NVIDIA Quadro FX 3450: 1920x1200 ???

[Michael D Schleif]

I recently acquired an hp xw9300, dual opteron workstation, including
the subject video card.  Additionally, after setting that up with a crt
at 1280x1024, I acquired an hp l2335, wide screen lcd, capable of
1920x1200 resolution -- but, my problem is displaying at that
resolution.

OSD on the lcd shows 1920x1200 ; but, kde control center / peripherals /
display shows only 1280x1024 ;

I will gladly supply ALL information needed to resolve this issue --
PLEASE, ASK.  If I need to open a bug on this, please suggest that.

I am not certain what information is required.  I have googled, and
searched debian-{kde,user,x} archives -- perhaps, I do not know the best
search terms?  For lack of else, please review the following
information:

# apt-cache policy xserver-xorg-video-nv
xserver-xorg-video-nv:
  Installed: 1:1.0.1.5-2
  Candidate: 1:1.0.1.5-2
  Version table:
 *** 1:1.0.1.5-2 0
700 ftp://mirrors.kernel.org etch/main Packages
700 ftp://mirrors.kernel.org testing/main Packages
500 ftp://mirrors.kernel.org unstable/main Packages
100 /var/lib/dpkg/status


Even though the card has 256 MB memory, I can only display at 1280x1024
;

# sudo /usr/sbin/ddcprobe
vbe: VESA 3.0 detected.
oem: NVIDIA
vendor: NVIDIA Corporation
product: nv41 Board - q317_3 Chip Rev
memory: 262144kb
mode: 640x400x256
mode: 640x480x256
mode: 800x600x16
mode: 800x600x256
mode: 1024x768x16
mode: 1024x768x256
mode: 1280x1024x16
mode: 1280x1024x256
mode: 320x200x64k
mode: 320x200x16m
mode: 640x480x64k
mode: 640x480x16m
mode: 800x600x64k
mode: 800x600x16m
mode: 1024x768x64k
mode: 1024x768x16m
mode: 1280x1024x64k
mode: 1280x1024x16m
edid:
edid: 1 3
id: 2614
eisa: HWP2614
serial: 01010101
manufacture: 14 2006
input: separate sync, composite sync, sync on green, analog signal.
screensize: 50 31
gamma: 2.20
dpms: RGB, active off, suspend, standby
timing: [EMAIL PROTECTED] Hz (VGA 640x400, IBM)
timing: [EMAIL PROTECTED] Hz (VGA)
timing: [EMAIL PROTECTED] Hz (VESA)
timing: [EMAIL PROTECTED] Hz (VESA)
timing: [EMAIL PROTECTED] Hz (VESA)
timing: [EMAIL PROTECTED] Hz (VESA)
timing: [EMAIL PROTECTED] Hz (Mac II)
timing: [EMAIL PROTECTED] Hz Interlaced (8514A)
timing: [EMAIL PROTECTED] Hz (VESA)
timing: [EMAIL PROTECTED] Hz (VESA)
ctiming: [EMAIL PROTECTED]
ctiming: [EMAIL PROTECTED]
ctiming: [EMAIL PROTECTED]
ctiming: [EMAIL PROTECTED]
ctiming: [EMAIL PROTECTED]
ctiming: [EMAIL PROTECTED]
ctiming: [EMAIL PROTECTED]
ctiming: [EMAIL PROTECTED]
dtiming: [EMAIL PROTECTED]
monitorrange: 30-94, 48-85
monitorname: hp L2335


Selected snippets of /var/log/Xorg.0.log:

(II) VESA(0): Supported VESA Video Modes:
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): [EMAIL PROTECTED]
(II) VESA(0): Manufacturer's mask: 0
(II) VESA(0): Supported Future Video Modes:
(II) VESA(0): #0: hsize: 1024  vsize 768  refresh: 85  vid: 22881
(II) VESA(0): #1: hsize: 1280  vsize 960  refresh: 60  vid: 16513
(II) VESA(0): #2: hsize: 1280  vsize 1024  refresh: 60  vid: 32897
(II) VESA(0): #3: hsize: 1280  vsize 1024  refresh: 85  vid: 39297
(II) VESA(0): #4: hsize: 1600  vsize 1200  refresh: 60  vid: 16553
(II) VESA(0): #5: hsize: 1600  vsize 1200  refresh: 75  vid: 20393
(II) VESA(0): #6: hsize: 1920  vsize 1080  refresh: 60  vid: 49361
(II) VESA(0): #7: hsize: 1920  vsize 1200  refresh: 60  vid: 209
(II) VESA(0): Supported additional Video Mode:
(II) VESA(0): clock: 193.2 MHz   Image Size:  495 x 310 mm
(II) VESA(0): h_active: 1920  h_sync: 2048  h_sync_end 2256 h_blank_end 
2592 h_border: 0


(II) VESA(0): Total Memory: 4096 64KB banks (262144kB)
(WW) VESA(0): config file hsync range 30-107kHz not within DDC hsync ranges.
(II) VESA(0): Generic Monitor: Using hsync range of 30.00-107.00 kHz
(II) VESA(0): Generic Monitor: Using vrefresh value of 60.00 Hz
(II) VESA(0): Not using mode 1920x1200 (no mode of this name)
(II) VESA(0): Not using mode 1600x1200 (no mode of this name)
(II) VESA(0): Not using built-in mode 2048x1536 (width too large for 
virtual size)
(--) VESA(0): Virtual size is 1280x1024 (pitch 1280)
(**) VESA(0): *Built-in mode 1280x1024
(**) VESA(0): *Built-in mode 1024x768
(**) VESA(0): *Built-in mode 800x600
(**) VESA(0):  Built-in mode 640x480


-- 
Best Regards,

helices


signature.asc
Description: Digital signature

Re: install sarge to boot on lvm on raid5 ???

[Michael D Schleif]

* On 2005:05:07:10:08:30-0500 I, Michael D Schleif [EMAIL PROTECTED], scribed:
 I downloaded sarge-i386-1.iso on 2 May 2005.  I was happy to find
 installation options for BOTH RAID5 and LVM, right there in the disk
 partitioning menus.
 
 They weren't totally intuitive to me; but, I managed to configure LVM on
 RAID5 without any errors.
 
 Then, I came to the boot loader step.  It did NOT offer grub; rather, it
 offered to configure LILO.  Here is my problem:
 
 Where should LILO install the boot block?
 
 The first two options offered /dev/md0 -- neither of which are accepted
 by this process.  The third option (advanced) appears to allow me to
 decide; but, I do NOT know where to put this.

My research indicates a lot of changes, in this regard, since Woody;
especially in the more recent 2.6.x kernels.  I have found several
HOWTO's based on Woody, and favoring Raid0/1; and most of those were
written for Woody and 2.4.x kernels.

Where is there a HOWTO for LVM on RAID that focuses on Sarge?

Where is there a HOWTO for LVM on RAID that focuses on Raid5?

How can this be done at initial install; rather than build on one disk,
then build the Raid5 post-install?

Which is better as boot loader in this scenario, Lilo or Grub?

Is it better to leave a partition outside of the LVM?  Which partition?
Root (/)?  /boot?

Can this be done with everything on the Raid5?

Can this be done with everything on the LVM?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

install sarge to boot on lvm on raid5 ???

[Michael D Schleif]

I downloaded sarge-i386-1.iso on 2 May 2005.  I was happy to find
installation options for BOTH RAID5 and LVM, right there in the disk
partitioning menus.

They weren't totally intuitive to me; but, I managed to configure LVM on
RAID5 without any errors.

Then, I came to the boot loader step.  It did NOT offer grub; rather, it
offered to configure LILO.  Here is my problem:

Where should LILO install the boot block?

The first two options offered /dev/md0 -- neither of which are accepted
by this process.  The third option (advanced) appears to allow me to
decide; but, I do NOT know where to put this.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

mouse: kernel 2.6.6 - 2.6.8 ???

[Michael D Schleif]

What broke?  What changed?

I have been running 2.6x kernels on this legacy PPro box for most of
this year -- first kernel-image-2.6.2-1-686, then
kernel-image-2.6.6-2-686 -- without incident.

Today, the only change I made was to install these:

kernel-doc-2.6.8
kernel-headers-2.6.8-1-686
kernel-image-2.6.8-1-686

When I boot into this, the mouse cursor moves; but, is totally insane ;

It gravitates to the left side of the screen, near randomly opens menus,
and randomly selects menu items, and moves icons to different locations
on the screen -- basically, there is no chance to function normally in
KDE v3.2x.

I have disabled gpm -- no change.

# grep mouse /etc/modules
mousedev
psmouse

.From /etc/X11/XF86Config-4 :

Section InputDevice
Identifier  Configured Mouse
Driver  mouse
Option  CorePointer
Option  Device/dev/psaux
Option  Protocol  ImPS/2
Option  Emulate3Buttons   true
Option  ZAxisMapping  4 5
EndSection

Section InputDevice
Identifier  Generic Mouse
Driver  mouse
Option  SendCoreEventstrue
#   Option  Device/dev/input/mice
Option  Device/dev/psaux
Option  Protocol  ImPS/2
Option  Emulate3Buttons   true
Option  ZAxisMapping  4 5
EndSection

Which brings up another question: How do I get a /dev/input/ ???

This box has been upgraded since Slink, and it has *no* /dev/input/ ;

Anyway, what ought I to check?  I have googled, and scoured debian
archives.  Mine is not any of the slew of mouse problems that I have
found there.  Reverting to kernel-image-2.6.6-2-686 -- the mouse is
working as expected.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

NFS file copy vs. snort ???

[Michael D Schleif]

One of my main systems is connected to several NFS v3 servers; and, this
box also runs snort.

Copies, like the following examples, are excruciatingly slo-o-o-o-w-w-w,
especially when the file is large (e.g., 250 MiB.)

cp -a /remote/tmp/* .
cp -a * /remote/tmp/

By `slow', I mean in the two-digit kbps ;

I do not find anything interesting in `vmstat', nor in
/var/log/{kern.log,messages,syslog}, nor is snort logging anything, in
this regard.

My first clue was noticing snort in `top' alternating in the top 2 or 3
positions.  Stopping snort on *both* ends of the connection results in file
transfers that meet my expectations.

What is going on with this?

How can I configure snort to *not* interfere with NFS?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

cdrdao: cue sheet variants ???

[Michael D Schleif]

I have googled, and I have searched the sourceforge archives; but, I do
not see a solution to my problem.  Please, can you help me?

I have a three (3) CD SHN distribution.  Other people have successfully
burned all three CD's without incident, with other software.  I have
successfully burned CD1; but, CD2 gives me this:

# sudo cdrdao simulate -n --overburn -v 9 CD2.toc 
Cdrdao version 1.1.9 - (C) Andreas Mueller [EMAIL PROTECTED]
  SCSI interface library - (C) Joerg Schilling
  Paranoia DAE library - (C) Monty

Check http://cdrdao.sourceforge.net/drives.html#dt for current driver tables.

SCSI: max DMA: 64512
Using libscg version 'schily-0.8'
Using libscg transport code version 'schily-scsi-linux-sg.c-1.83'

/dev/cdrecorder: HP CD-Writer+ 9200 Rev: 1.0e
Reading driver table from file /usr/share/cdrdao/drivers.
Found 315 valid driver table entries.
Using driver: Generic SCSI-3/MMC - Version 2.0 (options 0x0010)

Burning entire 79 mins disc.
WARNING: Length of toc (83:27:58, 375583 blocks) exceeds capacity of CD-R 
(79:57:74, 359849 blocks).
WARNING: Ignored because of option '--overburn'.
WARNING: Some drives may fail to record this toc.
Starting write simulation at speed 8...
Process can be aborted with QUIT signal (usually CTRL-\).
Lead-in start: 97:34:22 length: 10928
Lead-out length: 6750
Using pthread POSIX real time scheduling.
Swap: 1
Using pthread POSIX real time scheduling.
Buffer filled
Memory locked
Waiting for reader process
Awaken, will start writing
Multi session mode: 0
Data block type: 0
Session format: 0
Toc type: 0x0
Drive accepted write parameter mode page variant 0.
Track is Blank, Next Writable Address is valid
NWA: 0

Cue Sheet (variant 0):
CTL/  TNO  INDEX  DATA  SCMS  MIN  SEC  FRAME
ADR   FORM
010000 0100   00   00   00
010100 0000   00   00   00
010101 0000   00   02   00
010201 0000   03   08   43
010301 0000   09   30   20
010401 0000   18   14   60
010501 0000   31   55   48
010601 0000   36   52   46
010701 0000   40   45   59
010801 0000   44   13   45
010901 0000   52   04   34
010a01 0000   59   24   64
010b01 0000   63   25   69
010c01 0000   75   32   04
010d01 0000   79   53   55
01aa01 0100   83   29   58

Cue Sheet (variant 1):
CTL/  TNO  INDEX  DATA  SCMS  MIN  SEC  FRAME
ADR   FORM
010000 0100   00   00   00
010100 0000   00   00   00
010101 0000   00   02   00
010201 0000   03   08   43
010301 0000   09   30   20
010401 0000   18   14   60
010501 0000   31   55   48
010601 0000   36   52   46
010701 0000   40   45   59
010801 0000   44   13   45
010901 0000   52   04   34
010a01 0000   59   24   64
010b01 0000   63   25   69
010c01 0000   75   32   04
010d01 0000   79   53   55
01aa01 0100   83   29   58
ERROR: Drive does not accept any cue sheet variant - please report.
ERROR: Simulation failed.


For what it's worth, cdrecord attempts to burn it, then fails miserably:

# cdrecord -audio -eject -overburn -v *d2*.wav
cdrecord: No write mode specified.
cdrecord: Asuming -tao mode.
 . . .
Track 12: audio   44 MB (04:21.68) no preemp 
Track 13: audio   36 MB (03:36.04) no preemp 
Total size:  846 MB (83:51.77) = 377383 sectors
Lout start:  846 MB (83:53/58) = 377383 sectors
Current Secsize: 2048
ATIP info from disk:
  Indicated writing power: 6
  Is not unrestricted
  Is not erasable
  ATIP start of lead in:  -12414 (97:16/36)
  ATIP start of lead out: 359849 (79:59/74)
Disk type:Short strategy type (Phthalocyanine or similar)
Manuf. index: 35
Manufacturer: Grand Advance Technology Ltd.
Blocks total: 359849 Blocks current: 359849 Blocks remaining: -17534
cdrecord: WARNING: Data may not fit on current disk.
cdrecord: Notice: Overburning active. Trying to write more than the 

Re: alternative to cdrecord?

[Michael D Schleif]

* Brian Pack [EMAIL PROTECTED] [2004:08:23:16:44:15-0400] scribed:
 I've been hit with the issues between cdrecord and the 2.6.8 kernel.
snip /

Does this also affect cdrdao?

My boxen are at 2.6.3x, and I have considered upping them . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Howto burn vcd ???

[Michael D Schleif]

I have downloaded this:

http://bt.easytree.org/torrents-details.php?id=3146

That gives me these two (2) files:

AVSEQ01.DAT
AVSEQ02.DAT

Now, what do I do?  How do I use these files?  How do I burn this to CD?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

aic7xxx: SCB_xxx error ???

[Michael D Schleif]

Recently, I have begun seeing a disruption of one (1) SCSI bus on one
(1) system.  It is very intermittent (see Frequency, below), and lasts
for a minute or so.  The final message indicates a *recovery*; but, I
wonder whether or not I am approaching hardware failure -- and, which
hardware?  Controller?  Drives?

