Re: Disk/Partition encryption
Weiner, Michael schrieb: Some time ago, approximately April 2009, I encrypted a Fedora 10 system which I later upgraded to Fedora 11, with no problem. My problem is that I didn’t document how I did it at the time, as I was just playing with disk encryption on a sandbox machine and never thought I would need to do it in production. Recently my place of employment, thanks in part to new HIPAA regulations due to data theft, is requiring ALL laptops to be encrypted – one problem, I don’t remember how I did it without loosing any data. The only thing I can remember is that it was a pretty simple task that I performed without moving data from one partition to another, or re-installing the OS. Googling such a process, has led me to read many pages and documentation out there, but to no avail. I can NOT find anywhere anything documenting encrypting a live filesytem without data loss. Has anyone here done this? I could have sworn that the original work I did was based on an email or discussion on this l ist, but I cant find anything. Yes yes yes I know – ALWAYS put it in the wiki ☺ Somewhere on the cryptsetup page there was a hint how to reencrypt a partition withhout reformatting. Basically you use dd to read from the plain device and write to the same device through the encryption layer. Something like this: # cryptsetup create encrypted /dev/sdx1 # dd if=/dev/sdx1 of=/dev/mapper/encrypted bs=10M I would not try it without a full backup and all fingers crossed... -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Local cache / 'repo' of updates and added RPM's
Patrick O'Callaghan schrieb: Hello! As I said earlier, it would be useful to keep only the latest versions, i.e. when a package is updated, remove the old cached rpm. Maybe that's what keepcache=1 already does, but the man page is not clear. You could use repomanage (a part of yum-utils package) to delete old packages in the cache. -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Cannot setup a bluetooth PAN between two Fedora 10 boxes
Hello everybody! I have troubles setting up a bluetooth PAN connection between two Fedora 10 boxes. One of them is a desktop with a USB-BT dongle, the other is an EEE PC 1000H. It seems, that pairing process finishes successfully, but afterwards no PAN network can be established. On the desktop I start pand --listen --role GN -n On the laptop the command is pand --connect bdaddr -n First time both system asked about a PIN. But on the next step I only see # pand --connect bdaddr -n pand[5157]: Bluetooth PAN daemon version 4.30 pand[5157]: Connecting to bdaddr pand[5157]: Connect to bdaddr failed. Connection refused(111) The log file looks like this Jul 12 22:43:24 laptop pand[5157]: Connecting to 00:80:5A:46:11:A2 Jul 12 22:43:25 laptop kernel: hci_acldata_packet: hci0 ACL packet for unknown connection handle 11 Jul 12 22:43:25 laptop kernel: hci_acldata_packet: hci0 ACL packet for unknown connection handle 11 Jul 12 22:43:25 laptop bluetoothd[2289]: link_key_request (sba=bdaddr, dba=00:80:5A:46:11:A2) Jul 12 22:43:25 laptop pand[5157]: Connect to 00:80:5A:46:11:A2 failed. Connection refused(111) Do you have any suggestions what I'm doing wrong or how to fix this problem? -- bye Adalbert Prokop -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
RPM signing problem
Hello everybody! I'm trying to create my own private little repository with signed RPMS (additional software, not available from other repositories or some really old stuff not provided any more). Yesterday I've noticed strange behaviour of rpm. I've downloaded a msttcorefonts and tried to add my own signature to it. The package is RPM version 3, at least file tells me so. I am able to sing other packages, no problems there. I use rpm-4.6.0-1.fc10.i386 on Fedora 10. I do rpm --addsign msttcorefonts-... and I get no error message at all. But a rpm -K msttcorefonts-* tells me there is not GPG signature present! Do you have an idea what goes wrong and how to track down this problem? -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: F10 Rescue
Robert Karge schrieb: Hi Robert! How do I edit fstab from rescue mode when the info in fstab no longer matches the mountable resources. Depends on what you mean by rescue mode. Generally speaking you have at lest two possibilities: 1. Boot from the installation media and use the rescue kernel boot option. 2. Append single selinux=0 to your kernel configuration line in the GRUB boot menu. The option single will boot into a single user mode, without any services, while selinux=0 will deactivate SElinux extensions. The system will probably still complain about bad/missing partitions, but it should offer you a rescue console. Since the root partition is mounted read only you have to remount the root partition read/write by typing mount -o remount,rw /. Then you can edit your /etc/fstab with vi or any other available editor. After a reboot, everything should be fine. If there is some magic tool I need what is it? Rescue mode will not recognize my root login because selinux is preventing it. Probably should be able to shut selinux down from the rescue mode also. The is no need for magic, the built-in and installed tools should be enough. It is their usage which needs some expertise (no offence intended). 