Re: [expert] CNN video clips
Tim Sawchuck grabbed a keyboard and wrote: > > On Thu, 06 Nov 2003 14:50:56 -0700 > "Charlie M." <[EMAIL PROTECTED]> scribed on electronic parchment: >> >> This question got me curious so I went to CNN to look. I found that you >> can't view any of the videos if you run any "Pop-Up blockers." Or if you >> don't have "Real One Pass." Whatever that is... > > It's a monthly pay as you go service for A/V content with a proprietary > client that only runs on (2 points!) which OS?? Um, someone feel free to correct me if I'm wrong here, but I could have sworn that Real make a version of the real media player which runs under Linux --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Help - my box has been compromised!
Lyvim Xaphir grabbed a keyboard and wrote: > > On Thu, 2003-11-06 at 00:18, David E. Fox wrote: > > > > I was under the impression postfix was relay proof - any > > advice will be helpful... It pretty much is, as long as you didn't break something mucking around with the configuration files. "Out of the box," it has relaying turned off. You have to do things to it in order to open it up. Check your config files. > My advice, which again will look like a cop-out, but in actuality is > very serious, is that you switch to qmail. Vincent Danen, rpmhelp.net Oh yea, qmail is great. If you happen to like pain. --Dave (And yes, I've administered sites running qmail. I'll take postfix every time.) -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] 9.2 made slashdot
KevinO grabbed a keyboard and wrote: > > http://slashdot.org/article.pl?sid=03/10/25/1737244 I get "Page cannot be displayed." --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Help please! Cannot stop this spam
Bryan Phinney grabbed a keyboard and wrote: > > The fetchmail log should be telling you what the error code is from Postfix > but if I had to guess, I would say it is a 501, fetchmail normally counts 55? > codes as spam rejects by default. Not on *my* system, it didn't. :-) I had to put it in to cause fetchmail to behave itself when running into those. > Line should show: > > poll mail.whatever.com with proto whatever > user '[EMAIL PROTECTED]' there with password 'password' is 'localuser' here > antispam 554,550,501 Just a note for anyone reading: The "user" part above is for how you normally login to your POP or IMAP server to retrieve your mail. If you're using an ISP that has a login method of using your E-Mail address with them, then [EMAIL PROTECTED] is correct. If you're using a server that just requires a username, *don't* add the @domain.com part (I.E. don't use your address to login unless your provider requres that as your login). > Add that line and you should no longer see those errors or have misconfigured > spam piling up in your inbox. Only other way that I know of is to run > Fetchmail configured to flush the box which removes all messages that were > seen but no delivered. This is dangerous and could result in your losing > messages due to Postfix being down when fetchmail tries to pick up mail. > Another option is to periodically run fetchmail to pick up mail, then reload > fetchmail in flush mode to flush misconfigured messages, then rerun fetchmail > in normal mode. You could do this once a week but in the meantime would get > all those errors in your syslog. Last option is to simply bitbucket all > fetchmail-daemon notifications with procmail. That last option is kinda dangerous, though. :-) If you got other fetchmail errors, you would never know about them (Not saying don't do it if it's really needed, just be aware... :) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Help please! Cannot stop this spam
Praedor Atrebates grabbed a keyboard and wrote: > > I have logged directly into my popmail server (yahoo) via the web and find > that the spam message isn't being repeatedly sent - the same message is > causing a problem over and over. Yahoo tagged it as spam and put it in my > bulk mail folder on their site. When fetchmail retrieved messages, it would > apparently have problems with that message and send me the error message > email instead of the actual spam. > > I am not sure why...is there a way to fix fetchmail so it wont do this > anymore? Instead of having a problem with a message and sending me a > bazillion error messages every time it sees the undelivered/undeliverable > message/spam, can I not just set fetchmail to dump the message? Yes, if fetchmail sees an error from your local MTA, it tends to not delete the message from the remote site, because it thinks there's a problem. You *can* tell it what a spam reject on your local MTA is, however. For example, I've got a few checks at the postfix level that will reject a detected spam message before it ever *gets* to the user's mailbox. As such, spamassassin isn't coming into play yet. Spam that it detects, it rejects with a 550 error code. You can tell fetchmail that a given error code (or range of codes) is a spam reject and to not attempt redelivery (I.E., it will go ahead and delete the message from the remote server). Here's what I have in my .fetchmailrc to do this: set postmaster "postmaster" set bouncemail set no spambounce set properties "" poll with proto IMAP user '' there with password '' is '' here antispam 550 That last line ("antispam 550") tells it that a 550 code coming from postfix on my machine is a spam reject. It will then quietly delete the message from the far end as though it had delivered it. Try putting in the reject code that you're seeing at your end from your local postfix/qmail/sendmail daemon, and see if that helps. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Spamassassin help request: Resolved
Praedor Atrebates grabbed a keyboard and wrote: > > Thanks for the reply but the problem was: > > I had a ~/.fetchmailrc. It worked so long as I started fetchmail myself. > If I tried to start fetchmail thus (as root) "/etc/init.d/fetchmail start" > or if I started up MCC and then tried to start fetchmail from xservices I > got the same result: failure. In my logs I would get a message that > there was no mailserver specified. I DID have a mailserver specified in > my .fetchmailrc. I then opened up webmin and saw my personal fetchmail > entry there yet fetchmail service would not start for "lack" of a > mailserver to poll. > > Only after I copied my personal .fetchmailrc to /etc/fetchmailrc could I > start fetchmail as a daemon in xservices and have it run properly at each > startup. It didn't seem to care at all that I actually did have a valid > ~/.fetchmailrc file and that it did contain a valid mailserver. This is > why I asked the original question about how to get /etc/fetchmailrc setup > instead of ~/.fetchmailrc (the latter wasn't working). > > - From your reply, I assume I should never have received the error I > received - that fetchmail should have started up as a daemon without > problem and simply used my personal .fetchmailrc. But it didn't. Ok, my goof. That's what I get for trying to help when I've just woken up. :-) Bryon posted a message about how to point your fetchmail daemon to the rc file of your choice, you can use that. Or as I mentioned, you can start it from a cron job that runs every 5 minutes to have it poll your server that often. Since it would be running as you, it would be no different than if you started it yourself from a shell prompt. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Spamassassin help request: Resolved
Praedor Atrebates grabbed a keyboard and wrote: > > Thanks all, I have it working in a desireable fashion now. > > I am once again using fetchmail + postfix and, now, spamassassin to deal > with my incoming mail. Procmail is properly directing a subset of my mail > to my mailbox directly and passing the rest through spamassassin - and a > 30+ second delay for spamassassin processing isn't a problem. Procmail is > also /dev/nulling all emails identified as spam so I never have to see any > of it. Nice. > > A new question now. Fetchmail gave me a bit of a fit at first. I ran > fetchmailconf as user and then ran fetchmail as user and this was fine, > except I'd rather not have to start fetchmail myself every time I start my > laptop up - I'd rather have it run as a daemon. I DID get the fetchmail > daemon working eventually, but only after manually editing > /etc/fetchmailrc. > As root or user, all running fetchmailconf would do is create a > ~/.fetchmailrc file while daemon mode requires /etc/fetchmailrc. I tried > doing it from webmin as well to no avail. In the end, I copied my > ~/.fetchmailrc file to /etc/fetchmailrc so that I could run the fetchmail > daemon. How does one normally setup the daemon instead of running > personal instances of fetchmail, that is, how is /etc/fetchmailrc normally > created? I am assuming that I should not have to do what I did above and > copy my personal .fetchmailrc to /etc/fetchmailrc. >From the man page for fetchmail: The --daemon or -d option runs fetchmail in dae- mon mode. You must specify a numeric argument which is a polling interval in seconds. In daemon mode, fetchmail puts itself in background and runs forever, querying each specified host and then sleeping for the given polling interval. Simply invoking fetchmail -d 900 will, therefore, poll all the hosts described in your ~/.fetchmailrc file (except those explicitly excluded with the `skip' verb) once every fifteen minutes. It is possible to set a polling interval in your ~/.fetchmailrc file by saying `set daemon ', where is an integer number of seconds. If you do this, fetchmail will always start in daemon mode unless you override it with the command-line option --daemon 0 or -d0. Only one daemon process is permitted per user; in daemon mode, fetch- mail makes a per-user lockfile to guarantee this. Normally, calling fetchmail with a daemon in the background sends a wakeup signal to the daemon, forcing it to poll mailservers immedi- ately. (The wakeup signal is SIGHUP if fetchmail is running as root, SIGUSR1 otherwise.) The wakeup action also clears any `wedged' flags indicating that connections have wedged due to failed authentication or multiple timeouts. The option --quit will kill a running daemon process instead of waking it up (if there is no such process, fetchmail notifies you). If the --quit option is the only command-line option, that's all there is to it. The quit option may also be mixed with other command-line options; its effect is to kill any running daemon before doing what the other options specify in combination with the rc file. Of course, if you're the only user, you can also setup a cron job for yourself to poll every 5 minutes or whatever, by simply running fetchmail from cron. HTH. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Mail server
Richard Bown grabbed a keyboard and wrote: > > that friend of my, is wanting to setup a mailserver, on his gateway > machine. > I use postfix here, which I dont think has any POP retrieval facilities. > He wants to be able to run it on his firewall/gateway machine and pull > all his mail from the ISP's POP server on to it, then POP it down to > individual machines on the LAN.. > As I'm going to have to go over there and set up, I'd like some guidance > which packages to use. Install the imap package, which includes a POP3 server. Install fetchmail, so that his box can do the POP3 fetch of his mailbox from his ISP. And of course install Postfix. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Cant Delete File
me grabbed a keyboard and wrote: > > Hello, I am hoping someone can give me some advice on how to delete a > file. > > Apparently the directory /usr/local/netscape/chrome/ got hosed and it > shows up > as a 2.2gb file and not a directory any longer. > > EXT3 file system, file system check shows no problem. > > The file shows OWNER: 35327 > and I can not create a user that starts with a number to delete it that > way. > > GROUP: 3277717500 (kde) > -10172497 (midnight commander) this may just be how shell and kde > display the number (signed number??) > > I added both of these groups and added root to both groups and I still > cant do > anything with the file. > > Any Suggestions?? > > Thank You > Jack Root can delete any file or directory in the system. What's stopping you from su'ing to root and deleting it that way? --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Dynamic dns
HaywireMac grabbed a keyboard and wrote: > > On Sat, 13 Sep 2003 16:59:18 +0200 > Benjamin Pflugmann <[EMAIL PROTECTED]> uttered: > > > Because in one case, they get free advertising (via their branding), > > in the other case, they do not. Or in other words: they use the > > freelancers using the branding domain name to attract people willing > > to pay for using own domain names. > > I see, but my old domain from noip was nodex.sytes.net, which told > no-one anything about NoIP...I fail to see the branding. Sure there is. Someone sees sytes.net and points there web browser there. Know what you get? The no-ip.com login page. :-) > However, they are free to do as they choose; but if Zoneedit does it for > free, why would anyone choose NoIP?! Because we appreciate the service they provide? By extension: Why would anyone pay for Mandrake, when you can download the entire distribution for free? Or Red Hat? Or SuSE? I don't pay for *every* version of Mandrake that comes out, because I'm terminally broke. :-) Once my finances straighten out, I plan to join the Club. And even with a club membership, I'll still pay for the occasional release. Why do all that when I can get it for free? Because I appreciate the distribution that they provide, and I want to support them how and where I can. Same goes for no-ip.com. I appreciate the service they provide, so I support them with an annual renewal fee that's on top of my domain registration fee. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Dynamic dns
HaywireMac grabbed a keyboard and wrote: > > On Sat, 13 Sep 2003 04:11:49 -0700 > "David Guntner" <[EMAIL PROTECTED]> uttered: > > > Personally, I don't have a problem with that. :-) It's not an > > unreasonable price they're asking. I use them, so I mentioned them as > > an option. > > Nothing against you, or your judgement, intended. :-) > > I just don't understand why using *their* name is free, while using your > own costs $. Because that's how they stay in business, given that they don't force ads down anyone's throat? :-) > If Zoneedit is free, and so far reliable, why not? No reason not to. From the initial information posted, I figured that maybe Zoneedit required a Windows-only client to do the update or something. I offered an option that I know of and am happy with. Nothing more. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Dynamic dns
HaywireMac grabbed a keyboard and wrote: > > On Fri, 12 Sep 2003 18:25:28 -0700 (PDT) > "David Guntner" <[EMAIL PROTECTED]> uttered: > > > > Check out www.no-ip.com. I use them, and have liked them for some > > time now. They deal with NAT just fine, and have a Linux updater > > client. > > but they charge you for using your own domain name (?!). Personally, I don't have a problem with that. :-) It's not an unreasonable price they're asking. I use them, so I mentioned them as an option. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Dynamic dns
Erik Evjenth grabbed a keyboard and wrote: > > I am migrating from Win XP to Mandrake Linux. > > My Apache web server is up and running > > I have a *simple* problem with dynamic IP and DNS: > > 0. Registered my domain for $7.95 with GoDaddy > > 1. My DNS is through Zoneedit.com (to support Dynamic DNS) > > 2. I use "Dynamic DNS Client 5.0" to update Zoneedit.com when my IP > address > changes > > This all works fine, but I have not found a Linux replacement for "Dynamic > DNS Client 5.0" > > Info: > My DSL box uses NAT, and is set up to forward http traffic to the web > server, so the IP address as seen by the internet is not the same as the > actual apache web server address. Guess the WAN ip address of the router > can be found with routetrace, or just query the speedstream router. > > How the IP address is sent to zoneedit.com is unkonwn to me. Check out www.no-ip.com. I use them, and have liked them for some time now. They deal with NAT just fine, and have a Linux updater client. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] iptables - any way to log?
