Re: [gentoo-user] Routing problem

2005-09-07 Thread Heinz Sporn 
Am Mittwoch, den 07.09.2005, 16:18 +0200 schrieb Patrick Marquetecken:
> Hi,
> 
> I have connected two sites with openVPN, this works fine all traffic goes
> trought the tunnels, and i can ping machines from one site to another.
> But, i can't ping a machine from siteA from openVPN from siteB. to make it
> compleet bizar the machine on siteA can ping the openVPN on siteB.
> 

It's rather hard to help you here. You described only the sympthoms but
didn't provide any basic details like IP-ranges on both sides, routes,
ovpn config, OpenVPN versions used, etc. etc.

And what do you mean by "I have connected two sites" ? Are we talking
Linux - Linux here, or is a Windoze box involved ? Firewalls in between?

> If i do a ping -R on the machine at siteA i see this:
> RR: 10.32.3.172 <- machine siteA
> 10.32.101.3 <- tunnel
> 10.32.16.52 <- openVPN siteB
> 10.32.16.52
> 10.32.3.51 <- must be 10.32.101.3 (openVPN siteA)
> 10.32.3.172
> It seems that the answer goes direct between the two openVPN machines and
> not the tunnel (10.32.101.x)
> There is a route  10.32.0.0 netmask 255.255.252.0 gw 10.32.101.3 dev tun1.
> 
> A ping from openVPN siteB to openVPN siteA
> RR: 10.32.101.4
> 10.32.3.51
> 10.32.3.51
> 10.32.101.4
> 
> My main portage server is in siteA and i would like to update my remore
> openVPN machines.
> This behaviour its not only with that machine but with all my other remote
> openVPN machines, all machines behind those does not have this kind of
> problems.
> 
> Anyone know a solution
> TIA
> -- 
> This is Unix-Land. In quiet nights, you can hear the Windows machines reboot.
-- 
Mit freundlichen Grüßen

Heinz Sporn

SPORN it-freelancing

Mobile:  ++43 (0)699 / 127 827 07
Email:   [EMAIL PROTECTED]
 [EMAIL PROTECTED]
Website: http://www.sporn-it.com
Snail:   Steyrer Str. 20
 A-4540 Bad Hall
 Austria / Europe

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Here is an amazing thing re OpenOffice:

2005-09-07 Thread Martin S 
Uninstall the standard OpenOffice first?

Martin S2005/9/8, Kevin O'Gorman <[EMAIL PROTECTED]>:
Actually, when I do what you say, I get

treat portage # emerge -a openoffice-bin

These are the packages that I would merge, in order:

Calculating dependencies ...done!
[blocks B ] app-office/openoffice (is blocking app-office/openoffice-bin-1.9.122)
[ebuild  N    ] app-office/openoffice-bin-1.9.122

!!! Error: The above package list contains packages which cannot be installed
!!!    on the same system.

treat portage #  
On 9/7/05, Michael Crute <
[EMAIL PROTECTED]> wrote:

On 9/7/05, Kevin O'Gorman <[EMAIL PROTECTED]
> wrote:
I am using gentoo because I want to be able to compile the latest and greatest.
How odd it is that I can only find OpenOffice 1.1.4, where the FedoraCore
machines at my school have had OpenOffice 2.0 all (Summer) term.

I've not done a lot with masked versions, but I do have universe, multiverse and
backports.  I see no signs of 2.0.

How can this be, gen-too-ers?  Surely, I'm missing something. What did I mess up?-- Kevin O'Gorman, PhD

Actually your Fedora boxes weren't
running 2.0 they where running 1.9 which is the beta for 2.0. If you
want to run that on Gentoo you need to add `app-office/openoffice-bin`
to your /etc/portage/package.unmask and `app-office/openoffice-bin
~x86` to your /etc/portage/package.keywords file then emerge
openoffice-bin. You didn't miss a thing, its just hard masked
development. because it's not stable and it does crash often enough but
its well worth the install.

Also as far as I know there is no such thing as universe, multiverse,
and backports gor Gentoo. In any case good luck getting it running,
once you get it unmasked its just as easy as the "real deal" (if you
will).

-Mike-- Michael E. CruteSoftware DeveloperSoftGroup Development CorporationLinux, because reboots are for installing hardware.
"In a world without walls and fences, who needs windows and gates?"

-- Go back to the top: I almost always top-postKevin O'Gorman, PhD

-- Regards,Martin S

[gentoo-user] gnome-spell build failing

2005-09-07 Thread Nelis Lamprecht 
Hi,

Can anyone tell me how to get past this little hurdle ?

>>> Unpacking gnome-spell-1.0.6.tar.bz2 to
/var/tmp/portage/gnome-spell-1.0.6/work
 * Applying gnome-spell-1.0.6-enchant.patch ...   
   [ ok ] * Applying
gnome-spell-1.0.6-combo.patch ... 
   [ ok ] * Runnig aclocal
/usr/share/aclocal/path_dps.m4:202: warning: underquoted definition of
AC_PATH_DPS_GUESS_GNUSTEP
  run info '(automake)Extending aclocal'
  or see http://sources.redhat.com/automake/automake.html#Extending-aclocal
/usr/share/aclocal/path_dps.m4:239: warning: underquoted definition of
AC_PATH_DPS_GUESS
/usr/share/aclocal/path_dps.m4:333: warning: underquoted definition of
AC_PATH_DPS_CHECK_LIB
/usr/share/aclocal/path_dps.m4:405: warning: underquoted definition of
AC_PATH_DPS_CHECK_HEADER
/usr/share/aclocal/path_dps.m4:440: warning: underquoted definition of
AC_PATH_DPS_CHECK
/usr/share/aclocal/path_dps.m4:450: warning: underquoted definition of
AC_PATH_DPS
/usr/share/aclocal/path_dps.m4:525: warning: underquoted definition of
AC_CHECK_DPS_NXAGENT
/usr/share/aclocal/path_dps.m4:558: warning: underquoted definition of
AC_PATH_DPSET
/usr/share/aclocal/path_dps.m4:579: warning: underquoted definition of
AC_PROG_PSWRAP
/usr/share/aclocal/path_dps.m4:172: file `path_dps.m4' does not exist

!!! ERROR: app-text/gnome-spell-1.0.6 failed.
!!! Function src_unpack, Line 43, Exitcode 1
!!! aclocal failed
!!! If you need support, post the topmost build error, NOT this status message.


Thanks.

Nelis

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Here is an amazing thing re OpenOffice:

2005-09-07 Thread Kevin O'Gorman 
Actually, when I do what you say, I get

treat portage # emerge -a openoffice-bin

These are the packages that I would merge, in order:

Calculating dependencies ...done!
[blocks B ] app-office/openoffice (is blocking app-office/openoffice-bin-1.9.122)
[ebuild  N    ] app-office/openoffice-bin-1.9.122

!!! Error: The above package list contains packages which cannot be installed
!!!    on the same system.

treat portage #  
On 9/7/05, Michael Crute <[EMAIL PROTECTED]> wrote:
On 9/7/05, Kevin O'Gorman <[EMAIL PROTECTED]
> wrote:
I am using gentoo because I want to be able to compile the latest and greatest.
How odd it is that I can only find OpenOffice 1.1.4, where the FedoraCore
machines at my school have had OpenOffice 2.0 all (Summer) term.

I've not done a lot with masked versions, but I do have universe, multiverse and
backports.  I see no signs of 2.0.

How can this be, gen-too-ers?  Surely, I'm missing something. What did I mess up?-- Kevin O'Gorman, PhD

Actually your Fedora boxes weren't
running 2.0 they where running 1.9 which is the beta for 2.0. If you
want to run that on Gentoo you need to add `app-office/openoffice-bin`
to your /etc/portage/package.unmask and `app-office/openoffice-bin
~x86` to your /etc/portage/package.keywords file then emerge
openoffice-bin. You didn't miss a thing, its just hard masked
development. because it's not stable and it does crash often enough but
its well worth the install.

Also as far as I know there is no such thing as universe, multiverse,
and backports gor Gentoo. In any case good luck getting it running,
once you get it unmasked its just as easy as the "real deal" (if you
will).

-Mike-- Michael E. CruteSoftware DeveloperSoftGroup Development CorporationLinux, because reboots are for installing hardware.
"In a world without walls and fences, who needs windows and gates?"

-- Go back to the top: I almost always top-postKevin O'Gorman, PhD

Re: [gentoo-user] Make a running process nohup?

2005-09-07 Thread Willie Wong 
On Thu, Sep 08, 2005 at 10:12:52AM +0800, Ow Mun Heng wrote:
> I think you guys missed the point. OP mentioned "Running Process"
> 
> Not sure what disown does since there's no man pages on it. (as
> suggested by Matthew Cline)
> 

And Matthew also said it was a Bash bulletin, so you should man bash
instead of man disown. 

Let me quote some juicy bits for the list:

...

   The shell exits by default upon receipt of a SIGHUP.   Before  exiting,
   an  interactive  shell  resends  the  SIGHUP  to  all  jobs, running or
   stopped.  Stopped jobs are sent SIGCONT to ensure that they receive the
   SIGHUP.   To  prevent the shell from sending the signal to a particular
   job, it should be removed from the jobs table with the  disown  builtin
   (see  SHELL  BUILTIN  COMMANDS  below)  or marked to not receive SIGHUP
   using disown -h.

...

   disown [-ar] [-h] [jobspec ...]
  Without options, each jobspec  is  removed  from  the  table  of
  active  jobs.   If  the  -h option is given, each jobspec is not
  removed from the table, but is marked so that SIGHUP is not sent
  to  the  job  if  the shell receives a SIGHUP.  If no jobspec is
  present, and neither the -a nor the -r option is  supplied,  the
  current  job  is used.  If no jobspec is supplied, the -a option
  means to remove or mark all jobs; the -r option without  a  job-
  spec  argument  restricts operation to running jobs.  The return
  value is 0 unless a jobspec does not specify a valid job.


-- 
English lessons for programmers #28: 
"Fewer" if of type int; where as "less" is of type double. 
Sortir en Pantoufles: up 27 days,  9:08
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] davfs errors - solved

2005-09-07 Thread W.Kenworthy 
Solved, a combination of the latest davfs requiring a trailing slash on
the URL specification which it didnt before, and bug #102542 (thanks
Alexander Skwar)

BillK


On Thu, 2005-09-08 at 09:51 +0800, W.Kenworthy wrote:
> Has anyone been able to get the latest davfs2 to work with kernel
> 2.6.13?  Cadaver works fine to two servers (one ssl, one plain), whilst
> davfs gives (with both):
> 
> bunyip ~ # mount.davfs http://myserver/mydir /mnt/mydir
> Please enter the username for authentication with server
> http://myserver/mydir or hit enter for none.
> Username: me
> Please enter the password to authenticate me with server
> http://myserver/mydir or hit enter for none.
> Password:
> Could not contact server:
> 301 Moved Permanently
> mount.davfs: Could not connect to http://myserver/mydir
> bunyip ~ # cadaver http://myserver/mydir
> Authentication required for myserver on server `myserver':
> Username: me
> Password:
> dav:/mydir/> quit
> Connection to `myserver' closed.
> bunyip ~ # 
> 
> I have access to one of the apache servers (gentoo
> net-www/apache-2.0.54-r9) and it shows:
> 
> Sep  8 09:21:26 moriah apache2: MYIP# - - 08/Sep/2005:09:21:26 +0800
> OPTIONS /mydir/ HTTP/1.1 401 533 - cadaver/0.22.2 neon/0.24.7
> Sep  8 09:21:36 moriah apache2: MYIP# - me 08/Sep/2005:09:21:35 +0800
> OPTIONS /mydir/ HTTP/1.1 200 - - cadaver/0.22.2 neon/0.24.7
> Sep  8 09:21:36 moriah apache2: MYIP# - me 08/Sep/2005:09:21:36 +0800
> PROPFIND /mydir/ HTTP/1.1 207 683 - cadaver/0.22.2 neon/0.24.7
> Sep  8 09:31:12 moriah apache2: MYIP# - - 08/Sep/2005:09:31:12 +0800
> OPTIONS / HTTP/1.1 200 - - davfs2 0.2.4 neon/0.24.7
> Sep  8 09:31:12 moriah apache2: MYIP# - - 08/Sep/2005:09:31:12 +0800
> PROPFIND / HTTP/1.1 405 368 - davfs2 0.2.4 neon/0.24.7
> Sep  8 09:31:12 moriah apache2: MYIP# - - 08/Sep/2005:09:31:12 +0800
> PROPFIND / HTTP/1.1 405 368 - davfs2 0.2.4 neon/0.24.7
> 
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Here is an amazing thing re OpenOffice:

2005-09-07 Thread Kevin O'Gorman 
Oh, um er, right.  All that stuff is another distro.  I'm an equal opportunity newbie,
and its making me crazier than usual.

And I guess I got over-impressed with the opening screen, which says 2.0.
I don't have admin priviliges there, and never asked what the package version is.

I'll try your formula and see what happens.

++ kevinOn 9/7/05, Michael Crute <[EMAIL PROTECTED]> wrote:
On 9/7/05, Kevin O'Gorman <[EMAIL PROTECTED]
> wrote:
I am using gentoo because I want to be able to compile the latest and greatest.
How odd it is that I can only find OpenOffice 1.1.4, where the FedoraCore
machines at my school have had OpenOffice 2.0 all (Summer) term.

I've not done a lot with masked versions, but I do have universe, multiverse and
backports.  I see no signs of 2.0.

How can this be, gen-too-ers?  Surely, I'm missing something. What did I mess up?-- Kevin O'Gorman, PhD

Actually your Fedora boxes weren't
running 2.0 they where running 1.9 which is the beta for 2.0. If you
want to run that on Gentoo you need to add `app-office/openoffice-bin`
to your /etc/portage/package.unmask and `app-office/openoffice-bin
~x86` to your /etc/portage/package.keywords file then emerge
openoffice-bin. You didn't miss a thing, its just hard masked
development. because it's not stable and it does crash often enough but
its well worth the install.

Also as far as I know there is no such thing as universe, multiverse,
and backports gor Gentoo. In any case good luck getting it running,
once you get it unmasked its just as easy as the "real deal" (if you
will).

-Mike-- 


-- Go back to the top: I almost always top-postKevin O'Gorman, PhD

[gentoo-user] Re: Make a running process nohup?

2005-09-07 Thread Moshe Kaminsky 
Hi,

* Qiangning Hong <[EMAIL PROTECTED]> [07/09/05 12:20]:
> 
> Is it possible make a running process nohup so that I can leave it
> running after I logout without interrupt it?

I don't know a standard way to do it, but I think what might work is to 
run gdb within screen, in gdb say 'attach ' (where  is the 
process id of your process), then say 'handle SIGHUP ignore nostop' and 
finally 'cont' to continue the program. Didn't try it.

Moshe

> 
> -- 
> Qiangning Hong
> http://www.hn.org/hongqn (RSS: http://feeds.feedburner.com/hongqn)
> 
> Registered Linux User #396996
> Get Firefox! 
> Thunderbird! 
> -- 
> gentoo-user@gentoo.org mailing list
> 

-- 
I love deadlines. I like the whooshing sound they make as they fly by. 
-- Douglas Adams

Moshe Kaminsky <[EMAIL PROTECTED]>
Home: 08-9456841



pgp6lsCSygUxZ.pgp
Description: PGP signature

Re: [gentoo-user] Determine the original installation date

2005-09-07 Thread Volker Armin Hemmann 
On Wednesday 07 September 2005 22:36, Vernon A. Fort wrote:
> With redhat/fedora, you could find WHEN the box was installed using rpm
> -qi basesystem.  I am switching most of my boxes to gentoo and I would
> like to tell when the ORIGINAL install occured.  Any pointers?
>
> Vernon

have a look into /etc?

Some of the files there got created but never change, so you may be lucky...

hm, I installed this box december 2002? wow...
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Determine the original installation date

2005-09-07 Thread Nick Rout 
On Wed, 2005-09-07 at 22:35 -0400, Willie Wong wrote:
> On Thu, Sep 08, 2005 at 01:04:41PM +1200, Nick Rout wrote:
> > emerge genlop
> > genlop -l | head
> > 
> 
> actually, this is exactly the same as just typing 
> 
> head /var/log/emerge.log
> 
> genlop is an emerge.log parser after-all. So both suffers the same
> deficiency that if you logrotate emerge.log, then you lose the
> information. 

all true i guess, i don't logrotate mine for that very reason.

