Re: New covenant published
Once upon a time, Michael Cronenworth m...@cchtml.com said: Tom spot Callaway wrote: (Yes, the irony of a talk on software patents being offered in MP3 format is not lost on me.) Just think... one more year... one more year... It doesn't look like that is the case: http://en.wikipedia.org/wiki/Mp3#Licensing_and_patent_issues http://en.wikipedia.org/wiki/Talk:MP3#Patents -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: dist-git help wanted: write me a regex!
Once upon a time, Jesse Keating jkeat...@redhat.com said: $logmsg =~ s|/((Mon|Tues?|Wed|Thu(rs?)?|Fri|Sat|Sun)\s+(Jan|Feb|Mar|Apr| May|June?|July?|Aug|Sep|Oct|Nov|Dec)\s+[0-3]?[0-9]\s+(19|20)[0-9][0-9]\s +[^]+[...@]+@[^\s@]+\s+2.[4-6].[0-9.-]+\s*)/|mg The first character after the =~ s is the delimiter, so you are saying search for /((Mon and replace it with Tues? and then Wed... are arguments. The regexp as sent (delimited with /) was just a match, not a search/replace. I don't know the code; what exactly are you trying to do here? Strip out date/email lines? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: physical RAM restriction in Fedora 12 (32 bit and 64 bit)
Once upon a time, Roberto Ragusa m...@robertoragusa.it said: And the PAE kernel will be installed by default. So the 32 bit Fedora could be considered without limit too. IIRC, the practical limit with PAE is something like 8G or 16G RAM. With more, you end up using all the low RAM for page tables and can't get any actual work done. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: packages requiring me to reboot...
Once upon a time, Seth Vidal skvi...@fedoraproject.org said: we're talking about the experienced user who is comfortable knowing what does and does not need a reboot. It seems though that there is a problem with how the needs a reboot option is set (and if that is the case, it should be addressed). For example, in the nfs-utils case, what happened to having the %post scriptlet do service foo condrestart? Is it impossible to restart the daemons? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: SMS client for linux?
Once upon a time, L yuan...@gmail.com said: I have a vodafone wireless broadband dongle. This prepaid package comes with 15 free SMS. NM on F12 is great to connect it. my question is that, is there a tool to send/receive SMS on linux? The vodafone connect kit for windows includes a SMS client to send and receive SMS. I don't want waste 15 SMS, Could any one know an equivalent tool for linux? Gnokii is a cell phone tool that can send and receive SMS, if your cell interface presents a serial port to Linux (my phone for example presents two). It takes a little bit of configuration in /etc/gnokiirc but works okay. I use the gnokii-smsd daemon to send text messages from other programs (like Nagios). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: dist-git proof of concept phase 1 complete
Once upon a time, Ville Skyttä ville.sky...@iki.fi said: The first two Google hits I get for fpkg are already two different tools that have something to do with software packaging, so I suggest not adding the third but coming up with some other name for this one. fedpak fpak -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: x86-64 on i386 (was Re: Promoting i386 version over x86_64?)
Once upon a time, Jon Masters j...@redhat.com said: But again, Apples to Oranges. x86_64 (we should formally call it Intel 64, or similar, since I'm not aware of x86_64 having a formal blessing) Intel 64 has no formal blessing either (it is Intel's marketing name for their copy of AMD's instruction set). If you want to call it after a vendor, it should be AMD 64 anyway, since AMD created it. They called it x86-64 (which is where the x86_64 name came from), until marketing got in the way and they changed to AMD 64. Intel 64 is confusing anyway, since Intel has pushed multiple 64 bit architectures. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: x86-64 on i386 (was Re: Promoting i386 version over x86_64?)
Once upon a time, Paul Jakma p...@dishone.st said: My data-point is that I ran an x86-64 kernel on i386 F10 for a few months until I got tired of yum not being able to update kernel packages. The kernel side apparently works fine AFAICT. The .1% is yum. No, it's the whole development environment. For example, if you need to build a kernel module, gcc on i386 is not capable of building for x86_64 (IIRC it isn't a gcc configuration issue, it is an issue with gcc itself). You could just always install the x86_64 gcc, but then you need all the development tools and libraries to match. gcc hello.c is going to generate native code, and native will still be x86_64, so you have to have the x86_64 shared libraries and support in place (and now you're back to a multilib system, which loses on RAM usage, disk space, install time, update downloads, etc.). Also, part of your justification was that in the real world, people run some 32 bit anyway (like wine). Well, what happens with some of those real world binary modules people use, like nVidia? Do they work with a split 32/64 user/kernel space (and development stack somewhere in between)? If they don't, users are going to blame Fedora, not nVidia (or whoever else ships binary modules). Again, most of the Fedora people developing things like yum, anaconda, etc. don't appear to be interested in this; there just doesn't seem to be a significant benefit (okay, you save a little RAM, but for the majority of 64 bit systems, that isn't a big deal). If you think otherwise, nobody is stopping you from doing the work to make it happen, and if it proves to work and be a benefit, I bet it would be accepted. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: x86-64 on i386 (was Re: Promoting i386 version over x86_64?)
Once upon a time, Paul Jakma p...@dishone.st said: If I put you in front of 2 identical machines, one running 32bit and one 64bit software, would you be able to tell which one was which, from the interactive performance of common applications? I'd be willing to bet that for the vast majority of applications you wouldn't be. Then you might as well run the native system architecture, which is 64 bit, rather than try to figure out which apps run better as 32 bit and maintain a full duplicate set of libraries! :-) -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: x86-64 on i386 (was Re: Promoting i386 version over x86_64?)
Once upon a time, Paul Jakma p...@dishone.st said: b) The amount of code on your system that is CPU bound and/or memory-bound due to register pressure, to an extent that the x64 registers would make an appreciable difference is probably not that significant - kernel hotpots - graphics hotspots (X server perhaps) I havn't measured this, but nor have the people who say x86_64 is faster AFAICT, and there's plenty of experience to say that most software is far from CPU bound or memory bound. As soon as you bring in even one 64 bit user-space program that is run much, you've pulled in at least glibc and friends. At that point, you might as well run all (or as close to all as possible) 64 bit user-space, because the libraries are shared (code will be in the cache, etc.). The only time my systems have run 32 bit code in several years is for the Flash plugin (since the open-source plugins don't seem to be able to keep up and since the 64 bit Adobe plugin doesn't seem to get the security updates) and sometimes the Acrobat Reader plugin (since I've run into websites that assume they can embed PDFs in the page and AFAIK there's no plugin for Evince). Since both cases are not all that common in my every-day use, I don't hit the 32 bit libraries and such very often. Running a single-arch and single-lib system is more efficient. As for the RAM overhead of 64 bit code vs. 32 bit code, I don't see it much in the real world. I have one 32 bit desktop at work, and comparing the resident RAM usage between it and a 64 bit desktop, I don't see much difference in the common desktop programs. I know that for some reason PHP on 64 bit arches bloats up significantly (at least older versions), but that's the only major difference I've seen. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: x86-64 on i386 (was Re: Promoting i386 version over x86_64?)
Once upon a time, Jon Masters jonat...@jonmasters.org said: Indeed. Paul, take a look at the Intel 64 ISA and you'll see it's a very different beast. Intel fixed a lot of the issues with the (more than 20 year old really x86 ISA) That would be AMD that fixed it, not Intel. Intel tried to push everybody to a new architecture (Itanium), while AMD revised and extended i386 to 64 bits. After Itanium failed to catch on in the marketplace, Intel had to copy AMD's work. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Booting sparkly new F12 install, error 13 from grub.