Bill grabbed a keyboard and wrote: > > On Star Date Saturday 30 August 2003 11:17 am, David Guntner sent this > sub-space message. >> >> I am trying to use "-j REJECT" because I want to reject the packet. I >> also want to log it. However, I see that my problem was that I was >> trying to do a "-j REJECT LOG --log-prefix ..." on the command, which >> resulted in my getting an error message. Apparently you can't specify >> both. Tell me, if I do it as *two* commands, one with "-j REJECT" and >> one with "-j LOG", will *both* rules fire when an offending packet comes >> in? I.E., will it reject the packet and then log it? Or will it only >> act on whatever rule was entered first/last? > > Good question. Im still trying to see when I get a droped packet form an > ip that I have set to have its packets droped when it trys to connect. > Its an email server that has been sending out those .pif virus files. I > get logs for everything but havnt seen any that say droped. Maybe someone > here on the list knows whats up for that. Well, I kept digging through the man page, and found a note that said that if you want to log packets that you're rejecting, put in two rules. The first one should be the LOG rule, then the second should be the DROP or REJECT. So I guess the answer is found! :-) >>> I also use colorlogs.pl to colorize my log while I am using tail -f >>> this way I can see when I get a hit for iptables. I have it set for >>> bright red and if someone logs in as root it set as blinking bright red >> >> That sounds like a useful utility. Where can I get it? I could still use an answer to that last question. :-) I tried searching freshmeat.net, but a search for colorlogs.pl didn't turn up anything. Do you remember where you got it? --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] iptables - any way to log?
Bill grabbed a keyboard and wrote: > > You can look on the web for iptables log which is where I found what I > use. > > -A INPUT -i eth0 -p udp -m limit --limit 10/hour -j LOG --log-prefix > "IPTABLES UDP-IN: " Ah, ok. Now I see what I was doing wrong. I am trying to use "-j REJECT" because I want to reject the packet. I also want to log it. However, I see that my problem was that I was trying to do a "-j REJECT LOG --log-prefix ..." on the command, which resulted in my getting an error message. Apparently you can't specify both. Tell me, if I do it as *two* commands, one with "-j REJECT" and one with "-j LOG", will *both* rules fire when an offending packet comes in? I.E., will it reject the packet and then log it? Or will it only act on whatever rule was entered first/last? > I also use colorlogs.pl to colorize my log while I am using tail -f this > way I can see when I get a hit for iptables. I have it set for bright red > and if someone logs in as root it set as blinking bright red That sounds like a useful utility. Where can I get it? Thanks for the info! --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] iptables - any way to log?
Jack Coates grabbed a keyboard and wrote: > On Fri, 2003-08-29 at 13:51, David Guntner wrote: >> >> I'm setting up some iptables rules to block certain kinds of packets on >> my ML 9.1 machine. The man page talks about logging options to have it >> log to the syslog, but I can't seem to figure out the exact syntax to >> make it work. No matter how I try, I keep getting a bad option message >> in response. Does anyone know what the actual syntax is on an iptables >> command to have it log when that particular reject rule is fired? >> >>--Dave > > man iptables > /log > keep hitting / until you see something helpful. > > there is a page full of options. I already did that, hence the statement that "the man page talks about logging options." :-) Problem is, there are no practical *examples* of the syntax to use, and my reading of the section on logging didn't yield anything I could use. Hence my request here for an example syntax to use. > You've already got shorewall on there, it'll be a lot faster and safer > to just use it. Shorewall would be great if I wanted all kinds of fancy firewalling. But I'm behind a DSL router and that takes care of the vast majority of my needes. But I need to put three rules into iptables to take care of a specific need. The rules are already in place, in fact. However, I would like to be able to log traffic that's blocked if I can. So if you have some information on what the correct syntax is, I would appreciate an example - because I can't seem to come up with a syntax that works, going off of the man page. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] iptables - any way to log?
Hi all, I'm setting up some iptables rules to block certain kinds of packets on my ML 9.1 machine. The man page talks about logging options to have it log to the syslog, but I can't seem to figure out the exact syntax to make it work. No matter how I try, I keep getting a bad option message in response. Does anyone know what the actual syntax is on an iptables command to have it log when that particular reject rule is fired? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Microsoft drives people to Linux :-)
http://news.com.com/2008-1082-5065859.html Interesting story. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] OT - for shell mongers: how _not_ to list a file
Udo Rader grabbed a keyboard and wrote: > > If it were, some construct like the thing below could then list all files > in "/opt/too_many_files" except "no_not_this_one": > > % ls -l /opt/too_many_files/*{!no_not_this_one} > > Yes, I know this doesn't work, but is there any other efficient way to do > this in bash? ls -la /opt/too_many_files | sed '/not this one/d' --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to chroot jail a user?
Robert W. grabbed a keyboard and wrote: > On Thu, 2003-08-21 at 02:49, David Guntner wrote: >> Robert W. grabbed a keyboard and wrote:logging >> > On Tue, 2003-08-19 at 21:05, David Guntner wrote: >> > What about changing the shell to "/bin/false". Will that prevent themimplement >> > getting a login shell? >> >> If I can't login as the player set up to run the server, it will be kind >> of hard to start up screen and then start the actual server >> program :-) > > Sorry, I assumed the server was started through a script in /etc/init.d. > You could also use 'sudo' to start the server with the proper user. Then > you don't have to log in as that user. The nature of the Neverwinter Nights game server is such that it needs to be interactive for me to make manual settings changes on the fly. Therefor, an interactive shell is needed to start up screen (which keeps things running when logged out) and then run the server. Thus, doing something which prohibits logging in outright is not an option. As I said in my first message, this is not *that* big of a thing. I don't think that anyone can do something which would result in crashing the server process and ending up in a shell as a result. If there was a relatively easy way to chroot jail the user to its own home directory, I'd be all for it. But from what I've read in the other responses, it seems like it will be more trouble that it's worth to implement. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Dynamic DNS service provider
Miark grabbed a keyboard and wrote: > > I need to choose one, but I'm not sure _how_ to go about it. > All all the features pretty much the same from provider to > provider? Any recommendations? I like no-ip.com, myself. They've got a Linux updater that knows what to do with a broadband router (NAT). --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to chroot jail a user?
Robert W. grabbed a keyboard and wrote: > On Tue, 2003-08-19 at 21:05, David Guntner wrote: > > Jack Coates grabbed a keyboard and wrote: > > > > > > On Mon, 2003-08-18 at 22:47, David Guntner wrote: > > > > I have a user login name that is used to run a game server process > > > > (Neverwinter Nights, if it matters :). > > > > > > > > I don't know if it's possible for a remote user to crash the game process > > > > in a way which would leave them sitting in a shell, but since I don't know > > > > that the chances are 0%, I'm thinking that having the login name chroot > > > > jailed to its home directory would limit the damage that someone could do > > > > if they *did* somehow manage to end up in a shell via a server process > > > > crash. > > > > > > > > Is there a way to to this? > > > > > > Look at the user's line in /etc/password. At the end is the shell > > > they'll be given. chroot them there. > > > What about changing the shell to "/bin/false". Will that prevent them > getting a login shell? If I can't login as the player set up to run the server, it will be kind of hard to start up screen and then start the actual server program :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] efax formatted files into standard fax?
Eric Huff grabbed a keyboard and wrote: > > I am not sure, but i think the linux program efax is not compatible with > efax the company's .efx file. > Has anyone been able to open up www.efax.com docs in linux? > > I tried before to work this out and couldn't... Yea, that's pretty much what prompted my messagein the first place. :-) efax.com seems to be using a propriatary format in their .efx files, and they require you to use their Windows based program to open the file up. Joy. Conversion utilities would be neat. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to chroot jail a user?
Vincent Danen grabbed a keyboard and wrote: > > I don't think that will work as you'll need to be root to chroot IIRC. What > you could do is write a script that does the chroot and call it via sudo, > then do something like "/usr/bin/sudo /somescript/chrootuser" which does the > chroot call as root. > > You're right about the environment tho. You'll need to have a /bin/bash in > the chroot and then recreate the libs it wants or recompile it static. > > You could also use /bin/rbash which is somewhat better than just bash, but > not as nice as chroot (but a lot easier to setup). I look at the bash manpage, in the section which mentions rbash. Unfortunately, that's *too* restricted for my needs. :-) I need to be able to cd to directories within the user's home directory for the game server to actually work. Well, it was a thought anyway. Thanks for the suggestions, everyone. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] efax formatted files into standard fax?
