Re: Security problem
On Tuesday, October 27, Lukas Eppler wrote I have [dists/hamm/main dists/hamm/contrib dists/hamm/non-free] in my selection in dselect. is there a directory to mention to have the security updates quicker than a week, without going slink/unstable? The best thing to do is to subscribe to debian-security-announce and follow the instructions contained in the alerts that we send to this list. The directory where packages meant for stable are stored is dists/proposed-updates, but it's not a good idea to install on your machine every package that lands there, at least not for a production machine. Basically, packages tagged for 'stable' are moved automatically from Incoming to proposed-updates, without any testing. Then, if the package fixes a security hole, some basic testing is done, the advisory is written up and posted to debian-security-announce. More in-depth testing is then done on all packages in proposed-updates, and every couple of weeks the packages in that directory are either moved to stable or rejected, depending on the results of the tests. Hopefully that helped clarify our update process for stable. If anything still isn't clear, don't hesitate to ask. Thanks, Christian Debian Security pgpPJcab4awCX.pgp Description: PGP signature
Re: Security problem
The bug is real, and Debian has a fix. See security lists in Debian. If you are running Debian 2.0 you might have a security hole. There was also security problems with bind. The fixes appear in the current distributions (2.0.2 I think) not in package-updates. Why the bloody hell not? I think that it was moved from package-updates to the main distribution so that if you downloaded it or purchased a new cdrom, it would have the updates in it. Seems reasonable. Correct. This is also explained in the README in the proposed-updates directory. The idea is that you run dselect (or apt-get) on stable every couple of weeks to stay up-to-date with fixes for security holes and other major bugs. Sorry, this makes me angry. Debian does a whole lot on finding these holes, then spreading the information they are there, but then every one has to read at least debian-user or visit the security page on the web to find out. [...] Well, you can also subscribe to debian-security-announce@lists.debian.org Information about every security fix released by Debian is posted there. (To subscribe, send an email to [EMAIL PROTECTED] with the single word 'subscribe' in the subject of the message. And if you're wondering, an announcement about the security-announce list was sent to debian-announce on its creation.) Thanks, Christian Debian Security pgpj8cTagb3C8.pgp Description: PGP signature
What's Group shift/Lock behavior in Xfree86 configuration?
Could anyone explain to me what the Group Shift/Lock behavior stuff in the Keyboard section of XF86Setup is all about? It contains options like: - Use default setting - R-Alt switches group while pressed - Right Alt key changes group etc. Was does it do?? Additionally, does anyone know of an utility for X and the console like internat.exe in Windows that allows you to switch keyboard layout (language) by pressing a key? Is that what the shift/lock behavior setting is all about? Thanks, Christian pgpLg6tVC5QrF.pgp Description: PGP signature
Re: Text to Speech?
On Tuesday, June 02, Marc Lepage wrote What are some good text to speech packages for Linux? Assume only a SoundBlaster for hardware (ie, no dedicated TTS hardware). If you're using emacs, I saw a few emacsspeak packages fly by on the debian-devel-changes mailing-list recently. You might want to look into those. They should get installed into unstable soon. If not, just grab them from an Incoming mirror. I Hope that helps, Christian pgpi1UGKi9JnV.pgp Description: PGP signature
Re: [SECURITY] New versions of gzip available
On Friday, May 15, George Bonser wrote Find a mirror of the Debian incoming directory ... I think there are some listed on the Debian web page ... and grab the new debianutils and install it manually with dpkg -i Debian 1.3.1r8 has been released with a debianutils that makes gzip happy. I don't know about all the mirrors, but I just checked on ftp.debian.org and the (working) bo 1.3.1r8 with debianutils 1.8.9 is there. Again sorry for the trouble this caused. Christian pgpD2mvYbUV8R.pgp Description: PGP signature
Re: [SECURITY] New versions of gzip available
On Thursday, May 14, [EMAIL PROTECTED] wrote [snip] I can't seem to find a debianutils_1.6* under any of the bo* directories on the ftp sites. Mea culpa. debianutils 1.8.9 has been uploaded to Incoming, and will be installed into bo. Sorry for the trouble. Christian pgpWSi309JchO.pgp Description: PGP signature
Re: Where did /usr/tmp go?
On Monday, March 02, Paul Rightley wrote Thanks for the information. I edited the appropriate tripwire config file and had it use /var/tmp instead. Everything is working fine again. Should this behavior be filed as a bug against tripwire (if it hasn't already been done). In short, yes. Christian pgpxIEGrkQXwA.pgp Description: PGP signature
Output of Anacron job `cron.daily' (fwd)
Since I've upgraded to anacron 2.0, I'm getting this email every day: Stopped /usr/sbin/boa (pid 196). Starting boa... File /usr/sbin/suidexec registered but not installed /usr/lib/emacs/20.2/i386-debian-linux-gnu/movemail PERMISSION MISMATCH: was root.mail 2755 changed to root.mail u=rwx,g=rxs,o=rx I know how the fix for the first two lines... but what do the last two mean exactly? And how do I make them go away? Christian pgpYUAvy6c4Lr.pgp Description: PGP signature
Meta key doesn't work anymore in xemacs!
Hi, I'm running xemacs20 instead of emacs now, and my meta key doesn't work. Each time xemacs starts up, it complains that (1) (key-mapping/warning) XEmacs: Meta_L (0x73) generates both Mod1 and Mod4, which is nonsensical. I filled a bug report about that, but in the meantime how do I make this message go away? Thanks, Christian pgpnEogbtzTp1.pgp Description: PGP signature
Re: [SECURITY] Weird user
On Saturday, August 16, George Bonser wrote I am not sure if some daemon in Debian installed this while I was not looking but I am taking it as an attack until I know more. I looked in /home and noticed a user account that I do not remember setting up. It is /home/bc It was owned by the user bc and group daemon. Does anything in Debian create such a user account? As far as I know, no. Christian pgpjPXZ5sQ9nE.pgp Description: PGP signature
Re: FTP availability of last set of X 3.2 packages.
On Jul 11, Rob Browning wrote Do any of the ftp sites still have the last round of X 3.2 based packages? I looked around on ftp.debian.org, but couldn't find them. Couldn't log on to ftp.debian.org, but try ftp://ftp.kernel.org/pub/mirrors/debian/Debian-1.2-fixed/ Christian PS Be aware that xfree 3.2 has a big bad buffer overflow. I hope you trust the people who have accounts on your machine if you downgrade to it... pgpBU3XwMXNrB.pgp Description: PGP signature
Re: gcc, libraries, executables
On Jul 7, Rick Hawkins wrote I'm trying to compile development versions of lyx, and am having problems with gcc or it's libraries (i think). configure: error: installation or configuration problem: C++ compiler cannot create executables. bash-2.00# You'll need the g++, libg++ and libg++-dev packages if you want to compile C++ programs. Christian pgpSZKf33BXQb.pgp Description: PGP signature
Re: Afterstep problem solved
On Jul 7, Jason Westervelt wrote nah.. that only gets a few other icons to pop up... don't ask why, but the TOP button (the one that has the lock buttons, shutdown, etc) will ** NOT ** have an icon until you install procps and xproc.. very weird.. Even if you don't swallow an xload into your afterstep dock? Now, *that* would be odd. Christian pgpiArTG67Omo.pgp Description: PGP signature
Re: nice job with Debian CD-ROM!
On Jul 6, Bob Billson wrote I am curious what the difference is between the 'Official Debian 1.3' and LSL's 'Oficial Debian 1.3'. I thought I saw something that if the CD vendor changes or doesn't use something they can't use the former title. What did LSL not use or leave out? Thanks for the nice words. I'm sure the oficial is just a typo. If memory serves, LSL manufactured their CDs directly from the masters put together by Debian. You might want to email them about that (i.e. the typo), but I guess they probably have heard about it already... Christian pgpBcSUO2a5XG.pgp Description: PGP signature
Re: 'date'
On Jul 6, [EMAIL PROTECTED] wrote I have a ls-lRa.gz of ftp://ftp.debian.org/pub/debian and have ' zcat ftp.debian.org-pub.debian-ls-lRa.gz | grep sh-util ' but found no such package ... Any ideas how on debian do I upgrade the 'date' program ( and the rest of the sh-utils programs )is greatly appreciated. The package you're looking for is 'shellutils'. Upgrading it to the latest version will fix your problem. (It is at 1.16.) Btw, dpkg --search can tell you to which package a file belongs. So in this case: [EMAIL PROTECTED]:[~] dpkg --search /bin/date shellutils: /bin/date Christian pgp1XVPJ9ABXE.pgp Description: PGP signature
Re: I broke 'whatis'. How do I fix it?
