date:20140419

Re: Why still heartbleed on Wheezy

2014-04-19 Thread Steve Litt

On Sun, 20 Apr 2014 07:32:20 +0100
Dom  wrote:

> On 20/04/14 06:39, Steve Litt wrote:
> > Hi all,
> >
> > I installed Wheezy on my backup server, then did this:
> >
> > apt-get update
> > apt-get upgrade
> >
> > root@bupserv:/backupserver/stevebup# openssl version
> > OpenSSL 1.0.1e 11 Feb 2013
> > root@bupserv:/backupserver/stevebup#
> >
> >
> > Here's my /etc/apt/sources.list:
> >
> > ==
> > #
> >
> > # deb cdrom:[Debian GNU/Linux 7.4.0 _Wheezy_ - Official amd64
> > NETINST Binary-1 20140208-13:45]/ wheezy main
> >
> > #deb cdrom:[Debian GNU/Linux 7.4.0 _Wheezy_ - Official amd64 NETINST
> > Binary-1 20140208-13:45]/ wheezy main
> >
> > deb http://ftp.us.debian.org/debian/ wheezy main non-free contrib
> > deb-src http://ftp.us.debian.org/debian/ wheezy main non-free
> > contrib
> >
> > deb http://security.debian.org/ wheezy/updates main contrib non-free
> > deb-src http://security.debian.org/ wheezy/updates main contrib
> > non-free
> >
> > deb http://security.debian.org/debian-security wheezy/updates main
> >
> > # wheezy-updates, previously known as 'volatile'
> > deb http://ftp.us.debian.org/debian/ wheezy-updates main contrib
> > non-free deb-src http://ftp.us.debian.org/debian/ wheezy-updates
> > main contrib non-free ==
> >
> > Any ideas how I should proceed?
> >
> 
> By checking the revision of the release, rather than just the
> internal version number.
> 
> dom@ozzy:~$ dpkg-query -W openssl
> openssl   1.0.1e-2+deb7u6
> 
> The "deb7u6" is the important bit. The "heartbleed" bug only exists
> in deb7u4 and earlier.
> 


Thanks Dom,

This was indeed the issue:

root@bupserv:/etc/apt# dpkg-query -W openssl
openssl 1.0.1e-2+deb7u7
root@bupserv:/etc/apt#

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140420025505.415c29fb@mydesk

Re: Why still heartbleed on Wheezy

2014-04-19 Thread Steve Litt

On Sun, 20 Apr 2014 05:57:57 +
Jimmy Wu  wrote:

> On Sun, Apr 20, 2014 at 5:39 AM, Steve Litt
>  wrote:
> > Hi all,
> >
> > I installed Wheezy on my backup server, then did this:
> >
> > apt-get update
> > apt-get upgrade
> >
> > root@bupserv:/backupserver/stevebup# openssl version
> > OpenSSL 1.0.1e 11 Feb 2013
> > root@bupserv:/backupserver/stevebup#
> 
> Wheezy is the current stable so they aren't going to update an
> important library to a new upstream version. Instead they backport
> security patches to the current version. Check your package version.
> 
> dpkg -l openssl
> 
> According to the changelog [1], wheezy openssl got the heartbleed
> patch on 1.0.1e-2+deb7u5 on April 7. The latest version as of this
> email is 1.0.1e-2+deb7u7.
> 
> [1]
> http://metadata.ftp-master.debian.org/changelogs//main/o/openssl/openssl_1.0.1e-2+deb7u7_changelog

Thanks Jimmy,

Yes! Once I checked it with the dpkg command, it told me
1.0.1e-2+deb7u7, which is the documented fixed version for Wheezy. So
my new backup server is Heartbleed free, and I can go on to other
things. Thanks for this info!

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140420025235.604c2751@mydesk

TV-remote settings

2014-04-19 Thread Gábor Hársfalvi

Dear List,

I've got Leadtek TV 2000XP Expert card and I wish to use its remote
controller with all its button.

But now it only works with Power and Volume Up/Down buttons.

I've got .lircrc in my /home/username folder - with the programmed buttons.

What else I need to make it work?

Thanks - and Happy Easter for Everyone! :)

Re: Why still heartbleed on Wheezy

2014-04-19 Thread Dom


On 20/04/14 06:39, Steve Litt wrote:

Hi all,

I installed Wheezy on my backup server, then did this:

apt-get update
apt-get upgrade

root@bupserv:/backupserver/stevebup# openssl version
OpenSSL 1.0.1e 11 Feb 2013
root@bupserv:/backupserver/stevebup#


Here's my /etc/apt/sources.list:

==
#

# deb cdrom:[Debian GNU/Linux 7.4.0 _Wheezy_ - Official amd64 NETINST
Binary-1 20140208-13:45]/ wheezy main

#deb cdrom:[Debian GNU/Linux 7.4.0 _Wheezy_ - Official amd64 NETINST
Binary-1 20140208-13:45]/ wheezy main

deb http://ftp.us.debian.org/debian/ wheezy main non-free contrib
deb-src http://ftp.us.debian.org/debian/ wheezy main non-free contrib

deb http://security.debian.org/ wheezy/updates main contrib non-free
deb-src http://security.debian.org/ wheezy/updates main contrib non-free

deb http://security.debian.org/debian-security wheezy/updates main

# wheezy-updates, previously known as 'volatile'
deb http://ftp.us.debian.org/debian/ wheezy-updates main contrib non-free
deb-src http://ftp.us.debian.org/debian/ wheezy-updates main contrib non-free
==

Any ideas how I should proceed?



By checking the revision of the release, rather than just the internal 
version number.


dom@ozzy:~$ dpkg-query -W openssl
openssl 1.0.1e-2+deb7u6

The "deb7u6" is the important bit. The "heartbleed" bug only exists in 
deb7u4 and earlier.


--
Dom


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/535369f4@rpdom.net

Re: Why still heartbleed on Wheezy

2014-04-19 Thread Jimmy Wu

On Sun, Apr 20, 2014 at 5:39 AM, Steve Litt  wrote:
> Hi all,
>
> I installed Wheezy on my backup server, then did this:
>
> apt-get update
> apt-get upgrade
>
> root@bupserv:/backupserver/stevebup# openssl version
> OpenSSL 1.0.1e 11 Feb 2013
> root@bupserv:/backupserver/stevebup#

Wheezy is the current stable so they aren't going to update an
important library to a new upstream version. Instead they backport
security patches to the current version. Check your package version.

dpkg -l openssl

According to the changelog [1], wheezy openssl got the heartbleed
patch on 1.0.1e-2+deb7u5 on April 7. The latest version as of this
email is 1.0.1e-2+deb7u7.

[1] 
http://metadata.ftp-master.debian.org/changelogs//main/o/openssl/openssl_1.0.1e-2+deb7u7_changelog

Cheers,

Jimmy

-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/can0j2y6pwuu4nrgcvu6be7p+1xmuqmhs+jdcamwwkjhb+px...@mail.gmail.com

Why still heartbleed on Wheezy

2014-04-19 Thread Steve Litt

Hi all,

I installed Wheezy on my backup server, then did this:

apt-get update
apt-get upgrade

root@bupserv:/backupserver/stevebup# openssl version
OpenSSL 1.0.1e 11 Feb 2013
root@bupserv:/backupserver/stevebup# 


Here's my /etc/apt/sources.list:

==
# 

# deb cdrom:[Debian GNU/Linux 7.4.0 _Wheezy_ - Official amd64 NETINST
Binary-1 20140208-13:45]/ wheezy main

#deb cdrom:[Debian GNU/Linux 7.4.0 _Wheezy_ - Official amd64 NETINST
Binary-1 20140208-13:45]/ wheezy main

deb http://ftp.us.debian.org/debian/ wheezy main non-free contrib
deb-src http://ftp.us.debian.org/debian/ wheezy main non-free contrib

deb http://security.debian.org/ wheezy/updates main contrib non-free
deb-src http://security.debian.org/ wheezy/updates main contrib non-free

deb http://security.debian.org/debian-security wheezy/updates main

# wheezy-updates, previously known as 'volatile'
deb http://ftp.us.debian.org/debian/ wheezy-updates main contrib non-free
deb-src http://ftp.us.debian.org/debian/ wheezy-updates main contrib non-free
==

Any ideas how I should proceed?

