Re: Local non-mirror debian archive
On Thu, Jun 14, 2001 at 08:06:17PM +0100, Colin Watson wrote: You need to gzip the Packages file (and the Sources file, if you have one). I filed bug #65839 against dpkg-dev about this almost a year ago now, but haven't heard anything back. Maybe I should put together a patch. Well, that helped... It seems to work OK from a different client (altima), but bonneville remains non-cooperative. Not an apt problem, though. When it goes to download package lists or packages, it freezes. Sometimes it locks up solid, sometimes ^C will break out, in which case I get a stream of eepro100: cmd_wait for(0xff80) timedout with(0xff80)! messages which don't stop until I `ifconfig eth0 down`. So I'd guess that's a flaky NIC integrated on the mobo. Thanks for the gzip tip! -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Local non-mirror debian archive
I'm looking to set up a local debian archive which largely ignores the offical site. apt-move looked promising, but it's too concerned with mirroring. I want to have a directory on a fileserver that I can just throw debs into and have them (in an apt-move like fashion) turned into a usable archive for other machines on the network. Even if they're obsolete or from a non-debian source. And preferably without concern for whether they're stable, unstable, testing, frozen, potato, slink, woody, bo, sid, hamm, main, contrib, non-free, non-US, or none of the above. I'm not even really that concerned with maintaining the official archive's organizational scheme; this archive will only be running around 300 packages instead of 4000 and pretty much every one of them will be installed on every machine in the company. The primary area of variation will be that some machines run X and others don't. Does any tool currently exist that will create an archive of this sort for me? If not, where can I find documentation on setting it up manually? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: star office debian-correct installation
On Sun, Jun 10, 2001 at 10:25:23PM -0700, Mark Wagnon wrote: On 06/10/01 17:37:44 -0400, Jonathan D. Proulx wrote: You don't need to be root, using sudo is fine. If you don't know what sudo is, install it and read the man page then ask here, it's *very* useful. I've never used sudo. Whenever I need to do something as root, I use su. What's the difference? Is one better/more secure than the other? That is a topic of much debate. In general, I fall on the sudo is evil side of the fence, but the basic arguments are: pro-sudo: It allows you to give limited root access to certain users without requiring that they know the root password. This allows you to distribute administrative tasks to various people without giving them full control of the machine. anti-sudo: It allows you to give limited root access to certain users without requiring that they know the root password. This allows an attacker to obtain elevated privileges on the machine by discovering only a user password instead of requiring that they find both a user password and the root password. IMO, one well-controlled point of vulnerability (the root password) is preferable to several uncontrolled points of vulnerability (user passwords). The only time I think sudo is worthwhile is on a multiuser machine where all admin power cannot. for whatever reason, be concentrated in a single person. And even then, you have to be very careful about what commands you allow to be run through sudo - if you can open a shell from something run under sudo, you've got a fully-empowered root shell, easy as that. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: kapm-idled
On Mon, Jun 11, 2001 at 04:13:45PM +0200, vester wrote: can anyone explain to me what exactly the process kapm-idled does and why it takes up 50-90% of cpu usage? Kernel APM IDLE Daemon It's a pseudo process that doesn't actually _do_ anything. It just puts the CPU to sleep when there's nothing else going on. i've never noticed it taking up that much usage until today. i cannot stop it from top... Yeah, the idled showing up in the process list is a new 'feature' of the 2.4 series kernels. Give it a little time and a new version of top will come out that knows enough to ignore it. i suppose it's got something to do with the apm kernel modules, but i really don't know. it just seems to make my system really slow :-( Have you noticed an actual performance decrease or are you just assuming that it's slowing other things down because of the high CPU usage displayed? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Installation on DELL Optiplex GX100
On Mon, Jun 11, 2001 at 09:18:36PM +0200, Marceau Dominique wrote: Here is the message I got while attempting to install Debian 2.2 on my DELL Optiplex GX100 Can you help me please. As others have mentioned, the GX100 uses an Intel i810-based video chipset. Do some searching with google and you can find X 3.3 drives for it, the specific files being i810gtt-0.1-6.src.tar.gz (source for its agpgart, which seems to be necessary), xfcom_i810-1.2-3.i386.rpm (the X server itself - use alien to convert it to a deb and install that), and xfcom_i810-1.2.patch.tar.gz (patch to the xserver, of course). Version numbers may have changed since then, of course. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: HELP - wmakerconf blew my menus away!!!!
On Thu, Jun 07, 2001 at 11:10:40AM -0400, [EMAIL PROTECTED] wrote: I know that this must be a common problem, but the archives for the mailing list are unavalable. I ran wmakerconf as a normal user to change some of the look and feel of windowmaker. However, when wmakerconf started up, told me that it needed to update the menus. I told it to keep the current menus,and now all my menus are gone!!! I don't have anything under the application menu. How do I get my menu's back? This has become a real pain not having any. Before doing the Debian-to-WindowMaker menu conversion, you need to edit ~/GNUstep/Defaults/WMRootMenu to contain the full path to menu.hook (/etc/X11/WindowMaker/menu.hook). WindowMaker itself is smart enough to look around in several places (complete list in the man page), but wmakerconf isn't. If you don't want to convert your menus, just click over to another tab without answering wmakerconf's question. You can restore the default debian menus by editing ~/GNUstep/Defaults/WMRootMenu to contain /etc/X11/WindowMaker/menu.hook and nothing else. (Just menu.hook works too, but may cause you to have this same problem again.) If you do convert them, you gain the ability to edit the menus on a per-user basis and use some wmaker enhancements, such as assigning a hotkey to any menu item. The downside is that newly-installed packages will no longer be automagically added to the menus. (Although I consider that an advantage also, as the default behaviour is, IMO, far too inclusive. I prefer to have only the things I use on my menus. YMMV.) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: ripping quiet CDs
On Sat, Jun 09, 2001 at 03:08:05PM +0800, Ben Harvey wrote: On Sat, Jun 09, 2001 at 01:48:35AM -0500, Jason Pepas wrote: in short, it sounds like normalization is exactly what you want. OK fair enough. so that means I can filter a .WAV through normalize before compression - with a little trial error. any ripper recommendations? abcde looks good (I like the name too ;) but it doesn't seem to allow me to add this sort of filter. Well, it may not be set up to do filtering, but abcde is a shell script. It should be possible to hack a filter in. (Having just taken a look at it, though, it's a very complex shell script, so finding the right place to do this would likely be nontrivial.) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: NFS
On Sun, Jun 10, 2001 at 08:58:58AM -0400, Jerry Sternesky wrote: I installed nfs-common and nfs-kernel-server. ^ rpcinfo -p only showed portmapper running so I executed rpc.mountd and that seemed ok, but when I run rpc.nfsd I get nfssvc: Function not implemented. Did you build a kernel with NFS server support in it? If not, try nfs-user-server instead (or build an NFS-friendly kernel). -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
ifup -a broken?
I'm trying to convert a system that's been running since pre-ifup days to use /etc/network/interfaces and it's behaving oddly. ifupdown is version 0.6.4-3 from testing. As the log below shows, all three of the interfaces in /etc/network/interfaces behave properly when addressed by name, but using -a to bring all interfaces up (or down) doesn't seem to recognize that any interfaces are configured. Is there just something that I missed in my local configuration or should it be filed as a bug? --- /etc/network# cat interfaces # Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or # /usr/share/doc/netbase/examples for more information. iface lo inet loopback iface eth0 inet static address 111.222.333.206 netmask 255.255.255.0 gateway 111.222.333.254 iface eth0:0 inet static address 192.168.0.80 netmask 255.255.255.0 /etc/network# ifup -vn -a /etc/network# ifup -vn lo Configuring interface lo=lo (inet) run-parts /etc/network/if-pre-up.d ifconfig lo 127.0.0.1 up run-parts /etc/network/if-up.d /etc/network# ifup -vn eth0 Configuring interface eth0=eth0 (inet) run-parts /etc/network/if-pre-up.d ifconfig eth0 111.222.333.206 netmask 255.255.255.0up route add default gw 111.222.333.254 eth0 run-parts /etc/network/if-up.d /etc/network# ifup -vn eth0:0 Configuring interface eth0:0=eth0:0 (inet) run-parts /etc/network/if-pre-up.d ifconfig eth0:0 192.168.0.80 netmask 255.255.255.0 up run-parts /etc/network/if-up.d /etc/network# --- -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: How to setup rsync system to keep copy of packages locally????
On Tue, Jun 05, 2001 at 05:44:16PM -0400, Chris Hoover wrote: Can someone help me and/or point me to a doc that describes how to setup a local debian package mirror using rsync? I have looked at the man page for rsync, but am still clueless as to how to do it. apt-get install apt-move Not sure if it's exactly what you're looking for, but it should be close. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: filtering email via perl?
On Tue, Jun 05, 2001 at 10:25:26AM -0500, will trillich wrote: okay. procmail and i are getting a divorce. we just don't see eye-to-eye any more. I don't know what MTA you use, but if you're on speaking terms with exim, it's got a pretty good set of filtering capabilities that you can just put into .forward. Not perl, though. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: logcheck gaps in time
On Tue, Jun 05, 2001 at 07:58:50AM -0500, hanasaki wrote: I have added the following else statement to the script so there is always a report. I would appreciate it if the utility's owner would consider adding this to his/her next revision and giving a small credit if they do. I would not appreciate it. I suppose adding an option (so long as the current behaviour remains the default) would be OK, but I'm of the opinion that, if there's nothing to report, I don't want to be bothered with null mail. The absence of a problem report is itself confirmation that there is no problem. (Same principle: Create an empty directory, cd into it, and do an `ls`. Does ls say There are no files to display? No. It just displays the names of the files, which happens to be an empty list.) Anyhow, what you report is, as I indicated above, normal behaviour. I've been running logcheck for quite a while and I've never gotten mail from it unless it had some perceived anomaly to report. If you still have copies of any of your old Nothing is wrong notifications, I would like to see one. There's probably something in them that you consider so normal that it must have been ignored, but it actually triggered logcheck. As for verifying that everything really is OK, the first thing to do is... Look at your logs manually. Assuming you're running syslogd with the default settings, you should see entries saying -- MARK -- every 20 minutes of inactivity. If there are any gaps larger than 20 minutes, then either syslogd has had its timestamp interval changed or a chunk of the file is missing. The other thing to watch for is that logtail (called by logcheck to get only the new portion of the log file) will issue a warning if a log file shrinks, and logcheck will mail this warning like any other problem. logcheck not sending you anything does not indicate any sort of problem. (I would actually like to be able to make it more selective about what it sends. Say, for instance, to ignore one failed login attempt by a user (he probably just mistyped his password), but report 4 or more failed logins, whether by the same user or each by a different user (that could be someone trying to brute-force the machine). This would require a bit of extra complexity, though, as the current purely-grep-based approach doesn't lend itself to that sort of state maintenance.) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Subject: Re: filtering email via perl?