Google shows some questions on Debian and FreeBSD; but, there I found no
definitive answer.  The gist of googling indicates that this maybe a
driver issue, rather than hardware.

What do you think?

A full log of a recent incident is here:

http://helices.org/tmP/loki.scsi.kern.out

# uname -a
Linux loki 2.6.6-2-686 #1 Wed Jun 16 01:25:38 PDT 2004 i686 GNU/Linux

Frequency:
Jul 28 08:29
Aug  9 11:25
Aug  9 20:23
Aug 18 12:03
Aug 20 00:02
Aug 22 14:51

Unique sorted summary of SCB_xxx errors, from all incidents above:

0 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
0 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
0 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
0 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
0 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
1 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
1 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
1 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
1 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
1 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
10 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
11 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
11 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
11 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
12 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
13 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
14 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
15 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
2 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
2 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
2 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
2 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
2 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
3 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
3 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
3 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
3 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
3 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
4 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
4 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
4 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
4 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
5 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
5 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
5 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
5 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
5 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
6 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
6 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
6 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
6 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
6 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
7 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
7 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 
7 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 
7 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 
7 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 
8 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
9 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 
CSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 
SCB_LUN[0x0] 
SCB_LUN[0x0] SCB_TAG[0x0] 
SCB_LUN[0x0] SCB_TAG[0x1] 
SCB_LUN[0x0] SCB_TAG[0x4] 
SCB_LUN[0x0] SCB_TAG[0x5] 
SCB_LUN[0x0] SCB_TAG[0x6] 
SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 
SCB_SCSIID[0x7] SCB_LUN[0x0] 
SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x0] 
SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x3] 
SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x4] 
SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x5] 
SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x6] 

Resolve web site problem ???

[Michael D Schleif]

Please, go to this web site to see if you have access problems:

http://www.allmusic.com

I am currently using these:

# apt-cache policy mozilla-browser mozilla-firefox
mozilla-browser:
  Installed: 2:1.7.2-2
  Candidate: 2:1.7.2-2
  Version Table:
 *** 2:1.7.2-2 0
500 http://mirror.cs.wisc.edu unstable/main Packages
100 /var/lib/dpkg/status
 2:1.6-5 0
990 http://mirror.cs.wisc.edu testing/main Packages
 2:1.2.1-2.bunk 0
500 http://www.fs.tum.de woody/bunk-1/main Packages
 2:1.0.0-0.woody.1 0
500 http://security.debian.org woody/updates/main Packages
500 http://security.debian.org stable/updates/main Packages
500 http://mirror.cs.wisc.edu stable/main Packages
mozilla-firefox:
  Installed: 0.9.3-2
  Candidate: 0.9.3-2
  Version Table:
 *** 0.9.3-2 0
500 http://mirror.cs.wisc.edu unstable/main Packages
100 /var/lib/dpkg/status
 0.8-12 0
990 http://mirror.cs.wisc.edu testing/main Packages


My problems go back several iterations on each browser.

Although it takes several minutes, I an access the root page.

However, when I try to search for an Artist, or a Title, each browser
freezes, and stops responding, and {firefox,mozilla}-bin soars to the top
of `top'.  If I am very careful and patient, then I can Ctrl-W to close
that tab.

Same versions of each browser -- from w2k -- do *not* exhibit similar
problems.

How can I get to the root cause of this problem?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

SHN tools ???

[Michael D Schleif]

What are currently working sources.list entries for these packages?

I have googled, and added these:

deb ftp://ftp.nerim.net/debian-marillat/ unstable main
deb http://debian.xmixahlx.com/packages/unstable/ ./
deb http://pessoal.onda.com.br/rjamorim/debian/ ./
deb http://rarewares.hydrogenaudio.org/xmixahlx/debian/ ./
deb http://www.rarewares.org/debian/packages/unstable ./

I am getting these errors (beware wrap):

Failed to fetch http://pessoal.onda.com.br/rjamorim/debian/./Packages.gz  404 
Not Found
Failed to fetch 
http://rarewares.hydrogenaudio.org/xmixahlx/debian/./Packages.gz  Could not resolve 
'rarewares.hydrogenaudio.org'
Failed to fetch http://rarewares.hydrogenaudio.org/xmixahlx/debian/./Release  
Could not resolve 'rarewares.hydrogenaudio.org'
W: Couldn't stat source package list http://pessoal.onda.com.br ./ Packages 
(/var/lib/apt/lists/pessoal.onda.com.br_rjamorim_debian_._Packages) - stat (2 No such 
file or directory)
W: Couldn't stat source package list http://rarewares.hydrogenaudio.org ./ 
Packages (/var/lib/apt/lists/rarewares.hydrogenaudio.org_xmixahlx_debian_._Packages) - 
stat (2 No such file or directory)

Worst of all, this returns nothing:

dpkg -l '*shn*'

I want to find these, in particular:

shntools
xmms-shn

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: tmda (was Re: Attach filter)

[Michael D Schleif]

* Karsten M. Self [EMAIL PROTECTED] [2004:07:08:04:46:24-0700] scribed:
snip /
 Jason Mastaler accepts criticism so graciously he's banned me from any
 mail access to his domain.  Go figure.  That's adult, open, honest, and
 principled.

Perhaps, that is because you are known to be equally -- if not more so
-- ``adult, open, honest, and principled'' ???

I am witness to you taking this same action without so much as one
chance for your transgressors to repent their evil ways ;

Pot, kettle, black . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

nagios-mysql b0rkage ???

[Michael D Schleif]

I am running Debian, mostly testing and some unstable.  I installed
nagios from testing, and most of it was working.  I was having problems
with status, as documented here:

http://wiki.tryphon.org/LinuxWiki/NagiosInstall

Those patches appeared to resolve the problem.  I remain confused why
Debian does not show a bug against this:

http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=nagios-mysql

I was going to write the maintainer, when I noticed that unstable has a
newer version:

# apt-cache policy nagios-mysql
nagios-mysql:
  Installed: 2:1.2-3.1
  Candidate: 2:1.2-3.1
  Version Table:
 *** 2:1.2-3.1 0
500 http://mirror.cs.wisc.edu unstable/main Packages
100 /var/lib/dpkg/status
 2:1.1-11 0
990 http://mirror.cs.wisc.edu testing/main Packages
 2:1.0-4.bunk 0
500 http://www.fs.tum.de woody/bunk-1/main Packages

So, I upgraded to that version, which resulted in the five (5) crucial
definition errors documented below.  I _purged_ the entire package, and
installed unstable from scratch -- same problem:

# sudo /usr/sbin/nagios -v /etc/nagios/nagios.cfg
Nagios 1.2
Copyright (c) 1999-2004 Ethan Galstad ([EMAIL PROTECTED])
Last Modified: 02-02-2004
License: GPL

Reading configuration data...
Running pre-flight check on configuration data...

Checking services...
Error: There are no services defined!
Checked 0 services.
Checking hosts...
Error: There are no hosts defined!
Checked 0 hosts.
Checking host groups...
Error: There are no host groups defined!
Checked 0 host groups.
Checking contacts...
Error: There are no contacts defined!
Checked 0 contacts.
Checking contact groups...
Error: There are no contact groups defined!

Checked 0 contact groups.
Checking service escalations...
Checked 0 service escalations.
Checking host group escalations...
Checked 0 host group escalations.
Checking service dependencies...
Checked 0 service dependencies.
Checking host escalations...
Checked 0 host escalations.
Checking host dependencies...
Checked 0 host dependencies.
Checking commands...
Checked 0 commands.
Checking time periods...
Checked 0 time periods.
Checking for circular paths between hosts...
Checking for circular service execution dependencies...
Checking global event handlers...
Checking obsessive compulsive service processor command...
Checking misc settings...

Total Warnings: 0
Total Errors:   5


Here is my main configuration:

# grep -v '^\(#\|$\)' nagios.cfg
log_file=/var/log/nagios/nagios.log
cfg_file=/etc/nagios/checkcommands.cfg
cfg_file=/etc/nagios/misccommands.cfg
cfg_file=/etc/nagios/contactgroups.cfg
cfg_file=/etc/nagios/contacts.cfg
cfg_file=/etc/nagios/dependencies.cfg
cfg_file=/etc/nagios/escalations.cfg
cfg_file=/etc/nagios/hostgroups.cfg
cfg_file=/etc/nagios/hosts.cfg
cfg_file=/etc/nagios/services.cfg
cfg_file=/etc/nagios/timeperiods.cfg
resource_file=/etc/nagios/resource.cfg
status_file=/var/log/nagios/status.log
nagios_user=nagios
nagios_group=nagios
check_external_commands=1
command_check_interval=-1
command_file=/var/log/nagios/rw/nagios.cmd
comment_file=/var/log/nagios/comment.log
downtime_file=/var/log/nagios/downtime.log
lock_file=/var/log/nagios/nagios.lock
temp_file=/var/log/nagios/nagios.tmp
log_rotation_method=d
log_archive_path=/var/log/nagios/archives
use_syslog=1
log_notifications=1
log_service_retries=1
log_host_retries=1
log_event_handlers=1
log_initial_states=0
log_external_commands=1
log_passive_service_checks=1
inter_check_delay_method=s
service_interleave_factor=s
max_concurrent_checks=0
service_reaper_frequency=10
sleep_time=1
service_check_timeout=60
host_check_timeout=30
event_handler_timeout=30
notification_timeout=30
ocsp_timeout=5
perfdata_timeout=5
retain_state_information=1
state_retention_file=/var/log/nagios/status.sav
retention_update_interval=60
use_retained_program_state=0
interval_length=60
use_agressive_host_checking=0
execute_service_checks=1
execute_service_checks=1
accept_passive_service_checks=1
enable_notifications=1
enable_event_handlers=1

Re: Question re Debian versions

[Michael D Schleif]

* Paul Johnson [EMAIL PROTECTED] [2004:03:18:20:05:40-0800] scribed:
snip /

 Not particularly.  I've never downgraded libc successfully on a
 machine across major version changes without having to reinstall.
 Your best bet if you don't want to reinstall is watch closely after
 sarge goes stable for a new unstable fork off to testing, and move
 when they fork.

How, exactly, does one go about ``watch closely ... for a new unstable
fork off to testing'' ???  I've seen reference to this, but I do not
know how one can know when that situation obtains.

snip /
 Sometime before Dec 31, 2003 if people get moving on it was the last I
 heard.
snip /

2003?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: Question re Debian versions

[Michael D Schleif]

* Brian Nelson [EMAIL PROTECTED] [2004:03:18:22:58:47-0800] scribed:
snip /

 My opinion is that testing should not be publicly available until it is
 in the release candidate or beta stage, or whatever you want to call
 it.  Up until that point, it should be a virtual distribution only
 existing in the output of the testing scripts.  I think it does a
 disservice to the community to have a publicly available distribution
 that appears to be a compromise in between stable and unstable, but in
 actuality can be much more broken than unstable.

How could that work?  Can apt/dselect be coerced into understanding this
distinction?  As it is, if testing is in my sources.list, won't I get
whatever is in testing, so long as I ask for testing packages?

Or, is there some way to ask for mature testing packages, as opposed
to else?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

MTA dependencies ???

[Michael D Schleif]

Yes, I have seen this discussed before; but, I cannot find the Debian
consensus solution.  Which search criteria ought I to use in the
archives?

I have a box on which I want to install qmail from source.  In order to
get it to run, I need to remove/purge *all* other MTA's (e.g., exim,
nullmailer, c.)

In doing so, there are DEB's with MTA dependencies, and removing/purging
DEB MTA's _also_ removes these dependent packages.

I do not want to remove these other packages.  In fact, there will be an
MTA on the box; but, aptitude does not know about it.

What is the best way to accomplish this?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: To dselect or aptitude, that is the question

[Michael D Schleif]

* Monique Y. Mudama [EMAIL PROTECTED] [2004:04:23:17:41:52-] scribed:
 On 2004-04-21, Michael D Schleif penned:
 
  I would have been using aptitude long ago, _except_ for this hurdle on
  my systems:
 
  # sudo aptitude -P upgrade
  Password:
  Reading Package Lists... Done
  Building Dependency Tree  =20
  Reading extended state information... Done
 
 
 I think this is the relevant part:
 
  The following packages are unused and will be REMOVED:
 
 Do you have this line in ~/.aptitude/config 
 
 aptitude::Delete-Unused true;
 
 ?

Yes, indeed, that is it!  Thank you.

 Search for TRACKING UNUSED PACKAGES in /usr/share/doc/aptitude/README
 for more details.

Although, I found `unused' and other information in that file, `TRACKING
UNUSED PACKAGES' is not in my file.  What version of aptitude are you
running?

Thank you, again, for your consideration.

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: To dselect or aptitude, that is the question

[Michael D Schleif]

* Joey Hess [EMAIL PROTECTED] [2004:04:20:22:27:12-0400] scribed:
 J.S.Sahambi wrote:
  I have been using apt and dselect for some time. Can any body tell me 
  about the advantages/disadvantages of dselect and aptitude? and which is 
  better?
 
 Nine reasons why you should be using aptitude instead of apt-get or dselect.
 
 1. aptitude can look just like apt-get
 
If you run 'aptitude update' or 'aptitude upgrade' or 'aptitude
install', it looks and works just like apt-get, with a few enhancements.
So there is no learning curve.
 
(If you're a dselect user, learning curve is obviously not one of your
problems.)
 
 2. aptitude tracks automatically installed packages
 
Stop worrying about pruning unused libraries and support packages from
your system. If you use aptitude to install everything, it will keep
track of what packages are pulled in by dependencies alone, and remove
those packages when they are no longer needed.
 
 3. aptitude sanely handles recommends
 
A long-standing failure of apt-get has been its lack of support for
the Recommends relationship. Which is a problem because many packages
in Debian rely on Recommends to pull in software that the average user
generally uses with the package. This is a not uncommon cause of
trouble, even though apt-get recently became able to at least mention
recommended packages, it's easy to miss its warnings.
 
Aptitude supports Recommends by default, and can be confgigured to
support Suggests too. It even supports installing recommended packages
when used in command-line mode.
 
 4. use aptitude as a normal user and avoid hosing your system
 
Maybe you didn't know that you can run aptitude in gui mode as a regular
user. Make any changes you'd like to try out. If you get into a real
mess, you can hit 'q' and exit, your changes will not be saved.
(Aptitude also lets you use ctrl-u to undo changes.) Since it's running
as a normal user, you cannot hose your system until you tell aptitude to
do something, at which point it will prompt you for your root password.
 
 5. aptitude has a powerful UI and searching capabilities
 
Between aptitude's categorical browser and its great support for
mutt-style filtering and searching of packages by name, description,
maintainer, dependencies, etc, you should be able to find packages
faster than ever before using aptitude.
 
 6. aptitude makes it easy to keep track of obsolete software
 
If Debian stops distributing a package, apt will leave it on your system
indefinitly, with no warnings, and no upgrades. Aptitude lists such
packages in its Obsolete and Locally Created Packages section, so you
can be informed of the problem and do something about it.
 
 7. aptitude has an interface to the Debian task system
 
Aptitude lets you use Debian's task system as it was designed to be
used. You can browse the available tasks, select a task for install, and
then dig into it and de-select parts of the task that you don't want.
apt-get has no support for tasks, and aptitude is better even than
special purpose tools like tasksel.
 
 8. aptitude supports multiple sources
 
If your sources.list is configured to make multiple versions of a
package available, aptitude lets you drill down to see the available
versions and pick a non-default version to install. If a package breaks
in unstable, just roll it back to the version in testing.
 
 9. aptitude logs its actions
 
Aptitude logs package it installs, upgrades, and removes to
/varlog/aptitude, which can be useful to work out why things started
breaking after yesterday's upgrade, or when you removed a partiticlar
package.
 
