NVIDIA Quadro FX 3450: 1920x1200 ???
I recently acquired an hp xw9300, dual opteron workstation, including the subject video card. Additionally, after setting that up with a crt at 1280x1024, I acquired an hp l2335, wide screen lcd, capable of 1920x1200 resolution -- but, my problem is displaying at that resolution. OSD on the lcd shows 1920x1200 ; but, kde control center / peripherals / display shows only 1280x1024 ; I will gladly supply ALL information needed to resolve this issue -- PLEASE, ASK. If I need to open a bug on this, please suggest that. I am not certain what information is required. I have googled, and searched debian-{kde,user,x} archives -- perhaps, I do not know the best search terms? For lack of else, please review the following information: # apt-cache policy xserver-xorg-video-nv xserver-xorg-video-nv: Installed: 1:1.0.1.5-2 Candidate: 1:1.0.1.5-2 Version table: *** 1:1.0.1.5-2 0 700 ftp://mirrors.kernel.org etch/main Packages 700 ftp://mirrors.kernel.org testing/main Packages 500 ftp://mirrors.kernel.org unstable/main Packages 100 /var/lib/dpkg/status Even though the card has 256 MB memory, I can only display at 1280x1024 ; # sudo /usr/sbin/ddcprobe vbe: VESA 3.0 detected. oem: NVIDIA vendor: NVIDIA Corporation product: nv41 Board - q317_3 Chip Rev memory: 262144kb mode: 640x400x256 mode: 640x480x256 mode: 800x600x16 mode: 800x600x256 mode: 1024x768x16 mode: 1024x768x256 mode: 1280x1024x16 mode: 1280x1024x256 mode: 320x200x64k mode: 320x200x16m mode: 640x480x64k mode: 640x480x16m mode: 800x600x64k mode: 800x600x16m mode: 1024x768x64k mode: 1024x768x16m mode: 1280x1024x64k mode: 1280x1024x16m edid: edid: 1 3 id: 2614 eisa: HWP2614 serial: 01010101 manufacture: 14 2006 input: separate sync, composite sync, sync on green, analog signal. screensize: 50 31 gamma: 2.20 dpms: RGB, active off, suspend, standby timing: [EMAIL PROTECTED] Hz (VGA 640x400, IBM) timing: [EMAIL PROTECTED] Hz (VGA) timing: [EMAIL PROTECTED] Hz (VESA) timing: [EMAIL PROTECTED] Hz (VESA) timing: [EMAIL PROTECTED] Hz (VESA) timing: [EMAIL PROTECTED] Hz (VESA) timing: [EMAIL PROTECTED] Hz (Mac II) timing: [EMAIL PROTECTED] Hz Interlaced (8514A) timing: [EMAIL PROTECTED] Hz (VESA) timing: [EMAIL PROTECTED] Hz (VESA) ctiming: [EMAIL PROTECTED] ctiming: [EMAIL PROTECTED] ctiming: [EMAIL PROTECTED] ctiming: [EMAIL PROTECTED] ctiming: [EMAIL PROTECTED] ctiming: [EMAIL PROTECTED] ctiming: [EMAIL PROTECTED] ctiming: [EMAIL PROTECTED] dtiming: [EMAIL PROTECTED] monitorrange: 30-94, 48-85 monitorname: hp L2335 Selected snippets of /var/log/Xorg.0.log: (II) VESA(0): Supported VESA Video Modes: (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): [EMAIL PROTECTED] (II) VESA(0): Manufacturer's mask: 0 (II) VESA(0): Supported Future Video Modes: (II) VESA(0): #0: hsize: 1024 vsize 768 refresh: 85 vid: 22881 (II) VESA(0): #1: hsize: 1280 vsize 960 refresh: 60 vid: 16513 (II) VESA(0): #2: hsize: 1280 vsize 1024 refresh: 60 vid: 32897 (II) VESA(0): #3: hsize: 1280 vsize 1024 refresh: 85 vid: 39297 (II) VESA(0): #4: hsize: 1600 vsize 1200 refresh: 60 vid: 16553 (II) VESA(0): #5: hsize: 1600 vsize 1200 refresh: 75 vid: 20393 (II) VESA(0): #6: hsize: 1920 vsize 1080 refresh: 60 vid: 49361 (II) VESA(0): #7: hsize: 1920 vsize 1200 refresh: 60 vid: 209 (II) VESA(0): Supported additional Video Mode: (II) VESA(0): clock: 193.2 MHz Image Size: 495 x 310 mm (II) VESA(0): h_active: 1920 h_sync: 2048 h_sync_end 2256 h_blank_end 2592 h_border: 0 (II) VESA(0): Total Memory: 4096 64KB banks (262144kB) (WW) VESA(0): config file hsync range 30-107kHz not within DDC hsync ranges. (II) VESA(0): Generic Monitor: Using hsync range of 30.00-107.00 kHz (II) VESA(0): Generic Monitor: Using vrefresh value of 60.00 Hz (II) VESA(0): Not using mode 1920x1200 (no mode of this name) (II) VESA(0): Not using mode 1600x1200 (no mode of this name) (II) VESA(0): Not using built-in mode 2048x1536 (width too large for virtual size) (--) VESA(0): Virtual size is 1280x1024 (pitch 1280) (**) VESA(0): *Built-in mode 1280x1024 (**) VESA(0): *Built-in mode 1024x768 (**) VESA(0): *Built-in mode 800x600 (**) VESA(0): Built-in mode 640x480 -- Best Regards, helices signature.asc Description: Digital signature
Re: install sarge to boot on lvm on raid5 ???
* On 2005:05:07:10:08:30-0500 I, Michael D Schleif [EMAIL PROTECTED], scribed: I downloaded sarge-i386-1.iso on 2 May 2005. I was happy to find installation options for BOTH RAID5 and LVM, right there in the disk partitioning menus. They weren't totally intuitive to me; but, I managed to configure LVM on RAID5 without any errors. Then, I came to the boot loader step. It did NOT offer grub; rather, it offered to configure LILO. Here is my problem: Where should LILO install the boot block? The first two options offered /dev/md0 -- neither of which are accepted by this process. The third option (advanced) appears to allow me to decide; but, I do NOT know where to put this. My research indicates a lot of changes, in this regard, since Woody; especially in the more recent 2.6.x kernels. I have found several HOWTO's based on Woody, and favoring Raid0/1; and most of those were written for Woody and 2.4.x kernels. Where is there a HOWTO for LVM on RAID that focuses on Sarge? Where is there a HOWTO for LVM on RAID that focuses on Raid5? How can this be done at initial install; rather than build on one disk, then build the Raid5 post-install? Which is better as boot loader in this scenario, Lilo or Grub? Is it better to leave a partition outside of the LVM? Which partition? Root (/)? /boot? Can this be done with everything on the Raid5? Can this be done with everything on the LVM? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
install sarge to boot on lvm on raid5 ???
I downloaded sarge-i386-1.iso on 2 May 2005. I was happy to find installation options for BOTH RAID5 and LVM, right there in the disk partitioning menus. They weren't totally intuitive to me; but, I managed to configure LVM on RAID5 without any errors. Then, I came to the boot loader step. It did NOT offer grub; rather, it offered to configure LILO. Here is my problem: Where should LILO install the boot block? The first two options offered /dev/md0 -- neither of which are accepted by this process. The third option (advanced) appears to allow me to decide; but, I do NOT know where to put this. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
mouse: kernel 2.6.6 - 2.6.8 ???
What broke? What changed? I have been running 2.6x kernels on this legacy PPro box for most of this year -- first kernel-image-2.6.2-1-686, then kernel-image-2.6.6-2-686 -- without incident. Today, the only change I made was to install these: kernel-doc-2.6.8 kernel-headers-2.6.8-1-686 kernel-image-2.6.8-1-686 When I boot into this, the mouse cursor moves; but, is totally insane ; It gravitates to the left side of the screen, near randomly opens menus, and randomly selects menu items, and moves icons to different locations on the screen -- basically, there is no chance to function normally in KDE v3.2x. I have disabled gpm -- no change. # grep mouse /etc/modules mousedev psmouse .From /etc/X11/XF86Config-4 : Section InputDevice Identifier Configured Mouse Driver mouse Option CorePointer Option Device/dev/psaux Option Protocol ImPS/2 Option Emulate3Buttons true Option ZAxisMapping 4 5 EndSection Section InputDevice Identifier Generic Mouse Driver mouse Option SendCoreEventstrue # Option Device/dev/input/mice Option Device/dev/psaux Option Protocol ImPS/2 Option Emulate3Buttons true Option ZAxisMapping 4 5 EndSection Which brings up another question: How do I get a /dev/input/ ??? This box has been upgraded since Slink, and it has *no* /dev/input/ ; Anyway, what ought I to check? I have googled, and scoured debian archives. Mine is not any of the slew of mouse problems that I have found there. Reverting to kernel-image-2.6.6-2-686 -- the mouse is working as expected. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
NFS file copy vs. snort ???
One of my main systems is connected to several NFS v3 servers; and, this box also runs snort. Copies, like the following examples, are excruciatingly slo-o-o-o-w-w-w, especially when the file is large (e.g., 250 MiB.) cp -a /remote/tmp/* . cp -a * /remote/tmp/ By `slow', I mean in the two-digit kbps ; I do not find anything interesting in `vmstat', nor in /var/log/{kern.log,messages,syslog}, nor is snort logging anything, in this regard. My first clue was noticing snort in `top' alternating in the top 2 or 3 positions. Stopping snort on *both* ends of the connection results in file transfers that meet my expectations. What is going on with this? How can I configure snort to *not* interfere with NFS? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
cdrdao: cue sheet variants ???
I have googled, and I have searched the sourceforge archives; but, I do not see a solution to my problem. Please, can you help me? I have a three (3) CD SHN distribution. Other people have successfully burned all three CD's without incident, with other software. I have successfully burned CD1; but, CD2 gives me this: # sudo cdrdao simulate -n --overburn -v 9 CD2.toc Cdrdao version 1.1.9 - (C) Andreas Mueller [EMAIL PROTECTED] SCSI interface library - (C) Joerg Schilling Paranoia DAE library - (C) Monty Check http://cdrdao.sourceforge.net/drives.html#dt for current driver tables. SCSI: max DMA: 64512 Using libscg version 'schily-0.8' Using libscg transport code version 'schily-scsi-linux-sg.c-1.83' /dev/cdrecorder: HP CD-Writer+ 9200 Rev: 1.0e Reading driver table from file /usr/share/cdrdao/drivers. Found 315 valid driver table entries. Using driver: Generic SCSI-3/MMC - Version 2.0 (options 0x0010) Burning entire 79 mins disc. WARNING: Length of toc (83:27:58, 375583 blocks) exceeds capacity of CD-R (79:57:74, 359849 blocks). WARNING: Ignored because of option '--overburn'. WARNING: Some drives may fail to record this toc. Starting write simulation at speed 8... Process can be aborted with QUIT signal (usually CTRL-\). Lead-in start: 97:34:22 length: 10928 Lead-out length: 6750 Using pthread POSIX real time scheduling. Swap: 1 Using pthread POSIX real time scheduling. Buffer filled Memory locked Waiting for reader process Awaken, will start writing Multi session mode: 0 Data block type: 0 Session format: 0 Toc type: 0x0 Drive accepted write parameter mode page variant 0. Track is Blank, Next Writable Address is valid NWA: 0 Cue Sheet (variant 0): CTL/ TNO INDEX DATA SCMS MIN SEC FRAME ADR FORM 010000 0100 00 00 00 010100 0000 00 00 00 010101 0000 00 02 00 010201 0000 03 08 43 010301 0000 09 30 20 010401 0000 18 14 60 010501 0000 31 55 48 010601 0000 36 52 46 010701 0000 40 45 59 010801 0000 44 13 45 010901 0000 52 04 34 010a01 0000 59 24 64 010b01 0000 63 25 69 010c01 0000 75 32 04 010d01 0000 79 53 55 01aa01 0100 83 29 58 Cue Sheet (variant 1): CTL/ TNO INDEX DATA SCMS MIN SEC FRAME ADR FORM 010000 0100 00 00 00 010100 0000 00 00 00 010101 0000 00 02 00 010201 0000 03 08 43 010301 0000 09 30 20 010401 0000 18 14 60 010501 0000 31 55 48 010601 0000 36 52 46 010701 0000 40 45 59 010801 0000 44 13 45 010901 0000 52 04 34 010a01 0000 59 24 64 010b01 0000 63 25 69 010c01 0000 75 32 04 010d01 0000 79 53 55 01aa01 0100 83 29 58 ERROR: Drive does not accept any cue sheet variant - please report. ERROR: Simulation failed. For what it's worth, cdrecord attempts to burn it, then fails miserably: # cdrecord -audio -eject -overburn -v *d2*.wav cdrecord: No write mode specified. cdrecord: Asuming -tao mode. . . . Track 12: audio 44 MB (04:21.68) no preemp Track 13: audio 36 MB (03:36.04) no preemp Total size: 846 MB (83:51.77) = 377383 sectors Lout start: 846 MB (83:53/58) = 377383 sectors Current Secsize: 2048 ATIP info from disk: Indicated writing power: 6 Is not unrestricted Is not erasable ATIP start of lead in: -12414 (97:16/36) ATIP start of lead out: 359849 (79:59/74) Disk type:Short strategy type (Phthalocyanine or similar) Manuf. index: 35 Manufacturer: Grand Advance Technology Ltd. Blocks total: 359849 Blocks current: 359849 Blocks remaining: -17534 cdrecord: WARNING: Data may not fit on current disk. cdrecord: Notice: Overburning active. Trying to write more than the
Re: alternative to cdrecord?
* Brian Pack [EMAIL PROTECTED] [2004:08:23:16:44:15-0400] scribed: I've been hit with the issues between cdrecord and the 2.6.8 kernel. snip / Does this also affect cdrdao? My boxen are at 2.6.3x, and I have considered upping them . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Howto burn vcd ???
