Re: Potato ipchains for dummies?
Dear On Wed, Aug 16, 2000 at 09:42:00PM -0700, Brendan Van Horn wrote: > Greetings! I have recently started using Debian and have just updated to > I have been reading HOWTOs and such and I think I have an idea of how to > fix it. My problem is figuring out where to put the commands to configure > ipchains for masquerading. Is there a guide or some docs about how to set > this stuff up? Everything I've found talks about configuring it with > RedHat or Slackware and the filenames/directories don't seem to match up. > I recommend you to install mason package. That is firewall configuration tool. See its configuration files, set it up, and run: mason-gui-text You can than use services which you want to allow through firewall, than save the rules, and you have full firewall system. Of course, read how mason must be used. But it is really a tool which makes things easier. It uses ipchains. Sincerely, Marko Cehaja
Re: fetchmail is eating my mail
Dear friend, On Wed, Aug 16, 2000 at 10:11:22PM -0400, Richard E. Hawkins wrote: > > # Configuration created Wed Aug 16 21:55:01 2000 by fetchmailconf > set postmaster "hawk" > set bouncemail > set properties "" > set daemon 2 > poll email.psu.edu with proto POP3 >user reh18 there with password [censored] is hawk here options > mimedecode warnings 3600 > smtphost smtp.psu.edu > > I'm [EMAIL PROTECTED], but hawk on the local machine. I'm not seeing > anything wrong here. Just to let you know what I have in my fetchmailrc: set postmaster "marko" set properties "" poll pop.mail.yahoo.com with proto POP3 user $username there with password $somepassword is $username here And it works. Maybe you see some differences. Sincerely, Marko Cehaja
Re: iBCS for 2.0.38 kernel
Dear On Tue, Aug 15, 2000 at 02:15:17PM +0200, Gerjan Teselink wrote: > fix it manualy.. And there are kernel binary's for 2.0.33-35 but not for > 2.0.36-38 > Thank take the sources of iBCS for slink, take your kernel 2.0.38 or whatever as sources, and compile it. Please note my previous message about that as well. Sincerely, Marko Cehaja
Re: isdn to modem
Dear On Wed, Aug 16, 2000 at 04:06:08PM +0200, Thorsten Jaecks wrote: > i am currently using debian 2.1 as a mail and www-server for my network at > home. > because i move from germany to france next week, i have to change from ISDN > to a MODEM-connection. > > can anybody tell me how to change things without destroying the existing > isdn-configuration > (for when i come back next year)? i also have to know which data to backup > for this... Because ISDN connection and MODEM connection uses different programs (pppd and ipppd), you just need to set up your modem connection with: pppconfig and turn it on with: pon, to turn it off: poff. The only thing you should maybe change is to remove the isdnutils and isdn dialing from your standard run-level. You do it by using update-rc.d I think. There are also scripts in ip-up.d and ip-down.d in /etc/ppp. If some of them were important to you, you should change them to use ppp. But I think that would go automatically anyway. Sincerely, Marko Cehaja
Re: OFFTOPIC connection attempts to napster port
Dear On Wed, Aug 16, 2000 at 03:19:21AM +, Pollywog wrote: > Today, I have been seeing many (10 or so today) attempts to connect to my > napster port (6699). What could that be about? Could it be people trying to > make sure napster is really shut down? I have never run a napster server. Do you have dynamic IP? If so, someone taught that computer which had it before you was still available. Sincerely, Marko Cehaja
Re: Web browsers for Linux (was: Re: Netscape Bus Error)
Dear On Wed, Aug 16, 2000 at 08:04:09AM -0700, [EMAIL PROTECTED] wrote: > > Are there any graphical browsers that will run on the console and render > to framebuffer or GGI, and currently work fairly well? I remember hearing > about one, but don't remember the name, and I recall at the time it was > in alpha/developmental stage. I know of one browser which works in console by using the SuperVGA. It doesn't require X Window System. The browser is Arachne, and it is in development still, but as I have seen it, it works pretty good and stable. It is also pretty fast. But it is not free. You can probably find it at http://www.browsers.org, but I am not sure. If not try at download.com Sincerely, Marko Cehaja
Re: Bandwidth Usage Check-out
Dear I don't know for general bandwidth, I heard just there is some kernel module which can meassure that. For Apache I know there is mod_throttle, which can meassure per user or virtual host the bandwidth. It just needs to be enabled in Apache conf file. Other modules to meassure bandwidth can be found on http://modules.apache.org but I am not sure for the URL that works. Sincerely, Marko Cehaja
Re: iBCS for 2.0.38 kernel
Dear On Tue, Aug 15, 2000 at 08:02:44AM +0200, Gerjan Teselink wrote: > Hi, > > Does someone already made debian packages from iBCS for the 2.0.38 kernel? I > started to look for it but i couldn't find it. In Potato there are packages ibcs-base and ibcs-source, 2 of them. One is for 2.0 kernel and one is for 2.2 kernels. Search for them by using the command: apt-cache search ibcs That will give you exact names of packages. If you don't use potato, you probably can find it in the search engine for packages on http://www.debian.org Sincerely, Marko Cehaja
Re: Protecting single files via .htaccess ?
