command line

[Roberto De Oliveira]

2009/8/6 T o n g :
> On Wed, 05 Aug 2009 14:13:50 +0100, Roger Leigh wrote:
>
>>> interesting, the command line tools can now probably be removed since
>>> those apparently no longer work.
>>
>> All the command-line tools do work . . .
>
> How can I add a printer via command line? I have to go through the
> lengthy process through the web interface to add my printer each time I
> install a fresh system. This is the only printer I have for years, and
> hope that adding the printer via command line will save my time.
>
> Thanks
>
> --
> Tong (remove underscore(s) to reply)
>  http://xpt.sourceforge.net/techdocs/
>  http://xpt.sourceforge.net/tools/
>

With the command lpadmin:

lpadmin -p PRINTERNAME -m PPD -v URI -E




-- 
Saludos,
Roberto De Oliveira


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Paul E Condon]

On 2009-08-05_14:27:26, Johann Spies wrote:
> On Wed, Aug 05, 2009 at 07:45:48AM -0400, Zachary Uram wrote:
> > Got a new laptop and was wondering about wifi security. I've never
> > used wifi before. I wanted to go to some of the local coffee shops
> > that offer free wii but I need to know:
> > 
> > 1) How do I setup wifi in Linux?
> 
> The easiest way is to use network-manager.  If you click on the Icon
> in your toolbar it should show you the detected networks.  You can use
> the "Create New Wireless Network..." or "Connect to Hidden Wireless
> Network..." to set up connections.

I am having some difficulty with network-manager. Aptitude says it is
installed on my Acer Aspire one, but I don't have an Icon in my
toolbar that leads me to a place where I am offered either of these
two options (which both have specific mention of "Wireless
Network"). I do have something called "Network Monitor". But its only
mention of wireless is "Edit wireless networks..." (the ellipsis is
part of what is actually displayed, not something I introduced to
shorten this email) When I click on this "Edit wireless networks..."
option, I get a screen that has text boxes labeled "Network", "Name:",
and "bssids:". All boxes are empty, and I have no idea what to type
into them. I do not see any use of the word "Create" or of "Connect",
or "Hidden".

I know I am within radio range of my daughters Apple Air Port, because
it is about 10 feet away, and the Acer detects it immediately when I
reboot into Windows.

What do I select in the "Add to Panel" window to get the icon that you
are writing about? Or how do I get "Network Monitor" to report on
wireless as well as wired networks? There are plugins to
metwork-monitor mentioned in aptitude. Which, if any, might include
the functionality that you have?

-- 
Paul E Condon   
pecon...@mesanetworks.net


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

How to add a printer via command line

[T o n g]

On Wed, 05 Aug 2009 14:13:50 +0100, Roger Leigh wrote:

>> interesting, the command line tools can now probably be removed since
>> those apparently no longer work.
> 
> All the command-line tools do work . . .

How can I add a printer via command line? I have to go through the 
lengthy process through the web interface to add my printer each time I 
install a fresh system. This is the only printer I have for years, and 
hope that adding the printer via command line will save my time.

Thanks

-- 
Tong (remove underscore(s) to reply)
  http://xpt.sourceforge.net/techdocs/
  http://xpt.sourceforge.net/tools/


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Where to download Debian Etch's last release ISO image?

[Siggy Brentrup]

On Wed, Aug 05, 2009 at 17:30 +, Oscar Corte wrote:
> 
> Hi all:
> 
>  
> 
> I’ve been trying to find an ISO image of Debian’s last release for version 
> 4.0 (I think is r8).
> 
>  
> 
> Could somebody tell me where to find it?

http://ftp.debian.org/debian/dists/oldstable/main/installer-i386/current/images/

And please don't send any more advertisements from m$ or others, if you can't
change it, post from a different account.

Siggy

-- 
Please don't Cc: me when replying, I might not see either copy.
   bsb-at-psycho-dot-informationsanarchistik-dot-de
   or:bsb-at-psycho-dot-i21k-dot-de
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org


signature.asc
Description: Digital signature

Re: Where to download Debian Etch's last release ISO image?

[Boyd Stephen Smith Jr.]

In , Oscar Corte wrote:
>I’ve been trying to find an ISO image of Debian’s last release for version
> 4.0 (I think is r8).

I'd use .

But, you can start  and 
choose your own path from there.

Please use BitTorrent/Jigdo if possible.
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net  ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/



signature.asc
Description: This is a digitally signed message part.

Where to download Debian Etch's last release ISO image?

[Oscar Corte]

Hi all:

 

I’ve been trying to find an ISO image of Debian’s last release for version 4.0 
(I think is r8).

 

Could somebody tell me where to find it?

 

Thanks in advance for any hints

_
Drag n’ drop—Get easy photo sharing with Windows Live™ Photos.

http://www.microsoft.com/windows/windowslive/products/photos.aspx

Re: wi-fi security?

[Boyd Stephen Smith Jr.]

In , Zachary 
Uram wrote:
>2) How do I make my laptop more secure so others on wifi network can't
>steal or sniff my packets?

That depends on the security used by the network, which is not a choice you 
make when connecting to it, but rather a choice made by the entity that 
provides the network.