> 

-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] mplayer and/or X optimization

2005-09-07 Thread Volker Armin Hemmann 
On Thursday 08 September 2005 05:58, Walter Dnes wrote:
> On Wed, Sep 07, 2005 at 06:47:38PM +0200, Volker Armin Hemmann wrote
>
> > you have to load dri in the modules section first (and glx maybe too).
> > BUT from your log: your card is to new for dri/render, so it falls
> > back to some.. I don't know-mode ;)
>
>   The log file now says...
>
> (**) RADEON(0): PCI Express not supported yet, using PCI mode
>
>   So much for that idea.  The Gatos project page on Sourceforge says
> they've recently received docs and sample hardware from ATI, and work is
> under way to support this card.  But nothing released yet.  Before I
> send off my dead machine to the re-cycling centre, would a Radeon 7000
> be better supported?  I can pull that card from the dead machine and try
> it out.

you should definitely try it.
The elderly radeon cards are more or less well supported.
 I don't had ATi cards since I sold my Xpert2000 some years ago, BUT when I 
remember right the articles I read, the Radeon7000 (up to 9200, but ATI users 
can say more about this) should be very well supported by the dri/gatos 
drivers.

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] mplayer and/or X optimization

2005-09-07 Thread Walter Dnes 
On Wed, Sep 07, 2005 at 06:47:38PM +0200, Volker Armin Hemmann wrote

> you have to load dri in the modules section first (and glx maybe too).
> BUT from your log: your card is to new for dri/render, so it falls
> back to some.. I don't know-mode ;)

  The log file now says...

(**) RADEON(0): PCI Express not supported yet, using PCI mode

  So much for that idea.  The Gatos project page on Sourceforge says
they've recently received docs and sample hardware from ATI, and work is
under way to support this card.  But nothing released yet.  Before I
send off my dead machine to the re-cycling centre, would a Radeon 7000
be better supported?  I can pull that card from the dead machine and try
it out.

-- 
Walter Dnes <[EMAIL PROTECTED]>
My musings on technology and security at http://tech_sec.blog.ca
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Here is an amazing thing re OpenOffice:

2005-09-07 Thread Michael Crute 
On 9/7/05, Kevin O'Gorman <[EMAIL PROTECTED]> wrote:
I am using gentoo because I want to be able to compile the latest and greatest.
How odd it is that I can only find OpenOffice 1.1.4, where the FedoraCore
machines at my school have had OpenOffice 2.0 all (Summer) term.

I've not done a lot with masked versions, but I do have universe, multiverse and
backports.  I see no signs of 2.0.

How can this be, gen-too-ers?  Surely, I'm missing something. What did I mess up?-- Kevin O'Gorman, PhD

Actually your Fedora boxes weren't
running 2.0 they where running 1.9 which is the beta for 2.0. If you
want to run that on Gentoo you need to add `app-office/openoffice-bin`
to your /etc/portage/package.unmask and `app-office/openoffice-bin
~x86` to your /etc/portage/package.keywords file then emerge
openoffice-bin. You didn't miss a thing, its just hard masked
development. because it's not stable and it does crash often enough but
its well worth the install.

Also as far as I know there is no such thing as universe, multiverse,
and backports gor Gentoo. In any case good luck getting it running,
once you get it unmasked its just as easy as the "real deal" (if you
will).

-Mike-- Michael E. CruteSoftware DeveloperSoftGroup Development CorporationLinux, because reboots are for installing hardware."In a world without walls and fences, who needs windows and gates?"

Re: [gentoo-user] Determine the original installation date

2005-09-07 Thread Willie Wong 
On Thu, Sep 08, 2005 at 01:04:41PM +1200, Nick Rout wrote:
> emerge genlop
> genlop -l | head
> 

actually, this is exactly the same as just typing 

head /var/log/emerge.log

genlop is an emerge.log parser after-all. So both suffers the same
deficiency that if you logrotate emerge.log, then you lose the
information. 

W
-- 
The elements of magnetic flux are hard to understand 
because they d \phi common-sense.
Sortir en Pantoufles: up 27 days,  5:37
-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Here is an amazing thing re OpenOffice:

2005-09-07 Thread Kevin O'Gorman 
I am using gentoo because I want to be able to compile the latest and greatest.
How odd it is that I can only find OpenOffice 1.1.4, where the FedoraCore
machines at my school have had OpenOffice 2.0 all (Summer) term.

I've not done a lot with masked versions, but I do have universe, multiverse and
backports.  I see no signs of 2.0.

How can this be, gen-too-ers?  Surely, I'm missing something. What did I mess up?-- Kevin O'Gorman, PhD

Re: [gentoo-user] Make a running process nohup?

2005-09-07 Thread Ow Mun Heng 
On Wed, 2005-09-07 at 19:16 +0200, Peter Karlsson wrote:
> On Wed, 7 Sep 2005, Qiangning Hong wrote:
> 
> > Is it possible make a running process nohup so that I can leave it
> > running after I logout without interrupt it?
> 
> man nohup? (+nice/renice?)

I think you guys missed the point. OP mentioned "Running Process"

Not sure what disown does since there's no man pages on it. (as
suggested by Matthew Cline)

-- 
Ow Mun Heng
Gentoo/Linux on DELL D600 1.4Ghz 1.5GB RAM
98% Microsoft(tm) Free!! 
Neuromancer 10:11:16 up 2 days, 40 min, 7 users, load average: 0.74,
0.58, 0.78 


-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] what happened to php and mod_php?

2005-09-07 Thread Michael Crute 
On 9/7/05, Bastian Balthazar Bux <[EMAIL PROTECTED]> wrote:
http://svn.gnqs.org/projects/gentoo-php-overlay/file/docs/php-upgrading.html?format=raw
So no need to overlay it to get a decent build?

-Mike-- Michael E. CruteSoftware DeveloperSoftGroup Development CorporationLinux, because reboots are for installing hardware."In a world without walls and fences, who needs windows and gates?"

[gentoo-user] davfs errors

2005-09-07 Thread W.Kenworthy 
Has anyone been able to get the latest davfs2 to work with kernel
2.6.13?  Cadaver works fine to two servers (one ssl, one plain), whilst
davfs gives (with both):

bunyip ~ # mount.davfs http://myserver/mydir /mnt/mydir
Please enter the username for authentication with server
http://myserver/mydir or hit enter for none.
Username: me
Please enter the password to authenticate me with server
http://myserver/mydir or hit enter for none.
Password:
Could not contact server:
301 Moved Permanently
mount.davfs: Could not connect to http://myserver/mydir
bunyip ~ # cadaver http://myserver/mydir
Authentication required for myserver on server `myserver':
Username: me
Password:
dav:/mydir/> quit
Connection to `myserver' closed.
bunyip ~ # 

I have access to one of the apache servers (gentoo
net-www/apache-2.0.54-r9) and it shows:

Sep  8 09:21:26 moriah apache2: MYIP# - - 08/Sep/2005:09:21:26 +0800
OPTIONS /mydir/ HTTP/1.1 401 533 - cadaver/0.22.2 neon/0.24.7
Sep  8 09:21:36 moriah apache2: MYIP# - me 08/Sep/2005:09:21:35 +0800
OPTIONS /mydir/ HTTP/1.1 200 - - cadaver/0.22.2 neon/0.24.7
Sep  8 09:21:36 moriah apache2: MYIP# - me 08/Sep/2005:09:21:36 +0800
PROPFIND /mydir/ HTTP/1.1 207 683 - cadaver/0.22.2 neon/0.24.7
Sep  8 09:31:12 moriah apache2: MYIP# - - 08/Sep/2005:09:31:12 +0800
OPTIONS / HTTP/1.1 200 - - davfs2 0.2.4 neon/0.24.7
Sep  8 09:31:12 moriah apache2: MYIP# - - 08/Sep/2005:09:31:12 +0800
PROPFIND / HTTP/1.1 405 368 - davfs2 0.2.4 neon/0.24.7
Sep  8 09:31:12 moriah apache2: MYIP# - - 08/Sep/2005:09:31:12 +0800
PROPFIND / HTTP/1.1 405 368 - davfs2 0.2.4 neon/0.24.7

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Macromedia Flash on AMD64

2005-09-07 Thread Mark Knecht 
On 9/7/05, Perral1 <[EMAIL PROTECTED]> wrote:
> to tell you the truth I dunno...
> 
> I've always just trusted Linus & Gentoo :P
> 
> The only way I've ever seen it shown is in all of the about boxes, but
> otherwise I dunno...

Cool. Thanks. Someone will know how to tell.

I did get Flash working finally using firefox-bin instead of firefox.
That's cool too. I don't care if I'm running 32-bit when I browse.
Just want 64-bit when using Ardour.

Cheers,
Mark

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Stabilization of new-style Apache

2005-09-07 Thread Michael Stewart (vericgar) 
The Gentoo Apache Team is pleased to announce the stabilizing of package
updates that have been in the works for over a year. Some of the major
changes include:

 - New configuration and configuration locations to more closely match
   upstream and reduce confusion for users coming from other
   distributions.
 - Modules now use a centralized eclass that builds, installs, and
   displays standard information on enabling the module. This allows
   easier maintenance of existing modules, and allows us to more rapidly
   develop ebuilds for modules that are not yet in the tree.
 - Expanded USE flags to let you choose which MPM is compiled.
 - A new gentoo-webroot that will eventually provide a gentoo-themed
   icon-set, error documents, and default website. This has been put in
   it's own package, and includes a USE-flag to not install the
   gentoo-webroot into /var/www/localhost - useful if you put your own
   website there.
 - And much more, including the fixing of many many bugs.

These changes will stabilized on Sunday, September 18th. These changes
have been throughly tested and given a thumbs up by many many users.
They also allow you to use the new php (including support for php5)
ebuilds when they become fully available.

Because of these changes and improvements, when you upgrade to the new
revision of Apache, you will need to take care of some things. These are
fully documented in our Upgrading Apache document [1], but in
summary, this is what you will need to do:

 - Merge any customizations that you have made to the Apache
   configuration into the new configuration at /etc/apache2/httpd.conf
   (The configuration file location has changed). Note that the init
   script for apache checks for a configuration in the old location and
   refuses to start if you haven't moved/removed it - this is to avoid
   the possibility of moving to a configuration that isn't right for
   your machine.
 - Update any modules that you used to revisions that support the new
   eclass. Older modules will not work due to location changes.
 - Restart Apache

We have done our best to make it easy to migrate, but if you have
problems, feel free to visit us in #gentoo-apache on irc.freenode.net or
on our mailing list gentoo-web-user@gentoo.org and we'll be glad to
help.

Thanks,
The Gentoo Apache Team

[1] http://www.gentoo.org/doc/en/apache-upgrading.xml

-- 
Michael Stewart [EMAIL PROTECTED]
Gentoo Developerhttp://dev.gentoo.org/~vericgar

GnuPG Key ID 0x08614788 available on http://pgp.mit.edu
--



signature.asc
Description: OpenPGP digital signature

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James 
Bryan Whitehead  megahappy.net> writes:

> 
> Wow, that is news to me... I've always just banged out iptables rules and 
> then saved them...


Got anything to share? Surely a 3 nic firewall {
WAN(single IP), LAN and DMZ, with a web server and eventually
2 dns servers on the DMZ is not really a big deal?

Which kernel sources did you use? Anything tricky 
in building the kernel?

The system is only going to be a firewall/router
so only minimal necessary packages will be installed.


James

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: Macromedia Flash on AMD64

2005-09-07 Thread Perral1 
to tell you the truth I dunno...

I've always just trusted Linus & Gentoo :P

The only way I've ever seen it shown is in all of the about boxes, but
otherwise I dunno...
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] portage - xcdroast

2005-09-07 Thread Volker Armin Hemmann 
On Thursday 08 September 2005 03:18, Nick Rout wrote:
> On Wed, 7 Sep 2005 09:56:24 -0500
>
> Preston Hagar wrote:
> > On 9/6/05, Nick Rout <[EMAIL PROTECTED]> wrote:
> > > as someone already said emerge eix
> > >
> > > then run
> > >
> > > update-eix (you need to be root to do that part)
> > >
> > > this creates some sort of very quick index to your ebuilds which is
> > > MUCH faster to search than emerge -s.
> > >
> > > then just use
> > >
> > > eix searchterm
> > > ...
> > > --
> > > Nick Rout <[EMAIL PROTECTED]>
> >
> > Another good script/program to try is esearch. Just "emerge esearch" then
> > do "eupdatedb" to update the index of ebuilds. Then, the next time you do
> > an "emerge sync", you can just type "esync" instead and it will update
> > portage and your esearch database. It also prints out all of the updated
> > packages in a nice fashion after the sync. With esearch, you can type
> > "esearch searchterm" to search for packages. From my understanding (I
> > have never really looked into it), it is basically locate that only
> > searches through portage. It is one of my favorite gentoo tools and I
> > would highly recommend it.
> >
> > Preston
>
> Yes esearch has its advantages (esync being very handy), but update-eix
> seems so much faster than eupdatedb that i abandoned esearch.
>

when using 'esync' why should anybody use eupdatedb? And since I do not watch 
the esync running but doing stuff I do not care about the minute it takes 
longer - but I really like the fact that esync shows all the new/updated 
ebuilds that were transfered.
A lot of software I only saw listed there and never thought about was tried 
and kept after an esync ;)
-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James 
gentuxx  gmail.com> writes:


> Why not just sit down and read the source?  

I'm sure that's going to happen too. But having a 
working machine with iptables/netfilter is like
having a lab-class to go with the 
(theory) lecture part of the class, methinks.

YMMV.

James



-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Nick Rout 

On Wed, 07 Sep 2005 18:02:49 -0700
Zac Medico wrote:


> The metadata is appended to the end of the tbz2 file.  I guess you didn't see 
> my email earlier today which included a script that extracts the use flags.
> 
> http://marc.10east.com/?l=gentoo-user&m=112613409500463&w=2
> 
> Zac

err yes, see my more recent post, thanks for correcting my
misapprehension.

Its not easy to spot the metainfo.

> -- 
> gentoo-user@gentoo.org mailing list

-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] portage - xcdroast

2005-09-07 Thread Nick Rout 

On Wed, 7 Sep 2005 09:56:24 -0500
Preston Hagar wrote:

> On 9/6/05, Nick Rout <[EMAIL PROTECTED]> wrote:
> > 
> > as someone already said emerge eix
> > 
> > then run
> > 
> > update-eix (you need to be root to do that part)
> > 
> > this creates some sort of very quick index to your ebuilds which is MUCH
> > faster to search than emerge -s.
> > 
> > then just use
> > 
> > eix searchterm
> > ...
> > --
> > Nick Rout <[EMAIL PROTECTED]>
> 
> 
> Another good script/program to try is esearch. Just "emerge esearch" then do 
> "eupdatedb" to update the index of ebuilds. Then, the next time you do an 
> "emerge sync", you can just type "esync" instead and it will update portage 
> and your esearch database. It also prints out all of the updated packages in 
> a nice fashion after the sync. With esearch, you can type "esearch 
> searchterm" to search for packages. From my understanding (I have never 
> really looked into it), it is basically locate that only searches through 
> portage. It is one of my favorite gentoo tools and I would highly recommend 
> it.
> 
> Preston

Yes esearch has its advantages (esync being very handy), but update-eix
seems so much faster than eupdatedb that i abandoned esearch.

Still, each to their own, I remember the days when men
were men and portage was small enough to be searched conveniently with
emerge -s|S on an arthritic 486 with 4M RAM.  We used to get up int
morning, wind generator to charge batteries for computer, update portage
via 2400 baud modem, then emerge -s for new packages before writing new
software 25 hours a day AND pay tuppence a day for privilege. Tell that to the 
youth of today and they won't believe you.

(of course thats why portage is written in ... "python")


-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Determine the original installation date

2005-09-07 Thread Nick Rout 
emerge genlop
genlop -l | head

On Wed, 07 Sep 2005 15:36:59 -0500
Vernon A. Fort wrote:

> With redhat/fedora, you could find WHEN the box was installed using rpm 
> -qi basesystem.  I am switching most of my boxes to gentoo and I would 
> like to tell when the ORIGINAL install occured.  Any pointers?
> 
> Vernon
> -- 
> gentoo-user@gentoo.org mailing list

-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Zac Medico 

Nick Rout wrote:

There is no meta-info AFAIK in a binary .tar.gz, so portage does NOT
know what CFLAGS, or USE flags it is built with.