Thanks,

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140420013924.3223f145@mydesk

ecryptfs being unmounted while user is still logged in

2014-04-19 Thread Roland Hieber

Hi,

lately I'm having problems with my ecryptfs home directory, which is
being unmounted while I'm still logged in and working on my machine. It
seems to be unmounted at around 0:00 every night, which has the effect
that some of my running applications stop working until I mount it again
using ecryptfs-mount-private, but even then, not all applications work
flawlessly (e.g. my awesome window manager won't spawn new urxvts,
manually started terminals show "(unreachable)" as current directory).

Unfortunately, I cannot find anything related in /var/log/*, but I have
the feeling that it has to do with my recent switch to systemd-sysv. Is
there maybe a daemon in userspace, which I forgot to start, that keeps
track of running logins or something? What can I do to debug this?

Related information:
$ uname -a
Linux r2d2 3.13-1-amd64 #1 SMP Debian 3.13.7-1 (2014-03-25) x86_64 GNU/Linux

$ apt-cache policy ecryptfs-utils systemd-sysv
ecryptfs-utils:
  Installed: 103-3
  Candidate: 103-3
  Version table:
 *** 103-3 0
200 http://ftp.de.debian.org/debian/ testing/main amd64 Packages
170 http://ftp.de.debian.org/debian/ sid/main amd64 Packages
100 /var/lib/dpkg/status
systemd-sysv:
  Installed: 204-8
  Candidate: 204-8
  Version table:
 *** 204-8 0
200 http://ftp.de.debian.org/debian/ testing/main amd64 Packages
170 http://ftp.de.debian.org/debian/ sid/main amd64 Packages
100 /var/lib/dpkg/status

Regards,
Roland Hieber


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5352fd64.4080...@rohieb.name

Re: Personal Recommendations for Free List Compatible Email Service

2014-04-19 Thread Andrei POPESCU

On Sb, 19 apr 14, 13:38:06, Patrick Bartek wrote:
> 
> What with my authentication problems with my Yahoo Mail address on this
> list, anyone have personal recommendations for a good, free email
> service (other than gmail -- I don't want the mails getting routed to
> my phone) to run my lists subcriptions through?  I've been researching
> and most all that I've considered have gotten over 75% bad evaluations
> from those who've tried them.
> 
> I don't need lots of storage or big attachment sizes (or any
> attachments really), but I do need IMAP, so I can use Claws.  It must be
> reasonably secure and dependable, i.e, good "up" times.

I've had a reasonably good experience with GMX. I'm not using that 
address to post, but subscribing/unsubscribing works fine and the web 
interface can even do plain text :p
 
> FYI: If I don't get replies -- because of Yahoo my posts don't get
> mirrored back to me -- I can't know if this got through.  So, at
> least, one person reply even if you don't have a recommendation.

CCed you just to be sure you get it.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: Will there be a i386 version 34 chromium .deb?

2014-04-19 Thread Ralph Katz

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 04/19/2014 03:48 PM, Michael Gilbert wrote:
> On Sat, Apr 19, 2014 at 6:58 AM, 積丹尼 Dan Jacobson wrote:
>> All I know is there is something missing for _i386 this time
> 
> That's because there was a build failure: 
> https://buildd.debian.org/status/package.php?p=chromium-browser

But all's well in debian stable:

~$ apt-cache policy chromium
chromium:
  Installed: 34.0.1847.116-1~deb7u1
  Candidate: 34.0.1847.116-1~deb7u1
  Version table:
 *** 34.0.1847.116-1~deb7u1 0
500 http://security.debian.org/ wheezy/updates/main i386 Packages
100 /var/lib/dpkg/status
 31.0.1650.63-1~deb7u1 0
500 http://debian.lcs.mit.edu/debian/ wheezy/main i386 Packages

Regards,
Ralph


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTUuDwAAoJECe2FpioHXO6ersH/Apz9bG6xa9o5VM55j+9mnmi
I9DH7kGmng03FmEXVDQACgrFNoZSX1wiNXCn7IkbAqqnXXNLVGhEa5I1pGA70hak
7+drlvX3nHwX7Mho9TUXKlJgrhdSrsGJSViHvuSkb9VFQNPzgdD+Me1vK+RzoKrF
1Z74vzT+dAp5LgR64HHSJgUbdXKVilpSaAnvVY/KW9C8eS0h3RKnhM0C/LuEr8Sj
1KXclenJhChW7U5O36H8myZhklv+y77QHJe2qVMmKRQevdgF+Ey+KLX15qVvIGgl
3EdjtgszJoov6jivpKjz1ngBJb6XhECg+VB88WDgFm1EOioRuoZa6aELWnH5C8g=
=pQjW
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5352e0f4.6030...@rcn.com

Re: Debian package skeleton

2014-04-19 Thread Andrei POPESCU

On Sb, 19 apr 14, 13:14:09, Andy wrote:
> Hello all,
> 
> Is there one or more 'skeletons' folder hierarchies, to create Debian
> packages? If yes, where can I download them?
> 
> I am thinking something like a folder structure, with some configuration
> files and a Makefile, where I can just extract a TGZ archive in a folder,
> edit the configuration files, type 'make package'.
> 
> Is something like that exists?

See the package dh-make.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Personal Recommendations for Free List Compatible Email Service

2014-04-19 Thread Patrick Bartek


What with my authentication problems with my Yahoo Mail address on this
list, anyone have personal recommendations for a good, free email
service (other than gmail -- I don't want the mails getting routed to
my phone) to run my lists subcriptions through?  I've been researching
and most all that I've considered have gotten over 75% bad evaluations
from those who've tried them.

I don't need lots of storage or big attachment sizes (or any
attachments really), but I do need IMAP, so I can use Claws.  It must be
reasonably secure and dependable, i.e, good "up" times.

FYI: If I don't get replies -- because of Yahoo my posts don't get
mirrored back to me -- I can't know if this got through.  So, at
least, one person reply even if you don't have a recommendation.

Thanks.

B


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140419133806.2016d...@debian7.boseck208.net

Re: 'no-fixes' in stable

2014-04-19 Thread Rob van der Putten


Hi there


Brian wrote:


And your printer model is?


It's in an earlier post in this thread: HP Laserjet P2015DN. There is a 
ppd in Current Debian stable package hpijs-ppds, but it doesn't support 
1200 dpi. See earlier post. More here;

http://www.sput.nl/software/hp2015dn.html#cups


Regards,
Rob


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/liumqs$ari$1...@ger.gmane.org

Re: Debian package skeleton

2014-04-19 Thread Per Andersson

Hi!

Maybe you want to look at the packages packaging-tutorial and
hello. You can also download any package and look at the
packaging with apt-get source .

It seems that dh-make can be what you seek also, it does not
configure everything for you though. You will need to configure
and tune the packaging yourself.

There is also the equivs package which creates trivial Debian
packages.

In the different packaging teams there exists several programs
to automate processes, as John says, e.g. Debian Ruby uses
gem2deb, Debian Python uses dh_python2/3 etc. (For Ruby
gems gem2deb actually creates something almost ready for
upload automatically.)

There are also numerous resources for Debian packaging e.g.