Jack Coates grabbed a keyboard and wrote: > > crossover handles these like a champ -- costs some bucks, but it does > the job. Ok, so what is crossover, and where does one get it? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] efax formatted files into standard fax?
A friend of mine, who is also using Mandrake Linux 9.1, is one of those happy job hunters who has registered with Monster.com. This includes access to emailed FAXes sent via efax.com, where you can get Windows based software (only) that wants Internet Exploder, er, Explorer, loaded. Etc., etc., etc. Their file format is not a standard FAX format from what we can tell. So, is there software that can be used to convert an efax file into a standard tiff file (which can then be tiff2ps'd)? Any help would be, well, helpful. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to chroot jail a user?
Jack Coates grabbed a keyboard and wrote: > > On Mon, 2003-08-18 at 22:47, David Guntner wrote: > > I have a user login name that is used to run a game server process > > (Neverwinter Nights, if it matters :). > > > > I don't know if it's possible for a remote user to crash the game process > > in a way which would leave them sitting in a shell, but since I don't know > > that the chances are 0%, I'm thinking that having the login name chroot > > jailed to its home directory would limit the damage that someone could do > > if they *did* somehow manage to end up in a shell via a server process > > crash. > > > > Is there a way to to this? > > Look at the user's line in /etc/password. At the end is the shell > they'll be given. chroot them there. Er, all that does is just show me which shell they're logging in to use. I'm at a loss as to how that will restrict them to their own home directory as being / to them when logged in - thus keeping them away from the rest of the system. Could you please provide some specifics? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Any way to chroot jail a user?
I have a user login name that is used to run a game server process (Neverwinter Nights, if it matters :). I don't know if it's possible for a remote user to crash the game process in a way which would leave them sitting in a shell, but since I don't know that the chances are 0%, I'm thinking that having the login name chroot jailed to its home directory would limit the damage that someone could do if they *did* somehow manage to end up in a shell via a server process crash. Is there a way to to this? --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Postfix UCE Controls and Fetchmail
Bryan Phinney grabbed a keyboard and wrote: > > Not sure if this is the right list for this type of question but I will > plunge in anyway. I am running Postfix 2.04 on my Linux system and using > Fetchmail to pull down mail from my ISP and inject it into Postfix. I > have local aliases setup for all of the ISP accounts so the mail comes in > from the ISP mail address and is then routed to the local address. > > What I am trying to do is to get Postfix to use RBL checks to bounce mail > when it comes from a DNSBL listed address. I am currently using Procmail > and Spamassassin for filtering but the DNSBL filters in Spamassassin don't > seem to be working at all since mail is never tagged when it comes from a > DNSBL listed spammer. I suspect that it is seeing the headers from my > ISP as the originating source due to Fetchmail and is therefore deciding > that blocklisted spam is actually from my ISP and thus okay. > > I also suspect that the Postfix RBL client restrictions are failing for > much the same reason, it reads the ISP headers and decides that the mail > is okay. > > Has anyone on the list implemented a solution that enables DNSBL filtering > from Postfix when mail is injected with Fetchmail, or even some method of > directly checking DNSBL from Procmail and rejecting the mail there? I don't know if there's anything that will do what you want, but your assumption here is correct - a DNSBL lookup is going to take place against the IP address of the site connecting to you to send you mail. Anything other than that, it doesn't know. When fetchmail is running, it connects to the localhost SMTP port to let your MTA handle the final delivery - so the only connection that is happening at that point is from your own address. Hopefully, someone out there will know of something that can figure out what Received: line to check in order to do a lookup. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] k3b & CD writer
Todd Lyons grabbed a keyboard and wrote: > > David Guntner wanted us to know: >> >>meantime, question: Why does doing something to make it think that's an >>IDE device is a SCSI device make this work better? Is there any reason >>that I would *need* to do that for the DVD ROM? > > In the words of the great Jeff Garzik, "because the cdrecord author > refuses to rewrite the code." That's why other people have been > distributing patches to cdrecord to make it use the packet layer of the > ide devices directly. (I may be mixing terminology, sorry) The new 2.6 > kernel will no longer use an ide-scsi layer. So that means that the kernel will handle this itself at that point? BTW, do I want /etc/fstab to list the device as "ro" or "rw"? --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] k3b & CD writer
Larry Sword grabbed a keyboard and wrote: > > 1. Take a look at your /etc/fstab file. see if you have and entry for > "none /mnt/cdrom2 supermount ... > > 2. Look in the file /etc/lilo.conf and that you have an append line that > has the cdwriter as "hdd=ide-scsi". This will id it as a cdwriter. You > ca also set the regular cd or dvd as scsi by placing in in the append > line "hdc=ide-scsi". > *** By making changes in the lilo.conf file you must run (as root) lilo > -v *** Then reboot > > 3. Check in the /dev folder to insure you have the links for @cdrom, > @crdom0, @cdrom1 pointing to the correct device. Say /dev/cdroms and /or > /dev/scsi/host0/bus0/target0 or target1. > > 4. Once thing are set correctly you should rerun K3b Setup. > > I have supermount and K3b runs flawlessly. At Todd's suggestion, I'm going to give gcombust a try, but should I decide I don't like that, I'm willing to give k3b another look. In the meantime, question: Why does doing something to make it think that's an IDE device is a SCSI device make this work better? Is there any reason that I would *need* to do that for the DVD ROM? Thanks. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] k3b & CD writer
Todd Lyons grabbed a keyboard and wrote: > > David Guntner wanted us to know: > >>Now, when running k3b to try to burn some tracks or whatever, when I >> start >>the program, I first get a pop-up window saying that it can't find a file >>called /nonemntcdrom2, which I click on OK to get rid of. When going >> into > > Known issue with k3b. You must disable supermount. Ah. In the back of my head, I *was* wondering if maybe this was a supermount thing. BTW, in /etc/fstab, should I leave the entry for the burner as ro, or should I change it to rw (since technically, it *is* a writable device)? > k3b is not very good as far as I'm concerned. gcombust does everything > I want and more. Thanks for the suggestion. I'll remove k3b and install gcombust and see how it goes. Does gcombust also have a problem with supermount, or does it know how to play nicely? --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] k3b & CD writer
I've got something weird going on and hope someone can help me out here. I'm running ML 9.1 with the latest version (from the update site) of the various packages. I've got a CD Writer (HP 9100i) installed in the slave on the secondary IDE controller. Mandrake sees it and harddrake configured it to mount on /mnt/cdrom2. When running harddrake, it sees the device as /dev/hdd, and claims that it is a cd burner device. So far, so good. Now, when running k3b to try to burn some tracks or whatever, when I start the program, I first get a pop-up window saying that it can't find a file called /nonemntcdrom2, which I click on OK to get rid of. When going into the k3b configure screen (from the option menu), it shows both of my CD drives (one a DVD ROM and the other the CD writer), and it even identifies both devices by name and so on. But they both show up under the CD Reader tree. The CD Writer tree is empty. So the question is, how do I get k3b to recognize the CD writer as a CD writer? Any help/pointers/etc. would be appreciated. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Oh, and BTW...you guys owe SCO $1399.00
Lyvim Xaphir grabbed a keyboard and wrote: > > For the copy of Mandrake you now have. Wait...check that: it's $1399.00 > for every CPU that's running a copy of kernel 2.4 or above. > > Who's ready to pay? That's all part of their FUD campain. They may try to charge for it, but there's no way they can sue for it. Say I write a book and publish it. Then along comes publisher B who takes huge sections of my book and publishes it under another name, which is clearly copyright violation. You bought the book from publisher B. Can I sue you for copyright infringment because you purchased and read the book? No. But I can go after publisher B. I've seen that very analogy presented by various legal analysts. They want to slow the adoption of Linux in corporate environments (since Linux is beating UNIX by far more than it is Windows in those environments), and hopes that there will be companies that will pay rather than take a chance of being sued for copyright violation. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Procmail configuration sample
Stefano Pogliani grabbed a keyboard and wrote: > > could someone help me posting a PROCMAIL sample for mails delivered > under /var/spool/mail/userrname ? > > I am using IMAP folders (not courier-imap but the standard imap package > delivered with Mandrake) for storing the mails after reading them from > the /var/spool/mail/username. So the rules should move mails into these > Imap folders. What specifically is it that you want done? Procmail, by default, drops all mail that isn't directed somewhere else via a recipe into $DEFAULT, which on most systems is already /var/spool/mail/{username}. So I, for one, don't understand what it is that you're wanting to do here :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Kernel Update - NVIDIA Driver Problem
Jeffrey Litterick grabbed a keyboard and wrote: > > My question is what is the best way to get the NVdriver module loaded > correctly in the new kernel. For right now I changed my X driver from > NVIDIA to nv and it works but I lost all 3d acceleration. > > I would like to avoid if possible downloading the raw files from the > NVIDIA site since the current driver was working fine until I upgraded the > kernel. Do it anyway. :-) That way, you have a current module, compiled for your runnng kernel, installed and being used. You'll probably get better performance that way. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Root/SU Exit
Felix Miata grabbed a keyboard and wrote: > > David Guntner wrote: > > > Nope. Control-D is simply used as an end-of-file indicator. If you EOF a > > *lot* of different program inputs, it will end that program (or at least, > > end it from looking for further input :). In the case of a shell prompt, > > it's *only* looking for input from you, so if you EOF it, it assums that > > you're done and closes. > > I think Ctrl-D was selected 30+ years ago to mean EOF as a keyboard > mnemonic to D for disconnect (teletype/modem/EOT), as opposed to E or Z > for end or S for stop or Q for quit. M$-DOS (much younger than *nix) > does use Ctrl-Z/F6 to mean EOF. My first computer job had me running a system with a teletype (paper tape punch/reader included :). It's been a LONG time, but I think that the D key showed "EOD" on it (now that I try to recall :), as in End Of Data. Thus, ^D ended your input. Ah, memories :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Root/SU Exit
Anne Wilson grabbed a keyboard and wrote: > > On Friday 01 Aug 2003 5:49 pm, Felix Miata wrote: > > > > This is the old fashioned way, something I learned in 1973. > > Hmmm - I suppose the 'd' stood for something? Nope. Control-D is simply used as an end-of-file indicator. If you EOF a *lot* of different program inputs, it will end that program (or at least, end it from looking for further input :). In the case of a shell prompt, it's *only* looking for input from you, so if you EOF it, it assums that you're done and closes. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to turn off Bootsplash & mdkKDM?
Felix Miata grabbed a keyboard and wrote: > > I don't do it often, but the usual reason is not remembering or not > being able to figure out how to do some kind of configuration in bash > that Mandrake provides GUI tools to do easily. I've never figured out > the ramifications of doing su in a normal login to do such things, so I > just don't. FWIW, I've found that the ramification for bringing up most of the Mandrake configuration tools (for example, Mandrake Control Center started either via the K menu or by typing "drakconf" from a shell window) from a non-privileged shell is that you get prompted to enter the root password before it continues. :-) --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to turn off Bootsplash & mdkKDM?