On Wed, Jun 06, 2001 at 03:04:02PM -0500, will trillich wrote: query: does seen save ... stop processing as if you'd said finish? seen save is actually redundant. seen finish stops processing as if you'd said save, which is to say that exim considers dlivery to be complete. finish by itself will terminate the filter, but exim will still process the delivery normally. See filter.txt, section 9 Significant deliveries for full details, but it basically comes down to: - The commands deliver, save, and pipe are significant deliveries unless preceded by unseen. - All other commands are not significant deliveries unless preceded by seen. - Default delivery will be performed unless a significant delivery has been performed by the filter. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Re: Setting up NIS
On Fri, Jun 01, 2001 at 12:08:23PM +0200, paolo pedaletti wrote: The problem was in /etc/ypserv.securenets (actualy a link to /var/yp/securenets) There wasn't the right line: host xxx.xxx.xxx.xxx Thanks for the suggestion, but so such luck. ypserv.securenets already contained 255.0.0.0 127.0.0.0 and 0.0.0.0 0.0.0.0, which should allow anyone and everyone to connect, so I didn't think adding host lines would make a difference, but I tried it anyhow. They didn't. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Don't allow incoming telnet
On Fri, Jun 01, 2001 at 10:52:41AM -0400, [EMAIL PROTECTED] wrote: Remove it if you can (I forget if it's a seperate package): apt-get --purge remove telnet That's the telnet client. Personally, I'd recommend: apt-get remove --purge telnetd telnet apt-get install telnet-ssl telnet-ssl will attempt to use SSL for outgoing telnet connections (for servers that don't have ssh installed), but falls back to plaintext if that's all the remote system supports. There's also a telnetd-ssl, but what do you need that for if you're running sshd? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Setting up NIS - SOLVED (sorta)
On Wed, May 30, 2001 at 05:31:22PM -0500, Dave Sherohman wrote: I'm trying to get a NIS domain started and having little luck... I've followed along through /usr/share/doc/nis/nis.debian.howto.gz (which is great to have there!), but it doesn't seem to have worked. After (far too) much mucking about in the various NIS config files, I decided to try upgrading from stable to testing despite an earlier post's mention of recent problems with the version in testing. And it worked. I have no idea what was causing it to fail, but it works now... Thanks again to all who offered suggestions. They may not have contained the solution to my troubles, but now I know a good deal more about configuring NIS. I expect I'll do a better job of setting up the domain as a result. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Setting up NIS
On Wed, May 30, 2001 at 05:16:43PM -0700, Ian Greenhoe wrote: Not necessarily suprising. I've found the most useful way to get data from ypserv is to run it from a seperate [aEwx]term with the -d switch. Word of warning: It can produce a *lot* of data. Or it might not... bradley:~# ypserv -d [Welcome to the NYS YP Server, version 1.3.11 (with securenets)] Find securenet: 255.0.0.0 127.0.0.0 Find securenet: 0.0.0.0 0.0.0.0 ypserv.conf: 0.0.0.0/0.0.0.0:shadow.byname:2:0:2 ypserv.conf: 0.0.0.0/0.0.0.0:passwd.adjunct.byname:2:0:2 ypserv.conf: 0.0.0.0/0.0.0.0:*:0:0:2 And that's it. I fired up a `ypbind -d -broadcast` in another window and all I got there was bradley:~# ypbind -d -broadcast add_server() domain: mycompany.com, broadcast, slot: 0 [Welcome to ypbind-mt, version 1.7] broadcast: RPC: Timed out. or, alternately, bradley:~# ypbind -d parsing config file Trying entry: domain mycompany.com ypserver bradley.west.mycompany.com parsed domain 'mycompany.com' broadcast add_server() domain: mycompany.com, broadcast, slot: 0 [Welcome to ypbind-mt, version 1.7] Either way, `ypwhich` causes the ypbind to display ypbindproc_domain_2_svc (mycompany.com) Status: YPBIND_FAIL_VAL and start showing RPC timeouts alternating with notes that it's pinging active servers. But, throughout all of this, ypserv just sits there quietly. 2) There are a number of potential problems: * NIS was broken in testing due to recent glibc upgrade. [upgrade nis if you are using testing/unstable] Nope, it's potato, version 3.8-2. * make sure that /etc/ypserv.conf is set up appropriately. You might wish to add the following temporarily [for testing only, since it opens NIS up to anybody who can access your machine. Better make sure that your passwords are good!] * : * : none No change other than having two ypserv.conf: 0.0.0.0/0.0.0.0:*:0:0:2 lines in ypserv's output instead of one. * add a ypserver line to /etc/yp.conf if it doesn't exist. Already contains domain mycompany.com ypserver bradley.west.mycompany.com. * make sure that NISSERVER=master in /etc/init.d/nis Check. * make sure that nis was started *after* portmapper. In fact, you may want to do the following: Check. I actually had tried shutting down NFS and then stopping and starting portmapper and NIS in various combinations yesterday; NIS gives a completely different set of errors when portmapper is shut down. 3) check that nis is registered with portmapper (you'll see ypbind/ypserv, not nis, listed) pmap_dump bradley:~# pmap_dump 102 tcp111 portmapper 102 udp111 portmapper 1000241 udp849 status 1000241 tcp851 status 142 udp673 ypserv 141 udp673 ypserv 142 tcp676 ypserv 141 tcp676 ypserv 172 udp714 ypbind 171 udp714 ypbind 172 tcp717 ypbind 171 tcp717 ypbind Any further suggestions or anything seemingly relevant in this information? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Setting up NIS
On Thu, May 31, 2001 at 12:36:23PM -0700, Ian Greenhoe wrote: I think I know part of what your problem is. Either do in your yp.conf: domain mycompany.com server bradley.west.mycompany.com ^^ -- Note server not ypserver OR ypserver bradley.west.mycompany.com Hmph. Changing the term based on usage... Well, lets see: bradley:~# ypbind -d parsing config file Trying entry: domain mycompany.com server bradley.west.mycompany.com parsed domain 'mycompany.com' server 'bradley.west.mycompany.com' add_server() domain: mycompany.com, host: bradley.west.mycompany.com, nobroadcast, slot: 0 [Welcome to ypbind-mt, version 1.7] ping host 'bradley.west.mycompany.com', domain 'mycompany.com' ypbindproc_domain_2_svc (mycompany.com) trylock = success ping host 'bradley.west.mycompany.com', domain 'mycompany.com' Status: YPBIND_FAIL_VAL ypbindproc_domain_2_svc (mycompany.com) trylock = success ping host 'bradley.west.mycompany.com', domain 'mycompany.com' Status: YPBIND_FAIL_VAL Pinging all active server. ping host 'bradley.west.mycompany.com', domain 'mycompany.com' Pinging all active server. Looks like progress, but ypwhich still says can't yp_bind: Reason: Domain not bound. And ypserv continues to show nothing beyond the startup stuff in its debug output. I also doublechecked /etc/hosts and the machine is able to ping both of the addresses it lists there. (It's a dual-NIC server. One address is on the name bradley.west and the other is bradley.east, so there shouldn't be any confusion there.) That might take care of part of the problem. (You should not be broadcasting for domain info, as the results from ypbind was suggesting. Mostly this is for security reasons, and also some networks/machines are actively hostile to broadcast messages.) Good thing to know. Also, I'm curious about what sort of results you might see from rpcinfo -u bradley.west.mycompany.com ypserv bradley:~# rpcinfo -u bradley.west.mycompany.com ypserv rpcinfo: RPC: Timed out program 14 version 0 is not available rpcinfo -t bradley.west.mycompany.com ypserv bradley:~# rpcinfo -t bradley.west.mycompany.com ypserv rpcinfo: RPC: Timed out program 14 version 0 is not available I sincerely hope this helps (at least somewhat), Dunno how much further there is to go, but at least it _feels_ like we're getting somewhere. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Setting up NIS
On Fri, Jun 01, 2001 at 04:10:48AM +1000, Steve Kowalik wrote: I seem to recall have to add yp entries to /etc/services for NIS to work correctly. I can't really recall, it 4am, and it's been ages since I did it. It was easier /etc/services or some portmap file. I can't be certain. Let me know if anything more comes to mind, but I have another server on the network (serving NIS domain mycompany instead of mycompany.com) which does work, and grepping /etc/services for portmap and yp returned identical results on both machines, so I don't think that's it. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: the clip in windowmaker
On Thu, May 31, 2001 at 05:36:47PM +1000, Joel Mayes wrote: Run the wmpref program, the 7th icon will be workspace navigation Features click on this, and there will be two icons down the right hand side of the box on of these enables/disable the application dock, the other enables/disables the Clip. ( probably the one with the big disabled cross though it ;-) If you prefer wmakerconf, it's on the Workspace tab, fourth option. Open application clip on startup (startup option) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Some sugestions of cheanges
On Wed, May 30, 2001 at 04:04:39AM -0800, Ethan Benson wrote: On Wed, May 30, 2001 at 01:14:22PM +0200, [EMAIL PROTECTED] wrote: 3. In new deb package of apache 1.3.19 every configuration is made in one file (/etc/apache/httpd.conf). I segest to make it like in version 1.3.9 i would agree with that, huge monsterous bloated monolithic configuration files suck IMO. file a severity wishlist bug report against apache. The Apache Group decided to move to a single config file a while ago, so that's the standard now. Note that, if you still want multiple config files, there is an Include directive which can be used to break your configuration up into as many smaller config files as you want, following any scheme you like. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Setting up NIS
I'm trying to get a NIS domain started and having little luck... I've followed along through /usr/share/doc/nis/nis.debian.howto.gz (which is great to have there!), but it doesn't seem to have worked. I started to suspect that things weren't working at step 3.6, starting the server, when it didn't seem to be able to bind to the YP server. (I'm still not entirely clear on why it wants to bind to the server when /etc/init.d/nis is telling it that it's the master server, but I digress...) Then, in step 3.7, I knew things weren't working as I saw /usr/lib/yp/ypinit -m report failed to send 'clear' to local ypserv: RPC: Timed out for each and every map that it tried to update. Just to be sure, though, I tried a ypwhich after ypinit finished and was told, can't yp_bind: Reason: Domain not bound. Throughout all of this, nothing was logged to syslog. So how do I troubleshoot this? Is the problem obvious to anyone? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: getting ps to not display all processes for normal users
On Tue, May 29, 2001 at 09:52:55PM -0400, Vlad wrote: already done. www.openwall.com and download a kernel patch. i would say, it is the FIRST thing security-wise you have to do after you install any linux distro. Why would you say that? Do you really consider knowledge of other users' processes to be the biggest security threat on a *nix system? It seems pretty harmless to me, given that `ls /bin` will tell me what's installed on a system and `nmap localhost` will tell me what ports are listening. About the only extra information that I can think of that would be revealed by `ps a` and would be potentially exploitable is which programs that use unix domain sockets or named pipes are running - and even that could be derived with `find` or any other sort of recursive directory search. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: apt-utils
On Sun, May 27, 2001 at 10:09:10PM -0400, Joey Hess wrote: So believe it or not, it does work for most of us. If you can get a log of that with DEBCONF_DEBUG set, I would of course like to see it. I'll likely be doing at least one fresh install within the next 2-3 weeks. How would I best capture a log of the useful portion of the install so that I don't have to send you debug information on the full set of base packages? Also, the log I sent you yesterday was obtained by simply cutting and pasting from a terminal window; I suspect that the curses-based screen from the first time debconf asks how it should operate would interfere with this method. Is there a better way to capture that? Any others? (And don't cite console-data, or cvs. Both have historically had the same breakage in stable.) No others come to mind. Thanks for looking at this. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: root via ssh / why su - ?