[0] https://www.debian.org/doc/manuals/maint-guide/
[1] https://wiki.debian.org/IntroDebianPackaging
[2] https://wiki.debian.org/CategoryPackaging
[3] https://wiki.debian.org/HowToPackageForDebian
[4] https://wiki.debian.org/DebianPackagingHandbook
[5] https://wiki.debian.org/Packaging


--
Per


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/cabyrxstettpdeodniv1-uoia2hfxckvn5+fznkt5vjh_tum...@mail.gmail.com

Re: UEFI install

2014-04-19 Thread Andrew M.A. Cater

On Fri, Apr 18, 2014 at 07:16:56PM -0300, André Nunes Batista wrote:
> On Fri, 2014-04-18 at 10:19 -0400, Gary Dale wrote:
> > On 18/04/14 12:33 AM, Corey Blair wrote:
> > > I got a new laptop without a CD/DVD drive and am trying to install off 
> > > a USB image and either dual boot my pre-installed windows 8.1 or just 
> > > wipe and use strictly Debian.  I get all the way to the point of 
> > > installing GRUB and it fails.  I've read that this may have something 
> > > to do with the disk being GPT instead of MBR?  How do I get a dual 
> > > boot Windows 8.1 and Debian Wheezy install?  Or at the least have 
> > > Debian successfully installed (although I'm afraid of wiping the HDD 
> > > and losing the ability to revert back to Windows)
> > >
> > >
> > You may not be able to. The problem may be that Wheezy is too old. 
> > Coexistence with UEFI is still developing.
> > 
> > However, Wheezy can handle GPT disks just fine.
> > 
> > To test this, turn of UEFI in the BIOS and try the install again. To 
> > make things easier, first use Windows disk manager to shrink the Windows 
> > partition. Create a new partition in the free space and also leave a 
> > small empty (a few hundred megabytes) space somewhere for the EFI System 
> > Partition.
> > 
> > Then start the Wheezy install. If that works, turn UEFI back on and try 
> > booting into both OSs.
> > 
> > 
> 
> It is possible to install debian wheezy with uefi enabled, take a look:
> 
> https://lists.debian.org/debian-user/2014/03/msg01372.html
> 
> and the subsequent answer by Andrew.
> 
> -- 
> André N. Batista
> GNUPG/PGP KEY: 6722CF80
> 

If Legacy BIOS settings are turned off, so that the machine will boot
only from UEFI an install of Debian 7 Wheezy will work: I have two
machines here installed just that way.

You will need to tab down to the advanced options as you boot the
installer and select expert mode : at that point, you can also
choose which desktop to install.

You may be able to install a very basic machine by using
dd to write the DVD image to an 8G USB stick.

AndyC



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140419201247.ga5...@galactic.demon.co.uk

Re: 'no-fixes' in stable

2014-04-19 Thread Brian

On Sat 19 Apr 2014 at 21:39:31 +0200, Rob van der Putten wrote:

> Brian wrote:
> 
> >What is lacking in the range of PPDs offered by Debian that one has to
> >go searching in corners of the web to find one?
> 
> AFAIK Debian doesn't provide a PPD for my printer.
> Debian used to, but that is a long time ago.

And your printer model is?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/19042014205112.e72e8edbf...@desktop.copernicus.demon.co.uk

Re: Will there be a i386 version 34 chromium .deb?

2014-04-19 Thread Michael Gilbert

On Sat, Apr 19, 2014 at 6:58 AM, 積丹尼 Dan Jacobson wrote:
> All I know is there is something missing for _i386 this time

That's because there was a build failure:
https://buildd.debian.org/status/package.php?p=chromium-browser

That's easy enough to fix, I just haven't gotten around to it yet.
Patches are welcome.

Best wishes,
Mike


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CANTw=MNsJ0w4-h1TGTNKek+Qs0A5MsKvTHdGKNJtsVDYt8e=b...@mail.gmail.com

Re: 'no-fixes' in stable

2014-04-19 Thread Rob van der Putten


Hi there


Brian wrote:


What is lacking in the range of PPDs offered by Debian that one has to
go searching in corners of the web to find one?


AFAIK Debian doesn't provide a PPD for my printer.
Debian used to, but that is a long time ago.


Vr.Gr,
Rob
--
Trans-Pacific Partnership is evil;
http://www.dewereldmorgen.be/artikels/2013/12/10/hoe-monsanto-profiteert-van-het-trans-pacific-partnership


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/liujdj$uk9$1...@ger.gmane.org

Re: Heartbleed

2014-04-19 Thread Roger Klorese

On Apr 19, 2014, at 11:56 AM, Roger Klorese  wrote:
> 
> No, just judginess. 


And to head off the five hundred self-important follow-ups, sorry for imitating 
most of the world and top-posting. 


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/6179acb1-ab23-47e5-b94f-81661f127...@queernet.org

Re: Heartbleed

2014-04-19 Thread Roger Klorese

No, just judginess. 

Sent from my iPhone

> On Apr 19, 2014, at 11:36 AM, Brad Rogers  wrote:
> 
> On Sat, 19 Apr 2014 09:25:17 -0700
> Roger Klorese  wrote:
> 
> Hello Roger,
> 
>> It's not so easy to look like you consistently have three days' growth.
> 
> Chris made his comments, I'm pretty sure, heavily tinged with sarcasm.
> 
> -- 
> Regards  _
> / )   "The blindingly obvious is
>/ _)radnever immediately apparent"
> I'm surfing on a wave of nostalgia for an age yet to come
> Nostalgia - Buzzcocks


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/6c6e64e2-2c30-4897-aa3d-26b2ab6fd...@queernet.org

Re: Heartbleed

2014-04-19 Thread Brad Rogers

On Sun, 20 Apr 2014 04:20:50 +1200
Chris Bannister  wrote:

Hello Chris,

>Unbelievable! You mean you can buy beard trimmers that make you look as
>though you forgot to shave? And people buy them!!! ??? 

Yes, and yes.

>Someone should tell them, it's easily done and you DON'T need a beard
>trimmer.

Ah, but there's always some numpty that's easily parted from their
hard-earned cash.

-- 
 Regards  _
 / )   "The blindingly obvious is
/ _)radnever immediately apparent"
Watching the people get lairy
I Predict A Riot - Kaiser Chiefs


signature.asc
Description: PGP signature

Re: Heartbleed

2014-04-19 Thread Brad Rogers

On Sat, 19 Apr 2014 09:25:17 -0700
Roger Klorese  wrote:

Hello Roger,

>It's not so easy to look like you consistently have three days' growth. 

Chris made his comments, I'm pretty sure, heavily tinged with sarcasm.

-- 
 Regards  _
 / )   "The blindingly obvious is
/ _)radnever immediately apparent"
I'm surfing on a wave of nostalgia for an age yet to come
Nostalgia - Buzzcocks


signature.asc
Description: PGP signature

Re: Ad-Hoc Configuration

2014-04-19 Thread Gian Uberto Lauri

Anubhav Yadav writes:
 > On Sat, Apr 19, 2014 at 10:11 PM, Ralf Mardorf
 >  wrote:
 > > I have given up to get a working ad-hoc on my Linux PC to have Internet
 > > access for an iPad.
 > 
 > I am going to make you happy then.
 > I am using an adhoc connection successfully on my nexus 7 and nokia 79.

Using hostapd and a fixed network configuration works perfectly. It may not be
the harder hotspot in the world but does the job.

interface=wlan0
driver=nl80211
ssid=/* a sid id */
ignore_broadcast_ssid=1
channel=11
hw_mode=g
auth_algs=3
wpa=3
wpa_passphrase=/* choose one */
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
ht_capab=[HT40-][SHORT-GI-40][DSSS_CCK-40]
macaddr_acl=1
accept_mac_file=/etc/hostapd/hostapd.accept

List the accepted mac address in the file hostapd.accept and unwanted
usage of yur pc as an hotspot will be a bit harder.

Please remember the following to enable IP routing...

echo 1 > /proc/sys/net/ipv4/ip_forward

-- 
 /\   ___Ubuntu: ancient
/___/\_|_|\_|__|___Gian Uberto Lauri_   African word
  //--\| | \|  |   Integralista GNUslamicomeaning "I can
\/ coltivatore diretto di software   not install
 già sistemista a tempo (altrui) perso...Debian"

Warning: gnome-config-daemon considered more dangerous than GOTO


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/21330.48727.246325.299...@mail.eng.it

Re: Heartbleed

2014-04-19 Thread David Guntner

Lisi Reisz grabbed a keyboard and wrote:
> On Saturday 19 April 2014 17:24:20 David Guntner wrote:
>> This discussion would be best continued here:
>>
>> http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
> 
> And these "suggestions" would too.  Just kill the thread if it is 
> annoying you so much, or go to teh off-topic list.  These constant 
> repetitions of yours are becoming annoying.  (And yes, I could just 
> kill-file you, but so far that seems over-dramatic. ;-)

Responded off-list.




smime.p7s
Description: S/MIME Cryptographic Signature

Re: Ad-Hoc Configuration

2014-04-19 Thread Anubhav Yadav

On Sat, Apr 19, 2014 at 10:11 PM, Ralf Mardorf
 wrote:
> I have given up to get a working ad-hoc on my Linux PC to have Internet
> access for an iPad.