 -- 
 see shy jo

I would have been using aptitude long ago, _except_ for this hurdle on
my systems:

# sudo aptitude -P upgrade
Password:
Reading Package Lists... Done
Building Dependency Tree   
Reading extended state information... Done
The following packages are unused and will be REMOVED:
  antiword debiandoc-sgml debiandoc-sgml-doc debsums dhelp djbdns-doc 
  djtools doc-html-w3 docbook docbook-defguide docbook-doc docbook-dsssl 
  docbook-dsssl-doc docbook-mathml docbook-xsl emacs20-el esound foo2zjs 
  foomatic-db foomatic-db-engine foomatic-db-gimp-print foomatic-db-hpijs 
  foomatic-filters foomatic-gui fortune-mod fortunes-min freefont 
  freetype1-tools fttools gimp gimp-perl gimpprint-doc gimpprint-locales 
  gnome-doc-tools gnome-vfs-extras2 hpijs html2ps ijsgimpprint imlib-progs 
  irb jade jadetex karbon kchart kformula kivio koffice koshell kpresenter 
  kspread kugar kword libdv-bin libdv2 libgimp1.2 libgtkxmhtml1 
  libjcode-pm-perl libmpeg1 libpng10-dev libpng2-dev libreadline-ruby 
  librecode0 libroman-perl libsgmls-perl libsp1 libterm-readkey-perl 
  libtext-format-perl libtiff-tools linuxdoc-tools linuxdoc-tools-info 
  linuxdoc-tools-latex linuxdoc-tools-text man2html 

Re: Manual pages and UTF-8

[Michael D Schleif]

* Colin Watson [EMAIL PROTECTED] [2004:03:28:21:06:03+0100] scribed:
 On Sun, Mar 28, 2004 at 09:41:42PM +0200, Per Olofsson wrote:
  I'm running with an UTF-8 locale and this causes minus signs (dashes)
  in many manual pages to become garbled. It only seems to happen in
  text in the italic style, i.e. the .I macro. It also only happens
  to bare minus signs; if they are written as \-, it works fine. Try,
  for example, man jed with an UTF-8 locale.
  
  Am I doing something wrong? Does it work better for anyone else? Or is
  it a bug in these manual pages, or perhaps in man-db or groff?
 
 (a) Please see /usr/share/doc/groff/README.Debian; (b) it shouldn't
 actually garble them, merely display Unicode HYPHEN-MINUS, so what
 versions of man-db, groff, your pager, and your terminal emulator are
 you using?

Interesting ;

# for mds in man-db groff less xterm
 do
 apt-show-versions $mds
 done
man-db/testing uptodate 2.4.2-13
groff/testing uptodate 1.18.1-15
less/testing uptodate 381-3
xterm/testing uptodate 4.2.1-12.1

I have been having same problem, and opened Bug#235046 against xterm.
There I was told that this is a font problem; although, changing to the
recommended fonts did *not* resolve my problems.

Also, now I find that this problem affects more than just hyphens (-);
but, also characters such as (`) (e.g., man apt-show-versions).

Yes, I know that _somehow_ it should be possible to get to xterm
v4.3.0-7; but, the dependencies are quite daunting on this box ;

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: famd runaway??

[Michael D Schleif]

* Michael Satterwhite [EMAIL PROTECTED] [2004:03:12:21:12:20-0600] scribed:
 Debian sarge...
 
 My computer has slowed to a crawl, can't even start konqueror. When I look at 
 the processes, famd is using about 73% of the system.
 
 Anyone know what might be wrong?

Same here.

* Larry Geralds [EMAIL PROTECTED] [2004:03:13:17:15:57-0500] scribed:
 Debian sarge...
 
 Same thing with Sid.
 
 
 My computer has slowed to a crawl, can't even start konqueror. When I look 
 at the processes, famd is using about 73% of the system.
 
 Anyone know what might be wrong?
 
 Don't know. Wish I did.
 
 I restart it: su -c /etc/init.d/fam restart

For that matter, why on earth is `idle_timeout' in /etc/fam.conf
_over_ridden_ by /etc/init.d/fam ?!?!

This means that I have to edit /etc/init.d/fam in order to change:

   FAMOPTS=-T 0

I have tried this several times _without_ a single dialog:

   dpkg-reconfigure -plow fam

I am running version 2.6.10-6

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: Help with .Xdefaults

[Michael D Schleif]

* Bill Moseley [EMAIL PROTECTED] [2004:03:09:14:36:23-0800] scribed:
 Where are the xterm resources defined?
 
 I'm using icewm and I have my mail icon run:
 
xterm -e mutt
 
 Now, I want to make my mutt sessions show up on all desktops (like I do
 with gkrellm).  But the class and name resources are set as
 
   WM_CLASS(STRING) = xterm, XTerm
 
 My first attempt was to use -class:
 
xterm -class mutt -e mutt
 
 but then colors were off in the xterm window.  I have an .Xdefaults file
 but only one resource defined (to make my xterm window bigger).
 
 So I'm wondering where the xterm default resources are defined.
 
 I'm now using xterm -name mutt -e mutt and then in my winoptions file I
 use:
 
   mutt.XTerm.allWorkspaces: 1
 
 (the problem is I was ending up with too many mutt processes running
 across all my different workspaces (desktops).

I think that you will find that ~/.Xdefaults is deprecated, and that you
will do best using ~/.Xresources . . .

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: kernels v2.6.x vs. /dev/nst0 ???

[Michael D Schleif]

* Alexis Huxley [EMAIL PROTECTED] [2004:03:08:15:06:04+] scribed:
  Regardless of kernel, I see this:
 
 # cat /proc/scsi/scsi
 Attached devices:=20
 Host: scsi0 Channel: 00 Id: 05 Lun: 00
   Vendor: HP   Model: C1537A   Rev: L812
   Type:   Sequential-AccessANSI SCSI revision: 02
 . . .
 
 
 Just because the device is visible on the SCSI bus, does not mean
 that the kernel knows how to operate it. My guess is that the
 new kernel does not have 'st' module compile in or available as
 a module which has been loaded.
 
 Run:
 
   grep _ST=  /boot/config-*
 
 to see if how the tape driver is compiled (y=in kernel, m=module, n=not
 compiled at all).
 
 If you see 'y' it should work, I hope you don't see that! :-)
 
 If 'm' then have you loaded the module? Try 'lsmod'. Do you see it
 listed?)
 
 If 'n' then you need to make a new kernel from sources.

I will have to boot back into 2.6.3 later today.

I am using the stock Debian kernel:

   kernel-image-2.6.3-1-686

From config-2.6.3-1-686:

   #
   # SCSI device support
   #
   CONFIG_SCSI=m
   CONFIG_SCSI_PROC_FS=y

   #
   # SCSI support type (disk, tape, CD-ROM)
   #
   CONFIG_BLK_DEV_SD=m
   CONFIG_CHR_DEV_ST=m
   CONFIG_CHR_DEV_OSST=m
   CONFIG_BLK_DEV_SR=m
   # CONFIG_BLK_DEV_SR_VENDOR is not set
   CONFIG_CHR_DEV_SG=m

   #
   # Some SCSI devices (e.g. CD jukebox) support multiple LUNs
   #
   CONFIG_SCSI_MULTI_LUN=y
   # CONFIG_SCSI_REPORT_LUNS is not set
   CONFIG_SCSI_CONSTANTS=y
   CONFIG_SCSI_LOGGING=y

From config-2.4.25-1-686:

   #
   # SCSI support type (disk, tape, CD-ROM)
   #
   CONFIG_BLK_DEV_SD=m
   CONFIG_SD_EXTRA_DEVS=40
   CONFIG_CHR_DEV_ST=m
   CONFIG_CHR_DEV_OSST=m
   CONFIG_BLK_DEV_SR=m
   # CONFIG_BLK_DEV_SR_VENDOR is not set
   CONFIG_SR_EXTRA_DEVS=2
   CONFIG_CHR_DEV_SCH=m
   CONFIG_CHR_DEV_SG=m

   #
   # Some SCSI devices (e.g. CD jukebox) support multiple LUNs
   #
   # CONFIG_SCSI_DEBUG_QUEUES is not set
   CONFIG_SCSI_MULTI_LUN=y
   CONFIG_SCSI_CONSTANTS=y
   CONFIG_SCSI_LOGGING=y

What am I missing?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: kernels v2.6.x vs. /dev/nst0 ???

[Michael D Schleif]

* David Goodenough [EMAIL PROTECTED] [2004:03:08:19:27:39+] scribed:
 On Monday 08 March 2004 18:57, Michael D Schleif wrote:
  * Alexis Huxley [EMAIL PROTECTED] [2004:03:08:15:06:04+] scribed:
Regardless of kernel, I see this:
   
   # cat /proc/scsi/scsi
   Attached devices:=20
   Host: scsi0 Channel: 00 Id: 05 Lun: 00
 Vendor: HP   Model: C1537A   Rev: L812
 Type:   Sequential-AccessANSI SCSI revision: 02
   . . .
  
   Just because the device is visible on the SCSI bus, does not mean
   that the kernel knows how to operate it. My guess is that the
   new kernel does not have 'st' module compile in or available as
   a module which has been loaded.
  
   Run:
  
 grep _ST=  /boot/config-*
  
   to see if how the tape driver is compiled (y=in kernel, m=module, n=not
   compiled at all).
  
   If you see 'y' it should work, I hope you don't see that! :-)
  
   If 'm' then have you loaded the module? Try 'lsmod'. Do you see it
   listed?)
  
   If 'n' then you need to make a new kernel from sources.
 
  I will have to boot back into 2.6.3 later today.
 
  I am using the stock Debian kernel:
 
 kernel-image-2.6.3-1-686
 
  From config-2.6.3-1-686:
 
 #
 # SCSI device support
 #
 CONFIG_SCSI=m
 CONFIG_SCSI_PROC_FS=y
 
 #
 # SCSI support type (disk, tape, CD-ROM)
 #
 CONFIG_BLK_DEV_SD=m
 CONFIG_CHR_DEV_ST=m
 
 As ST is a module, have you tried loading the module explicitly.  There have
 been one of two cases where modules got autoloaded in 2.4 and are not in
 2.6.
 
 David
 CONFIG_CHR_DEV_OSST=m
 CONFIG_BLK_DEV_SR=m
 # CONFIG_BLK_DEV_SR_VENDOR is not set
 CONFIG_CHR_DEV_SG=m
 
 #
 # Some SCSI devices (e.g. CD jukebox) support multiple LUNs
 #
 CONFIG_SCSI_MULTI_LUN=y
 # CONFIG_SCSI_REPORT_LUNS is not set
 CONFIG_SCSI_CONSTANTS=y
 CONFIG_SCSI_LOGGING=y

Yes, I rebooted back into 2.6.3, and `st' was *NOT* loaded; but, this
works:

   sudo modprobe st

Now, lsmod shows that it is loaded, AND I can access /dev/nst0 !?!?

I have reviewed module-init-tools ; but, I do not see anything there
that I am missing.  I will upgrade from 3.0-pre9-1 to 3.0-pre10-1 after
I post this.

What else can I do to automate loading of `st'?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: kernels v2.6.x vs. /dev/nst0 ???

[Michael D Schleif]

* On 2004:03:08:15:20:15-0600 I, Michael D Schleif [EMAIL PROTECTED], scribed:
 * David Goodenough [EMAIL PROTECTED] [2004:03:08:19:27:39+] scribed:
  On Monday 08 March 2004 18:57, Michael D Schleif wrote:
   * Alexis Huxley [EMAIL PROTECTED] [2004:03:08:15:06:04+] scribed:
snip /

Run:
   
grep _ST=  /boot/config-*
   
to see if how the tape driver is compiled (y=in kernel, m=module, n=not
compiled at all).
   
If you see 'y' it should work, I hope you don't see that! :-)
   
If 'm' then have you loaded the module? Try 'lsmod'. Do you see it
listed?)
   
If 'n' then you need to make a new kernel from sources.
  
   I will have to boot back into 2.6.3 later today.
  
   I am using the stock Debian kernel:
  
  kernel-image-2.6.3-1-686
  
   From config-2.6.3-1-686:
  
  #
  # SCSI device support
  #
  CONFIG_SCSI=m
  CONFIG_SCSI_PROC_FS=y
  
  #
  # SCSI support type (disk, tape, CD-ROM)
  #
  CONFIG_BLK_DEV_SD=m
  CONFIG_CHR_DEV_ST=m
  
  As ST is a module, have you tried loading the module explicitly.  There have
  been one of two cases where modules got autoloaded in 2.4 and are not in
  2.6.
  
  David
  CONFIG_CHR_DEV_OSST=m
  CONFIG_BLK_DEV_SR=m
  # CONFIG_BLK_DEV_SR_VENDOR is not set
  CONFIG_CHR_DEV_SG=m
  
  #
  # Some SCSI devices (e.g. CD jukebox) support multiple LUNs
  #
  CONFIG_SCSI_MULTI_LUN=y
  # CONFIG_SCSI_REPORT_LUNS is not set
  CONFIG_SCSI_CONSTANTS=y
  CONFIG_SCSI_LOGGING=y
 
 Yes, I rebooted back into 2.6.3, and `st' was *NOT* loaded; but, this
 works:
 
sudo modprobe st
 
 Now, lsmod shows that it is loaded, AND I can access /dev/nst0 !?!?
 
 I have reviewed module-init-tools ; but, I do not see anything there
 that I am missing.  I will upgrade from 3.0-pre9-1 to 3.0-pre10-1 after
 I post this.

For the record, upgrading module-init-tools did the trick for me!

I do not know why this worked, because the changelog indicates only some
upstream release issue.

Also, as a loadable module (regardless kernel 2.4.25 or 2.6.3), `st' is
_not_ loaded (e.g., lsmod) until userland tries to use it.  In my case,
that is the `mt-st' package, which I have not changed in many weeks.

Bottomline, I upgraded module-init-tools and rebooted, and now userland
has no problems communicating with /dev/nst0.

Thank you for your help.

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

obsolete setsockopt SO_BSDCOMPAT ???

[Michael D Schleif]

Does the subject boot message indicate something that requires immediate
fix?

Or, is it more of a warning that that application is using an obsolete
and deprecated call, and that developers for those applications someday
will catch up and upgrade that method?

So far, I have seen this in conjunction with all of the Debian stock
v2.6.x kernels during boot.  In my case, they complain about snmpd and
syslogd; but, googling indicates that there are several other
applications complaining.  I have not yet seen a definitive answer
regarding the severity of the root cause.

Inquiring minds want to know . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

kernels v2.6.x vs. /dev/nst0 ???

[Michael D Schleif]

I finally took the plunge yesterday, and upgraded my last system to
kernel 2.6.3.

Unfortunately, this is my amanda backup server, and under this kernel it
no longer communicates with /dev/nst0:

   # sudo mt -f /dev/nst0 offline
   mt: No such device. Cannot open '/dev/nst0'.

Everything else appears to work as expected.  I didn't notice this tape
problem until this morning, I saw the backup was stuck on holdingdisk.

Running following results in `0' tape devices found:

   # sudo /etc/init.d/mt-st modload

Regardless of kernel, I see this:

   # cat /proc/scsi/scsi
   Attached devices: 
   Host: scsi0 Channel: 00 Id: 05 Lun: 00
 Vendor: HP   Model: C1537A   Rev: L812
 Type:   Sequential-AccessANSI SCSI revision: 02
   . . .