On Mon, May 28, 2001 at 09:18:17PM +1000, Brian May wrote: (Just a thought: perhaps a better solution would be to store these passwords on a computer file, but GPG encrypt them?) If you've got a PalmPilot, etc., there's a wonderful utility called STRIP (Secure Tool for Remembering Important Passwords) that does just this. It stores and categorizes passwords in an encrypted (either DES or IDEA, depending on which version you download) database. It will also generate passwords for you, but there was a bug discovered about a month and a half ago which results in it only having 64k available random number seeds, making STRIP-generated passwords very vulnerable to a modified dictionary attack. I'm not sure whether this has been fixed yet. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: CUPS
On Sat, May 26, 2001 at 05:22:12PM -0500, Thomas H. George wrote: A second stand-alone computer with a Epson Stylus Color 860 connected to the usb port is still not working. The stcolor.ppd and lpinfo are missing. stcolor.ppd is included in the woody and sid versions of cupsys, but not potato. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: I've been getting scanned...
On Sun, May 27, 2001 at 12:15:12AM -0400, Carl Fink wrote: Which is kind of my point. If I were made dictator of the Debian project (not bloody likely) I would declare all distributions to age out at six months: at that point, unstable becomes testing, testing becomes frozen, frozen becomes stable, period. And six months would be a MAXIMUM, not the standard cycle. One year of built-in obsolescence is still a lot. Unfortunately, code has a nasty habit of being ready when it's ready, not when someone decrees that it should be ready. Going to a calendar-based release cycle would adversely affect stability. If you don't want to be running year-old software (with the latest security fixes backported), switch over to testing instead. It's both pretty solid and pretty recent. But if you want/need the absolute reliability of stable, that takes time. If it takes a year to produce that stability, then the code will be a year old when it's released and, short of spending lots of money to buy testing and bugfixing time, there's nothing anyone can do about it. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: root via ssh / why su - ?
On Sun, May 27, 2001 at 12:39:54PM +0200, Timo Blazko Boewing wrote: A silly theoretical question: in a ssh thread above, one got the answer *not* to enable root user access to a station, it would be better to use a limited user account and then gain access via su or that. What is the difference between that. Don't I have full admin rights with su? Or if I have, what is the difference? Is it cos a direct root login allows to exploit the sys due to some scripts that get autom. exec'd? I just want to knowcos thus I know why I do things that way :-) Two reasons come to mind: 1) In order to gain remote root access, an attacker must first compromise a user account to log in with. Simply obtaining the root password is not sufficient. 2) It is possible (though not likely) that there may be a little-known technique for sniffing the data sent while establishing an ssh connection. If such a technique were to exist, disabling root logins would ensure that an attacker using it would only get a user password while the root password would remain secure. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: I've been getting scanned...
On Sun, May 27, 2001 at 10:59:47AM -0400, Carl Fink wrote: On Sun, May 27, 2001 at 12:20:14AM -0500, Dave Sherohman wrote: If you don't want to be running year-old software (with the latest security fixes backported), switch over to testing instead. Bad news: testing *is* year-old software. By the time it's stable it'll be two eyars old. Unless I'm mistaken, testing is mostly software that hasn't changed in unstable for two weeks. Making an allowance for bursts of minor changes and things being held back by dependencies and cross-package conflicts (which you probably don't want on your system anyhow, which makes this a good thing, IMO), most testing packages are within 1-2 months of unstable. So, are you claiming that unstable is 10-11 months old? (BTW, I just got around to pulling kernel 2.4.4 out of testing... I don't deny that there's likely to be some year-old stuff in testing, but I doubt that it's the majority and I know that a fair bit of unstable is more recent than that.) Based on my observations of the (pre-testing) slink-potato changeover and my understanding of how testing works, I would suspect that most of woody's package aging en route to stable will be taking place in frozen, not testing. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: The following packages have been kept back
On Sun, May 27, 2001 at 03:16:55PM +0300, [EMAIL PROTECTED] wrote: What is going on, and why can't apt-get upgrade the remaining 62 packages? How do I get it to upgrade them? It doesn't want to automatically process them for some reason. Explicitly telling it to upgrade each package with `apt-get install package` will cause apt to upgrade the package if it can or tell you why it can't. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Free mail a/c that allows download of mail
On Sun, May 27, 2001 at 08:53:05AM -0500, ktb wrote: On Sun, May 27, 2001 at 11:47:22PM +1000, [EMAIL PROTECTED] wrote: Is there any free mail accounts (like hotmail etc.) that allow you to download your mail so that you can read it with mutt say? Instead of having to view it through the web browser when connected to the internet. How about doing it the other way around, access your isp's email account with a free email account? There are lots of reasons why this is, IMO, a less desirable solution, mostly centering around the basic notion that, if the mail is on your machine, you can access and filter it however you want instead of being tied to whatever piece of drek interface the mail service provider gives you. In this particular case, I suspect (based on the when connected to the internet comment above) that mdevin is on a dialup link and doesn't want to have to bring the link up and tie up a phone line while reading mail over that slow link. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: The following packages have been kept back
On Sun, May 27, 2001 at 06:53:16PM +0300, [EMAIL PROTECTED] wrote: Sorry, but the following packages have unmet dependencies: aalib1: Depends: libc6 (= 2.2.2-2) but 2.1.3-18 is to be installed Depends: xlibs (= 4.0.1-11) but it is not installable E: Sorry, broken packages fot2:~# exit So I figure that I need to somehow upgrade my libc6 to 2.2.2-2. But apt-get says that '2.1.3-18 is to be installed' !? How do I get it to upgrade my libc6? For some reason, apt doesn't want to upgrade libc6 automatically. Try an `apt-get install libc6`; it'll probably just go right through, but you may get some warnings that point at why apt wanted to leave it alone. You should upgrade it, in any case. The current stable version is 2.2.2-4, so I'm not even sure that 2.1.3-18 is still available. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: apt-utils
On Sun, May 27, 2001 at 02:09:19PM -0400, Joey Hess wrote: It is supposed to be optional. In fact, I cannot see how it could possibly be failing as you show. The || true is there so no matter what status code dpkg-preconfigure returns, apt always sees a return code of zero. I thought that was pretty odd too. I have never seen this behavior except for when people have told debconf to re-show questions, or with a couple of broken packages that force debconf to redisplay seen questions. In the default configuration, it works, and has worked for a long time. The two cases that spring to mind of apt-utils consistently reasking questions are ssh and apt-utils itself. (Although apt-utils is at least decent enough to remember, when making the second pass through, that I'd told it to use the text interface the first time around.) But I don't recall any cases where I've been asked a question in the preconfiguring stage and it didn't get repeated later. Doesn't mean it hasn't happened, of course, just that I don't remember it. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: apt-utils
On Sun, May 27, 2001 at 03:29:43PM -0400, Joey Hess wrote: I don't know what you're talking about: apt-utils does not use debconf. My mistake; s/apt-utils/debconf/g. Whenever I install a new system, debconf (or rather, the minimal version on the install disks) throws up a curses-based menu asking what mode I want it to run in, then what level of messages to display. I consistently answer text/medium. It then preconfigures other packages, unpacks everything, and starts the actual configuration phase. At this time, I am again asked what mode I want debconf to run in and what message level to display. If that outputs true, then you have configured debconf to redisplay already seen questions. # apt-get install debconf-utils; echo get debconf/showold | debconf-communicate Reading Package Lists... Done Building Dependency Tree... Done Sorry, debconf-utils is already the newest version. 0 packages upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 0 false If not, I would dearly like the see a log of a package, any package, displaying the same question both in preconfiguration and at install time, with DEBCONF_DEBUG='.*' set and exported in the environment. I just tried purging and reinstalling ssh on two machines. The one tracking testing worked properly, only asking if I wanted it SUID and whether to run sshd once. The one tracking stable asked 3(!) times. That version of apt doesn't seem to like nonnumeric values for DEBCONF_DEBUG, so I tried setting it to 100 instead, which seems to have worked. Here's the log: --- Begin log --- genma /home/esper# apt-get remove --purge ssh Reading Package Lists... Done Building Dependency Tree... Done The following packages will be REMOVED: ssh* 0 packages upgraded, 0 newly installed, 1 to remove and 1 not upgraded. Need to get 0B of archives. After unpacking 515kB will be freed. Do you want to continue? [Y/n] (Reading database ... 50217 files and directories currently installed.) Removing ssh ... Stopping OpenBSD Secure Shell server: sshd. dpkg - warning: while removing ssh, directory `/etc/ssh' not empty so not removed. Purging configuration files for ssh ... Argument .* isn't numeric in int at /usr/lib/perl5/Debian/DebConf/Log.pm line 40. genma /home/esper# export DEBCONF_DEBUG=100 genma /home/esper# apt-get install ssh Reading Package Lists... Done Building Dependency Tree... Done The following NEW packages will be installed: ssh 0 packages upgraded, 1 newly installed, 0 to remove and 1 not upgraded. Need to get 0B/256kB of archives. After unpacking 515kB will be used. debconf: trying frontend Text Configuring packages ... debconf: starting /var/lib/debconf//config.14859 configure debconf: -- VERSION 2.0 debconf: -- 0 2.0 debconf: -- SET ssh/upgrade_to_openssh true debconf: -- 0 debconf: -- FSET ssh/upgrade_to_openssh isdefault false debconf: -- 0 false debconf: -- SET ssh/use_old_init_script true debconf: -- 0 debconf: -- FSET ssh/use_old_init_script isdefault false debconf: -- 0 false debconf: -- INPUT medium ssh/SUID_client debconf: Trying to make element of type Text::Boolean debconf: -- 0 debconf: -- INPUT medium ssh/run_sshd debconf: Trying to make element of type Text::Boolean debconf: -- 0 grep: /etc/ssh/sshd_config: No such file or directory debconf: -- INPUT low ssh/forward_warning debconf: Trying to make element of type Noninteractive::Note debconf: -- 30 debconf: -- GO debconf: preparing to ask questions Configuring Ssh --- You have the option of installing the ssh client with the SUID bit set. If you make ssh SUID, you will be able to use Rhosts/RhostsRSA authentication, but will not be able to use socks via the LD_PRELOAD trick. This is the traditional approach. If you do not make ssh SUID, you will be able to use socks, but Rhosts/RhostsRSA authentication will stop working, which may stop you logging in to remote systems. It will also mean that the source port will be above 1024, which may confound firewall rules you've set up. If in doubt, I suggest you install it without SUID. If it causes problems you can change your mind later by running: dpkg-reconfigure ssh Do you want /usr/bin/ssh to be installed SUID root? [n] This package contains both the ssh client, and the sshd server. Normally the sshd Secure Shell Server will be run to allow remote logins via ssh. If you are only interested in using the ssh client for outbound connections on this machine, and don't want to log into it at all using ssh, then you can disable sshd here. Do you want to run the sshd server ? [y] debconf: -- 0 Selecting previously deselected package ssh. (Reading database ... 50183 files and directories currently installed.) Unpacking ssh (from .../ssh_1%3a1.2.3-9.3_i386.deb) ... debconf: frontend started debconf: trying frontend Text debconf: frontend running, package name is ssh debconf: starting /var/lib/dpkg/tmp.ci/config configure debconf: -- VERSION 2.0 debconf: -- 0 2.0 debconf: -- SET