On Jul 5, Dave Cinege wrote I don't know how the hell I did it, but I broke whatis. Whereis works. But whatis always returns Nothing appropriate. Whatis works on all my other machines. This machine is a clean 1.3.0 install, but I have installed quite a bit of extra junk. Try doing mandb -c to rebuild the database used by man and whatis. If that doesn't work, you might want to try reinstalling the mandb package. Christian pgpiQeZu4hN0O.pgp Description: PGP signature
Re: Installing debian
On Jul 6, Niklas Hoglund wrote I accidently removed my linux partition *GAAAH* ... anyway (after an couple of days depression ;)) I´d like to install debian again ... heres the problem... I destroyed my floppy =(is there ANYWAY(!) to install debian without floppy?? (I´ve got a redhat cd that allows me to install redhat without floppy...but...redhat *brrr* =))... The Debian 1.3 Official CD (at least) allows you to boot directly from the CD for the install. So if you don't have a recent Debian CD around, it looks like this would be the best solution. Christian pgpWl8JxBGEyW.pgp Description: PGP signature
Re: Can't execute slrn in 1.3.1
On Jul 3, Bob Nielsen wrote I updated to 1.3.1 from 1.3 and now I get the following when I try to run slrn: [nielsen:nielsen]$ ls -al /usr/bin/slrn -rwxr-xr-x 1 root root 171072 Jun 23 08:26 /usr/bin/slrn [nielsen:nielsen]$ /usr/bin/slrn bash: /usr/bin/slrn: No such file or directory It's really there (or is it?) If memory serves, you get that error message when you're trying to run a libc6 program without libc6's dynamic linker. Do ldd /usr/bin/slrn and see what it tells you. If the slrn from stable needs libc6, then you should definitely file a bug report against it. Christian pgprNlP3xL9KJ.pgp Description: PGP signature
Re: No man
On Jul 4, Will Lowe wrote Ok. I upgraded from 1.2 - 1.3 the other day. Got an error saying that mandb conflicted with man, so I purged man and installed mandb, thinking that the latter replaced the former. Now I've got no man. Any clues? Reinstalling mandb should fix it. Christian pgpN866Wrd6Tq.pgp Description: PGP signature
Re: Audio support
On Jul 4, Jason Westervelt wrote [snip] After asking several sound card questions, I get error messages stating that stdio.h and 4 other *.h files could not be found. Do you have libc5-dev installed? If not, install it and try again. Christian pgpUT0p4swhKr.pgp Description: PGP signature
Re: putting lilo on the mbr, help please
On Jun 23, Ed Urenda wrote Hello, any help with the folowing would be greatly appreciated: I have an ide with debian 1.3 and win 95 on it and decided that the rewrite_table option in lilo would be the easiest way to dual-boot the system. The recompilation of lilo with the rewrite_table option was successful, but when I add a section for win95 in lilo.conf and run /sbin/lilo it complains that lilo must reside on the mbr (i assume that win95 has taken the mbr). How can I put lilo back on the mbr? You need to use the 'boot' command, I believe. Something like boot = /dev/hda in the global section of your lilo.conf. But please doublecheck with the lilo manual before adding that to your lilo.conf. Christian pgpnDukwrNYKf.pgp Description: PGP signature
xauth +, not a good idea...
On Jun 21, Gernot Bauer wrote Hi, I recently upgraded my Xfree setup to 3.3 from unstable. But now I seem to have some problems. Only the user that runs the xserver (startx) can run apps on it any attempt to run an app by another user is refused. eg below; # xhost Xlib: connection to :0.0 refused by server Xlib: Invalid MIT-MAGIC-COOKIE-1 key xhost: unable to open display :0.0 # Isnt this a feature? Did you try xhost +? My root-user also must not open windows on my (user-)screen. xhost + disables this. ... and enables anyone on the Internet to connect to your X server and, say, stuff the string rm -rf / in an open root xterm. Or read everything you type, inluding passwords. Doing xhosts + in response to an Invalid MIT-MAGIC-COOKIE-1 key is pretty much the equivalent of making all files writable by anyone (chmod -R ugo+w /) and setting all the passwords to in response to a permission denied error when trying to access a file. Anyone that can get to your machine can now do pretty much anything they want to it. So, unless your machine is never connected to any kind of network, it's definitely a *bad* idea. And the Invalid MIT-MAGIC-COOKIE-1 key message that other users get when trying to connect to your X server is definitely a *feature* (enclosed in stars) as opposed to a feature (enclosed in quotes). If you trust everyone who has a login on your machine, do xhost +local: instead of xhost +. This will allow only non-network, local connections to your X server. If you don't trust every user on your machine, you'll need to learn a bit about xauth. xauth list $DISPLAY will list the key for the display $DISPLAY. [EMAIL PROTECTED]:[~] xauth list $DISPLAY pianocktail.org/unix:0 MIT-MAGIC-COOKIE-1 53a82429fe56a1cf5236f3d4852e7d79e Anyone who has that key is authorized to connect to the X server managing display $DISPLAY. So say you want to grant user bar access to the display that user foo is using, you just do (as bar): [EMAIL PROTECTED]:[~] xauth add pianocktail.org/unix:0 MIT-MAGIC-COOKIE-1 53a82429fe56a1cf5236f3d4852e7d79e (Everything after the 'add' was copied (using cut and paste) from the output of the 'xauth list' command.) You can automate this a bit more if you can use something like rsh or ssh. Then doing (as user foo): [EMAIL PROTECTED]:[~] xauth extract - $DISPLAY | ssh -l bar localhost merge - will give user bar the same access rights over the display $DISPLAY as user foo. By changing 'localhost' to some other host name, you can give a user logged onto another machine access to your display. (extract/merge work in a binary format instead of text, so they're not really suitable for cut and paste work.) If you logged in as a non-root user and want to give root on that machine the right to open xterms, etc. (maybe you want to install the latest Debian packages from stable), there's an even easier way. Since root can read other users' files, you can just tell root to use user foo's $HOME/.Xauthority file (which is where all the information we've just manipulated using 'xauth' is stored)... Just setting root's XAUTHORITY environment variable to (say) /home/foo/.Xauthority will tell root to use the keys contained in that file when she needs to authenticate herself to the X server (to, say, open an xterm). I hope I've been convincing enough on these two points: 1. Doing xhost + is simply a *bad* idea. 2. Doing it right (i.e. with xauth, .Xauthority and MIT magic cookies) really isn't that hard. If you have questions, please don't hesitate to ask here Christian Debian Security Officer PS Not that the MIT magic cookie scheme is perfect... The cookies aren't encrypted when they are transfered between the X client and the X server. So if you're connecting over a network, people who can snoop on your packets can grab the magic cookie and then use it to connect to your X server and do nasty stuff. But that's quite a bit harder to do. And since it requires snooping, it won't work for local X connections. If you want to do remote X connections securely, you really want to have a look at ssh. It makes it easier to have secure X connections than unsecure ones. (No need to do any xauth stuff.) There's a Debian package for it on the Debian non-US ftp site. PPS Where do people learn to xauth +? Would having a file that explains what the Right Thing (tm) to do is be a good idea? Something that would get installed with Debian's X11 packages, or something... pgp022jrMPh0k.pgp Description: PGP signature
Re: Can't deinstall package
On Jun 19, Mark Phillips wrote The file kernel-source-1.99.7.list is empty. Can you give me a list of files to check for before removing mention of it from status? Oh. It looks like none of the files from the package (except the dpkg 'control' files) got installed. Then just edit the file /var/lig/dpkg/info/kernel-source-1.99.7.postinst so that it reads like this: #!/bin/sh exit 0 Then do dpkg --remove --force-remove-reinstreq kernel-source-1.99.7 again and it should work this time. After that you can remove the .linux-versions file by hand (assuming you don't have any other kernel-source packages installed). Christian pgpvWHstSvHKH.pgp Description: PGP signature
Re: Linux FS Question
On Jun 18, Rick Macdonald wrote Well, you could overwrite the file with gibberish _before_ deleting it. I think that's what Norton does, several times if I remember correctly. That's to comply with US federal regs, which seem a bit superstitious to me! Actually, the giberrish itself is probably some specified bit pattern. Actually it's not superstition at all. I think you can still recover a file that's been overwritten once with zeroes... just open the HD (in a clean room, of course) and read off the sectors with a electron microscope (or something like that). The voltage levels will all be bellow the 'zero threshold' but they won't be all equal, and from the small variations you can recover the contents of the file before it was overwritten with zeroes. Of course, whatever was written on your hard drive must be worth quite a bit of cash (to you or to other people) for this recovery method to make sense economically. So the 'overwrite multiple times' precaution is probably overkill for the vast majority of people. Christian pgp4weHG5n9wM.pgp Description: PGP signature
Re: Are spammers subscibing to the lists?
On Jun 18, joost witteveen wrote Seriously, though: Is there a way (with procmail or other) that I can automatically forward all email with non-existant Reply-To: addresses to /dev/null? That would probably halve the amount of spam I get. Huh? You meant 'invalid', not 'non-existant', right? Most email doesn't have an Reply-To... no need if the From address is correct. Assuming you were talking about 'invalid' addresses, you'd probably need a small C/perl program to check the addresses (you have to do a DNS lookup for MXes, etc.) Christian pgpRIZcxlcVoh.pgp Description: PGP signature
Re: Are spammers subscibing to the lists?