If the wireless network has no security, packets are basically plain-text.  
Don't do anything over this network that isn't public or end-to-end secured 
(ssh, ssl, tls, vpn, etc.).

If the wireless network has WEP security, packets are encrypted, but in a 
way that is trivial to break.  Anyone that wants to put in some effort can 
see your packets.  Treat this the same way you would a network with no 
security.

If the wireless network uses WPA, you might be safe.  There are some fairly 
sophisticated attacks against WPA personal, that don't require much 
resources besides time.  So, treat those networks has if they have no 
security.  However, WPA enterprise and WPA2 are still secure at this point 
in time; you can trust that an attacker can't see your packets between your 
radio and the AP's radio.

However, NO wireless security protocol can protect you from packet sniffing 
at or *behind* the AP.  If the entity that provides the network is a 
potential attacker, you must use end-to-end security (ssh, ssl, tls, vpn, 
etc.) for anything not public.

BTW, self-signed certificate != end-to-end security, it is trivial for an 
attacker to perform a man-in-the-middle attack.  Actually, that's true for 
any certificate that doesn't already have chain of trust to your trusted 
certificate authority stores.  It's also true for any ssh/vpn "fingerprint" 
that you haven't approved over a secured link.  If you get a trust/don't 
trust prompt over a non-trusted network, DO NOT TRUST!
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net  ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/



signature.asc
Description: This is a digitally signed message part.

Re: Problems with HP PSC 1210 all-in-one printer on lenny

[Andrew Sackville-West]

On Tue, Aug 04, 2009 at 01:24:11PM +0200, Eric Meijer wrote:
> Hello,

> Questions:
> Does anyone use the HP PSC 1210 all-in-one printer with a lenny system and
> 1) also has a kernel hang, or not
> 2) can scan with it, or not ?

2) yes.

I'm running a somewhat out of data sid which is probably pretty close
to lenny at this point. It has worked just find with xsane in sid
since at least the sarge days

Can you provide more details about how sane *doesn't* find the
scanner?

what output do you get from :

sane-find-scanner -v

scanimage -L

you may want to run sane-find-scanner as root...

A


signature.asc
Description: Digital signature

Re: Anyone has the experience of upgrading Debian from woody to lenny?

[Siggy Brentrup]

On Wed, Aug 05, 2009 at 18:10 +0200, Johannes Wiedersich wrote:
> Kun Niu wrote:
> > Somewhere on debian.org are pages on how to upgrade from Woody to Etch.  So,
> > I'd read them first and try it.
> 
> What about sarge? IIRC, it was woody -> sarge -> etch -> lenny.
> 
> You'd have to find a sarge archive to upgrade to, though.

Maybe, dunno exactly.

Although my system hadn't been touch for a year more than OP's it was
tracking sarge (which was current unstable back in '04 iirc).

Here's the reference to the mail I mentioned in a previous post,
it was on this list:

  http://lists.debian.org/debian-user/2009/07/msg01774.html

Good luck
  Siggy
-- 
Please don't Cc: me when replying, I might not see either copy.
   bsb-at-psycho-dot-informationsanarchistik-dot-de
   or:bsb-at-psycho-dot-i21k-dot-de
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org


signature.asc
Description: Digital signature

Re: Secure Server

[Michael Ekstrand]

Alejandro Rodriguez Luna wrote:
> I just wanted ask about the security of services like ssh, dns, etc, 
> what is the best way to secure this services?, perhaps /etc/hosts.allow
> and /etc/hosts.deny?, or perhaps with a superserver inetd or xined?,
> 
> what's the difference among those way to secure the system?

Security is rarely an objective concept.  Who or what are you wanting to
secure the system against?  Security measures are only effective against
specific threads or classes of threats and can only be assessed in that
light.

That said, there are some things to do to secure a system against common
and general attacks.  For one thing, make sure that you always have the
latest security updates installed.  If there are vulnerabilities such as
buffer overflows, predictable random numbers, or other holes that are
discovered in the software, installing the relevant updates will keep
attackers from using those vulnerabilities.

I also use host access control and the denyhosts program to reduce the
effectiveness of brute-force password attacks against my SSH Server.
Also, disable root login over SSH, particularly with a password (so
someone can't guess your root password and use it), and if you don't
need password-based login consider disabling password authentication and
using only public-key authentication.  Private keys are much more
difficult (read: intractable in your lifetime, assuming the
computational basis of cryptography is robust) to guess than passwords,
provided that they have been generated securely (specifically
regenerated after all affected systems have updated from the Debian
OpenSSL random number problem a couple years ago).  They have the
downside that they can be stolen, although most people seem to consider
this highly unlikely when the private key is passphrase-protected.

On securing DNS, I do not run a DNS server aside from dnsmasq and have
no recommendations to offer.

If you have services which only need to be accessible from certain
networks, then using hosts.allow/hosts.deny to restrict access certainly
won't hurt.

Remember, though, that it is impossible to take a system and say "this
system is secure."  As someone a lot wiser than I has said, security is
a process, not a state.  There are things you can do, of course.  Don't
allow access to services where that access is not needed.  Apply
security updates to reduce the likelihood of an attacker being able to
bypass security measures.  Mitigate against well-known.  Monitor your
systems to notice anomalies.  Use service implementations with a good
reputation for avoiding and fixing security problems.  But don't
envision a state where you can rest and say "my system is now secure."