Re: The following packages have been kept back
On Sun, May 27, 2001 at 08:55:40PM +0200, Bart Martens wrote: On Sun, May 27, 2001 at 01:30:41PM -0500, Dave Sherohman wrote: On Sun, May 27, 2001 at 06:53:16PM +0300, [EMAIL PROTECTED] wrote: How do I get it to upgrade my libc6? For some reason, apt doesn't want to upgrade libc6 automatically. Try an `apt-get install libc6`; it'll probably just go right through, No, it doesn't. Since you didn't mention any error message being returned, I assume it just said that the most current version is already installed, yes? What's your /etc/apt/sources.list say? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
apt-utils
When did apt-utils become mandatory? I just did an apt-get upgrade (in testing) and it died immediately after downloading packages with the message debconf: cannot preconfigure packages -- apt-utils is not installed E: Failure running script /usr/sbin/dpkg-preconfigure --apt || true Installing apt-utils fixed this, but I thought it was supposed to be optional. (No, I don't want to use it until it actually works. In theory, apt-utils is supposed to let you answer all the packages' questions up front. In practice, every question that I answer up front is asked again later, completely ignoring my previous answers. How is that supposed to be helpful?) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Best sniffer?
On Thu, May 24, 2001 at 05:49:17PM -0500, Michael Marziani wrote: What's the fav sniffer for you Debian gurus? Whether a .deb, source, or whatever, what is the most versatile and all-round best sniffer that is available? Thanks! karpski's got a nice GUI on it which actually makes it more usable instead of just getting in the way, but lately I've been playing with ngrep and it seems to have good potential. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: ssh
On Fri, May 25, 2001 at 01:22:02PM -0500, Andrew D Dixon wrote: Hi All, I've recently started having problems logging into my machine as root over ssh. Anybody know what may be causing this? Debian's default setting of not allowing ssh connections as root? You really, really shouldn't allow connections as root. Connect as a normal user then use su (or sudo/super/some other limited-su tool) to become root as needed instead. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: nis +
On Thu, May 24, 2001 at 01:37:43AM -0400, Roderick Cummings wrote: Maybe he has confused nis and nfs. Although I'm not sure why nfs should be a kernel space daemon either. Maybe for performance reasons, or maybe just the range of things NFS must do calls for it. While I'm sure that performance had something to do with the decision to write the kernel NFS code in the first place, the main reason that people have it built into their (Linux) kernels is for the capabilities. Under Linux, the kernel nfsd is able to handle file locks over NFS and the user space nfsd is not. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: getting ps to not display all processes for normal users
On Thu, May 24, 2001 at 08:09:43PM +0200, Alwyn Schoeman wrote: How can I make ps so that it doesn't display all processes for normal users? ps aux would thus still only show that specific users processes. Ummm... Use `ps ux` instead? From man ps: aSelect all processes on a terminal, including those of other users If you're looking for a way to globally disable the 'a' option, so that your users aren't allowed to see each other's processes, you'll probably have to hack the source. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
MD5 passwords and NIS
The debian installer warns about possible compatibility problems using MD5 passwords in conjuction with NIS. Does NIS itself have difficulty dealing with MD5 or is this warning just a reference to the possibility that some NIS clients using the passwd map may not be set up to recognize MD5 passwords? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL$ P+ L+++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI D G e* h r y+
Re: Unkillable process
On Tue, May 22, 2001 at 11:35:37PM -0700, Erik Steffl wrote: doesn't take long). IIRC one reason an application is zombie is that its parent waits for return value (which is sort of held by zombie, waitin for parent to process the info or something like that). You've got it backwards. You get zombies when the parent _doesn't_ wait, so the kids just hang around forever, just in case the parent wants to come back and get their exit status someday. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Current software RAID information
The Software-RAID HOWTO at linuxdoc.org is dated Jan 19, 2000. Is there a more recent version available anywhere? If not, how does the current 2.4 implementation of RAID-1 compare to its RAID-0 on performance? Based on the year-old information in the HOWTO, I expect it to be worse, but by how much? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Root in X Display
On Mon, May 21, 2001 at 06:42:11PM -0500, Dana J . Laude wrote: Before you su to root type xhost +local: (minus the quotes) and you'll be set. You'll also be allowing anyone and everyone with access to the machine(s) specified in your xhost command to run programs and have them display on your screen. Use xauth merge ~$USER/.Xauthority (as root) instead and _only_ root will be able to display things on your screen. Much safer. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Partitioning
On Tue, May 22, 2001 at 10:22:56AM -0500, Young, C Bryan wrote: When I tried to make sdb all one partition, I couldn't write the partion table to disk (got the message: Not precisely one primary partition is bootable. DOS MBR cannot boot this.). I didn't think that each disk needed to be bootable. What do I do -- is it okay to make a small, bootable primary partition here? Either ignore it or mark the partition bootable if you want the warning to go away. It's just telling you that you won't be able to boot DOS off that disk, but a) you're probably not going to be installing DOS on the system, b) DOS won't boot off the second disk and c) I could be wrong, but I don't think DOS will boot off a SCSI drive anyhow. So it really doesn't matter. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Missing gnumeric dependency?
On Tue, May 22, 2001 at 05:57:40PM +0200, J.H.M. Dassen (Ray) wrote: On Mon, May 21, 2001 at 17:13:33 -0500, Dave Sherohman wrote: unable to open module file: /usr/lib/gnumeric/plugins/0.47/libgnum_python.so: undefined symbol: _Py_NoneStruct Hmm... 0.47 is quite old; I'd recommend against using it for anything serious. Well, that's what's in potato... Would I be OK to just delete libgnum_python.so Yes, it's just a plugin. - and, if I did, would dpkg just put it back when the next revision of gnumeric gets installed? Indeed. Any way to avoid that? What other options are there for getting that error to go away? Configure gnumeric not to load all plugins by default. Can this be done globally or is it strictly a per-user setting? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Root in X Display
On Mon, May 21, 2001 at 03:43:04PM -0600, Chris Spencer wrote: How can I change my permissions so that root can run things on the X Display of my normal user? For example, if I drop to a command prompt, su to root, and try to configure the kernel by typing in make xconfig I get the error: Xlib: connection to :0.0 refused by server Xlib: Client is not authorized to connect to Server How can I change this? Thanks... To steal one of Karsten's answers from a couple weeks back: Rather than exporting xauthority, my preference is: # As root $ xauth merge ~$USER/.Xauthority ...where $USER is your desired user. This transfers cookies from $USER's .Xauthority file to root's .Xauthority file. Changes to user's .Xauthority file don't effect X. X now has access to user's X session, but not vice versa. (Hey, Will... Is this one in your 'newbie tip-of-the-.sig' list yet?) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Missing gnumeric dependency?
After installing gnumeric (with it's obscene list of dependencies, as discussed here earlier), I'm getting the error unable to open module file: /usr/lib/gnumeric/plugins/0.47/libgnum_python.so: undefined symbol: _Py_NoneStruct on startup. Installing python-base has not had any noticable effect. This is on a not-quite-pure potato system (not-quite-pure because the previous sysadmin had a source line for proposed-updates) on the Alpha architecture. What package would include the library containing _Py_NoneStruct? Would I be OK to just delete libgnum_python.so - and, if I did, would dpkg just put it back when the next revision of gnumeric gets installed? What other options are there for getting that error to go away? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: What's the current best printing arrangement? (HP P1000)
On Thu, May 17, 2001 at 04:27:23PM -0400, Peter S Galbraith wrote: Now I know what to do! (But it wasn't obvious!) Agreed. The cups postinstall should point you to localhost:631 to find docs. So I configured it and ran a test page. Works. I then printed a colour graph I had just printed using lprng+magicfilter, and the results are darker and muddier. :-( Where did you print the graph from? I've noticed that GIMP doesn't seem to like printing in color to cups (but ISTR having seen a package somewhere that makes them play nice together), but it's just fine from Netscape. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: staroffice package
On Thu, May 17, 2001 at 05:07:58PM -0500, Andrew D Dixon wrote: I just installed it today with out doing this. I just ran the installer from a directory that I created in my home directory. I've only tried the word processor out so far but it works great. What's going to be broken because I didn't do a network install? network install: 100 M[1] + 2 M/user standard install: 100 M/user It's functionally identical, but if you're going to have multiple users accessing SO (bloated stuck pig that it is), the network install saves lots of disk space. [1] I don't recall how much space SO actually takes up, but, given that the install binary it 97 M, it seems safe to assume that it demands at least 100 M to install. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: [users] dns/named log message learnt?