On Jun 18, Bruce Perens wrote It looks as if someone is trolling the Debian mailing lists and spamming their subscribers. The spammer may be getting them via the news gateway. Hmm. But wasn't the news gateway taken down a few monts ago? Christian pgpNLeBtO04r7.pgp Description: PGP signature
Re: Can't deinstall package
On Jun 16, Mark Phillips wrote Hi, I have a package kernel-source-1.99.7 which for some reason is half installed. When I try to deinstall it I get this: [snip] How do I get rid of it? If reinstalling the package really isn't an option, you can try passing the --force-remove-reinstreq to dpkg when removing the package. Christian pgp5FCSnPy8Ok.pgp Description: PGP signature
Re: Elvis problems in X (was: Re: No Termcap)
On Jun 16, [EMAIL PROTECTED] wrote I have a question about elvis, rxvt and termcap. I think the Debian package of elvis still needs termcap. Nope. Package: elvis Priority: optional Section: editors Installed-Size: 775 Maintainer: Erik B. Andersen [EMAIL PROTECTED] Architecture: i386 Version: 2.0-8 Replaces: elvisnox, elvisx11, elv-vi Provides: elviscmn Depends: libc5 (= 5.4.13-1), ncurses3.0, xlib6 (= 3.2-0) [snip]^^ As you can see, it uses ncurses (which uses 'terminfo' for its terminal database), not termcap. Does anybody have the same experience or am I the only one with this problem? BTW, the only reason I have for running rxvt is the color support that is default. Does anyone know an easy way to get color support in the xterm that comes with the Debian installation of X? To get color by default in xterm's, add the line XTerm*customization:-color to the file /etc/X11/Xresources. Works for me. I don't do vi, so I can't really help you with your problems. But are you using the elvis Debian package? I got the impression from your message that you aren't. If so, you might want to install it and see if it works better. And if it doesn't, you should file a bug report about it. It's real easy. Just email [EMAIL PROTECTED] The first line of your message should say Package: elvis, the second line should say Version: 2.0-8 (or whatever version you have installed). Then you explain what doesn't work right, including error message given by the programs, etc. The more details, the better. Christian pgpoAoh6K9wte.pgp Description: PGP signature
Re: Can't deinstall package
On Jun 18, Mark Phillips wrote Thanks for the advice. I gave it a go and came up with: # dpkg --remove --force-remove-reinstreq kernel-source-1.99.7 dpkg - warning, overriding problem because --force enabled: Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. (Reading database ... 28305 files and directories currently installed.) Removing kernel-source-1.99.7 ... The file /usr/src/.linux-versions does not exist. This is an misconfiguration, making it hard to provide a /usr/src/linux symlink if the latest target is removed. Please Hit return to continue. Error: /usr/src/linux not a symbolic link, not removing. dpkg: error processing kernel-source-1.99.7 (--remove): subprocess post-removal script returned error exit status 1 Errors were encountered while processing: kernel-source-1.99.7 So I still can't get rid of it. Any more ideas? Hmm. You installed your own kernels over the one that kernel-source-1.99.7 had installed, right? Did you remove the 1.99.7 kernel source tree by hand or is it still lying around somewhere under /usr/src or have you moved it somewhere else? Could you also tack on the contents of the postinst script (i.e. /var/lib/dpkg/info/kernel-source-1.99.7.postinst) to your next message? Btw, is the kernel-package maintainer reading this? Christian pgp4iasMZXxbK.pgp Description: PGP signature
Re: xlockmore and shadow?
On Jun 13, Hanno Wagner wrote Hi, I have now upgraded my normal passwd-system to shadow. It works perfectly - but xlock won't run anymore. It tells me following: [EMAIL PROTECTED] ~]$ xlock xlock: it looks like you have shadow passwording. Contact your administrator. Well... I asked the package maintainer (it is the last version of xlockmore I am using Version 4.02-1). And I verified the group and s+bit of xlock: [EMAIL PROTECTED] ~]$ ls -l `which xlock` -rwxr-sr-x 1 root shadow 462824 Apr 25 01:53 /usr/bin/X11/xlock Hmm. That's kinda odd. Maybe check the permissions on your /etc/shadow file. It should be: -rw-r- 1 root shadow897 Apr 6 03:40 /etc/shadow Christian pgppPP5Rg3357.pgp Description: PGP signature
Re: Couple little things (bugs?)
On Jun 3, Jaakko Niemi wrote 2) xmkmf has diappeared from xbase-package. It is still in xbase3.2-3, but not in 3.2-6! Should this package be moved to X-files ? :) I couldn't find any information nor relevant docs. Where is changes-file from /usr/doc ? It was a 'development' program, so it's been moved to the xlib6-dev package. You will want to install this package if you're compiling programs that use X. Christian pgpThHvZAnrRT.pgp Description: PGP signature
Re: When will Debian 1.3 be available?
On Jun 4, Joerg Friedrich wrote Hi! Debian 1.3 is announced on www.debian.org, but stable is still linked to rex on ftp. When will 1.3 be available? The Debian 1.3 symlink has been made on master, so it's just a matter of waiting for the mirrors to catch up now. Christian pgppjiy5Cm6CA.pgp Description: PGP signature
Re: text mode 3270 emulator?
On Jun 3, Marcelo wrote Does anyone know of a _text mode_ 3270 terminal emulator for debian (package, pre-compiled or source that compiles under debian)? There's 'tn3270', but it's not packaged for Debian. I looked at it a while ago but it required the NetKit source to compile... Peter, would you be willing to package it up? Since you're the netbase/netstd maintainer, it'd be easier for you than for anyone else. I'd be willing to provide help if you have problems doing so... Christian pgpWscmUgN6tm.pgp Description: PGP signature
Re: SU Problems
On Jun 2, Ed Donovan wrote You could just add xhost +localhost to your .xinitrc file, if you don't have any xhost commands there already. Jens has suggested export XAUTHORITY=~paul/.Xauthority; I don't immediately know which method would be preferable. The xhost method would solve this problem for any userid, and wouldn't require changes to any other config files to automate it. [snip] ... but allows any local user to connect to your X server, spy on your keystrokes and generally wreak havoc on your machine if they feel like it. So it's a very bad idea Setting XAUTHORITY (or copying the .Xauthority file) is better. Assuming nobody can snoop on the file while it is being copied, your machine is just as secure as it was before... only users who have the proper .Xauthority file can connect to the X server. (I've made myself a tiny alias called 'sysadmin' which copies the .Xauthority file to root's account and then spawns an xterm with su - root. Works like a charm.) Christian pgpukDcd4OmI6.pgp Description: PGP signature
Re: Debian quality
On Jun 1, Randy Edwards wrote I read a fragment of one message somewhere that 1.3 is actually in the frozen subdirectory; is that true? If I were to make my dselect point at stable, non-free, contrib, and frozen would that cause the upgrade? Or should I wait until it's moved from frozen to stable (anyone know if/when that'll be?)? Yes, the 1.3 release candidate is held under the 'frozen' directory. But since Debian 1.3 should be released during the coming week, I'd say wait until frozen gets moved to stable. Because of the way dpkg/dselect is currently built, you will probably need to cycle a few times between Install (for the 'unpacking' phase) and Configure (for the 'configure' phase) to get everything installed. Anything that isn't fixed by running install/configure again is very probably a bug and should be reported as such, or at least discussed on the Debian mailing lists. (We can't fix it if we don't know about it.) But Debian 1.3 has seen quite a bit more testing than 1.2, so the upgrade should go fairly smoothly (if not very smoothly). Christian pgp4CKJHY9T2b.pgp Description: PGP signature
Re: Debian quality
On Jun 1, stephen farrell wrote Hm... I've found (so far...) on rather important flaw. Perhaps I'm missing it, but it appears that xlockmore doesn't know about shadow passwords? Are you sure you're running the latest version from frozen? (i.e. 4.02-1) It's got not problem with my shadow passwords. Or maybe this is a permission problem... /etc/shadow should be readable by group shadow, and xlockmore should be setgid shadow. Christian pgpOXlzU1ZL36.pgp Description: PGP signature
Re: Debian quality
On Jun 1, stephen farrell wrote Perhaps I didn't set up shadow stuff correctly? I kind of stumbled upon it: I noticed references to it, and I typed pwconv (which I recognized from my solaris systems) and things seemed to work pretty happily (except xlock), so I figured that this was it. Is there a convert me to shadow jobber I might not have noticed? Oh. That's the reason. You're supposed to turn on shadow passwords using the shadowconfig command. Maybe that should be better documented. You probably want to do a shadowconfig on since it does a few more things than just running pwconv. (Take a look at it if you want, it's just a simple shell script.) For more details, read /usr/doc/passwd/README.debian.gz thanks (and sorry for the newbieness--I've just been running debian for like a week now). No problem! And newbieness is fully allowed on debian-user, no need to excuse yourself. Christiain pgpOazh2jNe6n.pgp Description: PGP signature
Re: gethostby* different in libc6
On Jun 1, Carey Evans wrote I would prefer not to be told that www.debian.org, for example, is authoritatively known not to exist, especially if there was just a temporary problem with the name servers. Should I report this as a bug against libc6? Looks like a bug to me. Better to report it to our bug tracking system and have the Debian libc6 maintainer close it (providing an explanation) if it isn't a bug than to let a potential bug like that pass by. Christian pgpLQHPPpauxD.pgp Description: PGP signature
Re: Debian Security packages?