I am going to make you happy then.
I am using an adhoc connection successfully on my nexus 7 and nokia 79.

Download the ap-hotspot deb package here
https://launchpad.net/~nilarimogard/+archive/webupd8/+sourcepub/3958646/+listing-archive-extra

Before using dpkg to install the package make sure you have hostapd
and dnsmasq installed on your
system. They are found in the official debian repositories.

Its very easy to use,
"sudo ap-hotspot start" will start the script. The script will
automatically identify your network source, be it
usb or ethernet connection. And then you can use your laptop as a
makeshift router.

More info about the script can be found here.
http://www.webupd8.org/2013/06/how-to-set-up-wireless-hotspot-access.html

Working flawlessly here

-- 
Regards,
Anubhav Yadav
Imperial College of Engineering and Research,
Pune.

-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/ca+jf9ahrshhjywb4dvt1ibgqngq3qyrj2bfglukp2-xk2yf...@mail.gmail.com

Re: Heartbleed

2014-04-19 Thread Lisi Reisz

On Saturday 19 April 2014 17:24:20 David Guntner wrote:
> This discussion would be best continued here:
>
> http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopi
>c

And these "suggestions" would too.  Just kill the thread if it is 
annoying you so much, or go to teh off-topic list.  These constant 
repetitions of yours are becoming annoying.  (And yes, I could just 
kill-file you, but so far that seems over-dramatic. ;-)

Lisi

> Scott Ferguson grabbed a keyboard and wrote:
> > On 19/04/14 19:04, Joe wrote:
> >> On Sat, 19 Apr 2014 14:33:43 +1000
> >>
> >> Scott Ferguson  wrote:
> >>> Perhaps the solution is not greater bureaucracy to safeguard
> >>> data ignorance,
> >>
> >> I certainly wasn't suggesting bureaucracy,
> >
> > Nor did I understand you to be - just commenting on the subject
> > on which so many are passionate and that most of the OOT posts in
> > this thread are about, and how the only way to assuage "their"
> > fears is to create beaurocracy.  i.e. I don't trust what
> > companies can suck from the air/scrape from my data etc, the only
> > remedies are:-stop caring;police offenders;or somewhere between
> > the two extremes.
> >
> >> my country has more than
> >> enough already, and we all know that laws are framed to allow
> >> governments to do exactly what they forbid other people to do.
> >
> > Exactly. The bureaucracy itself relies upon increasing "invasive"
> > practices.
> >
> >>> but greater personal responsibility and a reassessment of
> >>> what privacy "rights" are unreasonable expectations?
> >>
> >> I was suggesting that perhaps many people are leaking more
> >> information about themselves than they think,
> >
> > Yes. They/we are all ignorant of what data and what it's value -
> > or potential losses that could result from it's loss.
> > Most people don't care - that's why we have bureaucracies.
> >
> > Maybe I'm "too cynical" to expect people's level of Consciousness
> > to be raised instead of their level of Fear? Maybe optimism has
> > failed to triumph the entire history of human experience when it
> > comes to discression and OpSec - particularly in a gamified era
> > of online ego and Multimedia Attention Deficiency where telling
> > and showing yourself is increasingly considered the norm.
> >
> >> a lot of it with long expiry dates.
> >> I don't really care about people knowing that I was a Scout in
> >> my childhood, or what I bought in one of my local supermarkets
> >> last week, but I'd rather not publish the list of organisations
> >> I belonged to last week. (No, there aren't any embarrassing
> >> ones, but that's not the point).
> >
> > I can think of a number of scenarios where you might reasonably
> > want to do that - but it's always a *risk*.
> >
> >> Collectively that leaked data could cause unexpected harm to
> >> them, either financially or otherwise. Yes, 'responsibility'.
> >> Every now and then, I Google my full name in various
> >> combinations, and no personal reference to me ever appears in at
> >> least the first ten pages. I like it that way.
> >
> > I'm not sure how relevant Google is in this instance. Would they
> > be more relevant than Bing or DuckDuckDuck?
> >
> > Maybe the responsible thing to do is don't join organisations
> > whose reputation would suffer if some people learned of your
> > membership - just in case the information leaked?
> >
> >> We may have wandered off the point.
> >
> > Very, very much so. Most of the posts in this thread (including
> > the outstanding "I see nothing in the press about this") have
> > been far from the point.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201404191827.16746.lisi.re...@gmail.com

Re: 'no-fixes' in stable

2014-04-19 Thread Brian

On Sat 19 Apr 2014 at 17:14:41 +0200, Rob van der Putten wrote:

> Curt wrote:
> 
> >A known limitation, it seems.
> 
> >http://www.openprinting.org/printer/HP/HP-LaserJet_1320
> 
> This site is slow and PPDs keep disappearing.
> If you do find a PPD that works, put it on your website, so people
> can find it using a web search.

What is lacking in the range of PPDs offered by Debian that one has to
go searching in corners of the web to find one?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140419165724.gd17...@copernicus.demon.co.uk

Re: Ad-Hoc Configuration

2014-04-19 Thread Ralf Mardorf

I have given up to get a working ad-hoc on my Linux PC to have Internet
access for an iPad.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1397925669.2443.13.camel@archlinux

Re: Heartbleed

2014-04-19 Thread Roger Klorese

It's not so easy to look like you consistently have three days' growth. 

Sent from my iPhone

> On Apr 19, 2014, at 9:20 AM, Chris Bannister  
> wrote:
> 
>> On Fri, Apr 18, 2014 at 12:59:02PM +0100, Brad Rogers wrote:
>> On Fri, 18 Apr 2014 08:11:27 + (UTC)
>> Curt  wrote:
>> 
>> Hello Curt,
>> 
 On 2014-04-18, Steve Litt  wrote:
 * I can successfully shave myself to leave exactly four days growth.  
>>> I've always wondered how those Macintosh fanboys (and Hollywood
>>> celebrities, two overlapping sets) accomplished this.
>> 
>> Really?
>> 
>> All the male grooming companies sell beard trimmers that will do that.
> 
> Unbelievable! You mean you can buy beard trimmers that make you look as
> though you forgot to shave? And people buy them!!! ??? 
> 
> Someone should tell them, it's easily done and you DON'T need a beard
> trimmer.
> 
> -- 
> "If you're not careful, the newspapers will have you hating the people
> who are being oppressed, and loving the people who are doing the 
> oppressing." --- Malcolm X
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: https://lists.debian.org/20140419162050.GB16084@tal
> 


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/c425aad4-c0a6-40a1-a171-833bb11d3...@queernet.org