On Mon, May 14, 2001 at 01:08:41AM -0400, MaD dUCK wrote: also sprach will trillich (on Sun, 13 May 2001 11:34:21PM -0500): May 13 15:37:16 server named[16551]: ns_forw: query(mail2.something.com) NS points to CNAME (rain.something.com:) learnt (CNAME=11.22.33.44:NS=55.66.77.88) what does that translate to, in newbiespeak? my first guess: your NS records point to a CNAME record rather than an A record. this is BAD! More accurately, it means that something.com's NS records are misconfigured and your local nameserver discovered this while looking up a something.com address. You can get these messages for other people's domains as well as your own. As MaD dUCK said, NS records are required to point to A records, not CNAMEs. You might want to drop a (polite) email message to [EMAIL PROTECTED] informing them that their NS record is incorrect and requesting that it be fixed. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Firing on all CPUs
I've got a dual-CPU system that I'm starting to think only runs off one processor. The kernel has SMP support built in and /proc/cpuinfo shows two processors, but top only shows a single set of CPU utilization (although it could just be that the stock debian top isn't SMP aware, I suppose) and the system slows down terribly when the load average approaches 1.0 rather than at 2.0 (although I think this box probably sees high load because it's disk-bound rather than CPU-bound). Is there anything else I need to do to activate SMP? And how do I get top to display stats for each CPU instead of either ignoring the second or presenting aggregate stats? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Firing on all CPUs
On Mon, May 14, 2001 at 10:16:46PM +0400, Ilya Martynov wrote: If /proc/cpuinfo shows two CPUS then both of them are working. Some old versions of top supports only one CPU - you need updated top if you want it to see correct CPU info in it. Also some old versions of ps also was broken on SMP boxes. I don't rememeber what exactly was broken. I just remember that old ps shows some stats wrongly on SMP. OK, thanks. I just wanted to be sure that everything was working right. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Firing on all CPUs
On Mon, May 14, 2001 at 04:22:09PM -0700, Brandon High wrote: On Mon, May 14, 2001 at 01:27:03PM -0700, Osamu Aoki wrote: For SMP, donot forget to put not just apm=on but also apm=power-off in lilo.conf/append thing. I understand how this would help in general, but how does this apply to an SMP system differently than an Uni-processor system? A UP system only needs apm=on, SMP also needs apm=power-off in order to shut itself off. I'm not entirely sure of the reason, but SMP systems are a bit touchier about that sort of thing. My best guess is that it has to do with making sure that you don't have one CPU still writing cached data to disk while another one cuts the power, but that's only a guess. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: X question
On Wed, May 09, 2001 at 02:32:27PM +0100, David Wright wrote: Quoting Steve Cooper ([EMAIL PROTECTED]): The only issue I have with the X behavior is that I can't figure out to efficiently perform a replacement paste. E.g. If you want to paste a URL into a browser in Windoze you'd select the current URL and paste over it. Assuming the browser in question is netscape, you can click anywhere in the location box and press Ctrl-U to delete all text in it. This may also work with other (GUI) browsers. Others have addressed the general problem. In case you haven't tried this for your particular example, do try pasting the new URL anywhere on the browser page, i.e. ignoring the location window. (It may be browser dependant.) This is actually one of my least favorite netscape features. I generally open links in new windows by middle-clicking on the link. If my aim is a little off, though, the existing window goes off looking for whatever is in the paste buffer (which is frequently not a URL anyhow). Anyone know of a way to turn this (mis)feature off? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: NP RAM
On Wed, May 09, 2001 at 06:49:23PM +0530, N. Raghavendra wrote: I am buying a computer in my office, and have received a quote from a vendor, which says that the memory is 128 MB NP SDRAM. The Unix Hardware Buyer HOWTO says that ECC, error correcting memory, is important for reliability. Could someone tell me what is NP memory, and how does it relate to or compare with ECC memory? I would guess that NP here stands for non-parity. Non-parity RAM makes no attempt to detect memory errors, while ECC (Error Checking Correcting, IIRC) detects memory errors and can sometimes fix them. Traditionally, PCs have used non-parity memory and serious computers have used ECC, but now ECC is starting to move into the PC market as well. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: xmms and audio cd playing
On Mon, May 07, 2001 at 03:20:16PM -0300, francisco m . neto wrote: Play directory should be able to do it. Be sure that you select the mount point of your cdrom drive. More accurately, you need to select the directory specified in the Directory: box in the CD audio plugin's configuration. On a sane system, this should probably be the same as the CDROM's mount point, but it doesn't have to be. The main differente between audio cds and data cds is that data cds consist of 1's and 0's, and audio cds don't. In data cds each bit has two possible orientations: one of those is 1, and the other one is 0. Audio cds doesn't even have bits: they consist of a sequence of bits that have orientations that will reflect the laser this or that way, thus leading to the digitalized audio generation. Now this is just plain wrong... Data CDs and audio CDs are physically identical - they both store data digitally, as a series of 1s and 0s. A data CD will typically contain only a single track (I believe that multisession CDs use multiple tracks, but I'm not positive) while an audio CD generally has several tracks. Some bands (and software companies) have even released mixed-mode CDs which contain several tracks with data on the first track and music on the others. The track contents are where the real difference lies, though. A data track contains a file system, complete with directories, blocks, and all the other trappings of any normal fs. An audio track is just raw, PCM-encoded audio data from start to finish, with some extra data included at the end of each data block to allow for error detection and correction. If you want to look at it in HDD terms, think of each track as a partition on your drive. Data partitions are formatted with the iso9660 file system. Audio partitions are unformatted and have just had raw data written to them - since they're not formatted, they obviously can't be mounted, but a program with knowledge of how the data was written (like a CD player) is still able to read it back. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Stylus Color magicfilter
On Fri, May 04, 2001 at 12:09:44PM -0300, Marcelo Chiapparini wrote: I have just installed magicfilter in my potato 2.2r3 box. I have attached a Epson Stylus Color 800 printer. I have configured magicfilter but when I try to print anythig I get the message: I screwed around with magicfilter for my Stylus for a while and never got it working that well. Then I decided to give CUPS a try - it was a lot easier to get working with a Stylus and seemed to work better as well. Might be worth checking out... -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: a new program called xtar
On Fri, May 04, 2001 at 04:51:12PM +0800, a wrote: i wrote an X interface to process tar/tgz files. It works by calling tar/gzip/gunzip. It is based on Athena widgets, readily available in every X packages. It's built on Debian 2.0. Please give it a try. It's in the attachment. Please do not send attachments to mailing lists. And especially don't send them more than once. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Toshiba Satellite 2535CDS laptop
I'm trying to install debian on a 2535cds and not having much luck... I've used the Windows BIOS management software (AFAICT, there's no keystroke that will invoke BIOS during the boot sequence) to change the boot device preveference to CDROM/FDD/HDD. A potato CD in the drive appeared to be completely ignored, so I made a boot floppy, which emits the message SYSLINUX 1.48 1999-09-26 Boot failed and hangs. What should I try next? Or is this machine entirely linux-hostile and not worth the effort of messing with further? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: pam_condev?
On Mon, Apr 30, 2001 at 11:23:01AM -0400, Noah L. Meyerhans wrote: On Sun, Apr 29, 2001 at 11:29:49AM -0500, Dave Sherohman wrote: Apr 29 11:18:40 kuno: PAM [dlerror: /lib/security/pam_condev.so: cannot open shared object file: No such file or directory] Apr 29 11:18:40 kuno: PAM adding faulty module: /lib/security/pam_condev.so Apr 29 11:18:40 kuno: PAM unable to dlopen(/lib/security/pam_condev.so) Do you use wdm as your X login manager? Yep. If so, it is a bug in wdm and my fault. I will upload a fixed version soon, which should be in testing at some point in the next couple weeks. In the meantime, just edit /etc/pam.d/wdm and remove the line containing pam_condev.so Cool. Thanks - I wanted to find out whether it was important before removing it. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
pam_condev?
Since my last apt-get upgrade on one of my woody systems, I've been getting log messages of the form Apr 29 11:18:40 kuno: PAM [dlerror: /lib/security/pam_condev.so: cannot open shared object file: No such file or directory] Apr 29 11:18:40 kuno: PAM adding faulty module: /lib/security/pam_condev.so Apr 29 11:18:40 kuno: PAM unable to dlopen(/lib/security/pam_condev.so) What is condev, why would pam care about it, and what package should it have been installed by? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: cron: nth weekday of month?
On Fri, Apr 27, 2001 at 01:20:00AM -0400, Dan Christensen wrote: Does anyone have any clever solutions to the following problem of a similar nature: I want to run a job at 28 day intervals, i.e. on every fourth Sunday. Not terribly clever, but just end your script with echo '/path/to/script' | at now + 28 days and then run it manually (or from a manually-scheduled at job) on a Sunday. It will repeat itself every 28 days. Unfortunately, cron is not suited to scheduling tasks on criteria other than what the date itself looks like. Something like this requires knowledge of when the job last ran and cron doesn't know that. You could also do it based off the week of the year, obtained from date %U, %V, %w, or %W, but that could result in non-28-day intervals at the end of the year. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: cron: nth weekday of month?
On Thu, Apr 26, 2001 at 12:32:46PM -0700, Karsten M. Self wrote: Another missing specification: does anyone have a good last weekday of month recipie? 'Last weekday of the month' is equivalent to 'Monday - Thursday where tomorrow is next month or Friday where 3 days from now is next month'. So... Set up two cron entries, one for mon-thu, one for fri. (To additionally optimize, run the mon-thu job only on the 28th-31st of the month and the fri job on the 26th-31st.) Based off of Rob's solution to the original question, use test on mon-thu whether `date +%d -d +1day` == 1 and on fri whether `date +%d -d +3day` 4. That gives us: 1 0 28-31 * 1-4 [ $(date +%d -d +1day) -eq 1 ] command -args 1 0 26-31 * 5 [ $(date +%d -d +3day) -lt 4 ] command -args (-lt was used instead of because it does an ascii comparison - 29 4. -eq was used instead of == to be consistent; either should work in that case.) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: cron: nth weekday of month?