On May 22, Kendrick Myatt wrote Be happy to make them... what all is involved? Do I have to have permission of the author or anything weird like that? Please point me in the direction oif whatever I need to get started. Sorry for the delay... To get started building Debian packages, you should take a look at the Debian Packaging Manual and the Debian Policy Manual. The former describes the technical details of building packages (what goes into a Debian source package, what goes into a .deb file, etc.) It comes comes with the dpkg package, so you should already have it installed under /usr/doc/dpkg/packaging.html The policy manual describes what should go into a Debian package and how it should be organized (permissions of files, etc.) To get it, install the debian-policy package. Section 6 talks about how to become a Debian developper, so you'll definitely want to read that one. Another section talks about package copyrights (what kinds of copyrights are too restrictive for Debian, etc.) Usually you don't need to ask permission from the upstream author... they either allow other people to modify their program and upload binaries, or they don't. To know if you're allowed, you'll have to read the package's copyright notice. For instance, packages which are distributed using the Artistic License, the GPL or the BSD license are fine... in these cases, there's no problem with packaging up the program for Debian and you don't need to ask any kind of permission to do so. If you're not sure whether the package's license allows you to package it up for Debian, ask on the debian-devel mailing list and people will help you. Finally, to create Debian packages, you'll need the dpkg-dev package... but you probably already have it installed since it is marked with priority: important. [EMAIL PROTECTED] (Karl R. Sackett) has his name listed besides the satan and gabriel packages in the Work-Needing and Prospective Packages list, so if you were planning to package one of these you should email him first to ask him if he's still insterested in packaging them up. Hopefully that answers your questions... If you have any more, don't hesitate to ask them, either here or on debian-devel. Thanks, Christian pgpx3hLV60LD5.pgp Description: PGP signature
Re: File version conflicts...
On May 29, Curt Howland wrote I am trying to install the basic ftp file set, and I get the following errors: The problem is that the versions of libc5 and libc5-dev don't match (and likewise for libreadline2 and libreadline2-dev). If you're not planning on doing development, you don't need the -dev packages. Otherwise... What are you trying to install from? Whatever it is, it's got a problem. Debian 1.2 and the soon to be released Debian 1.3 don't have that problem on ftp.debian.org. You might want to get your packages from there, or at least from a mirror that's closer to ftp.debian.org. (Assuming you are doing your install through ftp.) Christian pgp7Rk2Vs87wu.pgp Description: PGP signature
Re: File version conflicts...
On May 30, Curt Howland wrote Believe me, that was the first thing I thought of. Trouble is, ftp.debian.org is exactly where I'm getting it from. Well, I just checked the version of libc5 and libc5-dev for every distribution on ftp.debian.org and they match, so your problem is elsewhere. You'll have to provide more information... what distributions are you installing? Using dpkg-ftp or something else? etc. Maybe the problem is caused by old files lying around under /var/lib/dpkg/methods/ftp/debian... Christian PS Please keep the cc to debian-user. Other people might have a better clue as to the cause of your problem... pgpkFNLjUnvWw.pgp Description: PGP signature
Re: hosts(5) man page
On May 26, Tony Finch wrote Which package (if any) contains the hosts(5) man page? Using the nifty search engine at http://www.debian.org/packages.html (scroll to the bottom of the page), no package in the latest release contains a manpage for hosts(5). Christian pgphfgt07bfUw.pgp Description: PGP signature
Re: #debian irc channel
On May 24, Igor Grobman wrote Just wanted to remind you that #debian channel is still available. [snip] It would be nice if someone who knows IRC well could write up a description of the resources available to Debian users over irc and get it included in the FAQ and on the Support section of the web pages. Anybody up to it? Christian pgphYlZsOl2wl.pgp Description: PGP signature
Re: Debian Security packages?
On May 22, Kendrick Myatt wrote Hello :) I have looked but not found many Debian packages of popular security programs such as crack, lsof, cops, iss, satan, swatch, etc. I did find tripwire on the debian site, though. Are these kept somewhere else, or do they not exist? Just wondering if I should go ahead an install the non-package versions I already have... I'd rather have the packages, of course :) We have lsof, qcrack, courtney and tripwire... all in the main distribution I think. As far as I know we don't have the others packaged up... It'd be great if you could package a few of them for Debian, since you're interested in them. Christian pgp2s4WAKgjvN.pgp Description: PGP signature
Which program 'owns' srm.conf?
Hi, During a recent cron run, I got a complain about the file srm.conf... Could someone tell me which program uses this file? There's no manpage for it and dpkg -S doesn't know about it. Thanks, Christian pgpvy6zb8hEKd.pgp Description: PGP signature
Re: deselect warnings
On May 19, Bob Nielsen wrote Recently I have started getting the following message when running dselect: perl: warning: Setting locale failed for the categories: LC_CTYPE LC_COLLATE perl: warning: Please check that your locale settings: LC_ALL = (unset), LC_CTYPE = (unset), LC_COLLATE = (unset), LANG = us are supported and installed on your system. perl: warning: Falling back to the C locale. As far as I know, us-ish isn't yet considered a separate language from English. :-) Set LANG either to en or en_US and perl will be happy again. Christian pgpL0kfjRZA8T.pgp Description: PGP signature
Re: libc6 question
On May 20, joost witteveen wrote I don't want to install libc6 yet because of possible glitches. Thanks As far as I know, there are *no* glitches, at least not with the old libc5 programmes still on your system. The only thing that *might* go wrong, in case there are bugs in libc6, are the new libc6 programmes. To echo what Joost said, there are no problems with installing libc6. It will coexist just fine with libc5 (just like libc5 coexists with libc4). If you want to *compile* programs with libc6, the procedure is still a bit messy right now. But if you stay away (for now) from the -dev stuff with libc6 in unstable, you should be just fine. So go ahead and install libc6. Christian pgpT4YbDUdE7l.pgp Description: PGP signature
Re: dselect and unstable packages
On May 18, Glen Carreras wrote First let me apologize if this has been answered previously, however I scan the list daily and have found no reference to this yet. It seems that I cannot get dselect to successfully complete operation when I try to work with the unstable ditributions. (i.e unstable/main unstable/contrib unstable/non-free) There is a bug in dpkg-ftp. Here's how to fix it. Edit the file /usr/lib/dpkg/methods/ftp/install. Find the section that looks like this: print \nProcessing Package files...\n; my $dist; foreach $dist (@dists) { my $fn = Packages.$dist; if (-f $fn) { print $dist...\n; procpkgfile($fn); } else { print Couldn't find packages file for $dist distribution (re-run Update)\n; } } And replace it with this: print \nProcessing Package files...\n; my $dist; foreach $dist (@dists) { $dist =~ tr/\//_/; my $fn = Packages.$dist; if (-f $fn) { print $dist...\n; procpkgfile($fn); } else { print Couldn't find packages file for $dist distribution (re-run Update)\n; } } The new tr line converts slashes to underscores. I'm sorry this is getting so long. I have been dealing with this since the hamm distribution started, thinking that this would soon be a corrected bug, but I'm starting to think maybe it's something wrong with my installation since there is no discussion on the list about it. Any help would be much appreciated. There has been talk about it on debian-devel and bugs report filed, but the maintainer seems to be away from his email. Hopefully someone will do a non-maintainer release to frozen fixing this bug, or this might become a FAQ for 1.3 Thanks, Christian pgp3HSUoq3IKr.pgp Description: PGP signature
Re: where is libXmu.so.6?
On Apr 28, Kevin M. Luck wrote Hello. I'm a new debian user who just installed the floppy version of 1.2 to a p75, and I'm now trying to add X11R6. I've installed xbase, xfntbase, xlib6, xserver for vga16 and s3 (my card), but am unable to run any x software because I always get a xinit: can't load library 'libXmu.so.6' error. I've checked my paths in /etc/ld.so.conf and /usr/X11R6/lib is listed all right, and I've used updatedb and locate to search for the file to no avail. I've also tried adding xcompat, xlib6-dev, and xslib, but none of these have helped. If anyone can help me, I'd really appreciate it. Hmm. That's odd. libXmu.so.6 should have come with the xlib6 package. At least that's the way it is on my system: [EMAIL PROTECTED]:[~] dpkg -S libXmu.so.6 xlib6: /usr/X11R6/lib/libXmu.so.6.0 xlib6: /usr/X11R6/lib/libXmu.so.6 Do dpkg -L xlib6 (this will list all the files that came with the xlib6 package that you installed). If libXmu.so.6 isn't in the list (would be really surprising) then check if you have the latest version of xlib6. If libXmu.so.6 *is* in the list, then it means that the file got deleted somehow after you installed xlib6. Reinstalling xlib6 should cure that. (To make sure that the libXmu.so.6 file is in the xlib6.deb file, you can use dpkg -c on the .deb file to list its contents.) Luck, Christian pgpD0O1AbeHrT.pgp Description: PGP signature
Re: Directory permissions.