Dear On Mon, Aug 14, 2000 at 08:00:14AM -0400, [EMAIL PROTECTED] wrote: > as this is the debian mailing list ad not theapache list you might have > better luck reading throught the extensive online documentation for > apahce and othere apache related user groups and forums. but to answer > your question look at this: > http://www.apache.org/docs/mod/core.html#location i beleive you can > specifythe URL to the file you wish to protect and > http://www.apache.org/docs/mod/core.html#files That is right, there is documentation for Apache. But you can't say this is Debian list, bla bla bla. This is Debian list, but here come all kind of questions regarding software in Debian. And it is totally valid to ask that. Sincerely, Marko Cehaja
Re: Internet only for root
Dear On Sun, Aug 13, 2000 at 09:25:51PM -, Ronald Castillo wrote: > Greetings... I would like to know how to give internet access to all normal > users, because when I connect only root has the access, and netscape doesn't > roon as root, so I'm having a pretty big problem... > > Thanks. > > Ronald Hmm, Netscape should run for normal users. You have to put normal user into the group for pppd. I don't know which group it is, but I suppose it is dip. Do: adduser nameofuser dip Maybe it is group dialout, see to what group belongs the pppd with ls -l /usr/sbin/ppp* Sincerely, Marko Cehaja
Re: fetchmail configuration
Dear On Sun, Aug 13, 2000 at 08:22:47PM -0400, S.Salman Ahmed wrote: > > Normally, fetchmail displays the following output when I invoke it from > the command line in a terminal window: > > 5 messages for user at mail.isp.com (11495 octets). > reading message 1 of 5 (3031 octets) .. flushed > > Is it possible to include in the above output, the sender of the message > ? In other words, I'd like to be able tell fetchmail to also display the > "From:" field of each message so I can quickly decide whether or not to > open my email client if there isn't an important message or a message > from an important sender. hmm, just run fetchmail -v -d0 and see. But that is not the way to check that. You should rather check program procmail and configure it to tell you or bell you or play a song, when you get message from someone you expect. Sincerely, Marko Cehaja
Re: Problem with potato
Dear On Mon, Aug 14, 2000 at 08:46:41AM +0930, John Pearson wrote: > > > > DEBUG: Pages 0: Changed 0, Reapped 0, Empty 0, > > New 0; Tup 0: Vac 0, Keep/VTL 0/0, Crash 0, UnUsed 0, MinLen 0, MaxLen 0; > > Re-using: Free/Avail. Space 0/0; EndEmpty/Avail. Pages 0/0. Elapsed 0/0 > > sec. > this is fixed by setting > PGDEBUG=0 > (or, for that matter, PGDEBUG=anything). Hmm, I found finally how to turn that off in potato as well. When I looked in the file /etc/postgresql/postmaster.init there were lines like: # Debugging level at which the backend servers are to operate. # 1: trace connection traffic only; >=2: turn on debugging in the backends # giving more information according to the debug level. Debug logs are # sent to $POSTGRES_LOG # PGDEBUG=0 # Whether to echo queries to the debug log: yes/no # PGECHO=no Well those lines were commented, and I just had to uncomment them. I tought that was default. But it isn't. Sincerely, Marko Cehaja
Somebody knows why .Xmodmap is not loaded?