Once upon a time, Tom H tomh0...@gmail.com said: Well, according to the files present on /dev/sdb1, grub is installed. I tried the chainloader+1, didn't work, now I'm about to reboot and try the map syntax to swap the bios drive orders. And that didn't work either. :( As I said in my earlier email, grub1 will not boot from an ext4 /boot. Incorrect, if it is GRUB from F12. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: To hyper-thread or not to hyper-thread
Once upon a time, Greg Woods wo...@ucar.edu said: One feature in particular that is not present twice is some of the caching. This is sort of why they named it hyperthreading. If you can get multiple threads of the same process, sharing the same memory, to run simultaneously, there is a performance boost. But if you try to run two completely different processes simultaneously, there will actually be a performance LOSS because of all the cache misses this will cause. I believe that the Linux kernel scheduler takes all of this into account. You are better off enabling HT (and letting the kernel worry about taking advantage of it) than disabling it. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Proposed F13 feature: drop separate updates repository
Once upon a time, Matthew Booth mbo...@redhat.com said: The separate updates directory has been a pain for as long as I've been using RHL/Fedora Core/Fedora. It means you have two places to look when searching for packages manually, and twice as much to configure when you're configuring yum. Are these really significant issues for a significant number of users? Not many people go looking manually for packages, since there are many tools to do it easier (yum, PK, repoquery, etc.). The repos are automatically configured with fedora-release; how often are you configuring yum? The only time I have to care about this is if I'm writing a kickstart file, but it is one extra line (and then I copy the same kickstart base over and over). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: [RFC] unified i386/x86_64 install media.
Once upon a time, Jeff Garzik jgar...@pobox.com said: On 11/25/2009 01:32 AM, Jesse Keating wrote: Look closer. It is only a small subset of the i686 content in the x86_64 repo for multilib purposes. That's merely a space issue, not any failure to or absence of mash No, it isn't just an issue of space. You don't want to present all of the i386 repo to x86_64 installs, as a lot of the packages would result in conflicts. Only a subset of i686 packages can coexist with x86_64 packages. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: [RFA] Your [PACKAGE_NAME] did not pass QA
Once upon a time, Nicolas Mailhot nicolas.mail...@laposte.net said: To repeat myself once again, core fonts are not free, they have a maintenance cost, What is the real maintenance cost? You have said that core fonts are not going away, so the maintenance cost will not go away. How is badgering other maintainers a good thing? If you don't want to maintain something, then the normal way is to orphan it and let someone else take the job, not badger everybody else using the thing you don't want to maintain anymore. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: [RFA] Your [PACKAGE_NAME] did not pass QA
Once upon a time, Nicolas Mailhot nicolas.mail...@laposte.net said: Le Mar 24 novembre 2009 16:00, Chris Adams a écrit : Once upon a time, Nicolas Mailhot nicolas.mail...@laposte.net said: To repeat myself once again, core fonts are not free, they have a maintenance cost, What is the real maintenance cost? You have said that core fonts are not going away, so the maintenance cost will not go away. The costs could go down to nothing if there was no core font user left in Fedora That's not an answer. What is the real maintenance cost? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: [RFA] Your [PACKAGE_NAME] did not pass QA
Once upon a time, Nicolas Mailhot nicolas.mail...@laposte.net said: Le Mar 24 novembre 2009 17:01, Chris Adams a écrit : That's not an answer. What is the real maintenance cost? I already explained yesterday : there are rotting Fedora Core packages to merge review, packaging guidelines to write to define how they are supposed to be cleaned up, a huge pile of existing fonts to re-check for licensing, a huge pile of fonts to re-check for technical soundness (ie a lot of fonts for that area are not encoded properly or declare bad names, should it continue to be hidden via manual fonts.dir or should they be converted to something cleaner, it we continue to go the manual fonts.dir way someone needs to review existing files) etc. And how much of this is still going to be done no matter what, since core font support is not going to be dropped? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: livecds in the future
Once upon a time, Peter Jones pjo...@redhat.com said: Not that I actually believe in these systems that are i686 or newer and won't boot off of usb-storage devices, but if they were to exist, you wouldn't be able to do what you're saying on them. I have run into such systems unfortunately. When the bootloader is running, it can only see devices BIOS provides to it. Not true. See for example PXE-boot floppies. Google USB boot cd, and the first hit is how to boot an Ubuntu USB flash drive using a CD boot loader. There are also floppy images to boot from USB. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: [RFC] unified i386/x86_64 install media.
Once upon a time, Dennis Gilmore den...@ausil.us said: rather than ship 2 dvds one for i386 and one for x86_64 we would ship one dvd that has the package set for both arches. they would likely only have the packages for a desktop install on them we would need to have both arches under 2.4GiB, you could choose your own adventure by enabling the everything repo. Well, since there is some overlap (there are still some core 32 bit packages included on the 64 bit DVD for multilib), the limit isn't exactly 2.4G. Also, it seems that with a little work, you could use a single install image (always a 32 bit userland, with minimal 64 bit libs, and a 32 or 64 bit kernel as appropriate), which would save some space. It might be nice to have a 32/64 combined netinst/rescue image in any case. I just dumped the F12 i386 and x86_64 DVDs in a directory and hardlinked them, and I get 5.2G. If the install image and repodata were unified, you would be too far off from it fitting. syslinux would need to be able to detect the arch to install Somebody said that there's already a SYSLINUX module that allows you to choose a different menu file based on the CPU type. and likely also have a flag to force 32 bit That just needs an extra menu option for the 64 bit menu that loads the 32 bit kernel. Or, you just make the combined image for dual-layer DVDs, Blu-Ray, or USB flash drives only. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: [RFC] unified i386/x86_64 install media.
Once upon a time, Jesse Keating jkeat...@redhat.com said: From what I understand, this isn't about delivering a 64bit kernel and a 32bit userland. That's a different ball of fun. This is about having one single piece of media that can serve as either a 32bit install media, or a 64bit install media, and which you get would depend on the syslinux menu item you boot, which would be driven by what arch CPU you have (or forced by the user). That shouldn't require any yum hackery at all. Well, I suggested the possiblity of unifying the install image, which probably would require some yum (or at least anaconda) hackery. It would be neat and nice to have (simplify rescue images, netboot, etc.), but it is quite possible it is too painful to happen. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: [RFA] Your [PACKAGE_NAME] did not pass QA
Once upon a time, Nicolas Mailhot nicolas.mail...@laposte.net said: Le lundi 23 novembre 2009 à 09:51 -0700, Jerry James a écrit : 1) I'm going to nag you forever about a problem you can't fix. This is false, it can get fixed, either with code changes or by dropping the offending package Core fonts are not going away, are they? Then why the hate for legacy packages using a legacy interface? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Security testing: need for a security policy, and a security-critical package process
Once upon a time, Adam Williamson awill...@redhat.com said: It's not QA's role to define exactly what the security policy should look like or what it should cover, but from the point of view of testing, what we really need are concrete requirements. The policy does not have to be immediately comprehensive - try and cover every possible security-related issue - to be valuable. Something as simple as spot's proposed list of things an unprivileged user must not be able to do - http://spot.livejournal.com/312216.html - would serve a valuable purpose here. IMHO that's a backwards way of approaching security. You will never be able to define everything somebody should _not_ be able to do. You should always take the approach of defining what somebody _should_ be able to do. Focussing on the relatively simple issues for now, we believe it would be reasonably simple to generate a list of all packages in the distribution that attempt privilege escalation. We believe this would be a list of packages that contain suid binaries, that invoke su, sudo or consolehelper, or that contain PolicyKit policies. During the recent discussion, somebody mentioned there are also ways to trigger events through dbus (I haven't looked down that path myself so I'm not sure of the details). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Richard Hughes hughsi...@gmail.com said: 2009/11/19 Chris Adams cmad...@hiwaay.net: Once upon a time, Ricky Zhou ri...@fedoraproject.org said: I might be wrong on this, but wouldn't the attacker need to trick yum/packagekit into using the malicious repo first? I didn't think that was allowed for non-root users. 1.5 words: NetworkManager. Think about it. 2 words: Package signing. If the key is different to the one that was preciously imported, you need the root password. 2 words: replay attack. So there are no packages in releases/12/Everything that have privilege escalation bugs? All I have to do is wait for one to be found, and I have a signed path to root. Even if the package is fixed in updates, I just have to have a custom updates repo without it. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Security policy oversight needed?
