Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
Dňa 16. 4. 2014 1:50 Charles Kroeger wrote / napísal(a): > At this point, the probability is close to one that every target has had > its private keys extracted by multiple intelligence agencies. The real > question is whether or not someone deliberately inserted this bug into > OpenSSL, and has had two years of unfettered access to everything. My > guess is accident, but I have no proof. (please, i am not sure with some English terms below, thanks) Very good question! On the word, there are questions if the NSA (and similar) knew about this for long time or not. IMHO, if they didn't knew about this vulnerability for months, then they aren't doing their job as good. Back to proper question. Was this vulnerability done by mistake? My C knowledge is very low, but i understand, that this was stupid mistake. If this stupid mistake can be done in Internet's essential crypto library, then something is wrong! Very wrong. Nobody check the quality of the code? Nobody realize tests? Need i learn C, to i can check this by myself? If this vulnerability comes not from newbie and was made by intent, thing are worse than wrong. Then it is an attack to alone fundamental of the free/open software. And what community about this? Where are information, from who this vulnerability arrived? It is experienced expert or it is a novice? Contribute this person to another (especially security) projects too? What this person tell about this? And more and more another questions are left unanswered. It is a time to fearing? regards 0xA8050C7E.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: Sun/Oracle Java
On 16/04/14 13:27, Oliver Fairhall wrote: > Hi, > > Setting up a new machine, noticed that Sun/Oracle Java is no longer > available to Debian. > > Saw a post here with an explanation: > > http://sylvestre.ledru.info/blog/2011/08/26/sun_java6_packages_removed_from_debian_u > > > Unfortunately, there are limitations and issues with OpenJDK, and > incompatibilities with various software. > > I'm not sure how it has worked in the past, but presumably someone > manually built the installation package for Debian. Would it be possible > to do this for oneself? I assume there is no source available to > compile. Is it feasible to convert an rpm release for use with Debian? > I've tried this sort of thing before, but with mixed results. On Wheezy you can make a debian package of the latest java. It "just works". Install "java-package" from Sid. Download the latest java package. Use java-package to make a debian package. Use dpkg -i to install the debian package. e.g. for last jre on Wheezy (after installing the Sid java-package):- Removed symbolic links to libnpjp2.so and libjavaplugin_oji.so from /plugins directories Removed previously installed versions from /usr/lib/java and /usr/lib/jvm Iceweasel → Tools → Addons → Plugins Disabled and removed earlier Java version In the same directory as the recently downloaded Oracle java package:- # make-jpkg jre-7u21-linux-i586.tar.gz su -c “dpkg -i oracle-j2re1.7_1.7.0+update21_i386.deb” Password: Selecting previously deselected package oracle-j2re1.7. (Reading database ... 243736 files and directories currently installed.) Unpacking oracle-j2re1.7 (from oracle-j2re1.7_1.7.0+update21_i386.deb) ... Setting up oracle-j2re1.7 (1.7.0+update21) ... update-alternatives: warning: alternative /usr/lib/jvm/jre1.7.0_09/bin/java (part of link group java) doesn't exist. Removing from list of alternatives. update-alternatives: warning: /etc/alternatives/java is dangling, it will be updated with best choice. update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/bin/java to provide /usr/bin/java (java) in auto mode. update-alternatives: using /usr/lib/jvm/j2re1.7-oracle/bin/ControlPanel to provide /usr/bin/ControlPanel (ControlPanel) in auto mode. update-alternatives: using /usr/lib/jvm/j2re1.7-oracle/lib/i386/libnpjp2.so to provide /usr/lib/iceweasel/plugins/libjavaplugin.so (iceweasel-javaplugin.so) in auto mode. update-alternatives: using /usr/lib/jvm/j2re1.7-oracle/lib/i386/libnpjp2.so to provide /usr/lib/chromium/plugins/libjavaplugin.so (chromium-javaplugin.so) in auto mode. > > Sorry if this has been covered already - I couldn't see mention of it in > my email search. > > Cheers, > > Oliver > > Kind regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/534e1670.7030...@gmail.com