I just changed LC_CTYPE to proper locale coding, and my HOME/.Xmodmap is not being loaded any more. Maybe it is, but I don't get any more my keyboard mapping like it was. Does LC_CTYPE changes the keyboard mapping and how I can prevent that? I use keyboard which is not set up for that locale I use, but I do write with this keyboard foreign languages, because I changed mapping of keys in .Xmodmap. Somebody any clue how to prevent .Xmodmap changes when locale is set up? Sincerely, Marko Cehaja
Re: Problem with potato
Dear On Sun, Aug 13, 2000 at 05:34:41PM +0200, Marko Cehaja wrote: > Dear > > happening, and I have the same. > > I looked into configuration files of PostgreSQL and debug is turned off. > I can however imagine that it is some kind of message which also goes > through syslogd. I quote now myself. EHm, I found what it is. When postmaster program is started, it is started without the option -S to be silent and don't talk to the original tty, which is in this case tty1. If you run your postmaster with the option -S it would not write debugging information on its tty1. But I cannot find clearly where to change that behaviour. Probably in /etc/postgresql somewhere. Anyway, I need it, so I don't search for that. Sincerely, Marko Cehaja
Re: Problem with potato
Dear On Sun, Aug 13, 2000 at 10:23:41AM -0400, Brian Schramm wrote: > I just got through installing Potato on my HP Pavilion 133 computer with > 80 meg of ram and a 8gig HD. > > When I come back to it from letting it sit idle for about 8 hours this is > on the tty1 screen: > > DEBUG: Pages 0: Changed 0, Reapped 0, Empty 0, > New 0; Tup 0: Vac 0, Keep/VTL 0/0, Crash 0, UnUsed 0, MinLen 0, MaxLen 0; > Re-using: Free/Avail. Space 0/0; EndEmpty/Avail. Pages 0/0. Elapsed 0/0 > sec. > DEBUG: > --Relation pg_rewrite-- That is because you have PostgreSQL installed. But I don't see why it is happening, and I have the same. I looked into configuration files of PostgreSQL and debug is turned off. I can however imagine that it is some kind of message which also goes through syslogd. Sincerely, Marko Cehaja
Re: Printing w/an Epson Stylus 850
Dear On Sat, Aug 12, 2000 at 09:10:00PM -0400, John Anderson wrote: > I was wondering if anyone is using an Epson Stylus 850, and at what > settings you've been successful with. I downloaded Apsfilter which > printed a good test page, but I was unable to print it out in Mozilla > using the standard lpr command. Is there something I did wrong? Should I Instead of aps, I use magicfilter. There is also magicfilterconfig program which offer you nice console interface to choose one of printers. See in your handbook which printers are compatible with that model. There is stylus color 720dpi, but you have to check what you need. It can also be that when you print out of Mozilla, that it must create postscript file, but maybe you don't have postscript installed. See what the package apsfilter recommends you to install and install if that is the case. Sincerely, Marko Cehaaj
Re: Problem with swapping - computer crash.
Dear > > I would like to know that. Must it be that system crashes or that > > it denies every use of my computer? > > At first, nothing. But when a daemon or other running program tries to malloc > some memory, will die horribly because 'memory exhausted' errors are fatal > ones, > and the program can do nothing but exit. And when this happens to vital > programs > like syslogd, getty or init you don't have much choice. > One solution could be enforcing some user limits with PAM. This way only > processes owned by you will be at risk. OK. Thanks. I will limit myself properly. Yes I got those "exhausted" errors. I also have found *.emerg: * in syslog, which I think blocked all possible consoles with emergency messages like "cannot find free page" or something. So, kernel couldnt swap and starts telling me that. Now at least, I hope, next time I can get one free console and kill those big programs, before restarting. Sincerely, Marko Cehaja
Re: Problem with swapping - computer crash.
Dear On Sat, Aug 12, 2000 at 02:46:03AM -0400, Thomas J. Hamman wrote: > > There were just 4-5 programs in memory, taking about 80-100 MB, which > > are Netscape, Gimp, rxvt+mc, mutt. > > What you describe has happened to me once or twice in Linux, and I've > observed the exact same phenomenon under Windows 95 on my mom's > computer. Yes. But problem is not in Netscape taking all memory. I know that it does. I also know that cron jobs take some more memory as well. But do you know any way of keeping system stable - in the case when all memory is taken? Because I get messages probably from kernel or swap daemon, whatever, how it cannot find free page or swap it. Imagine, how it is when you switch from console 1 to console 2, and you get those messages there as well. I switch from 2 to 3, and again the whole screen is full of those messages, and then even display changes weird, and I dont see any letters normaly. Just some VGA changed mode, but all fonts are somehow deleted. Well that is perfect Denial of Service attack, from my own computer. Do you know any other solution to at least get some free console to do something - instead of resetting the computer. It brings my memories from Win times. Sincerely, Marko Cehaja
Re: Problem with swapping - computer crash.