HTH,
- Michael


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Anthony Campbell]

On 05 Aug 2009, Michael Ekstrand wrote:
> > 
> > The easiest way is to use network-manager.  If you click on the Icon
> > in your toolbar it should show you the detected networks.  You can use
> > the "Create New Wireless Network..." or "Connect to Hidden Wireless
> > Network..." to set up connections.
> 
> I second the recommendation for network-manager.  If you don't want it
> for some reason (e.g. you're allergic to Gnome dependencies), wicd is a
> useful alternative.  I have also had decent success with wifi-radar some
> time ago.
> 

When I installed network-manager a week ago it blocked wired access to my
router. I expect I could have reconfigured it in some way but it turned
out to be unnecessary for my purpose so I removed it and everything
worked normally again. This isn't an argument against using
network-manager, just a warning of something to look out for.

Anthony


-- 
Anthony Campbell - a...@acampbell.org.uk 
Microsoft-free zone - Using Debian GNU/Linux
http://www.acampbell.org.uk (blog, book reviews, 
and sceptical articles)


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Problem installing nvidia driver after upgrading from etch to lenny...

[Andreas Ronnquist]

On Thu, 6 Aug 2009 02:27:26 +1000
Frank Gallacher  wrote:

> Greetings,
> 
> I have just upgraded from "etch" to "lenny" on my PC (kernel 2.6.26-2-686)
> I had installed the nvidia driver for NVIDIA GeForce 6600GT Graphics Card
> which was working OK,
> (Version 173.14.05 under etch)
> 
> After the upgrade, gdm was crashing saying it couldn't find the driver;
> When I tried to reinstall it, the installer complained about the version of
> gcc,
> saying it didn't exactly match the compiler used to compile the kernel (gcc
> 4.1).
> The installed compiler is:
> 
> gcc (Debian 4.3.2-1.1) 4.3.2
> 
> I downloaded the latest version of the nvidia driver (185.18.31) from the
> website;
> the same error message occurred...
> 
> Does anybody have any hints on how to get the driver loaded into a kernel???
> 

Install the package gcc-4.1 if it isn't installed already, and run

export CC=gcc-4.1 

before running the nvidia installer.

(Several versions of gcc can be installed at the same time, so you do
not loose the 4.3 version when installing the 4.1 version.)

best regards
-- 
Andreas Ronnquist 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Problem installing nvidia driver after upgrading from etch to lenny...

[Frank Gallacher]

Greetings,

I have just upgraded from "etch" to "lenny" on my PC (kernel 2.6.26-2-686)
I had installed the nvidia driver for NVIDIA GeForce 6600GT Graphics Card
which was working OK,
(Version 173.14.05 under etch)

After the upgrade, gdm was crashing saying it couldn't find the driver;
When I tried to reinstall it, the installer complained about the version of
gcc,
saying it didn't exactly match the compiler used to compile the kernel (gcc
4.1).
The installed compiler is:

gcc (Debian 4.3.2-1.1) 4.3.2

I downloaded the latest version of the nvidia driver (185.18.31) from the
website;
the same error message occurred...

Does anybody have any hints on how to get the driver loaded into a kernel???

Is it OK to ignore the version check?

TIA. fcG.

Re: Anyone has the experience of upgrading Debian from woody to lenny?

[Johannes Wiedersich]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Kun Niu wrote:
> Somewhere on debian.org are pages on how to upgrade from Woody to Etch.  So,
> I'd read them first and try it.

What about sarge? IIRC, it was woody -> sarge -> etch -> lenny.

You'd have to find a sarge archive to upgrade to, though.

Cheers, good luck!

Johannes

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkp5rxEACgkQC1NzPRl9qEX8HACcCUxFZoTWfDYniGbXMZTrw2Jl
2VwAnRnG/yFuUVEASGLd0Asd6Fd7Sr44
=iK0Z
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Secure Server

[Alejandro Rodriguez Luna]

Hi all!!

I just wanted ask about the security of services like ssh, dns, etc,  what is 
the best way to secure this services?, perhaps /etc/hosts.allow and 
/etc/hosts.deny?, or perhaps with a superserver inetd or xined?,

what's the difference among those way to secure the system?

--

Alejandro Rodriguez Luna

Web: http://www.alexluna.org

E-mail: el_alexl...@yahoo.com.mx

MSN: el_alexl...@yahoo.com.mx

GTalk: alexl...@gmail.com

Movil: 044-311-112-86-41

--


  Encuentra las mejores recetas en Yahoo! Cocina.   
http://mx.mujer.yahoo.com/cocina/

Re: installation (python/libc6) broken, but how?

[Siggy Brentrup]

On Wed, Aug 05, 2009 at 16:14 +0200, Johan Grönqvist wrote:
> Hi,
> 
> The three-line python program
> 
> import numpy
> m = numpy.random.random((16, 16))
> (x, v) = numpy.linalg.eig(m)
> 
> runs fine in my chrooted sid, but in my (main) squeeze installation
> it produces
> *** glibc detected *** python: free(): invalid next size (fast):
> 0x01407890 ***
> 
> In squeeze, I reinstalled python-numpy and upgraded libc6 to
> unstable, but I still get the same error.