On Apr 29, Nathan E Norman wrote On Tue, 29 Apr 1997, David Wright wrote: On Tue, 29 Apr 1997, Rick Jones wrote: [ description of problem ] I did this to avoid a full install when I repartitioned since I have no backup system and have installed from ftp. Somebody out there must have a good way to reset my ownerships. Well, the /easiest/ way might just be to copy the files in one of the correct manners, overwriting both them and their ownerships. For example, tar to stdout and pipe it to stdin of another tar with --save-permissions and --save-owners (done as root). Using the correct tools is important. David gives you one such tool - I personally type the following command in the directory I wish to copy: find . -print | cpio -p /target. This is of course a simplification; find and cpio have a lot of powerful options, and people will argue the merits of tar vs. cpio all day. It works for me. At any rate, mc is not up to the task. Or, since Debian has GNU cp, I simply use cp -a. It preserves everything. (The 'a' stands for archive.) You might want this as a bug report against mc, though. If it said 'preserve' in the menu, IMHO it should preserve both files and directories's permissions. Christian pgpotaGkykCH7.pgp Description: PGP signature
Help with sed!
Could someone explain this to me... To automate the configuration of some of my debian packages, I need to be able to replace the first (or second, etc.) line in a file by a line I supply. Now it would seem that this is a job for sed. But the sed 'c' command expects \\\n (i.e. backspace, newline) to precede the replacement text, and \n (i.e. newline) to come after it. Now my question is, how do I manage to get these characters in a makefile (or when typing on a command line)? Thanks, Christian pgpdoNeKTWRKu.pgp Description: PGP signature
Re: Detached PGP signatures in mail?
On Apr 20, Ron Murray wrote It seems a few of you are using a mail agent that's capable of generating a detached PGP certificate of your message and including it as a MIME type of application/pgp-signature, apparently under the impression that we're all going to take the time to check whether or not it was really you who sent that embarrassing message. Not at all. The point of PGP/MIME (I believe that's what it's called) is that the whole business of signing, checking signatures, etc. can be cleanly and easily automated. I'm sure someone will be able to point you to the relevant RFC if you want to know more. I don't know how the average Linux mailer handles these, but I use Windows 95 (no, don't bother flaming) in my main machine, with Eudora as my mailer. I'm getting a little tired of my attachment directory filling up with little PGP signatures which contain no indication of which message they belong to, even if I wanted to crank up PGP to check them, which I don't. (Note: this is NOT an attack on PGP: I use it myself. The issue is that I don't need any help to clutter up my hard drive -- I can manage that quite well on my own, thank you very much). Usually quite nicely. For instance with pine, you get a few lines at the bottom of the message saying Unknown type application/pgp-signature, use 'V S' to save to a file or something like that. You mean that Eudora dump all the attachments it sees into a directory? Isn't the point of an attachment that it should stay attached to the mail it came with (until you detach it)? Ugh. That pretty much rules out Eudora for me as a windows email program. Since I've written a Eudora 3.x plug-in to interface with PGP anyway, I thought I'd add a translator for these signatures and have it discard them. I think it should work, but I have no way to test it except to wait for a Debian user digest with a signature in it, and see what happens -- and, would you believe it, since I've written the translator, no PGP signatures have turned up! Ask and you shall receive! grin (Yes, I'm one of those people that sign their emails using PGP/MIME.) A better way to test it, of course, would be to obtain whichever mail agent generates these things, install it on my Linux machine, and send messages to myself for collection with Eudora. In the interests of harmony, can one of you people who are generating these detached PGP certificates tell me what mail agent you're using to generate them? And, if it's a little obscure, or hard to obtain outside the USA, a site I can obtain it from? One of the mailers is mutt, available as a Debian package on your nearest Debian mirror. But instead of writing a plugin that discards the signatures, wouldn't you want to write a plugin that uses PGP to check them? Christian pgpT9qWtbvZi8.pgp Description: PGP signature
Re: setserial problems...
On Apr 20, Paul J. Clegg wrote I tried to move the 0setserial file out of rc.boot, but during boot I still saw setserial assign everything. When I moved 0setserial back in, setserial was called twice! On top of that, I can't find a call to setserial in any of the other rc*.d directories, nor in init.d. I tried editing 0setserial to manually assign irq 2 to tty2, but during boot up it seemed to ignore it! To find all the files that reference setserial under /etc, do find /etc -type f -print | xargs fgrep -l setserial What you want to do after that is to edit the setserial call so that it assigns the right irq to your serial port. There are plenty of examples in 0setserial, so I'm sure one of the will match what you want to do. Christian pgp8OsmKOe6Bc.pgp Description: PGP signature
Re: DEITY TEAM -- REQUEST FOR FUNCTIONALITY and COMMENTS
On Apr 15, Dale Scheetz wrote Isn't this already available with get_selections and set_selections? Yeah, but only 'oldtimers' know about that. I'd be nice if it could be integrated in a more user-friendly way into dselect 2. Something like: Select Packages - Full list (provides collapsible tree list of all the packages - Package Groups (provides often-used configurations like 'C development machine', web server, etc. to help newbies get a working system quickly.) - Read Selection list (for sysadmins doing installs of Debian on many machines) Of course, there should also be a way to save the selection list to a file somewhere. Christian pgpCesblAAnwi.pgp Description: PGP signature
Re: Mounting a floppy
On Apr 17, Philippe Troin wrote Here it is: man mount. Explained a little further: add a line like this in /etc/fstab: /dev/fd0 /floppy msdos rw,uid=0,gid=25,noauto,user,umask=007 Now everyone can mount and umount the floppy, but only the users belonging to group floppy (GID 25) will be able to read and write it (this what the umask command does). Hmm. Is there any way to do this for cdrom's too? I'd like to restrict access to whatever is mounted under /cdrom to a given group. Btw, affs is providing a feature equivalent to msdos's umask, except that they called it 'mode' instead. I'd be nice if the option names were consistent... Would should I talk to about that? Christian pgpX5qpit6B3p.pgp Description: PGP signature
Re: Mounting a floppy
On Apr 18, Philippe Troin wrote Yes, of course. Pick a GID, replace /dev/fd0 by /dev/cdrom (or whatever the cdrom device is), and replace the gid=25 by something else. Hmm. There's one slight problem. It doesn't work. :) First, there's no mention of 'umask' under the mount manpage, so that's kinda suspicious. And I tried both umask (on a RockRidge CDROM) and mode (on a plain CDROM)... and they don't work. All the files still come out as 444. I'm running Linux 2.0.30, if that makes a difference. Basically, I don't care very much about the permissions of the files under the mountpoint. What I'd want is a way to force the mountpoint to a given uid/gid and permissions upon mount. Doesn't look like that's possible. Christian pgpBP4rfFrLZh.pgp Description: PGP signature
Re: master.debian.org???? BIG PROBLEMS??
On Apr 16, Rick wrote There is nothing listed under /pub/Linux/Debian any more. Did you hide the directories for some reason? Is this a, dreaded, file system problem? What happened guys? This sounds like a ftp daemon problem on master. The files are still there when I log in to master. Mike: wouldn't it be a good idea to make ftpd print out a please report any problems with this server to [EMAIL PROTECTED] blurb? That way problems with the ftp server would mailed to your private mailbox (faster response time) instead of being posted on debian-user. snip [EMAIL PROTECTED]:[~/debian] ftp ftp open localhost Connected to localhost.i-Connect.Net. 220 master.debian.org FTP server (Version wu-2.4(7) Thu Aug 1 02:34:14 MET DST 1996) ready. Name (localhost:chrish): anonymous 331 Guest login ok, send your complete e-mail address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp cd /pub/Linux/Debian 250 CWD command successful. ftp ls 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls. total 0 226 Transfer complete. pgpyMi0Nig2C7.pgp Description: PGP signature
Re: dselect
On Apr 11, Rick wrote I sent this a few days ago but got no answer. Does anybody know how to clear dselect status? I used hold to select only the bo pkgs I wanted to install thinking I could reset the suggested status. But it don't work. How do I reset the pkgs to the suggested state? I tried renaming the status files but dselect just crashed. Huh? Do you mean 'Unhold' doesn't work? It certainly works for me. If you really want to do it using dpkg, have a look at '--set-selections' Safer than playing with the status file directly. Christian pgpNhoM7FF9b1.pgp Description: PGP signature
Re: No automatic PST-PDT time change?