Once upon a time, Richard Hughes hughsi...@gmail.com said: If you're not shipping custom PolicyKit rules then at the moment normal users can, without authentication: * Grant high priority scheduling to a user process I have complained about this. * Connection sharing via a protected WiFi network Only if the NetworkManager daemon is running, right? * Suspend the system Again, on/off don't change system policy. * Inhibit media detection * Mount a device The user mounts are locked down (noexec), right? * Restart the system Again, on/off don't change system policy. * Get information about system services Information that has always been available, right? * Install debuginfos using abrt Didn't know about this one; another thing that should be changed by default. * Enroll new fingerprints That's along the lines of change their password, which is reasonable (unless this is giving elevated access to those fingerprints). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Richard Hughes hughsi...@gmail.com said: 2009/11/19 Chris Adams cmad...@hiwaay.net: You keep saying that, but you are wrong. Otherwise, why do we even bother with passwords (and checking password strength)? Authentication and authorisation are not the same problem at all. It's probably worth reading the PolicyKit design documents. I understand the difference between authentication and authorization. That still doesn't explain your assertion that requiring a restricted password is somehow less secure than not requiring a password at all. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Richard Hughes hughsi...@gmail.com said: 2009/11/19 Chris Adams cmad...@hiwaay.net: So there are no packages in releases/12/Everything that have privilege escalation bugs? All I have to do is wait for one to be found, and I have a signed path to root. Even if the package is fixed in updates, I just have to have a custom updates repo without it. No, that won't work either. In PackageKit parlance installing a package is installing a package that does not already exist on the computer. You can't downgrade (or upgrade) packages using the PackageKit InstallPackages() method. That only matters if you install every package in the repo, which I don't think many people do. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Jesse Keating jkeat...@redhat.com said: That is incorrect, unless somehow your ssh tunneled VNC registers as local console login, which I doubt. In your case, none of your users would be allowed to install software/updates. VNC looks like a local console login. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Promoting i386 version over x86_64?
Once upon a time, Adam Williamson awill...@redhat.com said: The last processor Intel released which was not x86-64 capable, so far as I can figure out, was the Celeron D 310, released December 2005. The last non-x86-64-capable chip AMD released was the 'Paris' Sempron family, which came in July 2004. The subsequent 'Palermo' Sempron family, released February 2005, had x86-64 support. Don't just go by release date, go by end-of-sale date. When did Intel and AMD _stop_ selling CPUs that did not have 64 bit support? That's what really matters. I have a Thinkpad from early 2006 that is 32 bit only for example. It works perfectly fine, so I am in no hurry to replace it just because it is only 32 bit. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Promoting i386 version over x86_64?
Once upon a time, Adam Williamson awill...@redhat.com said: On Thu, 2009-11-19 at 15:54 -0600, Chris Adams wrote: I have a Thinkpad from early 2006 that is 32 bit only for example. It works perfectly fine, so I am in no hurry to replace it just because it is only 32 bit. see my 'oops' follow-up - I forgot to consider the first rev of the Core architecture, which was 32-bit only and current until Jan 2007. The follow-up 'Core 2' architecture was x86-64 capable. You probably have a Core Duo or Core Solo CPU in that thing. I just checked, and it is actually a Pentium M (Dothan core). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Rahul Sundaram sunda...@fedoraproject.org said: .. if the packages are signed and from a signed repository. So, you left out the important part. Explain why this is a problem in a bit more detail. Fedora has made a big push into the multi-user desktop (which many home computers are now) with things like fast user switching. In many such setups, not all users are considered administrators of the system (think parents and kids for example). However, Fedora continues to slip in (with no announcement and no documentation on how to change) things that allow the console user to be an administrator without any additional authentication. The answer here has been well root should lock it down. With the ever-increasing complexity of the system, it is becoming more difficult than ever to find (or even know about) all of the ways a system musth be locked down. find / -perm +6000 doesn't cut it anymore, but there's no documentation of all the ways a regular user can do administrative tasks without an administrative password. It seems the latest way of doing this is via PolicyKit. IMHO all PolicyKit configuration should be secure by default, and then desktop spins can include overrides in /etc to loosen-up security where desired. This would also make it much easier to find and clearer to see what might should be changed for local policy. Right now, I see files /usr/share/PolicyKit/policy; I guess that's where this kind of thing comes from. How do I override the settings in one of these files? None of them are marked config, so I guess I don't edit them. Are there other places such policy can be set? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Colin Walters walt...@verbum.org said: On Wed, Nov 18, 2009 at 1:48 PM, Chris Adams cmad...@hiwaay.net wrote: It seems the latest way of doing this is via PolicyKit. Â IMHO all PolicyKit configuration should be secure by default, secure is an meaningless term without reference to a deployment model and threat model, but let's assume here for reference that what you mean is that the shipped RPMs should be configured to not grant any additional privileges over that afforded to the traditional Unix timesharing model, and then the desktop kickstart modifies them. Yes, that was what I meant. I would agree with that, but it's not trivial. Are we just scoping in PackageKit here, or also consolehelper @console actions? Does it imply removing the setuid bit from /bin/ping? In an ideal world, everything that could grant elevated privilege would come without it, and the admin (or spin config files) could easily configure it back. That obviously fails for things like /bin/ping, since that uses file permissions, and that's part of the RPM (and not configurable). However, ping has traditionally been run-able as a non-root user, and it is easily spotted with find. The number of setuid programs is small these days, but several of them are now helpers that allow a wide-range of other programs access, again with minimal documentation (what is pulse/proximity-helper? why is nspluginwrapper/plugin-config setuid root?) I think anything that uses PolicyKit should ship with no elevated privileges by default, since it is configurable. It would be nice to also get consolehelper, but that is more complicated. I thought that was on the way out (to be replaced by PolicyKit), but I see there are still a number of things that use it (looking at the F11 desktop I'm on right now). NetworkManager is another thing that probably could use some admin control in some places, especially as it is being pushed to replace the old network scripts. Does NM use PolicyKit or consolehelper, or does it just do things itself? Right now, I see files /usr/share/PolicyKit/policy; I guess that's where this kind of thing comes from. Â How do I override the settings in one of these files? Â None of them are marked config, so I guess I don't edit them. Â Are there other places such policy can be set? See man PolicyKit.conf The bigger issue is that much of the policy is not well documented, except in the XML files (which are pretty terse). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Dan Williams d...@redhat.com said: But that's not right because those files aren't config files. Instead, you drop local authority files in /var/lib/polkit-1/localauthority/ that override those permissions on a site-by-site basis for your specific use-case, irregardless of what the defaults are. Um, what is /var/lib/polkit-1/localauthority/? Again, I'm still sitting at my F11 desktop; was this something added in F12? Maybe (as someone else mentioned) I am looking for the 1000 foot (or 305 meter) view. I understand setuid-root, setgid-foo, etc., and that is widely documented. I kind of have a grip on consolehelper, more from poking around at it than reading anything. I have no clue how things work with PolicyKit, and it also seems that PolicyKit is still changing how things are done from release to release. I poked at PolicyKit a little when someone pointed out desktop users were allowed to change the system clock a couple of releases ago. Some of the same discussion happened then as is happening now; I made the same suggestion about no elevated access by default and spins can override. The clock perms finally changed in F12 (although it looks like users can still change the timezone, which is still not a good idea, as most things like cron and syslog use local time), and now we have PackageKit questions. It just seems like there needs to be: - better documentation - better defaults - better Fedora policy - better oversight (or enforcement, if necessary) about PolicyKit (or anything that can give regular users elevated access) rules and actions. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Local users get to play root?
Once upon a time, Colin Walters walt...@verbum.org said: (Thanks for a constructive discussion by the way!) No problem; I'm trying to understand and help things move forward. I don't want to see another thing like SELinux or PulseAudio where it becomes common knowledge that you should just disable or remove something. So, that leaves us with the question of how to configure it for Fedora. A data point here is that the Fedora polkit package adds two Unix groups desktop_user_r and desktop_admin_r. However, it's unclear to me whether the expectation is that official Fedora consumables (i.e. desktop installer) would customize PolicyKit using these. Where are those documented? I guess that's something new for F12, so maybe there's something there. However, I just searched the Fedora wiki and got no hits (if this is Fedora-specific, shouldn't it be there?). The bigger issue is that much of the policy is not well documented, except in the XML files (which are pretty terse). The individual actions aren't documented well enough? Or the 1,000 meter view of all of the installed actions on a default desktop? I guess some of both. At a quick glance, I see over 100 actions on my F11 desktop (in over 1400 lines of XML, not counting langauges); how am I supposed to be knowledgeable enough to know which of those I may want (or need) to change for certain situations? Don't get me wrong; I do like having more fine-grained access control. What would be nice would be a guide of how all this fits together and when to change what (not just documentation of individual options or syntax), but I do also understand that developers don't always like writing documentation (hey, who does, other than tech writers!). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Security policy oversight needed?