Now, after reboot back into 2.4.25, /dev/nst0 is working fine, and I am
flushing last night's backup to tape as I compose this.

I have searched the archives and Google; but, the string `st' is very
common, and I probably have not found the optimal search string ;

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

boot 2.4.x *after* using 2.6.2 ???

[Michael D Schleif]

OK, I am finally testing v2.6.x kernels on one box.

Prior to yesterdays 2.6.2 install, I had successfully used the
following:

   2.4.23-1-686
   2.4.24-1-686

This box uses lilo, and I successfully switched between these kernels at
boot time.

Then, I installed this:

   2.6.2-1-686

Yes, it booted the first time, and after I got around to loading the
following, even X and KDE work:

   mousedev
   psmouse

Nevertheless, now I cannot boot any 2.4.x kernels ;

   . . .
   Freeing initrd memory: 5292k freed
   [ request_module[block-major-8]: Root fs not mounted ]
   VFS: Cannot open root device 801 or 08:01
   Please append a correct root= boot option
   Kernel panic: VFS: unable to mount root fs on 08:01

NOTE: That second line only occurs sometimes, and I cannot find any
`block' references in /etc/modules.conf -- hence the `[]'.

I have tried various lilo.conf configurations; but, here are the
current:

   # sudo grep -v '^\($\|#\)' /etc/lilo.conf 
   lba32
   boot=/dev/sda
   root=/dev/sda1
   map=/boot/map
   delay=100
   prompt
   timeout=100
   vga=normal
   default=Linux
   image=/vmlinuz
   initrd=/initrd.img
   label=Linux
   read-only
   image=/vmlinuz.old
   initrd=/boot/initrd.img-2.4.24-1-686
   label=LinuxOLD
   read-only
   image=/boot/vmlinuz-2.4.18-686
   initrd=/boot/initrd.img-2.4.18-686
   label=Linux.2.4.18
   read-only
   image=/boot/vmlinuz-2.4.23-1-686
   initrd=/boot/config-2.4.23-1-686
   label=Linux.2.4.23
   read-only
   image=/boot/vmlinuz-2.4.24-1-686
   initrd=/boot/initrd.img-2.4.24-1-686
   label=Linux.2.4.24
   read-only

   # ls -alL /vmlinuz{,.old} /initrd.img /boot/{initrd,vmlinuz}*
   -rw-r--r--1 root root  2654208 Jul 26  2003 /boot/initrd.img-2.4.18-686
   -rw-r--r--1 root root  3645440 Jan 11 19:30 
/boot/initrd.img-2.4.23-1-686
   -rw-r--r--1 root root  3665920 Feb 21 20:25 
/boot/initrd.img-2.4.24-1-686
   -rw-r--r--1 root root  5419008 Feb 21 23:22 /boot/initrd.img-2.6.2-1-686
   -rw-r--r--1 root root   632393 Apr 13  2002 /boot/vmlinuz-2.4.18-686
   -rw-r--r--1 root root   859929 Nov 30 09:24 /boot/vmlinuz-2.4.23-1-686
   -rw-r--r--1 root root   859850 Feb  4 09:00 /boot/vmlinuz-2.4.24-1-686
   -rw-r--r--1 root root  1106261 Feb 12 03:08 /boot/vmlinuz-2.6.2-1-686
   -rw-r--r--1 root root  5419008 Feb 21 23:22 /initrd.img
   -rw-r--r--1 root root  1106261 Feb 12 03:08 /vmlinuz
   -rw-r--r--1 root root   859850 Feb  4 09:00 /vmlinuz.old

   # ls -l /dev/sda{,1}
   brw-rw1 root disk   8,   0 Oct 13  2001 /dev/sda
   brw-rw1 root disk   8,   1 Oct 13  2001 /dev/sda1


What am I missing?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

dependency validator tool ???

[Michael D Schleif]

I am not quite sure how to search for this, and so far I have not turned
up anything substantive ;

Is there some dpkg/apt tool to scan an existing system, and pass
judgment on the current state of installed dependency integrity?

Yes, I have a good idea how the installation process works, and I am
satisfied with that as far as it goes.

However, sometimes installations _remove_ stuff, and other processes
(e.g., deborphan, c.) facilitate cleaning up unused files.

Accidents happen.  Bugs bug.

With all of these processes going on, is there a canonical method to
verify the integrity of the status quo?

what do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: boot 2.4.x *after* using 2.6.2 ???

[Michael D Schleif]

* On 2004:02:22:11:26:39-0600 I, Michael D Schleif [EMAIL PROTECTED], scribed:
 OK, I am finally testing v2.6.x kernels on one box.
 
 Prior to yesterdays 2.6.2 install, I had successfully used the
 following:
 
2.4.23-1-686
2.4.24-1-686
 
 This box uses lilo, and I successfully switched between these kernels at
 boot time.
 
 Then, I installed this:
 
2.6.2-1-686
 
 Yes, it booted the first time, and after I got around to loading the
 following, even X and KDE work:
 
mousedev
psmouse
 
 Nevertheless, now I cannot boot any 2.4.x kernels ;
 
. . .
Freeing initrd memory: 5292k freed
[ request_module[block-major-8]: Root fs not mounted ]
VFS: Cannot open root device 801 or 08:01
Please append a correct root= boot option
Kernel panic: VFS: unable to mount root fs on 08:01
 
 NOTE: That second line only occurs sometimes, and I cannot find any
 `block' references in /etc/modules.conf -- hence the `[]'.
snip /

Thank you, David, for pointing me in the right direction.

Yes, lilo was properly configured.

It turns out that something _removed_ the `bootable' flag from /dev/sda1
, and with `ROOT=probe' in /etc/mkinitrd/mkinitrd.conf, the probing
process could not find a boot partition for 2.4.x kernels.

I do not know how 2.6.x kernels find a bootable partition; nor do I know
how the installation process of the 2.6.2 kernel removed that flag.
Please, comment if you feel that this is a bug, and that I ought to
report it.

I do know that setting `ROOT=' is equivalent to the obsolete
`PROBE=off', which _did_ allow booting the 2.4.x kernels.

However, the correct solution is to use cfdisk and reset the `bootable'
flag on /dev/sda1, and reset `ROOT=probe'.

Now, this box and kernels 2.6.x/2.4.x behave as expected.

Thank you.

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: what package creates /var/log/faillog?

[Michael D Schleif]

* Dan Jacobson [EMAIL PROTECTED] [2004:02:20:03:25:27+0800] scribed:
 What package creates /var/log/faillog?
 What is the recommended way of finding out next time without posting here?
 $ strings /var/log/faillog
 tty1

   # dpkg -S faillog
   login: /usr/bin/faillog
   login: /usr/share/man/pl/man5/faillog.5.gz
   login: /usr/share/man/fr/man5/faillog.5.gz
   login: /usr/share/man/man5/faillog.5.gz
   login: /usr/share/man/pl/man8/faillog.8.gz
   login: /usr/share/man/man8/faillog.8.gz
   login: /usr/share/man/ja/man5/faillog.5.gz
   login: /usr/share/man/ja/man8/faillog.8.gz

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: i would like to read some root files on a distant debian host

[Michael D Schleif]

* Steven Leach [EMAIL PROTECTED] [2004:02:08:09:47:45-0500] scribed:
 You have no business trying to access files in any account that is not 
 yours, much less the system administrator's account of a system that is 
 not yours.  Grow Up.
 
 If anyone on the list can read french, please forward this jerk's 
 message to the administrator at nordnet.fr  -  I tried to get an email 
 address but couldn't find contact information for that domain name.  
 Also, babblefish choked on their website, so I was unable to find 
 anything that I could be sure was the correct email address to send to.
 
 On Feb 8, 2004, at 2:13 AM, bruno doutriaux wrote:
 
 i would like to read some root files on a distant debian host.
 could somebody help me.
 (i have some hints: the debian host is using gaim 0.75 which has 
 security
 fails and i would like to also listen it with a trojan, is it 
 possible on a
 debian?)

   # whois nordnet.fr | grep @ | grep -v ^changed:
   e-mail:  [EMAIL PROTECTED]
   trouble: Questions: mailto:[EMAIL PROTECTED]
   trouble: Spam: mailto:[EMAIL PROTECTED]
   trouble: Test: mailto:[EMAIL PROTECTED]
   e-mail:  [EMAIL PROTECTED]
   e-mail:  [EMAIL PROTECTED]
   notify:  [EMAIL PROTECTED]
   e-mail:  [EMAIL PROTECTED]

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: What command tells you most about your hardware?

[Michael D Schleif]

* Kent West [EMAIL PROTECTED] [2004:02:07:23:23:21-0600] scribed:
 Roger Chrisman wrote:
snip /

 What command would you use to display details about your hardware - cpu, 
 ram, drives, etc?
 
 I know my BIOs tells me some of this. I am looking for a command line tool.
  
 
 lshw is what you're looking for. It's in unstable; I'm not sure about 
 stable and/or testing.

As cool as this tool is, pay close attention to the information that it
presents, since some of it is in accurate and suspect.  For example, on
the five (2) debian boxen on which I used it, all of them show 16MB
video memory when, in fact, some have more, some less, but none have
exactly 16MB ;

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: script to list installed packages

[Michael D Schleif]

* [EMAIL PROTECTED] [EMAIL PROTECTED] [2004:01:29:00:27:11-0500] scribed:
 Hi all,
 
 I know that somewhere there is a command to list all installed packages 
 (I even remember using it way back when...), but I can't seem to find it.
 I've looked at the various apt utility man pages and have not found 
 anything, even for apt-cache.  I'm trying to write a script to run the 
 command daily (with cron), and dump the list to a file. This should be a 
 useful tool to keep track of package installs and removals. Just by 
 running diff on two files, one can tell what got 
 install/removed/upgraded that day.

   dpkg -l | grep ^i

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

sr1: CDROM not ready ???

[Michael D Schleif]

OK, it can be nice to have devices _know_ when they are ready to be used
;

However, enough is enough:

   Jan 27 10:02:09 bragi kernel: sr1: CDROM not ready.  Make sure there is a disc in 
the drive.
   Jan 27 10:02:40 bragi last message repeated 31 times
   Jan 27 10:03:41 bragi last message repeated 61 times
   Jan 27 10:04:42 bragi last message repeated 61 times

I know what /dev/sr1 is, and I often play audio CD's in that drive.
Sometimes, that drive is empty, and that is the way it should be.

How can I figure out what process is pummeling syslog with this useless
information?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

sr1: CDROM not ready ???

[Michael D Schleif]

OK, it can be nice to have devices _know_ when they are ready to be used
;

However, enough is enough:

   Jan 27 10:02:09 bragi kernel: sr1: CDROM not ready.  Make sure there is a disc in 
the drive.
   Jan 27 10:02:40 bragi last message repeated 31 times
   Jan 27 10:03:41 bragi last message repeated 61 times
   Jan 27 10:04:42 bragi last message repeated 61 times

I know what /dev/sr1 is, and I often play audio CD's in that drive.
Sometimes, that drive is empty, and that is the way it should be.

How can I figure out what process is pummeling syslog with this useless
information?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: sr1: CDROM not ready ???

[Michael D Schleif]

* Michael Heldebrant [EMAIL PROTECTED] [2004:01:27:15:25:08-0600] scribed:
 On Tue, 2004-01-27 at 15:06, Michael D Schleif wrote:
  OK, it can be nice to have devices _know_ when they are ready to be used
  ;
  
  However, enough is enough:
  
 Jan 27 10:02:09 bragi kernel: sr1: CDROM not ready.  Make sure there is a disc 
  in the drive.
 Jan 27 10:02:40 bragi last message repeated 31 times
 Jan 27 10:03:41 bragi last message repeated 61 times
 Jan 27 10:04:42 bragi last message repeated 61 times
  
  I know what /dev/sr1 is, and I often play audio CD's in that drive.
  Sometimes, that drive is empty, and that is the way it should be.
  
  How can I figure out what process is pummeling syslog with this useless
  information?
  
  What do you think?
 
 Install the lsof package if you don't have it.
 
 Try:  lsof /dev/sr1 
 
 Tt should give you a clue as to what is opening the device, you may have
 to run it as lsof -r /dev/sr1 over a minute or more if the process only
 opens /dev/sr1 every now and then.  It looks to be something checking
 once a minute (61 log messages over 61 minutes)  Are you running
 something like nautilus?

Thank you.

   # lsof /dev/sr1
   COMMAND  PID USER   FD   TYPE DEVICE SIZE   NODE NAME
   kscd1336  mds   10r   BLK   11,1  163217 /dev/scd1

I got confused, because nothing really said `sr1'.  Even
~/.kde/share/config/kscdrc specifies: /dev/cdrom.

   # ls -l /dev/sr1
   lrwxrwxrwx1 root root4 May 25  2002 /dev/sr1 - scd1

   # ls -l /dev/scd1
   brw-rw1 root cdrom 11,   1 Nov 30  2000 /dev/scd1

   # ls -l /dev/cdrom
   lrwxrwxrwx1 root root6 Nov 15 18:29 /dev/cdrom - ./scd1

kscd was sitting in the System Tray, and when I closed it, syslog
bombardment also went away ;

I am still confused why the logs and console streaming insisted that the
culprit was on /dev/sr1 . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: Mutt sending help

[Michael D Schleif]

* Mike Mueller [EMAIL PROTECTED] [2004:01:21:01:15:54-0500] scribed:
snip /
 If so, is mutt making the Return-path field or nullmailer?

An empirical way for you to see the entire message that leaves mutt is
to go to look at your `sent' mail.  Do you have something like the
following in your ~/.muttrc?

   set record==sent

   set record=/tmp/sent

`record' records an exact copy of every message you send for this very
purpose.

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: checking whether partition mounted as ext3

[Michael D Schleif]

* Faheem Mitha [EMAIL PROTECTED] [2004:01:19:02:39:14+] scribed:
 On Sun, 18 Jan 2004 18:00:51 -0500, Paul Morgan [EMAIL PROTECTED] wrote:
  On Sun, 18 Jan 2004 13:51:28 -0700, Doug Holland wrote:
 
  Run mount at the command line, with no arguments, and it'll tell you which 
  filesystems are mounted with which fs types.
  
  I'm not sure how to tell which mode an ext3 partition is using, though I think 
  running fsck may tell you.
 
  Running mount, as you suggest, will tell you with which options the FS
  was mounted, including the journaling mode.
 
 It just seems to echo what is in /etc/fstab. I wanted something which
 actually went and checked the partitions. 
snip /

If you want to know what the running OS is using, look to /proc :

   cat /proc/self/mounts

If that still tells you `ext3/ext2', then I suspect that the kernel and
the filesystem have some kind of (code) agreement to dynamically
negotiate -- but, that is only a guess ;

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

john -- cannot -show cracked passwords ???

[Michael D Schleif]

I am having problems with john.  Every morning, I get this message:

   Sending mail to jeff... John has cracked 1 passwords. If you want to
   see them, use john -show passwordfile. (See john(1) for details).

However, I cannot get john to show me:

   # sudo john -show /root/.john/john.tmp.9udtXe
   0 passwords cracked, 3 left


   # apt-show-versions john
   john/testing uptodate 1.6-23

   # sudo grep ^passfile /etc/john-mail.conf
   passfile=3D/root/.john/john.tmp

   # sudo ls -l /root/.john/
   total 4
   -rw---1 root root 1476 Jan 12 01:00 john.tmp.9udtXe

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


signature.asc
Description: Digital signature

Re: www.gnu.org, glibcbug, bug@gnu.org, dpkg-reconfigure locales

[Michael D Schleif]

s. keeling [EMAIL PROTECTED] [2004:01:10:15:18:27-0700] scribed:
 Incoming from Colin Watson:
  
  Try 'set charset=iso-8859-1' instead.
 