2. Why should boot fail because a mountable resource is no longer available, just error msg and skip it and get on with it? Because you asked it to do so. Or let's say: it is configured to do so. The last column in /etc/fstab tells the system whether or not to run a periodic check on a partition - read the tune2fs and fstab man-pages for more information. A 0 means no check at all, 1 means exclusive periodic check (typically used only for the root partition), 2 means parallelised checks are allowed. Thanks for the help as I'm quite frustrated. Do not give in. You can learn a lot from this problems - at least how to avoid them in the future. -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need help with WLAN on Eee PC 1000H [SOLVED]
Adalbert Prokop schrieb: To make a long story short: both WPA and WPA2 work fine but the key cipher is important. TKIP works, AES (CCMP) does *not*. Correction: CCMP does not work with both TKIP and CCMP enables. It works if TKIP is deactivated on the AP. Maybe only my FreeWRT on the router is fooling around. ;) -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need help with WLAN on Eee PC 1000H [SOLVED]
Albert Graham schrieb: First of all: thank all of you very much for your suggestions. As I should expect, none of us was completely right or wrong. ;) Here is what I found out. Also, don't mess with wpa_supplicant and what not (i.e chkconfig etc) , just let NetworkManager do it's stuff. That the point: NM would possibly do its stuff - if it could. But the great documentation and debugging abilities of NM make finding out what's going on a real challenge. So I rather stick to wpa_supplicant. NM uses it anyway. ;) To make a long story short: both WPA and WPA2 work fine but the key cipher is important. TKIP works, AES (CCMP) does *not*. Since my AP was broadcasting both of them wpa_supplicant chose AES and was stuck. Since I do not know how to tell NM to explicitly use TKIP I have to restrict my AP to TKIP or give up on NM and use wpa_supplicant directly. This is not a comforting decision, since WPA/TKIP has been cracked. http://www.computerworld.com/action/article.do?command=viewArticleBasicarticleId=9119258source=rss_news I would like you to confirm or to disprove my conclusion. Do you successfully use the Eee 1000H with WPA(2)+AES? Is it possible? -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need help with WLAN on Eee PC 1000H
Jim wrote on Friday 16 January 2009: Hello! Did FC10 possibly setup a driver for it before you installed the kmod driver ? Which driver could F10 possibly setup? There is no rt2860sta module in the fedora flavored kernel and I suppose no other module is responsible for the ralink chipset id. Besides, basically my WLAN works - but the connection procedure is far from beeing comfortabale or even acceptable. The problems *seems* to lie not between the driver and the hardware, but between the driver and userland apps like wpa_supplicant and iwconfig. What I really would like to know is whether there is any hardware difference between the XP and Linux version of the Eee 1000H model... Or my Eee is just jinxed - it would be the most plausible explanation. ;) -- bye, Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need help with WLAN on Eee PC 1000H
fred smith schrieb: Hello! And there's no need to compile it for f10 either. Just add the RPM FUsion free and nonfree repositories then use add/remove software to add the kmod or akmod packages for the rt2860 driver. Voila. Well, my experience say otherwise... Voilà is not true. I just installed the akmod-rt2860 driver and restored the virgin wpa_supplicant.conf to please NM. But still no progress in this matter. http://forums.fedoraforum.org/showthread.php?t=199434 If this procedure does not succeed the next thing I will try is to backup F10 and restore the original WinXP. Then I'll connect to my AP and pull the battery. I suspect the Windows driver to leave the chipset in a dorment state. It's only a wild guess but I have no other idea. -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Encryption:
Jeff Maxwell wrote on Saturday 15 November 2008: Which encryption tool/application would be preferred - PGP or other? If you could be more specific, WHAT you want to encrypt? Here some suggestions. - Single files, E-Mails- GPG (you might refer to it as PGP) - Directories - fuse + encfs - Partitions, file systems - cryptsetup (possibly with luks) -- bye Adalbert -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Vertically stretched faces in GDM - how to fix?