After seeing two conflicts over PolicyKit default policies allowing unprivileged to do things that previously only root could do, it seems to me that there needs to be some kind of oversight on security policy for the distribution. Right now, any package maintainer can make changes to system security policy, without announcing it, getting any approval, etc. In the two cases I've seen, the maintainers decided that their way was the right way and closed the bug reports without any real discussion, which just seems unacceptable to me. Any package (whether new or an update) that adds/changes PolicyKit, consolehelper, or PAM configuration, and anything that installs new setuid/setgid executables, should require some additional third-party review. Any significant changes that passes review should require some minimum amount of advance notice and documentation on how to revert (preferably in some common easy-to-find place in the wiki). Is this feasible? Who needs to look at this? I would like to see this discussion separate from discussion about the current issue with PackageKit. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Security policy oversight needed?
Once upon a time, Mike McGrath mmcgr...@redhat.com said: I think that's too subjective though. What is subjective about allowing unprivileged to do things that previously only root could do? I'd be more in favor of a simple, broad view of what the user should be able to do without root. It's possible install packages would be on that list, it's possible not. That way packages could ask themselves does this break the policy? If it doesn't, great. If it does, time for a bug report. There have been bug reports, but they get closed by the maintainers as NOTABUG, so that procedure is obviously not working. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: x86-64 on i386 (was Re: Promoting i386 version over x86_64?)
Once upon a time, Jeff Garzik jgar...@pobox.com said: Running a 64-bit kernel with a 32-bit userland is a common practice on non-x86 platforms, and non-Linux OS's. For a lot of tasks, you simply do not need 64-bit pointers and a 64-bit process address space. Both executable code and in-memory data structures tend to be smaller on 32-bit. However, on x86, the 32-64 bit jump also gives a larger register set and (IIRC) SSE (or SSE2?) on all chips, which allows better code generation for all kinds of things. The i386 architecture is register-starved compared to many other architectures. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Broken deps for rawhide the past few days
Once upon a time, Jesse Keating jkeat...@redhat.com said:
Many of you received emails over the weekend and this morning regarding
broken deps in rawhide. If these emails mentioned that the deps were
broken on ppc or ppc64 they can be ignored. We are no longer producing
ppc/ppc64 as a primary arch, however we forgot to tag the config change
that enacted this on our compose tools. We were attempting to compose
ppc(64) trees with only noarch packages, and well things didn't work so
hot.
As a mirror admin: what does this mean for .../development/ppc{,64}?
Will they go away at some point? If so, when?
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: man 3 switch
Once upon a time, Frank Cox thea...@sasktel.net said: I expected to see a write-up on the C switch statement. Similar to what I see with man 3 strlen and the like. Your statement indicates that keywords are not included in man 3, so apparently that's why it's not there. It seems an odd choice to make, to cover the standard library and not the keywords. Functions in libraries are documented, not language syntax itself. I suppose somebody could write a man page for cc that documents syntax, but I've never seen a Unix that does that for C. Would you expect to see individual man pages for if, ?:, void, etc.? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: man 3 switch
Once upon a time, Frank Cox thea...@sasktel.net said:
On Sat, 14 Nov 2009 11:43:53 -0600
Chris Adams wrote:
Would you expect to see individual man pages for if, ?:, void,
etc.?
Actually yes, I would. Those are fundamental parts of the C language and
should have the same man documentation as the library functions.
Then get writing! I'm bet gcc would accept a C language syntax page.
However, like I said, it would probably need to be a single C syntax
page. That's the way perl does it for example.
I don't think any other language has individual man pages for
syntactical elements. Otherwise, you end up with massive conflicts; who
gets the man page for {, +, ;, etc.?
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FESCO ticket#270 - preupgrade and F-12
Once upon a time, Linuxguy123 linuxguy...@gmail.com said: On Thu, 2009-11-12 at 15:10 -0500, James Laska wrote: preupgrade now requires at least 167MB free space on /boot: F12 installer images: 143MB (8mb larger than F11!) F12 kernel: 18MB (10mb larger than F11!) RPM/anaconda tmpfiles: =8MB (measured in stupid tests) Total: 167MB (Was 149MB in F11 - no problem!) With all my kernels removed except the current one, I have this: # df -h FilesystemSize Used Avail Use% Mounted on /dev/sda1 190M 14M 167M 8% /boot I just removed all but the running kernel (on a system that was a fresh install of F11) and got a similar result: # rpm -e $(rpm -qf /boot/vmlinuz* | grep -v kernel-$(uname -r)) # df -h /boot FilesystemSize Used Avail Use% Mounted on /dev/md0 194M 15M 169M 9% /boot That's right at the edge, and could push untested corner cases in anaconda with respect to temp files and such. I don't think increasing /boot just because of preupgrade is a viable solution, as the installer image continues to grow. Is it possible instead to put the installer image (the real problem) somewhere else, like /? Why does it need to be in /boot? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Identifying remaining core font users
Once upon a time, Kevin Kofler kevin.kof...@chello.at said: Then they need to be ported to a modern toolkit (by upstream). E.g. Xaw has long stopped being viable. (In fact it was never supposed to be more than an example.) If there is no upstream, then maybe it's time to retire the package? Or pick up upstream maintenance if there's really no modern alternative? Why is there a rush to throw out working software? I use xterm as my standard terminal program, because it is lighter-weight and for a long time felt faster than anything else. My father uses it because he still has software that uses the Tek4014 emulation that AFAIK nothing else supports. xterm still uses Xaw, although it does support fontconfig (still has core font support as a fall-back). Xaw and core fonts are not something new programs should use, but they still work. Are they really a significant maintenance issue? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: F13 Naming: Leonidas - Constantine - New Name?
Once upon a time, Jesse Keating jkeat...@redhat.com said: On Tue, 2009-11-10 at 16:45 +0100, Björn Persson wrote: After F12 comes Print Screen of course. ;-) My keyboard has F13 next... The One True Keyboard(tm) (IBM Model M) has Print Screen/SysRq there. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: su/kdesu not working
Once upon a time, Roberto Ragusa m...@robertoragusa.it said: Big hammer: strace -f su - You can't strace a setuid executable. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: su/kdesu not working
Once upon a time, Roberto Ragusa m...@robertoragusa.it said: Chris Adams wrote: Once upon a time, Roberto Ragusa m...@robertoragusa.it said: Big hammer: strace -f su - You can't strace a setuid executable. You are right. Actually the execution will still happen, but with no root authority, so it will not be useful for debugging. Seeing some output incorrectly made me think it was working. And to follow up to my brief response, you _can_ strace a setuid executable with an extra step. If you run strace as root, you can pass the -u username argument, and it will switch users first (but still trace correctly). So, as root, you could do: # strace -u foo -f su - -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: General question about Intel and AMD virtualiztion support in hardware
Once upon a time, KC8LDO kc8...@arrl.net said: Who seems to have the edge in hardware virtualization Intel or AMD? I've heard comments both ways with one IT person suggesting that AMD was the way to go. As far as functionality, I believe they are pretty much equivalent. If you are buying a desktop and want virtualization, then (the last time I looked), almost all (if not all) AMD CPUs have hw-virt extensions, while Intel seems to reserve it for the higher-end (read: more expensive) CPUs. Also are there extra features supported under the various open source virtualization systems, KVM and Xen, under one manufacture but not the other of any real significance? KVM is essentially a driver for the hw-virt CPU extensions, so of course it supports them. :-) Xen also supports hw-virt I believe. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Ubuntu shows updates / security updates on shell logins
Once upon a time, Seth Vidal skvi...@fedoraproject.org said: i don't think it is a security risk. Or rather - if it is then the rpmdb should not be readable by non-root users. If knowing installed versions are a security risk, then so is uname -r and almost any command that takes -v to display the version. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Wodim trouble
Once upon a time, Joerg Schilling joerg.schill...@fokus.fraunhofer.de said: - Redhat continues to distribute cdrkit although there are known legal problems with it and Redhat has been informed more that once about this fact. it is Red Hat, not Redhat (and this is Fedora). You have refused to cite specific legal problems with cdrkit, so there are no known legal problems that anyone can see. The proper reporting method is bugzilla.redhat.com; can you point to where you reported them? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: should I go for 64bit version of Fedora 11 ?