Dear On Fri, Aug 11, 2000 at 11:43:37PM -0700, [EMAIL PROTECTED] wrote: > I can't speak for the others, but its good to restart netscape at least 2 > or 3 times a day if you only have 128MB. Yes. I noticed that. But I cannot control easy *when* to restart the netscape without being full aware of how much memory is taking. I don't prefer manual control of that. > marko >Usually there is no problem, but then about 5 o'clock when cron jobs > marko >start working, memory is filled up somehow, and my X becomes so slow, > marko >that I cannot switch to console any more to kill some programs. > > Are these system cron jobs or are they cron jobs you set? 5AM ? Yes, those are system crons, like locate, find and such. > could this be the locate database updating ? that takes about 30 minutes > on the average system i think. the system can drag real bad during that > time if its slow. Yes it is. But I hoped to find a way, that system stays stable after htat. Even when Netscape is taking ALL the memory, I would like to find a way to let my system be stable. What happens by default when all memory and swap file is exhausted? I would like to know that. Must it be that system crashes or that it denies every use of my computer? > you shouldn't have to "free" swap. but in your case i would for sure add > more swap, and even better to add more ram, it is good practice to have 3 Even then. What is supposed to happen when all RAM is exhausted? Sincerely, Marko Cehaja
Re: Installing Debian on 486
Dear On Sat, Aug 12, 2000 at 01:42:18PM -0400, Daniel Stehm wrote: > Hey guys, having a problem here. I have a 486, 12 megs of RAM, 480 megs on > hard-drive, floppy (3 1/2), and a (gasp) 5 1/2 drive. I want to get ANY > linux distro on it that I can, (wishing for debian) I dont care too much Go to http://www.debian.org, read the installation instructions and install slink from floppies. There are about 7-8 floppies. After that do the upgrade to potato, because you have 12 meg of RAM. And as I know potato needs more to be installed from floppies. But upgrade will work. Sincerely, Marko Cehaja
Re: isdn
On Sat, Aug 12, 2000 at 03:45:53PM +, Gary Jones wrote: > I'm confused. > > I have just switched from modem to isdn (a PCI AVM Fritz! card - > the 'active' one, but I can't find a model number anywhere, sorry). I > just want to be able to (manually) establish a connection to my ISP It is 27. You dont need IRQ. Sincerely, Marko Cehaja
Problem with swapping - computer crash.
I have serious problem with swap file, since I changed from potato to slink. I have 128 MB memory and have about 75 MB swap file. There were just 4-5 programs in memory, taking about 80-100 MB, which are Netscape, Gimp, rxvt+mc, mutt. Usually there is no problem, but then about 5 o'clock when cron jobs start working, memory is filled up somehow, and my X becomes so slow, that I cannot switch to console any more to kill some programs. Everything becomes so slow, and hard disk is working and working... On every single text console I get messages how it couldn't swap the memory or find the free page for that. My computer already crashed 2 times because of that, and I loose data from partitions - because not even Magic keys with SysRq work like it should be, and I cannot give halt command or ctrl-alt-del. Only the hard drive works like mad. I have seen that swap file is being filled over few days, but it doesn't free itself, when programs don't run anymore. Does somebody know how to free the swap? Or someone knows how to take some steps to ensure that used memory will not come to this death range. Sincerely, Marko Cehaja
Re: update-alt. window mangrs
Dear On Sat, Aug 12, 2000 at 01:58:00AM +, john smith wrote: > I have installed 2 window manager debian packages (sawfish,afterstep) and > one from source (blackbox) now when I go update my window manager via > update-alternatives --config, it can only see the debian packages...how do I > add the third one there? and I am also curious...accdg to the man pages When I was putting new window managers into system, I put the full path in /etc/X11/window-managers and say as root: # register-window-manager --default icewm That updates the window manager on startup with: startx. Sincerely, Marko Cehaja
Re: Lap link app
Dear On Fri, Aug 11, 2000 at 10:23:04AM -0700, Carl Winbäck wrote: > Is there any laplink app for UNIX, so I can transfer files > with my parallel cable? There is. It is called PLIP and it must be implemented in kernel, compiled or as module. You can make ethernet-like network by using the PLIP protocol. There is PLIP-HOW. Sincerely, Marko Cehaja
Re: Has Corel been violating the GPL for approx 6 months?
Dear On Fri, Aug 11, 2000 at 06:12:35AM +, Mr Smith wrote: > format which where covered by GPL. But they only supplied > them in binary only format without anything which appeared > to be a written offer of source code. They where able to > supply a t-shirt and a "nurf" style blue cube with a warning > label "not a toy" on it but no written offer of source code. Damn, you are right. So many people contributed to make the free software, and some big company like that comes over, and doesn't follow the rules nor take attention on the licence. Companies or individuals *can't* distribute binaries without sources if it is required by the licence, and they have to comply with every single point written there. If you need some help just tell me. In case of trouble I could donate something. Those "excuses" are not acceptable. Those justifing is not acceptable. I did follow some of happenings which Corel made on the beginning of the year, and I cannot agree with that. If that would be the only case, well OK, maybe one could say, they distribute it now according to policies, and that is now fine. WELL IT IS NOT DAMN FINE!!! What some company like Corel would do, if I take their Corel WhateverPaint Software of 100 MB, and distribute it around or sell it without paying royalties? They would jump and do whatever is needed to stop it. I am speaking if that would happen in the same volume as Corel does it with GNU/Linux. They would put such a pressure on third company, that nobody else would ever dare to do the same. Maybe exgagerated, but it does happen and I know many cases in Germany about that. Now, Corel is not the only company which violates the GPL. Here in