Go ahead, use quickpkg to make a binary tarball of any package on your
system, then look tat the tarball. There is nothing to indicate USE or
CFLAGS.

If you want to install binaries you have to know yourself what options
were used in the compile.



The metadata is appended to the end of the tbz2 file.  I guess you didn't see 
my email earlier today which included a script that extracts the use flags.

http://marc.10east.com/?l=gentoo-user&m=112613409500463&w=2

Zac
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Nick Rout 
Bugger, after reading Sacha's last post and trying tbz2tool -split
package.tbz2 I realise that the meta info is there, quite a lot of it!

You certainly don't get to see it parsing the file with mc

I was wrong, my apologies.

A tool to better parse that metainfo out of binary packages would be
good.


On Thu, 08 Sep 2005 12:17:46 +1200
Nick Rout wrote:

> There is no meta-info AFAIK in a binary .tar.gz, so portage does NOT
> know what CFLAGS, or USE flags it is built with.
> 
> Go ahead, use quickpkg to make a binary tarball of any package on your
> system, then look tat the tarball. There is nothing to indicate USE or
> CFLAGS.
> 
> If you want to install binaries you have to know yourself what options
> were used in the compile.
> 
> 
> On Wed, 07 Sep 2005 22:08:13 +0100
> Ian Clowes wrote:
> 
> > A further interesting scenario might be to have a binary package
> > available built with different USE flags to those on the target machine,
> > and seeing if it gets installed or not.  I guess it shouldn't.  But then
> > there's the CFLAGS issue as well, and I'm even more unsure how that's
> > supposed to be handled.
> 
> -- 
> Nick Rout <[EMAIL PROTECTED]>

-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Nick Rout 

On Wed, 7 Sep 2005 18:30:34 -0300 (ART)
Arturo 'Buanzo' Busleiman wrote:

> On Wed, 7 Sep 2005, Holly Bostick wrote:
> 
> > Rar or Tar.gz or zip the file up and share it, or encode it down to an
> > xvid (which will likely reduce the size at least somewhat, but anybody
> > correct me if I'm wrong) and *then* rar/tar.gz/zip it up and share it.
> 
> And how do I easily encode it down to an xvid?

your sample file shows the following with mplayer -identify:

ASF file format detected.
ID_AUDIO_ID=1
ID_VIDEO_ID=2
VIDEO:  [WMV3]  320x240  24bpp  1000.000 fps0.0 kbps ( 0.0 kbyte/s)
==
Opening audio decoder: [ffmpeg] FFmpeg/libavcodec audio decoders
AUDIO: 32000 Hz, 2 ch, s16le, 32.0 kbit/3.12% (ratio: 4000->128000)
Selected audio codec: [ffwmav2] afm:ffmpeg (DivX audio v2 (FFmpeg))
==
ID_FILENAME=dd24_2005.wmv
ID_VIDEO_FORMAT=WMV3
ID_VIDEO_BITRATE=0
ID_VIDEO_WIDTH=320
ID_VIDEO_HEIGHT=240
ID_VIDEO_FPS=1000.000
ID_VIDEO_ASPECT=0.
ID_AUDIO_CODEC=ffwmav2
ID_AUDIO_FORMAT=353
ID_AUDIO_BITRATE=32000
ID_AUDIO_RATE=32000
ID_AUDIO_NCH=2
ID_LENGTH=3232
==
Opening video decoder: [dmo] DMO video codecs
DMO dll supports VO Optimizations 0 1
DMO dll might use previous sample when requested
GetOutput r=0x0   size:230400  align:1
StreamCount r=0x0  1  1
Decoder supports the following YUV formats: YV12 YUY2 UYVY YVYU
Decoder is capable of YUV output (flags 0x1b)
VDec: vo config request - 320 x 240 (preferred csp: Packed YUY2)
VDec: using Planar YV12 as output csp (no 0)
Movie-Aspect is undefined - no prescaling applied.
VO: [null] 320x240 => 320x240 Planar YV12
Selected video codec: [wmv9dmo] vfm:dmo (Windows Media Video 9 DMO)
==
Checking audio filter chain for 32000Hz/2ch/s16le -> 32000Hz/2ch/s16le...
AF_pre: 32000Hz/2ch/s16le
alsa-init: 1 soundcard found, using: default
alsa: 32000 Hz/2 channels/4 bpf/43688 bytes buffer/Signed 16 bit Little Endian
AO: [alsa] 32000Hz 2ch s16le (2 bps)
Building audio filter chain for 32000Hz/2ch/s16le -> 32000Hz/2ch/s16le...
Starting playback...


Clearly the frames per second is misreported at 1000 (this seems a
common problem with wmv files and ffmpeg/mplayer). However you can see
that it has been coded down to 320x240 pixels.

It is remarkably watchable, albeit I don't understand the language. Yu
can use the above parameters to re-encode it with a variety of tools,
you will have to do a little research as to what will work best. It will take a 
bit of cpu processing too!

The possible tools are:

ffmpeg
mencoder (part of mplayer)
transcode

The common approach is to separate the audio and video channels,
re-encode each of them to the required bitrate and size, and then mplex
them back together again. There is no one tool or "right" approach.
There is a lot of reading to do. 

avidemux does provide a gui which may be useful - it helps set up
parameters for the various formats and ocdecs. It uses the same basic
tools "under the hood" though.

For a reasonably well documented script that does a similar thing, and
may provide inspiration, see 
http://forums.gentoo.org/viewtopic.php?t=117709&highlight=codecs

(this documents any2vob, which takes any old video file and converts it
to a format suitable for burning to dvd. You are doing pretty much the
opposite, but the steps and tools are the same.)

> 
> --
> Buanzo
> 
> -- 
> gentoo-user@gentoo.org mailing list

-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Arturo 'Buanzo' Busleiman 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Neil Bothwick wrote:
> You could try gtranscode.

I tried, and it said that the file didn't exist :P - I'll try again. Maybe my 
full ~x86 gentoo
system is excesively ~ :P

- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD4DBQFDH4YQAlpOsGhXcE0RAnWtAJ4lSCwMQJ4MT0xhNjdX2ArbtTO0bACYuHMQ
5auMkQFxBMPBW06SH3R78g==
=gKcv
-END PGP SIGNATURE-
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Error when emerging Gnome

2005-09-07 Thread Willie Wong 
On Thu, Sep 08, 2005 at 12:03:00PM +1200, Jamie Dobbs wrote:
> libtool --quiet --mode=link gcc -o libapm.la apmlib.lo -rpath /usr/lib
> -version-info 1:0
> i686-pc-linux-gnu-g++:
> /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/../../../crti.o: No such
> file or directory
> i686-pc-linux-gnu-g++:
> /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/crtbeginS.o: No such
> file or directory
> i686-pc-linux-gnu-g++:
> /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/crtendS.o: No such file
> or directory
> i686-pc-linux-gnu-g++:
> /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/../../../crtn.o: No such
> file or directory
> make: *** [libapm.la] Error 1
> 

[08:18 PM]wwong ~ $ equery belongs /usr/lib/crti.o
[ Searching for file(s) /usr/lib/crti.o in *... ]
sys-libs/glibc-2.3.5-r1 (/usr/lib/crti.o)

[08:19 PM]wwong ~ $ equery belongs `locate crtbeginS.o`
[ Searching for file(s)
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.4.4/crtbeginS.o,/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/crtbeginS.o
in *... ]
sys-devel/gcc-3.3.5.20050130-r2
(/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/crtbeginS.o)

According to my system, the files you lack belongs to glibc and gcc...
re-emerge them?

W
-- 
"`Er, hey Earthman...'
`Arthur,' said Arthur.
`Yeah, could you just sort of keep this robot with you and 
guard this end of the passageway. OK?'
`Guard?' said Arthur. `What from? You just said there's no 
one here.'
`Yeah, well, just for safety, OK?' said Zaphod.
`Whose? Yours or mine?'"

- Arthur drawing the short straw on Magrathea. 
Sortir en Pantoufles: up 27 days,  3:23
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Nick Rout 
There is no meta-info AFAIK in a binary .tar.gz, so portage does NOT
know what CFLAGS, or USE flags it is built with.

Go ahead, use quickpkg to make a binary tarball of any package on your
system, then look tat the tarball. There is nothing to indicate USE or
CFLAGS.

If you want to install binaries you have to know yourself what options
were used in the compile.


On Wed, 07 Sep 2005 22:08:13 +0100
Ian Clowes wrote:

> A further interesting scenario might be to have a binary package
> available built with different USE flags to those on the target machine,
> and seeing if it gets installed or not.  I guess it shouldn't.  But then
> there's the CFLAGS issue as well, and I'm even more unsure how that's
> supposed to be handled.

-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Error when emerging Gnome

2005-09-07 Thread Jamie Dobbs 
While executing an emerge gnome I get the following error:

>>> Unpacking apmd_3.2.1-4.diff.gz to /var/tmp/portage/apmd-3.2.1_p4/work
 * Applying apmd_3.2.1-4.diff ...
[ ok ]
>>> Source unpacked.
libtool --quiet --mode=compile gcc -c  -O -g -Wall -pipe -I.
-I/usr/src/linux/include -I/usr/src/linux-2.2/include -I
/usr/src/linux-2.0/include -DVERSION=\"3.2.1\"
-DDEFAULT_PROXY_NAME=\"/etc/apmd_proxy\" apmlib.c
libtool --quiet --mode=link gcc -o libapm.la apmlib.lo -rpath /usr/lib
-version-info 1:0
i686-pc-linux-gnu-g++:
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/../../../crti.o: No such
file or directory
i686-pc-linux-gnu-g++:
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/crtbeginS.o: No such
file or directory
i686-pc-linux-gnu-g++:
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/crtendS.o: No such file
or directory
i686-pc-linux-gnu-g++:
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.5-20050130/../../../crtn.o: No such
file or directory
make: *** [libapm.la] Error 1

!!! ERROR: sys-apps/apmd-3.2.1_p4 failed.
!!! Function src_compile, Line 41, Exitcode 2
!!! (no error message)
!!! If you need support, post the topmost build error, NOT this status
message.

I assume that this error is due to some dependancy missing, or a library
conflict. I have searched Bugzilla and the forums but cannot seem to find
an answer - can anyone point me in the right direction.

Thanks

Jamie

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread gentuxx 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James wrote:

>Dave Nebinger  joat.com> writes:
>
>
>
> < BIIIG SNIP >
>
>
>
>A beautiful woman once asked why she married the mechanic
>out of all the numerous suitors beckoning to her. She replied
>"because he torn it up on the first night, and has been
>working on it ever since". I like to tear up low level
>code and put it back together, piece by piece, too. That's
>how I learn, and I find it throughly enjoyable.


Why not just sit down and read the source?  ;-)

>
>[SNIP]
>
>James
>


- --
gentux
echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40 9795 2D81 924A
6996 0993
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDH30HLYGSSmmWCZMRApNRAKDWk+iI4AjWDzWtM4Nhs0jr1abZ0wCbBHv+
8KezxRR8XEe8ZN3/ERM43i4=
=LS3H
-END PGP SIGNATURE-

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /dev/input/mouse0 Doesn't Exist

2005-09-07 Thread William Kenworthy 
If they worked previously, they are probably compiled into the kernel.
I find this is a mistake unless you have a specific reason for doing so
- being able to remove/add modules helps track down weird problems like
this, and some things just work best as a module.  I take it that it is
a usb wireless mouse ? (coz of the batteries).  If so, monitor the
syslog while adding or removing the usb plug.  If its recognised, you
will see messages.  I doubt the batteries are the problem as with a
wireless mouse, its the base unit that when plugged in will cause
the /dev node to be created and you dont have them.

If I am wrong about the mouse, exactly what type of mouse and ports are
you trying to use (as you have probably gathered, this has a bearing on
whats happening)

BillK


On Wed, 2005-09-07 at 10:00 -0700, Drew Tomlinson wrote:
> On 9/6/2005 9:53 PM W.Kenworthy wrote:
> 
> >use lsmod to get the module list.  The modules are usbmouse and psmouse
> >(not sure if you have said what mouse type you are using) .  Note that
> >you will need to revisit your kernel configuration if you dont have
> >them. If they dont show in "lsmod", try "modprobe psmouse" etc.
> >  
> >
> Thanks for the reply.  I have neither usbmouse nor psmouse in my lsmod 
> output.  Trying to load with modprobe doesn't work either:
> 
> tv mythtv # modprobe psmouse
> FATAL: Module psmouse not found.
> tv mythtv # modprobe usbmouse 
> FATAL: Module usbmouse not found.
> 
> Because I haven't made any changes, I suspect my system never used 
> them.  I'll try changing the batteries in the mouse as another poster 
> suggested.  If that doesn't solve it, then I'll venture into this further.
> 
> Thanks,
> 
> Drew
> 
> >On Tue, 2005-09-06 at 21:03 -0700, Drew Tomlinson wrote:
> >  
> >
> >>On 9/6/2005 8:49 PM W.Kenworthy wrote:
> >>
> >>
> >>
> >>>The module thats responsible for /dev/input/mouse0 creates the node when 
> >>>it loads via udev: is the modules loaded?  /dev/mouse is usually (on
> >>> 
> >>>
> >>>  
> >>>
> >>I come from the FreeBSD world and thus, I'm a linux newb.  Sorry for the 
> >>simple questions.  What module should I look for?  How can I check to 
> >>see if it's loaded?
> >>
> >>
> >>
> >>>newer systems) a symlink to /dev/input/mouse0 if it
> >>>exists.  /dev/input/mice is a concentrator.  i.e., on my laptop I have a
> >>>ps2 mouse (actually the gspot/touchpad) and a plugged in usb mouse.  All
> >>>three work through /dev/input/mice at the same time.  Individually they
> >>>are accessed via /dev/input/mouseX.
> >>> 
> >>>
> >>>  
> >>>
> >>Thanks for the explanation.
> >>
> >>
> >>
> >>>To test try "cat /dev/input/mice" and move the mouse - rubbish will
> >>>print to terminal if its working.  CTRL-C to exit.
> >>>
> >>> 
> >>>
> >>>  
> >>>
> >>No rubbish.  Not working.
> >>
> >>Thanks for your help.
> >>
> >>Drew
> >>
> >>-- 
> >>Visit The Alchemist's Warehouse
> >>Magic Tricks, DVDs, Videos, Books, & More!
> >>
> >>http://www.alchemistswarehouse.com
> >>
> >>
> >>
> 
> 
> -- 
> Visit The Alchemist's Warehouse
> Magic Tricks, DVDs, Videos, Books, & More!
> 
> http://www.alchemistswarehouse.com
> 
-- 
William Kenworthy <[EMAIL PROTECTED]>
Home!
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Is binary emerge equivalent to source emerge?

2005-09-07 Thread Zac Medico 

Sascha Lucas wrote:
I've also had problems with --usepkg.  When it gives me problems, as a 
workaround, I force emerge to do what I want with emerge --usepkgonly 
--nodeps --oneshot for each and every binpkg that I want merged.  If I 
think that this may have broken something then afterwards I use 
"revdep-rebuild -p" to check linking integrity.



thats nearly the same like I do: emerge --usepkg --oneshot binpkgs.

So I assume, I'm not alone with this problem (--newuse & --usepkg & 
-uD). The question is, is there a missunderstanding or a bug?


Sascha.


There are a few open bugs related to binpkg handling.  Attached is a script 
that prints out the use flags of a binpkg (similar to emerge -pv output).  I 
you believe that you have discovered an unreported bug, then please file a new 
bug at bugs.gentoo.org.

Zac
#!/usr/bin/python

import sys
if len(sys.argv)!=2:
	print "usage: %s " % sys.argv[0]
	sys.exit(1)

sys.path = ["/usr/lib/portage/pym"]+sys.path
import xpak
mytbz2=xpak.tbz2(sys.argv[1])
myuse=mytbz2.getelements("USE")
myiuse=mytbz2.getelements("IUSE")
for use in myiuse:
	operator="-"
	if use in myuse:
		operator="+"
	sys.stdout.write( operator + use + " ")
print

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Willie Wong 
On Wed, Sep 07, 2005 at 10:53:34PM +0200, Holly Bostick wrote:
> >>> But you still haven't said why the final output file has to be so
> >>>  small.
> > 
> > 
> > To be shared over bittorrent :P
> > 
> 
> U people share full DVD- size files over BT all the time. If
> it's an issue of not wanting to seed for the length of time it would
> take to get more seeders, well, then don't share over BT, because you
> 'have to' do that, no matter how big the file is.
> 
> And heaven knows I wouldn't be happy with the file I got (a full DVD
> shrunk to 100MB), even if it only took me half an hour rather than 2 days.