Hello! I've got an old laptop with F8 on which I use GDM and XFCE4. I have made an 64x64 PNG icon for each user and enabled the Face Browser in GDM. The icons are shown, but GDM does not honour the aspect ratio and stretches each icon vertically. Strangely enough, *sometimes* (after n logins/logouts) all icons appear with the correct aspect ratio. Does anyone have an idea how to fix this behaviour? Below is my /etc/gdm/custom.conf [daemon] GtkModulesList= AddGtkModules=false [gui] MaxIconWidth=64 MaxIconHeight=64 [greeter] IncludeAll=true Include= Use24Clock=true Quiver=true -- bye Adalbert greenpeace free'd the mallocs -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Preventing rsync of copying always all files to my pen
Paul Smith wrote on Saturday 27 September 2008: Hi Paul! I have often to synchronize a directory from my computer to a pen drive. To accomplish this, I use the following command: rsync -urva --delete /home/psmith/mydirectory/ /media/MYPEN/mydirectory/ Which messages do you see and what mount options are used for mounting the FAT partition? I've tried your scenario and I get messages like this: rsync: chgrp /media/USBDRIVE/. failed: Operation not permitted (1) Generally using -a on ext[23] - FAT transfers is not a good idea, because -a implies -rlptgoD (according to man-pages) but FAT does not support user or group information, links or devices I suppose a simplier rsync -rtv should accomplish what you need. You might even want to try unison - it can synchronise two folders in both directions, copying newest files from one directory to its counterpart. -- bye, Adalbert network packets travelling uphill (use a carrier pigeon) -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: MacBook Pro FC9 Issues
Rupak kumar Bag schrieb am Mittwoch, 10. September 2008: Hello! 2) Second issue is bluetooth. The adapter is detected but it is unable to find any other bluetooth device like my cell phone. Folks please let me know if you have any solution. I don't know how to help you with your first problem, but I might have an idea on the second. I encountered a simmilar problem on a MacBook (not Pro). I figured out that the Bluetooth adapter was initially in HID mode, so I had to switch it to HCI mode. hid2hci should do the trick. I've put this command in /etc/rc.local so it is executed on every boot. -- Tschüss, Adalbert Prokop Alexander Hamilton started the U.S. Treasury with nothing - and that was the closest our country has ever been to being even. -- The Best of Will Rogers ___ Fedora-laptop-list mailing list Fedora-laptop-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-laptop-list
Re: Newbie: USB Pen Drive on Fedora Core 3
Bravismore Mumanyi wrote on Tuesday 22 July 2008: May any folk out there help me with a guide on how I manually mount USB pen drives on Fedora Core 3. I have tried plugging in a pen drive which shows an activity light but no icon is automatically displayed. I have failed to figure out where it is mounted. Probably nowhere. ;) FC3 is really old. You had to deal with USB drives manually - or semi-manually, with help of hotplug. If you really want to keep FC3 then look for configuration of hotplug. The internet never forgets anything, I suppose the information about how to configure it is still available. If I recall it correctly there was a python script which was called for any USB drive which was plugged it. Each drive had to be registered with it first. Then it would create a symlink in /dev and alter the fstab to allow unpriviledged users to mount it. But if upgrade to something recent (F8 or F9) is an option for you, then you should do it. -- Bye, Adalbert The rule is, jam to-morrow and jam yesterday, but never jam today. -- Lewis Carroll -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Boinc problems ??