Once upon a time, Cameron Simpson c...@zip.com.au said: On 03Nov2009 23:45, Alan Cox a...@lxorguk.ukuu.org.uk wrote: | Such as the kernel ... which is much happier in 64bit mode with over 1GB | of RAM. Is there some URL I could visit that qualifies this? I'm not doubting you, but I would like to have a mental model of roughly why and how 64-bit mode benefits a system. If you have 1G (or really a little less) of physical RAM on 32-bit x86, the kernel can map all of it into the kernel's virtual address space. Otherwise, it has to use different addressing to access physical addresses, IIRC mapping them on demand (which adds overhead). On a 64-bit system, all of physical memory can be mapped into the kernel address space at all times. Also, x86_64 has a larger CPU register set, which can speed up some operations. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Fedora with Universal Binaries?
Once upon a time, Till Maas opensou...@till.name said: For me it would be useful to have a simple way to make a USB installation device for both my 32bit and 64bit machines. Also a single rescue system for both 64bit and 32bit machines would be nice. A much better approach would be to get the image tools (both install and LiveCD) to support more than one image on a device (DVD or USB). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Where is VNC, FC11
Once upon a time, Tait Clarridge t...@clarridge.ca said: A good way to search for packages that may not have easy names is: [user @ host ~]$ yum list | grep -i vnc A little easier is: # yum list '*vnc*' -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: How to find out the parameters of an ext3 filesystem
Once upon a time, Dan Track dan.tr...@gmail.com said: I'd like to know the parameters of an ext3 filesystem i.e what blocksize was used, inodes etc... Can someone please show me a command I can use to find this information. As root, tune2fs -l device, where device is the block device that contains the filesystem (e.g. /dev/sda2, /dev/vg0/lv0, etc.). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Mock can't build x86_64 packages
Once upon a time, Jonathan Ryshpan jonr...@pacbell.net said: On Fri, 2009-10-02 at 11:00 -0400, Todd Zullinger wrote: You can't build for x86_64 on i386. Doing it the other way around works fine though. Why not? I thought that cross compilation worked on any two processors (within reason). Mock doesn't cross-compile, it only runs binaries that can be run natively on the base system. It just so happens that x86_64 can run i686 binaries natively, so you can build i686 on x86_64. Since i686 cannot run x86_64, you can't build x86_64 on i686. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Proposal: Python 3 in Fedora 13
Once upon a time, Josh Boyer jwbo...@gmail.com said: On Thu, Oct 01, 2009 at 01:15:09PM -0400, David Malcolm wrote: Scoping: - this work would target Fedora 13. I'd avoid pushing it into F12 until it's proven safe to do so I'm going to think on the overall proposal more, but I very very very much wish this sentence said I will not push this into F12 at all. Yeah, we seem to have too much churn going with some things as it is during a release. What possible reason would there be to push a major new component into an existing release? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Proposal: Python 3 in Fedora 13
Once upon a time, Kevin Kofler kevin.kof...@chello.at said: Jesse Keating wrote: Ditto. This is not something you would push as an update to a released product. I don't see why a parallel-installable python3/python3000 would cause any problems as an update. Are you able to guarantee that it will in no way interfere with python2 (including in the build root)? Major changes like that during a release are what get Fedora considered a rolling beta quality distribution. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: PPC/PPC64 disabled in Koji for dist-f13
Once upon a time, Tom Lane t...@redhat.com said: Jeff Garzik jgar...@pobox.com writes: The lack of big endian builds by default is a notable loss, and will lead to a decline in software quality. I think this is a net-negative for Fedora. I think the same, but it's getting harder to find PPC machines. Is there another big-endian platform that is on the upswing? IIRC ARM can be, but I think many (most?) ARM platforms that would support Fedora are little-endian. SPARC is big-endian but is not on the upswing. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Latest updates are missing a dependency
Once upon a time, Bill Davidsen david...@tmr.com said: Given that the upgrade installs a new kernel (2.6.30.8-64 from memory) which doesn't do networking, more than chill is required. I did this to my production laptop, then managed to do it again on a desktop. Since it happened after midnight, I just saved a dmesg for investigation, I assume all networking is dead since the desktop had the same problem. I loaded 2.6.30.8-64.x86_64 on my desktop at home last night and it worked fine (networking included). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: status of forked zlibs in rsync and zsync
Once upon a time, Josephine Tannhäuser josephine.tannhau...@googlemail.com said: 2009/9/29 Rahul Sundaram sunda...@fedoraproject.org Bundling a library is not ideal but removing rsync would be a extreme step. I believe this isn't a technical problem, more a psychological one. Fedora is a (software) technic orientated project, or? Since rsync is used in the distribution of Fedora, removing it _would_ be a technical problem. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Buyer Beware: A Major Change in NFS is about to happen
Once upon a time, Steve Dickson ste...@redhat.com said: On the server (Which is suggested): * Add the following entry to the /etc/exports file: / *(ro,fsid=0) Note: 'fsid=0' is explained in the exports(5) man pages. The suggested solution is to change your NFS servers (that work just fine with other clients today) to export the root filesystem to everybody? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: yum-presto not on by default
Once upon a time, Matthias Clasen mcla...@redhat.com said: Neither of these will happen because they require esoteric knowledge of yum plugins that users don't have. So if we turn it off by default, it will not be used by a significant percentage of the people for whom it is beneficial. If it impacts update performance by default, then it should be off, or we'll have another thing added to the oft-repeated Fedora fixes list (like yum remove pulseaudio, turn off SELinux, etc.). Lots of users are connected to high-speed Internet, so their update performance should not be impacted to help those that are not as well connected. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: fedoraproject.org down (ipv6 only)
Once upon a time, Matt Domsch matt_dom...@dell.com said: The MaxMind GeoIP IPv6 database only has a couple thousand entries, so it's bound to have gaps. If it has more than 1870, then it probably is good. That's how many active IPv6 routes there are in my (default-free) BGP IPv6 routing table right now. Most ISPs (even many of the largest) only have one prefix in use, at least right now. Also, the IPv6 space is supposed to be less fragmented when it comes to location. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: fedoraproject.org down (ipv6 only)
Once upon a time, Todd Zullinger t...@pobox.com said: The records were added in the past few hours. If it's causing any problems the folks in #fedora-admin on irc.freenode.net would probably like to know. That, or file a ticket with the infrastructure team via https://fedorahosted.org/fedora-infrastructure/ (this requires a Fedora Account). It appears that the mirrormanager is not handling IPv6 correctly. I have a Hurricane Electric IPv6 tunnel (from Ashburn, Virginia) to my home network, and now mirrormanager is giving me non-geolocated URLs. I needed to install something, and one hit downloaded from Brazil, and the next hit from Russia. I've filed this here: https://fedorahosted.org/fedora-infrastructure/ticket/1645 -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: fedoraproject.org down (ipv6 only)
Once upon a time, Todd Zullinger t...@pobox.com said: I recall Matt Domsch mentioning this when he set things up yesterday. The geo-ip information available to mirrormanager from Maxmind isn't very complete. I was just looking to see if Maxmind had an IPv6 database (we use Maxmind's country database that is available for free here), and they show US for my IPv6 IP. I would guess there's a bug in mirrormanager's handling of IPv6 and geoip lookups. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: fedoraproject.org down (ipv6 only)
Once upon a time, Michael Cronenworth m...@cchtml.com said: I waited 24 hours and I still don't see a ping response or HTTP. It may be my end though since others are reporting it working. $ traceroute6 fedoraproject.org traceroute to fedoraproject.org (2610:28:200:1::fed0:1), 30 hops max, 80 byte packets 1 2002:615d:dfb4:1::1 (2002:615d:dfb4:1::1) 1.965 ms 2.555 ms 2.443 ms 2 * * * 3 sl-bb1v6-sea-t-1001.sprintv6.net (2001:440:1239:1008::2) 75.719 ms 76.949 ms 76.893 ms 4 2001:440:1239:1013::2 (2001:440:1239:1013::2) 101.082 ms 100.954 ms 100.893 ms I also have an IPv6 tunnel to Sprint, and I see it working: traceroute6 to fedoraproject.org (2610:28:200:1::fed0:1) from 2001:440::ff4b::2, 64 hops max, 12 byte packets 1 sl-bb1v6-fw-t-37.sprintv6.net (2001:440::ff4b::1) 21.514 ms 21.615 ms 21.472 ms 2 sl-bb1v6-sea-t-1001.sprintv6.net (2001:440:1239:1008::2) 88.558 ms 88.986 ms 88.611 ms 3 2001:440:1239:1013::2 (2001:440:1239:1013::2) 112.097 ms 112.111 ms 128.273 ms 4 ge-0-1-0.82.rtr.salt.net.internet2.edu (2001:468:ff:17c4::1) 139.529 ms 140.165 ms 139.725 ms 5 * * * 6 * * * 7 * * * 8 2001:468::155::2 (2001:468::155::2) 143.351 ms 161.345 ms 161.480 ms 9 2610:28:10e:2::1 (2610:28:10e:2::1) 146.344 ms 145.950 ms 147.411 ms 10 2610:28:105:13::2 (2610:28:105:13::2) 145.395 ms 148.297 ms 146.027 ms 11 2610:28:200:1::fed0:1 (2610:28:200:1::fed0:1) 146.802 ms !P 150.567 ms !P 150.150 ms !P -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: fedoraproject.org down (ipv6 only)