Re: Sun/Oracle Java
2014-04-16 0:27 GMT-03:00 Oliver Fairhall : > Hi, > > Setting up a new machine, noticed that Sun/Oracle Java is no longer > available to Debian. > > Saw a post here with an explanation: > > http://sylvestre.ledru.info/blog/2011/08/26/sun_java6_packages_removed_from_debian_u > > Unfortunately, there are limitations and issues with OpenJDK, and > incompatibilities with various software. > > I'm not sure how it has worked in the past, but presumably someone manually > built the installation package for Debian. Would it be possible to do this > for oneself? I assume there is no source available to compile. Is it > feasible to convert an rpm release for use with Debian? I've tried this sort > of thing before, but with mixed results. > > Sorry if this has been covered already - I couldn't see mention of it in my > email search. Googling I've found this article: http://d.stavrovski.net/blog/post/installing-oracle-java-7-on-debian-wheezy Hope this is helpful for you. Regards. -- Usuario Linux Registrado # 342019 --> http://linuxcounter.net/ <-- skype --> luedcortes gtalk --> luedcor...@gmail.com msn --> luedcor...@gmail.com -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/cafkppbwkcpteewv9zcfxtd72yaa1pthejkv-0suuj1cg-5q...@mail.gmail.com
Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
On Tue, 2014-04-15 at 15:55 -0400, Stephen Allen wrote: . . . > BTW Revenue Canada was hacked by this bug and publicly admitted so. So > far only a minimal number of people were affected. They were offline for > several days. I've been following this thread since it started, as well as some other Internet sites that have been mentioned, and I have noticed that everyone talks about the impact on the financial services sector but no one has mentioned the health care information sector. I understand that healthcare systems use SSL a great deal, and medical identity theft has risen sharply in recent years. Does anyone know if there have been any exploits of Heartbleed in this sector, or if any healthcare organizations have said anything about fixing the problem? -- Bill Wood -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1397619146.26973.8.camel@bills-debian
Sun/Oracle Java
Hi, Setting up a new machine, noticed that Sun/Oracle Java is no longer available to Debian. Saw a post here with an explanation: http://sylvestre.ledru.info/blog/2011/08/26/sun_java6_packages_removed_from_debian_u Unfortunately, there are limitations and issues with OpenJDK, and incompatibilities with various software. I'm not sure how it has worked in the past, but presumably someone manually built the installation package for Debian. Would it be possible to do this for oneself? I assume there is no source available to compile. Is it feasible to convert an rpm release for use with Debian? I've tried this sort of thing before, but with mixed results. Sorry if this has been covered already - I couldn't see mention of it in my email search. Cheers, Oliver -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/534df89a.1010...@iinet.net.au
unpack error
I installed youtube-dl on the Sid installation tonight and noticed a dpkg error which didn't halt the process. This is what happened: Selecting previously unselected package libavdevice53:i386. (Reading database ... 147371 files and directories currently installed.) Preparing to unpack .../libavdevice53_6%3a9.11-3+b2_i386.deb ... Unpacking libavdevice53:i386 (6:9.11-3+b2) ... Selecting previously unselected package libavfilter3:i386. Preparing to unpack .../libavfilter3_6%3a9.11-3+b2_i386.deb ... Unpacking libavfilter3:i386 (6:9.11-3+b2) ... Selecting previously unselected package libav-tools. Preparing to unpack .../libav-tools_6%3a9.11-3+b2_i386.deb ... dpkg: error: --compare-versions takes three arguments: Type dpkg --help for help about installing and deinstalling packages [*]; Use 'apt' or 'aptitude' for user-friendly package management; Type dpkg -Dhelp for a list of dpkg debug flag values; Type dpkg --force-help for a list of forcing options; Type dpkg-deb --help for help about manipulating *.deb files; Options marked [*] produce a lot of output - pipe it through 'less' or 'more' ! Unpacking libav-tools (6:9.11-3+b2) ... Is this a major problem? I ask because the installation went ahead without aborting. -- When the rich get richer they get more powerful and that puts them in the position to lobby for policies to make them even richer. - former Clinton advisor Larry Summers -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/534dd4ce.3070...@videotron.ca
Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
On Tue, 15 Apr 2014 07:00:03 +0200 shawn wilson wrote: > >> On Apr 14, 2014 11:01 AM, "Chris Bannister" > >>wrote: > >> > On Mon, Apr 14, 2014 at 01:55:04AM -0500, Stan Hoeppner wrote: > >> > I read https://www.schneier.com/blog/archives/2014/04/heartbleed.html Here's the article from Bruce's CRYPT-GRAM from April 15, 2014: Heartbleed Heartbleed is a catastrophic bug in OpenSSL: "The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users. Basically, an attacker can grab 64K of memory from a server. The attack leaves no trace, and can be done multiple times to grab a different random 64K of memory. This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable. And you have to assume that it is all compromised. All of it. "Catastrophic" is the right word. On the scale of 1 to 10, this is an 11. The bug has been patched. After you patch your systems, you have to get a new public/private key pair, update your SSL certificate, and then change every password that could potentially be affected. At this point, the probability is close to one that every target has had its private keys extracted by multiple intelligence agencies. The real question is whether or not someone deliberately inserted this bug into OpenSSL, and has had two years of unfettered access to everything. My guess is accident, but I have no proof. http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/ or http://tinyurl.com/ngcytay https://news.ycombinator.com/item?id=7548991 https://xkcd.com/1353/ http://krebsonsecurity.com/2014/04/heartbleed-bug-what-can-you-do/ https://freedom-to-tinker.com/blog/felten/how-to-protect-yourself-from-heartbleed/ or http://tinyurl.com/kqe4b5c http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html or http://tinyurl.com/lhjr7zf http://filippo.io/Heartbleed/ More about Heartbleed on my blog: https://www.schneier.com/blog/archives/2014/04/heartbleed.html https://www.schneier.com/blog/archives/2014/04/more_on_heartbl.html -- CK -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/br5uujfskg...@mid.individual.net
Re: Duplicate sources.list entry
Hugo Vanwoerkom wrote: John Hasler wrote: Hugo writes: But my sources.list is: deb http://ftp.de.debian.org/debian/ sid main contrib non-free deb-src http://ftp.de.debian.org/debian/ sid main contrib non-free deb http://repos.fds-team.de/stable/debian/ sid main and there are no duplicate entries. What's going on? You installed Chrome, thereby allowing Google to install stuff in the /etc/apt/sources.list.d directory. Whatever is there gets included with the contents of sources.list. You need to talk to Google about it. that dir. had in it google-chrome-beta.list and google-chrome.list. They both had: deb http://dl.google.com/linux/chrome/deb/ stable main So I removed google-chrome.list and the problem disappeared. But why did that show up now? Google changed that entry? Yes. google-chrome-beta.list was added the last dist-upgrade on April 13th causing the duplicate. Bad Google :-( Thanks, John. Hugo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/liki1b$rbt$1...@ger.gmane.org
Wayland in Debian
Funny thing, after dinking around in synaptic, I'm finding a lot of lib-wayland packages installed within Jessie. I tried to un-install and got a message that even my solitaire game would be removed. Yeow! I noted that weston was there in the repo, but not installed. What's the state of the art concerning wayland/weston and Debian? Is it the answer to a prayer regarding older laptops with shoddy displays when running X? Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. https://linuxcounter.net/cert/44256.png X-oldie-warning: Toothless but still vicious -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/534dcab6.8010...@gmail.com
Duplicate sources.list entry