I have downloaded this: http://bt.easytree.org/torrents-details.php?id=3146 That gives me these two (2) files: AVSEQ01.DAT AVSEQ02.DAT Now, what do I do? How do I use these files? How do I burn this to CD? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
aic7xxx: SCB_xxx error ???
Recently, I have begun seeing a disruption of one (1) SCSI bus on one (1) system. It is very intermittent (see Frequency, below), and lasts for a minute or so. The final message indicates a *recovery*; but, I wonder whether or not I am approaching hardware failure -- and, which hardware? Controller? Drives? Google shows some questions on Debian and FreeBSD; but, there I found no definitive answer. The gist of googling indicates that this maybe a driver issue, rather than hardware. What do you think? A full log of a recent incident is here: http://helices.org/tmP/loki.scsi.kern.out # uname -a Linux loki 2.6.6-2-686 #1 Wed Jun 16 01:25:38 PDT 2004 i686 GNU/Linux Frequency: Jul 28 08:29 Aug 9 11:25 Aug 9 20:23 Aug 18 12:03 Aug 20 00:02 Aug 22 14:51 Unique sorted summary of SCB_xxx errors, from all incidents above: 0 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 0 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 0 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 0 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 0 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 1 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 1 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 1 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 1 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 1 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 10 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 11 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 11 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 11 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 12 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 13 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 14 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 15 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 2 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 2 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 2 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 2 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 2 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 3 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 3 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 3 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 3 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 3 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 4 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 4 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 4 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 4 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 5 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 5 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 5 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 5 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 5 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 6 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 6 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 6 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 6 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 6 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 7 SCB_CONTROL[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] 7 SCB_CONTROL[0x68]:(ULTRAENB|TAG_ENB|DISCENB) SCB_SCSIID[0x7] 7 SCB_CONTROL[0x6c]:(DISCONNECTED|ULTRAENB|TAG_ENB|DISCENB) 7 SCB_CONTROL[0x7c]:(DISCONNECTED|ULTRAENB|MK_MESSAGE|TAG_ENB|DISCENB) 7 SCB_CONTROL[0xe8]:(ULTRAENB|TAG_ENB|DISCENB|TARGET_SCB) 8 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) 9 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) CSIID[0x7] SCB_LUN[0x0] SCB_TAG[0xff] SCB_LUN[0x0] SCB_LUN[0x0] SCB_TAG[0x0] SCB_LUN[0x0] SCB_TAG[0x1] SCB_LUN[0x0] SCB_TAG[0x4] SCB_LUN[0x0] SCB_TAG[0x5] SCB_LUN[0x0] SCB_TAG[0x6] SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x0] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x3] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x4] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x5] SCB_SCSIID[0x7] SCB_LUN[0x0] SCB_TAG[0x6]
Resolve web site problem ???
Please, go to this web site to see if you have access problems: http://www.allmusic.com I am currently using these: # apt-cache policy mozilla-browser mozilla-firefox mozilla-browser: Installed: 2:1.7.2-2 Candidate: 2:1.7.2-2 Version Table: *** 2:1.7.2-2 0 500 http://mirror.cs.wisc.edu unstable/main Packages 100 /var/lib/dpkg/status 2:1.6-5 0 990 http://mirror.cs.wisc.edu testing/main Packages 2:1.2.1-2.bunk 0 500 http://www.fs.tum.de woody/bunk-1/main Packages 2:1.0.0-0.woody.1 0 500 http://security.debian.org woody/updates/main Packages 500 http://security.debian.org stable/updates/main Packages 500 http://mirror.cs.wisc.edu stable/main Packages mozilla-firefox: Installed: 0.9.3-2 Candidate: 0.9.3-2 Version Table: *** 0.9.3-2 0 500 http://mirror.cs.wisc.edu unstable/main Packages 100 /var/lib/dpkg/status 0.8-12 0 990 http://mirror.cs.wisc.edu testing/main Packages My problems go back several iterations on each browser. Although it takes several minutes, I an access the root page. However, when I try to search for an Artist, or a Title, each browser freezes, and stops responding, and {firefox,mozilla}-bin soars to the top of `top'. If I am very careful and patient, then I can Ctrl-W to close that tab. Same versions of each browser -- from w2k -- do *not* exhibit similar problems. How can I get to the root cause of this problem? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
SHN tools ???
What are currently working sources.list entries for these packages? I have googled, and added these: deb ftp://ftp.nerim.net/debian-marillat/ unstable main deb http://debian.xmixahlx.com/packages/unstable/ ./ deb http://pessoal.onda.com.br/rjamorim/debian/ ./ deb http://rarewares.hydrogenaudio.org/xmixahlx/debian/ ./ deb http://www.rarewares.org/debian/packages/unstable ./ I am getting these errors (beware wrap): Failed to fetch http://pessoal.onda.com.br/rjamorim/debian/./Packages.gz 404 Not Found Failed to fetch http://rarewares.hydrogenaudio.org/xmixahlx/debian/./Packages.gz Could not resolve 'rarewares.hydrogenaudio.org' Failed to fetch http://rarewares.hydrogenaudio.org/xmixahlx/debian/./Release Could not resolve 'rarewares.hydrogenaudio.org' W: Couldn't stat source package list http://pessoal.onda.com.br ./ Packages (/var/lib/apt/lists/pessoal.onda.com.br_rjamorim_debian_._Packages) - stat (2 No such file or directory) W: Couldn't stat source package list http://rarewares.hydrogenaudio.org ./ Packages (/var/lib/apt/lists/rarewares.hydrogenaudio.org_xmixahlx_debian_._Packages) - stat (2 No such file or directory) Worst of all, this returns nothing: dpkg -l '*shn*' I want to find these, in particular: shntools xmms-shn What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: tmda (was Re: Attach filter)
* Karsten M. Self [EMAIL PROTECTED] [2004:07:08:04:46:24-0700] scribed: snip / Jason Mastaler accepts criticism so graciously he's banned me from any mail access to his domain. Go figure. That's adult, open, honest, and principled. Perhaps, that is because you are known to be equally -- if not more so -- ``adult, open, honest, and principled'' ??? I am witness to you taking this same action without so much as one chance for your transgressors to repent their evil ways ; Pot, kettle, black . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
nagios-mysql b0rkage ???
I am running Debian, mostly testing and some unstable. I installed nagios from testing, and most of it was working. I was having problems with status, as documented here: http://wiki.tryphon.org/LinuxWiki/NagiosInstall Those patches appeared to resolve the problem. I remain confused why Debian does not show a bug against this: http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=nagios-mysql I was going to write the maintainer, when I noticed that unstable has a newer version: # apt-cache policy nagios-mysql nagios-mysql: Installed: 2:1.2-3.1 Candidate: 2:1.2-3.1 Version Table: *** 2:1.2-3.1 0 500 http://mirror.cs.wisc.edu unstable/main Packages 100 /var/lib/dpkg/status 2:1.1-11 0 990 http://mirror.cs.wisc.edu testing/main Packages 2:1.0-4.bunk 0 500 http://www.fs.tum.de woody/bunk-1/main Packages So, I upgraded to that version, which resulted in the five (5) crucial definition errors documented below. I _purged_ the entire package, and installed unstable from scratch -- same problem: # sudo /usr/sbin/nagios -v /etc/nagios/nagios.cfg Nagios 1.2 Copyright (c) 1999-2004 Ethan Galstad ([EMAIL PROTECTED]) Last Modified: 02-02-2004 License: GPL Reading configuration data... Running pre-flight check on configuration data... Checking services... Error: There are no services defined! Checked 0 services. Checking hosts... Error: There are no hosts defined! Checked 0 hosts. Checking host groups... Error: There are no host groups defined! Checked 0 host groups. Checking contacts... Error: There are no contacts defined! Checked 0 contacts. Checking contact groups... Error: There are no contact groups defined! Checked 0 contact groups. Checking service escalations... Checked 0 service escalations. Checking host group escalations... Checked 0 host group escalations. Checking service dependencies... Checked 0 service dependencies. Checking host escalations... Checked 0 host escalations. Checking host dependencies... Checked 0 host dependencies. Checking commands... Checked 0 commands. Checking time periods... Checked 0 time periods. Checking for circular paths between hosts... Checking for circular service execution dependencies... Checking global event handlers... Checking obsessive compulsive service processor command... Checking misc settings... Total Warnings: 0 Total Errors: 5 Here is my main configuration: # grep -v '^\(#\|$\)' nagios.cfg log_file=/var/log/nagios/nagios.log cfg_file=/etc/nagios/checkcommands.cfg cfg_file=/etc/nagios/misccommands.cfg cfg_file=/etc/nagios/contactgroups.cfg cfg_file=/etc/nagios/contacts.cfg cfg_file=/etc/nagios/dependencies.cfg cfg_file=/etc/nagios/escalations.cfg cfg_file=/etc/nagios/hostgroups.cfg cfg_file=/etc/nagios/hosts.cfg cfg_file=/etc/nagios/services.cfg cfg_file=/etc/nagios/timeperiods.cfg resource_file=/etc/nagios/resource.cfg status_file=/var/log/nagios/status.log nagios_user=nagios nagios_group=nagios check_external_commands=1 command_check_interval=-1 command_file=/var/log/nagios/rw/nagios.cmd comment_file=/var/log/nagios/comment.log downtime_file=/var/log/nagios/downtime.log lock_file=/var/log/nagios/nagios.lock temp_file=/var/log/nagios/nagios.tmp log_rotation_method=d log_archive_path=/var/log/nagios/archives use_syslog=1 log_notifications=1 log_service_retries=1 log_host_retries=1 log_event_handlers=1 log_initial_states=0 log_external_commands=1 log_passive_service_checks=1 inter_check_delay_method=s service_interleave_factor=s max_concurrent_checks=0 service_reaper_frequency=10 sleep_time=1 service_check_timeout=60 host_check_timeout=30 event_handler_timeout=30 notification_timeout=30 ocsp_timeout=5 perfdata_timeout=5 retain_state_information=1 state_retention_file=/var/log/nagios/status.sav retention_update_interval=60 use_retained_program_state=0 interval_length=60 use_agressive_host_checking=0 execute_service_checks=1 execute_service_checks=1 accept_passive_service_checks=1 enable_notifications=1 enable_event_handlers=1
Re: Question re Debian versions
* Paul Johnson [EMAIL PROTECTED] [2004:03:18:20:05:40-0800] scribed: snip / Not particularly. I've never downgraded libc successfully on a machine across major version changes without having to reinstall. Your best bet if you don't want to reinstall is watch closely after sarge goes stable for a new unstable fork off to testing, and move when they fork. How, exactly, does one go about ``watch closely ... for a new unstable fork off to testing'' ??? I've seen reference to this, but I do not know how one can know when that situation obtains. snip / Sometime before Dec 31, 2003 if people get moving on it was the last I heard. snip / 2003? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: Question re Debian versions
* Brian Nelson [EMAIL PROTECTED] [2004:03:18:22:58:47-0800] scribed: snip / My opinion is that testing should not be publicly available until it is in the release candidate or beta stage, or whatever you want to call it. Up until that point, it should be a virtual distribution only existing in the output of the testing scripts. I think it does a disservice to the community to have a publicly available distribution that appears to be a compromise in between stable and unstable, but in actuality can be much more broken than unstable. How could that work? Can apt/dselect be coerced into understanding this distinction? As it is, if testing is in my sources.list, won't I get whatever is in testing, so long as I ask for testing packages? Or, is there some way to ask for mature testing packages, as opposed to else? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
MTA dependencies ???