Bill Mullen grabbed a keyboard and wrote: > > The first rule of thumb on any Linux or *nix-based system is, "Do as root > only that absolute bare minimum that /must/ be done as root." What he said. Remember, when you are running as root, disaster is one typo away. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to turn off Bootsplash & mdkKDM?
Felix Miata grabbed a keyboard and wrote: > > Cute: > > #urpmi kdebase-kdm-3.1-83mdk.i586.rpm > The following packages have to be removed for others to be upgraded: > kdebase-3.1-83.3mdk (due to unsatisfied kdebase == 3.1-83mdk) > kdebase-devel-3.1-83.3mdk (due to unsatisfied kdebase == 3.1-83mdk) > kdebase-nsplugins-3.1-83.3mdk (due to unsatisfied kdebase == 3.1-83mdk) > do you agree ? (Y/n) > > So now what should I do? You've applied updates to KDE (which is good). You need to get the latest version of kdebase-kdm so that the versions match. You should be able to find the rpm at any mirror site, or I expect that even www.rpmfind.net has it. Download it and "rpm -Uvh" it. Then all will be in sync. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to turn off Bootsplash & mdkKDM?
Ronald J. Hall grabbed a keyboard and wrote: > > I much prefer seeing everything that is going on. I even put "noquiet" in > there so I can see some hardware goodies during bootup. :-) "noquiet" in where? Yes, I figure /etc/lilo.conf, but which line? Sounds like my kind of option :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to turn off Bootsplash & mdkKDM?
James Sparenberg grabbed a keyboard and wrote: > > On Wed, 2003-07-30 at 16:20, Steffen Barszus wrote: > > > > For the first: > > drakboot => using theme for console, take the cross out > > For the second: > > drakedm => choose the one you wish > > > > Both should be reachable over MCC > > or in your lilo.conf vga=[some number] changed to vga=normal Ah! Good catch. :-) I was about to ask him "what cross out?" Because I couldn't find anything on that menu to uncheck WRT bootsplash. Once you've set vga=normal in lilo.conf and run lilo, those options completely drop out of the drakboot program. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to turn off Bootsplash & mdkKDM?
Greg Meyer grabbed a keyboard and wrote: > > Just uninstall the bootsplash package > > urpme bootsplash > > [...] > urpme mdkkdm > > urpmi kdebase-kdm Well, that seems a bit of a brute-force approach, but I guess it will work. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] How to turn off Bootsplash & mdkKDM?
I've just installed ML 9.1 on a clean system, and discovered that it keeps the same graphic in place during the boot sequence that is there when lilo is letting you pick which system you want to boot. I don't mind the graphic around that, but I much prefer a boot up window (shows the various "ok" messages on just a plain-old text window). I can't seem to find where I can turn that off so that it uses plain-old text. Also, the X system seems to default to using mdkKDM as the window manager at login, and I want to use the KDM window manager so that things like the clock will actually show up in the login window when I've selected the clock from the control panel under login preferences. I can't seem to remember how I did it on my already-set up machine. :-) Can someone point me in the right direction, please? Thanks! --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Mandrake Update through MCC and new kernel
James Sparenberg grabbed a keyboard and wrote: > > On Mon, 2003-07-28 at 18:26, Avi Schwartz wrote: >> Mandrake should change their kernel installation instructions in the >> latest Security Advisory since they say there: >> >> "To upgrade automatically, use MandrakeUpdate. If you want to upgrade >> manually, download the updated package(s) from one of our FTP server >> mirrors and upgrade with "rpm -Fvh *.rpm"." > >Not quite... if you do Fvh... things could get real spooky. You > never upgrade or freshen a kernel.. It always has to be installed (ivh ) > otherwise all of the proper scripts to bind it to your computer will not > get run and the end result will be.. a bit bucket. Oh yea, foo. What he said. Like I said in *my* original reply to the poster, use -ivh to install the new kernel and -e to remove the old one. Quit confusing me! :-) --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Mandrake Update through MCC and new kernel
Avi Schwartz grabbed a keyboard and wrote: > > Mandrake should change their kernel installation instructions in the > latest Security Advisory since they say there: > > "To upgrade automatically, use MandrakeUpdate. If you want to upgrade > manually, download the updated package(s) from one of our FTP server > mirrors and upgrade with "rpm -Fvh *.rpm"." No argument there. :-) --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Mandrake Update through MCC and new kernel
stefmit grabbed a keyboard and wrote: > > Three machines running MDK 9.1: one of them prompts me with the existence > of a new kernel, the other two don't (via MCC --> Software Management --> > Mandrake Update). Is there a setup I may have missed on two machines, to > enable kernel updates to show up? I don't know why it showed up on the one, Mandrake screened kernels out of the Mandrake Update program. You don't WANT them to show up there, because then you might be temped to use MU to update a kernel. At which point, you end up with a *really* big mess on your hands. Download the kernel manually, then use rpm to install it (-ivh), not update. Remember to run lilo (assuming that's what you use for your boot loader) to put the new kernel into the boot sequence. When you're sure that the new kernel works, "rpm -e" the old kernel, edit /etc/lilo.conf to take references to the old kernel out and set the new kernel as the default, run lilo again, and you're done. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] ATTN MANDRAKE: Kernel update and then everything is world writable?
On Thursday 24 July 2003 08:25 am, Juan Quintela wrote: > > While vincent wakeup, I am uploading new kernel packages to: > > http://people.mandrakesoft.com/~quintela/updates/9.1/ Thanks for providing those so quickly, Juan. I'll be installing them shortly. :-) --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] ATTN MANDRAKE: Kernel update breaks msec
Vincent Danen grabbed a keyboard and wrote: > On Wed Jul 23, 2003 at 12:21:27PM -0700, David Guntner wrote: > > > (Again, this is in the hopes that someone from Mandrake is still reading > > this list) > > > > Well, at least partially. :-) > > > > In addition to the other error I reported regarding the new kernel (2.4.21- > > 0.24mdk) causing all files to be written as world writable, I noticed > > something else in my system processes. My morning E-Mail from my nightly > > cron jobs reported: > > > > /etc/cron.daily/msec: line 66: printf: `m': invalid format character > > /etc/cron.daily/msec: line 66: printf: `@': invalid format character > > /etc/cron.daily/msec: line 66: printf: `@': invalid format character > > /etc/cron.daily/msec: line 66: printf: `m': invalid format character > > > > Nothing has been changed in that file. This only showed up with the new > > kernel in place. Please go over the new kernel and release a bugfix for > > these two problems. Thanks! > > Ummm... let's be a little logical here. > > Why would you blame the kernel for something in msec? The kernel touches > /boot and /lib/modules... why would it have anything to do with msec? > > Did you look at line 66 of that file? What does it say? RPM_VA_CONFIG_DIFF="/var/log/security/rpm-va-config.diff" Same as always. > The previous issue could potentially be attributed to the kernel, but I > highly doubt it. This one I think attributing to the kernel is pretty > far-fetched. It might very well be. All I know is that the ONLY thing that I changed in my system last night was to install the new kernel. This morning, I get a notice about TONS of files (which get created all the time (news, mail, etc.) being world writable when they never used to be, and the /boot initrd image being world-writable now sure makes it look like that's the culprit. And then I get the other error message that I listed above. Now, I'm not into blindly blaming a kernel update for all my woes. :-) However, I *am* pretty good at putting 2 and 2 together. When the ONLY thing that changes is the kernel, and then weird things start to happen, I don't think it's unreasonable to suspect that the kernel update *might* be what's causing that sudden weirdness. Either way, I appreciate you guys looking into this. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] ATTN MANDRAKE: Kernel update and then everything is world writable?
Jack Coates grabbed a keyboard and wrote: > > On Wed, 2003-07-23 at 12:26, Vincent Danen wrote: > > On Wed Jul 23, 2003 at 11:56:14AM -0700, David Guntner wrote: > > > > > I hope someone from Mandrake is still reading this list. I got the > > > advisary for the new kernel in my mail, and installed the new kernel. > > > Since, then, any number of processes which used to write files that were > > > writable only by themselves (leafnode as user news, mailman as user mail > > > and so on) are now writing their files in a world readable setting. My > > > security logs this morning started reporting files in /var/spool/news, > > > /var/lock/subsys, /var/run, /var/lib/mailman/lists and so on as being > > > writable. Checking those directories, I find sure enough that everything > > > is -rw-rw-rw- -- clearly, this is not acceptable! Can someone please > > > look into this and fix it and issue a new kernel? This needs to not > > > continue to happen. When I su to the user IDs in question and do a umask > > > command, I see 0022 like it should be - so I can't see any reason why this > > > should be happening. > > > > We've not seen this at all during testing. Which kernel did you install? > > secure, up, smp, etc... uname -a would be good. > > Also, what are the filesystems in question? Unfortunately my mirrors in > GMT-8 still haven't caught up so I can't do any verification yet. Assuming I understand your question correctly, I'm using ReiserFS for all filesystems except /boot, which is ext2. If that wasn't your question, please clarify. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] ATTN MANDRAKE: Kernel update and then everything is world writable?
Vincent Danen grabbed a keyboard and wrote: Glad to see you're still on the list, Vincent. :-) > On Wed Jul 23, 2003 at 11:56:14AM -0700, David Guntner wrote: > > > I hope someone from Mandrake is still reading this list. I got the > > advisary for the new kernel in my mail, and installed the new kernel. > > Since, then, any number of processes which used to write files that were > > writable only by themselves (leafnode as user news, mailman as user mail > > and so on) are now writing their files in a world readable setting. My > > security logs this morning started reporting files in /var/spool/news, > > /var/lock/subsys, /var/run, /var/lib/mailman/lists and so on as being > > writable. Checking those directories, I find sure enough that everything > > is -rw-rw-rw- -- clearly, this is not acceptable! Can someone please > > look into this and fix it and issue a new kernel? This needs to not > > continue to happen. When I su to the user IDs in question and do a umask > > command, I see 0022 like it should be - so I can't see any reason why this > > should be happening. > > We've not seen this at all during testing. Which kernel did you install? > secure, up, smp, etc... uname -a would be good. uname -a won't be of any help now, because I've reverted back to the prior kernel (2.4.21-0.18mdk). Not smp, secure or anthing else. Just kernel- 2.4.21-0.18mdk. Same for the new version, which is 2.4.21-0.24mdk, which was installed from kernel-2.4.21.0.24mdk-1-1mdk.i586.rpm. > That is really really wierd. > > Just ran msec here and it just shows me that my initrd is world-writable so > I don't think your problem is due to the kernel. The initrd file never *used* to be world-writable Not until this release of the kernel, anyway. Personally, I would consider that a bad sign. > cc'ing this to Juan just so he can check as well. Me, too, so that he can see the followup. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] ATTN MANDRAKE: Kernel update and then everything is world writable?