Re: Heartbleed

2014-04-19 Thread David Guntner

This discussion would be best continued here:

http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic

Scott Ferguson grabbed a keyboard and wrote:
> On 19/04/14 19:04, Joe wrote:
>> On Sat, 19 Apr 2014 14:33:43 +1000
>> Scott Ferguson  wrote:
>>
>>
>>>
>>> Perhaps the solution is not greater bureaucracy to safeguard data
>>> ignorance,
>>>
>>
>> I certainly wasn't suggesting bureaucracy,
> 
> Nor did I understand you to be - just commenting on the subject on which
> so many are passionate and that most of the OOT posts in this thread are
> about, and how the only way to assuage "their" fears is to create
> beaurocracy.  i.e. I don't trust what companies can suck from the
> air/scrape from my data etc, the only remedies are:-stop caring;police
> offenders;or somewhere between the two extremes.
> 
>> my country has more than
>> enough already, and we all know that laws are framed to allow
>> governments to do exactly what they forbid other people to do.
> 
> Exactly. The bureaucracy itself relies upon increasing "invasive" practices.
> 
>>
>>> but greater personal responsibility and a reassessment of
>>> what privacy "rights" are unreasonable expectations?
>>
>> I was suggesting that perhaps many people are leaking more information
>> about themselves than they think,
> 
> Yes. They/we are all ignorant of what data and what it's value - or
> potential losses that could result from it's loss.
> Most people don't care - that's why we have bureaucracies.
> 
> Maybe I'm "too cynical" to expect people's level of Consciousness to be
> raised instead of their level of Fear? Maybe optimism has failed to
> triumph the entire history of human experience when it comes to
> discression and OpSec - particularly in a gamified era of online ego and
> Multimedia Attention Deficiency where telling and showing yourself is
> increasingly considered the norm.
> 
>> a lot of it with long expiry dates.
>> I don't really care about people knowing that I was a Scout in my
>> childhood, or what I bought in one of my local supermarkets last week,
>> but I'd rather not publish the list of organisations I belonged to last
>> week. (No, there aren't any embarrassing ones, but that's not the
>> point).
> 
> I can think of a number of scenarios where you might reasonably want to
> do that - but it's always a *risk*.
> 
>>
>> Collectively that leaked data could cause unexpected harm to them,
>> either financially or otherwise. Yes, 'responsibility'. Every now and
>> then, I Google my full name in various combinations, and no personal
>> reference to me ever appears in at least the first ten pages. I like it
>> that way.
> 
> I'm not sure how relevant Google is in this instance. Would they be more
> relevant than Bing or DuckDuckDuck?
> 
> Maybe the responsible thing to do is don't join organisations whose
> reputation would suffer if some people learned of your membership - just
> in case the information leaked?
> 
>>
>> We may have wandered off the point.
> 
> 
> Very, very much so. Most of the posts in this thread (including the
> outstanding "I see nothing in the press about this") have been far from
> the point.
> 
> 




smime.p7s
Description: S/MIME Cryptographic Signature

Re: Heartbleed

2014-04-19 Thread David Guntner

This discussion is best continued here:

http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic

Joe grabbed a keyboard and wrote:
> On Sat, 19 Apr 2014 14:33:43 +1000
> Scott Ferguson  wrote:
> 
> 
>>
>> Perhaps the solution is not greater bureaucracy to safeguard data
>> ignorance,
>>
> 
> I certainly wasn't suggesting bureaucracy, my country has more than
> enough already, and we all know that laws are framed to allow
> governments to do exactly what they forbid other people to do.
> 
>> but greater personal responsibility and a reassessment of
>> what privacy "rights" are unreasonable expectations?
> 
> I was suggesting that perhaps many people are leaking more information
> about themselves than they think, a lot of it with long expiry dates.
> I don't really care about people knowing that I was a Scout in my
> childhood, or what I bought in one of my local supermarkets last week,
> but I'd rather not publish the list of organisations I belonged to last
> week. (No, there aren't any embarrassing ones, but that's not the
> point).
> 
> Collectively that leaked data could cause unexpected harm to them,
> either financially or otherwise. Yes, 'responsibility'. Every now and
> then, I Google my full name in various combinations, and no personal
> reference to me ever appears in at least the first ten pages. I like it
> that way.
> 
> We may have wandered off the point.
> 




smime.p7s
Description: S/MIME Cryptographic Signature

Re: Heartbleed

2014-04-19 Thread David Guntner

http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic

Scott Ferguson grabbed a keyboard and wrote:
> On 19/04/14 16:51, Tom Furie wrote:> On Sat, Apr 19, 2014 at 02:33:43PM
> +1000, Scott Ferguson wrote:
>>> On 19/04/14 07:55, Joe wrote:
>>
 As is the light originating inside peoples' homes and passing out
 of their windows. In which case it is arguable that it is
 perfectly acceptable to collect and record that light with a
 camera without asking the permission of those who own the home
 and/or who have modified the light...
>>>
>>> Most countries don't provide legislative protection from the gaze
>>> of people passing by. For reasons of sanity, and something to do
>>> with the concept of free will (and personal responsibility).
>>
>> There is a very large difference between the gaze of passers-by and 
>> actively attempting to see something, especially where recording 
>> equipment is involved.
> 
> Yes. And in most cases the legislation reflects that. i.e. it's legal to
> photograph you sunning yourself through you window - if I take the
> picture from the street (public place) - but not if I use a telescopic
> lens. Not dissimilar from the difference between recording wireless
> broadcasts and recording the (resonant) response from wireless equipment
> when you transmit a high power signal at it. Note that in some places
> it's perfectly legal for an individual to WARdrive, and in some cases
> the local police have done so as "community relations" - but when a
> Google Maps car does the same thing the courts decide it's punishable
> with a fine.
> 
> Regards of the medium or means - it seems the individual is arguing that
> what they do in public space is private. Whereas I propose that what you
> do behind curtains or a faraday cage *is* private[*1] - what you do in
> public space, or on the networks and resources of others is not.
> 
> [*1] private as in "on private property", not as in "I don't wish to
> share". There is a belief that any gathering of information without the
> express permission of the individual is "invasive". When that belief
> extends to information that is publicly *disseminated* that belief is
> oxymoronic. "unwanted" != "invasive". Taking DNA samples from me *is*
> invasive (it invades my personal space), taking DNA samples from cells I
> drop in public spaces *is not* invasive (it's just creepy).
> 
>>
>> Cheers, Tom
>>
> 
> That's not to say I have nothing to hide (I wear pants and use
> curtains), just that I don't believe pissing up a rope or relying on
> mind over matter are productive exercises.
> 
> 
> Kind regards.
> 
> 




smime.p7s
Description: S/MIME Cryptographic Signature

Re: Heartbleed

2014-04-19 Thread David Guntner

http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic

Tom Furie grabbed a keyboard and wrote:
> On Sat, Apr 19, 2014 at 02:33:43PM +1000, Scott Ferguson wrote:
>> On 19/04/14 07:55, Joe wrote:
> 
>>> As is the light originating inside peoples' homes and passing out of
>>> their windows. In which case it is arguable that it is perfectly
>>> acceptable to collect and record that light with a camera without
>>> asking the permission of those who own the home and/or who have
>>> modified the light...
>>
>> Most countries don't provide legislative protection from the gaze of
>> people passing by. For reasons of sanity, and something to do with the
>> concept of free will (and personal responsibility).
> 
> There is a very large difference between the gaze of passers-by and
> actively attempting to see something, especially where recording
> equipment is involved.
> 
> Cheers,
> Tom
> 




smime.p7s
Description: S/MIME Cryptographic Signature

Re: Heartbleed

2014-04-19 Thread Chris Bannister

On Fri, Apr 18, 2014 at 12:59:02PM +0100, Brad Rogers wrote:
> On Fri, 18 Apr 2014 08:11:27 + (UTC)
> Curt  wrote:
> 
> Hello Curt,
> 
> >On 2014-04-18, Steve Litt  wrote:
> >> * I can successfully shave myself to leave exactly four days growth.  
> >I've always wondered how those Macintosh fanboys (and Hollywood
> >celebrities, two overlapping sets) accomplished this.
> 
> Really?
> 
> All the male grooming companies sell beard trimmers that will do that.

Unbelievable! You mean you can buy beard trimmers that make you look as
though you forgot to shave? And people buy them!!! ??? 

Someone should tell them, it's easily done and you DON'T need a beard
trimmer.

-- 
"If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the 
oppressing." --- Malcolm X


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140419162050.GB16084@tal

Re: Heartbleed

2014-04-19 Thread Chris Bannister

On Sat, Apr 19, 2014 at 02:33:43PM +1000, Scott Ferguson wrote:
> On 19/04/14 07:55, Joe wrote:
> > As is the light originating inside peoples' homes and passing out of
> > their windows. In which case it is arguable that it is perfectly
> > acceptable to collect and record that light with a camera without
> > asking the permission of those who own the home and/or who have
> > modified the light...
> 
> Most countries don't provide legislative protection from the gaze of
> people passing by. For reasons of sanity, and something to do with the
> concept of free will (and personal responsibility).

cryptoscopophilia is harmless if one is discreet.