 That makes mutt mis-display foreign characters.  I've since just
 commented out that variable.

I have this:

   set charset=//TRANSLIT

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Ifup/ifdown

[Michael D Schleif]

Russell Shaw [EMAIL PROTECTED] [2004:01:11:14:37:42+1100] scribed:
snip /

 netstat -rn gives:
 
   Kernel IP routing table
   Destination Gateway Genmask Flags   MSS Window  irtt 
   Iface
   192.168.0.0 0.0.0.0 255.255.255.0   U40 0  0 
   eth0
 
 How do i get:
 
   192.168.0.0 127.0.0.1 255.255.255.0   U40 0  
   0 eth0

What -- exactly -- are you trying to do?

Please, step back from this, and take a long, hard look at what you
expect to happen.  Perhaps, you will find another way . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: dpkg and ownership of a file

[Michael D Schleif]

Brad Stockdale [EMAIL PROTECTED] [2004:01:08:13:32:36-0500] scribed:
 Hello all,
 
I am a newbie to Debian and I made a booboo.. While prepping a system 
 for production use, I accidentally overwrote /usr/include/unix.h with the 
 unix.h that comes from the imap2002e library (used by PHP to enable it to 
 use POP and IMAP protocols)...
 
So, now I cant get some stuff to compile due to the header file being 
 wrong...
 
My initial thought was Well, if Debian's package management is 
 anything like Redhat's, I should be able to find out what package owns that 
 file, and then I can reinstall the package.
 
So, I do a:
 
   dpkg -S unix.h
 
And it gives me no results... Well, gives me an auth_unix.h file, which 
 isnt what I'm looking for...
 
My question is: If Debian packages are just as good if not better than 
 Redhat RPM's, then why can I not find out what package owns that file?
 
Am I using the wrong command?

I suggest, if you know the full path to a file, then _first_ use that
with dpkg:

   dpkg -S /usr/include/unix.h

That way, you will get the definitive answer -- in this case:

   dpkg: /usr/include/unix.h not found.

Without the path to a file, dpkg -S gives you every package that has a
file that matches the regular expression, in your case:

   unix.h

which happens to match:

   libc6-dev: /usr/include/rpc/auth_unix.h

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

NFS mount Netware shares ???

[Michael D Schleif]

Is there some trick to mounting Netware shares via NFS?

Yes, I can get them mounted; but, the uid/gid is like nobody under AIX,
largest signed 32 bit number, and file access is extremely limited under
these circumstances.

   # df
   Filesystem   1K-blocks  Used Available Use% Mounted on
   /dev/sda2  1921156523412   1300152  29% /
   /dev/sda3   964532  5868909668   1% /tmp
   /dev/sda4  5368320   1692428   3403192  34% /usr
   irv:/DATA/mds-data48955392  42499672   6455208  87% /irv
   
   # mount
   /dev/sda2 on / type ext2 (rw,errors=remount-ro)
   proc on /proc type proc (rw)
   devpts on /dev/pts type devpts (rw,gid=5,mode=620)
   /dev/sda3 on /tmp type ext2 (rw)
   /dev/sda4 on /usr type ext2 (rw)
   irv:/DATA/mds-data on /irv type nfs 
(rw,noexec,nosuid,nodev,sync,rsize=8192,wsize=8192,addr=192.168.1.30,user=mds)
   
   # ls -al /irv/
   total 624
   drwxr-xr-x1 4294967294 4294967294 4096 Jan  5 18:03 .
   drwxr-xr-x   19 root root 4096 Dec  8 00:03 ..
   drwxr-xr-x1 4294967294 4294967294 4096 Apr 16  2003 ATI
   drwxr-xr-x1 4294967294 4294967294 4096 Apr 16  2003 Inetpub
   drwxr-xr-x1 4294967294 4294967294 4096 Apr 16  2003 LEAF
   -rw-r--r--1 4294967294 4294967294 7361 Oct 15  2002 Log.txt
   -rw-r--r--1 4294967294 4294967294  141 Jan 19  2003 PCcheck.LOG
   drwxr-xr-x1 4294967294 4294967294 4096 Apr 16  2003 Perl
   drwxr-xr-x1 4294967294 4294967294 4096 Apr 16  2003 TFTP-Root
   drwxr-xr-x1 4294967294 4294967294 4096 Apr 16  2003 apPs
   -rw-r--r--1 4294967294 4294967294   150528 Jul 22  2002 arcldr.exe
   -rw-r--r--1 4294967294 4294967294   163840 Jul 22  2002 arcsetup.exe
   drwxr-xr-x1 4294967294 4294967294 4096 Apr 16  2003 biN
. . .

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

tiger: howto manage flood of `deleted files' alerts ???

[Michael D Schleif]

I have been using tiger for nearly a year.  Several months ago, a new
test was added in:

   /usr/lib/tiger/scripts/check_finddeleted

Since then, several of my servers are flooded with alerts like this:

   NEW: --FAIL-- [kis011f] Server [apache] (pid 31863) is using deleted files

Yes, I know what it means; but, of the thousands that I have received, I
have not found one that warranted the alert.

No, I do *not* want to turn OFF this check; but, I need to find some way
to manage the output of this check.  I have searched the archives of
debian-user and debian-security, and I have googled; but, I have not
found a solution to this dilemma.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Bookmarks: Konqueror *AND* Mozilla ???

[Michael D Schleif]

For various reasons, I use _both_ Konqueror and Mozilla browsers.

What are the best ways to maintain bookmarks that are accessible and
update-able by _both_ browsers?

In other words, I want to centralize my bookmarks, and I want to be able
to -- easily and readily -- add to them from any browser, or at least
these two browsers.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: messages in mutt: \225 etc

[Michael D Schleif]

Lucas Bergman [EMAIL PROTECTED] [2003:12:31:08:10:39-0600] scribed:
snip /

 In the Windows 1252 character set, \225 represents a bullet, which
 seems likely to be the intention here.  See:
 
   http://www.jwz.org/docs/charsets.html
snip /

That link does not work here.  Have you checked it recently?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Best Practices: CGI.pm CSS2 ???

[Michael D Schleif]

Please, somebody point me to URL's that provide examples and best
practices of using CSS2, CGI.pm and XHTML v1.x.

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Best Practices: CGI.pm CSS2 ???

[Michael D Schleif]

Bijan Soleymani [EMAIL PROTECTED] [2003:12:29:23:57:16-0500] scribed:
 On Mon, Dec 29, 2003 at 10:51:06PM -0600, Michael D Schleif wrote:
  Please, somebody point me to URL's that provide examples and best
  practices of using CSS2, CGI.pm and XHTML v1.x.
 
 Well I'm one for thorough reference material so for CSS2 and XHTML
 I would recommend you look through the www consortium pages at:
 http://www.w3c.org
 
 As for CGI.pm I would do a:
 apt-get install perl-doc
 
 and then:
 apropos CGI
 man CGI
 
 That's enough to get me going. But if you would like more tutorial-
 like resources, then I recommend you search google.

Yes, I have been googling ;

I suppose that I wasn't adequately clear as to my request:

   I want to find tutorials, examples, c. of using all three (3)
   together: CGI.pm, CSS2 and XHTML.  In other words, what are the best
   ways to leverage the union of all three tools?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Where is ptkdb ???

[Michael D Schleif]

Where can I find ptkdb in DEB?

   # apt-show-versions perl
   perl/unstable uptodate 5.8.2-2

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: PDF cut--paste ???

[Michael D Schleif]

Paul Johnson [EMAIL PROTECTED] [2003:12:17:19:35:49-0800] scribed:
 On Tue, Dec 16, 2003 at 01:05:44AM -0600, Michael D Schleif wrote:
  Which PDF readers allow blocking and cut--paste?
 
 kpdf does, but unfortunately, most PDF creators are idiots and scan
 documents without OCR or anything like that to make selectable text.

OK, I'll bite -- what is kpdf?  Where can I get it?

These return nothing:

   apt-cache search kpdf
   dpkg -S kpdf

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

PDF cut--paste ???

[Michael D Schleif]

Which PDF readers allow blocking and cut--paste?

Also, which allow searching for text and phrases?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

mod_perl ???

[Michael D Schleif]

Is anybody else having problems with recent libapache-mod-perl?

I have two (2) debian systems that segfault on apache startup, as soon
as I insert the LoadModules line into /etc/apache/httpd.conf.

I have opened Bug#224049, and I have posted to debian-user,
debian-apache and [EMAIL PROTECTED] without response.

I wonder if I am doing something wrong, or there is something peculiar
about my two systems.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: PDF cut--paste ???

[Michael D Schleif]

Roberto Sanchez [EMAIL PROTECTED] [2003:12:16:16:43:11-0500] scribed:
 Patrick Lesslie wrote:
 On Tue, Dec 16, 2003 at 06:46:16PM +1100, Patrick Lesslie wrote:
 
 On Tue, Dec 16, 2003 at 01:05:44AM -0600, Michael D Schleif wrote:
 
 Which PDF readers allow blocking and cut--paste?
 
 Also, which allow searching for text and phrases?
 
 xpdf allows cut and paste.  It feels funny because it is a
 pixel-wise block, but it works.
 
 For searching, it might be enough to use pdftotext | grep string
 I don't know which other ones allow searching.
 
 Ok, I take that back ... xpdf has a search button.
 
 Acroread also does both.  But it is non-free.
 
 -Roberto

That's just it -- I cannot get acroread (v5) to block-cut--paste.

Yes, I know that it is possible to create PDF's without ability to do
that; but, the *same* PDF's from which I can cut--paste in windoze, I
_cannot_ cut--paste under debian.  Is there something other than the
text-select mode?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: PDF cut--paste ???

[Michael D Schleif]

Roberto Sanchez [EMAIL PROTECTED] [2003:12:16:19:56:53-0500] scribed:
 Michael D Schleif wrote:
 Roberto Sanchez [EMAIL PROTECTED] [2003:12:16:16:43:11-0500] scribed:
 
 Patrick Lesslie wrote:
 
 On Tue, Dec 16, 2003 at 06:46:16PM +1100, Patrick Lesslie wrote:
 
 
 On Tue, Dec 16, 2003 at 01:05:44AM -0600, Michael D Schleif wrote:
 
 
 Which PDF readers allow blocking and cut--paste?
 
 Also, which allow searching for text and phrases?
 
 xpdf allows cut and paste.  It feels funny because it is a
 pixel-wise block, but it works.
 
 For searching, it might be enough to use pdftotext | grep string
 I don't know which other ones allow searching.
 
 Ok, I take that back ... xpdf has a search button.
 
 Acroread also does both.  But it is non-free.
 
 -Roberto
 
 
 That's just it -- I cannot get acroread (v5) to block-cut--paste.
 
 Yes, I know that it is possible to create PDF's without ability to do
 that; but, the *same* PDF's from which I can cut--paste in windoze, I
 _cannot_ cut--paste under debian.  Is there something other than the
 text-select mode?
 
 What do you think?
 
 Are those PDF docs optimized for Acrobat 6 (as opposed to Acrobat 5)?
 
 -Roberto

No.  As a matter of fact, my résumé on my website was created prior to
v6, and I cannot cut--paste from that.

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: mod_perl ???

[Michael D Schleif]

Michael D Schleif [EMAIL PROTECTED] [2003:12:16:12:23:53-0600] scribed:
 Is anybody else having problems with recent libapache-mod-perl?
 
 I have two (2) debian systems that segfault on apache startup, as soon
 as I insert the LoadModules line into /etc/apache/httpd.conf.
 
 I have opened Bug#224049, and I have posted to debian-user,
 debian-apache and [EMAIL PROTECTED] without response.
 
 I wonder if I am doing something wrong, or there is something peculiar
 about my two systems.
 
 What do you think?

OK, please, help me roll my own.

I have not done this; but, I want to apt-get the source, and compile it
into a DEB, and install it in such a manner that I will have the option
to upgrade to the next official libapache-mod-perl.

How do I do this?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Can we tag [T]echnical posts?

[Michael D Schleif]

Karsten M. Self [EMAIL PROTECTED] [2003:12:13:01:11:45-0800] scribed:
snip /
 Addressing this specifically:  while there's a lot of similarity of
 interests on this list, it's neither a social nor general discussion
 list.  I see no particular reason the Debian Project or SPI should be
 compelled to provide infrastructure for either.   One of the people
 quoted in this post has hit my own s/n annoyance threshold.  While she
 may not appreciate being told so, it doesn't change the facts.  And it
 makes her own lecturing at least mildly ironic.

Hey, dude, it's acerbic comments like this that prompt many to see you
as a misanthrope.

Sure, you have a right to your opinion, and you have every right to
express same; but, could you tone it down a bit, or make a special
effort to find your delete key before your blood pressure goes through
the roof?

From my experience, diatribes like these, on a mailing list for which
you have no administrative mandate, only rankle the loudmouths further,
and prompt many to exclaim, Who died and made you god?

I am not one to be giving lessons in diplomacy; but, I find many of your
adjective laden value judgments to be more than a little off base . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

mod_perl non-configurability ???

[Michael D Schleif]

   # sudo /etc/init.d/apache restart
   Reloading apache modules/etc/init.d/apache: line 70: 19518 Segmentation
   fault  start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
   failed

   # COLUMNS=120 dpkg -l '*apache*' | grep ^i | cut -c 0-50
   ii  apache   1.3.27.0-2   
   ii  apache-common1.3.27.0-2   
   ii  libapache-mod-jk 3.3.1a-1 
   ii  libapache-mod-perl   1.27-4   
   ii  libapache-mod-perl-doc   1.29.0.1-1cvs20031206
   ii  libapache-mod-webapp 1.3.0-1.0.ipv6.r1

   # ls -l /usr/lib/apache/1.3/mod_perl.so
   -rw-r--r--1 root root   327584 Apr 14  2003
   /usr/lib/apache/1.3/mod_perl.so

   # grep -i perl /etc/apache/httpd.conf | grep mod
   LoadModule perl_module /usr/lib/apache/1.3/mod_perl.so

   # dpkg -L libapache-mod-perl | grep -i read | sort
   /usr/share/doc/libapache-mod-perl/README.gz
   /usr/share/doc/libapache-mod-perl/examples/README

Apache works just fine *without* that LoadModule line, and no other
changes to httpd.conf repeatedly result in this error.

I cannot find a README.Debian, nor have I found any manual instructions
for configuring httpd.conf.  I _did_ manually add the LoadModule line,
since I have had to do that before on other systems.  mod_php install
offers to do that automatically; but, mod_perl installation offered no
such assistance.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: FHS and other things Mark should have read with comprehension (was Re: unchecked 31 times)

[Michael D Schleif]

Karsten M. Self [EMAIL PROTECTED] [2003:12:03:06:15:29-0800] scribed:
snip /
 
 See, variously, the FHS, and my own partitioning guidelines:
 
 http://twiki.iwethey.org/Main/NixPartitioning
snip /

Since Debian places logfiles under /var/log, I always create a separate
/var/log partition.  If logfiles ever spew out of control, my systems
continue to function . . .

Is there some reason *not* to protect the rest of /var?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: finding what is using a mount point

[Michael D Schleif]

Micha Feigin [EMAIL PROTECTED] [2003:11:21:15:43:49+0200] scribed:
 I mounted an image through a loop interface and now when I try to unload
 it I get a message:
 umount: /home/micha/tmp: device is busy
 I made sure no file is open from there but nothing helps.
 How do I see what is using that mount point?