I hope someone from Mandrake is still reading this list. I got the advisary for the new kernel in my mail, and installed the new kernel. Since, then, any number of processes which used to write files that were writable only by themselves (leafnode as user news, mailman as user mail and so on) are now writing their files in a world readable setting. My security logs this morning started reporting files in /var/spool/news, /var/lock/subsys, /var/run, /var/lib/mailman/lists and so on as being writable. Checking those directories, I find sure enough that everything is -rw-rw-rw- -- clearly, this is not acceptable! Can someone please look into this and fix it and issue a new kernel? This needs to not continue to happen. When I su to the user IDs in question and do a umask command, I see 0022 like it should be - so I can't see any reason why this should be happening. Thanks! --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] ATTN MANDRAKE: Kernel update breaks msec
(Again, this is in the hopes that someone from Mandrake is still reading this list) Well, at least partially. :-) In addition to the other error I reported regarding the new kernel (2.4.21- 0.24mdk) causing all files to be written as world writable, I noticed something else in my system processes. My morning E-Mail from my nightly cron jobs reported: /etc/cron.daily/msec: line 66: printf: `m': invalid format character /etc/cron.daily/msec: line 66: printf: `@': invalid format character /etc/cron.daily/msec: line 66: printf: `@': invalid format character /etc/cron.daily/msec: line 66: printf: `m': invalid format character Nothing has been changed in that file. This only showed up with the new kernel in place. Please go over the new kernel and release a bugfix for these two problems. Thanks! --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] redirect to /dev/null...how?
Praedor Atrebates wrote: > > I am now very confident in my spamassassin filtering - I haven't had any > misidentified spam for weeks. I have set a kmail filter to direct spam as > identified by spamassassin into my kmail trash folder but now would like to > skip right past this and simply direct the spam to /dev/null and not have to > deal with it at all. What is the correct means for doing this? In the past, > whenever I have tried to send filtered messages to /dev/null it fails and my > local mail folder starts filling up with system email warnings about not > being able to do it. > > I have tried, in kmail, redirecting to /dev/null and moving to folder > /dev/null but neither works. How would this be done in kmail? Let Procmail do it for you instead. In your .procmailrc file, put: :0: * ^X-Spam-Status: Yes /dev/null And you're done. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] command line to be executed every reboot
Octavi Fors grabbed a keyboard and wrote: > > I would like that a certain command line as > > chmod 666 /dev/v4l/video0 > > is executed every time I reboot my PC running MDK8.2. > > What should I do? > In which script under /etc should include such command line? Edit etc/rc.local and put that line at the end of it. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] What is sshd-restarter?
Greg Meyer grabbed a keyboard and wrote: > I asked this question on newbie, and I got no answer, so I'll repost here. > > Is anybody wiling to enlighten me as to what sshd-restarter does, and why > it runs every 5 minutes? It does exactly what the name implies. It checks for a dead ssh daemon, and restarts it. Typically, it never finds anything wrong and so it doesn't do anything. But it is small, and hurts nothing. Plus, if you're travelling and are depending on ssh for your way to login remotely, having the ssh daemon decide to die then when you can't directly do anthing about it is a Bad Thing. Thus, I've always left the ssh-monitor package in and running. Like I said, it has a really small footprint, so I consider it to be cheap insurance. :-) --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Parent vs Child
James Sparenberg grabbed a keyboard and wrote: > > No this is not spam for a talk show. :) I'm trying to find out how to > spawn a process from a shell script that becomes an independent Parent > process not a child process. Such so that if the Parent that spawns it > dies it doesn't die. What I need is to have the parent process spawn > the new process, then complete itself and die. While the child becomes > independent and continues it's life until it completes it's actions. man nohup. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Change default editor.
Christian Dysthe grabbed a keyboard and wrote: > > I would like to globally change the default editor in Mandrake 9.1 (vim I > think) to another one. How can that be done? I have been looking around and > been asking on IRC, but I am not able to make it work. To be clear: I > *never* want vim to open any file. I want another editor to simply "replace" > vim by default. In your .profile (.bash_login or whichever you have for setting up your various variables and things when you login), put the following lines: export EDITOR=joe export VISUAL=$EDITOR Replace "joe" with your editor of choice. The reason for putting both lines above is that some programs use $EDITOR and some use $VISUAL to see which editor you want. If you want to have a different "visual" editor in place, then set $VISUAL to that editor. I always want the same editor no matter which is being used by the program in question so I set them this way. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Kernel: i8253 too high?
James Sparenberg grabbed a keyboard and wrote: > > On Wed, 2003-05-28 at 17:43, David Guntner wrote: > > > > kernel: i8253 too high! Resetting > > > > (not 100% sure of the number, but it was close to that) > > > > That was the final entry on the screen. Everything else had stopped. Even > > my main console wouldn't respond when I moved the mouse and I had to hit > > the reset button to reboot. > > > > Anyone know what this message means? And maybe what can be done to keep it > > from showing up again? > > Is this a laptop? i82365 is a pcmcia chipset is why I'm asking. Nope. It's a Gigabyte motherboard inside a tower case. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Kernel: i8253 too high?
I had a tail -f going on my syslog, and I noticed an entry which said: kernel: i8253 too high! Resetting (not 100% sure of the number, but it was close to that) That was the final entry on the screen. Everything else had stopped. Even my main console wouldn't respond when I moved the mouse and I had to hit the reset button to reboot. Anyone know what this message means? And maybe what can be done to keep it from showing up again? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] daylight-saving time
Bill Mullen grabbed a keyboard and wrote: > > On Sun, 6 Apr 2003, Philip Webb wrote: > > > 030406 David Guntner wrote: > > > > > > One of your rc.d scripts sets the timezone (TZ) variable at boot time. > > > > seems not. > > It is probably based on the ZONE= setting in /etc/sysconfig/clock. Ah, you're right. Seems that Mandrake (and possibly other distributions?) does that. I'm used to the older UNIX way of doing it, which would use $TZ. The $TZ variable does still work for per-user use, though. I.E., if you're logged in as a regular user, you can set it to the timezone that you're in (I.E., if you're remote from the box and logging in from a different timezone, you can set TZ to the timezone that you're in, and when you do a command that shows you a date, like "date" or "ls", the times displayed will be in your local, $TZ set timezone). So that's what fooled me into thinking that Linux was still doing it that way. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] daylight-saving time
Philip Webb said: > > my computer's clock just made the change to N American EDT > automatically. is this controlled by Xntpd, which i have running, > or by something else in the Mandrake-Linux set-up (9.0rc1 currently)? i > can't find anything in the NTP document'n on the subject. At a shell prompt, type: echo $TZ What does it say? (That's usually what controls that action on a *NIX machine.) I never understand the named timezones that Mandrake provides, so I use the old style (I.E. PST8PDT as the timezone - that tells it I'm in pacific time, that's it's timezone +8, and that this area has daylight savings time in effect). If you live in an area that doesn't have daylight savings time, you can set it to EDT5 and it won't change. I think. :-) One of your startup rc.d scripts sets the timezone (TZ) variable at boot time. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] DMA on hard drives turned off?
Miark grabbed a keyboard and wrote: > > Your hdc and hdd are not harddrives, they're your CD drive and tape drive, > which have DMA turned off by default. The command you're looking for > > hdparm -d1 /dev/hdc > hdparm -d1 /dev/hdd Thanks for the command, and oh you're right! :-) For some reason, I thought it was listing my hard drives and wasn't paying that close attention I guess. I don't know if the tape drive supports DMA, so I think I'd better play it safe on that one. :-) I depend on that tape drive to back my system up. Thanks for the info. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] DMA on hard drives turned off?
Kwan Lowe grabbed a keyboard and wrote: > > On Thu, 2003-04-03 at 17:31, David Guntner wrote: > > > I seem to remember that there's a command you can stick in your rc.local to > > turn drive DMA on. Can anyone let me know what it is? And, of course, if > > there are any pitfalls I should be aware of regarding using it with any of > > the above three drives? Thanks for any info. > > The old way was to use hdparm in an init script. I believe that all > recent distros use /etc/sysconfig/harddisks for the same purpose. Thanks for the info, I'll check it out. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] DMA on hard drives turned off?
Hi, When doing a dmesg command, I've noticed the following entries: hda: Maxtor 6Y060L0, ATA DISK drive hda: DMA disabled blk: queue c03cb420, I/O limit 4095Mb (mask 0x) hdc: FX4821T, ATAPI CD/DVD-ROM drive hdd: Seagate STT2A, ATAPI TAPE drive hdc: DMA disabled hdd: DMA disabled hde: WDC AC310200R, ATA DISK drive hdf: QUANTUM FIREBALL ST6.4A, ATA DISK drive blk: queue c03cbcb8, I/O limit 4095Mb (mask 0x) blk: queue c03cbdf4, I/O limit 4095Mb (mask 0x) ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 ide1 at 0x170-0x177,0x376 on irq 15 ide2 at 0xbc00-0xbc07,0xb802 on irq 10 hda: host protected area => 1 hda: 120103200 sectors (61493 MB) w/2048KiB Cache, CHS=7476/255/63, UDMA(100) hde: task_no_data_intr: status=0x51 { DriveReady SeekComplete Error } hde: task_no_data_intr: error=0x04 { DriveStatusError } hde: host protected area => 1 hde: 20044080 sectors (10263 MB) w/512KiB Cache, CHS=19885/16/63, UDMA(33) hdf: task_no_data_intr: status=0x51 { DriveReady SeekComplete Error } hdf: task_no_data_intr: error=0x04 { DriveStatusError } hdf: 12594960 sectors (6449 MB) w/81KiB Cache, CHS=13328/15/63, UDMA(33) The question is, why would DMA on the hard drives be (apparantly) turned off? I'm pretty sure that the drives in question support DMA (which would speed up access, right?). (On a side note, I'm pretty sure it's making a mistake WRT hde - that drive is UDMA 66, and upon boot, when the IDE controller (PCI board) that hde and hdf are connected to comes up, it says ATA/66 for the first drive (hde). Unless the kernel just goes with the slowest drive in the chain and assumes that speed for both drives...?) I seem to remember that there's a command you can stick in your rc.local to turn drive DMA on. Can anyone let me know what it is? And, of course, if there are any pitfalls I should be aware of regarding using it with any of the above three drives? Thanks for any info. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] No sound in 9.1?