Here's what I see on an up to date squeeze box:

% python
Python 2.5.4 (r254:67916, Feb 17 2009, 20:16:45) 
[GCC 4.3.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import numpy
>>> m = numpy.random.random((16, 16))
>>> (x, v) = numpy.linalg.eig(m)
>>> print numpy, numpy.__version__
 
1.2.1
>>> 

looks quite normal to me.

HTH
  Siggy
-- 
Please don't Cc: me when replying, I might not see either copy.
   bsb-at-psycho-dot-informationsanarchistik-dot-de
   or:bsb-at-psycho-dot-i21k-dot-de
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org


signature.asc
Description: Digital signature

Re: wi-fi security?

[Michael Ekstrand]

Johann Spies wrote:
> On Wed, Aug 05, 2009 at 07:45:48AM -0400, Zachary Uram wrote:
>> Got a new laptop and was wondering about wifi security. I've never
>> used wifi before. I wanted to go to some of the local coffee shops
>> that offer free wii but I need to know:
>>
>> 1) How do I setup wifi in Linux?
> 
> The easiest way is to use network-manager.  If you click on the Icon
> in your toolbar it should show you the detected networks.  You can use
> the "Create New Wireless Network..." or "Connect to Hidden Wireless
> Network..." to set up connections.

I second the recommendation for network-manager.  If you don't want it
for some reason (e.g. you're allergic to Gnome dependencies), wicd is a
useful alternative.  I have also had decent success with wifi-radar some
time ago.

>> 1) How do I detect and connect to public free network(s)?
> 
> See the previous answer.
> 
>> 2) How do I make my laptop more secure so others on wifi network can't
>> steal or sniff my packets?
> 
> When you use a network that is not using a wpa-protocol it is more
> vulnerable. 

wpa helps against others on the same network.  However, it's a good idea
in general to use encrypted access (SSL, SSH, etc.) for all sensitive
services to that sniffing the packets doesn't gain an attacker anything.
 And many free public access points do not use WPA.  WPA is primarily
useful for keeping unauthorized people from using your network; this is
a moot point for a public access point.

If you follow good general security practice by only giving out
passwords over SSL-encrypted connections (https, configure IM and mail
programs to never send passwords in the clear, etc.), then you don't
really need to worry.  The wireless (even without WPA) will be no less
secure than plugging in to someone else's network or using the Internet
at large.

- Michael


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

installation (python/libc6) broken, but how?

[Johan Grönqvist]

Hi,

The three-line python program

import numpy
m = numpy.random.random((16, 16))
(x, v) = numpy.linalg.eig(m)

runs fine in my chrooted sid, but in my (main) squeeze installation it 
produces
*** glibc detected *** python: free(): invalid next size (fast): 
0x01407890 ***


In squeeze, I reinstalled python-numpy and upgraded libc6 to unstable, 
but I still get the same error.


Thanks in advance for any help on how to diagnose this.

/ johan



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: cups undocumented deprecation

[Pete Boyd]

> There are errors with the cups web page
> interface too though, I'll document here.  In the add printers dialog a
> user gets asked for a ppd file in a couple places.  The user needs to be
> told the path to the file and the ppd file name are needed not just be
> asked for a ppd file.

True it's a very badly layed out interface. However you don't _need_ to
provide a PPD file, the option to provide a PPD file is an _alternative_
to choosing the driver from the list if you have one you'd specifically
prefer to use.

-- 
Pete Boyd

Open Plan IT - http://openplanit.co.uk
The Golden Ear - http://thegoldenear.org



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Anyone has the experience of upgrading Debian from woody to lenny?

[Brian]

> > Yes. That's what I want.  Would that be too dangerous?
> > We've encountered the boot failure problem.
> > But the system works fine when switching back to the old 2.4 kernel.
> >
>
> I don't think that Debian ever supports skipping major releases, and also I
> think that before moving to Etch you should be running the 2.6 kernel and
> have upgraded apt, dpkg and other important utilities.  But if 2.6.9 won't
> boot, that's a problem.

You can always compile a kernel from source.  I have done that on several 
occasions to upgrade a system.

Brian



  


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Anyone has the experience of upgrading Debian from woody to lenny?

[Kun Niu]

That would be really appreciated.
Have you got that email?