-- 
"If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the 
oppressing." --- Malcolm X


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140419161011.GA16084@tal

Re: 'no-fixes' in stable

2014-04-19 Thread Rob van der Putten


Hi there


Curt wrote:


A known limitation, it seems.



http://www.openprinting.org/printer/HP/HP-LaserJet_1320


This site is slow and PPDs keep disappearing.
If you do find a PPD that works, put it on your website, so people can 
find it using a web search.



(I wanted to view the discussion thread also but was asked to log in to
"Disqus", whatever the hell that is, and I don't feel logging in I feel
like opting out).



Regards,
Rob


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/liu3t1$dpq$1...@ger.gmane.org

OpenVPN client configuration for simultaneous connections to external servers

2014-04-19 Thread Daniel Bareiro

Hi all

I'm doing tests to simultaneously maintain two VPN links against PureVPN
servers. As this is an external provider, I have no way to make changes
in the configuration of VPN servers.

The settings I'm using to set up each link are:


# cat client.conf
client
dev tun
proto tcp
remote br1-ovpn.purevpn.net 80
persist-key
persist-tun
ca ca.crt
tls-auth Wdc.key 1
cipher AES-256-CBC
comp-lzo
verb 3
mute 20
route-method exe
route-delay 2
# route 0.0.0.0 0.0.0.0
float

auth-user-pass auth.asc
auth-retry interact
ifconfig-nowarn

status /var/log/openvpn-status.log
log-append /var/log/openvpn.log

# cat client2.conf
client
dev tun
proto udp
remote cl1-ovpn.purevpn.net 53
persist-key
persist-tun
ca ca.crt
tls-auth Wdc.key 1
cipher AES-256-CBC
comp-lzo
verb 3
mute 20
route-method exe
route-delay 2
# route 0.0.0.0 0.0.0.0
float

auth-user-pass auth.asc
auth-retry interact
ifconfig-nowarn

status /var/log/openvpn2-status.log
log-append /var/log/openvpn2.log


The two links are established, but when I do ping tests (with "-I tun1"
and "-I tun2"), I have an answer by a single link. I think there should
be a routing problem.

When the connection is established using client.conf, these are the
routing rules added by the server:

Fri Apr 18 10:46:30 2014 /sbin/ip link set dev tun0 up mtu 1500
Fri Apr 18 10:46:30 2014 /sbin/ip addr add dev tun0 181.41.205.194/26 broadcast 
181.41.205.255
Fri Apr 18 10:46:32 2014 /sbin/ip route add 181.41.198.225/32 via 162.252.86.177
Fri Apr 18 10:46:32 2014 /sbin/ip route add 0.0.0.0/1 via 181.41.205.193
Fri Apr 18 10:46:32 2014 /sbin/ip route add 128.0.0.0/1 via 181.41.205.193
Fri Apr 18 10:46:32 2014 /sbin/ip route add 0.0.0.0/0 via 181.41.205.193

When the connection is established using client2.conf, these are the
routing rules added by the server:

Fri Apr 18 10:49:39 2014 /sbin/ip link set dev tun1 up mtu 1500
Fri Apr 18 10:49:39 2014 /sbin/ip addr add dev tun1 179.61.208.135/26 broadcast 
179.61.208.191
Fri Apr 18 10:49:41 2014 /sbin/ip route add 181.41.198.181/32 via 162.252.86.177
Fri Apr 18 10:49:41 2014 /sbin/ip route add 0.0.0.0/1 via 179.61.208.129
Fri Apr 18 10:49:41 2014 /sbin/ip route add 128.0.0.0/1 via 179.61.208.129
Fri Apr 18 10:49:41 2014 /sbin/ip route add 0.0.0.0/0 via 179.61.208.129

After reading this [1] document, I thought maybe after the two links are
established, I could manually delete the rules added by the servers and
add something like the following:

ip route add 181.41.205.192/26 dev tun0 src 181.41.205.194/26 table T1
ip route add default via 181.41.205.193 table T1
ip route add 179.61.208.128/26 dev tun1 src 179.61.208.135/26 table T2
ip route add default via 179.61.208.129 table T2

ip route add 181.41.205.192/26 dev tun0 src 181.41.205.194/26
ip route add 179.61.208.128/26 dev tun1 src 179.61.208.135/26

ip route add default via 181.41.205.193

ip rule add from 181.41.205.194/26 table T1
ip rule add from 179.61.208.135/26 table T2


Not sure if this can works as I'm manually entering these rules outside
the OpenVPN configuration and would like something neater (if possible,
within the same configuration files) for easy maintenance.

I would appreciate any comments.
Thank you in advance for responding.

Best regards,
Daniel


[1] http://lartc.org/howto/lartc.rpdb.multiple-links.html
-- 
Ing. Daniel Bareiro - GNU/Linux registered user #188.598
Proudly running Debian GNU/Linux with uptime:
11:46:43 up 72 days, 14:13, 18 users,  load average: 1,07, 1,17, 1,21


signature.asc
Description: Digital signature

Re: Repeatable apt-get WARNING: The following packages cannot be authenticated!

2014-04-19 Thread Richard Owlett


Andrei POPESCU wrote:

On Vi, 18 apr 14, 11:08:42, Richard Owlett wrote:

Andrei POPESCU wrote:

On Jo, 17 apr 14, 11:15:00, Richard Owlett wrote:


Yeah BUT ;(
I get NO errors or warnings when apt-get uses the physical DVDs from which
the loop mounted iso's were created.


/etc/apt/apt.conf.d/00trustcdrom:

APT::Authentication::TrustCDROM "true";



Changing that "true" to "false" makes loading from the physical DVDs act the
same as loading from the loop mounted ISO images. Not elegant nor
'satisfactory', but at least consistent.

Is there some documentation on signing aimed at the end-user rather than
package creators. I know I'm missing something - just don't know what ;/


Here's what I use:


#!/bin/sh

# This part generates the minimum necessary files
# for an apt repository.
# Assumptions:
# - this script is run in the directory with packages
# - apt-ftparchive is installed (package apt-utils)
# - you have a GPG key (the default key is used)

# apt seems to require both, even if only one is used
apt-ftparchive packages ./ > Packages
apt-ftparchive packages ./ | gzip > Packages.gz

apt-ftparchive release ./ > Release

sudo -u amp gpg --armor --detach-sign --sign --output Release.gpg Release

# a sources.list line should look like this
# deb file:/directory/with/debs ./


Hope this helps,
Andrei



Yes - but probably not in the way you expected ;)
I started deciphering what your script with aid of man pages.
Thus found reference to "GNU Privacy Guard". In my reading I had 
seen lots of abbreviations and acronyms - but never that title *ROFL*


What I'm looking for will be one of the many HOWTO's on that subject.
Looks like I have at least a week's worth of reading to do.
Thank you.




--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/53528814.5000...@cloud85.net

Re: Debian package skeleton

2014-04-19 Thread John Hasler

What you ask for can't really be done.  Upstream practices are too
unpredictable.  Install debhelper, read the maintainer's guide and the
Debian policy manual, find an existing package that is similar to the
one you want to create, and modify the files from it.  For most packages
debhelper and the other build tools automate things to about the maximum
extent possible.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87mwfh5un2@thumper.dhh.gt.org

Re: 'no-fixes' in stable

2014-04-19 Thread Curt

On 2014-04-18, wobbly-hs  wrote:
>
> But shock / amazement!..
> hpijs does work - I thought I'd tried it already but maybe I'd copied the
> ppd or something, this time a clean ppd seems to work (but only runs at 600 
> dpi
> rather than 1200)

A known limitation, it seems.

> Foomatic/pxlmono works better quality but very slowly

> Previously (debian 6) I was using the postscript driver OK.
>
> thanks for your advice.

http://www.openprinting.org/printer/HP/HP-LaserJet_1320

(I wanted to view the discussion thread also but was asked to log in to
"Disqus", whatever the hell that is, and I don't feel logging in I feel
like opting out).