Yes, I have seen this discussed before; but, I cannot find the Debian consensus solution. Which search criteria ought I to use in the archives? I have a box on which I want to install qmail from source. In order to get it to run, I need to remove/purge *all* other MTA's (e.g., exim, nullmailer, c.) In doing so, there are DEB's with MTA dependencies, and removing/purging DEB MTA's _also_ removes these dependent packages. I do not want to remove these other packages. In fact, there will be an MTA on the box; but, aptitude does not know about it. What is the best way to accomplish this? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: To dselect or aptitude, that is the question
* Monique Y. Mudama [EMAIL PROTECTED] [2004:04:23:17:41:52-] scribed: On 2004-04-21, Michael D Schleif penned: I would have been using aptitude long ago, _except_ for this hurdle on my systems: # sudo aptitude -P upgrade Password: Reading Package Lists... Done Building Dependency Tree =20 Reading extended state information... Done I think this is the relevant part: The following packages are unused and will be REMOVED: Do you have this line in ~/.aptitude/config aptitude::Delete-Unused true; ? Yes, indeed, that is it! Thank you. Search for TRACKING UNUSED PACKAGES in /usr/share/doc/aptitude/README for more details. Although, I found `unused' and other information in that file, `TRACKING UNUSED PACKAGES' is not in my file. What version of aptitude are you running? Thank you, again, for your consideration. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: To dselect or aptitude, that is the question
* Joey Hess [EMAIL PROTECTED] [2004:04:20:22:27:12-0400] scribed: J.S.Sahambi wrote: I have been using apt and dselect for some time. Can any body tell me about the advantages/disadvantages of dselect and aptitude? and which is better? Nine reasons why you should be using aptitude instead of apt-get or dselect. 1. aptitude can look just like apt-get If you run 'aptitude update' or 'aptitude upgrade' or 'aptitude install', it looks and works just like apt-get, with a few enhancements. So there is no learning curve. (If you're a dselect user, learning curve is obviously not one of your problems.) 2. aptitude tracks automatically installed packages Stop worrying about pruning unused libraries and support packages from your system. If you use aptitude to install everything, it will keep track of what packages are pulled in by dependencies alone, and remove those packages when they are no longer needed. 3. aptitude sanely handles recommends A long-standing failure of apt-get has been its lack of support for the Recommends relationship. Which is a problem because many packages in Debian rely on Recommends to pull in software that the average user generally uses with the package. This is a not uncommon cause of trouble, even though apt-get recently became able to at least mention recommended packages, it's easy to miss its warnings. Aptitude supports Recommends by default, and can be confgigured to support Suggests too. It even supports installing recommended packages when used in command-line mode. 4. use aptitude as a normal user and avoid hosing your system Maybe you didn't know that you can run aptitude in gui mode as a regular user. Make any changes you'd like to try out. If you get into a real mess, you can hit 'q' and exit, your changes will not be saved. (Aptitude also lets you use ctrl-u to undo changes.) Since it's running as a normal user, you cannot hose your system until you tell aptitude to do something, at which point it will prompt you for your root password. 5. aptitude has a powerful UI and searching capabilities Between aptitude's categorical browser and its great support for mutt-style filtering and searching of packages by name, description, maintainer, dependencies, etc, you should be able to find packages faster than ever before using aptitude. 6. aptitude makes it easy to keep track of obsolete software If Debian stops distributing a package, apt will leave it on your system indefinitly, with no warnings, and no upgrades. Aptitude lists such packages in its Obsolete and Locally Created Packages section, so you can be informed of the problem and do something about it. 7. aptitude has an interface to the Debian task system Aptitude lets you use Debian's task system as it was designed to be used. You can browse the available tasks, select a task for install, and then dig into it and de-select parts of the task that you don't want. apt-get has no support for tasks, and aptitude is better even than special purpose tools like tasksel. 8. aptitude supports multiple sources If your sources.list is configured to make multiple versions of a package available, aptitude lets you drill down to see the available versions and pick a non-default version to install. If a package breaks in unstable, just roll it back to the version in testing. 9. aptitude logs its actions Aptitude logs package it installs, upgrades, and removes to /varlog/aptitude, which can be useful to work out why things started breaking after yesterday's upgrade, or when you removed a partiticlar package. -- see shy jo I would have been using aptitude long ago, _except_ for this hurdle on my systems: # sudo aptitude -P upgrade Password: Reading Package Lists... Done Building Dependency Tree Reading extended state information... Done The following packages are unused and will be REMOVED: antiword debiandoc-sgml debiandoc-sgml-doc debsums dhelp djbdns-doc djtools doc-html-w3 docbook docbook-defguide docbook-doc docbook-dsssl docbook-dsssl-doc docbook-mathml docbook-xsl emacs20-el esound foo2zjs foomatic-db foomatic-db-engine foomatic-db-gimp-print foomatic-db-hpijs foomatic-filters foomatic-gui fortune-mod fortunes-min freefont freetype1-tools fttools gimp gimp-perl gimpprint-doc gimpprint-locales gnome-doc-tools gnome-vfs-extras2 hpijs html2ps ijsgimpprint imlib-progs irb jade jadetex karbon kchart kformula kivio koffice koshell kpresenter kspread kugar kword libdv-bin libdv2 libgimp1.2 libgtkxmhtml1 libjcode-pm-perl libmpeg1 libpng10-dev libpng2-dev libreadline-ruby librecode0 libroman-perl libsgmls-perl libsp1 libterm-readkey-perl libtext-format-perl libtiff-tools linuxdoc-tools linuxdoc-tools-info linuxdoc-tools-latex linuxdoc-tools-text man2html
Re: Manual pages and UTF-8
* Colin Watson [EMAIL PROTECTED] [2004:03:28:21:06:03+0100] scribed: On Sun, Mar 28, 2004 at 09:41:42PM +0200, Per Olofsson wrote: I'm running with an UTF-8 locale and this causes minus signs (dashes) in many manual pages to become garbled. It only seems to happen in text in the italic style, i.e. the .I macro. It also only happens to bare minus signs; if they are written as \-, it works fine. Try, for example, man jed with an UTF-8 locale. Am I doing something wrong? Does it work better for anyone else? Or is it a bug in these manual pages, or perhaps in man-db or groff? (a) Please see /usr/share/doc/groff/README.Debian; (b) it shouldn't actually garble them, merely display Unicode HYPHEN-MINUS, so what versions of man-db, groff, your pager, and your terminal emulator are you using? Interesting ; # for mds in man-db groff less xterm do apt-show-versions $mds done man-db/testing uptodate 2.4.2-13 groff/testing uptodate 1.18.1-15 less/testing uptodate 381-3 xterm/testing uptodate 4.2.1-12.1 I have been having same problem, and opened Bug#235046 against xterm. There I was told that this is a font problem; although, changing to the recommended fonts did *not* resolve my problems. Also, now I find that this problem affects more than just hyphens (-); but, also characters such as (`) (e.g., man apt-show-versions). Yes, I know that _somehow_ it should be possible to get to xterm v4.3.0-7; but, the dependencies are quite daunting on this box ; What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: famd runaway??
* Michael Satterwhite [EMAIL PROTECTED] [2004:03:12:21:12:20-0600] scribed: Debian sarge... My computer has slowed to a crawl, can't even start konqueror. When I look at the processes, famd is using about 73% of the system. Anyone know what might be wrong? Same here. * Larry Geralds [EMAIL PROTECTED] [2004:03:13:17:15:57-0500] scribed: Debian sarge... Same thing with Sid. My computer has slowed to a crawl, can't even start konqueror. When I look at the processes, famd is using about 73% of the system. Anyone know what might be wrong? Don't know. Wish I did. I restart it: su -c /etc/init.d/fam restart For that matter, why on earth is `idle_timeout' in /etc/fam.conf _over_ridden_ by /etc/init.d/fam ?!?! This means that I have to edit /etc/init.d/fam in order to change: FAMOPTS=-T 0 I have tried this several times _without_ a single dialog: dpkg-reconfigure -plow fam I am running version 2.6.10-6 What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: Help with .Xdefaults
* Bill Moseley [EMAIL PROTECTED] [2004:03:09:14:36:23-0800] scribed: Where are the xterm resources defined? I'm using icewm and I have my mail icon run: xterm -e mutt Now, I want to make my mutt sessions show up on all desktops (like I do with gkrellm). But the class and name resources are set as WM_CLASS(STRING) = xterm, XTerm My first attempt was to use -class: xterm -class mutt -e mutt but then colors were off in the xterm window. I have an .Xdefaults file but only one resource defined (to make my xterm window bigger). So I'm wondering where the xterm default resources are defined. I'm now using xterm -name mutt -e mutt and then in my winoptions file I use: mutt.XTerm.allWorkspaces: 1 (the problem is I was ending up with too many mutt processes running across all my different workspaces (desktops). I think that you will find that ~/.Xdefaults is deprecated, and that you will do best using ~/.Xresources . . . hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: kernels v2.6.x vs. /dev/nst0 ???
* Alexis Huxley [EMAIL PROTECTED] [2004:03:08:15:06:04+] scribed: Regardless of kernel, I see this: # cat /proc/scsi/scsi Attached devices:=20 Host: scsi0 Channel: 00 Id: 05 Lun: 00 Vendor: HP Model: C1537A Rev: L812 Type: Sequential-AccessANSI SCSI revision: 02 . . . Just because the device is visible on the SCSI bus, does not mean that the kernel knows how to operate it. My guess is that the new kernel does not have 'st' module compile in or available as a module which has been loaded. Run: grep _ST= /boot/config-* to see if how the tape driver is compiled (y=in kernel, m=module, n=not compiled at all). If you see 'y' it should work, I hope you don't see that! :-) If 'm' then have you loaded the module? Try 'lsmod'. Do you see it listed?) If 'n' then you need to make a new kernel from sources. I will have to boot back into 2.6.3 later today. I am using the stock Debian kernel: kernel-image-2.6.3-1-686 From config-2.6.3-1-686: # # SCSI device support # CONFIG_SCSI=m CONFIG_SCSI_PROC_FS=y # # SCSI support type (disk, tape, CD-ROM) # CONFIG_BLK_DEV_SD=m CONFIG_CHR_DEV_ST=m CONFIG_CHR_DEV_OSST=m CONFIG_BLK_DEV_SR=m # CONFIG_BLK_DEV_SR_VENDOR is not set CONFIG_CHR_DEV_SG=m # # Some SCSI devices (e.g. CD jukebox) support multiple LUNs # CONFIG_SCSI_MULTI_LUN=y # CONFIG_SCSI_REPORT_LUNS is not set CONFIG_SCSI_CONSTANTS=y CONFIG_SCSI_LOGGING=y From config-2.4.25-1-686: # # SCSI support type (disk, tape, CD-ROM) # CONFIG_BLK_DEV_SD=m CONFIG_SD_EXTRA_DEVS=40 CONFIG_CHR_DEV_ST=m CONFIG_CHR_DEV_OSST=m CONFIG_BLK_DEV_SR=m # CONFIG_BLK_DEV_SR_VENDOR is not set CONFIG_SR_EXTRA_DEVS=2 CONFIG_CHR_DEV_SCH=m CONFIG_CHR_DEV_SG=m # # Some SCSI devices (e.g. CD jukebox) support multiple LUNs # # CONFIG_SCSI_DEBUG_QUEUES is not set CONFIG_SCSI_MULTI_LUN=y CONFIG_SCSI_CONSTANTS=y CONFIG_SCSI_LOGGING=y What am I missing? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: kernels v2.6.x vs. /dev/nst0 ???
* David Goodenough [EMAIL PROTECTED] [2004:03:08:19:27:39+] scribed: On Monday 08 March 2004 18:57, Michael D Schleif wrote: * Alexis Huxley [EMAIL PROTECTED] [2004:03:08:15:06:04+] scribed: Regardless of kernel, I see this: # cat /proc/scsi/scsi Attached devices:=20 Host: scsi0 Channel: 00 Id: 05 Lun: 00 Vendor: HP Model: C1537A Rev: L812 Type: Sequential-AccessANSI SCSI revision: 02 . . . Just because the device is visible on the SCSI bus, does not mean that the kernel knows how to operate it. My guess is that the new kernel does not have 'st' module compile in or available as a module which has been loaded. Run: grep _ST= /boot/config-* to see if how the tape driver is compiled (y=in kernel, m=module, n=not compiled at all). If you see 'y' it should work, I hope you don't see that! :-) If 'm' then have you loaded the module? Try 'lsmod'. Do you see it listed?) If 'n' then you need to make a new kernel from sources. I will have to boot back into 2.6.3 later today. I am using the stock Debian kernel: kernel-image-2.6.3-1-686 From config-2.6.3-1-686: # # SCSI device support # CONFIG_SCSI=m CONFIG_SCSI_PROC_FS=y # # SCSI support type (disk, tape, CD-ROM) # CONFIG_BLK_DEV_SD=m CONFIG_CHR_DEV_ST=m As ST is a module, have you tried loading the module explicitly. There have been one of two cases where modules got autoloaded in 2.4 and are not in 2.6. David CONFIG_CHR_DEV_OSST=m CONFIG_BLK_DEV_SR=m # CONFIG_BLK_DEV_SR_VENDOR is not set CONFIG_CHR_DEV_SG=m # # Some SCSI devices (e.g. CD jukebox) support multiple LUNs # CONFIG_SCSI_MULTI_LUN=y # CONFIG_SCSI_REPORT_LUNS is not set CONFIG_SCSI_CONSTANTS=y CONFIG_SCSI_LOGGING=y Yes, I rebooted back into 2.6.3, and `st' was *NOT* loaded; but, this works: sudo modprobe st Now, lsmod shows that it is loaded, AND I can access /dev/nst0 !?!? I have reviewed module-init-tools ; but, I do not see anything there that I am missing. I will upgrade from 3.0-pre9-1 to 3.0-pre10-1 after I post this. What else can I do to automate loading of `st'? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: kernels v2.6.x vs. /dev/nst0 ???
* On 2004:03:08:15:20:15-0600 I, Michael D Schleif [EMAIL PROTECTED], scribed: * David Goodenough [EMAIL PROTECTED] [2004:03:08:19:27:39+] scribed: On Monday 08 March 2004 18:57, Michael D Schleif wrote: * Alexis Huxley [EMAIL PROTECTED] [2004:03:08:15:06:04+] scribed: snip / Run: grep _ST= /boot/config-* to see if how the tape driver is compiled (y=in kernel, m=module, n=not compiled at all). If you see 'y' it should work, I hope you don't see that! :-) If 'm' then have you loaded the module? Try 'lsmod'. Do you see it listed?) If 'n' then you need to make a new kernel from sources. I will have to boot back into 2.6.3 later today. I am using the stock Debian kernel: kernel-image-2.6.3-1-686 From config-2.6.3-1-686: # # SCSI device support # CONFIG_SCSI=m CONFIG_SCSI_PROC_FS=y # # SCSI support type (disk, tape, CD-ROM) # CONFIG_BLK_DEV_SD=m CONFIG_CHR_DEV_ST=m As ST is a module, have you tried loading the module explicitly. There have been one of two cases where modules got autoloaded in 2.4 and are not in 2.6. David CONFIG_CHR_DEV_OSST=m CONFIG_BLK_DEV_SR=m # CONFIG_BLK_DEV_SR_VENDOR is not set CONFIG_CHR_DEV_SG=m # # Some SCSI devices (e.g. CD jukebox) support multiple LUNs # CONFIG_SCSI_MULTI_LUN=y # CONFIG_SCSI_REPORT_LUNS is not set CONFIG_SCSI_CONSTANTS=y CONFIG_SCSI_LOGGING=y Yes, I rebooted back into 2.6.3, and `st' was *NOT* loaded; but, this works: sudo modprobe st Now, lsmod shows that it is loaded, AND I can access /dev/nst0 !?!? I have reviewed module-init-tools ; but, I do not see anything there that I am missing. I will upgrade from 3.0-pre9-1 to 3.0-pre10-1 after I post this. For the record, upgrading module-init-tools did the trick for me! I do not know why this worked, because the changelog indicates only some upstream release issue. Also, as a loadable module (regardless kernel 2.4.25 or 2.6.3), `st' is _not_ loaded (e.g., lsmod) until userland tries to use it. In my case, that is the `mt-st' package, which I have not changed in many weeks. Bottomline, I upgraded module-init-tools and rebooted, and now userland has no problems communicating with /dev/nst0. Thank you for your help. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
obsolete setsockopt SO_BSDCOMPAT ???