Germany, the biggest national telecommunication company called Deutsche Telekom, started selling and distributing, all over the place their phone-book software on CD, which includes GTK and Glibc libraries on it, and some BSD software. They didn't supply Glibc, they didn't inform people about where to get sources of Gtk or Glibc, they didn't make object files, they didn't dinamically link it. They even have put their own licence on it, claiming that nobody else can distribute the whole package (including their own software), and that no changes nor reverse engeeniering is allowed. They didn't show the copyrights, only their own copyrights. I called the programmer, and he sent me some kind of dinamically linked software, which didn't work. I told him to make it according to the licence, and he didn't do anything - simply no answer after a while. That programming company and Deutsche Telekom Medien AG, tried to convince me how they do follow the GPL if they send me, one person, that dinamically linked software. TO HELL They are selling thousands of those CD-ROMs in every city of Germany, in many catalogs, everywhere. They use Gtk even in Windows versions (there is version for Windows) and they don't provide the licence. I know that is happening since September/November 1999, and I have informed FSF about that, but don't know what really happened. I did see the same CD in stores before couple of days, it is still on the display, and still selling it. That is f. not alright. If you consider steps against Corel just do it. If somebody wants a picture of this software from Deutsche Telekom Medien AG, I can send it. I can scan the licence as well and every average Linux user could recognize, that software is made while using the GTK - looks like all Gnome programs. But no licence on the CD, etc. Per GPL - their licence is automatically terminated. Or I can simply take that proprietary software and do with it whatever the GPL allows. I hate that. One is talking to "big" company, and they don't respond or react logically. There fore if you have or want to do something against, do it. Those issues do have something with every Linux user, if they want to stay Linux users. Sincerely, Marko Cehaja
Re: restricting user in HOME using ProFTP
Dear I think proftp has configuration files in /etc with limits to users. Sincerely, Marko Cehaja
Re: netscape security hole
Dear On Thu, Aug 10, 2000 at 04:28:22PM -0400, Mike Werner wrote: > > > And I'll ask again, why does Debian make it available off of their server, > > > already prepackaged? Why not go with an installation package as used for > > > RealPlayer? That should satisfy both the zealots and the realists. It > > > seems to have worked with RealPlayer. I think that many people do use non-free software, and that work done in that area is great. At least are those packages on Debian servers checked to be configured to work with Debian - I trust them more than packages which are available on other servers. And there are many. > I even went back and re-read it. Twice. I still don't see why the > difference between an installation package and actual packaging. I even > just now went back and read it through again. Nowhere in that Social > Contract is there anything saying why the differentiation between packaging > a supposedly non-free package and using an installation package. Debian OS consist only of Free Software. Anything else isn't Debian OS. That is also answered in Debian Policy Manual: The effort of the Debian project is to build a free operating system, but not every package we want to make accessible is free in our sense (see Debian Free Software Guidelines, below), or may be imported/exported without restrictions. Thus, the archive is split into the sections main, non-us, non-free, and contrib. The main section forms the Debian GNU/Linux distribution. Packages in the other sections are not considered as part of the Debian distribution, though we support their use, and we provide infrastructure for them (such as our bug-tracking system and mailing lists). This Debian Policy Manual applies to these packages as well. Because this "policy manual applies to these packages as well" I prefer to use non-free packages from Debian rather than non-free packages from third party. Debian is OS which consist of "Free Software". This OS gives you freedom to use "non-free software" as well. If you like it. Because many users do want to use non-free software, therefore, people work on those packages and make them available directly from Debian site, which in fact helps users to easily configure it and install it. However that doesn't help free software movement as first 4 points of the social contract. But it is a good solution for the greatest number of people. Sincerely, Marko Cehaja
Re: netscape security hole
Dear On Thu, Aug 10, 2000 at 03:52:59PM -0400, Mike Werner wrote: > > archive for this [non-free] software. The software in these > > directories is not part of the Debian system, although it has been > > configured for use with Debian. ... > > And as I said in that same other post, why not take the packages off of the > server and go with an installation package such as used for RealPlayer? If some packages can be distributed from Debian server, than they are distributed if they are in non-free. However, every single user can choose what he wants to install with configuration in sources.list. If you don't want non-free, don't put it there. Sincerely, Marko Cehaja
Re: netscape security hole