-- 
Même l’avenir n’est plus ce qu’il était. 
(Even the future isn't what it used to be).
- Paul Valéry



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/slrnll4s72.2eq.cu...@einstein.electron.org

Debian package skeleton

2014-04-19 Thread Andy


Hello all,

Is there one or more 'skeletons' folder hierarchies, to create Debian 
packages? If yes, where can I download them?


I am thinking something like a folder structure, with some configuration 
files and a Makefile, where I can just extract a TGZ archive in a 
folder, edit the configuration files, type 'make package'.


Is something like that exists?

Thanks.

--
@ndy


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: 
https://lists.debian.org/b0bccb012f7f3c1c6d611ee64773f...@webmail2.rodier.me

Re: Heartbleed

2014-04-19 Thread Scott Ferguson

On 19/04/14 19:04, Joe wrote:
> On Sat, 19 Apr 2014 14:33:43 +1000
> Scott Ferguson  wrote:
> 
> 
>>
>> Perhaps the solution is not greater bureaucracy to safeguard data
>> ignorance,
>>
> 
> I certainly wasn't suggesting bureaucracy,

Nor did I understand you to be - just commenting on the subject on which
so many are passionate and that most of the OOT posts in this thread are
about, and how the only way to assuage "their" fears is to create
beaurocracy.  i.e. I don't trust what companies can suck from the
air/scrape from my data etc, the only remedies are:-stop caring;police
offenders;or somewhere between the two extremes.

> my country has more than
> enough already, and we all know that laws are framed to allow
> governments to do exactly what they forbid other people to do.

Exactly. The bureaucracy itself relies upon increasing "invasive" practices.

> 
>> but greater personal responsibility and a reassessment of
>> what privacy "rights" are unreasonable expectations?
> 
> I was suggesting that perhaps many people are leaking more information
> about themselves than they think,

Yes. They/we are all ignorant of what data and what it's value - or
potential losses that could result from it's loss.
Most people don't care - that's why we have bureaucracies.

Maybe I'm "too cynical" to expect people's level of Consciousness to be
raised instead of their level of Fear? Maybe optimism has failed to
triumph the entire history of human experience when it comes to
discression and OpSec - particularly in a gamified era of online ego and
Multimedia Attention Deficiency where telling and showing yourself is
increasingly considered the norm.

> a lot of it with long expiry dates.
> I don't really care about people knowing that I was a Scout in my
> childhood, or what I bought in one of my local supermarkets last week,
> but I'd rather not publish the list of organisations I belonged to last
> week. (No, there aren't any embarrassing ones, but that's not the
> point).

I can think of a number of scenarios where you might reasonably want to
do that - but it's always a *risk*.

> 
> Collectively that leaked data could cause unexpected harm to them,
> either financially or otherwise. Yes, 'responsibility'. Every now and
> then, I Google my full name in various combinations, and no personal
> reference to me ever appears in at least the first ten pages. I like it
> that way.

I'm not sure how relevant Google is in this instance. Would they be more
relevant than Bing or DuckDuckDuck?

Maybe the responsible thing to do is don't join organisations whose
reputation would suffer if some people learned of your membership - just
in case the information leaked?

> 
> We may have wandered off the point.

Very, very much so. Most of the posts in this thread (including the
outstanding "I see nothing in the press about this") have been far from
the point.

-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53525bcf.5050...@gmail.com

Re: Will there be a i386 version 34 chromium .deb?

2014-04-19 Thread 積丹尼 Dan Jacobson

All I know is there is something missing for _i386 this time
$ w3m -dump http://ftp.br.debian.org/debian/pool/main/c/chromium-browser/|grep 
chromium_
[ ] chromium_31.0.1650.63-1~deb7u1_amd64.deb
2013-12-08  49M
[ ] chromium_31.0.1650.63-1~deb7u1_i386.deb 
2013-12-08  46M
[ ] chromium_33.0.1750.152-1_amd64.deb  
2014-03-21  37M
[ ] chromium_33.0.1750.152-1_i386.deb   
2014-03-21  35M
[ ] chromium_33.0.1750.152-1~deb7u1_amd64.deb   
2014-03-24  51M
[ ] chromium_33.0.1750.152-1~deb7u1_i386.deb
2014-03-24  48M
[ ] chromium_34.0.1847.116-1~deb7u1_amd64.deb   
2014-04-16  48M
[ ] chromium_34.0.1847.116-1~deb7u1_i386.deb
2014-04-16  49M
[ ] chromium_34.0.1847.116-2_amd64.deb  
2014-04-15  35M


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/87vbu5k2kw@jidanni.org

Re: Repeatable apt-get WARNING: The following packages cannot be authenticated!

2014-04-19 Thread Richard Owlett


Joel Rees wrote:

On Fri, Apr 18, 2014 at 1:02 AM, Richard Owlett
mailto:rowl...@cloud85.net>> wrote:

Joel Rees wrote:


On Wed, Apr 16, 2014 at 11:49 PM, Richard Owlett
mailto:rowl...@cloud85.net>
>> wrote:

 Richard Owlett wrote:

 [SNIP]

 [...]
 root@debian:/home/richard# apt-get install pforth


pforth? Mind if I ask why?


*LOL* not the part of my post for which I expected a comment.
Primarily I needed an easily remembered package that wouldn't
be on any of my test installs. I've been interested in FORTH
since CPM-80 days.


[...]


The reason I ask is that doing an apt-get source or install of
gforth does not produce any complaints about unrecognized
signatures.

I wonder why Garbee would have signed pforth himself. I only
looked a little ways around, but the key does seem to be his.
Maybe it has to do with where pforth is hosted.
Did you get similar complaints from anything else?


Yes.
When I did a spot check to confirm Andrei's suggestion re
/etc/apt/apt.conf.d/00trustcdrom
APT::Authentication::TrustCDROM "true";
I saw the problem installing ed.

I was using Squeeze 6.0.5 for my tests.
I have (but not yet installed) Wheezy 7.1 DVDs.

I have a laptop set aside for potentially destructive self education.
It's very cluttered at the moment. I plan to repartition and 
reinstall everything this weekend. I'll then have a test platform 
for both Squeeze and Wheezy.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/53525797.1050...@cloud85.net

Re: Will there be a i386 version 34 chromium .deb?

2014-04-19 Thread Joel Rees

On Sat, Apr 19, 2014 at 6:50 PM, 積丹尼 Dan Jacobson wrote:

> https://packages.debian.org/sid/chromium says i386 is version 33 and
> amd64 is version 34. Will there be a i386 version 34 chromium .deb?
>

FWIW, I'm reading the list via mail.google in a chromium browser window,
and I just brought up "about Chromium" in a tab, and it says "Version
34.0.1847.116 (260972)".

So maybe somebody missed updating part of that web page?

-- 
Joel Rees

Be careful where you see conspiracy.
Look first in your own heart.

Ad-Hoc Configuration

2014-04-19 Thread Xiánwén Chén

Hi everyone,

I'm trying to configure an Ad-Hoc network on my laptop for my cellphone.

The laptop connects to the university WiFi network through wlan1. The
university WiFi network authorizes access through MAC address. Therefore,
my cellphone cannot connect to the university WiFi network.

I've created an Ad-Hoc network with laptop's wlan0, which is configured as:

auto wlan0
iface wlan0 inet static
address 192.168.10.1
netmask 255.255.255.0
wireless-channel 1
wireless-essid chen
wireless-mode ad-hoc
wireless-key somepasswd

I've also set up an isc-dhcp-server, which listens only to wlan0. The
subnet is configured as:

subnet 192.168.10.0 netmask 255.255.255.0 {
   authoritative;
   range 192.168.10.2 192.168.10.254;
   default-lease-time 3600;
   max-lease-time 3600;
   option subnet-mask 255.255.255.0;
   option broadcast-address 192.168.10.255;
   option routers 192.168.10.1;
   option domain-name-servers 8.8.8.8;
   option domain-name "aann.tk";
}

So mycell can now connect to the ad-hoc network. I can ping the cellphone
from the laptop. However, the cellphone cannot access internet. I tried to
bridge wlan0 and wlan1, but failed. Apparently wireless interfaces cannot
be bridged.