Does the subject boot message indicate something that requires immediate fix? Or, is it more of a warning that that application is using an obsolete and deprecated call, and that developers for those applications someday will catch up and upgrade that method? So far, I have seen this in conjunction with all of the Debian stock v2.6.x kernels during boot. In my case, they complain about snmpd and syslogd; but, googling indicates that there are several other applications complaining. I have not yet seen a definitive answer regarding the severity of the root cause. Inquiring minds want to know . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
kernels v2.6.x vs. /dev/nst0 ???
I finally took the plunge yesterday, and upgraded my last system to kernel 2.6.3. Unfortunately, this is my amanda backup server, and under this kernel it no longer communicates with /dev/nst0: # sudo mt -f /dev/nst0 offline mt: No such device. Cannot open '/dev/nst0'. Everything else appears to work as expected. I didn't notice this tape problem until this morning, I saw the backup was stuck on holdingdisk. Running following results in `0' tape devices found: # sudo /etc/init.d/mt-st modload Regardless of kernel, I see this: # cat /proc/scsi/scsi Attached devices: Host: scsi0 Channel: 00 Id: 05 Lun: 00 Vendor: HP Model: C1537A Rev: L812 Type: Sequential-AccessANSI SCSI revision: 02 . . . Now, after reboot back into 2.4.25, /dev/nst0 is working fine, and I am flushing last night's backup to tape as I compose this. I have searched the archives and Google; but, the string `st' is very common, and I probably have not found the optimal search string ; What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
boot 2.4.x *after* using 2.6.2 ???
OK, I am finally testing v2.6.x kernels on one box. Prior to yesterdays 2.6.2 install, I had successfully used the following: 2.4.23-1-686 2.4.24-1-686 This box uses lilo, and I successfully switched between these kernels at boot time. Then, I installed this: 2.6.2-1-686 Yes, it booted the first time, and after I got around to loading the following, even X and KDE work: mousedev psmouse Nevertheless, now I cannot boot any 2.4.x kernels ; . . . Freeing initrd memory: 5292k freed [ request_module[block-major-8]: Root fs not mounted ] VFS: Cannot open root device 801 or 08:01 Please append a correct root= boot option Kernel panic: VFS: unable to mount root fs on 08:01 NOTE: That second line only occurs sometimes, and I cannot find any `block' references in /etc/modules.conf -- hence the `[]'. I have tried various lilo.conf configurations; but, here are the current: # sudo grep -v '^\($\|#\)' /etc/lilo.conf lba32 boot=/dev/sda root=/dev/sda1 map=/boot/map delay=100 prompt timeout=100 vga=normal default=Linux image=/vmlinuz initrd=/initrd.img label=Linux read-only image=/vmlinuz.old initrd=/boot/initrd.img-2.4.24-1-686 label=LinuxOLD read-only image=/boot/vmlinuz-2.4.18-686 initrd=/boot/initrd.img-2.4.18-686 label=Linux.2.4.18 read-only image=/boot/vmlinuz-2.4.23-1-686 initrd=/boot/config-2.4.23-1-686 label=Linux.2.4.23 read-only image=/boot/vmlinuz-2.4.24-1-686 initrd=/boot/initrd.img-2.4.24-1-686 label=Linux.2.4.24 read-only # ls -alL /vmlinuz{,.old} /initrd.img /boot/{initrd,vmlinuz}* -rw-r--r--1 root root 2654208 Jul 26 2003 /boot/initrd.img-2.4.18-686 -rw-r--r--1 root root 3645440 Jan 11 19:30 /boot/initrd.img-2.4.23-1-686 -rw-r--r--1 root root 3665920 Feb 21 20:25 /boot/initrd.img-2.4.24-1-686 -rw-r--r--1 root root 5419008 Feb 21 23:22 /boot/initrd.img-2.6.2-1-686 -rw-r--r--1 root root 632393 Apr 13 2002 /boot/vmlinuz-2.4.18-686 -rw-r--r--1 root root 859929 Nov 30 09:24 /boot/vmlinuz-2.4.23-1-686 -rw-r--r--1 root root 859850 Feb 4 09:00 /boot/vmlinuz-2.4.24-1-686 -rw-r--r--1 root root 1106261 Feb 12 03:08 /boot/vmlinuz-2.6.2-1-686 -rw-r--r--1 root root 5419008 Feb 21 23:22 /initrd.img -rw-r--r--1 root root 1106261 Feb 12 03:08 /vmlinuz -rw-r--r--1 root root 859850 Feb 4 09:00 /vmlinuz.old # ls -l /dev/sda{,1} brw-rw1 root disk 8, 0 Oct 13 2001 /dev/sda brw-rw1 root disk 8, 1 Oct 13 2001 /dev/sda1 What am I missing? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
dependency validator tool ???
I am not quite sure how to search for this, and so far I have not turned up anything substantive ; Is there some dpkg/apt tool to scan an existing system, and pass judgment on the current state of installed dependency integrity? Yes, I have a good idea how the installation process works, and I am satisfied with that as far as it goes. However, sometimes installations _remove_ stuff, and other processes (e.g., deborphan, c.) facilitate cleaning up unused files. Accidents happen. Bugs bug. With all of these processes going on, is there a canonical method to verify the integrity of the status quo? what do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: boot 2.4.x *after* using 2.6.2 ???
* On 2004:02:22:11:26:39-0600 I, Michael D Schleif [EMAIL PROTECTED], scribed: OK, I am finally testing v2.6.x kernels on one box. Prior to yesterdays 2.6.2 install, I had successfully used the following: 2.4.23-1-686 2.4.24-1-686 This box uses lilo, and I successfully switched between these kernels at boot time. Then, I installed this: 2.6.2-1-686 Yes, it booted the first time, and after I got around to loading the following, even X and KDE work: mousedev psmouse Nevertheless, now I cannot boot any 2.4.x kernels ; . . . Freeing initrd memory: 5292k freed [ request_module[block-major-8]: Root fs not mounted ] VFS: Cannot open root device 801 or 08:01 Please append a correct root= boot option Kernel panic: VFS: unable to mount root fs on 08:01 NOTE: That second line only occurs sometimes, and I cannot find any `block' references in /etc/modules.conf -- hence the `[]'. snip / Thank you, David, for pointing me in the right direction. Yes, lilo was properly configured. It turns out that something _removed_ the `bootable' flag from /dev/sda1 , and with `ROOT=probe' in /etc/mkinitrd/mkinitrd.conf, the probing process could not find a boot partition for 2.4.x kernels. I do not know how 2.6.x kernels find a bootable partition; nor do I know how the installation process of the 2.6.2 kernel removed that flag. Please, comment if you feel that this is a bug, and that I ought to report it. I do know that setting `ROOT=' is equivalent to the obsolete `PROBE=off', which _did_ allow booting the 2.4.x kernels. However, the correct solution is to use cfdisk and reset the `bootable' flag on /dev/sda1, and reset `ROOT=probe'. Now, this box and kernels 2.6.x/2.4.x behave as expected. Thank you. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: what package creates /var/log/faillog?
* Dan Jacobson [EMAIL PROTECTED] [2004:02:20:03:25:27+0800] scribed: What package creates /var/log/faillog? What is the recommended way of finding out next time without posting here? $ strings /var/log/faillog tty1 # dpkg -S faillog login: /usr/bin/faillog login: /usr/share/man/pl/man5/faillog.5.gz login: /usr/share/man/fr/man5/faillog.5.gz login: /usr/share/man/man5/faillog.5.gz login: /usr/share/man/pl/man8/faillog.8.gz login: /usr/share/man/man8/faillog.8.gz login: /usr/share/man/ja/man5/faillog.5.gz login: /usr/share/man/ja/man8/faillog.8.gz -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: i would like to read some root files on a distant debian host
* Steven Leach [EMAIL PROTECTED] [2004:02:08:09:47:45-0500] scribed: You have no business trying to access files in any account that is not yours, much less the system administrator's account of a system that is not yours. Grow Up. If anyone on the list can read french, please forward this jerk's message to the administrator at nordnet.fr - I tried to get an email address but couldn't find contact information for that domain name. Also, babblefish choked on their website, so I was unable to find anything that I could be sure was the correct email address to send to. On Feb 8, 2004, at 2:13 AM, bruno doutriaux wrote: i would like to read some root files on a distant debian host. could somebody help me. (i have some hints: the debian host is using gaim 0.75 which has security fails and i would like to also listen it with a trojan, is it possible on a debian?) # whois nordnet.fr | grep @ | grep -v ^changed: e-mail: [EMAIL PROTECTED] trouble: Questions: mailto:[EMAIL PROTECTED] trouble: Spam: mailto:[EMAIL PROTECTED] trouble: Test: mailto:[EMAIL PROTECTED] e-mail: [EMAIL PROTECTED] e-mail: [EMAIL PROTECTED] notify: [EMAIL PROTECTED] e-mail: [EMAIL PROTECTED] hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: What command tells you most about your hardware?
* Kent West [EMAIL PROTECTED] [2004:02:07:23:23:21-0600] scribed: Roger Chrisman wrote: snip / What command would you use to display details about your hardware - cpu, ram, drives, etc? I know my BIOs tells me some of this. I am looking for a command line tool. lshw is what you're looking for. It's in unstable; I'm not sure about stable and/or testing. As cool as this tool is, pay close attention to the information that it presents, since some of it is in accurate and suspect. For example, on the five (2) debian boxen on which I used it, all of them show 16MB video memory when, in fact, some have more, some less, but none have exactly 16MB ; -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: script to list installed packages
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2004:01:29:00:27:11-0500] scribed: Hi all, I know that somewhere there is a command to list all installed packages (I even remember using it way back when...), but I can't seem to find it. I've looked at the various apt utility man pages and have not found anything, even for apt-cache. I'm trying to write a script to run the command daily (with cron), and dump the list to a file. This should be a useful tool to keep track of package installs and removals. Just by running diff on two files, one can tell what got install/removed/upgraded that day. dpkg -l | grep ^i hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
sr1: CDROM not ready ???
OK, it can be nice to have devices _know_ when they are ready to be used ; However, enough is enough: Jan 27 10:02:09 bragi kernel: sr1: CDROM not ready. Make sure there is a disc in the drive. Jan 27 10:02:40 bragi last message repeated 31 times Jan 27 10:03:41 bragi last message repeated 61 times Jan 27 10:04:42 bragi last message repeated 61 times I know what /dev/sr1 is, and I often play audio CD's in that drive. Sometimes, that drive is empty, and that is the way it should be. How can I figure out what process is pummeling syslog with this useless information? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
sr1: CDROM not ready ???
OK, it can be nice to have devices _know_ when they are ready to be used ; However, enough is enough: Jan 27 10:02:09 bragi kernel: sr1: CDROM not ready. Make sure there is a disc in the drive. Jan 27 10:02:40 bragi last message repeated 31 times Jan 27 10:03:41 bragi last message repeated 61 times Jan 27 10:04:42 bragi last message repeated 61 times I know what /dev/sr1 is, and I often play audio CD's in that drive. Sometimes, that drive is empty, and that is the way it should be. How can I figure out what process is pummeling syslog with this useless information? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: sr1: CDROM not ready ???
* Michael Heldebrant [EMAIL PROTECTED] [2004:01:27:15:25:08-0600] scribed: On Tue, 2004-01-27 at 15:06, Michael D Schleif wrote: OK, it can be nice to have devices _know_ when they are ready to be used ; However, enough is enough: Jan 27 10:02:09 bragi kernel: sr1: CDROM not ready. Make sure there is a disc in the drive. Jan 27 10:02:40 bragi last message repeated 31 times Jan 27 10:03:41 bragi last message repeated 61 times Jan 27 10:04:42 bragi last message repeated 61 times I know what /dev/sr1 is, and I often play audio CD's in that drive. Sometimes, that drive is empty, and that is the way it should be. How can I figure out what process is pummeling syslog with this useless information? What do you think? Install the lsof package if you don't have it. Try: lsof /dev/sr1 Tt should give you a clue as to what is opening the device, you may have to run it as lsof -r /dev/sr1 over a minute or more if the process only opens /dev/sr1 every now and then. It looks to be something checking once a minute (61 log messages over 61 minutes) Are you running something like nautilus? Thank you. # lsof /dev/sr1 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME kscd1336 mds 10r BLK 11,1 163217 /dev/scd1 I got confused, because nothing really said `sr1'. Even ~/.kde/share/config/kscdrc specifies: /dev/cdrom. # ls -l /dev/sr1 lrwxrwxrwx1 root root4 May 25 2002 /dev/sr1 - scd1 # ls -l /dev/scd1 brw-rw1 root cdrom 11, 1 Nov 30 2000 /dev/scd1 # ls -l /dev/cdrom lrwxrwxrwx1 root root6 Nov 15 18:29 /dev/cdrom - ./scd1 kscd was sitting in the System Tray, and when I closed it, syslog bombardment also went away ; I am still confused why the logs and console streaming insisted that the culprit was on /dev/sr1 . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: Mutt sending help
* Mike Mueller [EMAIL PROTECTED] [2004:01:21:01:15:54-0500] scribed: snip / If so, is mutt making the Return-path field or nullmailer? An empirical way for you to see the entire message that leaves mutt is to go to look at your `sent' mail. Do you have something like the following in your ~/.muttrc? set record==sent set record=/tmp/sent `record' records an exact copy of every message you send for this very purpose. hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: checking whether partition mounted as ext3
* Faheem Mitha [EMAIL PROTECTED] [2004:01:19:02:39:14+] scribed: On Sun, 18 Jan 2004 18:00:51 -0500, Paul Morgan [EMAIL PROTECTED] wrote: On Sun, 18 Jan 2004 13:51:28 -0700, Doug Holland wrote: Run mount at the command line, with no arguments, and it'll tell you which filesystems are mounted with which fs types. I'm not sure how to tell which mode an ext3 partition is using, though I think running fsck may tell you. Running mount, as you suggest, will tell you with which options the FS was mounted, including the journaling mode. It just seems to echo what is in /etc/fstab. I wanted something which actually went and checked the partitions. snip / If you want to know what the running OS is using, look to /proc : cat /proc/self/mounts If that still tells you `ext3/ext2', then I suspect that the kernel and the filesystem have some kind of (code) agreement to dynamically negotiate -- but, that is only a guess ; hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
john -- cannot -show cracked passwords ???