As a followup to provide more information, I've found that the "aplay" process shows up whenever I backspace enough to go past the beginning of the line that I'm on, in one of those Konsole shell windows that KDE provides you with. When I back up enough, an icon at the bottom of the window changes to a bell icon, but no sound is ever played. Running Top in another window shows that aplay shows up, consuming a considerable amount of CPU. It never stops until you kill it (kill -9). And as long as it's running, it's tieing up the audio device, so nothing else that wants to play sounds can do so. Argh. I don't think I even *had* alsa installed in my 9.0 setup. When I tried to uninstall the three packages related to alsa (to see if it would help), I got a message showing how many things depended on one of the libraries - half of the KDE libraries would have to be removed. Ugh. So it looks like I'm stuck with it. So the question now becomes: Is there a place in KDE where I can define that I want it to use "play" - not "aplay" - for producing sounds in Konsole (and anywhere else that KDE might want to use aplay). I've just "cheated" by renaming /usr/bin/aplay to something else, and made a link to /usr/bin/play called aplay (which seems to work), but I'd prefer to do something configuration-wise, if possible. :-) Regardless, replacing aplay with play seems to have done it for the time being. :-) --Dave David Guntner grabbed a keyboard and wrote: > > Mike grabbed a keyboard and wrote: > > > > On Friday 28 March 2003 12:56 am, Jack Coates wrote: > > > On Thu, 2003-03-27 at 21:27, David Guntner wrote: > > > > I've done a clean install of 9.1 on the machine which used to run 9.0. > > > > In 9.0, I had sound. In 9.1, only silence. No hardware has changed, so > > > > I'm kind-of hard pressed to figure out why I can't get any sound out of > > > > 9.1. > > > > > > if you run alsamixergui, are all the levels set to zero? > > > > When I installed 9.1 the sound was muted.I had to use one of the mixers to > > turn it up.It can be a little disconcerting until you figure it out. > > To say the least. :-) Someone commented that taking the "above" statement > ouf ot the modules.conf file solved the problem for him (when I posted the > message showing what is in that file. > > I tried that, and low-and-behold, when I logged in to KDE, I got the little > welcome "starting up" sound. I thought that it was fixed. But after that, > nothing but silence. Even when I logged out and logged back in - nothing. > > After logging out again from the main console, I ssh'ed in from another > computer, and I just happened to run "top." Low and behold, it showed a > process running with my user ID, called aplay, which was sucking up a > considerable amount of CPU. When I killed that process, all of a sudden I > heard the KDE greeting sound coming out of the speakers again (apparently > queued up from my previous login at the console). > > So it looks like when I log in, it's using aplay to play the greeting > sound. Unfortunately, aplay just gets stuck at that point never exits, > which leaves the sound device busy. > > Anyone have any ideas what's causing that? -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] No sound in 9.1?
Mike grabbed a keyboard and wrote: > > On Friday 28 March 2003 12:56 am, Jack Coates wrote: > > On Thu, 2003-03-27 at 21:27, David Guntner wrote: > > > I've done a clean install of 9.1 on the machine which used to run 9.0. > > > In 9.0, I had sound. In 9.1, only silence. No hardware has changed, so > > > I'm kind-of hard pressed to figure out why I can't get any sound out of > > > 9.1. > > > > if you run alsamixergui, are all the levels set to zero? > > When I installed 9.1 the sound was muted.I had to use one of the mixers to > turn it up.It can be a little disconcerting until you figure it out. To say the least. :-) Someone commented that taking the "above" statement ouf ot the modules.conf file solved the problem for him (when I posted the message showing what is in that file. I tried that, and low-and-behold, when I logged in to KDE, I got the little welcome "starting up" sound. I thought that it was fixed. But after that, nothing but silence. Even when I logged out and logged back in - nothing. After logging out again from the main console, I ssh'ed in from another computer, and I just happened to run "top." Low and behold, it showed a process running with my user ID, called aplay, which was sucking up a considerable amount of CPU. When I killed that process, all of a sudden I heard the KDE greeting sound coming out of the speakers again (apparently queued up from my previous login at the console). So it looks like when I log in, it's using aplay to play the greeting sound. Unfortunately, aplay just gets stuck at that point never exits, which leaves the sound device busy. Anyone have any ideas what's causing that? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] No sound in 9.1?
Anne Wilson grabbed a keyboard and wrote: > > On Friday 28 Mar 2003 5:56 am, Jack Coates wrote: > > On Thu, 2003-03-27 at 21:27, David Guntner wrote: > > > I've done a clean install of 9.1 on the machine which used to run 9.0. > > > In 9.0, I had sound. In 9.1, only silence. No hardware has changed, so > > > I'm kind-of hard pressed to figure out why I can't get any sound out of > > > 9.1. > > > > if you run alsamixergui, are all the levels set to zero? > > Quote from Derek Jennings' post to newbie list: > > This time Mdk installed the Alsa sound driver instead of the usual OSS driver. > It took me a while to realise that you have to use two mixers. Aumix has to > be set before Kmix has any effect. Both Aumix and Kmix default to 'mute' > (Perhaps one day someone will do something about that) Ugh. Ok, I've tried running aumix and kmix, found nothing. Tried to run alsamixer, and got a message saying "function snd_ctl_open failed for default: No such file or directory." Whatever the heck *that's* supposed to tell me. Is there a package that I'm missing that I should install? Should I just uninstall the also related RPMs outright? Why did Mandrake have to change the sound from something that worked to something that seems to be giving many people (judging from some of the comments) problems? :-) Any ideas on how to proceed next? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] No sound in 9.1?
James Sparenberg grabbed a keyboard and wrote: > > On Thu, 2003-03-27 at 22:49, Alan Shoemaker wrote: > > David Guntner wrote: > > > > > > I've done a clean install of 9.1 on the machine which used > > > to run 9.0. In 9.0, I had sound. In 9.1, only silence. > > > No hardware has changed, so I'm kind-of hard pressed to > > > figure out why I can't get any sound out of 9.1. > > > > i just experienced a similar problem. the cause was that kmix > > was showing incorrect settings. the pcm slider was showing > > 100% but when i ran aumix it showed pcm at 0%. i changed the > > slider settings using aumix and the sound problem was fixed. > > Been looking for the mail in cooker but can't find it. Since the card > type wasn't mentioned and just in case it's a SBLive it seems that some > SBLives are having trouble with the newer snd-emuxxx driver.. moving > back to the older version seems to solve the problem.. sorry I can't be > more specific can't find the dang e-mail. I don't think that applies, anyway. :-) I've got on-board sound. Gigabyte GA-7ZXE motherboard with a VIA KT133A chipset on it. It will emulate a soundblaster if it needs to. Alan, you mention kmix and aumix - can you be a bit more specific? Where do I find those to run them? They just programs that you can run from a shell window? Something else? I happened to have a copy of my /etc/modules.conf file from the 9.0 setup, which I was able to compare with the one that was created for 9.1. I noticed a slight difference in some of the lines. >From the 9.0 setup: alias usb-interface usb-uhci alias sound-slot-0 via82cxxx_audio alias eth0 tulip And from the new 9.1 setup: above snd-via82xx snd-pcm-oss alias eth0 tulip alias sound-slot-0 snd-via82xx probeall usb-interface usb-uhci (Question: What does "above" in a modules.conf file do?) I've edited the new modules.conf file and commented out the "above" line as well as the existing alias for sound-slot-0, and put in the alias for that from the old 9.0 setup. Once I have a chance to reboot, I'll see if that fixes the problem. If not, I'll keep playing with those settings a bit and see what comes of it. Wish me luck. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] No sound in 9.1?
I've done a clean install of 9.1 on the machine which used to run 9.0. In 9.0, I had sound. In 9.1, only silence. No hardware has changed, so I'm kind-of hard pressed to figure out why I can't get any sound out of 9.1. Anyone run into anything like this, and if so, how did you solve it? Any help/pointers/clues/RTFMs would be appreciated. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] ssl with apache2?
I've just installed ML 9.1 (and will be joining the club as soon as I've got 60 bucks free :), which installs Apache 2 by default. I don't mind using it (I think :), but I've got a question regarding configuring ssl for it. With Apache 1.3, it was fairly straight forward to configuring your own site certificiate with the stuff that appeared in the configuration directories. However, none of those directories or files seem to be present in Apache 2. At least, not in the places I'm looking for them. :-) So, does anyone know how to go about generating your own site certificate for use with Apache 2? As much detail as possible would be helpful. :-) Thanks in advance for any help. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] www.TrueMajority.com
Adolfo ortiz grabbed a keyboard and wrote: [A bunch of unrelated stuff] Oh god, *this* again And exactly what makes you think that this has anything at all to do with Linux, let alone Mandrake Linux. Everything in its place. This is not a political mailing list. Had I *wanted* to be on a political mailing list, I would have joined one. And I'm pretty sure the last time you posted this, it was requested of you that you don't do so in the future --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix rewrite, trying to rewrite email header
bascule said: > > i am trying to get postfix to rewrite one of the headers that appears in > all the emails i send, in every email i send incl. this one there is: > Received: from mycroft.excession (localhost.localdomain [127.0.0.1]) > by host.domain.tld (Postfix) > > as one of the first headers, mycroft.excession is the host machine name > but obviously doesn't resolve outside my local network > > i've tried editing /etc/postfix/main.cf to include: > canonical_maps = hash:/etc/postfix/canonical > > and edited canonical to read: > #lots of commented text > @mycroft.excession @test.cxm mycroft.excession is not generally considered a valid hostname, that I know of. :-) Neither is host.domain.tld. That one is set by postfix internally. In main.cf, there's a note: # INTERNET HOST AND DOMAIN NAMES # # The myhostname parameter specifies the internet hostname of this # mail system. The default is to use the fully-qualified domain name # from gethostname(). $myhostname is used as a default value for many # other configuration parameters. # #myhostname = host.domain.tld #myhostname = virtual.domain.tld Did you comment that out, by any chance? If not, then your hostname is set wrong, since gethostname() is returning that value. You can either set your host name properly, or add a "myhostname =" line with the hostname you want to show as that part of the Received: line. The "mycroft.excession" part (again, that's not considered correct for outside use - any connections outside your LAN) is what your machine is sending on its HELO greeting. Yea, it's greeting itself, but that's how it works. :-) But again, you really need to use something other than that for your hostname. A lot of sites out there require a valid hostname on the HELO greeting or they just say "bye" and close the connection (mine is one that's configured that way). The Received: line is showing what the HELO greeting was, what interface was connected to (in this case, localhost, which will return exactly what you're seeing there), and then "by" the host name it knows itself as, either from gethostname() or a "myhostname =" setting (again, you need to correct that). If your ethernet card has another IP address on it besides the loopback address 127.0.0.1 (I'm betting it does :), you *could* tell kmail to connect to that (I.E. 192.168.1.1 or whatever your address is), and *that* address will show up instead of the 127.0.0.1. I'm afraid there's not much you can do about that, other than giving your 192.168 (or 10. or whatever) address for the ethernet card a name in /etc/hosts, and then telling kmail to connect to that. Feel free to contact me off line if you want further clarification. Take a look at the headers of *this* message; hopefully it will help illustrate. Ignore the bottom-most Received: line, that's stamped by Squirrelmail (I'm remotely accessing my mail from elsewhere using Squirrelmail), and it provides that stamp. The one directly above that (rhpsfan.org) is what shows up. Squirrelmail is configured to use localhost port 25 for it's outgoing SMTP connection. Since I connected to localhost, the stamp shows localhost.localdomain 127.0.0.1 as the interface address, with rhpsfan.org in front of it since I've got postfix configured to just use my domain and not the FQDN on its HELO greeting. Had I configured Squirrelmail to connect to 192.168.0.102 (which is my address for my Linux machine behind the router), then that address and host name would have shown up there. Then there's a "by" part of the line which shows what my machine is from gethostbyname()(janet.rhpsfan.org). Hopefully, that was a little bit clearer than mud. :-) Again, if you want more clarification on what I'm trying to explain, feel free to contact me off list if you'd like. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] What is "z2"?
When running chkrootkit, I've been seeing a message saying: Checking 'z2' ... user apache deleted or never loged from lastlog! Everything else is clean, but I'm not real clear on what this one is about? What exactly is this, and are there other ways this situation can occur that don't involve someone compromising the apache user or whatever (I've got the current security patches in place for the web server)? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Does Linux impose a time limit on processes?