Once upon a time, Michael Cronenworth m...@cchtml.com said: I see fedoraproject.org has a record now (how new is that?) but the IP is not responding today. Access to fedoraproject was working up until today so I'm not sure if the record is brand new today or if it's just down. $ ping6 fedoraproject.org PING fedoraproject.org(2610:28:200:1::fed0:1) 56 data bytes ^C --- fedoraproject.org ping statistics --- 11 packets transmitted, 0 received, 100% packet loss, time 10721ms It has been just over an hour since your message, but it works for me now: $ ping6 -c1 fedoraproject.org PING fedoraproject.org(2610:28:200:1::fed0:1) 56 data bytes 64 bytes from 2610:28:200:1::fed0:1: icmp_seq=1 ttl=56 time=57.6 ms --- fedoraproject.org ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 57ms rtt min/avg/max/mdev = 57.627/57.627/57.627/0.000 ms -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: TeX Live 2009 for Fedora
Once upon a time, Mary Ellen Foster mefos...@gmail.com said: Another related upgrade issue: texlive-psutils doesn't obsolete psutils ... (is there a better place to note this sort of thing?) Why would texlive replace a stand-alone package (that has been around forever as a stand-alone package)? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Fedora And Virtualization
Once upon a time, Tom Horsley tom.hors...@att.net said: True. The xen paravirtualization is indeed fast, but needs kernel support in the VM with a paravirt aware kernel, which you can get for linux kernels (sometimes, depending on the current state of patches) I think all the paravirt kernel patches are upstream now. Fedora has been shipping paravirt-capable kernels for a while now, and I don't think there are extra patches to support that. The non-upstreamed, patches still needed piece is the Xen hypervisor itself. That's the part that Fedora has _not_ shipped for a while, due to the workload of trying to maintain patches against current kernels. The nice thing about Xen (vs. KVM) is that when a paravirt OS is available (e.g. almost any Open Source OS), you don't need any special hardware to get a near-full-speed virtual host. With KVM, you must have a CPU with virtualization extensions supported and enabled. AMD leaves hardware-virt out of a few of the low-end CPUs, and Intel a few more. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: virt-install - Custom Disk layout Missing while instalation
Once upon a time, Mohammad Mateen Aslam mateenas...@hotmail.com said: Everything goes fine and until i reached to disk partition step where i find no custom layout option ... More over it dont ask for any software packages and just do standard installation. what to do to have custom package installer. IIRC, the text mode installer lost some of these options in F11 (nothing to do with virtualization). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: quotas on nfs share
Once upon a time, Aldo Foot luni...@gmail.com said: On Wed, Aug 12, 2009 at 9:25 PM, Chris Adamscmad...@hiwaay.net wrote: ...snip... If you want to edit quotas remotely, you have to use the -r option to edquota. This also requires adding the -S option to the rpc.rquotad call (in /etc/sysconfig/nfs on Fedora), but only works in rpc.rquotad was compiled with that support; the version in F9 and F10 was not, but F11 includes this support. I wanted to report back on this. From my f11 box I tested using 'edquota -r' and it does see the nfs export with quotas in it. I tried to edit quotas by entering numbers, but I cannot save the changes because, unfortunately, my Centos 5.3 server does not support the -S option to rpc.quotad, even tough the rquotad man page explicitly mentions the -S, --setquota options. I modified the CentOS server /etc/sysconfig/nfs options, but rquotad does not like -S. Since CentOS is based on RHEL, the newest RHEL is RHEL 5, RHEL 5 is based on FC6, and this option wasn't enabled in Fedora until F11 (hey, I can chain logic :-) ), I'm not suprised it isn't enabled in CentOS. I believe CentOS tries to stay as close to RHEL as possible, so I wouldn't expect them to change this unless Red Hat does. I am kind of suprised that Red Hat doesn't have this enabled though; there is a bug request to have this changed: https://bugzilla.redhat.com/show_bug.cgi?id=469753 Another bug: https://bugzilla.redhat.com/show_bug.cgi?id=497013 it is stated that this will not change for RHEL 5. Maybe this will change for RHEL 6 (since it is now enabled in F11). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Updates lacking descriptions
Once upon a time, Ralf Corsepius rc040...@freenet.de said: On 08/13/2009 06:55 PM, Josh Boyer wrote: Two wrongs does not make a right. Everyone needs to stop the back and forth on this now. And censorship doesn't make it better. Asking people to try to be polite or to take a break when discussions get heated is not censorship. I strongly think Fedora would be better without ... That is far over the line for acceptable behavior. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: quotas on nfs share
Once upon a time, Aldo Foot luni...@gmail.com said: From what you say, it appears the only difference is that I have a CentOS server and an F11 client. So far, I've only used remount to enable the quotas on the server. I'll see what reboot does. I'll try the 'edquota -r'. mount -o remount will not actually enable quotas, at least on ext3. usrquota and grpquota are not options that can be changed while the filesystem is mounted. You must unmount the filesystem and mount it with quotas enabled or reboot the server. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: quotas on nfs share
Once upon a time, Aldo Foot luni...@gmail.com said: I cannot believe that it's not possible to enable nfs quotas *on fedora* at all. I guess this is not done frequently enough to catch people's attention. With NFS, quotas are set up on the server's underlying filesystem. You then run rpc.rquotad on the server (which the Fedora nfs init script starts by default). I just set up quotas on my home NFS server (which is still running F9). I had to reboot to get them enabled on the filesystem (probably could have unmounted/remounted and then restarted NFS services, but this box reboots in under a minute anyway). I can see them with the quota command on the NFS client, and they are enforced. If you want to edit quotas remotely, you have to use the -r option to edquota. This also requires adding the -S option to the rpc.rquotad call (in /etc/sysconfig/nfs on Fedora), but only works in rpc.rquotad was compiled with that support; the version in F9 and F10 was not, but F11 includes this support. None of the other quota commands (such as quotacheck, quotaon, etc.) work on the NFS client, because those operate directly on the local filesystem only. All of this works fine for me between an F9 NFS server and an F11 NFS client, except for the rpc.rquotad -S option (which should work when I get the NFS server upgraded). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Lower Process Capabilities
Once upon a time, Bill McGonigle b...@bfccomputing.com said: Doesn't SELinux already support allowing non-root users to have access to low-numbered ports? AFAIK SELinux introduces additional controls and does not replace or override existing controls. I'm pretty sure non-root still can't directly listen on a low-numbered port. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Updated Anaconda packages
Once upon a time, Jeff Garzik jgar...@pobox.com said: I think back to my days as a Solaris sysadmin in the late 90's, where ordering the latest media kit (CD-ROM) from Sun meant I got a fresh installer, fresh kernel, and all recommended patches. IIRC Sun only spun that a couple of times per year though (at most maybe once per quarter, but I don't remember it being that often). That was also because installing Sun recommended patch clusters was another kind of cluster. :-) -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Updated Anaconda packages
Once upon a time, Jeff Garzik jgar...@pobox.com said: Chris Adams wrote: IIRC Sun only spun that a couple of times per year though (at most maybe once per quarter, but I don't remember it being that often). Incorrect, for our shop at least. They regenerated every month, and were dated thusly. I saw releases dated monthly, but I never saw releases that had actually been updated every month (but that may have just been me). They might have moved to quarterly in the 2000's, after the Internet bubble; I dunno. I was doing Linux by then :) Oh, I was off of Slowaris in mid-1998. Sun also charged bucket-loads of money at the time for Solaris support, so I expect they could afford the QA. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Three kinds of packages
Once upon a time, Bill Davidsen david...@tmr.com said: Save it for some politics group, anyone who doesn't think scanning phone conversations and email without warrant and torture are okay should go to alt.fan.rush-limbaugh. This is not the place. You are the one that brought the political crap up here (and you can stick Rush Limbaugh where the sun don't shine as far as I'm concerned). This has been discussed on the LKML, please read there. The last opinion I saw of any authority said that using header files did not make it a derived work. Please discuss that elsewhere. Again, you brought it up here. There's more than header files involved in some of these things. People treat use of header files or linking as the line between derived and not derived, but it isn't as clear cut as that (ask a lawyer). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Three kinds of packages
Once upon a time, Bill Davidsen david...@tmr.com said: I would just like to remind people that there are not two (Fedora and non-free) kinds of package, but three, the totally free (Fedora), the close source but legal (fglrx and similar vendor drivers), and the only legal in the free world, restricted in fascist countries. I mention this because vendor drivers, while not open source, are free and legal to use and redistribute. So let's not talk about rpmfusion and *forge software as illegal, much of it is not, even in the USA. Aside from calling the US fascist (which is a little over the top, especially since the US isn't the only country that has allowed and/or enforced the stupid patents), you're wrong on another point. A number of the closed source kernel modules are of questionable legality (and not just in the US), because they may be derived works of the Linux kernel. A derived work of the kernel must be GPLv2, which can't be closed source. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
F11 GNOME: How to get the terminal bell back?