I am having problems with john. Every morning, I get this message: Sending mail to jeff... John has cracked 1 passwords. If you want to see them, use john -show passwordfile. (See john(1) for details). However, I cannot get john to show me: # sudo john -show /root/.john/john.tmp.9udtXe 0 passwords cracked, 3 left # apt-show-versions john john/testing uptodate 1.6-23 # sudo grep ^passfile /etc/john-mail.conf passfile=3D/root/.john/john.tmp # sudo ls -l /root/.john/ total 4 -rw---1 root root 1476 Jan 12 01:00 john.tmp.9udtXe What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- signature.asc Description: Digital signature
Re: www.gnu.org, glibcbug, bug@gnu.org, dpkg-reconfigure locales
s. keeling [EMAIL PROTECTED] [2004:01:10:15:18:27-0700] scribed: Incoming from Colin Watson: Try 'set charset=iso-8859-1' instead. That makes mutt mis-display foreign characters. I've since just commented out that variable. I have this: set charset=//TRANSLIT -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Ifup/ifdown
Russell Shaw [EMAIL PROTECTED] [2004:01:11:14:37:42+1100] scribed: snip / netstat -rn gives: Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.0.0 0.0.0.0 255.255.255.0 U40 0 0 eth0 How do i get: 192.168.0.0 127.0.0.1 255.255.255.0 U40 0 0 eth0 What -- exactly -- are you trying to do? Please, step back from this, and take a long, hard look at what you expect to happen. Perhaps, you will find another way . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: dpkg and ownership of a file
Brad Stockdale [EMAIL PROTECTED] [2004:01:08:13:32:36-0500] scribed: Hello all, I am a newbie to Debian and I made a booboo.. While prepping a system for production use, I accidentally overwrote /usr/include/unix.h with the unix.h that comes from the imap2002e library (used by PHP to enable it to use POP and IMAP protocols)... So, now I cant get some stuff to compile due to the header file being wrong... My initial thought was Well, if Debian's package management is anything like Redhat's, I should be able to find out what package owns that file, and then I can reinstall the package. So, I do a: dpkg -S unix.h And it gives me no results... Well, gives me an auth_unix.h file, which isnt what I'm looking for... My question is: If Debian packages are just as good if not better than Redhat RPM's, then why can I not find out what package owns that file? Am I using the wrong command? I suggest, if you know the full path to a file, then _first_ use that with dpkg: dpkg -S /usr/include/unix.h That way, you will get the definitive answer -- in this case: dpkg: /usr/include/unix.h not found. Without the path to a file, dpkg -S gives you every package that has a file that matches the regular expression, in your case: unix.h which happens to match: libc6-dev: /usr/include/rpc/auth_unix.h hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
NFS mount Netware shares ???
Is there some trick to mounting Netware shares via NFS? Yes, I can get them mounted; but, the uid/gid is like nobody under AIX, largest signed 32 bit number, and file access is extremely limited under these circumstances. # df Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda2 1921156523412 1300152 29% / /dev/sda3 964532 5868909668 1% /tmp /dev/sda4 5368320 1692428 3403192 34% /usr irv:/DATA/mds-data48955392 42499672 6455208 87% /irv # mount /dev/sda2 on / type ext2 (rw,errors=remount-ro) proc on /proc type proc (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda3 on /tmp type ext2 (rw) /dev/sda4 on /usr type ext2 (rw) irv:/DATA/mds-data on /irv type nfs (rw,noexec,nosuid,nodev,sync,rsize=8192,wsize=8192,addr=192.168.1.30,user=mds) # ls -al /irv/ total 624 drwxr-xr-x1 4294967294 4294967294 4096 Jan 5 18:03 . drwxr-xr-x 19 root root 4096 Dec 8 00:03 .. drwxr-xr-x1 4294967294 4294967294 4096 Apr 16 2003 ATI drwxr-xr-x1 4294967294 4294967294 4096 Apr 16 2003 Inetpub drwxr-xr-x1 4294967294 4294967294 4096 Apr 16 2003 LEAF -rw-r--r--1 4294967294 4294967294 7361 Oct 15 2002 Log.txt -rw-r--r--1 4294967294 4294967294 141 Jan 19 2003 PCcheck.LOG drwxr-xr-x1 4294967294 4294967294 4096 Apr 16 2003 Perl drwxr-xr-x1 4294967294 4294967294 4096 Apr 16 2003 TFTP-Root drwxr-xr-x1 4294967294 4294967294 4096 Apr 16 2003 apPs -rw-r--r--1 4294967294 4294967294 150528 Jul 22 2002 arcldr.exe -rw-r--r--1 4294967294 4294967294 163840 Jul 22 2002 arcsetup.exe drwxr-xr-x1 4294967294 4294967294 4096 Apr 16 2003 biN . . . What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
tiger: howto manage flood of `deleted files' alerts ???
I have been using tiger for nearly a year. Several months ago, a new test was added in: /usr/lib/tiger/scripts/check_finddeleted Since then, several of my servers are flooded with alerts like this: NEW: --FAIL-- [kis011f] Server [apache] (pid 31863) is using deleted files Yes, I know what it means; but, of the thousands that I have received, I have not found one that warranted the alert. No, I do *not* want to turn OFF this check; but, I need to find some way to manage the output of this check. I have searched the archives of debian-user and debian-security, and I have googled; but, I have not found a solution to this dilemma. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Bookmarks: Konqueror *AND* Mozilla ???
For various reasons, I use _both_ Konqueror and Mozilla browsers. What are the best ways to maintain bookmarks that are accessible and update-able by _both_ browsers? In other words, I want to centralize my bookmarks, and I want to be able to -- easily and readily -- add to them from any browser, or at least these two browsers. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: messages in mutt: \225 etc
Lucas Bergman [EMAIL PROTECTED] [2003:12:31:08:10:39-0600] scribed: snip / In the Windows 1252 character set, \225 represents a bullet, which seems likely to be the intention here. See: http://www.jwz.org/docs/charsets.html snip / That link does not work here. Have you checked it recently? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Best Practices: CGI.pm CSS2 ???
Please, somebody point me to URL's that provide examples and best practices of using CSS2, CGI.pm and XHTML v1.x. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Best Practices: CGI.pm CSS2 ???
Bijan Soleymani [EMAIL PROTECTED] [2003:12:29:23:57:16-0500] scribed: On Mon, Dec 29, 2003 at 10:51:06PM -0600, Michael D Schleif wrote: Please, somebody point me to URL's that provide examples and best practices of using CSS2, CGI.pm and XHTML v1.x. Well I'm one for thorough reference material so for CSS2 and XHTML I would recommend you look through the www consortium pages at: http://www.w3c.org As for CGI.pm I would do a: apt-get install perl-doc and then: apropos CGI man CGI That's enough to get me going. But if you would like more tutorial- like resources, then I recommend you search google. Yes, I have been googling ; I suppose that I wasn't adequately clear as to my request: I want to find tutorials, examples, c. of using all three (3) together: CGI.pm, CSS2 and XHTML. In other words, what are the best ways to leverage the union of all three tools? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Where is ptkdb ???
Where can I find ptkdb in DEB? # apt-show-versions perl perl/unstable uptodate 5.8.2-2 -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: PDF cut--paste ???
Paul Johnson [EMAIL PROTECTED] [2003:12:17:19:35:49-0800] scribed: On Tue, Dec 16, 2003 at 01:05:44AM -0600, Michael D Schleif wrote: Which PDF readers allow blocking and cut--paste? kpdf does, but unfortunately, most PDF creators are idiots and scan documents without OCR or anything like that to make selectable text. OK, I'll bite -- what is kpdf? Where can I get it? These return nothing: apt-cache search kpdf dpkg -S kpdf -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
PDF cut--paste ???
Which PDF readers allow blocking and cut--paste? Also, which allow searching for text and phrases? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
mod_perl ???
Is anybody else having problems with recent libapache-mod-perl? I have two (2) debian systems that segfault on apache startup, as soon as I insert the LoadModules line into /etc/apache/httpd.conf. I have opened Bug#224049, and I have posted to debian-user, debian-apache and [EMAIL PROTECTED] without response. I wonder if I am doing something wrong, or there is something peculiar about my two systems. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: PDF cut--paste ???
Roberto Sanchez [EMAIL PROTECTED] [2003:12:16:16:43:11-0500] scribed: Patrick Lesslie wrote: On Tue, Dec 16, 2003 at 06:46:16PM +1100, Patrick Lesslie wrote: On Tue, Dec 16, 2003 at 01:05:44AM -0600, Michael D Schleif wrote: Which PDF readers allow blocking and cut--paste? Also, which allow searching for text and phrases? xpdf allows cut and paste. It feels funny because it is a pixel-wise block, but it works. For searching, it might be enough to use pdftotext | grep string I don't know which other ones allow searching. Ok, I take that back ... xpdf has a search button. Acroread also does both. But it is non-free. -Roberto That's just it -- I cannot get acroread (v5) to block-cut--paste. Yes, I know that it is possible to create PDF's without ability to do that; but, the *same* PDF's from which I can cut--paste in windoze, I _cannot_ cut--paste under debian. Is there something other than the text-select mode? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: PDF cut--paste ???
Roberto Sanchez [EMAIL PROTECTED] [2003:12:16:19:56:53-0500] scribed: Michael D Schleif wrote: Roberto Sanchez [EMAIL PROTECTED] [2003:12:16:16:43:11-0500] scribed: Patrick Lesslie wrote: On Tue, Dec 16, 2003 at 06:46:16PM +1100, Patrick Lesslie wrote: On Tue, Dec 16, 2003 at 01:05:44AM -0600, Michael D Schleif wrote: Which PDF readers allow blocking and cut--paste? Also, which allow searching for text and phrases? xpdf allows cut and paste. It feels funny because it is a pixel-wise block, but it works. For searching, it might be enough to use pdftotext | grep string I don't know which other ones allow searching. Ok, I take that back ... xpdf has a search button. Acroread also does both. But it is non-free. -Roberto That's just it -- I cannot get acroread (v5) to block-cut--paste. Yes, I know that it is possible to create PDF's without ability to do that; but, the *same* PDF's from which I can cut--paste in windoze, I _cannot_ cut--paste under debian. Is there something other than the text-select mode? What do you think? Are those PDF docs optimized for Acrobat 6 (as opposed to Acrobat 5)? -Roberto No. As a matter of fact, my résumé on my website was created prior to v6, and I cannot cut--paste from that. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: mod_perl ???
Michael D Schleif [EMAIL PROTECTED] [2003:12:16:12:23:53-0600] scribed: Is anybody else having problems with recent libapache-mod-perl? I have two (2) debian systems that segfault on apache startup, as soon as I insert the LoadModules line into /etc/apache/httpd.conf. I have opened Bug#224049, and I have posted to debian-user, debian-apache and [EMAIL PROTECTED] without response. I wonder if I am doing something wrong, or there is something peculiar about my two systems. What do you think? OK, please, help me roll my own. I have not done this; but, I want to apt-get the source, and compile it into a DEB, and install it in such a manner that I will have the option to upgrade to the next official libapache-mod-perl. How do I do this? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Can we tag [T]echnical posts?
Karsten M. Self [EMAIL PROTECTED] [2003:12:13:01:11:45-0800] scribed: snip / Addressing this specifically: while there's a lot of similarity of interests on this list, it's neither a social nor general discussion list. I see no particular reason the Debian Project or SPI should be compelled to provide infrastructure for either. One of the people quoted in this post has hit my own s/n annoyance threshold. While she may not appreciate being told so, it doesn't change the facts. And it makes her own lecturing at least mildly ironic. Hey, dude, it's acerbic comments like this that prompt many to see you as a misanthrope. Sure, you have a right to your opinion, and you have every right to express same; but, could you tone it down a bit, or make a special effort to find your delete key before your blood pressure goes through the roof? From my experience, diatribes like these, on a mailing list for which you have no administrative mandate, only rankle the loudmouths further, and prompt many to exclaim, Who died and made you god? I am not one to be giving lessons in diplomacy; but, I find many of your adjective laden value judgments to be more than a little off base . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
mod_perl non-configurability ???