   # dpkg -S /usr/bin/lsof
   lsof: /usr/bin/lsof

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: What is required to deliver system mail locally ???

[Michael D Schleif]

Andreas Janssen [EMAIL PROTECTED] [2003:11:15:09:15:22+0100] scribed:
 Hello
 
 John L. Fjellstad ([EMAIL PROTECTED]) wrote:
 
  On Saturday 15 November 2003 01:42, Michael D Schleif wrote:
  I do not want exim, nor its ilk, on open port 25.
 
  I do want system mail (cron, error messages, c.) to be delivered to
  root.
 
  Is exim required?
 
  If I uninstall exim, will system mail continue to be delivered?
 
  What is the Debian way to accomplish these goals?
  
  You don't need a MTA (like Exim) listening on port 25, to have it do
  local
  delivery.  For instance, in qmail (which I'm familiar with), the
  listener program is a separate program from the delivery mechanism
  (don't know how it is in exim).
 
 In fact, exim doesn't have to be running at all to have local email
 delivered. Deinstalling however will cause dependency problems because
 packages like anacron, at, mailx and logrotate depend on MTA.

OK, I guess this is where my thinking comes in.

I have rerun eximconf, and told it to use option #4, that this computer
is *not* on the Internet, and to only deliver local mail.  Of course,
now nothing is listening on port 25 ;

Nevertheless, having exim installed on this system appears to be
overkill, and a possible security hole.

I want local system mail delivered; and, I want ``packages like anacron,
at, mailx and logrotate'' to function properly.

What is the Debian way to promote this absolutely minimal mail system?

How do others handle this?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: What is required to deliver system mail locally ???

[Michael D Schleif]

Andreas Janssen [EMAIL PROTECTED] [2003:11:15:18:34:36+0100] scribed:
 Hello
 
 Jacob S. ([EMAIL PROTECTED]) wrote:
 
  On Sat, 15 Nov 2003 08:27:28 -0600
  Michael D Schleif [EMAIL PROTECTED] wrote:
  
  snip
  
  I have rerun eximconf, and told it to use option #4, that this
  computer is *not* on the Internet, and to only deliver local mail. 
  Of course, now nothing is listening on port 25 ;
  snip
  
  Are you sure nothing's listening on port 25? I just checked with a
  telnet name 25 to one of the machines on my network running exim
  that I configured with the same option #4 and got the usual SMTP
  greeting identifying itself as Exim 3.35.
  
  I think option #4 just skips asking you details about how to send and
  receive e-mail from the internet because you told it you only want
  mail delivered locally. However, it still listens to port 25 because
  you said you *do* want mail delivered locally, by selecting #4.
 
 Running eximconfig and selecting local delivery doesn't affect on which
 port exim is listening. With the default settings, exim is started by
 inetd, which listens on /all/ interfaces, no matter what you tell exim
 to do. Even if you tell exim to do local delivery only.
 
 If you switch off inetd manually or switch off smtp in inetd.conf,
 eximconfig will not change this (at least if you select option 4).
 However, if you switch off smtp in inetd.conf and you still have the
 init scripts for exim, exim will automatically start in standalone mode
 the next time you reboot.

Yes, I did this, after eximconfig:

   sudo update-inetd --disable smtp

Yes, I know that I can run any number of MTA's, including exim, qmail,
c.  However, my point is that there are boxen on which *only* local,
system mail is appropriate.  Mine is one of those.

In this case, what is the Debian way to run an absolutely minimum MTA,
the smallest possible footprint, least likely setup to disrupt apt-get'd
applications, and as secure as possible.

So far, I have not seen any response address this.  Or, am I missing
something?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: inetd vs. inetutils-inetd

[Michael D Schleif]

Monique Y. Herman [EMAIL PROTECTED] [2003:11:15:15:12:02-0700] scribed:
 I returned from vacation today and upgraded my unstable box.  After
 doing so, I could no longer connect to my newsserver on localhost.
 
 After some poking around, I discovered that I had both /etc/init.d/inetd
 and /etc/init.d/inetutils-inetd, both of which were running.  I killed
 all related process for both of them and just started up the inetutils
 version, after which I was again able to connect.
 
 So far so good.  I poked through /var/lib/dpkg/info/*.list, and no one
 there claims to know anything about /usr/sbin/inetd, which is the app
 called by /etc/init.d/inetd.  I'm 99% sure that it must have arrived as
 part of a package, so this seems kind of weird.  Anyone have any
 familiarity with this?  Should I just delete the related files and move
 on with life?

   # dpkg -S /usr/sbin/inetd
   netkit-inetd: /usr/sbin/inetd

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

What is required to deliver system mail locally ???

[Michael D Schleif]

I am building a Debian web server for a DMZ.

I do not want exim, nor its ilk, on open port 25.

I do want system mail (cron, error messages, c.) to be delivered to
root.

Is exim required?

If I uninstall exim, will system mail continue to be delivered?

What is the Debian way to accomplish these goals?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

php syslog lockup ???

[Michael D Schleif]

I am working on a project with Apache, PHP4 and MySQL on a Debian box.
I am no PHP expert; but, those that supposedly are, are stumped by the
following problem.

They are developing on an older Red Hat box.  Also, in July, I built a
VMware image of a Debian box, since the production box is to be Debian
woody.  On these systems, the problem does no occur.

On the main Debian box, assembled last month, the application locks up
everytime it makes a call to the syslog function.  The developers are
stumped by this, saying that ``everybody'' uses this function.  Near as
I can tell, this syslog function comes from phpwebtools v0.4.0,
class.syslog.php.

This is a typical function call:

   syslog(LOG_INFO,FUNCTIONS.php|verify_auth login attempt $user );

I have tried to identify the problem by sticking similar calls at
various places in the code, then tracing via web interaction.  On the
problem system, the first instance of the syslog function call that I
get to, the application appears to lock up and time out.  When I comment
out that call, the application goes on, and locks up at the next call.

To reiterate, this does *not* occur on the Red Hat nor VMware Debian
boxen.  Furthermore, main supporting apps are identical DEB's:

   ii  apache  1.3.27.0-2
   ii  apache-common   1.3.27.0-2
   ii  mysql-client4.0.13-3
   ii  mysql-common4.0.13-3
   ii  mysql-server4.0.13-3
   ii  php44.1.2-6woody3
   ii  php4-cgi4.1.2-6woody3
   ii  php4-mysql  4.1.2-6woody3

Anybody seen such a phenomenon?

What do you think?


-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: PAM rejecting valid username/passwd ???

[Michael D Schleif]

Michael D Schleif [EMAIL PROTECTED] [2003:10:31:19:19:32-0600] scribed:
 It all started after rebooting to correct a scsi module problem ;
 
 My logon and email fetching has been working *without* incident for many
 months.
 
 Now, my user (mds) can no longer ssh into a remote debian system:
 
# ssh -X deb.platinumaire.net
[EMAIL PROTECTED]'s password: 
Permission denied, please try again.
[EMAIL PROTECTED]'s password: 
Permission denied, please try again.
[EMAIL PROTECTED]'s password: 
Permission denied (publickey,password,keyboard-interactive).
 
 Fortunately, I have another logon that works.  I have logged on as
 another user, su'd to mds, changed my password several times, tested it
 while logged on -- each time, ssh logon fails:
 
Oct 31 19:11:51 deb sshd[585]: Failed password for mds from 12.248.228.98 port 
 63393 ssh2
Oct 31 19:12:04 deb last message repeated 2 times

OK, my bad, on the fetchmail/PAM thing, I forgot to change my fetchmail
passwd -- so, fetchmail *CAN* remotely access my account on that remote
box.

However, I still *CANNOT* ssh into my account on that box.

Any ideas?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: PAM rejecting valid username/passwd ???

[Michael D Schleif]

Michael D Schleif [EMAIL PROTECTED] [2003:11:01:08:58:14-0600] scribed:
 Michael D Schleif [EMAIL PROTECTED] [2003:10:31:19:19:32-0600] scribed:
  It all started after rebooting to correct a scsi module problem ;
  
  My logon and email fetching has been working *without* incident for many
  months.
  
  Now, my user (mds) can no longer ssh into a remote debian system:
  
 # ssh -X deb.platinumaire.net
 [EMAIL PROTECTED]'s password: 
 Permission denied, please try again.
 [EMAIL PROTECTED]'s password: 
 Permission denied, please try again.
 [EMAIL PROTECTED]'s password: 
 Permission denied (publickey,password,keyboard-interactive).
  
  Fortunately, I have another logon that works.  I have logged on as
  another user, su'd to mds, changed my password several times, tested it
  while logged on -- each time, ssh logon fails:
  
 Oct 31 19:11:51 deb sshd[585]: Failed password for mds from 12.248.228.98 port 
  63393 ssh2
 Oct 31 19:12:04 deb last message repeated 2 times
 
 OK, my bad, on the fetchmail/PAM thing, I forgot to change my fetchmail
 passwd -- so, fetchmail *CAN* remotely access my account on that remote
 box.
 
 However, I still *CANNOT* ssh into my account on that box.

Furthermore, I have done this from the remote system:

   /usr/sbin/sshd -d -d -d -p 2

Whereupon, when I attempt to ssh logon, I get this after the third
password entry:

   debug1: userauth-request for user mds service ssh-connection method password
   debug1: attempt 5 failures 5
   debug2: input_userauth_request: try method password
   debug3: mm_auth_password entering
   debug3: mm_request_send entering: type 10
   debug3: monitor_read: checking request 10
   debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
   debug3: mm_request_receive_expect entering: type 11
   debug3: mm_request_receive entering
   debug1: PAM password authentication failed for mds: Authentication failure
   debug3: mm_answer_authpassword: sending result 0
   debug3: mm_request_send entering: type 11
   Failed password for mds from 12.248.228.98 port 63816 ssh2
   debug3: mm_request_receive entering
   debug3: mm_auth_password: user not authenticated
   Failed password for mds from 12.248.228.98 port 63816 ssh2
   Connection closed by 12.248.228.98
   debug1: Calling cleanup 0x806e050(0x0)
   debug1: Calling cleanup 0x80629f0(0x0)

Other ssh logons are un-affected and function properly.

I suppose that I'll have to post to the openssh mailing list.

Any ideas?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Adding scsi devices ???

[Michael D Schleif]

A remote colleague has a debian system that has been running fine with
stock kernel-image-2.4.18-1-686; but, until now, *not* running any SCSI
devices.

Last night, he added a SCSI cdrom and tape drive to the system.  He
insists that the AIC-7980 controller lists the devices during post.

dmesg does *not* show the controller; nor does scsi_devfs_scan.

I have a system with similar scsi devices; but, different kernel:

   # cat /proc/modules | grep -i scsi
   ide-scsi   10480   0
   ide-mod98808   1 [ide-cd ide-probe-mod ide-scsi]
   scsi_mod   94848   4 (autoclean) [st ide-scsi sd_mod aic7xxx]

His shows this:

   # cat /proc/modules | grep -i scsi
   scsi_mod   84952   1 (autoclean) [sr_mod]

Neither system has any aic7xxx listed in:

   /etc/modules
   /etc/modules.conf

I have built systems with scsi support from ground zero; but, I have not
added scsi to a non-scsi system.

What are we missing?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Adding scsi devices ???

[Michael D Schleif]

Douglas M. MacFarlane [EMAIL PROTECTED] [2003:10:31:15:58:09-1200] scribed:
  His shows this:
 
 # cat /proc/modules | grep -i scsi
 scsi_mod   84952   1 (autoclean) [sr_mod]
 
  What are we missing?
 
 Use modconf to add the st and sr_mod modules to load at boot.

I do not know why I always forget this ;

First, I needed to use modconf to install aic7xxx.

Then, I needed to use modconf to install these:
   ide-scsi
   sd_mod
   sg
   sr_mod
   st

Now, his system is functioning as expected.

Thank you.

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

PAM rejecting valid username/passwd ???

[Michael D Schleif]

It all started after rebooting to correct a scsi module problem ;

My logon and email fetching has been working *without* incident for many
months.

Now, my user (mds) can no longer ssh into a remote debian system:

   # ssh -X deb.platinumaire.net
   [EMAIL PROTECTED]'s password: 
   Permission denied, please try again.
   [EMAIL PROTECTED]'s password: 
   Permission denied, please try again.
   [EMAIL PROTECTED]'s password: 
   Permission denied (publickey,password,keyboard-interactive).

Fortunately, I have another logon that works.  I have logged on as
another user, su'd to mds, changed my password several times, tested it
while logged on -- each time, ssh logon fails:

   Oct 31 19:11:51 deb sshd[585]: Failed password for mds from 12.248.228.98 port 
63393 ssh2
   Oct 31 19:12:04 deb last message repeated 2 times

Worse, I remotely gather email from that system via fetchmail, which is
also failing.  Fortunately (?) this, at least, gives me a clue:

   Oct 31 19:08:01 deb cron(pam_unix)[558]: session opened for user mail by (uid=0)
   Oct 31 19:08:02 deb cron(pam_unix)[558]: session closed for user mail
   Oct 31 19:08:09 deb popa3d(pam_unix)[576]: authentication failure; logname= uid=0 
euid=0 tty= ruser= rhost=  user=mds
   Oct 31 19:10:56 deb popa3d(pam_unix)[582]: authentication failure; logname= uid=0 
euid=0 tty= ruser= rhost=  user=mds

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: sed problem

[Michael D Schleif]

Dave selby [EMAIL PROTECTED] [2003:10:19:11:37:44+0100] scribed:
 I need to get the contents of a HTML title tag  put it in a string.
 
 ie
 titlespecialist cards/title
 
 I need the specialist cards in  a variable $titlecontents
 I thought it would be easy with sed
 
 sed -n '/title/,/\/title/p'
 
 But no go. I have tried various ways but to no avail.

Which of these best meets your loosely described needs?

  sed -n '/^title[^]*\/title/p'
  sed -n '/\/*title/p'
  sed -n 's!/*title!!gp'

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: OT - Programming Languages w/o English Syntax

[Michael D Schleif]

Arnt Karlsen [EMAIL PROTECTED] [2003:10:19:15:19:21+0200] scribed:
snip /

 Red China Communism came from where?  ;-)

Just to quickly jump in, then back out of this trivial, off-topic
polemic:

[a] There is not, nor has there ever been, a Communist government.  The
Soviet Union, Peoples Republic of China, et al. are -- at best --
socialist states, which is not Communism.

[b] There is not, nor has there ever been, a Democratic government.  The
United States of America, Great Britain, et al. are -- at best --
Republics, and a Republic is *not* a Democracy.

... We are now returning to our irregularly scheduled program ...

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Special control characters ???

[Michael D Schleif]

First, two examples:

   ^I
   ^M

Obviously, you know that these are each single characters, and not two:
caret+letter.

Where do these come from?  Are they features of the shell?

Where is an exhaustive list of such special control characters, and
their definitions?

They come in quite handy for shell scripts, and I'm sure there are those
about which I do not know, that can make life easier.

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Licensing requirements ???

[Michael D Schleif]

Joey Hess [EMAIL PROTECTED] [2003:10:11:11:56:08-0400] scribed:
 Chris Spencer wrote:
  That's correct.  You must purchase a MySQL license to use it in this
  fashion.  Apache, PHP, and Debian are all fine.  No purchase is
  required.
  
   What are the repercussions to my client, as a result of this model?
  
  Buy MySQL.  Make the product.  Sell the product.  
 
 The situation you describe would mean that mysql would be non-free, and
 thus not part of Debian.
 
 The license of mysql 4.0.14 is a mixture of the GPL, LGPL and BSD
 licenses, with nothing prohibiting commercial use. I see nothing in
 the license to call for purchase of a special mysql license for this
 use.