I know I am more likely to download files under 1GB than those above. 
Even with Bittorrent, which allows the sharing of large files, when
dealing with unknown content, I still prefer NOT to give up 4G of my
harddrive space. And I am sure a lot of users feel the same way. 

> 
> Or is the issue that the vendor doesn't want people to have to wait for
> 2 days to get the file? I'm not sure that's reasonable; it's BT (so
> people are used to it not being instantaneous downloading), and this is,
> after all, a full-quality file that is (almost) ready to burn to DVD. If
> that's what the expected customers want, then they'll likely be willing
> to wait.
> 
> You might consider offering two versions; 'low-quality' (reduced to
> something like 320xwhatever), and 'high(er)-quality' (at either the
> original A/R, or a slightly lower one).
> 

I think that's a good idea. 

> I think you're trying to solve the wrong problem-- your actual problem
> is not that the file is 'too big' but it is in some way too big for you
> to work with in the way that you seem to need to, for reasons unknown
> (insofar as there is no bt-specific reason that a 4.5 GB file cannot be
> shared, but there clearly is a you-specific reason that you can't do
> this, presumably that your client has specified these restrictions).

Hum, my feeling is that his client actually wants people to download
the files? A brief scan of the various bittorrent forums/boards that I
visit tells me that full DVD sized contents can usually only survive
if it is a boot-legged copy of a full movie, or pr0n. Other things
tends to get ignored if it takes 2 days to download. Like I said: if
you don't know whether the content is good or not, would you be
willing to wait 2 days and sacrifice 4 G of harddrive space? 

W
-- 
"Why does the chicken cross the road?"
Einstein: it's not the chicken crossing the road, it is the road crossing the
 chicken."
Heisenberg: well, if you know it is moving, you can't know where it is; and if
 you know where it is, you can't really know where it's going. Therefore
 you can't know for certain that the chicken is actually crossing the road.
von Neumann: it satisfies the Minimax theorem for worm finding.
Schroedinger: not really. It is in the state of crossing and not crossing at
 the same time. Until you observe it, you can't really be sure.
Pauli: Well, it must be that there's another chicken of the same shape, size, 
 color, taste, smell, etc. on this side of the road...
Newton: an unbalanced force
Bohr: Because it is excited, and because it can't stay on the road...
Feynman: (dum, dum, dong, dum-da, dum, dong)
 Ah... Old MacDonald had a farm... E I E I O
 And on this farm he has a chicken... E I E I O
Sortir en Pantoufles: up 27 days,  1:36
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Willie Wong 
Hi

On Wed, Sep 07, 2005 at 06:30:34PM -0300, Arturo 'Buanzo' Busleiman wrote:
> On Wed, 7 Sep 2005, Holly Bostick wrote:
> 
> >Rar or Tar.gz or zip the file up and share it, or encode it down to an
> >xvid (which will likely reduce the size at least somewhat, but anybody
> >correct me if I'm wrong) and *then* rar/tar.gz/zip it up and share it.
> 
> And how do I easily encode it down to an xvid?
> 
http://www.bunkus.org/dvdripping4linux/single/index.html#transcoding

dvd::rip is available as media-video/dvdrip
or you can just emerge transcode and deal with the command line
interface. 
-- 
My mind is glowing.
Sortir en Pantoufles: up 27 days,  1:35
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Determine the original installation date

2005-09-07 Thread Neil Bothwick 
On Wed, 07 Sep 2005 15:36:59 -0500, Vernon A. Fort wrote:

> With redhat/fedora, you could find WHEN the box was installed using rpm 
> -qi basesystem.  I am switching most of my boxes to gentoo and I would 
> like to tell when the ORIGINAL install occured.  Any pointers?

head /var/log/emerge.log should do it, unless you logrotated it.


-- 
Neil Bothwick

 Q:  How does a Zen Master order a hot dog?
 A: "Make me one with everything."


pgpJPcJBAnjgK.pgp
Description: PGP signature

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Neil Bothwick 
On Wed, 7 Sep 2005 18:30:34 -0300 (ART), Arturo 'Buanzo' Busleiman wrote:

> > Rar or Tar.gz or zip the file up and share it, or encode it down to an
> > xvid (which will likely reduce the size at least somewhat, but anybody
> > correct me if I'm wrong) and *then* rar/tar.gz/zip it up and share it.

rar/gzip/7zip/whatever will not significantly compress and already
compressed file, they may even make it slightly larger.

> And how do I easily encode it down to an xvid?

You could try gtranscode.


-- 
Neil Bothwick

My Go this  amn keyboar  oesn't have any  's.


pgp3QKgmDgwT7.pgp
Description: PGP signature

Re: [gentoo-user] dev-util/meld-1.0.0 won't run

2005-09-07 Thread Neil Bothwick 
On Wed, 7 Sep 2005 13:00:55 -0700, Daevid Vincent wrote:

> Meld doesn't work. Bugs.gentoo.org shows "Zarro Boogs found" for keyword
> "meld". Before I submit a report, any ideas?

Search for "ALL meld", otherwise closed bugs are excluded from the
search.


-- 
Neil Bothwick

How do I set my laser printer to stun?


pgplHU2I1TILD.pgp
Description: PGP signature

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James 
Dave Nebinger  joat.com> writes:



> I know iptables/netfilter.  I've worked through all of the online
> documentation, I've read iptables books, I've implemented firewalls using
> just iptables.

got any scripts/ files to share?

> Knowing all of that information, I still suggest using a tool to help manage
> iptables.

OK, after I learn raw iptables/netfilter.

> The reason is this: iptables, like PF on openbsd, allows for fine-grained
> control over every aspect of the network traffic going in and out of the
> box.


> Most folks, however, have little need for such fine-grained control over
> their firewall.  They want a simple set of rules that allow outgoing traffic
> and certain incoming traffic.  They don't care about masquerading vs
> DNAT/SNAT, what to enable/disable on the ICMP packets, which ones to reject
> vs deny, etc.  They don't need a detailed explanation of why the order of
> the addition of rules to the table impact network performance as well as
> whether a certain rule actually disables traffic that a later rule would
> actually allow.

> So why is it so necessary to get down and dirty with iptables when there are
> supporting tools that manage all of these details quite well.

Well, I hack embedded systems, often with only a 
state_machine/executive/min_rtos with a custom IP stack. Being
able to 'analyze code segments' and discern-learn, gives me a solid
specification/understanding to write custom assembler/c code
for micro's or DSPs.

Just one reason. I have many, many more. Finding templates
and scripts for robust IPtable/netfilter rules should not
be like pulling teeth   I'm not trying to oversimply
or make demunitive comments about iptables/netfilter, I'm
just surprised that someone of your caliber, has not
served up iptables/netfilters in clear, discernable examples,
exclusively specific to iptables/netfilters.
Sure shorewall and other efforts are noble, for the majority
of users, but, surely there are more folks with my sort
of interests in iptables/netfilters.

> Oh, come on.  Using a tool to assist in rules maintenance hardly qualifies
> as being afraid.  Using a tool to assist in rules maintenance means you have
> better things to do with your time than operate at such a low level.

Um, in my opinion, the lowest level, is frequently referred to as
foundation, and that lack of foundation is why many programmers do 
not succeed. They do not have a foundational understanding of kernel, 
processes and files. Iptables/netfilters are as important as the scheduler,
if you are going to network anything with a 2.6 linux kernel.

> Per your idiom, we should throw out higher-level programming languages
> because they take us all away from knowing microcode and assembler.

Beautiful comments. I could not have said it better. Java is useful,
perl is OK, Bourne necessary, but the MASTERS of computer engineering 
do it in assembler.

Ever heard of the smartest or most accomplished Computer Scientist
in our lifetime?  Knuth.. Nobody  even comes close to his
body of work. Not Plauger not anyone. He has virtually cataloged
most know algorithms. Impressive work, all in assembler. Not all
would agree with this assessement, but few, if they bother to look
at his 'body of work' are anything but tolally in awe of this
man and his works. You might want to peruse what he has to say
about high level languages, including C and C++. YMMV.

http://www-cs-faculty.stanford.edu/~knuth

> The tools exist because they are an aid, not a crutch.

tools are better once one has mastered the fundamentals. iptables/netfilters
is fundamental to secure linux(embedded or workstation or server).

> If you think iptables should be so easy to pick up, then go pick it up and
> make it work for you - no one is stopping you from that task.

Agreed. I was just looking to jump-start the process by exuming
robust base-line files to begin the journey What are the author
and  title to those books you have refered to and which are 
based on 2.6 kernel technology?

> They are up to the task, which is why linux is used a heck of a lot more
> than openbsd...

This is good. Get fired up. Let's publish some raw, robust iptable/netfilter
scipts, and hack/penetration-test the crap out of the rulesets.
That establishes a proven foundation upon which much confidence can
be built. Surely, more folks other than Russell Coker, know how to
do this, and have publish a few cook_books somewhere. If not, why?

> Iptables, as well, can be quite elaborate.  Discernable is another question
> entirely.

> If you know what you're doing, you can create a discernable set of rules
> using custom chains and appropriate ordering.

> Most often, though, what you'll see is the list of rules in some quasi order
> which is supposed to satisfy security and accessibility requirements, but
> hardly show up as being discernable.

OK, where do I read/learn more? Do you have any books you recommend?

> > If you have ruleset capabilities, then look at th

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Sascha Lucas 

emerge -1 --usepkg --pretend --verbose pkg_spec_from_equery

then the change in USE-Flags are showen and my _correct_ binarys are used.



There's probably a good reason for it being the way it is, but it
doesn't sound as transparent as we might like.


yes may be... if so, I would like to know the reason :-)



A further interesting scenario might be to have a binary package
available built with different USE flags to those on the target machine,
and seeing if it gets installed or not.  I guess it shouldn't.  But then
there's the CFLAGS issue as well, and I'm even more unsure how that's
supposed to be handled.


If you build a binary with different USE flags then on the target it 
would be merged as ebuild and not as binary. But this seems only to work 
with --usepkg not with --getbinpkg. ?? CFLAGS handling is done in the same 
way like USE flags. You can use the tbz2tool to split your binary into 
data (tar) and info (text). In this info-text is every thing stored like 
USe, CFALGS, 



I'm still pretty new to Gentoo, but is this perhaps related to the
feature I've read about (and maybe misremembered) regarding only
packages that you explicity emerge going into world (dependencies
don't)?  I wonder if you'd see different results if you explicitly
emerged cups rather than it having been implicity emerged due to a
dependency.  By doing the emerge you described you've 'promoted' those
packages from implicit to explicit emerge.


Hm... yes every time you type emege  it will be recorded in the 
world-file, expect emerge --oneshot (-1)... so my explicit merge will not 
be recorded in world it stays what it was before (world or dependency).


So I understand --usepkg in this way to use binary if all USE/C flags etc 
match. If not fallback to ebuilds. So I know I have the right binary pkgs, 
why does:


emerge -uDpv --newuse world

and

emerge -uDpv --newuse --usepkg world

show different results?

Sascha.
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Determine the original installation date

2005-09-07 Thread Ian Clowes 


"Vernon A. Fort" wrote:
> 
> With redhat/fedora, you could find WHEN the box was installed using rpm
> -qi basesystem.  I am switching most of my boxes to gentoo and I would
> like to tell when the ORIGINAL install occured.  Any pointers?


Hi

Possibly a little empirical, but on things like the mod date on the root
lost+found directory and the first few lines of /var/log/emerge.log come
to mind.

IanC
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] what happened to php and mod_php?

2005-09-07 Thread Bastian Balthazar Bux 
Bryan Whitehead wrote:
> I currently run php 5.0.4 as build thru portage
> 
> For some reason, portage only has up to 4.4.0 now. Was php 5.x
> abandoned? What's going on?
> 
> http://packages.gentoo.org/search/?sstring=mod_php
> 
> looks like only 4.4.0-r1 is around now... what the heck?
> 

http://svn.gnqs.org/projects/gentoo-php-overlay/file/docs/php-upgrading.html?format=raw


-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Ian Clowes 
Sascha Lucas wrote:
> 
> emerge -1 --usepkg --pretend --verbose pkg_spec_from_equery
> 
> then the change in USE-Flags are showen and my _correct_ binarys are used.
> 

There's probably a good reason for it being the way it is, but it
doesn't sound as transparent as we might like.

A further interesting scenario might be to have a binary package
available built with different USE flags to those on the target machine,
and seeing if it gets installed or not.  I guess it shouldn't.  But then
there's the CFLAGS issue as well, and I'm even more unsure how that's
supposed to be handled.

I'm still pretty new to Gentoo, but is this perhaps related to the
feature I've read about (and maybe misremembered) regarding only
packages that you explicity emerge going into world (dependencies
don't)?  I wonder if you'd see different results if you explicitly
emerged cups rather than it having been implicity emerged due to a
dependency.  By doing the emerge you described you've 'promoted' those
packages from implicit to explicit emerge.

IanC
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] what happened to php and mod_php?

2005-09-07 Thread kashani 

Bryan Whitehead wrote:

I currently run php 5.0.4 as build thru portage

For some reason, portage only has up to 4.4.0 now. Was php 5.x 
abandoned? What's going on?


http://packages.gentoo.org/search/?sstring=mod_php

looks like only 4.4.0-r1 is around now... what the heck?



It's part of the new split between php4 and php5. mod-php-5 is in 
/usr/portage/dev-php5/ now though how you would use or active it I'm not 
sure.


kashani
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Is binary emerge equivalent to source emerge?

2005-09-07 Thread Sascha Lucas 
I've also had problems with --usepkg.  When it gives me problems, as a 
workaround, I force emerge to do what I want with emerge --usepkgonly 
--nodeps --oneshot for each and every binpkg that I want merged.  If I think 
that this may have broken something then afterwards I use "revdep-rebuild -p" 
to check linking integrity.


thats nearly the same like I do: emerge --usepkg --oneshot binpkgs.

So I assume, I'm not alone with this problem (--newuse & --usepkg & -uD). 
The question is, is there a missunderstanding or a bug?


Sascha.
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Arturo 'Buanzo' Busleiman 

On Wed, 7 Sep 2005, Holly Bostick wrote:


Rar or Tar.gz or zip the file up and share it, or encode it down to an
xvid (which will likely reduce the size at least somewhat, but anybody
correct me if I'm wrong) and *then* rar/tar.gz/zip it up and share it.


And how do I easily encode it down to an xvid?

--
Buanzo

--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Bryan Whitehead 

check out this webpage:
http://www.transcoding.org/cgi-bin/transcode?back=Examples

you can start the encode with crazy options to make it small... and then 
view it while encoding to see if the quality is good enough.


On Wed, 7 Sep 2005, Arturo 'Buanzo' Busleiman wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi people,

I was wondering, do you have any pointers to transcode an mpeg file to 
an xvid? The original is a
+4gb file, and I need to create a good quality of aprox. 100mb xvid file.

What are your suggestions? Any interesting sites to read about this? 
scripts? ebuilds? I've done
some research in the area for the last two days, but I am definitely not a 
video guru, and many
things I do not understand.