# sudo /etc/init.d/apache restart Reloading apache modules/etc/init.d/apache: line 70: 19518 Segmentation fault start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON failed # COLUMNS=120 dpkg -l '*apache*' | grep ^i | cut -c 0-50 ii apache 1.3.27.0-2 ii apache-common1.3.27.0-2 ii libapache-mod-jk 3.3.1a-1 ii libapache-mod-perl 1.27-4 ii libapache-mod-perl-doc 1.29.0.1-1cvs20031206 ii libapache-mod-webapp 1.3.0-1.0.ipv6.r1 # ls -l /usr/lib/apache/1.3/mod_perl.so -rw-r--r--1 root root 327584 Apr 14 2003 /usr/lib/apache/1.3/mod_perl.so # grep -i perl /etc/apache/httpd.conf | grep mod LoadModule perl_module /usr/lib/apache/1.3/mod_perl.so # dpkg -L libapache-mod-perl | grep -i read | sort /usr/share/doc/libapache-mod-perl/README.gz /usr/share/doc/libapache-mod-perl/examples/README Apache works just fine *without* that LoadModule line, and no other changes to httpd.conf repeatedly result in this error. I cannot find a README.Debian, nor have I found any manual instructions for configuring httpd.conf. I _did_ manually add the LoadModule line, since I have had to do that before on other systems. mod_php install offers to do that automatically; but, mod_perl installation offered no such assistance. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: FHS and other things Mark should have read with comprehension (was Re: unchecked 31 times)
Karsten M. Self [EMAIL PROTECTED] [2003:12:03:06:15:29-0800] scribed: snip / See, variously, the FHS, and my own partitioning guidelines: http://twiki.iwethey.org/Main/NixPartitioning snip / Since Debian places logfiles under /var/log, I always create a separate /var/log partition. If logfiles ever spew out of control, my systems continue to function . . . Is there some reason *not* to protect the rest of /var? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: finding what is using a mount point
Micha Feigin [EMAIL PROTECTED] [2003:11:21:15:43:49+0200] scribed: I mounted an image through a loop interface and now when I try to unload it I get a message: umount: /home/micha/tmp: device is busy I made sure no file is open from there but nothing helps. How do I see what is using that mount point? # dpkg -S /usr/bin/lsof lsof: /usr/bin/lsof -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: What is required to deliver system mail locally ???
Andreas Janssen [EMAIL PROTECTED] [2003:11:15:09:15:22+0100] scribed: Hello John L. Fjellstad ([EMAIL PROTECTED]) wrote: On Saturday 15 November 2003 01:42, Michael D Schleif wrote: I do not want exim, nor its ilk, on open port 25. I do want system mail (cron, error messages, c.) to be delivered to root. Is exim required? If I uninstall exim, will system mail continue to be delivered? What is the Debian way to accomplish these goals? You don't need a MTA (like Exim) listening on port 25, to have it do local delivery. For instance, in qmail (which I'm familiar with), the listener program is a separate program from the delivery mechanism (don't know how it is in exim). In fact, exim doesn't have to be running at all to have local email delivered. Deinstalling however will cause dependency problems because packages like anacron, at, mailx and logrotate depend on MTA. OK, I guess this is where my thinking comes in. I have rerun eximconf, and told it to use option #4, that this computer is *not* on the Internet, and to only deliver local mail. Of course, now nothing is listening on port 25 ; Nevertheless, having exim installed on this system appears to be overkill, and a possible security hole. I want local system mail delivered; and, I want ``packages like anacron, at, mailx and logrotate'' to function properly. What is the Debian way to promote this absolutely minimal mail system? How do others handle this? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: What is required to deliver system mail locally ???
Andreas Janssen [EMAIL PROTECTED] [2003:11:15:18:34:36+0100] scribed: Hello Jacob S. ([EMAIL PROTECTED]) wrote: On Sat, 15 Nov 2003 08:27:28 -0600 Michael D Schleif [EMAIL PROTECTED] wrote: snip I have rerun eximconf, and told it to use option #4, that this computer is *not* on the Internet, and to only deliver local mail. Of course, now nothing is listening on port 25 ; snip Are you sure nothing's listening on port 25? I just checked with a telnet name 25 to one of the machines on my network running exim that I configured with the same option #4 and got the usual SMTP greeting identifying itself as Exim 3.35. I think option #4 just skips asking you details about how to send and receive e-mail from the internet because you told it you only want mail delivered locally. However, it still listens to port 25 because you said you *do* want mail delivered locally, by selecting #4. Running eximconfig and selecting local delivery doesn't affect on which port exim is listening. With the default settings, exim is started by inetd, which listens on /all/ interfaces, no matter what you tell exim to do. Even if you tell exim to do local delivery only. If you switch off inetd manually or switch off smtp in inetd.conf, eximconfig will not change this (at least if you select option 4). However, if you switch off smtp in inetd.conf and you still have the init scripts for exim, exim will automatically start in standalone mode the next time you reboot. Yes, I did this, after eximconfig: sudo update-inetd --disable smtp Yes, I know that I can run any number of MTA's, including exim, qmail, c. However, my point is that there are boxen on which *only* local, system mail is appropriate. Mine is one of those. In this case, what is the Debian way to run an absolutely minimum MTA, the smallest possible footprint, least likely setup to disrupt apt-get'd applications, and as secure as possible. So far, I have not seen any response address this. Or, am I missing something? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: inetd vs. inetutils-inetd
Monique Y. Herman [EMAIL PROTECTED] [2003:11:15:15:12:02-0700] scribed: I returned from vacation today and upgraded my unstable box. After doing so, I could no longer connect to my newsserver on localhost. After some poking around, I discovered that I had both /etc/init.d/inetd and /etc/init.d/inetutils-inetd, both of which were running. I killed all related process for both of them and just started up the inetutils version, after which I was again able to connect. So far so good. I poked through /var/lib/dpkg/info/*.list, and no one there claims to know anything about /usr/sbin/inetd, which is the app called by /etc/init.d/inetd. I'm 99% sure that it must have arrived as part of a package, so this seems kind of weird. Anyone have any familiarity with this? Should I just delete the related files and move on with life? # dpkg -S /usr/sbin/inetd netkit-inetd: /usr/sbin/inetd -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
What is required to deliver system mail locally ???
I am building a Debian web server for a DMZ. I do not want exim, nor its ilk, on open port 25. I do want system mail (cron, error messages, c.) to be delivered to root. Is exim required? If I uninstall exim, will system mail continue to be delivered? What is the Debian way to accomplish these goals? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
php syslog lockup ???
I am working on a project with Apache, PHP4 and MySQL on a Debian box. I am no PHP expert; but, those that supposedly are, are stumped by the following problem. They are developing on an older Red Hat box. Also, in July, I built a VMware image of a Debian box, since the production box is to be Debian woody. On these systems, the problem does no occur. On the main Debian box, assembled last month, the application locks up everytime it makes a call to the syslog function. The developers are stumped by this, saying that ``everybody'' uses this function. Near as I can tell, this syslog function comes from phpwebtools v0.4.0, class.syslog.php. This is a typical function call: syslog(LOG_INFO,FUNCTIONS.php|verify_auth login attempt $user ); I have tried to identify the problem by sticking similar calls at various places in the code, then tracing via web interaction. On the problem system, the first instance of the syslog function call that I get to, the application appears to lock up and time out. When I comment out that call, the application goes on, and locks up at the next call. To reiterate, this does *not* occur on the Red Hat nor VMware Debian boxen. Furthermore, main supporting apps are identical DEB's: ii apache 1.3.27.0-2 ii apache-common 1.3.27.0-2 ii mysql-client4.0.13-3 ii mysql-common4.0.13-3 ii mysql-server4.0.13-3 ii php44.1.2-6woody3 ii php4-cgi4.1.2-6woody3 ii php4-mysql 4.1.2-6woody3 Anybody seen such a phenomenon? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: PAM rejecting valid username/passwd ???
Michael D Schleif [EMAIL PROTECTED] [2003:10:31:19:19:32-0600] scribed: It all started after rebooting to correct a scsi module problem ; My logon and email fetching has been working *without* incident for many months. Now, my user (mds) can no longer ssh into a remote debian system: # ssh -X deb.platinumaire.net [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied (publickey,password,keyboard-interactive). Fortunately, I have another logon that works. I have logged on as another user, su'd to mds, changed my password several times, tested it while logged on -- each time, ssh logon fails: Oct 31 19:11:51 deb sshd[585]: Failed password for mds from 12.248.228.98 port 63393 ssh2 Oct 31 19:12:04 deb last message repeated 2 times OK, my bad, on the fetchmail/PAM thing, I forgot to change my fetchmail passwd -- so, fetchmail *CAN* remotely access my account on that remote box. However, I still *CANNOT* ssh into my account on that box. Any ideas? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: PAM rejecting valid username/passwd ???
Michael D Schleif [EMAIL PROTECTED] [2003:11:01:08:58:14-0600] scribed: Michael D Schleif [EMAIL PROTECTED] [2003:10:31:19:19:32-0600] scribed: It all started after rebooting to correct a scsi module problem ; My logon and email fetching has been working *without* incident for many months. Now, my user (mds) can no longer ssh into a remote debian system: # ssh -X deb.platinumaire.net [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied (publickey,password,keyboard-interactive). Fortunately, I have another logon that works. I have logged on as another user, su'd to mds, changed my password several times, tested it while logged on -- each time, ssh logon fails: Oct 31 19:11:51 deb sshd[585]: Failed password for mds from 12.248.228.98 port 63393 ssh2 Oct 31 19:12:04 deb last message repeated 2 times OK, my bad, on the fetchmail/PAM thing, I forgot to change my fetchmail passwd -- so, fetchmail *CAN* remotely access my account on that remote box. However, I still *CANNOT* ssh into my account on that box. Furthermore, I have done this from the remote system: /usr/sbin/sshd -d -d -d -p 2 Whereupon, when I attempt to ssh logon, I get this after the third password entry: debug1: userauth-request for user mds service ssh-connection method password debug1: attempt 5 failures 5 debug2: input_userauth_request: try method password debug3: mm_auth_password entering debug3: mm_request_send entering: type 10 debug3: monitor_read: checking request 10 debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD debug3: mm_request_receive_expect entering: type 11 debug3: mm_request_receive entering debug1: PAM password authentication failed for mds: Authentication failure debug3: mm_answer_authpassword: sending result 0 debug3: mm_request_send entering: type 11 Failed password for mds from 12.248.228.98 port 63816 ssh2 debug3: mm_request_receive entering debug3: mm_auth_password: user not authenticated Failed password for mds from 12.248.228.98 port 63816 ssh2 Connection closed by 12.248.228.98 debug1: Calling cleanup 0x806e050(0x0) debug1: Calling cleanup 0x80629f0(0x0) Other ssh logons are un-affected and function properly. I suppose that I'll have to post to the openssh mailing list. Any ideas? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Adding scsi devices ???
A remote colleague has a debian system that has been running fine with stock kernel-image-2.4.18-1-686; but, until now, *not* running any SCSI devices. Last night, he added a SCSI cdrom and tape drive to the system. He insists that the AIC-7980 controller lists the devices during post. dmesg does *not* show the controller; nor does scsi_devfs_scan. I have a system with similar scsi devices; but, different kernel: # cat /proc/modules | grep -i scsi ide-scsi 10480 0 ide-mod98808 1 [ide-cd ide-probe-mod ide-scsi] scsi_mod 94848 4 (autoclean) [st ide-scsi sd_mod aic7xxx] His shows this: # cat /proc/modules | grep -i scsi scsi_mod 84952 1 (autoclean) [sr_mod] Neither system has any aic7xxx listed in: /etc/modules /etc/modules.conf I have built systems with scsi support from ground zero; but, I have not added scsi to a non-scsi system. What are we missing? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Adding scsi devices ???
Douglas M. MacFarlane [EMAIL PROTECTED] [2003:10:31:15:58:09-1200] scribed: His shows this: # cat /proc/modules | grep -i scsi scsi_mod 84952 1 (autoclean) [sr_mod] What are we missing? Use modconf to add the st and sr_mod modules to load at boot. I do not know why I always forget this ; First, I needed to use modconf to install aic7xxx. Then, I needed to use modconf to install these: ide-scsi sd_mod sg sr_mod st Now, his system is functioning as expected. Thank you. -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
PAM rejecting valid username/passwd ???
It all started after rebooting to correct a scsi module problem ; My logon and email fetching has been working *without* incident for many months. Now, my user (mds) can no longer ssh into a remote debian system: # ssh -X deb.platinumaire.net [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied, please try again. [EMAIL PROTECTED]'s password: Permission denied (publickey,password,keyboard-interactive). Fortunately, I have another logon that works. I have logged on as another user, su'd to mds, changed my password several times, tested it while logged on -- each time, ssh logon fails: Oct 31 19:11:51 deb sshd[585]: Failed password for mds from 12.248.228.98 port 63393 ssh2 Oct 31 19:12:04 deb last message repeated 2 times Worse, I remotely gather email from that system via fetchmail, which is also failing. Fortunately (?) this, at least, gives me a clue: Oct 31 19:08:01 deb cron(pam_unix)[558]: session opened for user mail by (uid=0) Oct 31 19:08:02 deb cron(pam_unix)[558]: session closed for user mail Oct 31 19:08:09 deb popa3d(pam_unix)[576]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=mds Oct 31 19:10:56 deb popa3d(pam_unix)[582]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=mds What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: sed problem
Dave selby [EMAIL PROTECTED] [2003:10:19:11:37:44+0100] scribed: I need to get the contents of a HTML title tag put it in a string. ie titlespecialist cards/title I need the specialist cards in a variable $titlecontents I thought it would be easy with sed sed -n '/title/,/\/title/p' But no go. I have tried various ways but to no avail. Which of these best meets your loosely described needs? sed -n '/^title[^]*\/title/p' sed -n '/\/*title/p' sed -n 's!/*title!!gp' hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: OT - Programming Languages w/o English Syntax
Arnt Karlsen [EMAIL PROTECTED] [2003:10:19:15:19:21+0200] scribed: snip / Red China Communism came from where? ;-) Just to quickly jump in, then back out of this trivial, off-topic polemic: [a] There is not, nor has there ever been, a Communist government. The Soviet Union, Peoples Republic of China, et al. are -- at best -- socialist states, which is not Communism. [b] There is not, nor has there ever been, a Democratic government. The United States of America, Great Britain, et al. are -- at best -- Republics, and a Republic is *not* a Democracy. ... We are now returning to our irregularly scheduled program ... -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Special control characters ???
First, two examples: ^I ^M Obviously, you know that these are each single characters, and not two: caret+letter. Where do these come from? Are they features of the shell? Where is an exhaustive list of such special control characters, and their definitions? They come in quite handy for shell scripts, and I'm sure there are those about which I do not know, that can make life easier. What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Licensing requirements ???