On Wed, Apr 25, 2001 at 03:32:43PM -0700, Karsten M. Self wrote: Hence, my crontab recipie to execute a job on the first sunday of the month is: 1 1 1 * * echo 'command -args' | at 1:35 sunday snip For tasks scheduled for other weeks of the month, you'd select: WeekDay --- snip 5 29 Note also that for any month that is not a non-leap February, this 5th-week rule will happily schedule the command for the first week of the following month if there isn't a fifth occurrence of the desired weekday that month. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: setting up an apt repository
On Thu, Apr 26, 2001 at 05:11:54PM +1000, Renai LeMay wrote: What we'd like to do, is set up one machine as a debian template, if you like. We'd like to be able to create other machines from this machine, with a certain package set, and every time this template machine gets updated with security patches etc, the rest of the machines should be able to download those patches from the template machine. I'm looking at doing something similar in the near future and the apt-move package seems like it should be the appropriate tool. [EMAIL PROTECTED]:~$ apt-cache search apt-move apt-move - Move cache of Debian packages into a mirror hierarchy -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: apt-get etc
On Thu, Apr 26, 2001 at 10:20:59AM +0100, Keith O'Connell wrote: The following packages have been kept back communicator navigator netscape 0 packages upgraded, 0 newly installed, 0 to remove and 3 not upgraded My Netscape instalation went from 4.76 to 4.77 at the recent change, so what does the 3 not upgraded refer to? I'm not sure _why_ they don't upgrade themselves, but communicator, navigator, and netscape are all dummy packages that simply depend on the real Netscape packages. They primarily exist to ease installation (`apt-get install navigator` is a lot more obvious than `apt-get install navigator-smotif-477 netscape-java-477 netscape-base-4`, particularly when you don't know the current version) and can probably be removed now that the actual software is in place. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Documentation for total beginners
On Wed, Apr 25, 2001 at 03:08:45PM -0500, will trillich wrote: in /usr/share/vim/vim56/filetype.vim i found the line au BufNewFile,BufReadsnd.\d\+,.letter,.letter.\d\+,.followup,.article,.article.\d\+,pico.\d\+,mutt-*-\d\+,ae\d\+.txt set ft=mail the part that works for new mutt email is mutt-*-\d\+ but we need to add a pattern to match filenames like /tmp/muttlEoKra /tmp/muttDSveKd what's the syntax for these vim patterns? (-*- looks like glob, but then we have \d for digit (i presume) and \+ for... well, i don't know.) Looks like a bastard child of regexes and shell globs. I suspect that you could probably match both styles of mutt filename in a single expression with something along the lines of mutt-\?*-\?\d\+ but it would probably be easier to just add a new pattern of mutt\d\+ -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Can't find modules - but they work
On Tue, Apr 24, 2001 at 10:10:40AM +0100, Glyn Millington wrote: On boot up I get messages relating to several modules eg lp modprobe can't locate module lp. ppp modprobe can't locate module ppp But something is finding them because I can prnt and send you this post without any trouble. Clearly there is something wrong with my kernel compiling technique - though I thought that I had doe it the Debian way. Can anyone put me right? When you rebuilt your kernel, you built these things into the kernel instead of keeping them as external modules, but modules.conf didn't get told about it, so your system is still trying to load the modules it no longer needs. I just ignore it, but you should be able to get rid of the messages by updating the files in /etc/modutils/ and then running update-modules. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Can't find modules - but they work
On Tue, Apr 24, 2001 at 06:11:37PM +0100, Glyn Millington wrote: Great! Many thanks for this - its been puzzling me for some time. Can I add another question - how _should_ modules.conf be told about it? Edit the files in /etc/modutils/ and run update-modules to rebuild modules.conf. If you edit it by hand, you'll get warnings in your syslog until the next reboot, at which point I _think_ it will be rebuilt from /etc/modutils/ and your changes will be lost. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Which bootup script brings up interface 'lo'
On Tue, Apr 24, 2001 at 06:46:03PM +0100, Chris Howells wrote: I'm trying to work out where interface 'lo' is brought up on potato. I've grepped through /etc, but can't see any references to 'ifconfig'. /etc/init.d/networking uses `ifup -a` to bring up all interfaces. They are defined in /etc/network/interfaces, which (on my system, at least) starts off with # The loopback interface iface lo inet loopback -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: domain name: internet vs. intra-net
On Tue, Apr 17, 2001 at 11:15:03PM -0500, will trillich wrote: how do you manage the migration? Somewhat painfully... Basically, I've set up the firewall to route between the three internal IP ranges in use and (once I've got the kinks worked out of that) my plan is to, as each user machine needs to be touched, change its IP address, add it to the appropriate west/east.company.com zone, and make its old company.net DNS entry into a CNAME pointed at the new name. It's kinda ugly, it'll take a good while to complete, but it should work great once I get the routing to work right. i've got /etc/bind/ serensoft serensoft.rev lan lan.rev Let's see... In the name server's /etc/bind, I have company.net, company.com, east.company.com, west.company.com, their corresponding reverse zones (which, incidentally, I generate automagically using a perl script called mkrdns-2_0pre2, which I think I found on freshmeat - it makes life much easier...), and, of course, the standard db.0/127/255/local/root that debian installs with the package. ERROR: mail.serensoft.com. A 208.33.90.85, but the PTR record for 85.90.33.208.in-addr.arpa. is ns.serensoft.com. One of the above two records are wrong unless the host is a name server or mail server. To have 2 names for 1 address on any other hosts, replace the A record with a CNAME record: mail.serensoft.com. IN CNAME ns.serensoft.com. Technically, you're only supposed to have one A record per IP address and every A should have a corresponding PTR in the reverse zone. dlint is complaining because your ns's reverse lookup points to the IP address in mail's A record. In theory, if you want multiple names pointing to the same IP, exactly one of those names should have an A record and all the others should be CNAMEs pointing to it. In this case, you would have to do that by making mail a CNAME to ns (just like the example entry dlint suggested) and changing all your MX records to point at ns instead of mail. (IIRC, NS and MX records are required to point to A records, not CNAMEs. If you break this rule, it will still work, but hostmasters the world over will be plagued with warnings from BIND that say things like named[2795]: ns_forw: query(10.73.147.206.in-addr.arpa) NS points to CNAME (www.arcc.org:) learnt (CNAME=206.147.75.5:NS=137.192.240.3) The other way around this, if you have an IP address or two to spare, would be to set up IP aliasing in your kernel and give the machine a separate IP address for each service. Or at least for mail. Other services can be easily split apart by just changing the name's DNS entry, but for a mail server, you have to track down all the MXes pointing at it and change them also (since they shouldn't point to CNAMEs). WARNING: the zone serensoft.com. has an A record but no reverse PTR record. This is probably OK. Like it says, that's probably OK. Unless you want to have an IP address with a null hostname in your domain, this is inevitable. And null hostnames are rare enough that I don't know why dlint would bother to complain about this. and i'd like 208.33.90.85 to be serensoft.com eth1, visible everywhere (as it already is) 192.168.1.100 to be mac.serensoft.com but invisible to the outside net, and it should be able to ping win.serensoft.com 192.168.1.200 would be win.serensoft.com which is not visible to the outwise world 192.168.1.1 to be server.serensoft.com eth0, internal-lan only Like Patrick suggested, you'll pretty well need to run dual name services. AFAICT, there isn't any way to tell BIND to resolve a name only for eth0, but not for eth1. ISTR that some lesser-known DNS server(s?) has this ability, but that's all I could tell you about it. Using serensoft.com externally and foo.serensoft.com internally complicates things a little, too. Unless I'm mistaken, it means that you'll have to maintain two independent zone files (one containing only serensoft.com's external address and one with everything), but I'd say you probably want to do that anyhow so that, for the internal machines, serensoft.com resolves to that machine's internal address instead of its external address. how to i separate the internal/private 'no-update' addresses from the public 'update'-able addresses, in bind/dns? What do you mean by update? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Breakage in samba security update?
Hey, folks... I just installed yesterday's samba update from security (2.0.7-3.2) and none of my NT4 workstations can connect to it after the upgrade, complaining of unspecified network errors. I tried rebooting one of them and it just got worse - that machine is now unable to communicate with the entire workgroup containing the upgraded samba server. I've checked smb.conf (it looks sane) and restarted samba manually. Where can I go from here, other than downgrading to the latest stable samba and giving up two sets of security patches? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Breakage in samba security update?