This is a curious message: #apt-get update Reading package lists... Done W: Duplicate sources.list entry http://dl.google.com/linux/chrome/deb/ stable/main amd64 Packages (/var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages) W: Duplicate sources.list entry http://dl.google.com/linux/chrome/deb/ stable/main i386 Packages (/var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-i386_Packages) W: You may want to run apt-get update to correct these problems If I go into /var/lib/apt/lists/ and remove dl.google.com etc. they are only replaced automatically after closing the file (edited with vim saved and closed with shift-ZZ) obviously running apt-get update is not going to correct these problems so if removing the listed duplicate sources.list entries is futile because these entries are not actually in my sources.list. Is there some other sources.list the message refers to? I'm actually using the google chrome beta browser Version 35.0.1916.27 beta aura from google and it works pretty damn good. -- thanks for your consideration System Information GTK+ 2.24.23 / GLib 2.40.0 Locale: en_US.UTF-8 (charset: UTF-8) Operating System: Linux 3.10-1-amd64 (x86_64) jessie/sid combination CK -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/br5t0kfskg...@mid.individual.net
Re: Duplicate sources.list entry
John Hasler wrote: Hugo writes: But my sources.list is: deb http://ftp.de.debian.org/debian/ sid main contrib non-free deb-src http://ftp.de.debian.org/debian/ sid main contrib non-free deb http://repos.fds-team.de/stable/debian/ sid main and there are no duplicate entries. What's going on? You installed Chrome, thereby allowing Google to install stuff in the /etc/apt/sources.list.d directory. Whatever is there gets included with the contents of sources.list. You need to talk to Google about it. that dir. had in it google-chrome-beta.list and google-chrome.list. They both had: deb http://dl.google.com/linux/chrome/deb/ stable main So I removed google-chrome.list and the problem disappeared. But why did that show up now? Google changed that entry? Hugo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/likcg4$m3e$1...@ger.gmane.org
Re: Duplicate sources.list entry
Hugo writes: > But my sources.list is: > deb http://ftp.de.debian.org/debian/ sid main contrib non-free > deb-src http://ftp.de.debian.org/debian/ sid main contrib non-free > deb http://repos.fds-team.de/stable/debian/ sid main > and there are no duplicate entries. > What's going on? You installed Chrome, thereby allowing Google to install stuff in the /etc/apt/sources.list.d directory. Whatever is there gets included with the contents of sources.list. You need to talk to Google about it. -- John Hasler jhas...@newsguy.com Elmwood, WI USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87vbua8cvv@thumper.dhh.gt.org
Duplicate sources.list entry
Hi, Running Sid with the same sources.list for about a year now. Suddenly when running 'apt-get update' I get: W: Duplicate sources.list entry http://dl.google.com/linux/chrome/deb/ stable/main amd64 Packages (/var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages) W: Duplicate sources.list entry http://dl.google.com/linux/chrome/deb/ stable/main i386 Packages (/var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-i386_Packages) W: You may want to run apt-get update to correct these problems But my sources.list is: deb http://ftp.de.debian.org/debian/ sid main contrib non-free deb-src http://ftp.de.debian.org/debian/ sid main contrib non-free deb http://repos.fds-team.de/stable/debian/ sid main and there are no duplicate entries. What's going on? Hugo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/lik92a$679$1...@ger.gmane.org
Upgrade from wheezy to testing and wine
I upgraded 64 bit wheezy to testing(Jessie) yesterday. 32 bit wine applications worked great until I ran apt-get autoremove. This broke quite a few 32 bit wine applications for me. I narrowed it down to two packages that were autoremoved: libxinerama1:i386 and libxrandr2:i386. Should I file a bug against a package suggesting including these as dependencies and if so how do I figure out which package should require them? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140415213637.ga6...@crazycoder.us
Matrox G450 PCI DVI with modern xorg ?
I have a Matrox G450 video card in a 5v 33MHz PCI slot in an old system.
I hope to get DVI output from it, I don't care about using the other
head. While the console is fine, I can't get xorg to work with it.