2009/8/5 Siggy Brentrup 

> On Wed, Aug 05, 2009 at 12:05 +0800, Kun Niu wrote:
> > Just wish me good luck then.
> > Or I'll have to go thousands of miles to check my system.
> > That'll be really awesome for me.
> > And a live cd will be a really good idea.
> > Thank you for your kind reply.
> >
> > On 2009-08-04 22:41, Kun Niu wrote:
> > [snip]
> >
> > >  We've encountered the problem upgrading the kernel to 2.6.8.
> > >> Is that Etch?
> > >>
> > >
> > > No. Woody provides both 2.4 kernel and 2.6 kernel. But the default is
> the
> > > 2.4 one.  There's a 2.6 verion in the branch.
> > >
> >
> > Ah, I remember that now...
> >
> >   It seems that apt-get fail to execute the update-initramfs and the box
> > >>
> > >>> fails
> > >>> to boot.
> > >>> I execute the command by hand.
> > >>> But I haven't rebooted my machine since then.
> > >>> Hope that the new kernel will work for me.
> > >>> Is there anything else I should pay special attention to?
> > >>> Thanks for any attention and reply in advance.
> > >>>
> > >>>  Are you trying to go straight from Woody to Lenny?
> > >>
> > >
> > > Yes. That's what I want.  Would that be too dangerous?
> > > We've encountered the boot failure problem.
> > > But the system works fine when switching back to the old 2.4 kernel.
> > >
> >
> > I don't think that Debian ever supports skipping major releases, and also
> I
> > think that before moving to Etch you should be running the 2.6 kernel and
> > have upgraded apt, dpkg and other important utilities.  But if 2.6.9
> won't
> > boot, that's a problem.
> >
> > Somewhere on debian.org are pages on how to upgrade from Woody to Etch.
>  So,
> > I'd read them first and try it.
> >
> > If that doesn't work, then I'd think long and hard about doing a fresh
> > install.  (Hopefully you have /home and any data directories on separate
> > partitions.)  Also, I'd get a Live CD and see if it boots on your system.
>
> I wrote down my experience with upgrading from an even older system
> some weeks ago,  I just can't remember the subject and which ML.
> Going to search my sent folder, I'll be back soon.
>
> Siggy
> --
> Please don't Cc: me when replying, I might not see either copy.
>   bsb-at-psycho-dot-informationsanarchistik-dot-de
>   or:bsb-at-psycho-dot-i21k-dot-de
> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEARECAAYFAkp5GwUACgkQ94B/SGO8KQexBwCgvcCW/PkNRNyiqByLw0chLb5j
> pCQAn0TRV37Cj5QFoFLCekLrhmQhvMSK
> =kCZ9
> -END PGP SIGNATURE-
>
>


-- 
牛坤
MSN:haoniu...@hotmail.com 

Re: cups undocumented deprecation

[Roger Leigh]

On Wed, Aug 05, 2009 at 04:26:38AM -0400, Jude DaShiell wrote:
> The command line tools in cups current debian version are deprecated and  
> that deprecation is undocumented.  I proved this a few minutes ago by  
> setting up my printer using the web interface and set printer options  
> after successfully adding the printer.  Before I did any of this  
> configuration though I erased /var/log/cups/error_log.  When I finished  
> selecting the printer and setting defaults for the printer using the web  
> interface though, I couldn't find /var/log/cups/error_log, it wasn't  
> there.

You probably need to restart CUPS for this to be recreated.

> When I had done this using the command line tools though I got 
> log entries with UNAUTHORIZED printed next to each of them.  All very  
> interesting, the command line tools can now probably be removed since  
> those apparently no longer work.

All the command-line tools do work, but you may have permissions 
problems.  For administrative tasks, such as adding and modifying
printers, the user needs to be a member of the lpadmin group.
Normal users also need permission to print; by default all users
should have permission, but if you get an unauthorised error, then
they might be set too strictly.  cupsd.conf has a reasonable default
configuration for these settings for a typical system.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: wi-fi security?

[Johann Spies]

On Wed, Aug 05, 2009 at 07:45:48AM -0400, Zachary Uram wrote:
> Got a new laptop and was wondering about wifi security. I've never
> used wifi before. I wanted to go to some of the local coffee shops
> that offer free wii but I need to know:
> 
> 1) How do I setup wifi in Linux?

The easiest way is to use network-manager.  If you click on the Icon
in your toolbar it should show you the detected networks.  You can use
the "Create New Wireless Network..." or "Connect to Hidden Wireless
Network..." to set up connections.

> 1) How do I detect and connect to public free network(s)?

See the previous answer.

> 2) How do I make my laptop more secure so others on wifi network can't
> steal or sniff my packets?

When you use a network that is not using a wpa-protocol it is more
vulnerable. 

Regards
Johann
-- 
Johann Spies  Telefoon: 021-808 4599
Informasietegnologie, Universiteit van Stellenbosch

 "I am crucified with Christ, nevertheless I live; yet 
  not I, but Christ liveth in me: and the life which I 
  now live in the flesh I live by the faith of the Son 
  of God, who loved me, and gave himself for me."   
   Galatians 2:20 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Xen USB integration not working

[Michael Zoet]

Hi to all,

I'm trying to use a specific USB device on a Xen Server (Primergy RX300S4
with Debian Lenny as Dom0). What works is when I integrate the USB device
by hand. (Using xenwatch, connecting with the xenwatch VNC Server to the
Windows XP guest, pressing "ALT+CTRl+2" and using the command "usb_add
host:058f:6387" on the HVM command line.)
What does not work is integrating the USB device automatically at start up
of the Windows XP guest. According to the various documentations for xen
the line "usbdevice=[ 'host:058f:6387' ]" should be enough. But this
really do not work.

Has anyone experience with Xen & USB on aDebian Lenny system?

Thx in advance,

Michael


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: A Laptop where all hardware is perfectly supported

[Damon Chesser]

On Sun, 2009-08-02 at 18:34 -0700, fred basset wrote:
> Hi All,
> 
> I'll soon be able to spec. a new laptop for my new job.  Can anyone
> recommend any systems that can run the latest Debian
> and support all the hardware out of the box?  I prefer IBM and Dell
> laptops myself.
> It would be great to hear from anyone who's got a perfectly working machine.
> 
> Thanks,
> Fred
 
Dell Vostros (at least mine) worked out of the box except for wireless
and that was trivial to install.  Just use a wire, install the OS read
the /var/log/messages after your boot and it gives you a link to go read
to install the wireless.