Joey Hess [EMAIL PROTECTED] [2003:10:11:11:56:08-0400] scribed: Chris Spencer wrote: That's correct. You must purchase a MySQL license to use it in this fashion. Apache, PHP, and Debian are all fine. No purchase is required. What are the repercussions to my client, as a result of this model? Buy MySQL. Make the product. Sell the product. The situation you describe would mean that mysql would be non-free, and thus not part of Debian. The license of mysql 4.0.14 is a mixture of the GPL, LGPL and BSD licenses, with nothing prohibiting commercial use. I see nothing in the license to call for purchase of a special mysql license for this use. Especially Section 3: http://www.mysql.com/products/licensing.html Am I misinterpreting this? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Licensing requirements ???
Shyamal Prasad [EMAIL PROTECTED] [2003:10:11:18:26:01-0500] scribed: Joey == Joey Hess [EMAIL PROTECTED] writes: Joey Chris Spencer wrote: That's correct. You must purchase a MySQL license to use it in this fashion. Apache, PHP, and Debian are all fine. No purchase is required. What are the repercussions to my client, as a result of this model? Buy MySQL. Make the product. Sell the product. Joey The situation you describe would mean that mysql would be Joey non-free, and thus not part of Debian. mysql is licensed under GPL, but the original poster wanted to keep certain modifications to the complete application proprietary. To do this they would have to purchase a commercial license from MySQL AB. I don't remember how exactly it was done, but the MySQL licensing terms define any application that uses the database to implement a major part of its features is deemed a modification (or something similar) of mysql, and so the entire application must be GPL'ed. Yes, this is my interpretation of Section 3 at: http://www.mysql.com/products/licensing.html My problem is trying to understand the final impact of those words. Seems to be a difference of opinion on this list; so, I guess I need to take this up with the MySQL folks. Nonetheless, consensus on this list indicates that no other piece of what we are doing is questionable license-wise? Anybody disagree? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Convert realaudio to free audio ???
Ryan Nowakowski [EMAIL PROTECTED] [2003:10:09:00:47:57-0500] scribed: On Wed, Oct 08, 2003 at 10:22:40PM -0500, Michael D Schleif wrote: I am constantly receiving realaudio files, and I want to listen to them; but, I do not want to install non-free programs on my system. Is there some way to convert these audio files to some other format, preferably by CLI? Check out vsound. Cool -- but, it still requires realplayer, which is what I am avoiding ; Other ideas? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Convert realaudio to free audio ???
Haim Ashkenazi [EMAIL PROTECTED] [2003:10:09:16:13:15+0200] scribed: Michael D Schleif wrote: I am constantly receiving realaudio files, and I want to listen to them; but, I do not want to install non-free programs on my system. Is there some way to convert these audio files to some other format, preferably by CLI? mplayer can play realplayer files (I guess that audio too). I'm not sure about converting them though... Where do I get mplayer? Is it `free'? If so, why is it not in any of my may sources? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Convert realaudio to free audio ???
Dave Carrigan [EMAIL PROTECTED] [2003:10:09:08:12:11-0700] scribed: On Thu, Oct 09, 2003 at 10:07:40AM -0500, Michael D Schleif wrote: Where do I get mplayer? deb http://marillat.free.fr/ unstable main Is it `free'? Let's not reopen it on this list. Ask google about debian and mplayer. I'll take that as a `NO' . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Licensing requirements ???
OK, this is my first foray into a sale-able product, based on `free' software. I am working with a company that is writing software that is to be sold to their customers. I have specified Debian as the OS on which this all runs; so, here I am on this list to learn the ropes of `free' software. Other than Debian, the software uses Apache, MySQL and PHP. My client wants to retain all rights to their software, and is not willing to release their software in any `free' software fashion. Also, in order to manage problems and maintain SLA's, this software is to be sold as an integral piece of a system -- somewhat of a blackbox. In other words, their customers will pay one basic price, and receive an installed hardware server, on which Debian and software are installed turnkey. Everything other than the proprietary software is straight DEB installed, so their is no issue of distributing modified `free' software. However, the MySQL licensing model seems to indicate that a licensing fee is due them; and, I wonder about others. What are the repercussions to my client, as a result of this model? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: man dangling symlink question
Monique Y. Herman [EMAIL PROTECTED] [2003:10:09:12:03:32-0600] scribed: On Thu, 09 Oct 2003 at 08:35 GMT, Colin Watson penned: On Wed, Oct 08, 2003 at 07:59:20PM -0500, Michael D Schleif wrote: It seems endemic that many package changes are ignorant of that dark corner of dpkg package that is /usr/sbin/update-alternatives -- why is that? It doesn't help that update-alternatives has historically been buggy and prone to randomly set links back to auto mode when you didn't want it to. Furthermore, it's very unclear exactly when packages are supposed to call update-alternatives in order to get upgrades right, and there's still no policy on this (see bug #71621). I'd never heard of update-alternatives or /etc/alternatives until a few days ago on this list, and to be honest I'm still a little (a lot) foggy on what exactly it's used for. For instance, I have /etc/alternatives/vi and /etc/alternatives/editor ... what applications will use these values? To make it even more confusing, I see the following: [EMAIL PROTECTED]:~$ ls -l /usr/bin/vi lrwxrwxrwx1 root root 20 Jun 30 2002 /usr/bin/vi - /etc/alternatives/vi* Obviously, this is an example of something using alternatives, but in this case, what was the something? How do I find out which packages are using alternatives? Sorry for all the ignorant questions; the whole system sounds vaguely promising, but I can't quite get a grip on it yet. # dpkg -L dpkg | grep alternatives | sort /etc/alternatives /etc/alternatives/README /usr/sbin/update-alternatives /usr/share/man/fr/man8/update-alternatives.8.gz /usr/share/man/ja/man8/update-alternatives.8.gz /usr/share/man/man8/update-alternatives.8.gz /var/lib/dpkg/alternatives # man update-alternatives -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Licensing requirements ???
Roberto Sanchez [EMAIL PROTECTED] [2003:10:09:14:18:30-0400] scribed: Michael D Schleif wrote: snip / I am working with a company that is writing software that is to be sold to their customers. I have specified Debian as the OS on which this all runs; so, here I am on this list to learn the ropes of `free' software. Other than Debian, the software uses Apache, MySQL and PHP. My client wants to retain all rights to their software, and is not willing to release their software in any `free' software fashion. snip / These questions are probably more appropriate for the debian-legal mailing list. Yes, that is a good point, and I have posted this to debian-legal. Nevertheless, I am interested in suggestions from the larger userbase of debian-user . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: man dangling symlink question
Monique Y. Herman [EMAIL PROTECTED] [2003:10:08:16:41:21+] scribed: Cron keeps yapping at me, so I investigate and find the following: home:~# ls -l /usr/share/man/man1/tixindex.1.gz lrwxrwxrwx1 root root 31 Sep 21 10:12 /usr/share/man/man1/tixindex.1.gz - /etc/alternatives/tixindex.1.gz home:~# ls -l /etc/alternatives/tixindex.1.gz lrwxrwxrwx1 root root 36 Sep 26 19:56 /etc/alternatives/tixindex.1.gz - /usr/share/man/man1/tixindex8.1.1.gz home:~# ls /usr/share/man/man1/tix* /usr/share/man/man1/tixindex.1.gz@ /usr/share/man/man1/tixwish8.1.1.gz /usr/share/man/man1/tixwish.1.gz@ My question: what exactly is tixindex an alternative *for*? Am I safe just blowing away both those symlinks? First of all, a dangling symlink is at best useless, and at worst dangerous. As it is, it contributes _nothing_ of value to your system; so, deleting it adds value. Second, if you really need it, you need to find out from which package it comes: dpkg -S /usr/share/man/man1/tixindex.1.gz Either reinstall that package, or contact its maintainer to correct the erroneous link. It seems endemic that many package changes are ignorant of that dark corner of dpkg package that is /usr/sbin/update-alternatives -- why is that? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Convert realaudio to free audio ???
I am constantly receiving realaudio files, and I want to listen to them; but, I do not want to install non-free programs on my system. Is there some way to convert these audio files to some other format, preferably by CLI? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: simple text formatting
Gregory Seidman [EMAIL PROTECTED] [2003:10:06:07:21:02-0400] scribed: On Sun, Oct 05, 2003 at 11:37:57PM -0700, Mike Egglestone wrote: } Hi, } } I have a file in this format of words: } } joe jill bill bob frank tom harry } } and want to convert the file to this format: } } joe } jill } bill } bob } frank } tom } harry } } Is there an easy way to this? The file I have has hundreds of entries. The various for loop solutions are miserably inefficient and are overly complex. The sed solution is almost reasonable. This is the simplest and cleanest solution, however: tr ' ' '\012' infile outfile Assuming, of course, that *all* whitespace is exactly one (1) character wide, and that *no* whitespace is a tab . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: spamassassin: recent process slowdown ???
Greg Folkert [EMAIL PROTECTED] [2003:10:04:09:51:00-0400] scribed: On Sat, 2003-10-04 at 01:53, Michael D Schleif wrote: Since the end of last week, spamd processing time per message has gone from ~6 seconds to 30 seconds. I am not clear whether or not any recent upgrades have changed spamassassin. I did not, at first, attribute my mail processing slowdown to spamassassin; rather, exim was timing out on procmail. While trying to identify problems with procmail, I had turned on some verbose logging that indicated long timeouts to some rbl[s]; but, today I cannot duplicate such logging ; I searched the archives at spamassassin.org and debian-user, and I do not see any similar report. Would maybe the DDoS on all the RBL Lists cause this slowdown... I believe so. Yes, I believe that this maybe the cause of my woes. However, mostly what I wanted, as result to my post, are answers to following: How can I get verbose logging information from spamd? What else can I investigate to determine root cause? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Limiting access to website ???
We are working on a web-based application. It will use mod_ssl to secure transactions. We want to limit access to the application. Yes, we have username/password authentication; but, we are also considering host-based limits. Can this be done with [mod_]ssl? Can access to a website require a certificate on the browser side? If so, please, point me in the right direction (e.g., URL's, documentation, applications, c.) What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Limiting access to website ???
Aaron [EMAIL PROTECTED] [2003:10:04:15:02:38-0400] scribed: Michael D Schleif [EMAIL PROTECTED] said, We are working on a web-based application. It will use mod_ssl to secure transactions. We want to limit access to the application. Yes, we have username/password authentication; but, we are also considering host-based limits. Can this be done with [mod_]ssl? Can access to a website require a certificate on the browser side? If so, please, point me in the right direction (e.g., URL's, documentation, applications, c.) Dare I suggest www.apache.org? Yes, you may. I have reacquainted myself with this: http://httpd.apache.org/docs/misc/FAQ.html#dnsauth However, I am wondering whether or not this can be done with SSL-type certificates? I admit that I have not gone completely through all of the mod_auth* alternatives . . . I am clear how SSL certificates establish trust -- client/browser trust of the remote webserver/application. Can this be inverted? Can the webserver/application establish trust of the client/browser via certificates, or something similar? We are looking for some authentication of the client side that does *not* require userland interaction. If this is google-able, please, help me with search criteria . . . What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Limiting access to website ???
Dave Carrigan [EMAIL PROTECTED] [2003:10:04:12:31:02-0700] scribed: On Sat, Oct 04, 2003 at 12:50:39PM -0500, Michael D Schleif wrote: We are working on a web-based application. It will use mod_ssl to secure transactions. We want to limit access to the application. Yes, we have username/password authentication; but, we are also considering host-based limits. Can this be done with [mod_]ssl? No, but it can be done with apache, which is what I presume you are using. Can access to a website require a certificate on the browser side? Yes. If so, please, point me in the right direction (e.g., URL's, documentation, applications, c.) http://httpd.apache.org/ What am I missing? I have read this: http://httpd.apache.org/docs/howto/auth.html As I responded to Aaron's message, we are looking for some kind of passive authentication, like an SSL Certificate. We do not want to have to rely on humans remembering another username/password, especially since the web application already has that control. We do not want the complications intrinsic to an httpd.conf embedded ACL. I know that I appear to be hung up on SSL Certificates; but, that model appears to meet our needs -- if only I can find the requisite documentation. Yes, two of you have suggested apache.org, and that is helpful. Nevertheless, I have not found what I am looking for on their site. Can you point me to a more specific URL? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Limiting access to website ???
Frank Gevaerts [EMAIL PROTECTED] [2003:10:04:22:25:54+0200] scribed: On Sat, Oct 04, 2003 at 02:56:14PM -0500, Michael D Schleif wrote: As I responded to Aaron's message, we are looking for some kind of passive authentication, like an SSL Certificate. We do not want to have to rely on humans remembering another username/password, especially since the web application already has that control. We do not want the complications intrinsic to an httpd.conf embedded ACL. I know that I appear to be hung up on SSL Certificates; but, that model appears to meet our needs -- if only I can find the requisite documentation. Have you tried google ? http://www.google.com/search?q=apache+certificate+authentication Using that, I found http://www.modssl.org/docs/2.8/ssl_howto.html#ToC9 which seems to be about what you want to do OK, this section is what I need -- thank you: http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6 Correct me if I am wrong; but, this is the process? [1] One (1) Certificate per client/browser authenticates *both* the server to the client, and the client to the server; and [2] Each client/browser can have *either* a unique client-specific Certificate, or each client/browser can have a Certificate _common_ to a group, for purposes of authentication in point [1]. [3] Will we need to become our own Certificate Authority, or would this work just as well with self-signed Certificates, and without any upline authority? Once I am clear on these points, I can go back to openssl, build some Certificates and test, test, test . . . What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: SED problem
Dave selby [EMAIL PROTECTED] [2003:10:04:19:25:32+0100] scribed: I have multiple html files. I need to remove the same chunk of code from all of them. I have made a bash loop to feed the files to sed, but am struggling with the sed code. I need to delete all the code between !-- lockon:a:1 -- and !-- lockoff -- Including the above comments. Do you want to specify a range like this: sed '/!-- lockon:a:1/,/!-- lockoff/d' /tmp/tmp.txt hth -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: SED problem
Michael D Schleif [EMAIL PROTECTED] [2003:10:04:16:32:37-0500] scribed: Dave selby [EMAIL PROTECTED] [2003:10:04:19:25:32+0100] scribed: I have multiple html files. I need to remove the same chunk of code from all of them. I have made a bash loop to feed the files to sed, but am struggling with the sed code. I need to delete all the code between !-- lockon:a:1 -- and !-- lockoff -- Including the above comments. Do you want to specify a range like this: sed '/!-- lockon:a:1/,/!-- lockoff/d' /tmp/tmp.txt Oops! I forgot about the closing the lockoff comment: # sed -f /tmp/tmp.sed /tmp/tmp.txt # cat /tmp/tmp.sed /!-- lockon:a:1/,/!-- lockoff/{ N /--/d D } -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Limiting access to website ???