Dear friend, > > You didn't read the social contract and I consider this childish, that you > > even reply before that. > > Yes, I did. Accusing me of not reading it when you actually don't have the > slightest clue as to whether I did or not is childish. ... > > require the use of programs that don't conform to the Debian Free Software > > Guidelines. We have created "contrib" and "non-free" areas in our FTP > > archive for this software. The software in these directories is not part > > of the Debian system > > > > Can you spot that sentence "is not part of the..."? > > Uhh, gee that's a hard one. I'll guess ... the last one? > > Seems a load of double talk. If something is not part of Debian, why make > it available? Why not just stick with an installation package like is used > for RealPlayer? You see - those words lead me to the opinion that you might have read the social contract, you might be right about reading it, but you didn't understand it at all. Otherwise, you wouldn't ask why make some software available for Debian or why stick with an installation package. Please clear the words which you don't understand in social contract. > So do I. The one I use the most is Helix Gnome. Since it *did* come from > outside of Debian, I do not consider it as part of Debian. Packages that > *did* come from the Debian site I do consider part of Debian. You are free to consider whatever you like. However, the meaning of words: "Debian GNU/Linux OS" - is not the same as - server called "debian.org" > And I'll ask again, why does Debian make it available off of their server, > already prepackaged? Why not go with an installation package as used for > RealPlayer? That should satisfy both the zealots and the realists. It > seems to have worked with RealPlayer. You are really interesting and amusing. Didn't you say you have read the social contract? Hmm. Those questions are answered there. Look. There is Windoze OS. Many people make software for Windows. Does it mean it is part of Windows? If you go to Microsoft site, you can get there a lot of software. But many of that software are not part of Windoze OS. Magic words are: social-contract. Sincerely, Marko Cehaja
Re: netscape security hole
Dear On Thu, Aug 10, 2000 at 09:08:19PM +0200, Sven Burgener wrote: > On Thu, Aug 10, 2000 at 08:05:35PM +0200, Marko Cehaja wrote: > > Debian is kind of free-OS, with strong points on security as well. > > Netscape *is* packaged for Debian. Watch this: Hmm, Netscape does exist on Debian servers maybe, I didnt check it. Still - it is not Debian OS nor part of it. I know of hundreds of packages which are packaged and configured to work on Debian OS, but they aren't because of that part of Debian. It is "non-free". And now, piece. Sincerely, Marko Cehaja
Re: netscape security hole
Dear friend, On Thu, Aug 10, 2000 at 02:56:03PM -0400, Mike Werner wrote: > > > format, but written by someone else. So now I'm curious as to just what > > > it > > > takes to be considered to exist as part of Debian? > > > > Please read the Debian Social Contract policy: > > http://www.debian.org/social_contract > I went and looked at that page, and lo and behold there's a whole slew of > Netscape packages. Just like the ones I've used to install Netscape onto my > systems. Oh, wait a minute. Those *are* the packages I used. You didn't read the social contract and I consider this childish, that you even reply before that. Quote from the social contract: We acknowledge that some of our users require the use of programs that don't conform to the Debian Free Software Guidelines. We have created "contrib" and "non-free" areas in our FTP archive for this software. The software in these directories is not part of the Debian system Can you spot that sentence "is not part of the..."? It doesn't mean if you find on debian servers some software, that it immediately belongs to Debian OS. There is so much software that work on Debian and is not Debian. I hardly suggest you, that you read that social contract. > > If Netscape *would* exist in Debian, you would almost immediately find the > > security alert on Debian site, first page. > > I've received a number of recent security announcements via email > (debian-security-announce email list) that have not appeared on that page. > Seems that Security blurb there isn't very up to date. Please don't change my words. I told you if Netscape would be part of Debian OS, that would be reported. If you see something which is wrong about security, report it by yourself. > No, you don't. Netscape has been packaged for Debian, in debs, available > straight from the Debian ftp server. That pretty much meets the test for > existance in my book. Using apt-get doesn't ensure at all that you use Debian OS. I have in my /etc/apt/sources.list couple of third party references. That doesn't mean I get Debian OS. Please install the Virtual Mr. Richard Stallman on your system, the package is called vrms. Run it, and it will tell you pretty much, which packages are you running with licences which are not acceptable in Debian OS. It is not fool-proof. Netscape and hundreds of other non-free programs, aren't part of Debian. > ii netscape-base-47 4.73-19 4.73 base support for netscape > ii netscape-java-47 4.73-19 Netscape Java support for version 4.73 > > hey, wait a minute! How'd Netscape get into that list?!? It can't do that! > It's not part of Debian! Go and inform yourself what Debian is. Spare me of your irony. Sincerely, Marko Cehaja
Re: netscape security hole
Dear On Tue, Aug 08, 2000 at 05:44:45PM -0400, David Teague wrote: > > On NPR's Morning Edition they described a security hole in Netscape > versions 4.73 and earlier that allows 'infection' by access to > 'nasty' web sites. It is said to put your hard drive at risk some > way. > > I assume this is a Windows problem, BUT does anybody know what this > hole is and whether Linux is susceptible? (Probably only the user's > files would be at risk at worst.) > That is a hole in Netscape & SDK which it internally uses. What happens is simply that javascript executes (very fast and without notice) and it makes your Netscape a web-server. Your IP could be tracked down by the server where you got the javascript, and somebody else could browse through your files, and take informations. However, the hole is in the Netscape, they can't browse directories which are disabled to be readable by "others". Files could be deleted or read, if one set it up in that javascript. That hole in Netscape is not the hole in Linux or in Debian OS, because there are also other ways to intrude the system and see what is there. It is responsibility of the system administrator to ensure what kind of software does he install and if he can trust that company which made it. But anybody who has properly set up the ipchains, should be pretty much secure and imune to that. That java-web-server runs on some different port, so if you you know ports you allow to access and which services should run on those ports, even when you execute that javascript, nobody could access any of your files. The story is somewhere on /. Sincerely, Marko Cehaja
Re: Uh oh! I ruined my kernel!