My question is this. How can I configure the network on my laptop so my
cellphone can access internet?

Thank you in advance!

Kind regards,

Xianwen

Will there be a i386 version 34 chromium .deb?

2014-04-19 Thread 積丹尼 Dan Jacobson

https://packages.debian.org/sid/chromium says i386 is version 33 and
amd64 is version 34. Will there be a i386 version 34 chromium .deb?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/871twtlkbg@jidanni.org

Re: Heartbleed

2014-04-19 Thread Joe

On Sat, 19 Apr 2014 14:33:43 +1000
Scott Ferguson  wrote:

> 
> Perhaps the solution is not greater bureaucracy to safeguard data
> ignorance,
> 

I certainly wasn't suggesting bureaucracy, my country has more than
enough already, and we all know that laws are framed to allow
governments to do exactly what they forbid other people to do.

> but greater personal responsibility and a reassessment of
> what privacy "rights" are unreasonable expectations?

I was suggesting that perhaps many people are leaking more information
about themselves than they think, a lot of it with long expiry dates.
I don't really care about people knowing that I was a Scout in my
childhood, or what I bought in one of my local supermarkets last week,
but I'd rather not publish the list of organisations I belonged to last
week. (No, there aren't any embarrassing ones, but that's not the
point).

Collectively that leaked data could cause unexpected harm to them,
either financially or otherwise. Yes, 'responsibility'. Every now and
then, I Google my full name in various combinations, and no personal
reference to me ever appears in at least the first ten pages. I like it
that way.

We may have wandered off the point.

-- 
Joe

-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140419100439.27044...@jretrading.com

Re: 'no-fixes' in stable

2014-04-19 Thread Rob van der Putten


HI there


wobbly-hs wrote:


hp1320n laser



hplip connection to:
HP LaserJet 1320 series Postscript (recommended) postscript driver

But shock / amazement!..
hpijs does work - I thought I'd tried it already but maybe I'd copied the
ppd or something, this time a clean ppd seems to work (but only runs at 600 dpi
rather than 1200)


I had lots of problems with my HP Laserjet P2015DN.
There were loads of PPDs on the web. Some would do 300 dpi, some 600. 
Only one did 1200x1200. Over the years this PPD kept disappearing and 
reappearing. But It did work!


Upgrading from Debian Squeeze to Wheezy made printing very slow; gs run 
at 100% CPU for several minutes before printing!
Now I'm using the Windows PPD from the installation CD. Works fine at 
1200x1200.
You may need to do a bit of digging to get at it. Like use cabextract or 
dos2unix.

Or get the PPD from a distro that does work.

For text printing I use paps' instead of cups' texttops. It will even 
print hieroglyphs and needs no configuration.



Foomatic/pxlmono works better quality but very slowly

Previously (debian 6) I was using the postscript driver OK.

thanks for your advice.



Regards,
Rob


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/litds2$6v1$1...@ger.gmane.org

Re: 'no-fixes' in stable

2014-04-19 Thread Lisi Reisz

On Saturday 19 April 2014 00:13:24 wobbly-hs wrote:
> On Fri, 18 Apr 2014 22:39:31 +0100
>
> Lisi Reisz  wrote:
> > On Friday 18 April 2014 18:56:55 wobbly-hs wrote:
> > > Lisi Reisz asked:
>
> ..
>
> > Thanks.  Have you said which printer?  If so, I have missed it. 
> > It is likely to be relevant.  I have absolutely no problems with
> > my Samsung, nor with other Samsungs I have installed for other
> > people, nor with HPs of various types that I have installed.  And
> > PDFs print fine, as does everything else.
>
> hp1320n laser
>
> > Are you using CUPS?  If HPLIP doesn't work, have you tried hpijs?
>
> hplip connection to:
> HP LaserJet 1320 series Postscript (recommended) postscript driver
>
> But shock / amazement!..
> hpijs does work - I thought I'd tried it already but maybe I'd
> copied the ppd or something, this time a clean ppd seems to work
> (but only runs at 600 dpi rather than 1200)
>
> Foomatic/pxlmono works better quality but very slowly
>
> Previously (debian 6) I was using the postscript driver OK.
>
> thanks for your advice.

I'm glad it worked.

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201404190929.08099.lisi.re...@gmail.com

Re: Heartbleed

2014-04-19 Thread Scott Ferguson

On 19/04/14 16:51, Tom Furie wrote:> On Sat, Apr 19, 2014 at 02:33:43PM
+1000, Scott Ferguson wrote:
>> On 19/04/14 07:55, Joe wrote:
> 
>>> As is the light originating inside peoples' homes and passing out
>>> of their windows. In which case it is arguable that it is
>>> perfectly acceptable to collect and record that light with a
>>> camera without asking the permission of those who own the home
>>> and/or who have modified the light...
>> 
>> Most countries don't provide legislative protection from the gaze
>> of people passing by. For reasons of sanity, and something to do
>> with the concept of free will (and personal responsibility).
> 
> There is a very large difference between the gaze of passers-by and 
> actively attempting to see something, especially where recording 
> equipment is involved.

Yes. And in most cases the legislation reflects that. i.e. it's legal to
photograph you sunning yourself through you window - if I take the
picture from the street (public place) - but not if I use a telescopic
lens. Not dissimilar from the difference between recording wireless
broadcasts and recording the (resonant) response from wireless equipment
when you transmit a high power signal at it. Note that in some places
it's perfectly legal for an individual to WARdrive, and in some cases
the local police have done so as "community relations" - but when a
Google Maps car does the same thing the courts decide it's punishable
with a fine.

Regards of the medium or means - it seems the individual is arguing that
what they do in public space is private. Whereas I propose that what you
do behind curtains or a faraday cage *is* private[*1] - what you do in
public space, or on the networks and resources of others is not.

[*1] private as in "on private property", not as in "I don't wish to
share". There is a belief that any gathering of information without the
express permission of the individual is "invasive". When that belief
extends to information that is publicly *disseminated* that belief is
oxymoronic. "unwanted" != "invasive". Taking DNA samples from me *is*
invasive (it invades my personal space), taking DNA samples from cells I
drop in public spaces *is not* invasive (it's just creepy).

> 
> Cheers, Tom
> 

That's not to say I have nothing to hide (I wear pants and use
curtains), just that I don't believe pissing up a rope or relying on
mind over matter are productive exercises.

Kind regards.

-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53522bed.1080...@gmail.com

Re: Network interfaces die when laptop lid closes in Fluxbox

2014-04-19 Thread Michael Biebl

Am 18.04.2014 05:28, schrieb Brian Cottingham:
> I found the source of my problem. Turns out systemd presumes shutting
> your laptop lid means the computer is going to sleep, and notifies
> NetworkManager to prepare for sleep[0]. If the computer does not, in
> fact, go to sleep, NetworkManager never receives the corresponding
> "wake up from sleep" event, and doesn't reenable networking.
> 
> The solution is to tell systemd to not handle lid close events[1] and
> reload your systemd conf (or maybe just reboot).

There is already a fix/workaround in place for NetworkManager, so you most
likely just had an older version installed. See the changelog:

network-manager (0.9.8.8-6) unstable; urgency=medium

  [ Laurent Bigonville ]
  * Rework the fix for #734460, kill NetworkManager in the postinst script
instead of the preinst one to minimize downtime on big upgrades

  [ Michael Biebl ]
  * Don't setup Sleep Monitor if system was not booted with systemd. With a
standalone logind we don't receive the Resume signal after a suspend
request and NetworkManager remains in sleep mode where the devices are
unmanaged. (Closes: #742933)
  * Use dh-autoreconf to update the build system. Override dh_autoreconf since
we need to run gtkdocize.

 -- Michael Biebl   Sat, 12 Apr 2014 12:48:33 +0200


My suggestion is to simply update to 0.9.8.8-6 or newer.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

51 matches

Mail list logo