On Wed, Apr 18, 2001 at 10:28:29AM -0500, Dave Sherohman wrote: Hey, folks... I just installed yesterday's samba update from security (2.0.7-3.2) and none of my NT4 workstations can connect to it after the upgrade, complaining of unspecified network errors. I tried rebooting one of them and it just got worse - that machine is now unable to communicate with the entire workgroup containing the upgraded samba server. Replying to myself, but... The server in question is an Alpha. Any attempt to connect to its workgroup (for which it is the master browser) causes the following to appear in /var/log/smb: [2001/04/18 10:48:55, 0] lib/util_sec.c:assert_gid(72) Failed to set gid privileges to (-1,65534) now set to (0,0) uid=(0,0) [2001/04/18 10:48:55, 0] lib/util.c:smb_panic(2381) PANIC: failed to set gid Based on this, I am inclined to suspect a bug in the Alpha debs for the latest samba security patch; they appear to have been compiled with one or more incorrect options. Still digging into it, but solutions remain most welcome, of course. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: The Heart Is An Open Source: A Romance
On Tue, Apr 17, 2001 at 11:31:28PM +1000, Damon Muller wrote: We *are* amused :) Extremely so. (I just wish I could forward it to more people without having to then explain it to them... Guess I need more geek friends.) blantant troll Although a real man would have been running qmail and courier-imap... /blantant troll Actually, given all the Debian-centric info on BIND, I was kind of surprised that he wasn't running Debian's default MTA: exim. (OTOH, exim's handling of aliases and virtual domains is a lot simpler than sendmail's (oh, hell - damn near _anything_ is simpler than configuring sendmail), so the story would've lost at least 30-40 lines of explanations if exim was used.) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: domain name: internet vs. intra-net
On Tue, Apr 17, 2001 at 03:19:40PM -0500, will trillich wrote: and can you give an example or two on how to use /etc/bind/* to set that up? (all my attempts give dlint conniptions, though things seem to work-though-they-wobble, with exceptions.) (This had better not be a sly attempt to collect a new newbiedoc...) I have recently inherited a network which was set up with company.com as the official, registered external domain name and company.net for the internal systems. It is not pleasant and even somewhat confusing. (There are other poor practices in place which make it worse, such as foo.company.com and foo.company.net sometimes being the same machine and sometimes not, depending on which machine you're on at the time, but I digress...) I am now in the process of migrating the internal network from company.net to east.company.com and west.company.com. (Yes, it spans two buildings. Without subnets. (Yet.)) I'm finding it _much_ easier to keep things straight with the new names. What sorts of complaints is dlint giving you? So far, I've been keeping everything on one name server with separate zone files for everything and it doesn't bother BIND at all. (I'm having some odd routing problems, but that doesn't have anything to do with DNS...) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: WindowMaker Rocks!! ;-) (Was: FW: OT : GUI Interfaces)
On Wed, Apr 11, 2001 at 07:51:38PM -0700, Karsten M. Self wrote: on Thu, Apr 12, 2001 at 08:13:22AM +0800, csj ([EMAIL PROTECTED]) wrote: You missed my favorite icewm (in 3 flavors - -gnome -lite). The most Windows-like wm (not counting KDE's). Legacy MS Windows is not necessarially the Gold Standard® of GUI shell design. Amen to that, brother! You also have various options for opening menus. By default, right-mouse on root window is apps menu, middle mouse is window list. These are bound to F11 and F12 as well. Yes, I know my wmaker menus fairly well, but I bind hotkeys to everything common... F9 for netscape, F10 to bring up an Eterm (What can I say? I like the flashy stuff sometimes...), Windows-Z (a lot of apps like to use Alt-foo themselves, so I've got all my wmaker hotkeys bound to Windows-foo instead) to lock the screen, F12-Up-Right-Enter to log out, F12-Down-Enter for GIMP. That's about all I ever use. (Anything else, I start from an Eterm.) Incidentally, WPrefs is reason #15,835 for loving WindowMaker -- this is one slick, well-thought out, and functional configuration utility. There's little that I want configured which it doesn't provide for. Anyhow, the real reason for my reply: Why do you like WPrefs so much? I used it initially, then discovered wmakerconf. At that point, there were some things that could only be done in WPrefs, so I used both, but, IIRC, wmakerconf now does everything that WPrefs does, plus quite a bit more. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: NFS mount at startup
On Wed, Apr 11, 2001 at 10:15:45PM -0500, Stephen E. Hargrove wrote: How do I prevent NFS filesystems from mounting when I start up my computer. As the system is booting, it attempts to mount them, and I only want them mounted when I want them. Here's one example from my fstab: papa:/music/music nfs rsize=1024,wsize=1024 0 0 Add noauto to the list of mount options. (If you're using noauto, you'll probably want to add user also, so that you don't have to be root to mount or unmount the fs.) -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: WindowMaker Rocks!! ;-) (Was: FW: OT : GUI Interfaces)
On Thu, Apr 12, 2001 at 02:02:05AM -0700, Karsten M. Self wrote: I prefer to leave raw function keys to low-level functions -- menus, etc. Good point. That's why I leave F1-8 free, but the only conflict I've had with F9/F10 has been with running MS Visual C++ over a VNC session, which is a flavor of pain I will never have to endure again anyhow. I think Debian maps the Legacy MS Windows key to Meta or somesuch. I don't know about Debian in general, but wmakerconf has a dropdown that lets you pick whether Meta is tied to Mod1 (Alt) or Mod4 (WinKey). The one problem with it is that, on every keyboard I've tried, Mod4 only maps to the left winkey; I haven't been able to come up with anything to make the right winkey equivalent or even usable (it gets seen as a sequence instead of a single keystroke). Not that I've tried very hard... Well, one reason is that if I try to install wmakerconf, apt tries to uninstall wmaker. A config tool without what it configures sorta sucks. This under Woody. Actually, wmakerconf itself installs fine. It's wmakerconf-data that has the inexplicable conflict. (OK, not really inexplicable - the updated wmakerconf-data has moved into testing, but the corresponding wmaker is still hung up in unstable. But I thought that packages which conflict with the version in testing were supposed to stay in unstable until that gets fixed...) What's wmakerconf do that WPrefs doesn't? Mostly just a lot of checkboxes for various settings that, admittedly, aren't very important. WPrefs is functionally complete, but wmakerconf has more knobs to twiddle. I also like to play with my window decorations from time to time and WPrefs doesn't seem to offer as many options there - not just fonts, but also multistage gradients, etc. And I can't seem to get WPrefs to let me set anything other than textures; plain colors refuse to cooperate. IIRC, the thing that really got me, though, was that at one point the 'capture' option for setting hotkeys recognized the winkey as a meta in wmakerconf, but WPrefs completely ignored it. Checking against the current version from woody, I see that WPrefs now sees left winkey-1 as Mod2+Mod4+1. (Right winkey, all by itself, comes through as Mod2+Multi_key, so it still appears unusable. Ah, well.) One thing WMPrefs *is* is a NeXT-like GNUStep application, using the GNUStep toolkit. There's not a lot of these apps, the somewhat broken filesystem browser fsviewer is one of them. In the case of WMPrefs v. wmakerconf, I find WMPref's interface cleaner. Fair enough. WPrefs does look a lot cleaner and a lot nicer. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: water, water everywhere, but not a drop to drink.
On Wed, Apr 11, 2001 at 07:04:14AM -0400, Noah L. Meyerhans wrote: Are there any decent SSL telnet clients for non Unix platforms? None that I'm aware of, but telnet-ssl and telnetd-ssl fall back to plaintext if the other end doesn't support encryption. If you've gotta have your telnet, this makes them an ideal solution, but if you're paranoid, it's a killer - I removed telnetd-ssl when I discovered this because I couldn't find a way to turn the fallback behaviour off. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: water, water everywhere, but not a drop to drink.
On Wed, Apr 11, 2001 at 08:41:09AM -0400, Kevin Stokes wrote: I don't think it is. How many copies of Redhat, Suse and the others were sold in the last two years? How many copies of Debian were downloaded by newbies in the last two years? Total those up and call it N. Of those N, how many are running Linux today? I'll bet it is less than N/10, and could be as low as N/100. Or it could be as high as N * 10. Don't forget that linux fanatics tend to be just that: fanatics. In the last month, I've downloaded one Debian CD image, installed it on 4 boxes, kept one for myself, set up one as a server, and passed the other two on to people who know nothing about linux. By the end of the year (although the end of next year is more realistic), I intend to have used that same CD to set up somewhere around 100 more Debian boxes and place them in the hands of people who know little-to-nothing about computers. Those users who already have linux boxes have very little difficulty with them. IMO, part of the problem you're encountering is that _using_ linux isn't really any tougher than using windows, but you're looking for user-level documentation on admin-level tasks. I'll readily admit that it doesn't really exist - and I'm not sure that it should. Another message has commented on how useless the windows help system is for anything outside the average user experience. In other words, all that user-level documentation sucks if you try to get admin-level information out of it. This is essentially a manifestation of the rule I discovered when I first encountered Visual Basic: The vast majority of the time, putting effort into making a tool easy to use for a specific task makes it correspondingly more difficult to use for anything the designer didn't foresee. (I suppose the converse comes into play here also: A general-purpose tool (such as most *nix commands) tends to be more difficult to use.) 1.) I assume most of the Linux community would like to see Linux be the dominant OS in the world, and think it deserves this. Personally, I'm mainly concerned about being able to use linux (or something else unixy) myself. From there, it follows that I don't really care what the rest of the world uses. If I want others to let me choose my own OS, I should let them choose theirs also. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: How do you broadcast a message?
On Wed, Apr 11, 2001 at 01:05:28PM -0500, William Jensen wrote: When you issue the reboot command the system does a system wide message saying the machine is rebooting NOW. How would I send a message to all the people that are on the system? I assume this would need to be done as root? man wall -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: URGENT! help w/ Linux@work
On Mon, Apr 09, 2001 at 04:24:00PM -0600, Cameron Matheson wrote: I just finished installing Debian 2.2r2 at work (boss gave me permission), but I don't know how to get the net working through a gateway. We have a linux server (192.168.0.1). I added it to the /etc/network/interfaces file (as the gateway), but when I try to apt-get w/ http (for dist-upgrade), it can't connect to any servers. Lynx doesn't work either. What else do I have to do? Please help, as I'm trying to make Linux look as good as it is. First off, ping the gateway, just to be sure that eth0 is able to communicate with it. I'm going to assume that this works. Next, do a `route -n` like everyone else has said, and make sure that there's a line that says 0.0.0.0 gateway's IP 0.0.0.0 UG0 00 eth0 I'm going to assume this is correct also. (Even if it wasn't to start with, I'm sure you've fixed it by now.) Now the detail that I haven't seen mentioned yet: If you can ping the gateway and it's set up as your default route, but it still doesn't work, then it's probably not just a gateway, it's also a firewall and it's blocking traffic on port 80. If this is the case, you'll have to find out what port the HTTP proxy is listening on and tell your browser(s) about it. For apt, you can `export http_proxy=http://host IP:host port/` or add Acquire::http::Proxy http://host IP:host port/; to /etc/apt/apt.conf. If the firewall is running squid as the proxy, then it's probably on port 3128, but you should check with your admins anyhow, just so they know in advance that you're going to be accessing the proxy. -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: sources.list
On Sat, Apr 07, 2001 at 09:22:52PM -0500, will trillich wrote: On Fri, Apr 06, 2001 at 05:17:58PM -0500, Stephen E. Hargrove wrote: deb http://http.us.debian.org/debian woody main contrib non-free deb http://http.us.debian.org/debian potato main contrib non-free ooh. that sets my teeth on edge. you should pick WHICH you want (potato = well-tested, solid, STABLE; woody = avant-garde, tinkerings, incoming, new, probably works) and stay with that distribution. More significantly, I suspect that the potato line above is entirely superfluous. When apt goes to install something, it grabs the most recent version available, based on version number. Testing is always at least as recent as (and usually more recent than) stable, so I suspect that the above configuration is effectively equivalent to listing only woody, except that it makes you download more package listings. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: MTA security
On Sat, Apr 07, 2001 at 12:28:37PM +0530, Raghavendra Bhat wrote: Dave Sherohman posts: I'd like to go with exim, but I'm not entirely convinced that it would be a good choice for functionality and security. What is the exact reason for not being convinced about exim ? Primarily lack of popularity. I've never heard anyone other than Debian advocate it's use and it's possible that there may be a reason for that. OTOH, I've never heard anyone say anything particularly bad about it either. Go ahead but before that read Yann Golanski's papers on setting up exim for catering to over 3 million users'. Link up from here http://www.kierun.org/academic/ I'll give it a read. Thanks! -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Unstable ?