On Apr 8, [EMAIL PROTECTED] wrote My clock changed from GMT to BST (British Summer Time), but when I use mail to send messages the Date field on the message still shows the time in GMT. The same happens with the headers generated by qmail. Does anyone know why? If I use exmh or xfmail the Date field is correct. Qmail always create the 'Date' field as GMT. Read the qmail FAQ, question 6.1 if you absolutely want to have local time in your outgoing emails with qmail. Christian pgpuJ6G5Pg6g0.pgp Description: PGP signature
Re: How to modify subject of incoming emails using procmail
On Apr 8, [EMAIL PROTECTED] wrote I'd like to comment on this. If the debian-* list administrator(s) would edit the debian-*.config files and change the subject_prefix option to reflect the appropriate list, then all of the filtering would be easier on the members of the list. A subject line like Subject: I need HELP would become Subject: DEBIAN-USER I need HELP Argh. No... please don't. The official recipe for filtering email sent by whatever runs the Debian mailing list software is: :0 : * ^X-Mailing-list: debian-user@lists.debian.org Debian-user Please try that instead. (i.e. filter on the X-Mailing-List header. I'll let you guess what the content of the header looks like for other Debian mailing lists...) I find that 'Subject: LIST-NAME The original subject' really annoying, personally. I presort all my mailing lists emails into separate folders, so all the emails in the LIST-NAME folder have LIST-NAME in their subject. This a) provides no additional information whatsoever and b) eats up something like 20% of the precious 'subject' display space, which I use to decide what to read and what not to read. As an additional rant, if you (or anyone else) need help on debian-user, please use a subject a bit more descriptive than I need HELP. (I know, you probably simply picked I need HELP as an example) I, for one, don't have the time to read all of debian-user, even though I certainly don't mind helping people with the Unix stuff I know well. So if you post on debian-user asking for help setting up qmail_1.00-1.deb (say), an email titled Help needed setting up qmail.deb will get my attention any day, while I probably won't read an email titled Help ME unless I have lots of free time that day. And I doubt I'm the only person... Yes, I'm done ranting now. :-) Christian pgpZo4SqRPjiy.pgp Description: PGP signature
How to modify subject of incoming emails using procmail
Hi, I'm subscribed to a few mailing lists (lynx-dev is an example) that are configured to add the mailing list name to the subject of all messages they receive. So for instance all the email from the lynx-dev mailing list comes with 'LYNX-DEV' in the subject line. I'd like to undo that as I sort the emails into folders with procmail. So the question is, is there an easy way to make a substitution on *only* the 'Subject:' line of the *header* of the mail, either using procmail or something else? Thanks in advance... Christian pgpHcuRFDNRjM.pgp Description: PGP signature
Re: Dpkg gone haywire
On Apr 3, Kevin J Poorman wrote Ok I think I have figured out what happened to my dpkg... I lost the file dir or dir.lock that is the database in /usr/info. does anyone know how I can force the creation/recreation of this file? Does any one know the format of this file?? You can't lose 'dir.lock'. It's present only when install-info is writing to your /usr/info/dir file. If you lost /usr/info/dir, there's unfortunately no easy way to recreate it. If you want a quick fix that lets you install packages, just create an empty /usr/info/dir (by running 'touch /usr/info/dir' as root) and install-info should be happy. If you want to restore /usr/info/dir, do the following: cd /var/lib/dpkg/info fgrep install-info *.postinst This will print out a list of all the post-installation scripts which run install-info. Then just run all these install-info commands by hand. The other alternative is to reinstall the packages which provide info files. Christian pgpug3SzlbNck.pgp Description: PGP signature
Re: Dpkg gone haywire?
if (!$nowrite !link($infodir/dir,$infodir/dir.lock)) { die $name: failed to lock dir for editing! $!\n. ($! =~ m/exists/i ? try deleting $infodir/dir.lock ?\n : ''); } [snip] Others on the list may have a better understanding of perl to see what excactly is going wrong. Is there a file called dir.lock lying around in your /usr/info directory? Is there is one, delete it and the problem should go away. Christian pgpktBgqAuUdh.pgp Description: PGP signature
Re: Converting ascii to ebcdic, and vice versa
On Apr 1, Walter L. Preuninger II wrote I am looking for a library function to convert ascii to ebcdic, and/or ebcdic to ascii. For example, '0' = 0x30 in ascii, 0xf0 in ebcdic. I see the character maps in /usr/share/i18n/charmap, but have not found any routines. Aix has a function called iconv. I could build my own conversion tables, but that is a last resort. Any ideas? If you want routines, my guess it that you'll probably have to roll your own, or at least modify already existing routines. But if you're looking for a program, try recode (there's a Debian package available). It will convert from anything to anything. Christian pgpzA3XMacAhR.pgp Description: PGP signature
Re: RPM
On Mar 31, Nicolás Lichtmaier wrote Yes.. but... * Windows users probably don't need dependencies. Programs doesn't usally depend on external libraries... ??? Most of the Windows programs I've seen kindly install a DLL or two in the \Windows directory. I don't know is dpkg would catch on on Windows, but dpkg's dependency mechanism provides a much cleaner handing of shared libraries than the Windows way... and is something that would do Windows much good, IMHO. You want to know is a shared library is still used? With dpkg: $ dpkg -r libc5 dpkg: dependency problems prevent removal of libc5: gmod depends on libc5 (= 5.4.17-1). xtoolwait depends on libc5 (= 5.4.0-0). xsnow depends on libc5; however: Package libc5 is to be removed. v1 depends on libc5 (= 5.4.0-0). seyon depends on libc5; however: Package libc5 is to be removed. amd depends on libc5 (= 5.4.0-0). [snip] dpkg: error processing libc5 (--remove): dependency problems - not removing Errors were encountered while processing: libc5 On Windows: C:\ del \windows\whatever.dell ... and then see if something breaks. etc. Christian PS Of course, this doesn't really work unless a substantinal percentage of the applications use dpkg. pgpDLvSrDWZ9w.pgp Description: PGP signature
Re: Problems working with bash.
On Mar 30, Michel Beland wrote [snip] In bash, write \e[A:history-search-backward \e[B:history-search-forward in your ~/.inputrc file. There are two problems with bash, though. First, if you log on your linux machine with a terminal that does not use ESC [ A for the up arrow, you will have to define another sequence. Second, if you have not already typed something on the command line, history-search-backward does not match any previous command in the history and just beeps. 4DOS and tcsh just match all the commands instead and show you the first match. I have read that this is fixed in bash 2.0, at last, but did not try it yet. Do you mean that they fixed libreadline so that you can now talk about the 'up' key instead of having to insert escape sequences? That's be great... IMHO, it's probably libreadline's biggest problem. Christian pgpnrIwun1wLd.pgp Description: PGP signature
Re: RPM
On Mar 31, Nicolás Lichtmaier wrote On Mon, 31 Mar 1997, Christian Hudon wrote: Yes, not many programs use DLLs... And how many Windows programs do you know that can share a DLL's that provides some funcionality? In Linux there are lots of things using libraries like libjpeg, libtiff, libvga, etc... More programs would share DLL if it wasn't asking for trouble like it is currently. Just take MFC or OWL as an example... Quite a few progams use one or the other, both Microsoft and Borland ship them as DLLs, but most programs either install their own private copy or get linked statically to avoid all the trouble that mismatching versions, etc. cause when sharing DLLs (or at least attempting to). Anyways... Christian pgpFcOZmoGLNz.pgp Description: PGP signature
Re: Missing packages
On Apr 1, Joseph Skinner wrote Hi I just had a look through the list of updated packages and have found after looking at ftp.debian.org that the new packages are not there. The missing packages include libc6* gcc_2.7.2.2-2 These packages are in the experimental section. (i.e. Not under unstable.) Christian pgpVmch7O9HRn.pgp Description: PGP signature
Can't get color in xterm!
At some distant point in the past I used to get color in my xterms... I had even customized the colors using X resources. But after installing a bunch of things, I don't get color anymore. The xterm still understands the color escape sequences, but it maps them all to either black or white It doesn't look like my /etc/X11/Xresources file it causing the problem. Does anyone have a clue as to where the problem might be? Because it's really annoying... For instance, the default configuration of lynx now gives my black on white for both the highlighted link and the other links. I'm tracking unstable. Thanks, Christian pgpJhNESQzVEn.pgp Description: PGP signature
bash keybindings
On Mar 28, Pete Harlan wrote I also came from tcsh, therefore I put this in my ~/.inputrc and I'm happy ever since 8-) ,- | M-p: history-search-backward | M-n: history-search-forward `- [snip] Customization is great, but if you learn unmodified bash then you can use other folk's systems more easily. Unless they customized it. Agreed. Unfortunately, these two commands are not bound to anything by default in bash... which is why I end up swearing each time I use bash for interactive use. Anyone care to take this up with the upstream bash maintainers? Christian pgpyNhUbAup3H.pgp Description: PGP signature
Re: afterstep 1.0pre5
On Mon, 24 Mar 1997, Paul Chau wrote: Could anyone tell me if the afterstep 1.0pre5 been debianised yet or not? Don't think so. The Debian package is still at 1.0pre4. If you want, email the maintainer (Neil A. Rubin [EMAIL PROTECTED]) and tell him that 1.0pre5 is out. Christian
Re: to xlib6 or not to xlib6?