In both plain old xterm and gnome-terminal, the terminal bell (e.g. from tab completion, ping -a, etc.) is now captured by GNOME and plays a sound effect instead of just beeping the PC speaker. I guess that's nice if you like sound effects and/or your PC speaker doesn't work, but I want the plain old beep back? How do I get that? If I go to Preferences-Sound, I can only change the sound effect or disable it; I can't get the PC speaker to beep. I guess I'd like to leave the GNOME alert sound to a sound effect (I don't really care about it); I just want my xterms to beep at me like they have for the last 18 years. The sound effects really suck for ping -a; they are all a little too long (most of the time), so instead of a regular beep-per-second, you get intermittent sound effects and silence. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Best way to send SMS messages
Once upon a time, Bill Davidsen david...@tmr.com said: Any thoughts on the optimal solution? It would be useful to be able to send a standard SMS like a human text, rather than one of those eMail to SMS gateways which send all the headers and such. I have a Multi-Tech GSM modem attached via USB. I use gnokii-smsd, which uses a database (MySQL in my case) to queue inbound and outbound messages. I have a simple perl script that inserts a message into the outbound table, and gnokii-smsd sends it (we use this with Nagios for alerting). We have an ATT contract at work, so we ordered another line (and phone and SIM) with unlimited text messaging. You have to put the SIM card into a phone to activate it with ATT (they don't send them out ready to use), and then you just stick the SIM card in the modem. I think with T-Mobile (the other GSM provider in the US), you can get just a SIM (no phone) and it will be ready to use when you get it. I believe that Multi-Tech also has CDMA phones that can be used with either Sprint or Verizon, but I'm not sure exactly how that works (how you get them activated and such). I had to make some changes to the kernel ti_usb_3410_5052 module to load different firmware for the Multi-Tech modem, but it should work out of the box with kernel 2.6.29 and newer (my changes went upstream in that version). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Heads Up: e2fsprogs library split-out
Once upon a time, Eric Sandeen sand...@redhat.com said: There have been a few requests to split out the various libraries in e2fsprogs into subpackages: libcom_err(-devel) libss(-devel) libuuid(-devel) Note that libblkid(-devel) has already been split out as it is now part of util-linux-ng (thanks to kzak!) - an email was sent previously about that. The following packages have BuildRequires: on e2fsprogs-devel, so depending on what libs they required from the package, they may need to shift to one of these new subpackages when they go in (hopefully today or tomorrow). I'll send another follow-up mail when it's done. Thanks, -Eric cmadams: ufiformat This uses libext2fs (for checking if a device is mounted), so no change is needed there. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: FESCo meeting summary for 2009-06-26
Once upon a time, Kevin Kofler kevin.kof...@chello.at said: But why can't it say GNOME Desktop Edition? ISTR FESCo voted that down. How about moving on to something more productive? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: FESCo meeting summary for 2009-06-26
Once upon a time, Kevin Kofler kevin.kof...@chello.at said: Sure, why not? If they haven't figured out what CPU they have by then (and we should make it easy for them by providing an information page listing common 32-bit and 64-bit CPUs linked on the download page), they learn their lesson. Think before you download a huge ISO! A lot of users think they have a Dell CPU. The result of giving them one that doesn't work will be try something else before you download Fedora. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: F11: Static linking now impossible?
Once upon a time, Tom Horsley tom.hors...@att.net said: I'm sure I told it to install all the software development package groups, but I just tried this: tomh gcc -g -static -o fact /usr/lib/NightView/fact.c Static linking doesn't guarantee a binary that doesn't look for dynamic libraries at run-time and doesn't get sub-arch specific code (among other reasons), so it is discouraged. Why are you trying to link statically? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Why do we need FC version attached to the package name?
Once upon a time, Simon Andrews simon.andr...@bbsrc.ac.uk said: 1) All of our servers have to access the internet via a proxy. At least within the Anaconda UI there doesn't appear to be any support for configuring proxies so I'm forced into kickstart / shells / extra boot options to upgrade? IIRC you have to do it on a repo by repo basis. At the selection screen, when the active repos are listed in the bottom half, you can click on a repo and configure proxy settings there (again IIRC). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Why do we need FC version attached to the package name?
Once upon a time, Simon Andrews simon.andr...@bbsrc.ac.uk said: Can anaconda handle wireless network connections for upgrades? I think it can, for the NICs supported out-of-the-box. I haven't tried it, but I know my wireless NIC shows up on my notebook. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rpm AutoRequires/AutoProvides and dsos not in linker path, do we care ?
Once upon a time, Caolán McNamara caol...@redhat.com said: The concern is that the autorequires/provides operate in a flat namespace and that eventually there'll be some conflation where something linking to /usr/lib/foo.so will force sucking in a package that provides /usr/lib/package/plugins/foo.so instead It has happened with perl modules already. mrtg has a private copy of the perl SNMP_Session, SNMP_util, and BER modules (all from SNMP_Session) and auto-provided them. Since mrtg is shorter than perl-SNMP_Session, mrtg was chosen to provide those dependencies, which didn't work. mrtg is still auto-providing a bunch of internal modules; only the SNMP_Session modules were filtered out. That's just one I've personally had to deal with. In a perfect world, the solution would be something along the lines of: - generate the auto-provides for system directories separate from package-provided directories - generate the auto-requires - filter everything auto-provided from package-provided directories out of both the provides and requires I'm sure that would still break something though. You'd have to have a way to flag additional directories as system for packages that extend the system directories list (e.g. by dropping something in /etc/ld.so.conf.d). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rpm AutoRequires/AutoProvides and dsos not in linker path, do we care ?
Once upon a time, Chuck Anderson c...@wpi.edu said: b.2) extend the autorequires/autoprovides in some (handwaves) way to better indicate the desired match I like this idea better. AutoReq/Prov should only search system-wide deafult search paths for .so's, perl modules, and any other such objects that it supports. That breaks things, because a program in /usr/bin may require a module or library in a private directory. You have to search all directories for provides to satisfy internal requires. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rpm AutoRequires/AutoProvides and dsos not in linker path, do we care ?