Hi, I'm running a Neverwinter Nights game server on my ML 9.0 box, which runs up quite a bit of CPU time. For example, after a day of running, "top" shows the time column entry for it with over 200 minutes. I leave the server running, but I've noticed that it has a habbit of just stopping after a while. No message in the syslog, no error messages of any kind in the nwserver logs, no nothing. It just goes away. Does the kernel impose some kind of time limit on processes that are running? Or some kind of max time on the user that's running it? I'm running a web-based application that uses "screen" to manipulate everything (I click on something in the web interface, and it runs an expect script that does a "screen -r" to reconnect to the session that's running the server in a shell, issues a command, end then displays the results in the web window). Does "screen" impose some kind of time limit, perhaps? Any information or ideas on where to look into this would be appreciated. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?ยก
Damian Gatabria grabbed a keyboard and wrote: > > Over here, we are taught that "is different from" is symbolized > with a striked-out " = " sign. Well, since my keyboard is missing the striked-out "=" key, "!=" will have to do. :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] What is 'wheel' is it safe & how do I use it?
Jim C said: > > Really? I mean if you create an admin user can't you then restrict root > from ever logging on? What do you mean by "create an admin user?" Root is root. For some things, you've *got* to be root to make them work. As to restricting root login, that's easy. Your sshd config file has an option called "PermitRootLogin" (or something similar). Set that to "no," and a direct root login will fail, even if they get the password right. For myself, I only allow members of group "wheel" to be able to su to root once they've logged in. That way, if someone takes advantage of some exploit in the web server to to end up in a shell as the apache user (as an example), they can try su'ing all day and even if they were to already know the root password, they wouldn't be able to get in. "sudo" is your friend. :-) Someone else mentioned simply setting /bin/su to group and owner executable with permissions turned off for "other," and then making it part of group wheel to do this, but I like limiting it to using sudo - that way, I've got a log entry of who did it and when. Not that I distrust any user that I would give root access to (if I did, they wouldn't get it :), but it's always nice to know when someone does something like that. --Dave Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Can't find my D: and E:
I'm completely at a loss for how this has anything to do with Mandrake Linux, or even Linux in general, in any way, shape, or form Emily Chan said: > Hello, > > I was trying to install winXP in my computer this week. I had win98 > then in C: and would want to keep it and install winXP in E:. After > install files were copied, the computer was restarted but then an > error occured, and I got to know I needed to disable my Goback (made > by Roxio)to avoid this error. So I disabled my goback, but then I > couldn't enter my win98 anymore. I booted it from the floppy and could > only go to DOS. And what surprised me was that under DOS, I only found > my C: (4G) and couldn't find D: (10G) and E: (6G), however, it could > detect that my whole disk is 20G (which is correct). I had it in my > other computer as the slave disk, I still couldn't find D: and E:. And > Goback can't be enabled either. So anyone knows how to find out my D: > and E:? Has anyone met such situation too? I would be so appreciate > for any info provided. > > //Tinka Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] [Attn Todd] MySQL not starting at boot
Todd, this person found what may have been causing the problem originally. You might want to fix the LSB comments part of the init script for MySQL and have it fixed for future releases. Now, on to replying to Martin Martin Fahrendorf grabbed a keyboard and wrote: > > Am Samstag, 19. Oktober 2002 21:51 schrieb David Guntner: > > This question was asked by someone else earlier, but I never saw a > > response. Sorry if one was given and I was just being blind... :-) > > > > I've done "chkconfig --add mysql" so I know it should be starting. When > > checking the comments at the beginning of the /etc/rc.d/init.d/mysql > > script, I see: > > > > # Comments to support chkconfig on RedHat Linux > > # chkconfig: 2345 90 90 > > # description: A very fast and reliable SQL database engine. > > > > Which says that it should be getting started in run levels 2 through 5. > > And yet, upoon booting, there's no mysql daemon running. I have to > > manually do a "/etc/init.d/mysql start" to bring it up. Checking the > > startup configuration, I find: > > > > # chkconfig --list mysql > > mysql 0:off 1:off 2:on3:off 4:on5:off 6:off > > > > Ok, so how come mysql is only set to come in in run levels 2 and 4, when > > the comments at the beginning of the script say 2 through 5? > > Hey, > > a little late, but I found the sollution. Better late than never, I guess. :-) > The 'off' in runlevel 3 and 5 is caused by the lsb stuff. somewhere in > the mysql file in /etc/init.d there are the lines > > # Default-Start: 3 5 > # Default-Stop: 3 5 > > but they should be > > # Default-Start: 2 3 4 5 > # Default-Stop: 1 6 > > I is obvious, now, why runlevel 3 and 5 does not start mysql. Its a Bug in > the mysql init-script. That's certainly good to know about. I hope Mandrake takes note and fixes this in a future release. I've checked my /etc/rc.d/init.d/mysql script, and those lines were sure there in the LSB section. Someone provided me with another solution way back when this was first brought up, which was to basically brute-force chkconfig by doing a "chkconfig -level 2345 mysql on" so that it wouldn't bother checking the run levels in the script, but would instead use what was provided on the command line. Thanks for pointing this out! --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Postfix overrides not working....
I'm using header_checks and body_checks to help do some spam filtering. I want to have it listen on another port than 25 as well, for unfiltered processing (when I get spam via a POP3 fetch from another account, it's hard to report said spam when your mail server filters and rejects it :). In /etc/postfix/master.cf, I've set the following lines: {xx} inetn - y - - smtpd -o content_filter= -o header_checks= -o body_checks= -o myhostname={different hostname for testing} -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject Where {xx} is the port number I'm telling it to listen on (and it's behind a firewall, so unless you're on the local network, you can't get to that port). When I connect to that alternate port, I get my SMTP greeting and can send mail. The problem is that it's still filtering based on the header_checks, etc., that's setup in my main.cf file. For some reason, the overrides don't seem to be taking, other than for myhostname (at least, the SMTP greeting banner shows the test hostname I've put in there for debugging purposes). Anyone have any ideas why this isn't working? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Anyone know what's up with rpmfind.net?
James Sparenberg grabbed a keyboard and wrote: > > Two options... www.rpmfind.net is a different server from rpmfind.net... > If that doesn't help pbone.net... many of the same functions different > system altogether. Weird that they're different. But it works. :-) Thanks. I'll check out pbone.net as well. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Anyone know what's up with rpmfind.net?
Robert Crawford grabbed a keyboard and wrote: > > Try right clicking on the link, and then "save link as"- then you'll get a > window with the choice of where to save your package. The problem is that it's not the download link that's not working - it's the link that takes you to the package description. I.E., the one ending with a .html in the file/link name. I'm not sure how downloadable that will be... :-) --Dave > On Thursday 05 December 2002 05:38 pm, David Guntner wrote: > > rpmfind.net is listing packages, but when you click on any of them, you get > > a "page doesn't exist on this server" type of message. It seems that it's > > not just Mandrake packages that this is happening with, either. > > > > Anyone know what's going on over there? > > > > --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Colortail. A wonderful tool for adding color to your syslog or any other text file!
Jordan Elver grabbed a keyboard and wrote: (You need to set your mail program so that it doesn't set a Reply-To: line...) > It's not actually that exciting :) It's tail but with colours, so your logs > come out in colur when you view them. > > Get it from: > http://www.student.hk-r.se/~pt98jan/colortail.html > > And the patch to make it compile on 9.0 from: > http://prdownloads.sourceforge.net/colortail/colortail-0.3.0-gcc3.patch.gz?download Well, that could be useful. :-) Thanks for the information, I'll check it out. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] named: lame server?
Todd Lyons grabbed a keyboard and wrote: > > David Guntner wrote on Thu, Dec 05, 2002 at 02:47:21PM -0800 : > > > > Of late, I've been getting TONS of "named: lame server resolving " > > messages anytime a DNS lookup takes place locally. I've got the caching > > nameserver package installed, with BIND9. ML 9.0. Anyone have any ideas > > what would be causing this? My syslog is starting to get really > > crowded :-) > > Post the messages. Ok, here's a sample: Dec 5 16:19:43 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org' (in 'blitzed.org'?): 66.45.120.62#53 Dec 5 16:19:43 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org' (in 'blitzed.org'?): 207.8.219.201#53 Dec 5 16:19:43 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org' (in 'blitzed.org'?): 194.196.163.7#53 Dec 5 16:19:43 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org' (in 'blitzed.org'?): 205.158.174.201#53 Dec 5 16:19:43 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org' (in 'blitzed.org'?): 140.186.128.222#53 Dec 5 16:19:43 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org' (in 'blitzed.org'?): 192.148.252.53#53 Dec 5 16:19:44 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org.rhpsfan.org' (in 'rhpsfan.org'?): 166.90.15.234#53 Dec 5 16:19:44 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org.rhpsfan.org' (in 'rhpsfan.org'?): 166.90.15.235#53 Dec 5 16:19:44 janet named[1144]: lame server resolving '53.43.67.66.opm.blitzed.org.rhpsfan.org' (in 'rhpsfan.org'?): 64.39.31.103#53 Dec 5 16:19:44 janet named[1144]: lame server resolving '53.43.67.66.korea.services.net.rhpsfan.org' (in 'rhpsfan.org'?): 166.90.15.234#53 Dec 5 16:19:44 janet named[1144]: lame server resolving '53.43.67.66.korea.services.net.rhpsfan.org' (in 'rhpsfan.org'?): 166.90.15.235#53 Dec 5 16:19:44 janet named[1144]: lame server resolving '53.43.67.66.korea.services.net.rhpsfan.org' (in 'rhpsfan.org'?): 64.39.31.103#53 Dec 5 16:19:44 janet named[1144]: lame server resolving '53.43.67.66.dnsbl.njabl.org' (in 'dnsbl.njabl.org'?): 209.208.0.97#53 Dec 5 16:19:45 janet named[1144]: lame server resolving '53.43.67.66.dnsbl.njabl.org' (in 'dnsbl.njabl.org'?): 209.208.0.96#53 Dec 5 16:19:45 janet named[1144]: lame server resolving '53.43.67.66.dnsbl.njabl.org.rhpsfan.org' (in 'rhpsfan.org'?): 166.90.15.235#53 Dec 5 16:19:45 janet named[1144]: lame server resolving '53.43.67.66.dnsbl.njabl.org.rhpsfan.org' (in 'rhpsfan.org'?): 166.90.15.234#53 Dec 5 16:19:45 janet named[1144]: lame server resolving '53.43.67.66.dnsbl.njabl.org.rhpsfan.org' (in 'rhpsfan.org'?): 64.39.31.103#53 Dec 5 16:19:46 janet named[1144]: lame server resolving '55.68.74.204.bl.spamcop.net' (in 'bl.spamcop.NET'?): 64.113.39.10#53 Dec 5 16:19:46 janet named[1144]: lame server resolving '55.68.74.204.bl.spamcop.net' (in 'bl.spamcop.NET'?): 194.109.6.147#53 Dec 5 16:19:46 janet named[1144]: lame server resolving '55.68.74.204.bl.spamcop.net' (in 'bl.spamcop.NET'?): 65.242.88.99#53 Dec 5 16:19:46 janet named[1144]: lame server resolving '55.68.74.204.bl.spamcop.net' (in 'bl.spamcop.NET'?): 205.231.29.242#53 Dec 5 16:19:47 janet named[1144]: lame server resolving '55.68.74.204.mail.services.net' (in 'mail.services.NET'?): 208.31.42.99#53 Dec 5 16:19:49 janet named[1144]: lame server resolving '241.28.13.206.relays.ordb.org' (in 'relays.ordb.org'?): 194.239.134.82#53 Dec 5 16:19:49 janet named[1144]: lame server resolving '241.28.13.206.relays.ordb.org' (in 'relays.ordb.org'?): 194.255.24.145#53 Dec 5 16:19:49 janet named[1144]: lame server resolving '241.28.13.206.relays.ordb.org' (in 'relays.ordb.org'?): 130.226.1.4#53 Dec 5 16:19:49 janet named[1144]: lame server resolving '241.28.13.206.relays.ordb.org' (in 'relays.ordb.org'?): 193.162.159.97#53 Dec 5 16:19:49 janet named[1144]: lame server resolving '241.28.13.206.relays.ordb.org' (in 'relays.ordb.org'?): 216.240.41.21#53 Dec 5 16:19:49 janet named[1144]: lame server resolving '241.28.13.206.relays.ordb.org' (in 'relays.ordb.org'?): 195.86.49.227#53 Dec 5 16:19:49 janet named[1144]: lame server resolving '241.28.13.206.relays.ordb.org' (in 'relays.ordb.org'?): 212.242.41.170#53 Dec 5 16
[expert] named: lame server?