On Sat, 22 Mar 1997, Ken Gaugler wrote: [snip] I am not worried about gwm: I don't use it anyway. But I am worried about trashing all my other X stuff if I install this package. Is it OK to upgrade to xlib6 and let the chips fall where they may with respect to elf-x11r6lib, or what should I do? Go ahead an upgrade to xlib6. The only problem you might run into it that a few old packages (like gwm) depended on things they shouldn't have depended on and so you might have to use --force-depends to get those installed. Let me repeat that... the only potential problem is dpkg dependencies problems with some old packages. Once you have everything installed, xlib6 will work just fine. If you still find packages that haven't been upgraded to depend on either xlib6 or elf-x11r6lib, you should file bug reports against them. Christian
Re: wrong time; is it dangerous ?
On Sat, 15 Mar 1997, Eugene H. Sevinian wrote: I have almost finished the installation of Debian when I noticed that the board clock was not set corectly (YY was 1996 :( ,shame! ). Though, a can tolerate the wrong files time stamp, but ... Can it cause some problems? I mean some dependencis, or something like that. Not dangerous at all. It'll be just like you had installed Debian a year ago. Just set the clock to the proper year and don't think about it again. Christian
Re: Problem with TERMCAP in Xfree86
On Thu, 6 Mar 1997, Vadim Vygonets wrote: On Thu, 6 Mar 1997, Brown, Paul, BROWNPA2 wrote: I've got Debian GNU/Linux 1.2 installed and working and have installed XFree86. It is working fine except for when it comes to displaying an xterm it says that is cannot find a usable TERMCAP entry. What does this mean and how can I fix it ? Install package termcap-compat from admin section. No. This is an xterm problem... It annoyingly sets TERMCAP. Just put unsetenv TERMCAP in your .cshrc (or export TERMCAP= in your .bashrc and the problem will go away. You don't need termcap-compat for that... And so you very probably don't want it. Christian, termcap-compat maintainer.
Re: shared library tutorial?
On Fri, 28 Feb 1997, Dale Martin wrote: Can anyone point me to an online reference on how to compile and use shared libraries? Note that I'm also interested in the portability of the solution - my project also is working with Linux/Alpha, and Solaris machines... If you need something portable, you want to take a look at GNU libtool... Quoting from the Debian package's description: This is GNU libtool, a generic library support script. Libtool hides the complexity of generating special library types (such as shared libraries) behind a consistent interface. To use libtool, add the new generic library building commands to your Makefile, Makefile.in, or Makefile.am. See the documentation for details. Libtool supports building static libraries on all platforms. I read the info documentation quickly, and it looks quite nice... Christian PS Package's name is libtool, in section devel of unstable.
Re: Netscape 4.0b2 out, any success?
On 24 Feb 1997, David Sewell wrote: Just wondering if any Debian users have tried the new Netscape Communicator beta, released a couple of days ago. Tried it with MALLOC_CHECK_=0, only got one bus error. The newsreader was working fine for me. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Debian 1.2 international?
On Sun, 29 Dec 1996, Francesco Tapparo wrote: Hi all, I have read in this Mailing List that some packages in Debian 1.2 (e.g. shellutils and fileutils) are internationalized. I have installed the package wg15-locale, and I hav set LANG and LC_ALL to it_IT, but the error messages are in english, and ditto for the date. What is wrong? Thanks in anticipation. 'Internationalized' doesn't mean they speak evey language... I know shellutils, etc. have started speaking French to me since a recent upgrade. But looking in the directory /usr/share/locale/it/LC_MESSAGES, it looks like the Italian translation isn't ready... because it's not there. Maybe someone else on this list can update you on the status of the Italian translation of the GNU stuff... Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: X11 is too secure, root cannot run xterm
On Sat, 21 Dec 1996, joost witteveen wrote: On my new 1.2 system root is not allowed to run xterm in a user's session under xdm. Is there a way to anable root and other user access to my display session typing xhost + will allow root (and anyone else on the net) to connect to your display. xhost +localhost will ensure that only users on your mashine can connect. Even better, as root set the XAUTHORITY environment variable to ~joeuser/.Xauthority This will give *only* root and joeuser access the display. Do you really want other users to have access to your display?? Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: How come there is no `Reply to' field
On Sat, 21 Dec 1996, Walter Tautz wrote: I am curious as to why there is no `Reply to' field from this list? Is this a deliberate technique to decrease traffic. Just wondering... Because Reply-to: [EMAIL PROTECTED] is evil. :-) Actually, I had a pointer to a site that explained why Reply-to: list is bad... I lost the address, unfortunately. Are you adding in manually debian-user@lists.debian.org to the cc each time you want to reply to the list? If so, poke around your mailer a bit more. Every decent email program has an option that does reply to all. On elm, it's the g key. Pine asks you if you want to reply to all recipients when you reply to a list message or a message with a cc. If you're not using one of these two, look around the help files! Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: InfoMagic Debian 1.2 Installation
On Sun, 22 Dec 1996, Bruce Perens wrote: Did we go through this already? Try putting ppp in /etc/modules. It seems it gets loaded too slowly if kerneld loads it. Hmm. I'm getting my ppp module loaded through kerneld and everything works fine here. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Grrr! Dangling links in /usr/lib/
On Wed, 18 Dec 1996, David Lutz wrote: of Debian Packages. I would like to know how I can fix the problem however. Dselect swears that the binutils package is up-to-date and refuses to attempt to reload it. Does anybody have any suggestions? Reinstalling might indeed be a good thing. Get the binutils.deb file and use dpkg --install to install it. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Some notes on Debian experiences
On Thu, 12 Dec 1996, David Engel wrote: I had to relink as described in the /usr/src/linux/README. For the umpteenth time. You don't need these links to compile the kernel. I haven't had those links on any of my systems in over a year and it hasn't stopped me from compiling hundreds of kernels. Hear, hear! Since at least 1.3.something, the kernel makefile explicitly points gcc to the kernel include files. So unless you compile antique kernels for fun, you do *not* need the said links. As further proof, here are the relevant extracts from my toplevel 2.0.27 kernel makefile: ---snip--- TOPDIR := $(shell if [ $$PWD != ]; then echo $$PWD; else pwd; fi) HPATH = $(TOPDIR)/include FINDHPATH = $(HPATH)/asm $(HPATH)/linux $(HPATH)/scsi $(HPATH)/net HOSTCC =gcc -I$(HPATH) HOSTCFLAGS =-O2 -fomit-frame-pointer CROSS_COMPILE = AS =$(CROSS_COMPILE)as LD =$(CROSS_COMPILE)ld CC =$(CROSS_COMPILE)gcc -D__KERNEL__ -I$(HPATH) CPP =$(CC) -E ---snip--- Notice how -I$(TOPDIR)/include (i.e. -I$(HPATH)) is included on *every* gcc command. QED. Read question 1 of /usr/doc/libc5/FAQ.gz if you want to know why Debian doesn't use symlinks. Christian PS Could someone who is on linux-kernel volunteer to at least ask the kernel people to update the kernel's README? It still says make sure your /usr/include/asm, /usr/include/linux, and /usr/include/scsi directories are just symlinks to the kernel sources even though people don't need to do that anymore to compile the kernel... -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: ncftp. Current boot disks
On Sun, 8 Dec 1996, Ioannis Tambouras wrote: I need clarification on two issues: [nsip] * I need to file a bug report for ncftp-2.4.2: the get -R command is not excecuted, I only get the prompt for the next command. Few days ago I was looking at a debian bug list. Now that I need to check if this bug is reported, I cannot find it. The debian-faq.txt directed me to a debian-bugs/ archieve, but there was nothing there! Where can I browse for previous bug reports? Point your favorite web browser to http://www.debian.org/ . One of the items in the list is the web version of the bugs archive. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: NTFS Filesystems
On Sun, 8 Dec 1996, Robert Platt wrote: Can Linux read NTFS filesystems? I looked at the partitions using fdisk and it read the NTFS filesystem as OS/2 HPFS, but when I tried to mount it calling it HPFS it didn't work. Is there any way to do this? Work is being done on a NTFS driver for Linux... There's even a Debian package for the driver in the 'experimental' section. But right the driver is still alpha (i.e. use at your own risk). So you at least definitely want to have a backup of the data in case something goes bad. And depending on how much value your data has, you might want to use something safer to transfer your data (like, say, creating a good ol' fat partition.) Christian PS Here's the package information. [EMAIL PROTECTED]:[~] dpkg -s ntfs Package: ntfs Status: install ok installed Installed-Size: 194 Maintainer: Michael Meskes [EMAIL PROTECTED] Version: 960915-1 Depends: libc5 (= 5.2.18) Description: A driver for NTFS. This is a read-only driver for the Windows NT file system, or NTFS. Make sure you understand that this is alpha software. This means that the implementation is neither complete nor well-tested. Still, it works for me and others, so you can try it out. You should know how to restore the system after a crash, and have a backup of any valuable data, just in case. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: kbd reccommends svgatextmode? why?