William Case wrote on Thursday 19 June 2008: Hello! When I launch boincmgr I get the following error message: Authorization failed connecting to running client. Make sure you start this program in the same directory as the client. They are both in /usr/bin/ and boinc_client is running happily. How exactly do you start boincmgr? Did you start boincmgr from the same directory where boinc is running, As suggested by the error message? Boincmgr is looking for the file gui_rpc_auth.cfg in the current directory, i.e. if you have installed boinc into ~/BOINC then cd $HOME; BOINC/boincmgr will not work, but cd $HOME/BOINC; ./boincmgr will. -- Tschüss, Adalbert Prokop mummy, n.: An Egyptian who was pressed for time. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Re: Ipw2200 problem in Fedora 8
Eason Mai schrieb am Mittwoch, 23. April 2008: ipw2200: Intel(R) PRO/Wireless 2200/2915 Network Driver, 1.2.2kmprq ipw2200: Copyright(c) 2003-2006 Intel Corporation ACPI: PCI Interrupt :02:02.0[A] - GSI 21 (level, low) - IRQ 22 ipw2200: Detected Intel PRO/Wireless 2200BG Network Connection ipw2200: ipw2200-bss.fw request_firmware failed: Reason -2 ipw2200: Unable to load firmware: -2 ipw2200: failed to register network device ACPI: PCI interrupt for device :02:02.0 disabled ipw2200: probe of :02:02.0 failed with error -5 You did not install the firmware. A simple yum install ipw2200-firmware should fix the problem. -- bye, Adalbert One Bell System - it works. ___ Fedora-laptop-list mailing list Fedora-laptop-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-laptop-list
Re: installing fedora 8 in compaq presario v3425au
rimzy schrieb am Montag, 31. März 2008: Hello rimzy! Will fedora 8 install all the drivers for all the devices in my laptop ? if not please tell me what all drivers / plugins should i download extra ? I am asking you in advance so that i want to make sure that i can install fedora without any problem That's difficult to say. If you insist on without *any* problem then for sure no. :) If you can accept some problems you probably be happy with Fedora. I don't know if you alredy have experience with Linux. If not - do yourself a favour and read what Linux really is. I found a nice page here http://linux.oneandoneis2.org/LNW.htm . There are drivers for many different hardware pieces for Linux. But not for all of them. Hardware manufacturers usually do not expressly support Linux - it's a matter of money and time, because developing drivers costs time and therefore money. Most people run Windows, not Linux, and they are the primary customers. Besides, there is no place for closed source drivers in the Linux kernel and almost all hardware makers do not like the idea of publishing their drivers' source code. That's the theory of Linux drivers. :) So the difference for you would be Windows: you visit your hardware maker's homepage, download the driver and install it. Linux: drivers are part of the kernel. Either within the kernel or a loadable module. Some can be installed from third party packages (e.g. Livna). If a driver you need is not part of the kernel or provided as a package you simply won't be able to use this particular hardware. This is of course an oversimplification. Some drivers are available as source code and must be compiled first. But that's a non-trivial business and nothing for the unexperienced beginner. Graphics NVIDIA GeForce Go 6150 There are NVIDIA packages in rpm.livna.org or freshrpms.net. I've seen them working on a GeForce Go 7600. Networking/Wireless High speed 56K modem, Integrated 10/100 LAN, broadcom WLAN with Bluetooth option LAN most probably will work, there are good chances WLAN will also do (with 3rd party packages, which Broadcom chipset is it exactly?), modem most probably won't work (see http://linmodems.technion.ac.il/). Media Card Integrated 5-in-1 digital memory reader slot (xD, SD, MMC, Memory Stick and Memory Stick PRO) Depends on the chipset. I've installed F8 on a HP Pavilion DV9000 where it just worked and on a Acer TM 8000 where a the card reader failed. -- bye, Adalbert QOTD: What do you mean, you had the dog fixed? Just what made you think he was broken! ___ Fedora-laptop-list mailing list Fedora-laptop-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-laptop-list
Re: HP DV9500
Adalbert Prokop schrieb am Dienstag, 15. Januar 2008: I have successfully installed F7 on a DV DV9000 (dv9375eu). I forgot to append the link to my page: http://www.familie-prokop.de/hp-pavilion-dv9375eu/index_en.html -- bye, Adalbert After a number of decimal places, nobody gives a damn. ___ Fedora-laptop-list mailing list Fedora-laptop-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-laptop-list
Re: Which PCMCIA WiFi card I should buy ?
Kushal Das schrieb am Freitag, 7. Dezember 2007: Which PCMCIA WiFi card I should buy ? I want something which will work out of the box . I've got a ALLNET ALL0282A which works very fine with drivers from freshrpms.net. -- bye, Adalbert We are each entitled to our own opinion, but no one is entitled to his own facts. -- Patrick Moynihan ___ Fedora-laptop-list mailing list Fedora-laptop-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-laptop-list