Yours,

- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDHy8dAlpOsGhXcE0RAtG1AJ4hKwTIoDebDzICqNTJv3ZHe4fXawCfWLeh
J2IsjTmur5KhaN5MUb3ty00=
=dgAi
-END PGP SIGNATURE-



--
Bryan Whitehead
Email:[EMAIL PROTECTED]
--
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: Errors while updating scrollkeeper

2005-09-07 Thread Ivan Lucian Aron 
problem solved

On 9/7/05, Ivan Lucian Aron <[EMAIL PROTECTED]> wrote:
> checking which XML catalog to use... /etc/xml/catalog
> checking for DocBook XML DTD... configure: error: not found. Make sure
> you have the DocBook DTD installed and ensure that it is registered in
> /etc/xml/catalog.
> 
> !!! Please attach the config.log to your bug report:
> !!! 
> /var/tmp/portage/scrollkeeper-0.3.14-r1/work/scrollkeeper-0.3.14/config.log
> 
> !!! ERROR: app-text/scrollkeeper-0.3.14-r1 failed.
> !!! Function econf, Line 485, Exitcode 0
> !!! econf failed
> !!! If you need support, post the topmost build error, NOT this status 
> message.
> 
> i remereged xml-dtd-docbook and still get it. any ideas?
>

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Holly Bostick 
Arturo 'Buanzo' Busleiman schreef:
> Holly Bostick wrote:
> 
>>> Direct from tv? Use avidemux or any video editing program to get
>>>  rid of the commercials then.
> 
> 
> Not direct from tv. The people who record (with cameras) and then 
> join the pieces provide this file. I can't do that. The producer 
> asked me to do this transformation. And, indeed, they've done it 
> before, but to wmv format. They stream the program online:
> 
> broadband: mms://200.80.72.153/dd24_2005.wmv dialup: 
> mms://200.80.72.153/dd24_2005baja.wmv
> 
> 
>>> And in any case, the file was definitely saved to digital format
>>>  with the intention to convert and burn to PAL DVD; you don't
>>> just get 720x504 and 25fps by accident.
> 
> 
> Yeah, I agree. but it still has no menues :P - If I could put it 
> available for any of you to help me out with this, I'd do it. But 
> 4.5gb...
> 
> 
>>> But you still haven't said why the final output file has to be so
>>>  small.
> 
> 
> To be shared over bittorrent :P
> 

U people share full DVD- size files over BT all the time. If
it's an issue of not wanting to seed for the length of time it would
take to get more seeders, well, then don't share over BT, because you
'have to' do that, no matter how big the file is.

And heaven knows I wouldn't be happy with the file I got (a full DVD
shrunk to 100MB), even if it only took me half an hour rather than 2 days.

Or is the issue that the vendor doesn't want people to have to wait for
2 days to get the file? I'm not sure that's reasonable; it's BT (so
people are used to it not being instantaneous downloading), and this is,
after all, a full-quality file that is (almost) ready to burn to DVD. If
that's what the expected customers want, then they'll likely be willing
to wait.

You might consider offering two versions; 'low-quality' (reduced to
something like 320xwhatever), and 'high(er)-quality' (at either the
original A/R, or a slightly lower one).

Or you might consider buying a proprietary encoding system (Real, OT),
or installing Windows (or Windows under VMWare), for the express purpose
of getting these files down to some tiny size (you're presumably getting
paid, so it's a business expense).

But there's no explicit reason as far as BT is concerned, that you can't
share the file as is.

Rar or Tar.gz or zip the file up and share it, or encode it down to an
xvid (which will likely reduce the size at least somewhat, but anybody
correct me if I'm wrong) and *then* rar/tar.gz/zip it up and share it.

I think you're trying to solve the wrong problem-- your actual problem
is not that the file is 'too big' but it is in some way too big for you
to work with in the way that you seem to need to, for reasons unknown
(insofar as there is no bt-specific reason that a 4.5 GB file cannot be
shared, but there clearly is a you-specific reason that you can't do
this, presumably that your client has specified these restrictions).

Holly
-- 
gentoo-user@gentoo.org mailing list

RE: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread Dave Nebinger 
> As far as functionality and rule set development, I don't think there
> is that much of a difference between 2.4 and 2.6.  I'm sure there are
> tons of cool things that go on under the hood that I don't really know
> about, but the implementation is basically the same.  2.6 kernels may
> offer newer targets, different kernel hooks, etc., etc., but like I
> said, that's a little beyond my current scope.  Why not compile a 2.4
> kernel (with netfilter), build a ruleset, then load up your 2.6 kernel
> and see what breaks (if anything)?

There are new targets and matches in the 2.6 kernel.  Also it is my
understanding that the internal tables are managed differently, in that the
2.6 implementation is faster in the table processing.
 

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] what happened to php and mod_php?

2005-09-07 Thread Bryan Whitehead 

I currently run php 5.0.4 as build thru portage

For some reason, portage only has up to 4.4.0 now. Was php 5.x abandoned? 
What's going on?


http://packages.gentoo.org/search/?sstring=mod_php

looks like only 4.4.0-r1 is around now... what the heck?

--
Bryan Whitehead
Email:[EMAIL PROTECTED]
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] grub over the top of Win XP

2005-09-07 Thread Willie Wong 
As posted on /. recently, 

On Wed, Sep 07, 2005 at 12:12:21PM -0700, Mark Knecht wrote:
> Beyond that I don't pretend to know anything.
> 
> The one thing that always confuses me is the difference between
> placing grub in the MBR and placing it in a partition. It is my
> understanding that the MBR is a separate part of the drive structure,
> and is not part of any partition. Is this true?
> 
> When we place an bootloader in the MBR that's what the system jumps to
> first? After that the bootloader in the MBR can transfer to either an
> operating system or to a second boot loader. I've done this where I
> had a copy of grub from Gentoo in the MBR, and then a copy of grub in
> a partition. Each copy had their own grub.conf file and managed it's
> own set of kernels, etc.
> 
> However, what Windows does is a bit beyond me. I suppose it places
> it's own bootloader in the MBR. We then overwrite it, but then we have
> a command to jump to that OS. (chainloader +1 I suppose?)
> 

a good source for some basics on how bootloaders work and why we need
them and what the heck MBR actually is:

http://www-128.ibm.com/developerworks/library/l-bootload.html?ca=dgr-lnxw01LILOandGRUB

W
-- 
"If your're scattering a fly off an elephant, you don't worry about the mass of
the elephant. But since we're physicists, lets consider the alternate example. 
In this case, we scatter the elephant off the fly."
~DeathMech, S. Sondhi. P-town PHY 205
Sortir en Pantoufles: up 26 days, 23:48
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Sascha Lucas 

If you do --pretend --verbose, does it show the changed USE flags for
the packages?  Not sure if 'world' does this, but you could try the
individual packages that you expect to be rebuilt.  IIRC, it appears in
green (on a colour screen...) with a + and * next to the USE flag.


emerge -uD --pretend --verbose --usepkg --newuse world does not show the 
change in USE-Flags. However it installes some software cased by the new 
USE-Flag (in my example samba). I run "equery hasuse my_new_flag" and the 
merged this pkgs with:


emerge -1 --usepkg --pretend --verbose pkg_spec_from_equery

then the change in USE-Flags are showen and my _correct_ binarys are used.


Not a solution, but hopefully it'll add insight.


it seems we are actually 2 who worked at the same time with binarys :-)

Sascha.
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Willie Wong 
Okay, I am no video expert, but

On Wed, Sep 07, 2005 at 04:49:47PM -0300, Arturo 'Buanzo' Busleiman wrote:
> Playing work/dd/DD_24_2005.MPG.
> Cache fill:  0.00% (0 bytes)MPEG-PS file format detected.
> VIDEO:  MPEG2  720x576  (aspect 2)  25.000 fps  9900.0 kbps (1237.5 kbyte/s)
> ==
> Opening audio decoder: [mp3lib] MPEG layer-2, layer-3
> AUDIO: 48000 Hz, 2 ch, s16le, 384.0 kbit/25.00% (ratio: 48000->192000)
> Selected audio codec: [mp3] afm:mp3lib (mp3lib MPEG layer-2, layer-3)
> ==
> vo: X11 running at 1024x768 with depth 16 and 16 bpp (":0.0" => local display)
> ==
> Opening video decoder: [mpegpes] MPEG 1/2 Video passthrough
> VDec: vo config request - 720 x 576 (preferred csp: Mpeg PES)
> Could not find matching colorspace - retrying with -vf scale...
> Opening video filter: [scale]
> The selected video_out device is incompatible with this codec.
> VDecoder init failed :(
> Opening video decoder: [libmpeg2] MPEG 1/2 Video decoder libmpeg2-v0.4.0b
> Selected video codec: [mpeg12] vfm:libmpeg2 (MPEG-1 or 2 (libmpeg2))
> ==

The resolution and bitrate on the video seems suspiciously high to me
as a digitized version of TV program on Tape. You are talking about 8
times as much information as a normal mpeg1 dump from a VCD (and
twice the information compared to the one DVD i have lying around).

Of course, not knowing anything about where you got the originals
from, I have no idea whether my wild guess is anywhere near accurate.

W
-- 
"Is there any theorem on how many pieces of chalk I'm supposed to break."
~DeathMech, S. Sondhi. P-town PHY 205
Sortir en Pantoufles: up 26 days, 23:33
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Is binary emerge equivalent to source emerge?

2005-09-07 Thread Zac Medico 

Sascha Lucas wrote:

  - -uD --newuse --usepkg world (binary if possible, else ebuild) does not
work very well


I've also had problems with --usepkg.  When it gives me problems, as a workaround, I 
force emerge to do what I want with emerge --usepkgonly --nodeps --oneshot for each and 
every binpkg that I want merged.  If I think that this may have broken something then 
afterwards I use "revdep-rebuild -p" to check linking integrity.

Zac
--
gentoo-user@gentoo.org mailing list

[gentoo-user] Determine the original installation date

2005-09-07 Thread Vernon A. Fort 
With redhat/fedora, you could find WHEN the box was installed using rpm 
-qi basesystem.  I am switching most of my boxes to gentoo and I would 
like to tell when the ORIGINAL install occured.  Any pointers?


Vernon
--
gentoo-user@gentoo.org mailing list

[gentoo-user] Errors while updating scrollkeeper

2005-09-07 Thread Ivan Lucian Aron 
checking which XML catalog to use... /etc/xml/catalog
checking for DocBook XML DTD... configure: error: not found. Make sure
you have the DocBook DTD installed and ensure that it is registered in
/etc/xml/catalog.

!!! Please attach the config.log to your bug report:
!!! /var/tmp/portage/scrollkeeper-0.3.14-r1/work/scrollkeeper-0.3.14/config.log

!!! ERROR: app-text/scrollkeeper-0.3.14-r1 failed.
!!! Function econf, Line 485, Exitcode 0
!!! econf failed
!!! If you need support, post the topmost build error, NOT this status message.

i remereged xml-dtd-docbook and still get it. any ideas?

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Ian Clowes 
Sascha Lucas wrote:
> 
> Hi List,
> 
> Machine B:
>   - mount PGKDIR of machine A via nfs to PGKDIR on machine B
>   - added USE-flag "samba"
>   - emerge -uD --newuse --usepkg world
> * merges binary samba
> * does not merge anything else (no binary, no ebuild )
> 
> It would be nice if I understand why emerge won't remerge binary packages
> with changed use-flags.

Hi Sascha

If you do --pretend --verbose, does it show the changed USE flags for
the packages?  Not sure if 'world' does this, but you could try the
individual packages that you expect to be rebuilt.  IIRC, it appears in
green (on a colour screen...) with a + and * next to the USE flag.

If the flags aren't shown as 'new' then its not strictly a problem with
the merge, but one with the way the flag changes are being enumerated.

If they are shown as changed then at least Portage is working out that
it would like to have new builds of the packages, and any failure is
presumably due to the way this cascades down to the binary merge
mechanism, such as the ability of a binary package to declare what USE
flags it was built with.

Not a solution, but hopefully it'll add insight.

IanC
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Arturo 'Buanzo' Busleiman 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Holly Bostick wrote:
> Direct from tv? Use avidemux or any video editing program to get rid of
> the commercials then.

Not direct from tv. The people who record (with cameras) and then join the 
pieces provide this file.
I can't do that. The producer asked me to do this transformation. And, indeed, 
they've done it
before, but to wmv format. They stream the program online:

broadband: mms://200.80.72.153/dd24_2005.wmv
dialup: mms://200.80.72.153/dd24_2005baja.wmv

> And in any case, the file was definitely saved to digital format with
> the intention to convert and burn to PAL DVD; you don't just get 720x504 and
> 25fps by accident.

Yeah, I agree. but it still has no menues :P - If I could put it available for 
any of you to help me
out with this, I'd do it. But 4.5gb...

> But you still haven't said why the final output file has to be so small.

To be shared over bittorrent :P

- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDH0vUAlpOsGhXcE0RAotrAJ4t6ZopaLKuz6C1ynGHeCjRi53LjwCfW+Wj
3YrWnMIQzOKbbjwuy+5jEMY=
=OMSA
-END PGP SIGNATURE-
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Holly Bostick 
Arturo 'Buanzo' Busleiman schreef:
> Holly Bostick wrote:
> 
>>> That's about the best I can do for you without knowing more about
>>>  the construction of the file, and what you're trying to do with 
>>> it.
> 
> 
> Well, many people have assumed that it being a 5gb+ file, it was a 
> dvd. Definitely not. It has no menus, no nothing. It's a plain video 
> file. Master copy of a tv program originally on tape, then saved to a
> digital format.

Direct from tv? Use avidemux or any video editing program to get rid of
the commercials then.

And in any case, the file was definitely saved to digital format with
the intention to convert and burn to PAL DVD; you don't just get 720x504 and
25fps by accident.

But you still haven't said why the final output file has to be so small.

Holly
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread Holly Bostick 
James schreef:
> Holly Bostick  planet.nl> writes:
> 
> 
>> Good morning, this is the general users list. If you want the 
>> security experts, try
> 
> 
>> gentoo-security  For the discussion of security issues and fixes 
>> gentoo-hardened  For a security hardened version of Gentoo
> 
> 
> You mean I have to go to this group to find detailed documentation in
>  iptables/netfilter rulesets that are indeed secure, published, and 
> used in more than one place?

I mean that if such documentation exists, that group would be much more
likely to know where it is (because that group is focused on such issues
and knowledge) than this group would be (where such knowledge is more
likely to be a random roll of the dice as to whether anyone around today
happens to know about it).

Now, of course for detailed documentation on iptables/netfilter, the
place to start, for me, at least, would be

http://www.iptables.org/documentation/index.html#documentation-howto .

As for 'published rulesets', well, so far I've found

http://linux.unimelb.edu.au/server/course/fc3/iptables.html (see examples)

http://www.hackinglinuxexposed.com/articles/20021008.html

http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq/examples/rc.firewall-iptables

http://www.linux.org/docs/ldp/howto/IP-Masquerade-HOWTO/ (see
http://www.linux.org/docs/ldp/howto/IP-Masquerade-HOWTO/stronger-firewall-examples.html#RC.FIREWALL-IPTABLES-STRONGER)

http://www.linuxtopia.org/Linux_Firewall_iptables/index.html (see
example scripts beginning at
http://www.linuxtopia.org/Linux_Firewall_iptables/x5753.html)

http://forums.gentoo.org/viewtopic-p-1436652-highlight-iptables+rulesets.html?sid=b777f7a8f3ef392e9cb4d14f0bcccfa1#1436652

That's all the Googling I feel like right now, but I'm sure that
gentoo-security might know more places such things are likely to be
found (especially any gentoo-specific resources).
> 

> 
>> That's all I'm going to say in the face of all this needlessly 
>> insulting behaviour.
> 
> 
> Holly, I have not nor do not intend to insult or constipate anyone. 
> Sincere apologies. However, I find this very strange that published 
> rulesets do not exist for iptables/netfilter, for simple and common 
> things lick a home-office router with (3) nics, including LAN, WAN 
> and DMZ with optional web and dns(internal) servers. If you find my 
> sharing these thoughts with you, and the 50 times I've had to write 
> that I'm interested in iptables/netfilters and not shorewall, then I 
> think you are a bit too sensitive about divergent opinions.


>> The really funny thing is a year ago, this list was full of persons
>>  that debunked OpenBSD's security supremacy. Now all I'm getting is
>>  a lot of 'hot air' and 'bull-loney'. Why are so many people scared
>>  to manage there own firewall rulesets directly?

This is not a 'divergent opinion'.. it is an opinion, true, but there is
nothing for it to diverge from (since this is not a debate about
OpenBSD's supremacy or lack thereof, nor about whether anyone is
'scared' to manage their own rulesets directly).

>> I thought (gentoo)linux was suppose to be equal to or superior to 
>> OpenBSD for security and every other aspect of computing?

This is not a 'divergent opinion', because this is again not a debate
over, nor is this a forum for debate concerning, whether Gentoo is
superior to anything at all, this is a user help mailing list.

>> (Booo) 

Excuse me? This is somehow not a taunt?

Whatever.

Though what I wonder is, is iptables under BSD so radically different
than iptables under Linux that somehow you can't simply use or adapt the
oh-so-easy BSD rulesets that you already have to your current conditions?