Dear On Tue, Aug 08, 2000 at 03:57:18PM -0600, Cameron Matheson wrote: > Hey, > > I did a complete system upgrade yesterday (nothing in my computer is the > same as it was anymore), so I was recompiling the kernel, and I guess I > configured something wrong, cause now my computer won't boot-up. _I'm > not concerned about fixing it,_ I just want to start over, but I can't > seem to reinstall debian, because when I boot off the 2.1 CD, and I hit > 'enter' to boot, it loads the bad kernel image off my hard drive, > instead of the one on the CD. I read the help (by pressing F1-F4), and when you are on the prompt boot: from CD-ROM, you should just press ENTER. That brings you into installation menu. You can then press ALT-CTRL-F2 and use the console to repair the system. You could also from that console, simply take the standard kernel from the CD-ROM, by mounting it and installing it with dpkg. Before going to second console, ensure that you have mounted your / filesystem. Sincerely, Marko Cehaja
Re: Debian ISO
Dear On Wed, Aug 09, 2000 at 01:22:13PM -0700, Sean S. wrote: > Where do I get the ISO for Debian? I've looked all over the ftp site and > can't seem to find it. HELP!!! You get it from: http://cdimage.debian.org Sincerely, Marko Cehaja
Re: netscape security hole
Dear sorry, I wanted to post it to the list. So previous email went to you privately. On Thu, Aug 10, 2000 at 01:56:18PM -0400, Mike Werner wrote: > > > > You are wrong. apt-get is: package handling utility. It is not Debian-Linux > > installer. You can *add* any deb packages to your Debian GNU/Linux by > > using apt and its configuration files. > > > > It is still far away of that package existing in Debian Distribution. > > By your reasoning damn near *nothing* exists as part of Debian, then. How > much of the software available via apt-get is actually written by the Debian > team? Maybe 5%? The rest is software that has been *packaged* in deb > format, but written by someone else. So now I'm curious as to just what it > takes to be considered to exist as part of Debian? Please read the Debian Social Contract policy: http://www.debian.org/social_contract If you want to see which packages do exist in Debian, refer to: http://www.debian.org/distrib/packages Anything what is not there, isn't part of Debian. > > And regarding that security bug - well, ipchains and other tools do exist > > on Debian. > > But how can they exist in Debian? They weren't written by the Debian team. > They were just packaged by the Debian team, just like Netscape was. And if > Netscape doesn't exist in Debian, then ipchains can't exist either. Debian is kind of free-OS, with strong points on security as well. If Netscape *would* exist in Debian, you would almost immediately find the security alert on Debian site, first page. > > > Therefore is that bug purely in Netscape. > > This is pure pedantic twaddle. If a bug in a package that is made available > for installation by a distribution creates a security hole, then the > distribution has a security hole. If we go by your reasoning that security > holes in packages are purely a problem with that package and not with the > distribution, then a distribution can *never* be said to have a security > hole. I am not sure if you follow. Netscape isn't part of Debian. You have to get Netscape from third party company. It is up on you as system administrator to know what kind of software you install on computer anyway. Debian isn't vulnerable to that bug in Java. Sincerely, Marko Cehaja
Re: /etc/environment
Dear On Wed, Aug 09, 2000 at 03:19:13PM +0200, Wouter Hanegraaff wrote: > > The only place I found LANG=C appeared to be /etc/environment, and > changing this to LANG='' appears to have solved the problem. > > Why is LANG set to C from /etc/environment; which package puts this in? > And what does LANG=C mean to programs in general? > LANG is variable in bash. man bash has shown me that LANG is being used to set up default locale behaviour if other LC_* variables are not set. Good that you find that, now I can use mutt in iso-8859-2 mode. Really cool. However, I don't know what "C" means. Sincerely, Marko Cehaja
Re: automatic startup of programs with X
Dear On Thu, Aug 10, 2000 at 12:55:32AM +0200, Mukunda Peter Pasedach wrote: > Hello > > any effect. As I read there, .Xclient contains the command for starting > up icewm. So I guess there seems to be different way icewm is started > in debian. Could someone please point me to where that is, and where I > would have to add commands for starting programs like xbuffy, rxvt and > so on? Simply by using the .xsession script, or .xinitrc I think like this: exec icewm exec xclock & ... But I am not sure, as I don't use it anymore. Please see the: man startx It is explained there very well. Sincerely, Marko Cehaja
Re: adding to inetd
Dear On Tue, Aug 08, 2000 at 11:23:05PM +0200, Jonas Moberg wrote: > How do I add a field in inetd for ssh and proftp? and should I even be > doing this? My thought was to be able to use /etc/hosts.deny for all > applications, and perhaps portsentry or equal in the future when I get the > time to check it out. Any drawbacks of putting all services in inetd? For adding fields to inet.d and removing them, I use the: update-inet.d program. Run it alone to see how to use it. It is really easy. Sincerely, Marko Cehaja