I have tried various approaches. I've tried installing xorg from both
wheezy and sid. I've tried downloading the mga_drv.so and mga_hal_drv.so
from Matrox and using Option "IgnoreABI" instead of using the one from
xserver-xorg-video-mga. I have tried setting DigitalScreen options in
xorg.conf. I've tried un-blacklisting matroxfb_base.ko, not that I have
managed to get any /dev/fb? devices to appear, in case Option "UseFBDev"
or Driver "fbdev" helped. Basically, I've googled for ideas and tried
the ones I could, yet "startx" always acts as if to just turn off the
video output altogether. I can't switch to any other virtual consoles,
but if I start xorg in parallel with a sleep 20 ; killall xinit then
eventually the monitor wakes back up and I get to see my console again.
Rather than trying many more speculative adjustments, I am wondering:
does anybody else actually have this hardware working with a modern
xorg under Debian? If so, maybe you can share what you have in relevant
configuration, and what you had to do? Or, failing that, does anyone
have any suggestions? ("Spend more on video cards," perhaps!)
-- Mark
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87wqeqqs4a@ixod.org
Partial (clumsy) success [Re: Copying complete SET of installation DVDs to a USB stick]
Rick Thomas wrote:
On Apr 12, 2014, at 7:01 AM, Richard Owlett wrote:
I will be installing Debian at locations which DO NOT have internet.
Instead of juggling a stack of DVDs, I want everything on a USB stick.
I am using Debian 6.0.5 as test case - it's what I have available.
There was no problem copying the first DVD to the beginning of the USB stick
with dd.
I did a preliminary test by booting to the USB stick and the install
program apparently worked OK.
[snip what didn't work at all ;]
Hi Richard,
Have you tried using dd to make images of the DVDs on the extended part of the
USB stick? E.g.:
# put DVD1 in the drive
dd if=/dev/cdrom0 of=/media/mydrive/DVD1.iso bs=1M
eject cdrom
# put DVD2 in the drive
dd if=/dev/cdrom0 of=/media/mydrive/DVD2.iso bs=1M
# and so on...
them loop-mounting the images?
That was the way to go ;)
I'm not sure what you would have to do inside the installer to get the loop-mounted
images into the installers "sources.list" file, but I'm sure a bit of wiki
and/or FAQ scratching would answer that question. Once you figure out the necessary
magic, you can probably pre-seed it into your installer image on the front part of the
USB stick.
I know this is just a sketch of a solution, but it's all I've got time for
right now. Anyway, it's the approach I'd take if I had the problem.
Hope it helps!
Good luck and let us know if you come up with something that works!
I will try to give enough detail that someone could duplicate
what I've done.
My environment:
1. Lenovo R61 ThinkPad with intentionally no network connectivity
2. 64 GB USB flash drive
3. Set of physical install DVDs (Debian 6.0.5 was all
available when I started)
4. A reasonably typical install of Squeeze using Gnome2 DE
My procedure:
1. Copy DVD 1 of 8 to beginning of flash drive using dd
2. Create an ext2 partition on remainder of drive using
Gparted, labeling
it squeeze_dvds
3. Copy each of the 8 DVDs to that partition using dd
I now have files dvd1.iso thru dvd8.iso on that partition.
Remembering to mount the partition - (guess who didn't ;)
4. Create mount points with
mkdir /home/richard/tst/dvd1
thru
mkdir /home/richard/tst/dvd8
5. Loop mount the files with
mount -t iso9660 -o ro,loop /media/squeeze_dvds/dvd1.iso
/home/richard/tst/dvd1
thru
mount -t iso9660 -o ro,loop /media/squeeze_dvds/dvd8.iso
/home/richard/tst/dvd8
6. Replace contents of /etc/apt/sources.list with {no
"contrib" files on last DVD}
deb file:/home/richard/tst/dvd1 squeeze contrib main
thru
deb file:/home/richard/tst/dvd7 squeeze contrib main
deb file:/home/richard/tst/dvd8 squeeze main
7. In Synaptic type Ctrl+R to reload package information
8. Install desired additional packages
*UNRESOLVED PROBLEM*
When marking a package as "to install", a warning message is
triggered saying the package cannot be authenticated. I don't
understand. I assumed that by copying with dd all relevant
information would be available.