Of late, I've been getting TONS of "named: lame server resolving " messages anytime a DNS lookup takes place locally. I've got the caching nameserver package installed, with BIND9. ML 9.0. Anyone have any ideas what would be causing this? My syslog is starting to get really crowded :-) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Anyone know what's up with rpmfind.net?
rpmfind.net is listing packages, but when you click on any of them, you get a "page doesn't exist on this server" type of message. It seems that it's not just Mandrake packages that this is happening with, either. Anyone know what's going on over there? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to set passwords to NOT expire?
Larry Sword grabbed a keyboard and wrote: > > Oh, and the setting is in /etc/sysconfig/msec file. > TMOUT=0 # for never expire Actually, that environment variable is for setting the shell timeout. I.E., if you're inactive for a given period of time, the shell closes. Setting to 0 disables that. But it has nothing to do with passwords. :-) I'm not sure *what* happened along the way, but it appears that I did have the setting correct (in /etc/security/msec/level.local, I had "password_aging(-1)" set, which is what is supposed to do it (or at least, it did once upon a time). I set it to 9 and ran msec again to apply it. I've stopped getting the warning notice for now, so I guess it worked. :-) --Dave --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] How to set passwords to NOT expire?
I thought I had my system set up to not expire passwords, but apparently, I got it wrong. :-) When logging in today, I got a popup window warning me that my password would expire in 6 days. I suspect it's something under /etc/security somewhere, but I'm not sure which file, and what has to be in it to turn off password expire. Does anyone know what needs to be set where to turn it off? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Postfix/kmail problem
Praedor Tempus grabbed a keyboard and wrote: > > In kmail (KDE 3.0.3) I changed my receiving host to local mail using maildir > format. In the selection window provided it had /var/spool/mail/praedor > exactly as it should. If I select it, however, and check mail I get an > error: Is there any reason that you can't select "Local mailbox" (the top option) instead? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Turning off Root login
Brian York grabbed a keyboard and wrote: > > How can I turn off root login for the console? > > Don't mean to ask stupid questions just forgotten. I'm assuming that you're running at a msec level less than 4, at which point root login gets disabled by default. :-) Edit /etc/security/level.local (create it if it's not already there) and put in the lines: allow_remote_root_login no allow_root_login no The first one keeps people who are ssh'ing in from logging in directly as root, the second line stops direct root login at the console. Then run msec to apply the changes (they will stay in place even through your next reboot). HTH. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How to make /proc available to apache user?
Never mind, I found it. :-) I just assumed that /proc was readable by everyone, but found it was set to 750. I hadn't noticed it because my regular (non-root) user ID belongs to the adm group, which still has read there. Changed it to 755, and now the web application is working fine. --Dave David Guntner grabbed a keyboard and wrote: > > I've got a php script running a web page, which needs to be able to do > things like "ps" to determine if other processes that it will start and > stop are running. I've discovered that (apparently) by default, the /proc > filesystem isn't available to the apache user. When I do a "su - apache" > to be the apache user and try to do a "ps," I get this: > > $ ps -ef > Error: /proc must be mounted > To mount /proc at boot you need an /etc/fstab line like: > /proc /proc procdefaults > In the meantime, mount /proc /proc -t proc > $ > > I *only* get that when su'd to apache, if I'm a regular user, a "ps" works > just fine. > > So the question is: How do I enable /proc for apache? > > --Dave > -- > David Guntner GEnie: Just say NO! > http://www.akaMail.com/pgpkey/davidg or key server > for PGP Public key > > > -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] How to make /proc available to apache user?
I've got a php script running a web page, which needs to be able to do things like "ps" to determine if other processes that it will start and stop are running. I've discovered that (apparently) by default, the /proc filesystem isn't available to the apache user. When I do a "su - apache" to be the apache user and try to do a "ps," I get this: $ ps -ef Error: /proc must be mounted To mount /proc at boot you need an /etc/fstab line like: /proc /proc procdefaults In the meantime, mount /proc /proc -t proc $ I *only* get that when su'd to apache, if I'm a regular user, a "ps" works just fine. So the question is: How do I enable /proc for apache? --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to tell "screen" to not *care* about term type?
Lyvim Xaphir grabbed a keyboard and wrote: > > See if this is relevant to your situation: [deleted] Actually, between you and John (I think that was his name), I got an idea. (Yea I know, always dangerous :) I edited /etc/rc.d/init.d/httpd, and put in an "export TERM=vt100" at the beginning of the script. Actually, I tried using "xterm" as John suggested, but that didn't work out so well, since screen tried to set the title bar of the (non-existant) window with some information, and I got a really neat unreadable output on the web page. :-) Setting to vt100 seems to be working better. A little fine-tuning, and I might actually get this interface working right. :-) Thanks for the help, to you and John. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to tell "screen" to not *care* about term type?
John McQuillen grabbed a keyboard and wrote: > > Can't you just include ?TERM=xterm in your link to the application? FWIW, I just tried it that way, and it didn't work --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to tell "screen" to not *care* about term type?
John McQuillen grabbed a keyboard and wrote: > > On Wed, 2002-11-20 at 12:31, David Guntner wrote: > > > Well, the TERM value that *I'm* using doesn't come in to play, in this > > case. :-) I'm using a PHP web application which uses expect to spawn > > screen and do its thing. So it's the apache user that's executing this > > command from within the web server. There's no TERM set for that, nor > > should there be (as far as I know). Is there a setting/command-line > > switch/something else that can be used to tell screen to disregard TERM (or > > the lack thereof?) > > > Can't you just include ?TERM=xterm in your link to the application? Will that interfere with other things that are already set up? The address line already shows ?otherstuff=somethingelse when I click on a link, so I know that it's already looking at what it's being called with. I'm just trying to avoid problems here. :-) I'll give it a try. Alternately, is there a way to specify the TERM variable on the expect spawn? For example, one of the scripts has this in it: cd $op19 set timeout 20 spawn screen ./nwserver -interactive -maxclients $op0 -minlevel $op1 - maxlevel $op2 -pauseandplay $op3 -pvp $op4 -servervault $op5 -elc $op6 -ilr $op7 -gametype $op8 -oneparty $op9 -difficulty $op10 -autosaveinterval $op11 -dmpassword $op12 -adminpassword $op13 -servername $op14 -publicserver $op15 -reloadwhenempty $op16 -port $op17 -module $op18 match_max 10 expect eof (The indenting is being done by me to make the wrap-around readable. Everything from "spawn" until just before "max_match" is all on one line.) I'll give a try to doing the TERM=xterm that you mention above - hopefully it will work. I'm just curios to see if there's another way in case that doesn't work --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Any way to tell "screen" to not *care* about term type?
Lyvim Xaphir grabbed a keyboard and wrote: > > On Tue, 2002-11-19 at 18:15, David Guntner wrote: > > > > So the big question is: Is there a way to tell screen to not *care* about > > your terminal type, but to just go ahead and run as though it were in a > > dumb terminal? Any information/ideas/etc would be appreciated. > > Screen checks the TERM variable in the environment when it is started. > The TERM variable is supposed to correctly describe the terminal you are > using. What is your TERM set to? Well, the TERM value that *I'm* using doesn't come in to play, in this case. :-) I'm using a PHP web application which uses expect to spawn screen and do its thing. So it's the apache user that's executing this command from within the web server. There's no TERM set for that, nor should there be (as far as I know). Is there a setting/command-line switch/something else that can be used to tell screen to disregard TERM (or the lack thereof?) --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Any way to tell "screen" to not *care* about term type?
I'm using a web-based application which is trying to spawn a screen session to allow control of something which usually requires that it be running in a shell window. This application spawns the "screen" program to create a terminal environment, and when you click on the next thing that you want to configure in the web page, it spawns a "screen -r" to reconnect to that session, make the changes, and detach again. Unfortunately, when I try to click various things, I keep seeing the output saying "please set a terminal type". This, of course, means that the whole thing is falling through at the "screen" level. So the big question is: Is there a way to tell screen to not *care* about your terminal type, but to just go ahead and run as though it were in a dumb terminal? Any information/ideas/etc would be appreciated. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Directions on making a mail list.
Gonzalo Avaria grabbed a keyboard and wrote: > > Hi experts, i need some directions to where to go. I > need to make a mailing list for a symposium that we > are doing here in Chile, and we need to have a mailing > list. What do i have to do to make one??? > Well, i'll be waiting for your answers. See ya. Easy, one-word answer: Mailman. You should have a rpm file for it on one of your Mandrake CDs. --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Gamma correction/adjustment for monitor?
I'm currently using a monitor which is getting old. As a result, it's doing the gradually-getting-darker-as-it-goes thing, and Iknow it's only going to be a matter of time before I'm going to need to replace it. However, I'm trying to hold that time at bay for as long as I can. In Windows, I can bring up the properties for the monitor, go to the advanced tab, and for the display adaptor card, I can run the gamma level up, which brightens things up on the monitor. This is good. However, on the Mandrake 9.0 side, I don't find any similar control available to let me boost the gamma (one of my monitors died outright, so I'm using an A-B switch to share the monitor between the two computers), which means that my screen is quite a bit darker when running on the Linux side. This is not so good. :-) *Is* there a way to adjust the gamma output level in Mandrake? If so, how? Thanks in advance! --Dave -- David Guntner GEnie: Just say NO! http://www.akaMail.com/pgpkey/davidg or key server for PGP Public key Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com