I also have a Tohshiba 17" desktop replacement (P305D-S8900) that (here,
USA, GA) you can pick up in Office depot for about $550.  Everything
works out of the box, but of course you have a battery life of minutes.
However, if you don't need a road warrior, lots of processing power (you
can run kvm machines on this box, for example) and an OUTSTANDING
speaker system it can't be beat.  Not all (most?) Toshibas are Linux
friendly.  I took a ubuntu disk with me when I was shopping to test.

HTH
> 
-- 
Damon Chesser 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

wi-fi security?

[Zachary Uram]

Got a new laptop and was wondering about wifi security. I've never
used wifi before. I wanted to go to some of the local coffee shops
that offer free wii but I need to know:

1) How do I setup wifi in Linux?
1) How do I detect and connect to public free network(s)?
2) How do I make my laptop more secure so others on wifi network can't
steal or sniff my packets?

I heard many people using free wifi get heir passwords sniffed, etc.

Running Ubuntu 9.04 and Debian 5.01 triple boot with Vista Home Premium.

Any Linux programs for detecting available wifi signals and connecting
to them and any wifi security apps?

Also another problem is that when at home I want my laptop to be able
to share my DSL connection, right now my desktop is connected directly
(static IP, no PPoE just raw ethernet frames) to the DSL modem and I
was hoping I can keep this setup and find a way to attack my laptop
when I want to use it at home so what hardware would I need and how
should I set it up?

So right now I have:
phone jack > UPS > DSL modem > desktop NIC

I setup the networking manually by editing the appropriate files. I
want the laptop to automatically connect to the wired network at home
when I connect it and to wireless networks also, not sure if this can
be done.

Zach


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: A customized debian distro using existing installation (Text-based installer)

[Ron Johnson]

On 2009-08-05 01:54, Sanjay Varanasi wrote:

Hello,

[snip]


Now comes the main question:

---
Is there a way I can now take this installed system and create an
installation disk with a text-based installer?
In other words, I'd like to keep all the software I installed, removed
and configured during the entire  process, and must also include the
customized user permissions.
---

I say text-based installer since I would be creating a customized
preseed that would install the distro with little user intervention.
This is required since this would have to be installed on a number of
such thin-clients.


[snip]


Thanks for reading, and have a good day/night!


http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538171

This ITP hasn't reached Unstable yet, but the "private" deb or 
upstream tarball *might* be what you are looking for.


--
Scooty Puff, Sr
The Doom-Bringer


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: dpkg -i question

[Hinko Kocevar]

Thanks go to Andrei and Sven for prompt response and helping me
clearing this thing out!

On Wed, Aug 5, 2009 at 9:38 AM, Hinko Kocevar wrote:
> Hi,
>
> I've started using dpkg in the company I work for now. Before that I
> was not familiar with the tool.
> My question is in regard to the fact when/how are files installed in
> /etc/default when I run 'dpkg -i pkg.deb'.
>
> What I've observed is that missing or modified file in /etc/default is
> never installed or replaced, even when missing on the filesystem and
> present in the deb package. If file in /etc/default is missing it can
> be forced with 'dpkg --force-all -i pkg.deb', that works. This is not
> the case for eg. files placed in /opt/bin (the same package).
>
> I guess that there is a resonable explanatin for this and that is what
> I'm looking for.
>
> PS. I can provide more info about the package if needed and complete fail 
> case.
>
> Thank you,
> Hinko
>
> --
> .. the more I see the less I believe.., AE AoR
>



-- 
.. the more I see the less I believe.., AE AoR


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: dpkg -i question

[Hinko Kocevar]

On Wed, Aug 5, 2009 at 9:54 AM, Sven Joachim wrote:
> On 2009-08-05 09:38 +0200, Hinko Kocevar wrote:
>
>> I've started using dpkg in the company I work for now. Before that I
>> was not familiar with the tool.
>> My question is in regard to the fact when/how are files installed in
>> /etc/default when I run 'dpkg -i pkg.deb'.
>>
>> What I've observed is that missing or modified file in /etc/default is
>> never installed or replaced, even when missing on the filesystem and
>> present in the deb package.
>
> This is a feature, files below /etc shipped in packages are "conffiles"?
> that the sysadmin is free to modify and even delete. ?If you choose the
> latter, dpkg will not bring the files back on upgrades which would
> override your decision.
>

Let me note that I was trying to reinstall the same version of the
package. I guess this would behave differently if the package versions
were different. Need to test this by myself...

>> If file in /etc/default is missing it can be forced with 'dpkg
>> --force-all -i pkg.deb', that works.
>
> Actually the option you want is --force-confmiss, --force-all is pretty
> dangerous.

Ok.

>
>> This is not the case for eg. files placed in /opt/bin (the same
>> package).
>
> Because these files are not conffiles and do not get the same special
> treatment.
>

That was my assumption also.