*TO BE INVESTIGATED*
As my eventual goal is to do semi-automated installs at a remote
site without carrying a clutter of DVDs, I need to answer:
1. how to have preseed.cfg on the flash drive?
2. how to loop mount the ISO images during install?
*REFERENCES FOUND USEFUL &/or ENLIGHTENING*
https://www.debian.org/doc/manuals/debian-reference/ch09.en.html
http://manpages.debian.org/cgi-bin/man.cgi?query=mount
http://manpages.debian.org/cgi-bin/man.cgi?query=losetup
http://manpages.debian.org/cgi-bin/man.cgi?query=sources.list
http://en.wikipedia.org/wiki/Loop_device
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/534d9231.10...@cloud85.net
Re: Adobe flash security
On Sun, Apr 13, 2014 at 03:25:08PM +0200, Rob van der Putten wrote: > Hi there > > > Stephen Allen wrote: > > >+1 Not installed. :( > > A manual install, as suggested by Arthur, works. > For i386, download; > http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.350/install_flash_player_11_linux.i386.tar.gz > I renamed /usr/lib/flashplugin-nonfree/libflashplayer.so to > libflashplayer.so.bak and copied the libflashplayer.so from the tar to > /usr/lib/flashplugin-nonfree/ > A bit blunt, but it will have to do for now. ---end quoted text--- Thanks Rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140415195915.GB16470@Jessie
Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
On Tue, Apr 15, 2014 at 02:11:00PM +1200, Richard Hector wrote: > On 15/04/14 12:59, shawn wilson wrote: > >> That statement was made in the sense that at least the bank could have > >> > issued a statement along the lines of 'you may have heard of the > >> > heartbleed bug, we can assure all of our customers that we are not > >> > affected by this bug and there is no need to panic.' > >> > > > No, I don't want to hear from my bank unless there's a problem. If > > everything is going OK, don't spam me. If its not, by all means, let me > > know. This didn't affect them so don't tell me anything. > > > > They don't need to send an email, or anything intrusive. They just need > to put a big notice on the login page of their internet banking site - > along with (or instead of) all the ads they have for cheap loans or term > deposits or whatever. It would make virtually no difference to the speed > of logging in, and would reassure me that they take security seriously. > > Richard Indeed - that is what the Royal Bank of Canada did (They werent affected). BTW Revenue Canada was hacked by this bug and publicly admitted so. So far only a minimal number of people were affected. They were offline for several days. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140415195534.GA16470@Jessie
Re: Cropping a large collection of .PNG screenshots
Ahoj, Dňa Tue, 15 Apr 2014 03:48:29 -0700 "Kevin O'Gorman" napísal: > SOLVED. Thanks to whoever gave me the clue that convert(1) could do > the cropping. That and 2 bash scripts do all the work. See this https://www.ibm.com/developerworks/community/blogs/waldensponderings/entry/2_fer_friday_cropping_pictures_with_imagemagick31?lang=en it contains simple solution to find proper dimensions for cropping graphically, via GIMP, and then use them in batch script - i often use this for cropping e.g. VBox's screenshots, which adds some noise around screen ;) regards -- Slavko http://slavino.sk signature.asc Description: PGP signature
Re: Cropping a large collection of .PNG screenshots
On Tue, 15 Apr 2014, Kevin O'Gorman wrote: > On Wed, Apr 9, 2014 at 3:03 AM, Kevin O'Gorman > wrote: > > I have a few hundred screen shots I want to put on a web page, but > > they are all full-screen and I want to crop to the real contents. > > This is an identical region in all cases. So I want to script it. > > > > So, 2 questions: > > A) What's the best tool for the job? Gimp, irfanview, or something > > else? B) Is there a script already in existence where I can just > > change the crop rectangle? I really don't want to learn a new > > language for a one-time job. > > > > SOLVED. Thanks to whoever gave me the clue that convert(1) could do > the cropping. That and 2 bash scripts do all the work. Take a look at convert's cousin mogrify. It does everything convert does but saves the changes to the original file name. So, use it on copies if you want to save the originals. Works great for batch processing. I could never get convert to batch process properly. Use rename to batch rename. Using those two utilities, you won't need any scripts. B -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140415091831.0c88b...@debian7.boseck208.net
Re: debian install wireless fails on laptop with Ralink RT3290 wireless, what to do?