Especially Section 3:

   http://www.mysql.com/products/licensing.html

Am I misinterpreting this?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Licensing requirements ???

[Michael D Schleif]

Shyamal Prasad [EMAIL PROTECTED] [2003:10:11:18:26:01-0500] scribed:
 Joey == Joey Hess [EMAIL PROTECTED] writes:
 
 Joey Chris Spencer wrote:
  That's correct.  You must purchase a MySQL license to use it in
  this fashion.  Apache, PHP, and Debian are all fine.  No
  purchase is required.
  
   What are the repercussions to my client, as a result of this
  model?
  
  Buy MySQL.  Make the product.  Sell the product.
 
 Joey The situation you describe would mean that mysql would be
 Joey non-free, and thus not part of Debian.
 
 mysql is licensed under GPL, but the original poster wanted to keep
 certain modifications to the complete application proprietary. To do
 this they would have to purchase a commercial license from MySQL AB.
 
 I don't remember how exactly it was done, but the MySQL licensing
 terms define any application that uses the database to implement a
 major part of its features is deemed a modification (or something
 similar) of mysql, and so the entire application must be GPL'ed.

Yes, this is my interpretation of Section 3 at:

   http://www.mysql.com/products/licensing.html

My problem is trying to understand the final impact of those words.
Seems to be a difference of opinion on this list; so, I guess I need to
take this up with the MySQL folks.

Nonetheless, consensus on this list indicates that no other piece of
what we are doing is questionable license-wise?

Anybody disagree?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Convert realaudio to free audio ???

[Michael D Schleif]

Ryan Nowakowski [EMAIL PROTECTED] [2003:10:09:00:47:57-0500] scribed:
 On Wed, Oct 08, 2003 at 10:22:40PM -0500, Michael D Schleif wrote:
  I am constantly receiving realaudio files, and I want to listen to them;
  but, I do not want to install non-free programs on my system.
  
  Is there some way to convert these audio files to some other format,
  preferably by CLI?
 
 Check out vsound.

Cool -- but, it still requires realplayer, which is what I am avoiding
;

Other ideas?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Convert realaudio to free audio ???

[Michael D Schleif]

Haim Ashkenazi [EMAIL PROTECTED] [2003:10:09:16:13:15+0200] scribed:
 Michael D Schleif wrote:
 
  I am constantly receiving realaudio files, and I want to listen to them;
  but, I do not want to install non-free programs on my system.
  
  Is there some way to convert these audio files to some other format,
  preferably by CLI?
  
 mplayer can play realplayer files (I guess that audio too). I'm not sure
 about converting them though...

Where do I get mplayer?  Is it `free'?  If so, why is it not in any of
my may sources?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Convert realaudio to free audio ???

[Michael D Schleif]

Dave Carrigan [EMAIL PROTECTED] [2003:10:09:08:12:11-0700] scribed:
 On Thu, Oct 09, 2003 at 10:07:40AM -0500, Michael D Schleif wrote:
 
  Where do I get mplayer?  
 
 deb http://marillat.free.fr/ unstable main
 
  Is it `free'?  
 
 Let's not reopen it on this list. Ask google about debian and mplayer.

I'll take that as a `NO' . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Licensing requirements ???

[Michael D Schleif]

OK, this is my first foray into a sale-able product, based on `free'
software.

I am working with a company that is writing software that is to be sold
to their customers.  I have specified Debian as the OS on which this all
runs; so, here I am on this list to learn the ropes of `free' software.

Other than Debian, the software uses Apache, MySQL and PHP.

My client wants to retain all rights to their software, and is not
willing to release their software in any `free' software fashion.

Also, in order to manage problems and maintain SLA's, this software is
to be sold as an integral piece of a system -- somewhat of a blackbox.
In other words, their customers will pay one basic price, and receive an
installed hardware server, on which Debian and software are installed
turnkey.

Everything other than the proprietary software is straight DEB
installed, so their is no issue of distributing modified `free'
software.  However, the MySQL licensing model seems to indicate that a
licensing fee is due them; and, I wonder about others.

What are the repercussions to my client, as a result of this model?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: man dangling symlink question

[Michael D Schleif]

Monique Y. Herman [EMAIL PROTECTED] [2003:10:09:12:03:32-0600] scribed:
 On Thu, 09 Oct 2003 at 08:35 GMT, Colin Watson penned:
  On Wed, Oct 08, 2003 at 07:59:20PM -0500, Michael D Schleif wrote:
  It seems endemic that many package changes are ignorant of that dark
  corner of dpkg package that is /usr/sbin/update-alternatives -- why
  is that?
  
  It doesn't help that update-alternatives has historically been buggy
  and prone to randomly set links back to auto mode when you didn't want
  it to. Furthermore, it's very unclear exactly when packages are
  supposed to call update-alternatives in order to get upgrades right,
  and there's still no policy on this (see bug #71621).
 
 I'd never heard of update-alternatives or /etc/alternatives until a few
 days ago on this list, and to be honest I'm still a little (a lot) foggy
 on what exactly it's used for.  For instance, I have
 /etc/alternatives/vi and /etc/alternatives/editor ... what applications
 will use these values?   To make it even more confusing, I see the
 following:
 
 [EMAIL PROTECTED]:~$ ls -l /usr/bin/vi
 lrwxrwxrwx1 root root   20 Jun 30  2002 /usr/bin/vi -
 /etc/alternatives/vi*
 
 Obviously, this is an example of something using alternatives, but in
 this case, what was the something?  How do I find out which packages
 are using alternatives?
 
 Sorry for all the ignorant questions; the whole system sounds vaguely
 promising, but I can't quite get a grip on it yet.

   # dpkg -L dpkg | grep alternatives | sort
   /etc/alternatives
   /etc/alternatives/README
   /usr/sbin/update-alternatives
   /usr/share/man/fr/man8/update-alternatives.8.gz
   /usr/share/man/ja/man8/update-alternatives.8.gz
   /usr/share/man/man8/update-alternatives.8.gz
   /var/lib/dpkg/alternatives

   # man update-alternatives

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Licensing requirements ???

[Michael D Schleif]

Roberto Sanchez [EMAIL PROTECTED] [2003:10:09:14:18:30-0400] scribed:
 Michael D Schleif wrote:
snip /
 
 I am working with a company that is writing software that is to be sold
 to their customers.  I have specified Debian as the OS on which this all
 runs; so, here I am on this list to learn the ropes of `free' software.
 
 Other than Debian, the software uses Apache, MySQL and PHP.
 
 My client wants to retain all rights to their software, and is not
 willing to release their software in any `free' software fashion.
snip /
 
 These questions are probably more appropriate for the debian-legal
 mailing list.

Yes, that is a good point, and I have posted this to debian-legal.

Nevertheless, I am interested in suggestions from the larger userbase of
debian-user . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: man dangling symlink question

[Michael D Schleif]

Monique Y. Herman [EMAIL PROTECTED] [2003:10:08:16:41:21+] scribed:
 Cron keeps yapping at me, so I investigate and find the following:
 
 home:~# ls -l  /usr/share/man/man1/tixindex.1.gz
 lrwxrwxrwx1 root root   31 Sep 21 10:12 
 /usr/share/man/man1/tixindex.1.gz - /etc/alternatives/tixindex.1.gz
 home:~# ls -l /etc/alternatives/tixindex.1.gz
 lrwxrwxrwx1 root root   36 Sep 26 19:56 
 /etc/alternatives/tixindex.1.gz - /usr/share/man/man1/tixindex8.1.1.gz
 home:~# ls /usr/share/man/man1/tix*
 /usr/share/man/man1/tixindex.1.gz@  /usr/share/man/man1/tixwish8.1.1.gz
 /usr/share/man/man1/tixwish.1.gz@
 
 My question: what exactly is tixindex an alternative *for*?  Am I safe
 just blowing away both those symlinks?

First of all, a dangling symlink is at best useless, and at worst
dangerous.  As it is, it contributes _nothing_ of value to your system;
so, deleting it adds value.

Second, if you really need it, you need to find out from which package
it comes:

   dpkg -S /usr/share/man/man1/tixindex.1.gz

Either reinstall that package, or contact its maintainer to correct the
erroneous link.

It seems endemic that many package changes are ignorant of that dark
corner of dpkg package that is /usr/sbin/update-alternatives -- why is
that?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Convert realaudio to free audio ???

[Michael D Schleif]

I am constantly receiving realaudio files, and I want to listen to them;
but, I do not want to install non-free programs on my system.

Is there some way to convert these audio files to some other format,
preferably by CLI?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: simple text formatting

[Michael D Schleif]

Gregory Seidman [EMAIL PROTECTED] [2003:10:06:07:21:02-0400] scribed:
 On Sun, Oct 05, 2003 at 11:37:57PM -0700, Mike Egglestone wrote:
 } Hi,
 } 
 } I have a file in this format of words:
 } 
 } joe jill bill bob frank tom harry
 } 
 } and want to convert the file to this format:
 } 
 } joe
 } jill
 } bill
 } bob
 } frank
 } tom
 } harry
 } 
 } Is there an easy way to this? The file I have has hundreds of entries.
 
 The various for loop solutions are miserably inefficient and are overly
 complex. The sed solution is almost reasonable. This is the simplest and
 cleanest solution, however:
 
 tr ' ' '\012'  infile  outfile

Assuming, of course, that *all* whitespace is exactly one (1) character
wide, and that *no* whitespace is a tab . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: spamassassin: recent process slowdown ???

[Michael D Schleif]

Greg Folkert [EMAIL PROTECTED] [2003:10:04:09:51:00-0400] scribed:
 On Sat, 2003-10-04 at 01:53, Michael D Schleif wrote:
  Since the end of last week, spamd processing time per message has gone
  from ~6 seconds to 30 seconds.
  
  I am not clear whether or not any recent upgrades have changed
  spamassassin.
  
  I did not, at first, attribute my mail processing slowdown to
  spamassassin; rather, exim was timing out on procmail.  While trying to
  identify problems with procmail, I had turned on some verbose logging
  that indicated long timeouts to some rbl[s]; but, today I cannot
  duplicate such logging ;
  
  I searched the archives at spamassassin.org and debian-user, and I do
  not see any similar report.
 Would maybe the DDoS on all the RBL Lists cause this slowdown...  I
 believe so.

Yes, I believe that this maybe the cause of my woes.  However, mostly
what I wanted, as result to my post, are answers to following:

  How can I get verbose logging information from spamd?
 
  What else can I investigate to determine root cause?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Limiting access to website ???

[Michael D Schleif]

We are working on a web-based application.  It will use mod_ssl to
secure transactions.

We want to limit access to the application.  Yes, we have
username/password authentication; but, we are also considering
host-based limits.

Can this be done with [mod_]ssl?  Can access to a website require a
certificate on the browser side?  If so, please, point me in the right
direction (e.g., URL's, documentation, applications, c.)

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Limiting access to website ???

[Michael D Schleif]

Aaron [EMAIL PROTECTED] [2003:10:04:15:02:38-0400] scribed:
 Michael D Schleif [EMAIL PROTECTED] said,
  We are working on a web-based application.  It will use mod_ssl to
  secure transactions.
  
  We want to limit access to the application.  Yes, we have
  username/password authentication; but, we are also considering
  host-based limits.
  
  Can this be done with [mod_]ssl?  Can access to a website require a
  certificate on the browser side?  If so, please, point me in the right
  direction (e.g., URL's, documentation, applications, c.)
 
 Dare I suggest www.apache.org?

Yes, you may.

I have reacquainted myself with this:

   http://httpd.apache.org/docs/misc/FAQ.html#dnsauth

However, I am wondering whether or not this can be done with SSL-type
certificates?  I admit that I have not gone completely through all of
the mod_auth* alternatives . . .

I am clear how SSL certificates establish trust -- client/browser trust
of the remote webserver/application.

Can this be inverted?  Can the webserver/application establish trust of
the client/browser via certificates, or something similar?  We are
looking for some authentication of the client side that does *not*
require userland interaction.

If this is google-able, please, help me with search criteria . . .

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Limiting access to website ???

[Michael D Schleif]

Dave Carrigan [EMAIL PROTECTED] [2003:10:04:12:31:02-0700] scribed:
 On Sat, Oct 04, 2003 at 12:50:39PM -0500, Michael D Schleif wrote:
  We are working on a web-based application.  It will use mod_ssl to
  secure transactions.
  
  We want to limit access to the application.  Yes, we have
  username/password authentication; but, we are also considering
  host-based limits.
  
  Can this be done with [mod_]ssl?  
 
 No, but it can be done with apache, which is what I presume you are using.
 
  Can access to a website require a certificate on the browser side?  
 
 Yes.
 
  If so, please, point me in the right direction (e.g., URL's, documentation,
  applications, c.)
 
 http://httpd.apache.org/

What am I missing?

I have read this:

   http://httpd.apache.org/docs/howto/auth.html

As I responded to Aaron's message, we are looking for some kind of
passive authentication, like an SSL Certificate.

We do not want to have to rely on humans remembering another
username/password, especially since the web application already has that
control.

We do not want the complications intrinsic to an httpd.conf embedded
ACL.

I know that I appear to be hung up on SSL Certificates; but, that model
appears to meet our needs -- if only I can find the requisite
documentation.

Yes, two of you have suggested apache.org, and that is helpful.
Nevertheless, I have not found what I am looking for on their site.  Can
you point me to a more specific URL?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Limiting access to website ???

[Michael D Schleif]

Frank Gevaerts [EMAIL PROTECTED] [2003:10:04:22:25:54+0200] scribed:
 On Sat, Oct 04, 2003 at 02:56:14PM -0500, Michael D Schleif wrote:
  As I responded to Aaron's message, we are looking for some kind of
  passive authentication, like an SSL Certificate.
  
  We do not want to have to rely on humans remembering another
  username/password, especially since the web application already has that
  control.
  
  We do not want the complications intrinsic to an httpd.conf embedded
  ACL.
  
  I know that I appear to be hung up on SSL Certificates; but, that model
  appears to meet our needs -- if only I can find the requisite
  documentation.
 
 Have you tried google ?
 http://www.google.com/search?q=apache+certificate+authentication
 
 Using that, I found http://www.modssl.org/docs/2.8/ssl_howto.html#ToC9
 which seems to be about what you want to do

OK, this section is what I need -- thank  you:

   http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6

Correct me if I am wrong; but, this is the process?

[1] One (1) Certificate per client/browser authenticates *both* the
server to the client, and the client to the server; and

[2] Each client/browser can have *either* a unique client-specific
Certificate, or each client/browser can have a Certificate _common_ to a
group, for purposes of authentication in point [1].

[3] Will we need to become our own Certificate Authority, or would this
work just as well with self-signed Certificates, and without any upline
authority?

Once I am clear on these points, I can go back to openssl, build some
Certificates and test, test, test . . .

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: SED problem

[Michael D Schleif]

Dave selby [EMAIL PROTECTED] [2003:10:04:19:25:32+0100] scribed:
 I have multiple html files. I need to remove the same chunk of code from 
 all of them.
 I have made a bash loop to feed the files to sed, but am struggling with 
 the sed code.
 
 I need to delete all the code between
 
 !-- lockon:a:1
 --
 
 and
 
 !-- lockoff
 --
 
 Including the above comments.

Do you want to specify a range like this:

   sed '/!-- lockon:a:1/,/!-- lockoff/d' /tmp/tmp.txt

hth

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: SED problem

[Michael D Schleif]

Michael D Schleif [EMAIL PROTECTED] [2003:10:04:16:32:37-0500] scribed:
 Dave selby [EMAIL PROTECTED] [2003:10:04:19:25:32+0100] scribed:
  I have multiple html files. I need to remove the same chunk of code from 
  all of them.
  I have made a bash loop to feed the files to sed, but am struggling with 
  the sed code.
  