Once upon a time, Adam Jackson a...@redhat.com said: Really we just need the moral equivalent of %exclude for autoreqprovs. Yeah, I said that years and years ago, but RPM didn't want it. Having many many packages with their own hacked versions of scripts to exclude autoreqprovs is silly (and a maintenance mess). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Changing the default 32-bit x86 arch for Fedora 12 (#2)
Once upon a time, Bill Nottingham nott...@redhat.com said: Why? - We don't really support i586 in any meaningful matter What does this mean? Does Fedora not run on i586? Why was there a mass-rebuild for i586 if it doesn't work? - We are likely doing a mass rebuild for F-12 anyways, might as well switch while we're doing it That's a pretty poor justification. - Atom is the only currently produced 32-bit x86 chip of note; optimize for what's currently available There are also lots of other chips that people run 32 bit x86 code on. I don't think Atom is a majority percentage of 32 bix x86 Fedora users either. If you want numbers, I did some benchmarking of code [1] with various build options on a variety of processors, with the F-11 gcc code. All of these results are relative to a F-11 baseline of -march=i586 -mtune=generic. P4 2.4Ghz Athlon 3400+Core2Duo E6850 Atom N270 march=i686/ -1.1% +2.0% +0.9% +0.6% mtune=generic march=i586/ +0.3% -0.3% -0.2% +1.3% mtune=atom march=i686/ -1.5% +1.2% +0.5% +1.7% mtune=atom Bill [1] gzip, bzip2, math simulation, mp3 encode/decode, ogg encode/decode Okay, before I thought you said this was a 1-2% improvement across the board, but now it is a 1% improvement on some CPU-intensive operations on some CPUs (and a 1% performance hit on other CPUs). How does this affect multilib on x86_64? The justification for the i586 rebuild was that there hasn't been a Fedora i386 kernel for years (so i586 was already required anyway). This is the first time Fedora is proposing to throw out CPU support in a long long time, and I find a minimal improvement on some targeted benchmarks a poor justification. It would seem to me that adding a few targeted Atom packages would be a better use of resources (e.g. similar to openssl.i686). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Changing the default 32-bit x86 arch for Fedora 12 (#2)
Once upon a time, drago01 drag...@gmail.com said: Is this (bloated code) really a problem if the code runs faster? Bloated code: == more disk space (not too critical except for LiveCD type setup) == more RAM usage (most have lots of RAM so not too bad) == more cache misses (slows down code because of waiting on RAM) -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Changing the default 32-bit x86 arch for Fedora 12 (#2)
Once upon a time, Bill Nottingham nott...@redhat.com said: Chris Adams (cmad...@hiwaay.net) said: How does this affect multilib on x86_64? It doesn't. What I meant was what was the impact on running 32 bit binaries on the 64 bit OS (e.g. run your benchmarks there as well). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Changing the default 32-bit x86 arch for Fedora 12
Once upon a time, Bill Nottingham nott...@redhat.com said: Jon Ciesla (l...@jcomserv.net) said: Additionally, what will this do to RHEL? I can't imagine RHEL customers being too happy about this for RHEL7(?), and if i386 would still be in RHEL, it would worry me that it would only be a secondary arch in Fedora. . . Not that it matters for Fedora, but I doubt many people are paying $whatever_the_price_of_RHEL_is to run on a 6, 7, 10-year old machine. And RHEL 5 only supports (base) i686 or greater already. RHEL 5 doesn't require SSE2 and runs just fine on PIII and Athlon XP. I think the big question is this: is this worth the effort? Almost all the new systems should just be running x86_64 anyway. Why does x86 (32 bit) need to throw out working architectures? Adding them back as a secondary arch just increases the workload (for somebody) that much more. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Changing the default 32-bit x86 arch for Fedora 12
Once upon a time, Bill Nottingham nott...@redhat.com said: Because that's significantly less of our userbase. I'd love to have harder numbers, but we're still talking about a set of CPUs that (outside of corner cases like the Geode and C3) ceased production anywhere from 4 (Athlon) to 6 (P3) to 10 (P2) years ago. But they are still useful CPUs with Linux (maybe not so much with Windows, but that's just another reason to support them for Fedora!). At work, I have a couple of DNS/RADIUS/email relay servers that are dual-PIII. I have several firewalls that are old Celeron (no SSE2). My desktop that I'm writing this on is an Athlon XP. I have a personal file/mail server that is an Athlon XP. All of these systems are working just fine at the jobs they do. For example, one dual-PIII is handling 3-6 email relays per second and 150-250 recursive DNS queries per second (24 hour averages). The disk I/O for the email is the biggest limiting factor. Removing support for still-functional hardware is a trademark of Microsoft, not Linux. I'd also argue that doing another full rebuild of the OS for a 1% performance gain on a single architecture is not a particularly production use of resources. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Changing the default 32-bit x86 arch for Fedora 12
Once upon a time, Bill Nottingham nott...@redhat.com said: What CPUs do we lose that F11 supports? - Intel Pentium Pro - Intel Pentium II - Intel Pentium III - 32-bit AMD Athlon Really? So Fedora i686 won't really be i686? That sucks, and is confusing. I still have a number of boxes in service that are i686 but not apparently i686. How can I tell the difference? Maybe it should be called something other than i686? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Do we need split media CDs for F12?
Once upon a time, Jesse Keating jkeat...@redhat.com said: If there are those that require split media, I'd much prefer that we as a project produce and test the split media as part of our normal development cycle, and not do it as some after thought after it's too late to fix any problems found. I agree with all of that. I just wanted to ask: have you considered just making split media for 32-bit x86? Is there really any demand for x86_64 and ppc split media? I know that wouldn't remove the anaconda support, but it would reduce some of the QA, time taken to build and distribute, disk space, etc. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Do we need split media CDs for F12?
Once upon a time, Jeremy Katz ka...@redhat.com said: See the livecd-iso-to-pxeboot script, although it does place some (somewhat) different requirements on things. AFAIK livecd-iso-to-pxeboot is useless for 32 bit, at least for the standard Fedora LiveCD images. I think the kernel will only use an initrd that is less than half the size of lowmem, or 448M. It would be useful to be able to export the root FS from a LiveCD via NFS, or maybe have an alternate initrd for PXE booting that could NFS mount the ISO image (and then the LiveCD root), or fetch the ISO into RAM via HTTP, or something along those lines. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Root Access
Once upon a time, Tim ignored_mail...@yahoo.com.au said: On Sun, 2009-06-14 at 12:41 +0100, Steve Searle wrote: What does logging in as root give you that can't be achieved by logging in as yourself and using su? I imagine the common problem being using a menu to fire off the things you want to configure. Everything that requires root access to configure should be prompting for it. If you find something that isn't, that's a bug and should be filed. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Do we need split media CDs for F12?
Once upon a time, Robert Marcano rob...@marcanoonline.com said: I think you are right about x86_64 probably is going to have a DVD Rom, I only have needed the CDs when installing i386 servers isolated from the internet. Remember, the minimum CPU for 32-bit x86 today is i586 (Pentium), and IIRC there was discussion about rebuilding for i686 (Pentium Pro). -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Do we need split media CDs for F12?
Once upon a time, Robert 'Bob' Jensen b...@fedoraunity.org said: I remember Seth talking a while back about yum's performance. As I remember, sure yum worked fine on his computers but try it on the OLPC. He then understood what the bugs and complaints were about. Uh, OLPC doesn't have a CD drive either AFAIK. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Why a multilib wrapper for non-multilib architectures?!
Once upon a time, Robert Scheck rob...@fedoraproject.org said:
can somebody please explain me, why we've multilib wrappers for packages
at non-multilib architectures such as arm, alpha, ia64 and sh?
multiarch != multilib
Just for starters, long before x86_64 came into the picture, we had
i386, i486, i586, and i686. On Alpha, you have (IIRC) ev4, ev5, ev6,
ev67, etc.
When the distro was i386 targeted, we still had a few packages (where it
made a performance difference) that were built for i386, i586, and i686,
all of which are %{ix86}.
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