Dave Carrigan [EMAIL PROTECTED] [2003:10:04:15:15:21-0700] scribed: On Sat, Oct 04, 2003 at 04:25:57PM -0500, Michael D Schleif wrote: OK, this section is what I need -- thank you: http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6 Correct me if I am wrong; but, this is the process? [1] One (1) Certificate per client/browser authenticates *both* the server to the client, and the client to the server; and The server will need its own certificate with a CN of the server's hostname. Yes, of course; but, thank you for pointing it out. [2] Each client/browser can have *either* a unique client-specific Certificate, or each client/browser can have a Certificate _common_ to a group, for purposes of authentication in point [1]. I suspect that you would be better off generating a certificate for each client, but that probably depends on your requirements. OK [3] Will we need to become our own Certificate Authority, or would this work just as well with self-signed Certificates, and without any upline authority? You will need to be a CA, and the both the server cert and the clients' certs will need to be signed by that CA. In addition, the server config needs to point to the CA's cert so that it can verify the clients' certs. Yes, this is the kind of detail that I did not guess. While on this subject, what do you recommend for us to become a CA? `apt-cache search certificate' shows only pyca -- is that adequate? What are the considerations for becoming a CA? The clients should have the CA's cert installed as well or else each client will complain when they connect because they don't recognize the server's certificate signer. This isn't strictly necessary, as long as your users can be trained to permanently accept the unknown cert the first time they connect. Note that all this could become very onerous if your application isn't targeted at a closed group of users (i.e., it's something on the Internet). The point is to allow only a select group access to the application; access which may or may not go across the Internet. One level of security would be this passive approach, whereby if the client does not present an acceptable certificate upon connection to the server, the server will not respond to the client's requests with access to the application. If the client presents an acceptable certificate, then the server will invoke other access and authentication processes. Thank you, for your insightful responses . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
spamassassin: recent process slowdown ???
Since the end of last week, spamd processing time per message has gone from ~6 seconds to 30 seconds. I am not clear whether or not any recent upgrades have changed spamassassin. I did not, at first, attribute my mail processing slowdown to spamassassin; rather, exim was timing out on procmail. While trying to identify problems with procmail, I had turned on some verbose logging that indicated long timeouts to some rbl[s]; but, today I cannot duplicate such logging ; I searched the archives at spamassassin.org and debian-user, and I do not see any similar report. How can I get verbose logging information from spamd? What else can I investigate to determine root cause? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Do we really need to worry about viruses (was Re: Anyone else notice that Swen is slowing down?)
Ron Johnson [EMAIL PROTECTED] [2003:10:02:04:44:28-0500] scribed: On Wed, 2003-10-01 at 23:17, ScruLoose wrote: On Wed, Oct 01, 2003 at 07:56:07PM -0500, Michael D Schleif wrote: Karsten M. Self [EMAIL PROTECTED] [2003:10:02:00:37:35+0100] scribed: [snip] That kind of executable -- one that entices a user to click on it -- is just as real a threat to non-Microsoft userland, that I insist that your point is not all inclusive of the threats at hand. Simply because there is not yet a major, far reaching virus/worm propagating primarily from Linux boxen, does not rule out the existence of a threat . . . Most non-MS users are not likely to be logged in as root when they check the mail, so whether some virus auto-executes or entices them to click on it, the damage is generally going to be pretty well contained. It's going to take a _hell_ of a lot of social engineering to convince me to su, provide my root password, install and run some program that showed up in my inbox. No matter how pretty a message it's packaged in. Even assuming that the user getting the infected mail _has_ the root password. snip / Given the security model of Unix, we truly do *not* have to worry about email viruses (or viruses coming through click-thru social- engineering vectors). snip / Wrong! In fact, just this week, I am engaged with a prominent software development company, and every one of the developers develops on various Linux boxen, and every one of them insists on running as root. I also help support several neighborhood *nix users, and most of them are equally recalcitrant root account users. Yes, this is the debian-users mailing list; but, we are 31337 Linux users, and we support standards and best practices. We do not qualify, for the most part, as Joe-Average users -- and, we probably never will. Take a long, hard look at the real world *before* you knee-jerk a response to this post. IMHO, the view you will see is not far off of the mark I have just made . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Anyone else notice that Swen is slowing down?
Karsten M. Self [EMAIL PROTECTED] [2003:10:01:07:17:43+0100] scribed: on Tue, Sep 30, 2003 at 09:20:25PM -0500, Michael D Schleif ([EMAIL PROTECTED]) wrote: Karsten M. Self [EMAIL PROTECTED] [2003:10:01:00:53:46+0100] scribed: on Tue, Sep 30, 2003 at 12:11:16PM -0400, Mike Mueller ([EMAIL PROTECTED]) wrote: On Tuesday 30 September 2003 02:05, Karsten M. Self wrote: Seems like about the only way we're going to get a reasonable handle on this barring ISPs refusing to carry executables in email format. Hear! Hear! No more attachments - period. I'll settle for elimination of any known sort of executable though. No. Specifically: executables. Various other mail 'sploits -- there are some header buffer overflows, IIRC affecting LookOut -- exist and should be filtered as well. But specifically, AUPs against transmission of executable content, and concomittant filtering, would serve a useful purpose. There are opaque formats, from zip to tarball to encrypted payloads, which can be used by those sufficiently clueful to handle the task appropriately. MIME attachments of themselves serve many useful functions. There's an awful lot of baby in that bathwater. Starting with the signature on this message. I agree, up to a point. What really constitutes an `executable' program -- surely *not* its file extension ?!?! That's one distinction. Specifically, the set of extensions listed at http://www.linuxquestions.org/questions/archive/8/2003/03/4/51848j There's also the binary sequence which begins any Microsoft executable. For the current task of restricting transmission of viral mail load by agarware such as Outlook, use of either or both criteria in filtering / rejecting mail would work. Yes, so long as you limit this to Microsoft operating system executables. My point is that there are dangerous executables out there that are *not* Microsoft-specific . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Anyone else notice that Swen is slowing down?
Karsten M. Self [EMAIL PROTECTED] [2003:10:02:00:37:35+0100] scribed: on Wed, Oct 01, 2003 at 09:39:25AM -0500, Michael D Schleif ([EMAIL PROTECTED]) wrote: Karsten M. Self [EMAIL PROTECTED] [2003:10:01:07:17:43+0100] scribed: For the current task of restricting transmission of viral mail load by agarware such as Outlook, use of either or both criteria in filtering / rejecting mail would work. Yes, so long as you limit this to Microsoft operating system executables. My point is that there are dangerous executables out there that are *not* Microsoft-specific . . . Please share this knowledge. What executables are you awaree of affecting non-Microsoft systems which are in general circulation and which auto-execute on receipt by arbitrary systems in stock configuration? Seriously, I do understand and empathize with what you are saying. What I am saying is -- IMHO -- especially in light of the problems that I have experienced with Swen, auto-executing virus/worms are only *part* of the problem. Social engineering is often scoffed at as a real threat; but, what we see with Swen is so real looking that people I know have actually __manually__ clicked on those attachments! That kind of executable -- one that entices a user to click on it -- is just as real a threat to non-Microsoft userland, that I insist that your point is not all inclusive of the threats at hand. Simply because there is not yet a major, far reaching virus/worm propagating primarily from Linux boxen, does not rule out the existence of a threat . . . What say you? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
exim: pipe delivery process timed out
Sadly, for the last three days, although swen is starting to abate, I have encountered a new email malady ; # sudo exim -bV Exim version 3.36 #1 built 26-Aug-2003 22:39:06 Copyright (c) University of Cambridge 2002 [1] Generally, I receive between 2,000 and 3,000 emails per day, and prior to this new problem, have *not* had any exim queue problems. [2] Now that this problem has begun, I notice -- often, but not always -- that `exim -bp' shows several dozens of queued messages. While I have been querying, only one has shown as frozen. [3] I am finding several messages in rejectlog, with this message: This message was created automatically by mail delivery software (Exim). A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: [EMAIL PROTECTED] pipe delivery process timed out [4] Although, some of these are swen, or spam related, the majority of these messages are not. In fact, I have several automated remote monitoring messages that have come to me regularly for years, that now -- sometimes -- end up going through this bounce nightmare, and do not get to me other than as: failure notice Mail delivery failed: returning message to sender Unfortunately, anything below exim 4 appears to the user community as antiquated, and nothing helpful is forthcoming. Also, I find myself up to my eyeballs in customer problems, so I have little available time right now to tinker with this, even if I knew what I was doing ; What can cause this problem? More importantly, what can I do about this? What do you think? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Anyone else notice that Swen is slowing down?
Karsten M. Self [EMAIL PROTECTED] [2003:10:01:00:53:46+0100] scribed: on Tue, Sep 30, 2003 at 12:11:16PM -0400, Mike Mueller ([EMAIL PROTECTED]) wrote: On Tuesday 30 September 2003 02:05, Karsten M. Self wrote: Seems like about the only way we're going to get a reasonable handle on this barring ISPs refusing to carry executables in email format. Hear! Hear! No more attachments - period. I'll settle for elimination of any known sort of executable though. No. Specifically: executables. Various other mail 'sploits -- there are some header buffer overflows, IIRC affecting LookOut -- exist and should be filtered as well. But specifically, AUPs against transmission of executable content, and concomittant filtering, would serve a useful purpose. There are opaque formats, from zip to tarball to encrypted payloads, which can be used by those sufficiently clueful to handle the task appropriately. MIME attachments of themselves serve many useful functions. There's an awful lot of baby in that bathwater. Starting with the signature on this message. I agree, up to a point. What really constitutes an `executable' program -- surely *not* its file extension ?!?! -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- malware.zip Description: Zip archive pgp0.pgp Description: PGP signature
Re: MS mail bombs
John Hasler [EMAIL PROTECTED] [2003:09:23:21:18:48-0500] scribed: Wayne writes: I guess you could use fetchmail to weed them out but I found that spending time on the DENY rules in mailfilter was better spent. Fetchmail can be used alone to delete oversize mails on the server. I do so because I am too lazy to get mailfilter up on Woody. What do you do about legitimate attachments sent to you? -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: OT: Re: having reponse problem
Travis Crump [EMAIL PROTECTED] [2003:09:22:01:27:52-0400] scribed: David Palmer wrote: On Monday 22 September 2003 10:55, [EMAIL PROTECTED] wrote: every time i turn on the computer. I think you are going to experience another one here. Regards, David. Spamassassin marked [EMAIL PROTECTED]'s message as spam and when I saw it in my caught spam box I couldn't justify to myself calling it a false positive. :) That was _exactly_ my response, too ; -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature
Re: Sieve script to filter today's MS annoyances
Arnt Karlsen [EMAIL PROTECTED] [2003:09:19:18:41:51+0200] scribed: On Fri, 19 Sep 2003 10:14:56 -0500, Kirk Strauser [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]: At 2003-09-19T03:33:53Z, Kirk Strauser [EMAIL PROTECTED] writes: OK, last iteration (I promise). Enough people have found this helpful, or at least amusing, that I'm posting my final script update. I'm using the MICROSOFT_EXECUTABLE block in SpamAssassin in junction with this script. Overnight hit rates look like: My script : about 4,000 emails SpamAssasin: another few hundred that snuck through My inbox : about 15-20 snip / ..hmmm, cool. And in .procmailrc'ese it is? No, but this one is: # Thank you, Kirk Strauser - 20030919 # Watch out for inadvertent line breaks # *ALWAYS* run spamassassin --lint header __MDS_Swen_A_0 From=~ /(email|inet|internet|mail|microsoft|ms|net|network)/i header __MDS_Swen_A_1 From=~ /(section|service|system)/i header __MDS_Swen_A_2 From=~ /^\s*(admin|administrator)\s*$/i header __MDS_Swen_A_3 Subject =~ /^\s*(advice|announcement|failure\s+report|letter|mail|notice|report)\s*$/i header __MDS_Swen_A_4 Subject =~ /^\s*(abort|bug|error)\s+\S+/i header __MDS_Swen_A_5 Subject =~ /^.*\s+(advice|announcement|letter|message|notice)\s*$/i header __MDS_Swen_A_6 Subject =~ /^\s*(mail:\s+|message|(returned|undeliverable|undelivered)\s+(mail|message))/i header __MDS_Swen_A_7 Subject =~ /^\s*$/ header __MDS_Swen_A_8 Subject =~ /^(critical|current|internet|last|latest|microsoft|net|network|new|newest|security)\s+/i header __MDS_Swen_A_9 Subject =~ /^.*\s+(pack|patch|update|upgrade)/i meta MDS_Swen_A ((( __MDS_Swen_A_0 __MDS_Swen_A_1 ) || __MDS_Swen_A_2 ) || ( __MDS_Swen_A_3 || ( __MDS_Swen_A_4 __MDS_Swen_A_5 ) || __MDS_Swen_A_6 || __MDS_Swen_A_7 ) || ( __MDS_Swen_A_8 __MDS_Swen_A_9 )) describe MDS_Swen_A MDS - Swen_A worm scoreMDS_Swen_A +10.0 -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . -- pgp0.pgp Description: PGP signature