On Thu, 5 Dec 1996, Joey Hess wrote: Why is svgatextmode important to the kbd package? This is especially annoying since kbd is in base, and so dselect is going to pretty well force the installation of svgatextmode on all debian systems. Indeed! Especially since (correct me if I'm wrong) if your graphics card isn't supported by svgatextmode, then that package is close to useless... Can the 'recommends' be reconsidered? Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: CD-ROM IRQ Timeout
On Thu, 14 Nov 1996, Paul Seelig wrote: On Wed, 13 Nov 1996, Alec Clews (S) wrote: 'hdb irq timeout : status = 0x58 hdb ATAPI reset complete' [snip] I have a Goldstar 8-speed CD-ROM drive giving me the same messages but i don't know how to handle/evaluate/change this. Any hints someone? Try giving hdb=cdrom as an argument to the kernel. Maybe that will help. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Big IDE drive on old bios
On Fri, 15 Nov 1996, Stephen Fuqua wrote: [snip] Will I be able to get lilo to boot off the 1gig drive when I make a root partition smaller than 1023 cylinders? Can I be pretty sure that I can at least boot the thing with a floppy? I'm pretty sure you can do either and it will work. Even easier: make a small (10Megs, say) partition for /boot, making sure it is below the 1023 cylinder boundary. You then put your kernels there and lilo will be able to find them. Works like a charm for me. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: A couple things I noticed with rex packages ...
On Mon, 11 Nov 1996, Richard G. Roberto wrote: Also, most refuses to run in an xterm or rxvt complaining the terminal isn't strong enough! That's pretty wierd. Do you have the TERMCAP environment variable defined? I had that problem too, and undefining TERMCAP fixed it. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: .xinitrc / .xsession / .fvwmrc ???
On Fri, 1 Nov 1996, Chris R. Martin wrote: Where do I tell X what apps to start when starting an X session ? I'd like several xterms in various colors/places etc.. I'm using the debian xdm. .xsession is just the name of the window manager, right? Wrong. .xsession is responsible for starting all the programs that you want started when you login using X. This includes the window manager (assuming you want to run one), which is a program just like the others in X and doesn't enjoy any special status. So basically you put all the stuff you want started in .xsession, and when .xsession exits your X session ends. Christian PS As an example, here's my .xession: #!/bin/sh # # Local Xsession file. # Start window manager first... afterstep wmpid=$! # ...then the other stuff. xsetroot -solid black #xconsole -geometry 480x130-0-0 -daemon -notify -fn fixed -exitOnFail -icon -file /dev/xconsole xterm -geometry 80x25+590+0 xearth # Wait for window manager to terminate. wait $wmpid -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: 2 versions of some packages
On 12 Oct 1996, Rob Browning wrote: Christian Hudon [EMAIL PROTECTED] writes: Then I say it's a bug in dftp. So what's the right way to handle this? Hmm. I don't really know much about dftp, but when dpkg-ftp sees that two of the files it has downloaded are different versions of the same package, it installs the more recent version and discards the older one. Can't dftp do something like that? Or maybe there's something I'm missing... Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: 2 versions of some packages
On 13 Oct 1996, Rob Browning wrote: Christian Hudon [EMAIL PROTECTED] writes: Well, I'm not sure that installing the most recent one is the right answer. Take ghostscript for example. There's the GNU version in .../text and the Aladdin version in .../non-free. Now the GNU version should always be = the Aladdin version since GNU repackages the Aladdin version after it's been out for a while. People who want an all free software machine may prefer the GNU version even if it's older. If they do want that, they just don't select the non-free one. Then the GNU version will get installed. Or even easier, if they want just free software, they don't select the non-free section and then they never even *see* the non-free ghostscript 4.01. I think that it might make more sense to just disallow two packages with the same name in a given Debian package tree. In this case I think we should have a virtual ghostscript package provided by both gs-aladdin and gs-gnu, or whatever. Then no one gets confused about what you mean. Huh? By 'given package tree' you mean 'non-free' vs 'stable/unstable' vs 'contrib', don't you? Then there is no problem. because ghostscript 4.01 is in non-free and ghostscript 3.something in in unstable. I still don't see a problem... Unless the problem is that dftp makes no distinction between the different sections (i.e. doesn't allow people to distinguish between non-free, unstable and contrib)... but that would be a problem with dftp, IMO. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: 2 versions of some packages
On Fri, 11 Oct 1996, Gerry Jensen wrote: Also, there are two version of gs (Aladdin and GNU versions). While I see the need for two versions here, perhaps they should be named differently (gs_alladin and gs_gnu both providing gs). Having two versions with the same name confuses dftp. I don't know if dselect can cope better with this or not. Then I say it's a bug in dftp. Dselect/dpkg-ftp has no problem with this whatsoever. And having two names would be confusing, because it really *is* the same package with two versions, one that's free software and the other not. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: smail does virtual domains?
On Tue, 8 Oct 1996, Nelson Posse Lago wrote: I'm seriously considering changing to sendmail or perhaps qmail, or whatever. One of the reasons is that I need virtual e-mail domains. Does smail handle this? Is is reasonable to use it for this? How about qmail? Are there plans to packaging it in .deb format? Yep, qmail handles virtual domains. It's explained, in the qmail FAQ (which is included with the qmail .tar.gz file). As for a .deb package, yes there will be one at some point. I'm working on this. The package is being held up due to copyright problems. I'm really afraid of sendmail, not for the config files, but because of the security leaks that appear every day; hopefully qmail/smail are better or, at least, less popular among hackers. Then take a good look at qmail. From what I've seen of its design (and from the little bits of its code I read), I have a warm and fuzzy feeling about qmail's security. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: xemacs support
On Thu, 26 Sep 1996, Stephen Millard wrote: The xemacs support package size is formidable (over 12 meg). I have been a little apprehensive in letting dpkg uncompress it into something possibly much larger, especially since I am not sure what the benefits would be. Does it contain the above xemacs dependencies? A little more elaboration in the Packages file would help. The xemacs-support package provides all the emacs lisp files that xemacs needs to work. You need to install it if you want xemacs to work properly. (xemacs *depends* on xemacs-support). Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: /usr/sbin/start-stop-daemons
On Tue, 24 Sep 1996, Joe Manarolla wrote: On startup and shutdown I have been receiving messages which read as follows: /etc/rc2.d/S10sysklogd S10netbaseS12kerneldetc:/usr/sbin/start-stop-daemon: no such file or directory. Being relatively new to Debian, I do not understand the meaning of these messages. It could be that they are not relative to my particular setup. I run Debian on a laptop machine and in general the system runs perfectly. Looks like you lost the '/usr/sbin/start-stop-daemon' program... Reinstall the latest version and dpkg (which contains start-stop-daemon) and the problem should dissapear. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Will dpkg 1.4 work under buzz?
On Thu, 26 Sep 1996, Amos Shapira wrote: Hello, I'm encountering some annoying (and apparently well-known) problems with dselect from dpkg 1.2.14elf (e.g. after a search the arrow keys loose their function). I wonder if it is safe to install one of the 1.4 version of dpkg on my mostly buzz-fixed system. In short, yes it is safe. But no I don't think it will fix the problem you mentionned since that problem is (if memory serves) a ncurses bug. Christian -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: 4 man page languages now
On Wed, 18 Sep 1996, Bruce Perens wrote: Susan: the manpages (in English, German (man-NNN-de), and Spanish (man-NNN-es)). I think some Italian language man pages have also recently been uploaded. I communicated with the maintainer last week. They are probably in unstable or the Incoming directory. Does anyone know if there are French manpages coming up somewhere in the pipeline? Christian
Re: Master.debian.org down yggdrasil.com down ...
On 16 Sep 1996, Christoph Lameter wrote: master.debian.org is down since Sunday. Any plans to bring it back up? yggdrasil.com is also down (Even the DNS Servers are not reachable!) and is the gateway from the usnet linux.debian.user group to the mailing list. Can we establish alternate gateways so that at least the usenet groups will still work? Could be a problem with your 'bit' of the net. From here, both are up as I speak. Check again... Christian
Re: execute permissions in /etc/init.d
On Fri, 13 Sep 1996, Al Youngwerth wrote: Is there a good reason why all the start stop functions in /etc/init.d are executable by anybody by default. It seems to me that this allows your average user to stop an important system service. Anyone have comments? No it doesn't. Normal (i.e. non-root) users can only kill processes that they own... which just about means processes that they have started. So /etc/init.d being executable by world is not a problem at all. Try stopping one of these services (as a non-root user)... you'll see. Christian
Re: Worldnet.att.net via Linux PPP Connection
On Fri, 13 Sep 1996, Bruce Perens wrote: I'd like to hear a good explanation of what the security problem is, and why anyone would want to use source routes. The security problem? Basically, if you've got source routing enabled, I can send bad IP packets to your machine and they'll get there. By 'bad' I mean, say, packets with a wrong 'Source IP' field. This can be used to get packets from 'outside' through a firewall and make the packets look like they came from 'inside' to the destination machine, I believe. And of course, this is kinda 'helpful' to crack services (eg rsh, etc.) that put trust into specific IP numbers. I don't know it that was very clear, but at least it was some kind of an explanation. Please keep 'Drop source routed frames' enabled in the Debian kernels. Christian