Best regards,
Hinko


-- 
.. the more I see the less I believe.., AE AoR


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

problem with installing wifi driver from source

[a dehqan]

In The Name Of God The compassion merciful

I'll be thankfull if you guide ;
How can this error be fixed ?

# make
Kernel Makefile not found at '/lib/modules/2.6.18-4-686/source'
chmod: cannot access `compatible/*': No such file or directory
/bin/sh: line 2: compatible/kversion: No such file or directory

Makefile has been modified by generate_compatible, please run `make' again

make: *** [compatible/kversion] Error 1

Regards dehqan


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: qemu slowness

[Klistvud]

Dne, 04. 08. 2009 07:48:50 je jeremy jozwik napisal(a):
> hello list. the wife wants to watch netflix "watch instantly" videos.
> it requires a program to be installed in order to watch the videos.
> said program is only supported under the w and mac os.
> 
> so i figured this would be a nice time to setup a virtual machine. so
> ive been poking around with qemu. so far i have a windows machine
> running but its is massively slow. loading up an IE window takes for
> ever. i know there is some crazy emulation voodoo going on but is
> there anything i can do to speed it up?
> 
> also it has not audio!
> 
> step by step that i used to setup the machine
> http://www.debian-administration.org/article/
> Running_Microsoft_Windows_inside_Debian_qemu
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact
> listmas...@lists.debian.org
> 
> 
> 
> 

As already said by Tzafrir, your best bet is to use kvm if your CPU 
supports it, otherwise opt for kqemu at least. Qemu all by itself is 
terribly slow, although it's a magnificient, stable piece of software. 
As for sound ... I could never make it work in Debian either, but IIRC 
it did work in openSuSE when I tried (and possibly in some other 
distros). Maybe 
it's down to package versions. Using a more recent version of qemu 
might just do the trick ... or not ...

If you're on Lenny, the package versions tend to be somewhat oldish.

-- 
Certifiable Loonix User 481801


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: A Laptop where all hardware is perfectly supported

[Johann Spies]

On Tue, Aug 04, 2009 at 05:04:48PM +0300, Andrei Popescu wrote:
>  
> AFAICT it is generated by console-setup
>  
> > > > XKBMODEL="thinkpad60"
> > 

Thanks.

> I'm on sid. Does your xserver-xorg depend on console-setup? 

I suspect not because I did not have console-setup installed.  How do
I configure it to use console-setup?

> If not you 
> can still use the "thinkpad60" keyboard model, but you will have to do 
> it via xorg.conf.

Thanks for the information.

Regards
Johann



-- 
Johann Spies  Telefoon: 021-808 4599
Informasietegnologie, Universiteit van Stellenbosch

 "I am crucified with Christ, nevertheless I live; yet 
  not I, but Christ liveth in me: and the life which I 
  now live in the flesh I live by the faith of the Son 
  of God, who loved me, and gave himself for me."   
   Galatians 2:20 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

cups undocumented deprecation

[Jude DaShiell]

The command line tools in cups current debian version are deprecated and 
that deprecation is undocumented.  I proved this a few minutes ago by 
setting up my printer using the web interface and set printer options 
after successfully adding the printer.  Before I did any of this 
configuration though I erased /var/log/cups/error_log.  When I finished 
selecting the printer and setting defaults for the printer using the web 
interface though, I couldn't find /var/log/cups/error_log, it wasn't 
there.  When I had done this using the command line tools though I got log 
entries with UNAUTHORIZED printed next to each of them.  All very 
interesting, the command line tools can now probably be removed since 
those apparently no longer work.  There are errors with the cups web page 
interface too though, I'll document here.  In the add printers dialog a 
user gets asked for a ppd file in a couple places.  The user needs to be 
told the path to the file and the ppd file name are needed not just be 
asked for a ppd file.  Next in the set options dialog for the printers, 
the design of that part of the page is messed up.  It's legal to have more 
than one options list on a web page but it would really clear up lots of 
confusion if the form had only one submit button rather than three of 
them.  I had to use the u key after setting each one of those option lists 
and doing the three submits. Now I'm going to check cups.mime and see what 
I can print out.  Hope cups.mime has a Plain/Text entry in it.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: dpkg -i question

[Sven Joachim]

On 2009-08-05 09:38 +0200, Hinko Kocevar wrote:

> I've started using dpkg in the company I work for now. Before that I
> was not familiar with the tool.
> My question is in regard to the fact when/how are files installed in
> /etc/default when I run 'dpkg -i pkg.deb'.
>
> What I've observed is that missing or modified file in /etc/default is
> never installed or replaced, even when missing on the filesystem and
> present in the deb package.

This is a feature, files below /etc shipped in packages are "conffiles"¹
that the sysadmin is free to modify and even delete.  If you choose the
latter, dpkg will not bring the files back on upgrades which would
override your decision.

> If file in /etc/default is missing it can be forced with 'dpkg
> --force-all -i pkg.deb', that works.

Actually the option you want is --force-confmiss, --force-all is pretty
dangerous.

> This is not the case for eg. files placed in /opt/bin (the same
> package).

Because these files are not conffiles and do not get the same special
treatment.