On Sat, Apr 07, 2001 at 05:04:43PM -0500, Stephen E. Hargrove wrote: Those of you running woody, what version of zlibg1 are you running? 1.1.3-12 I'd appreciate any advise that anyone can give me. Point a browser at debian.org. Click on Debian packages and search for zlib1g in the testing distribution. Download the deb. Use dpkg -i package to manually install it. (dpkg will whine about downgrading the package, but it will comply.) -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
MTA security
From a security standpoint, how does exim compare to sendmail? What about postfix? It appears that exim is Debian's default MTA, which is why I've run it before and it's what I'm most familiar with. Now I've inherited a network with several sendmail installations. I wouldn't consider arbitrarily changing MTAs just for the sake of changing them, but I'm going to be moving the servers onto new hardware, which brings up the question of whether to reinstall sendmail on the new boxes or put in something else. I'd like to go with exim, but I'm not entirely convinced that it would be a good choice for functionality and security. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: installed program as only run as su
On Mon, Apr 02, 2001 at 02:50:34PM +0100, JACKSON, DEAN wrote: what command do i have to run to make it so all users can run it especially dean? Hard to say without knowing what the program does. It may need to run with elevated privileges (in which case you probably don't want normal users running it anyhow), it may try to modify files owned by other users (again, if this is the case, it's likely to be a Good Thing that it doesn't work), or there could just be some incorrect ownership/permission settings somewhere. Also, what error do you get when you try to run it? chmod -R 755 /home/dean springs to mind but don't want to try it till i get confirmation (newbie who doesnt want to break his system) That command probably wouldn't break your system, but you really don't want to use it. Life is much more pleasant when the OS doesn't think that all of your data files are executable. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Log oddness
Has anything strange been happening in testing/woody's logging facilities lately? In the last week, one of my machines has two days where the archived syslog is completely empty (not even a --MARK--) and this morning I found a warning that auth.log was smaller than it had been the last time it was checked. I'm inclined to think that someone managed to break into this system, but first I want to check on whether there are any alternate explanations which won't require me to wipe the drive and reinstall. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: mp3 encoding
On Sun, Apr 01, 2001 at 10:00:58AM +0200, Robert Voigt wrote: If you don't care about mp3 (what's abcde?) A Better CD Encoder, the program formerly known as cdgrab. Debian's abcde package will, incidentally, encode to ogg in preference to mp3 if the vorbis encoding package (vorbis-tools?) is installed. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: mount a mounted filesystem
On Fri, Mar 30, 2001 at 12:50:31AM -0800, Karsten M. Self wrote: I'm not familiar with NFS, but believe that an export will not traverse filesystems. If you think about it, this is a good thing. You are correct and it is absolutely a Good Thing for reasons other than the situation you brought up. If an NFS-mounted filesystem could be reexported, the original server (where the fs physically resides) would lose the ability to restrict which clients could mount it. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Linux Virus
On Wed, Mar 28, 2001 at 10:19:10PM -0500, Ben Collins wrote: Anyone can do that. I can write a C program and send it to you that emails me /etc/passwd and /etc/shadow. You still have to be dumb enough to execute it. That's not a virus, that's social trickery. Now, if it emails itself (and remember with Linux there are several dozen email programs, so finding the right address book format is pretty hard), then it is viral, sort of, since you still have to manually execute it. Based on my reading of the relevant news stories, this thing looks like a true virus in the old sense of the term: it infects other files and uses them to spread itself. Although I don't expect it to get very far, this sort of thing is potentially far more serious than the Outlook macro worms that everyone is calling viruses these days. An old-style virus only requires one person to be stupid enough to run it and then it hides pretty well; a macro worm requires every victim to be stupid enough to either run it manually or use a piece of software (Outlook, outdated BIND, whatever) which allows it to execute without user intervention. For instance, I could write a program, let's call it my_virus, which infects all files in the current directory and its parent directory, as this Winux virus is described as doing. I email it all over the world and a copy happens to arrive in your sysadmin's mailbox while he's working on something in /bin. His mind is out to lunch, so he reads his mail and runs my_virus while still root. Every file in /bin and / is now infected and will infect other files. A week later, you rebuild your pet C project, super_time_waster, and send a copy to your friend. You think it's perfectly benign - you have the source, so how could it be a trojan, right? And /bin/ls tells you it's the version you just buit 5 minutes ago. Too bad that /bin/ls just infected everything in the directory (including super_time_waster) as it told you that... (Worse, after the next reboot, you'll be running an infected kernel, assuming it's at (or symlinked from) /vmlinuz. Depending on the virus's structure, this could make your system unbootable or rapidly infect every executable file on the system.) Then your friend, of course, runs super_time_waster, confident in its authenticity, and infects all of his files. Without a copy of the original my_virus executable going anywhere near his system. I hate to disagree with you Ben, but that's about as viral as it gets. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: why does it use swap?
On Wed, Mar 28, 2001 at 12:14:33PM -0500, Noah L. Meyerhans wrote: I guess that kind of makes sense. If the kernel ever needs to access the swapped pages, it's got them cached so it can do it quickly. But if it ever needs a whole lot of RAM for something else¸ it can merely re-allocate that cache. That way the swapped data will still be swapped. Of course, as to the question about *why* all those pages got swapped out to begin with is one that I can't answer. But you already answered the question... If a page looks unlikely to be used in the near future and there's spare CPU and I/O bandwidth available, there's no reason not to swap it to cache. If it's needed, the cost of restoring it from cached swap is approximately 0 (potentially on the order of only a few CPU cycles, depending on how this is organized) and if there's something better to do with the memory, the cache can be flushed similarly quickly. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Linux in the company
On Mon, Mar 26, 2001 at 03:20:12PM +0100, Gregor Kaleta wrote: Does somebody use Linux professional in the company? If yes, which Distribution? Does Debian be used also in the professional area or is the first election RedHat Linux? I sysadmin for a manufacturing plant running mostly off Linux boxes. Currently, they're mostly Debian on the servers and Red Hat on the workstations, but we're in the process of developing a plan to standardize everything on Debian. It'll be a bit more work to install Debian on new machines rather than using pre-installed Red Hat, but the lower problem rates I've experienced with Debian will make it more than worthwhile. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: bind worm
On Fri, Mar 23, 2001 at 06:17:07PM -0500, Hall Stevenson wrote: I do run unstable, but apt-cache show bind reports this (irrelevant parts snipped): Package: bind Version: 1:8.2.3-4 Package: bind Version: 1:8.2.3-0.potato.1 Right - 1:8.2.3-4 is available from the main stable archive and 1:8.2.3-0.potato.1 is available from the security archive. `apt-cache show` tells you what's available, `dpkg -s` tells you what you have installed. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: Security: Compromised?
On Wed, Mar 21, 2001 at 07:39:18PM +0100, William Leese wrote: to me, this doesn't look good. half of these services i know i do not have installed, neither do they show up on a ps aux. I'm running tcpwrappers and portsentry, could this have something to do with it? Yes. portsentry listens on many ports (including all unused but 'interesting' ones) and reports on attempts to connect to them. If you're running portsentry and want to see what ports are meaningfully open on the box, you have to temporarily shut down portsentry while the scan is performed. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
GIMP and page geometry
Is there any way to adjust page geometry in the GIMP? I'm using the current GIMP from testing with CUPS and a remote Epson Stylus Color 880. I've set GIMP to use the Stylus 800 driver, and it mostly works, but GIMP offsets the page down by about half an inch. This produces an extra half inch of margin at the top of the page (which isn't all _that_ big of a deal) and the bottom half inch of the image prints at the top of a second page (which is really annoying). And the portion on the second page prints half an inch above the top of the first page's printed area, so it looks like GIMP is getting the correct height for the printable area, it just has the wrong starting point for it. Any suggestions on how to fix this or which FM to read? -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: NIC identification
On Fri, Mar 16, 2001 at 12:52:54PM -0500, Hall Stevenson wrote: The NIC is likely a PCI device even when it's integrated into the MB. So, try cat /proc/pci and look for an ethernet controller line. It will probably give you the chipset it uses which is usually a pretty good starting point. I am really growing to hate this machine... hudson:~# cat /proc/pci cat: /proc/pci: No such file or directory /proc/bus/pci is there and contains two files (00 and 01), but they're binary data. The kernel is 2.2.12, which should support /proc/pci, IIRC. (Yeah, I know... I really should be using a potato CD, but slink is all I had handy.) -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: NIC identification
On Mon, Mar 19, 2001 at 10:06:28AM -0500, Hall Stevenson wrote: /proc/bus/pci is there and contains two files (00 and 01), but they're binary data. The kernel is 2.2.12, which should support I'm not familiar with devfs at all, but are you using it, by chance ?? Nope. It's a 2.2.12 kernel and devfs wasn't introduced until 2.4. (And with the problems I've seen other people here having with it, I'm not real interested in trying devfs any time soon.) Also, I believe the /proc filesystem is a kernel option. You may not have it enabled. /proc is there, it just doesn't include a pci (pseudo-)file/dir. Looks like I'll have to wade through Dell's site to find the info. -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+
Re: NIC identification
On Mon, Mar 19, 2001 at 11:43:47AM -0600, Keith G. Murphy wrote: I concur, and add that if it just *happens* to be an Optiplex GX1, it's probably a 3Com 3c905B-TX. There is a Linux driver for that, 3c59x by name. Optiplex GX100. According to one of the Dell discussion forums, it's a 3c920, which is supposed to be fully compatible with the 3c905c. I'm guessing that either it's a bad NIC or (much more likely) the CD I'm using is a bit too old, as the 3c59x driver refuses to load for me. Time to make some floppies and see if the current driver likes it... -- Linux will do for applications what the Internet did for networks. - IBM, Peace, Love, and Linux Geek Code 3.1: GCS d? s+: a- C++ UL++$ P+ L+++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI D G e* h+ r y+