  I need to delete all the code between
  
  !-- lockon:a:1
  --
  
  and
  
  !-- lockoff
  --
  
  Including the above comments.
 
 Do you want to specify a range like this:
 
sed '/!-- lockon:a:1/,/!-- lockoff/d' /tmp/tmp.txt

Oops!  I forgot about the closing the lockoff comment:

# sed -f /tmp/tmp.sed /tmp/tmp.txt

# cat /tmp/tmp.sed 
/!-- lockon:a:1/,/!-- lockoff/{
N
/--/d
D
}

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Limiting access to website ???

[Michael D Schleif]

Dave Carrigan [EMAIL PROTECTED] [2003:10:04:15:15:21-0700] scribed:
 On Sat, Oct 04, 2003 at 04:25:57PM -0500, Michael D Schleif wrote:
 
  OK, this section is what I need -- thank  you:
  
 http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
  
  Correct me if I am wrong; but, this is the process?
  
  [1] One (1) Certificate per client/browser authenticates *both* the
  server to the client, and the client to the server; and
 
 The server will need its own certificate with a CN of the server's
 hostname.

Yes, of course; but, thank you for pointing it out.

  [2] Each client/browser can have *either* a unique client-specific
  Certificate, or each client/browser can have a Certificate _common_ to a
  group, for purposes of authentication in point [1].
 
 I suspect that you would be better off generating a certificate for each
 client, but that probably depends on your requirements.

OK

  [3] Will we need to become our own Certificate Authority, or would this
  work just as well with self-signed Certificates, and without any upline
  authority?
 
 You will need to be a CA, and the both the server cert and the clients'
 certs will need to be signed by that CA. In addition, the server config
 needs to point to the CA's cert so that it can verify the clients'
 certs. 

Yes, this is the kind of detail that I did not guess.

While on this subject, what do you recommend for us to become a CA?
`apt-cache search certificate' shows only pyca -- is that adequate?
What are the considerations for becoming a CA?

 The clients should have the CA's cert installed as well or else each
 client will complain when they connect because they don't recognize the
 server's certificate signer. This isn't strictly necessary, as long as
 your users can be trained to permanently accept the unknown cert the
 first time they connect.
 
 Note that all this could become very onerous if your application isn't
 targeted at a closed group of users (i.e., it's something on the
 Internet).

The point is to allow only a select group access to the application;
access which may or may not go across the Internet.  One level of
security would be this passive approach, whereby if the client does not
present an acceptable certificate upon connection to the server, the
server will not respond to the client's requests with access to the
application.

If the client presents an acceptable certificate, then the server will
invoke other access and authentication processes.

Thank you, for your insightful responses . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

spamassassin: recent process slowdown ???

[Michael D Schleif]

Since the end of last week, spamd processing time per message has gone
from ~6 seconds to 30 seconds.

I am not clear whether or not any recent upgrades have changed
spamassassin.

I did not, at first, attribute my mail processing slowdown to
spamassassin; rather, exim was timing out on procmail.  While trying to
identify problems with procmail, I had turned on some verbose logging
that indicated long timeouts to some rbl[s]; but, today I cannot
duplicate such logging ;

I searched the archives at spamassassin.org and debian-user, and I do
not see any similar report.

How can I get verbose logging information from spamd?

What else can I investigate to determine root cause?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Do we really need to worry about viruses (was Re: Anyone else notice that Swen is slowing down?)

[Michael D Schleif]

Ron Johnson [EMAIL PROTECTED] [2003:10:02:04:44:28-0500] scribed:
 On Wed, 2003-10-01 at 23:17, ScruLoose wrote:
  On Wed, Oct 01, 2003 at 07:56:07PM -0500, Michael D Schleif wrote:
   Karsten M. Self [EMAIL PROTECTED] [2003:10:02:00:37:35+0100] scribed:
 [snip]
   That kind of executable -- one that entices a user to click on it -- is
   just as real a threat to non-Microsoft userland, that I insist that your
   point is not all inclusive of the threats at hand.  Simply because there
   is not yet a major, far reaching virus/worm propagating primarily from
   Linux boxen, does not rule out the existence of a threat . . .
  
  Most non-MS users are not likely to be logged in as root when they
  check the mail, so whether some virus auto-executes or entices them to
  click on it, the damage is generally going to be pretty well contained.
  
  It's going to take a _hell_ of a lot of social engineering to convince
  me to su, provide my root password, install and run some program that
  showed up in my inbox. No matter how pretty a message it's packaged
  in. Even assuming that the user getting the infected mail _has_ the
  root password.
snip /

 Given the security model of Unix, we truly do *not* have to worry
 about email viruses (or viruses coming through click-thru social-
 engineering vectors).
snip /

Wrong!

In fact, just this week, I am engaged with a prominent software
development company, and every one of the developers develops on
various Linux boxen, and every one of them insists on running as root.

I also help support several neighborhood *nix users, and most of them
are equally recalcitrant root account users.

Yes, this is the debian-users mailing list; but, we are 31337 Linux
users, and we support standards and best practices.  We do not qualify,
for the most part, as Joe-Average users -- and, we probably never will.

Take a long, hard look at the real world *before* you knee-jerk a
response to this post.  IMHO, the view you will see is not far off of
the mark I have just made . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Anyone else notice that Swen is slowing down?

[Michael D Schleif]

Karsten M. Self [EMAIL PROTECTED] [2003:10:01:07:17:43+0100] scribed:
 on Tue, Sep 30, 2003 at 09:20:25PM -0500, Michael D Schleif ([EMAIL PROTECTED]) 
 wrote:
  Karsten M. Self [EMAIL PROTECTED] [2003:10:01:00:53:46+0100] scribed:
   on Tue, Sep 30, 2003 at 12:11:16PM -0400, Mike Mueller ([EMAIL PROTECTED]) wrote:
On Tuesday 30 September 2003 02:05, Karsten M. Self wrote:
 Seems
 like about the only way we're going to get a reasonable handle on this
 barring ISPs refusing to carry executables in email format.

Hear! Hear!  No more attachments - period.  I'll settle for elimination of 
any known sort of executable though. 
   
   No.
   
   Specifically:  executables.  Various other mail 'sploits -- there are
   some header buffer overflows, IIRC affecting LookOut -- exist and should
   be filtered as well.  But specifically, AUPs against transmission of
   executable content, and concomittant filtering, would serve a useful
   purpose.  There are opaque formats, from zip to tarball to encrypted
   payloads, which can be used by those sufficiently clueful to handle the
   task appropriately.
   
   MIME attachments of themselves serve many useful functions.  There's an
   awful lot of baby in that bathwater.  Starting with the signature on
   this message.
  
  I agree, up to a point.
  
  What really constitutes an `executable' program -- surely *not* its file
  extension ?!?!
 
 That's one distinction.  Specifically, the set of extensions listed at
 
 http://www.linuxquestions.org/questions/archive/8/2003/03/4/51848j
 
 There's also the binary sequence which begins any Microsoft executable.
 
 For the current task of restricting transmission of viral mail load by
 agarware such as Outlook, use of either or both criteria in filtering / 
 rejecting mail would work.

Yes, so long as you limit this to Microsoft operating system
executables.  My point is that there are dangerous executables out there
that are *not* Microsoft-specific . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Anyone else notice that Swen is slowing down?

[Michael D Schleif]

Karsten M. Self [EMAIL PROTECTED] [2003:10:02:00:37:35+0100] scribed:
 on Wed, Oct 01, 2003 at 09:39:25AM -0500, Michael D Schleif ([EMAIL PROTECTED]) 
 wrote:
  Karsten M. Self [EMAIL PROTECTED] [2003:10:01:07:17:43+0100] scribed:
 
   For the current task of restricting transmission of viral mail load by
   agarware such as Outlook, use of either or both criteria in filtering / 
   rejecting mail would work.
  
  Yes, so long as you limit this to Microsoft operating system
  executables.  My point is that there are dangerous executables out there
  that are *not* Microsoft-specific . . .
 
 Please share this knowledge.  What executables are you awaree of
 affecting non-Microsoft systems which are in general circulation and
 which auto-execute on receipt by arbitrary systems in stock
 configuration?

Seriously, I do understand and empathize with what you are saying.

What I am saying is -- IMHO -- especially in light of the problems that
I have experienced with Swen, auto-executing virus/worms are only *part*
of the problem.  Social engineering is often scoffed at as a real
threat; but, what we see with Swen is so real looking that people I know
have actually __manually__ clicked on those attachments!

That kind of executable -- one that entices a user to click on it -- is
just as real a threat to non-Microsoft userland, that I insist that your
point is not all inclusive of the threats at hand.  Simply because there
is not yet a major, far reaching virus/worm propagating primarily from
Linux boxen, does not rule out the existence of a threat . . .

What say you?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

exim: pipe delivery process timed out

[Michael D Schleif]

Sadly, for the last three days, although swen is starting to abate, I
have encountered a new email malady ;

   # sudo exim -bV
   Exim version 3.36 #1 built 26-Aug-2003 22:39:06
   Copyright (c) University of Cambridge 2002

[1] Generally, I receive between 2,000 and 3,000 emails per day, and
prior to this new problem, have *not* had any exim queue problems.

[2] Now that this problem has begun, I notice -- often, but not always
-- that `exim -bp' shows several dozens of queued messages.  While I
have been querying, only one has shown as frozen.

[3] I am finding several messages in rejectlog, with this message:

   This message was created automatically by mail delivery software (Exim).

   A message that you sent could not be delivered to one or more of its
   recipients. This is a permanent error. The following address(es) failed:

 [EMAIL PROTECTED]
   pipe delivery process timed out

[4] Although, some of these are swen, or spam related, the majority of
these messages are not.  In fact, I have several automated remote
monitoring messages that have come to me regularly for years, that now
-- sometimes -- end up going through this bounce nightmare, and do not
get to me other than as:

   failure notice
   Mail delivery failed: returning message to sender


Unfortunately, anything below exim 4 appears to the user community as
antiquated, and nothing helpful is forthcoming.  Also, I find myself up
to my eyeballs in customer problems, so I have little available time
right now to tinker with this, even if I knew what I was doing ;

What can cause this problem?

More importantly, what can I do about this?

What do you think?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Anyone else notice that Swen is slowing down?

[Michael D Schleif]

Karsten M. Self [EMAIL PROTECTED] [2003:10:01:00:53:46+0100] scribed:
 on Tue, Sep 30, 2003 at 12:11:16PM -0400, Mike Mueller ([EMAIL PROTECTED]) wrote:
  On Tuesday 30 September 2003 02:05, Karsten M. Self wrote:
   Seems
   like about the only way we're going to get a reasonable handle on this
   barring ISPs refusing to carry executables in email format.
  
  Hear! Hear!  No more attachments - period.  I'll settle for elimination of 
  any known sort of executable though. 
 
 No.
 
 Specifically:  executables.  Various other mail 'sploits -- there are
 some header buffer overflows, IIRC affecting LookOut -- exist and should
 be filtered as well.  But specifically, AUPs against transmission of
 executable content, and concomittant filtering, would serve a useful
 purpose.  There are opaque formats, from zip to tarball to encrypted
 payloads, which can be used by those sufficiently clueful to handle the
 task appropriately.
 
 MIME attachments of themselves serve many useful functions.  There's an
 awful lot of baby in that bathwater.  Starting with the signature on
 this message.

I agree, up to a point.

What really constitutes an `executable' program -- surely *not* its file
extension ?!?!

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


malware.zip
Description: Zip archive


pgp0.pgp
Description: PGP signature

Re: MS mail bombs

[Michael D Schleif]

John Hasler [EMAIL PROTECTED] [2003:09:23:21:18:48-0500] scribed:
 Wayne writes:
  I guess you could use fetchmail to weed them out but I found that
  spending time on the DENY rules in mailfilter was better spent.
 
 Fetchmail can be used alone to delete oversize mails on the server.  I do
 so because I am too lazy to get mailfilter up on Woody.

What do you do about legitimate attachments sent to you?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: OT: Re: having reponse problem

[Michael D Schleif]

Travis Crump [EMAIL PROTECTED] [2003:09:22:01:27:52-0400] scribed:
 David Palmer wrote:
 On Monday 22 September 2003 10:55, [EMAIL PROTECTED] wrote:
 
 every time i turn on the computer.
 
 I think you are going to experience another one here.
 Regards,
 
 David.
 
 Spamassassin marked [EMAIL PROTECTED]'s message as spam and when I saw it 
 in my caught spam box I couldn't justify to myself calling it a false 
 positive. :)

That was _exactly_ my response, too ;

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature

Re: Sieve script to filter today's MS annoyances

[Michael D Schleif]

Arnt Karlsen [EMAIL PROTECTED] [2003:09:19:18:41:51+0200] scribed:
 On Fri, 19 Sep 2003 10:14:56 -0500, 
 Kirk Strauser [EMAIL PROTECTED] wrote in message 
 [EMAIL PROTECTED]:
 
  At 2003-09-19T03:33:53Z, Kirk Strauser [EMAIL PROTECTED] writes:
  
  OK, last iteration (I promise).  Enough people have found this
  helpful, or at least amusing, that I'm posting my final script update.
  
  I'm using the MICROSOFT_EXECUTABLE block in SpamAssassin in junction
  with this script.  Overnight hit rates look like:
  
  My script  : about 4,000 emails
  SpamAssasin: another few hundred that snuck through
  My inbox   : about 15-20
snip /

 ..hmmm, cool.  And in .procmailrc'ese it is?  

No, but this one is:

# Thank you, Kirk Strauser - 20030919
# Watch out for inadvertent line breaks
# *ALWAYS* run spamassassin --lint
header __MDS_Swen_A_0 From=~ /(email|inet|internet|mail|microsoft|ms|net|network)/i
header __MDS_Swen_A_1 From=~ /(section|service|system)/i
header __MDS_Swen_A_2 From=~ /^\s*(admin|administrator)\s*$/i
header __MDS_Swen_A_3 Subject =~ 
/^\s*(advice|announcement|failure\s+report|letter|mail|notice|report)\s*$/i
header __MDS_Swen_A_4 Subject =~ /^\s*(abort|bug|error)\s+\S+/i
header __MDS_Swen_A_5 Subject =~ 
/^.*\s+(advice|announcement|letter|message|notice)\s*$/i
header __MDS_Swen_A_6 Subject =~ 
/^\s*(mail:\s+|message|(returned|undeliverable|undelivered)\s+(mail|message))/i
header __MDS_Swen_A_7 Subject =~ /^\s*$/
header __MDS_Swen_A_8 Subject =~ 
/^(critical|current|internet|last|latest|microsoft|net|network|new|newest|security)\s+/i
header __MDS_Swen_A_9 Subject =~ /^.*\s+(pack|patch|update|upgrade)/i
meta MDS_Swen_A   ((( __MDS_Swen_A_0  __MDS_Swen_A_1 ) || __MDS_Swen_A_2 ) || ( 
__MDS_Swen_A_3 || ( __MDS_Swen_A_4  __MDS_Swen_A_5 ) || __MDS_Swen_A_6 || 
__MDS_Swen_A_7 ) || ( __MDS_Swen_A_8  __MDS_Swen_A_9 ))
describe MDS_Swen_A   MDS - Swen_A worm 
scoreMDS_Swen_A   +10.0

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--


pgp0.pgp
Description: PGP signature