Re: netscape security hole
Dear On Thu, Aug 10, 2000 at 10:21:44AM -0700, kmself@ix.netcom.com wrote: > > Netscape is not GNU/Linux. > > > Bollux. > > An exploit which leaves your system open to unauthorized data access > for any arbitrary files would certainly make Linux, or any other > operating system it afflicted, vulnerable. > > You would be correct in stating that the vulnerability isn't one > specific to the operating system, or a fault of the OS itself. > > Security is a weakest-link problem -- any compromise at systems, > software, network, physical, or social layers can leave a system > vulnerable. Well, if you do run Netscape - you are making your system unsecure. It is up on system administrator to run safe software. Your first sentence is right only if that system administrator isn't responsible enough. Well, you can install more unsafe software on your computer if you like, and tell others how "Linux" is vulnerable because of that. By the way, Netscape doesn't exist in Debian. Sincerely, Marko Cehaja
Re: netscape security hole
Hi, On Tue, Aug 08, 2000 at 06:11:30PM -0500, Phil Brutsche wrote: > Yes, Linux is vulnerable. The 'virus' in question is a Java applet what > exploits bugs in Netscape's Java implementation. To say that Linux is vulnerable because Netscape has holes in not quite correct. Netscape is not GNU/Linux. Sincerely, Marko Cehaja
Re: Corel Linux--your opinions pls
Why Corel when you have Debian? Corel is based on Debian, but not at all good like it. > Hi all > > Any one have an opinion, good or bad, re: Corel Linux? > Marko
Re: silencing modem
After I have set up the internet connection, I changed the file /etc/chatscripts/provider (or whatever there is) from ABORT BUSY ABORT "NO CARRIER" ABORT VOICE ABORT "NO DIALTONE" ABORT "NO ANSWER" "" ATZ < This line to -->"" ATM0LO OK ATDT010110191501 CONNECT \d\c But that is not completely proper solution. It works because my modem is always on. It never resets the modem, if I want I would reset it by turning it off and on. But I suppose, that pppconfig program would accept something like ^M sign and so to make it possible to accepte configuration for modem like ATZ^MATM0L0 when you configure the pon connection with pppconfig. ^M should stand for carriage return. You get it by typing ^, space and M. Marko
Re: [*] how to install LyX
The libforms 88 can be downloaded from Debian site. Use the apt method in dselect, go in Selection, type "/" and "libform", type "+", go out, and choose "Install". Marko repl: bad addresses: @murphy.debian.org, "[EMAIL PROTECTED] " <[EMAIL PROTECTED]> -- no sub-domain in domain-part of address (<)
X crashes when moving mouse
I have Slink 2.1. When I start X, either via XDM or via startx, switch to konsole, switch back to X and in the same time move my mouse vigorously (or accidentaly) my X crashes. If I leave the mouse while switching to X for couple of seconds, everything is alright. I have ps/2 mouse and it works fine. The crash comes when switching to X and in the same time trying to move the mouse (which doesn't move on the screen for couple of seconds). What is this and how to get rid of this? This makes my work very unsecure, as it has a big risk to crash my applications, if I start using X immediately after the switch from the konsole. Marko
X-Error 'No type converter registered for "String" to "Bitmap"'
I reall need help for this: I have standard Debian GNU/Linux (Slink) 2.1. Since I have installed it (I tried to reinstall 3 times to get rid of it), I get following error in couple of X applications: No type converter registered for "String" to "Bitmap" conversion. This shows when I run xscreensaver on the screen, when I run gv or ghostscript (that's why it is annoying, for every printing-preview), and when I run couple of other X applications. Basically, every screen saver gives this error to the STERR and other X applications. Now, how to solve this? Or, how to "register" the type converter? Marko
"warning: no type converter regist. for string to bitmap???
I get that message ALWAYS when running gs or xscreensaver, and some other X programs. It is very annoying when previewing my documents with gv or gs. I have Debian 2.1 slink, official release, properly installed, and this appears with standard X and the newest X version. Does someone know how to debug or set this up? Marko
LateX/TeX problems on slink. tex.fmt missing???
Does somebody know how to set up tex/latex system on slink? While doing simple configurations I always get errors like tex.fmt not found or latex.fmt not found. So I can't convert *.tex files via latex nor use LyX. I tried with FAQ suggestions to create tex.fmt and it didn't work. Who has experienced similar problem regarding the configuration of tex/latex on slink? Please help it is very important for me to have running latex on my system. Marko