Or, I would wonder, if I didn't have concerns that I value higher taking
priority over my thinking about this at all.

Holly
-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] dev-util/meld-1.0.0 won't run

2005-09-07 Thread Daevid Vincent 
Meld doesn't work. Bugs.gentoo.org shows "Zarro Boogs found" for keyword
"meld". Before I submit a report, any ideas?

locutus bin # emerge -a meld
[ebuild   R   ] dev-util/meld-1.0.0

locutus bin # which meld
/usr/bin/meld
locutus bin # /usr/bin/meld
Traceback (most recent call last):
  File "/usr/bin/meld", line 87, in ?
import meldapp
  File "/usr/lib/meld/meldapp.py", line 27, in ?
import prefs
  File "/usr/lib/meld/prefs.py", line 52, in ?
import gconf
ImportError: No module named gconf

But I have gconf it seems...

locutus ~ # emerge -a gconf
[ebuild   R   ] gnome-base/gconf-2.10.1-r1

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread gentuxx 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James wrote:

>gentuxx  gmail.com> writes:
>
>
>
>>I think, perhaps, you misunderstood what I was saying. My
>>understanding of shorewall was that it was a script (or series of
>>scripts) that look for the previously specified config files and do
>>"cool stuff" with the information contained in them. I was simply
>>stating that in order to put value to the information in the config
>>files, that you would have to know what the scripts do. I was not, in
>>any way, suggesting that you use Shorewall. I can completely
>>understand and sympathize with your need to dissect iptables, and the
>>security it provides. However, I tend to take a top-down approach, as
>>opposed to the bottom-up approach you seem to prefer.
>
>
>OK this is great!. However, I'm a C/assembler hack, with embedded
>tendencies. Scripts are OK, as most are self explanatory.
>As a hardware guy, I often start with a microP, and write/add
>firmware to a custom bootloader. From there, often, as simple
>state_machine with selected code creates wonderful things;
>so I'm definately a bottoms up kind of guy. YMMV.
>
>
>>Going back to your original questions, I'm not really sure I can help
>>with Q1. However, in regards to Q2, there aren't any config files for
>>iptables. The tables are stored in memory. You can do an
>>"iptables-save", which will output a modified version of the rules
>>currently in place, which can subsequently be modified (assuming you
>>understand and duplicate the syntax) and restored (with any changes)
>>using "iptables-restore". Otherwise, all of your editing should be
>>done at the command line. I would recommend using a script (of your
>>own design, if so desired) to ease repeatability, and reduce the
>>possibility for mistakes (fat-fingering). Also, a script of this
>>nature would be handy for starting the iptables upon boot (I believe
>>the HOW-TO you referenced covers this).
>
>
>Is this the one?
>http://www.linuxguruz.com/iptables/scripts/rc.DMZ.firewall.txt

No, this one.

http://www.gentoo.org/doc/en/home-router-howto.xml


>I've reference many urls. This one was written for 2.4
>based kernels and I'm not sure it's useful for 2.6. That was one
>of my questions Can you look at it and suggest where it is
>defective? That way, I can use it as a baseline to learn and develop
>a more robust (in_memory) ruleset that spawns from a shell script
>or elsewhere. Or maybe share a 2.6 based script?
>
>OK all of this is fantastic! All of the googling and reading
>I've done has not revealed this. Most of what I find is circa 2.4
>and I'm not adept enough to discern what's relevant for 2.4 and 2.6
>kernels, yet.
>
>Thank you very, very much,
>James

As far as functionality and rule set development, I don't think there
is that much of a difference between 2.4 and 2.6.  I'm sure there are
tons of cool things that go on under the hood that I don't really know
about, but the implementation is basically the same.  2.6 kernels may
offer newer targets, different kernel hooks, etc., etc., but like I
said, that's a little beyond my current scope.  Why not compile a 2.4
kernel (with netfilter), build a ruleset, then load up your 2.6 kernel
and see what breaks (if anything)?

- --
gentux
echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'

gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40  9795 2D81 924A
6996 0993
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDH0X1LYGSSmmWCZMRAlBDAJ9xan8nam9i93nWTKL8CkcFJsb1YgCdE2V4
Pw+Zo2IuXCqMabsrEEryjFQ=
=qppu
-END PGP SIGNATURE-

-- 
gentoo-user@gentoo.org mailing list

RE: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread Dave Nebinger 
> > That's all I'm going to say in the face of all this needlessly insulting
> > behaviour.
> 
> Holly, I have not nor do not intend to insult or constipate anyone.
> Sincere apologies. However, I find this very strange that published
> rulesets do not exist for iptables/netfilter, for simple and common
> things lick a home-office router with (3) nics, including LAN, WAN
> and DMZ with optional web and dns(internal) servers. If you find my
> sharing these thoughts with you, and the 50 times I've had to write
> that I'm interested in iptables/netfilters and not shorewall, then
> I think you are a bit too sensitive about divergent opinions.

Up to now I haven't really wanted to have someone bounced from the list; but
your lack of sensitivity and generally insulting manners make you the first
obvious candidate for such a bouncing.

> > Good morning, this is the general users list. If you want the security
> > experts, try
> 
> > gentoo-security For the discussion of security issues and fixes
> > gentoo-hardened For a security hardened version of Gentoo
> 
> You mean I have to go to this group to find detailed documentation
> in iptables/netfilter rulesets that are indeed secure, published,
> and used in more than one place?

Why do you think that iptables/netfilter is exclusive to gentoo?  It is a
general linux question; iptables is not a product of gentoo.

There are no such published, shared rule sets because each site has it's own
security requirements and places different priorities upon the rules.  Some
will prioritize the connection tracking rules above the service rules (to
optimize outbound active connections over new service connections) whilst
others will prioritize them in the opposite direction.  And the services
themselves can be prioritized differently.

If you really want the down and dirty on iptables, go out and buy "Linux
Firewalls" by Ziegler and Constantine.  It describes every nook and cranny
of iptables.

In the mean time, welcome to my kill file.



-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Arturo 'Buanzo' Busleiman 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Holly Bostick wrote:
> That's about the best I can do for you without knowing more about the
> construction of the file, and what you're trying to do with it.

Well, many people have assumed that it being a 5gb+ file, it was a dvd. 
Definitely not. It has no
menus, no nothing. It's a plain video file. Master copy of a tv program 
originally on tape, then
saved to a digital format.

Here is the output of mplayer:

MPlayer 1.0pre7try2-3.4.4 (C) 2000-2005 MPlayer Team
CPU: Advanced Micro Devices Athlon MP/XP/XP-M Barton (Family: 6, Stepping: 0)
Detected cache-line size is 64 bytes
CPUflags:  MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 0
Compiled for x86 CPU with extensions: MMX MMX2 3DNow 3DNowEx SSE



85 audio & 196 video codecs
Playing work/dd/DD_24_2005.MPG.
Cache fill:  0.00% (0 bytes)MPEG-PS file format detected.
VIDEO:  MPEG2  720x576  (aspect 2)  25.000 fps  9900.0 kbps (1237.5 kbyte/s)
==
Opening audio decoder: [mp3lib] MPEG layer-2, layer-3
AUDIO: 48000 Hz, 2 ch, s16le, 384.0 kbit/25.00% (ratio: 48000->192000)
Selected audio codec: [mp3] afm:mp3lib (mp3lib MPEG layer-2, layer-3)
==
vo: X11 running at 1024x768 with depth 16 and 16 bpp (":0.0" => local display)
==
Opening video decoder: [mpegpes] MPEG 1/2 Video passthrough
VDec: vo config request - 720 x 576 (preferred csp: Mpeg PES)
Could not find matching colorspace - retrying with -vf scale...
Opening video filter: [scale]
The selected video_out device is incompatible with this codec.
VDecoder init failed :(
Opening video decoder: [libmpeg2] MPEG 1/2 Video decoder libmpeg2-v0.4.0b
Selected video codec: [mpeg12] vfm:libmpeg2 (MPEG-1 or 2 (libmpeg2))
==
Checking audio filter chain for 48000Hz/2ch/s16le -> 48000Hz/2ch/s16le...
AF_pre: 48000Hz/2ch/s16le
AO: [oss] 48000Hz 2ch s16le (2 bps)
Building audio filter chain for 48000Hz/2ch/s16le -> 48000Hz/2ch/s16le...
Starting playback...
VDec: vo config request - 720 x 576 (preferred csp: Planar YV12)
VDec: using Planar YV12 as output csp (no 0)
Movie-Aspect is 1.33:1 - prescaling to correct movie aspect.
VO: [xv] 720x576 => 768x576 Planar YV12
A:   1.7 V:   1.7 A-V:  0.005 ct:  0.036  26/ 26 15%  1%  1.1% 0 0 79%
Exiting... (Quit)


- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDH0RbAlpOsGhXcE0RAk+xAJ406EF7yH1AFeUiwFmVkWx4da1f1wCdFcS6
2/okHq9Tj2+iNz8mRffWJxs=
=IkGo
-END PGP SIGNATURE-
-- 
gentoo-user@gentoo.org mailing list

RE: [gentoo-user] iptables example on Gentoo

2005-09-07 Thread Bryan Whitehead 
Wow, that is news to me... I've always just banged out iptables rules and 
then saved them...


On Tue, 6 Sep 2005, Dave Nebinger wrote:


I've been trying to build a simple firewall with a DMZ for a
web server.


Dude, trying to use iptables directly was your first mistake.

Take a spin out and look at shorewall (I'm sure others have different
recommendations).

Shorewall will get you up and running in no time and will easily handle the
configuration stuff from your original post.

Trying to manage such a complex config using iptables directly is doomed to
failure; any mistake in ordering of rules, etc., will break your
connectivity.  Sticking with a tool like shorewall will simplify rules
maintenance and pose less of a problem when performing updates later on.

Dave





--
Bryan Whitehead
Email:[EMAIL PROTECTED]
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Is binary emerge equivalent to source emerge?

2005-09-07 Thread Sascha Lucas 

Hi Ian,


1) Does this seem like a sensible idea?  Will it generally work?
2) Will --usepkg --getbinpkg use binary packages for dependencies?
3) Is the resultant Portage database equivalent to source emerges, especially 
in respect of future --updates, --newuse, etc?

4) Am I right to use a Portage snapshot from the current machine?
5) Is this idea so close to the Catalyst idea that I should use its methods 
to achieve my aims?


I'm answering to your thread, because I'm also playing with binary merges. 
At the moment I'm not realy happy with it. I've played with catalyst/GRP, 
PORTAGE_BINHOST (aka --getbinpkg), PKGDIR via nfs (aka --usepkg).


Perhaps there is someone out there who can point me to some docs etc. Or 
correct my following statments:


to 1)
 - yes it will work
 - you have 3 choices how to build your binarys
   * GRP with catalyst (usefull if your USE-/CFLAGS-Falgs etc. on the
 build system and target system differ)
   * quickpkg from allready installed ebuilds
   * FEATURES="buildpkg" in make.conf (creates bin's on merge)
 - the last 2 are usefull if your USE-/CFLAGS-Flags are identical or do
   not differ much

 - what you need is:
   * portage-snapshot (can be done with catalyst)
   * stage3 from internet or actual build with catalyst
   * binarys build with USE-/CFLAGS-Flags you want on the target

to 2)
  - yes binarys are used for deps
  - --usepkg looks for binarys in PKGDIR=${PORTDIR}/packages
  - --getbinpkg looks for binarys on PORTAGE_BINHOST (I tried ftp)
  - both have a "only" variant which should use only binarys
  - the only-variants doesn't make me happy, because they seem to ignore
different USE-Flags

to 3)
  - if you mean /var/db/pkg then yes it's the same
  - updates seem to work (-kuD world)
  - -uD --newuse world (ebuild only) works
  - -uD --newuse --usepkg world (binary if possible, else ebuild) does not
work very well

to 4 and 5) may be something in my comments to 1-3.

Perhaps I'm doing something wrong then please tell me the better way.

THX,

Sascha.
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Sascha Lucas 

Machine B:
  - mount PGKDIR of machine A via nfs to PGKDIR on machine B
  - added USE-flag "samba"
  - emerge -uD --newuse --usepkg world
* merges binary samba
* does not merge anything else (no binary, no ebuild )

It would be nice if I understand why emerge won't remerge binary packages
with changed use-flags.


It doesn't know that kdebase, cups etc need rebuilding unless you use
the --newuse option


well on Machine B I did emerge -uD --newuse --usepkg world. Isn't it what 
you ment?


Sascha.

--
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James 
gentuxx  gmail.com> writes:



> I think, perhaps, you misunderstood what I was saying.  My
> understanding of shorewall was that it was a script (or series of
> scripts) that look for the previously specified config files and do
> "cool stuff" with the information contained in them.  I was simply
> stating that in order to put value to the information in the config
> files, that you would have to know what the scripts do.  I was not, in
> any way, suggesting that you use Shorewall.  I can completely
> understand and sympathize with your need to dissect iptables, and the
> security it provides.  However, I tend to take a top-down approach, as
> opposed to the bottom-up approach you seem to prefer.

OK this is great!. However, I'm a C/assembler hack, with embedded
tendencies. Scripts are OK, as most are self explanatory. 
As a hardware guy, I often start with a microP, and write/add
firmware to a custom bootloader. From there, often, as simple
state_machine with selected code creates wonderful things;
so I'm definately a bottoms up kind of guy. YMMV.


> Going back to your original questions, I'm not really sure I can help
> with Q1.  However, in regards to Q2, there aren't any config files for
> iptables.  The tables are stored in memory.  You can do an
> "iptables-save", which will output a modified version of the rules
> currently in place, which can subsequently be modified (assuming you
> understand and duplicate the syntax) and restored (with any changes)
> using "iptables-restore".  Otherwise, all of your editing should be
> done at the command line.  I would recommend using a script (of your
> own design, if so desired) to ease repeatability, and reduce the
> possibility for mistakes (fat-fingering).  Also, a script of this
> nature would be handy for starting the iptables upon boot (I believe
> the HOW-TO you referenced covers this).

Is this the one? 
http://www.linuxguruz.com/iptables/scripts/rc.DMZ.firewall.txt
I've reference many urls. This one was written for 2.4 
based kernels and I'm not sure it's useful for 2.6. That was one
of my questions Can you look at it and suggest where it is
defective?  That way, I can use it as a baseline to learn and develop
a more robust (in_memory) ruleset that spawns from a shell script
or elsewhere. Or maybe share a 2.6 based script?

OK all of this is fantastic! All of the googling and reading 
I've done has not revealed this. Most of what I find is circa 2.4 
and I'm not adept enough to discern what's relevant for 2.4 and 2.6 
kernels, yet.

Thank you very, very much,
James




-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] issue on binary merge

2005-09-07 Thread Nick Rout 
On Wed, 2005-09-07 at 18:33 +0200, Sascha Lucas wrote:
> Hi List,
> 
> can some explain this? Machine A+B have identical make.conf (expect in 3 
> USE-falgs), /etc/portage/*, /usr/portage, profile.
> 
> Machine A:
>   - FEATURES="buildpkg"
>   - added USE-flag "samba"
>   - emerge -uD --newuse world
> * builds new samba package
> * rebuilds some packages (kdebase, cups, mplayer etc.)
> 
> Machine B:
>   - mount PGKDIR of machine A via nfs to PGKDIR on machine B
>   - added USE-flag "samba"
>   - emerge -uD --newuse --usepkg world
> * merges binary samba
> * does not merge anything else (no binary, no ebuild )
> 
> It would be nice if I understand why emerge won't remerge binary packages 
> with changed use-flags.

It doesn't know that kdebase, cups etc need rebuilding unless you use
the --newuse option


> 
> THX,
> 
> Sascha.
> 
-- 
Nick Rout <[EMAIL PROTECTED]>

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James 
Holly Bostick  planet.nl> writes:

> Good morning, this is the general users list. If you want the security
> experts, try

> gentoo-security   For the discussion of security issues and fixes
> gentoo-hardened   For a security hardened version of Gentoo

You mean I have to go to this group to find detailed documentation
in iptables/netfilter rulesets that are indeed secure, published,
and used in more than one place?

> If you want to discuss comparisons between Gentoo and BSD, this might be
> the place:

agreeded

> That's all I'm going to say in the face of all this needlessly insulting
> behaviour.