On Monday 14 April 2014 10:30:25 didier gaumet wrote: > I have a HP Pavilion dm1 with a RT3290 chipset: I have installed > Debian Stable via ethernet, then installed kernel + firmwares from > backports. This is what I usually do. And if even the ethernet card isn't recognised I temporarily install an old ethernet card, get Wheezy/$VERSION (I have been doing this for some time!) installed (I use the net-install CD) and then sort out the drivers. When I can, I use an installer with non-free firmware. But it can be tricky to find one! I believe there is a Wheezy one at the moment, but don't know where on the Debian site it is hiding. I'm a great believer in free software, but quite fancy keeping my nose attached to my face. ;-) Lisi -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/201404151653.34259.lisi.re...@gmail.com
Re: Cropping a large collection of .PNG screenshots
On Wed, Apr 9, 2014 at 3:03 AM, Kevin O'Gorman wrote: > I have a few hundred screen shots I want to put on a web page, but > they are all full-screen and I want to crop to the real contents. > This is an identical region in all cases. So I want to script it. > > So, 2 questions: > A) What's the best tool for the job? Gimp, irfanview, or something else? > B) Is there a script already in existence where I can just change the > crop rectangle? I really don't want to learn a new language for a > one-time job. > SOLVED. Thanks to whoever gave me the clue that convert(1) could do the cropping. That and 2 bash scripts do all the work. Since what I start with is batches of 150 screenshots, I move them onto a portable drive using my Windows laptop, then on Linux I rename them from the awkward scheme used by my device (Kindle HDX) with bash: - #!/bin/bash if [ $# != 1 ] ; then echo Needs exactly one argument exit 1 fi name=$1 x=1 for i in *.png ; do mv $i $(printf "$name-%03i.png" $x) (( x++ )) done --- Then, with a batch in it's own directory, since the cropping is always exactly the same: - #!/bin/bash if [ $# != 0 ] ; then echo Needs no argument exit 1 fi for i in *.png ; do convert $i -crop 1600x1600+0+530\! -resize "12.5%" ../Curated/$i done - I move them from directory Curated into an appropriately named directory and I'm off to creating the next batch. -- Kevin O'Gorman programmer, n. an organism that transmutes caffeine into software. Please consider the environment before printing this email.
Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
On 14/04/14 23:41, Richard Hector wrote: > The only local bank I've heard any info about is Kiwibank, who are > apparently not vulnerable due to running their systems on Windows. Heh. It turns out my bank, ASB, apparently uses Windows/IIS as well. I have yet to decide whether I'm happy about that. I guess I'm happy for now. Source: http://www.reddit.com/r/newzealand/comments/22ybc5/heartbleed_in_nz/ Richard -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/534cfd80.6060...@walnut.gen.nz
schroot issues
Hi, I've got a situation whereby there is a shared server that I need to give an organization access to particular directories. What I've devised, but it isn't working for the other side..., is the following: Debian Squeeze with schroot installed and a special schroot called "squeeze-zzz", here is the section from the /etc/schroot/schroot.conf file: [squeeze-zzz] aliases=default description=Debian squeeze (stable) directory=/home/schroot-squeeze-zzz users=zzz.user1,zzz.user2 root-users=root The schroot has specific bind mounted directories that the remote users need full access to. Now the schroot works /mostly/ fine as a login shell via remote access using public/private keys. A "standard" ssh login gives them a shell and access to the required directory trees. The server's /etc/passwd shell entries for each user is setup as a script file: /usr/local/bin/schroot--zzz.user1 /usr/local/bin/schroot--zzz.user2 This is one of those files: #!/bin/bash /usr/bin/schroot /bin/bash So, that's pretty simple, and they can connect to the schroot okay from a remote location. The required schroot area is the default, so no need to have that in the login script file. Normally (with a standard shell), you can do the following: ssh server_in_config ls And if the /server/ is set up appropriately in the ~user/.ssh/config file with the right host, port, username and key file, then you'll see the output of 'ls' without any problem. But using the schroot, it gets stuck and won't run the ls command Consequently the following won't work either: scp -pr server_in_config:/remote_dir/ /tmp [again, that works perfectly well with a normal shell, but not with schroot] Here is the final part of a verbose attempt to copy a directory tree: debug1: Authentication succeeded (publickey). Authenticated to remote_server ([115.nnn.nnn.nn]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_AU.UTF-8 debug1: Sending command: scp -v -r -p -f /remote_dir/ The schroot process on the server end just hangs there. with a new process as follows: sshd: zzz.user1@notty The process tree on the server looks like this: # pstree -alpG 12295 schroot,12295 /bin/bash └─bash,12296 - really simple, bash is running, but the scp command is not passed. Now I did suggest the person do a reverse scp from the server once logged in, but they don't have an ssh server of their own to copy back to. Everything works perfectly well with the latest WinSCP 5.5.3 (just released) -- but the client has Linux and Mac machines and they don't want to get Wine working (WinSCP 5.5.3 has /better/ support for Wine according to WinSCP site). Version details: schroot 1.4.19-1+squeeze1 [debian] 6.0.9 Other: libssh2-11.2.6-1 openssh-blacklist0.4.1 openssh-blacklist-extra 0.4.1 openssh-client 1:5.5p1-6+squeeze5 openssh-server 1:5.5p1-6+squeeze5 Any ideas? I really do want to limit their file access to directories as needed, hence the schroot requirement. -- Kind Regards AndrewM -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/534cf874.5060...@affinityvision.com.au
Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
On 2014-04-15, John Hasler wrote: > > If I did any online banking (I don't) I'd change all the passwords no > matter what the banks said and consider closing the accounts and opening > new ones with different account numbers as well. Maybe with different > banks. Except that in the case of an uncorrected vulnerability you might then be offering the black hats your new password, whereas they might not have been aware of the old one (before the news broke). Logic would seem to suggest changing passwords for sites with corrected heartbleed vulnerabilities; how to garner that information, or whether it is safe to assume this or that financial institution has, or would have, or must have, fixed the bug by now I will leave as exercise for the reader. Well, not entirely: here is the mashable list for the big boys: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/slrnlkptso.2gh.cu...@einstein.electron.org
Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)
Am Dienstag, 15. April 2014, 11:41:34 schrieb Richard Hector: > On 15/04/14 02:03, Stan Hoeppner wrote: > >> I certainly wouldn't jump to conclusions that they're a bank therefore > >> > >> > they use IBM mainframes therefore they don't use OpenSSL therefore > >> > they're invulnerable, > > > > I jumped to no conclusion. Do you see the word "bank" in my original > > statement below? No, you see "financial institutions". > > Sorry. I'll add the logical step: "... they're a bank therefore they're > a financial institution therefore they use IBM mainframes ..." I read that certain banks in Germany had the heartbleed bug and are in the process of fixing it – which they hopefully completed by now. So I recommend to ask your bank whether they had this issue *or* change your access data to it *just in case*. Instead of guessing. Guessing or speculation does not help a single bit with this bug. This bug is digital. Either some webserver had it or not. And if it had it… someone may have exploited it. -- Martin 'Helios' Steigerwald - http://www.Lichtvoll.de GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7 -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/174698271.Deaz8gYHDD@merkaba