Sven
 

¹ Technically, conffiles are listed in the package, see dpkg(1) for
  details.  You could ship conffiles outside /etc and files under /etc
  that are not conffiles, but both would be considered as serious bugs
  in Debian.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Thinkpad T60P: bricked by grub transition

[Anthony Campbell]

On 04 Aug 2009, James McCloskey wrote:
> Rob Owens  wrote:
> 
>  |>  You might want to keep a copy of this handy:
>  |>  http://www.supergrubdisk.org/
> 
> Indeed. But I think I sorted this out (or at least I have succeeded in making 
> the 
> system boot at least once). In case anyone finds themselves in a similar 
> situation,
> this was what worked for me:
>   
[snip useful tip] 

Thanks for posting this; I'll keep it in reserve. I was caught by the
same trap on a similar machine (Thinkpad Z61M) a couple of weeks ago and
was rescued by a knowledgeable poster on this list. I can now boot again
although I no longer get the option to use the Lenny OS which is also
on the disk. (Probably something to do with grub.cfg but I haven't gone
into that.)

It will be a good long while before I risk 'upgrading' grub on my other
machines.

Anthony

-- 
Anthony Campbell - a...@acampbell.org.uk 
Microsoft-free zone - Using Debian GNU/Linux
http://www.acampbell.org.uk (blog, book reviews, 
and sceptical articles)


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

cups package bug

[Jude DaShiell]

When either real root or sudo root runs commands like: lpadmin -d 
Panasonic-KX-P1123  Immediately afterwards /var/log/cups/error-log 
should not contain an entry stating that root tried setting cups default 
and that the attempt was unauthorized.  This potentially means three 
things:

1) cups no longer supports the printer I'm using,
2) the command line interface for cups is deprecated and its deprecation 
remains undocumented in favor of the web interface.  I'll check this out 
next.

3) The unauthorized designation is going into /var/log/cups/error-log
   incorrectly for some weird reason; maybe root has to su to another user
   to do these changes so those don't get flagged as unauthorized.  All in
   all, very strange.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: dpkg -i question

[Andrei Popescu]

On Wed,05.Aug.09, 09:38:54, Hinko Kocevar wrote:
> Hi,
> 
> I've started using dpkg in the company I work for now. Before that I
> was not familiar with the tool.

dpkg is a very useful tool, but it shouldn't be necessary unless your 
package is not available via APT.

> My question is in regard to the fact when/how are files installed in
> /etc/default when I run 'dpkg -i pkg.deb'.

Not every package ships files in /etc/default, not even in /etc

> What I've observed is that missing or modified file in /etc/default is
> never installed or replaced, even when missing on the filesystem and
> present in the deb package. If file in /etc/default is missing it can
> be forced with 'dpkg --force-all -i pkg.deb', that works. This is not
> the case for eg. files placed in /opt/bin (the same package).
> 
> I guess that there is a resonable explanatin for this and that is what
> I'm looking for.

If the file in question is declared as a conffile then yes, dpkg will 
not replace it if missing. If you have a newer version of the same 
package with a modified conffile dpkg should ask what to do (keep old, 
replace, ...)

I think you are looking for --force-confmiss and --force-confnew, but 
please read the manpage for dpkg before attempting this.

Regards,
Andrei
-- 
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)


signature.asc
Description: Digital signature

dpkg -i question

[Hinko Kocevar]

Hi,

I've started using dpkg in the company I work for now. Before that I
was not familiar with the tool.
My question is in regard to the fact when/how are files installed in
/etc/default when I run 'dpkg -i pkg.deb'.

What I've observed is that missing or modified file in /etc/default is
never installed or replaced, even when missing on the filesystem and
present in the deb package. If file in /etc/default is missing it can
be forced with 'dpkg --force-all -i pkg.deb', that works. This is not
the case for eg. files placed in /opt/bin (the same package).

I guess that there is a resonable explanatin for this and that is what
I'm looking for.

PS. I can provide more info about the package if needed and complete fail case.

Thank you,
Hinko

-- 
.. the more I see the less I believe.., AE AoR


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

A customized debian distro using existing installation (Text-based installer)

[Sanjay Varanasi]

Hello,

I'm working on a project for my graduation - creating a customized,
minimal debian distribution for installation on HP T5530 thin-clients
that have only 512MB Flash disk and 228MB RAM. I installed debian on one
thin-client using the NetInstallation disk of Lenny. I have been able to
limit the size of the installed system to 450MB with Xorg, firefox(not
iceweasel), ssh, feh and rdesktop with OpenBox combined with LXpanel and
iDesk forming the GUI. This configuration has more than met the basic
requirements of the project which required only firefox and basic GUI.
The entire exercise would be complete after tweaking the installation to
restrict unnecessary tinkering by users.

Now comes the main question:

---
Is there a way I can now take this installed system and create an
installation disk with a text-based installer?
In other words, I'd like to keep all the software I installed, removed
and configured during the entire  process, and must also include the
customized user permissions.
---

I say text-based installer since I would be creating a customized
preseed that would install the distro with little user intervention.
This is required since this would have to be installed on a number of
such thin-clients.

Resources on the internet talk about creating a live-cd from installed
systems, and I think I haven't managed to do a good job with google
search either, and hence this post. I'd really appreciate it if you
could direct me to appropriate resources on the web or any documentation
or even your own experience. I've really been learning a lot and I'm
more than ready for further learning.

Thanks for reading, and have a good day/night!


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org