Holly, I have not nor do not intend to insult or constipate anyone. 
Sincere apologies. However, I find this very strange that published
rulesets do not exist for iptables/netfilter, for simple and common
things lick a home-office router with (3) nics, including LAN, WAN
and DMZ with optional web and dns(internal) servers. If you find my
sharing these thoughts with you, and the 50 times I've had to write
that I'm interested in iptables/netfilters and not shorewall, then
I think you are a bit too sensitive about divergent opinions.

sincerely,
James



-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Holly Bostick 
Arturo 'Buanzo' Busleiman schreef:
> Holly Bostick wrote:
> 
>>> Is this 100MB a strict limit on the final file size (if you even
>>>  can do it, it's going to be the size of a postage stamp, though
>>>  possibly the most beautiful postage stamp ever seen)? Is all the
>>>  data in the original file strictly necessary?
> 
> 
> ID_VIDEO_WIDTH=720 ID_VIDEO_HEIGHT=576 ID_VIDEO_FPS=25.000 
> ID_VIDEO_ASPECT=1. ID_AUDIO_CODEC=mp3 ID_AUDIO_FORMAT=80 
> ID_AUDIO_BITRATE=384000 ID_AUDIO_RATE=48000 ID_AUDIO_NCH=2 
> ID_LENGTH=3502

OK, I would say that this is a PAL DVD with mp3 sound, based on the
aspect ratio, frame rate, and size. You *could* just use dvdauthor to
format the mpg (which is correctly formatted for a PAL DVD) to
DVD-compliant files, and then burn it to a standard DVD which would
happily play in your DVD player (assuming that said player can play PAL
DVDs).

But if you don't have a DVD burner, or for some other reason need this
file to be housed on smaller media, you need to break the file up into
its composite parts so that you can get rid of some of them. For
example, if there are menus, they need to be ripped out. If there
are extras (making-of comments, outtakes, whatever), they need to be
ripped out. What I would do is fire up dvdauthor to convert the *.mpg
into defined chapters (*.VOB and *.IFO files), then fire up dvd::rip to
select just the data chapters (the "movie" itself, in other words, without
the menus and extras), and transcode those chapters to an *avi... in the
process you could also reduce the sound quality somewhat, which would
also reduce the final file size, and of course the image size, which
would reduce the file size as well, but it might not look very good.

Alternatively, if it's a 'mixed' DVD (for example, not a movie, but a
music/concert DVD with video footage), using the chapter methodology would
enable you to encode each video/song as an individual *.avi rather than one
giant one.

If you tell dvdrip how big you want the resulting transcoded file to be,
it will do that, but if all of the data doesn't fit in the size
specified (which it likely won't, depending on your settings, which can
only do so much), then you'll have two (or four, or six) 100MB files
instead of just one.

That's about the best I can do for you without knowing more about the
construction of the file, and what you're trying to do with it.

Holly
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] grub over the top of Win XP

2005-09-07 Thread Mark Knecht 
On 9/7/05, Heinz Sporn <[EMAIL PROTECTED]> wrote:
> Am Mittwoch, den 07.09.2005, 10:25 +0200 schrieb Christoph Gysin:
> > Neil Bothwick wrote:
> > > Correct, and /dev/hda5 is (hd0,4) despite all the conflicting advice
> > > you've been given.  All my boxes have /boot on hda5 and all use hd0,4
> > > (well, except the iBook which uses that horrible yaboot thing, anyone
> > > who wants to start a grub vs. lilo flame war should be made to use
> > > yaboot).
> >
> > Sorry for the confusing answers. I was pretty sure grub doesn't care wether 
> > your
> > partions are primary or logical, giving each a number starting from 0.
> > Appearantly this is *not* the case. From the docs:
> >
> 
> Grub's a nasty hog, that's for sure (but still superior over Lilo IMHO).
> Another very important point to consider is that Grub looks at drive
> sequences from a BIOS perspective. Say you have disk 1 (primary IDE) and
> disk 2 (secondary IDE). When you boot Grub in sunshine mode it'll see
> disk 1 as hd0 and disk 2 as hd1. But if you jump into your BIOS and set
> disk 2 to your primary boot medium Grub will change it's perspective and
> match disk 2 to hd0.
> 
> >   (hd0,1)
> >
> > Here, `hd' means it is a hard disk drive. The first integer `0'
> > indicates the drive number, that is, the first hard disk, while the
> > second integer, `1', indicates the partition number (or the PC slice
> > number in the BSD terminology). Once again, please note that the
> > partition numbers are counted from _zero_, not from one. This
> > expression means the second partition of the first hard disk drive. In
> > this case, GRUB uses one partition of the disk, instead of the whole
> > disk.
> >
> >   (hd0,4)
> >
> > This specifies the first "extended partition" of the first hard disk
> > drive. Note that the partition numbers for extended partitions are
> > counted from `4', regardless of the actual number of primary partitions
> > on your hard disk.
> >
> > Hope this made things clearer now...
> >
> > Christoph
> > --
> > echo mailto: NOSPAM !#$.'<*>'|sed 's. ..'|tr "<*> !#:2" [EMAIL PROTECTED]
> --
> Mit freundlichen Grüßen
> 
> Heinz Sporn
> 

Hi Heinz,
   OK, the machine is up and dual booting so everything worked out
fine. Thanks to all for your answers. What I suggested in my first
email was correct. Before I did it I followed Neil's suggestion abut
using the find command within grub. That did clarify things a bit and
made me feel a bit better when I pulled the trigger.

   Anyway, I read all the responses this morning and had a good laugh.
I guess I'm not the only one who has a question or two about how all
of this is done! I must say that I'm appreciative of all the
responses.

   As for the comment above about BIOS order, I think that's correct,
but I tried an experiment on this machine and told it to boot from the
second EDIE controller. That did not change the order grub saw the
drives so I'm not sure every option in BIOS would fit your rule above,
or maybe I still don't understand.

   As for grub rules I think I understand, it's these:

1) The order that the system sees hard drives is the order grub will
enumerate them. For instance, in this system:

/dev/hda - hard drive
/dev/hdb - hard drive
/dev/hdac - cdrom

or this system:

/dev/hda - hard drive
/dev/hdc - cdrom
/dev/hde - hard drive

both produce the same results in grub:

hd0 == /dev/hda
hd1 == /dev/hdb or /dev/hde

where the drives are numbered in the order Linux shows them.

As for partition numbers it is my understanding that grub is always
the /dev/hdX value minus 1.

Beyond that I don't pretend to know anything.

The one thing that always confuses me is the difference between
placing grub in the MBR and placing it in a partition. It is my
understanding that the MBR is a separate part of the drive structure,
and is not part of any partition. Is this true?

When we place an bootloader in the MBR that's what the system jumps to
first? After that the bootloader in the MBR can transfer to either an
operating system or to a second boot loader. I've done this where I
had a copy of grub from Gentoo in the MBR, and then a copy of grub in
a partition. Each copy had their own grub.conf file and managed it's
own set of kernels, etc.

However, what Windows does is a bit beyond me. I suppose it places
it's own bootloader in the MBR. We then overwrite it, but then we have
a command to jump to that OS. (chainloader +1 I suppose?)

Anyway, confusing.

Hey, emerge sync running now. Windows boots, Gentoo boots. All is
good. this is my first dual boot machine that didn't use System
Commander.

Thanks much,
Mark

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Random Kernel Crashes ... Need more info

2005-09-07 Thread Arturo 'Buanzo' Busleiman 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Arturo 'Buanzo' Busleiman wrote:
> You may snapshot dmesg's output in a timely manner, ala crontab.

Additionally, you my wish to play with the log_buf_len kernel parameter:

log_buf_len=n   Sets the size of the printk ring buffer, in bytes.
Format is n, nk, nM.  n must be a power of two.  The
default is set in kernel config.


- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDHzreAlpOsGhXcE0RApV0AJ4nJs869Ichp2EOBhZ/FGCGsbi32wCfbqqC
CRLg1gGzxLmj6Xa3kya56Gc=
=SDxa
-END PGP SIGNATURE-
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Random Kernel Crashes ... Need more info

2005-09-07 Thread gentuxx 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Kris Kerwin wrote:

>Hey all,
>
>I've been experiencing some random kernel crashes, and need a way of
finding
>out what happened.
>
>I can't find any information in /var/log/lastlog or
>in /var/log/messages.*.bz2.
>
>Is there any way that I can monitor kernel messages during a crash and
recover
>this information on the next boot?
>
>Thanks in advance.
>
>Kris Kerwin
>
>PS: Please CC me in your response.

The /var/log/dmesg log contains more specific kernel messages.  You
can also get the messages by running `dmesg` (basically `cat`'s that
file).  If the kernel crashes, messages from previous boots should be
store there.  Also, if you're running a custom kernel, you may want to
turn on the "kernel debugging" option on.  (I haven't used that, but I
remember seeing the last time I compiled my kernel.)

HTH.

- --
gentux
echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'

gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40  9795 2D81 924A
6996 0993
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDHzewLYGSSmmWCZMRAhXAAKCUTIBHs3S89XKfxBHpWEpjsr4fdQCgybvw
YJ0oXp8+mZkHbg9GNOu6px4=
=DEsO
-END PGP SIGNATURE-

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James 
Rumen Yotov  dir.bg> writes:


> IMO OpenBSD initial goal was just that - to be very secure even in it's 
> default install. Haven't seen such claim for Gentoo (plain).

Huh?

"This release also gives provides two additional x86 LiveCD images, in
combination with the minimal and universal InstallCDs seen in previous
releases: a new x86 LiveCD from the Hardened project "

And the corresponding CD:
http://open-systems.ufl.edu/mirrors/gentoo/experimental/x86/hardened/livecd

> Have some experience with Grsec2+PaX and RSBAC (SElinux brother ;)
> IMHO they are significantly better than OpenBSD in overall security.
> The "new/next" version of OpenBSD will have some sort of protection 
> against memory overflow attacks (writting this by memory only, might not 
> be 100% correct) so they are slowing nest release to test this 'new' 
> feature - which one and others too are already used by Hardened Gentoo.
> Check 'Adamantix' - Debian + PaX (memory protection) + RSBAC (DAC).
> Example: see 'gibraltar' router/firewall distro - uses RSBAC-kernel.

Beautiful Prose! Any  Other contributors care to 'Stand Up'?


> No flames please, just my opinion.
> HTH. Rumen

Rumen, I never flame. I try to inspire, sometimes making
my community and friends ashamed of ourselves and myself. 
Surely, I run the risk of becoming an outcast within a group
of radicals (GENTOO)? Not the first time I've been 86'd
from a place where they never toss out radical and dreamers

Certainly, there are others feeling the pain of less than fantastic
security on Gentoo! Hacking the raw files will allow migration
of proven security models to countless (embedded) gentoo
devices. Once perfected, the GUI frontends can be honestly tested
and evaluated for robustness.

AT  www.shorewall.net (interestingly not www.shorewall.org)
WE see in big red bold letters:
"Security vulnerability in Shorewall 2.x"

I'll stick with iptables/netfilter directly, until multiple, proven
scripts and configurations are published. Then we can all
play with GUI tools...

Business vs Integrity(Freedom).
Funny, Gentoo was very quick to dump XFree for Xorg,
in name of righteous OpenSource propaganda.

Yet the same level of detail with documented usage of a 2.6
kernel and iptables/netfilter alludes us?

Business versus Integrity? or just an oversight?

Common man, we're all guilty. Let's group together, straighten
out this sess_pool, and live with Integrity!

-- the most guilty of all,

James




-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Random Kernel Crashes ... Need more info

2005-09-07 Thread Arturo 'Buanzo' Busleiman 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Kris Kerwin wrote:
> Is there any way that I can monitor kernel messages during a crash and 
> recover 
> this information on the next boot?

You may snapshot dmesg's output in a timely manner, ala crontab.

- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDHzceAlpOsGhXcE0RAkQiAJ9DsaMLMkb57V1pe1auCGI+SLGBfACfdR29
61J2yLxkK4mbCi8bZPEMmok=
=6InN
-END PGP SIGNATURE-
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Antoine 

Arturo 'Buanzo' Busleiman wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi people,

I was wondering, do you have any pointers to transcode an mpeg file to 
an xvid? The original is a
+4gb file, and I need to create a good quality of aprox. 100mb xvid file.

What are your suggestions? Any interesting sites to read about this? 
scripts? ebuilds? I've done
some research in the area for the last two days, but I am definitely not a 
video guru, and many
things I do not understand.


Unless the mpeg is mostly nothing at all (very little motion, no flames, 
water, sky, textures, ...) then you will find it hard to get down to 
100meg. Don't forget that mpeg2 (probably the format you have...) is 
already compressed. Also don't forget that 1h30 of *audio* at 128kbps 
(normal mp3/ogg quality) will take about 90-100meg. What you are asking 
is pretty unrealistic. You could do it with mplayer or transcode but the 
results will be horrific. For 1h30 mins you will be down to a very small 
size, very low quality and barely discernable audio. Can you really only 
go to 100meg? You might get something reasonable with 300meg if you play 
around enough but otherwise I would say forget it.

Cheers
Antoine
ps. more info about the nature of the original could change everything
--
gentoo-user@gentoo.org mailing list

RE: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread Dave Nebinger 

> > > I think it might be important to point out here how Shorewall
> > > handles/uses these files.  I don't use Shorewall, so I can't really
> > > shed light on it.  But these config files are really only one side of
> > > the mirror.
> 
> Sorry, I HAVE ZERO INTEREST IN A GUI, UNLESS THE RESULTING RULESETS
> ARE SIMILAR TO THOSE BUILT MANUALLY with a one-to-one correspondance
> to iptables/netfilter.

FWIW, shorewall does not have a gui.  It reads the script files and builds
appropriate iptables rules and applies them.
 
> I'm not looking for advice on building firewalls as a newbie.
> I'm looking for somebody that knows IPTABLES/NETFILTER, preferable
> on Gentoo, and is willing to share a little information. I'm in the
> process of building a gentoo based firewall to compare the robustness
> against OpenBSD + pf. The really funny thing is a year ago, this
> list was full of persons that debunked OpenBSD's security supremacy.
> Now all I'm getting is a lot of 'hot air' and 'bull-loney'. Why are
> so many people scared to manage there own firewall rulesets directly?

I know iptables/netfilter.  I've worked through all of the online
documentation, I've read iptables books, I've implemented firewalls using
just iptables.

Knowing all of that information, I still suggest using a tool to help manage
iptables.

The reason is this: iptables, like PF on openbsd, allows for fine-grained
control over every aspect of the network traffic going in and out of the
box.

Most folks, however, have little need for such fine-grained control over
their firewall.  They want a simple set of rules that allow outgoing traffic
and certain incoming traffic.  They don't care about masquerading vs
DNAT/SNAT, what to enable/disable on the ICMP packets, which ones to reject
vs deny, etc.  They don't need a detailed explanation of why the order of
the addition of rules to the table impact network performance as well as
whether a certain rule actually disables traffic that a later rule would
actually allow.

So why is it so necessary to get down and dirty with iptables when there are
supporting tools that manage all of these details quite well.
 
> Personally,
> when the occasional hacker does manage to penetrate a managerie
> of obsticles, I like to watch what they do, and learn. Besides the
> end result is there is nothing in my networks that if destroyed,
> cannot be rebuilt. Anything of treasure value is protected by
> a 4 foot air_gap. I guess I see talented penetration specialists
> more as kindred spirits, as opposed to evil interlopers. This FEAR
> of managing your own iptables/netfilters rulesets is not healthly.
> Who the F*** wants to live life afraid? Conquer your demons
> face to face, unless there really is truth to what the OpenBSD community
> says about linux, 'linux based security is bullshit'.

Oh, come on.  Using a tool to assist in rules maintenance hardly qualifies
as being afraid.  Using a tool to assist in rules maintenance means you have
better things to do with your time than operate at such a low level.

Per your idiom, we should throw out higher-level programming languages
because they take us all away from knowing microcode and assembler.

The tools exist because they are an aid, not a crutch.
 
> OpenBSD + PF is a piece of cake. OpenBSD comes secure right
> out of the box. If the gentoo experts that peruse this list
> read this email, surely they can direct one to examples where
> the details of secure rulesets exist?
> Surely someone is  confident enough in their
> iptables/netfilter rulesets to publish them?

Being a gentoo and/or linux expert does not qualify one as an iptables
expert.  Perhaps the same cannot be said about openbsd wrt pf, but that's
not for me to say.

If you think iptables should be so easy to pick up, then go pick it up and
make it work for you - no one is stopping you from that task.

> Maybe the linux security models are not up to the task?
> SElinux etc?

They are up to the task, which is why linux is used a heck of a lot more
than openbsd...

> PF rulessets are quite elaborate, but easily discernable.

Iptables, as well, can be quite elaborate.  Discernable is another question
entirely.

If you know what you're doing, you can create a discernable set of rules
using custom chains and appropriate ordering.

Most often, though, what you'll see is the list of rules in some quasi order
which is supposed to satisfy security and accessibility requirements, but
hardly show up as being discernable.
 
> If you have ruleset capabilities, then look at this example,
> and tell me what's deficient with it?
> http://www.linuxguruz.com/iptables/scripts/rc.DMZ.firewall.txt

First of all the connection tracking rule is too far down in the INPUT
chain; it should come close to the top to shorten the amount of rules an
established connection would need to travel through before being accepted.

Secondly there's no filtering of traffic headed outbound.  Typically any
windblows & ipp traffic should b

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Arturo 'Buanzo' Busleiman 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Holly Bostick wrote:
> Is this 100MB a strict limit on the final file size (if you even can do it,
> it's going to be the size of a postage stamp, though possibly the most
> beautiful postage stamp ever seen)? Is all the data in the original file
> strictly necessary?

This is the output of idmedia on one of those fiels:

ID_VIDEO_ID=0
ID_AUDIO_ID=0
ID_FILENAME=/home/buanzo/work/dd/DD_25_2005.MPG
ID_VIDEO_FORMAT=0x1002
ID_VIDEO_BITRATE=990
ID_VIDEO_WIDTH=720
ID_VIDEO_HEIGHT=576
ID_VIDEO_FPS=25.000
ID_VIDEO_ASPECT=1.
ID_AUDIO_CODEC=mp3
ID_AUDIO_FORMAT=80
ID_AUDIO_BITRATE=384000
ID_AUDIO_RATE=48000
ID_AUDIO_NCH=2
ID_LENGTH=3502

idmedia(){
mplayer -identify -frames 0 -ao null -vo null  -vc dummy "$@" 2>/dev/null | 
grep ID_
}

The file is exactly 4566906464

This is a digital dump, probably really compressable, as I have already seen 
it. But they usually
encode with wmv, which is, by no means, better.

- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDHzThAlpOsGhXcE0RAnvrAJ9g5p5AMenoiCfHaDbOMSIZHuXR3gCeLMO4
eqfWY8c+9SK4HCL7eZvYoVA=
=0MNl
-END PGP SIGNATURE-
-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Is binary emerge equivalent to source emerge?

2005-09-07 Thread Ian Clowes 

Hi

I've been building a box for a specific purpose by emerge-ing and playing 
with various packages until I ended up with something that matched what I 
wanted.


I'd now like to rebuild the box including just the packages that turned out 
to be relevant.


Rather than do source installs again I was thinking of using the current box 
to build binary packages before wiping it and doing a rebuild from these 
binaries, hence saving on heaps of build time after setting make.conf, etc. 
to match the current install.  One additional step that I think is important 
is to use a Portage snapshot from the current machine.


A few questions...

1) Does this seem like a sensible idea?  Will it generally work?
2) Will --usepkg --getbinpkg use binary packages for dependencies?
3) Is the resultant Portage database equivalent to source emerges, 
especially in respect of future --updates, --newuse, etc?

4) Am I right to use a Portage snapshot from the current machine?
5) Is this idea so close to the Catalyst idea that I should use its methods 
to achieve my aims?


TIA
IanC


--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread gentuxx 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

James wrote:

>Dave Nebinger  joat.com> writes:
>
>
>>>I think it might be important to point out here how Shorewall
>>>handles/uses these files. I don't use Shorewall, so I can't really
>>>shed light on it. But these config files are really only one side of
>>>the mirror.
>
>
>Sorry, I HAVE ZERO INTEREST IN A GUI, UNLESS THE RESULTING RULESETS
>ARE SIMILAR TO THOSE BUILT MANUALLY with a one-to-one correspondance
>to iptables/netfilter.


I think, perhaps, you misunderstood what I was saying.  My
understanding of shorewall was that it was a script (or series of
scripts) that look for the previously specified config files and do
"cool stuff" with the information contained in them.  I was simply
stating that in order to put value to the information in the config
files, that you would have to know what the scripts do.  I was not, in
any way, suggesting that you use Shorewall.  I can completely
understand and sympathize with your need to dissect iptables, and the
security it provides.  However, I tend to take a top-down approach, as
opposed to the bottom-up approach you seem to prefer.

>
>>Actually these files are typically the only ones you'll need to edit...
>
>
>
>I have a very robust OpenBSD based firewall.
>
>I'm not looking for advice on building firewalls as a newbie.
>I'm looking for somebody that knows IPTABLES/NETFILTER, preferable
>on Gentoo, and is willing to share a little information. I'm in the
>process of building a gentoo based firewall to compare the robustness
>against OpenBSD + pf.

< ... snipping "BSD is better" rant ... >

>
>sincerely, from a dreamer and a looser, and an simpleton,
>
>(but, I'm not afraid of any stinking rule_set, are you?)
>
>James
>
Going back to your original questions, I'm not really sure I can help
with Q1.  However, in regards to Q2, there aren't any config files for
iptables.  The tables are stored in memory.  You can do an
"iptables-save", which will output a modified version of the rules
currently in place, which can subsequently be modified (assuming you
understand and duplicate the syntax) and restored (with any changes)
using "iptables-restore".  Otherwise, all of your editing should be
done at the command line.  I would recommend using a script (of your
own design, if so desired) to ease repeatability, and reduce the
possibility for mistakes (fat-fingering).  Also, a script of this
nature would be handy for starting the iptables upon boot (I believe
the HOW-TO you referenced covers this).

HTH.

- --
gentux
echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'

gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40  9795 2D81 924A
6996 0993
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDHzQ7LYGSSmmWCZMRAgx1AKCT+7L3dXEppBtzjsZ8K/PLKYB4BQCff/AJ
IWqjSAL5vD46NiY0sfquCe4=
=hejB
-END PGP SIGNATURE-

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] Random Kernel Crashes ... Need more info

2005-09-07 Thread Kris Kerwin 
Hey all,

I've been experiencing some random kernel crashes, and need a way of finding 
out what happened.

I can't find any information in /var/log/lastlog or 
in /var/log/messages.*.bz2. 

Is there any way that I can monitor kernel messages during a crash and recover 
this information on the next boot?

Thanks in advance.

Kris Kerwin

PS: Please CC me in your response.


pgprhWzavLQxv.pgp
Description: PGP signature

Re: [gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Holly Bostick 
Arturo 'Buanzo' Busleiman schreef:
> Hi people,
> 
> I was wondering, do you have any pointers to transcode an mpeg file 
> to an xvid? The original is a +4gb file, and I need to create a good 
> quality of aprox. 100mb xvid file.

I don't think this is realistic... you are trying to reduce the file
size by over 98% and want 'good quality' as well?

I don't see quite how that is going to happen, A standard DVD can be
reduced to the size of 1 CD (700 MB) or half that (350-400 MB) using
Xvid or Divx, but that's still 4-7x bigger than what you're trying to
get from the more-or-less same size starting point, and to even do that
much you have to make some sacrifices (like removing menus and extras,
which is essentially ripping out data from the original file by the
handful, or reducing image size, which may affect quality).

Is this 100MB a strict limit on the final file size (if you even can do it,
it's going to be the size of a postage stamp, though possibly the most
beautiful postage stamp ever seen)? Is all the data in the original file
strictly necessary?

Holly
-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] 4gb mpeg to 100mb xvid?

2005-09-07 Thread Arturo 'Buanzo' Busleiman 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi people,

I was wondering, do you have any pointers to transcode an mpeg file to 
an xvid? The original is a
+4gb file, and I need to create a good quality of aprox. 100mb xvid file.

What are your suggestions? Any interesting sites to read about this? 
scripts? ebuilds? I've done
some research in the area for the last two days, but I am definitely not a 
video guru, and many
things I do not understand.

Yours,

- --
Arturo "Buanzo" Busleiman - www.buanzo.com.ar
Consultor en Seguridad Informatica
KTP Consultores - info AT ktpconsultores.com.ar
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDHy8dAlpOsGhXcE0RAtG1AJ4hKwTIoDebDzICqNTJv3ZHe4fXawCfWLeh
J2IsjTmur5KhaN5MUb3ty00=
=dgAi
-END PGP SIGNATURE-
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread Holly Bostick 
James schreef:

> 
> (Booo) 
> 
> 
> The really sad thing in this whole thread, is nobody
> has even mentiond which (kernel) sources to use, what
> to disable/enable and why. Is this some sort of deep secret
> or is the gentoo community un_caring about those who
> simply want to learn about iptables/netfilter in a 2.6
> kernel environment? Hell, if this list and the greater
> gentoo community do not have this aggregated knowledge

Good morning, this is the general users list. If you want the security
experts, try

gentoo-security For the discussion of security issues and fixes
gentoo-hardened For a security hardened version of Gentoo

If you want to discuss comparisons between Gentoo and BSD, this might be
the place:

gentoo-bsd  Discussion about Gentoo/BSD

That's all I'm going to say in the face of all this needlessly insulting
behaviour.

Holly
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread Rumen Yotov 

Hi,
James escreveu:


Dave Nebinger  joat.com> writes:


 


I think it might be important to point out here how Shorewall
handles/uses these files.  I don't use Shorewall, so I can't really
shed light on it.  But these config files are really only one side of
the mirror.
 



Sorry, I HAVE ZERO INTEREST IN A GUI, UNLESS THE RESULTING RULESETS
ARE SIMILAR TO THOSE BUILT MANUALLY with a one-to-one correspondance
to iptables/netfilter.

 

IMHO shorewall isn't a GUI it's just a script (might be wrong here) with 
many config files for many (quite all) possible usages and with a manual 
(in pdf & other formats) which is around 500-600 pages.
All  the configuration is done by editing files in: /etc/shorewall/... 
directory (and they come heavily commented).



...SKIP...
OpenBSD + PF is a piece of cake. OpenBSD comes secure right 
out of the box. If the gentoo experts that peruse this list 
read this email, surely they can direct one to examples where 
the details of secure rulesets exist? 
Surely someone is  confident enough in their 
iptables/netfilter rulesets to publish them?


 

IMO OpenBSD initial goal was just that - to be very secure even in it's 
default install. Haven't seen such claim for Gentoo (plain).



Maybe the linux security models are not up to the task?
SElinux etc?
 


Have some experience with Grsec2+PaX and RSBAC (SElinux brother ;)
IMHO they are significantly better than OpenBSD in overall security.
The "new/next" version of OpenBSD will have some sort of protection 
against memory overflow attacks (writting this by memory only, might not 
be 100% correct) so they are slowing nest release to test this 'new' 
feature - which one and others too are already used by Hardened Gentoo.

Check 'Adamantix' - Debian + PaX (memory protection) + RSBAC (DAC).
Example: see 'gibraltar' router/firewall distro - uses RSBAC-kernel.


PF rulessets are quite elaborate, but easily discernable.

You know, 'the rat' culture is questionable, but, he's really quite
talented and reasonable, once you get past the phasic behavior.

OpenBSD comes secure, right out off the installation. Builing a really
secure firewall is trivial. I thought (gentoo)linux was suppose to
be equal to or superior to OpenBSD for security and every other
aspect of computing?

If you have ruleset capabilities, then look at this example,
and tell me what's deficient with it? 
http://www.linuxguruz.com/iptables/scripts/rc.DMZ.firewall.txt


It was created for
2.4 based kernels, but this simple website shows one
how to prepare a 2.6 kernel as the basis of the firewall:
http://www.gentoo.org/doc/en/home-router-howto.xml
It is a bit shallow, but at least this author is
not scared of iptables/netfilter fundamentals.

(Booo) 


The really sad thing in this whole thread, is nobody
has even mentiond which (kernel) sources to use, what
to disable/enable and why. Is this some sort of deep secret
or is the gentoo community un_caring about those who
simply want to learn about iptables/netfilter in a 2.6
kernel environment? Hell, if this list and the greater
gentoo community do not have this aggregated knowledge
then let's develop it and document it and share it. 
This is how we, as the open_source community distinguish 
ourselves from the Vulture and his menion_buzzards that inhabit

Redmond!

sincerely, from a dreamer and a looser, and an simpleton,

(but, I'm not afraid of any stinking rule_set, are you?)

James

 


No flames please, just my opinion.
HTH. Rumen
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Make a running process nohup?

2005-09-07 Thread Peter Karlsson 

On Wed, 7 Sep 2005, Qiangning Hong wrote:


Is it possible make a running process nohup so that I can leave it
running after I logout without interrupt it?


man nohup? (+nice/renice?)

Best regards

Peter K

--
gentoo-user@gentoo.org mailing list

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James 
Dave Nebinger  joat.com> writes:


> > I think it might be important to point out here how Shorewall
> > handles/uses these files.  I don't use Shorewall, so I can't really
> > shed light on it.  But these config files are really only one side of
> > the mirror.

Sorry, I HAVE ZERO INTEREST IN A GUI, UNLESS THE RESULTING RULESETS
ARE SIMILAR TO THOSE BUILT MANUALLY with a one-to-one correspondance
to iptables/netfilter.

> Actually these files are typically the only ones you'll need to edit...


I have a very robust OpenBSD based firewall. 

I'm not looking for advice on building firewalls as a newbie.
I'm looking for somebody that knows IPTABLES/NETFILTER, preferable
on Gentoo, and is willing to share a little information. I'm in the
process of building a gentoo based firewall to compare the robustness
against OpenBSD + pf. The really funny thing is a year ago, this
list was full of persons that debunked OpenBSD's security supremacy.
Now all I'm getting is a lot of 'hot air' and 'bull-loney'. Why are 
so many people scared to manage there own firewall rulesets directly?


Personally,
when the occasional hacker does manage to penetrate a managerie
of obsticles, I like to watch what they do, and learn. Besides the
end result is there is nothing in my networks that if destroyed,
cannot be rebuilt. Anything of treasure value is protected by
a 4 foot air_gap. I guess I see talented penetration specialists
more as kindred spirits, as opposed to evil interlopers. This FEAR
of managing your own iptables/netfilters rulesets is not healthly.
Who the F*** wants to live life afraid? Conquer your demons
face to face, unless there really is truth to what the OpenBSD community
says about linux, 'linux based security is bullshit'.

Prove me wrong; don't hijack the thread!

OpenBSD + PF is a piece of cake. OpenBSD comes secure right 
out of the box. If the gentoo experts that peruse this list 
read this email, surely they can direct one to examples where 
the details of secure rulesets exist? 
Surely someone is  confident enough in their 
iptables/netfilter rulesets to publish them?

Maybe the linux security models are not up to the task?
SElinux etc?
PF rulessets are quite elaborate, but easily discernable.

You know, 'the rat' culture is questionable, but, he's really quite
talented and reasonable, once you get past the phasic behavior.

OpenBSD comes secure, right out off the installation. Builing a really
secure firewall is trivial. I thought (gentoo)linux was suppose to
be equal to or superior to OpenBSD for security and every other
aspect of computing?

If you have ruleset capabilities, then look at this example,
and tell me what's deficient with it? 
http://www.linuxguruz.com/iptables/scripts/rc.DMZ.firewall.txt

It was created for
2.4 based kernels, but this simple website shows one
how to prepare a 2.6 kernel as the basis of the firewall:
http://www.gentoo.org/doc/en/home-router-howto.xml
It is a bit shallow, but at least this author is
not scared of iptables/netfilter fundamentals.

(Booo) 


The really sad thing in this whole thread, is nobody
has even mentiond which (kernel) sources to use, what
to disable/enable and why. Is this some sort of deep secret
or is the gentoo community un_caring about those who
simply want to learn about iptables/netfilter in a 2.6
kernel environment? Hell, if this list and the greater
gentoo community do not have this aggregated knowledge
then let's develop it and document it and share it. 
This is how we, as the open_source community distinguish 
ourselves from the Vulture and his menion_buzzards that inhabit
Redmond!

sincerely, from a dreamer and a looser, and an simpleton,

(but, I'm not afraid of any stinking rule_set, are you?)

James

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /dev/input/mouse0 Doesn't Exist

2005-09-07 Thread Drew Tomlinson 

On 9/6/2005 9:53 PM W.Kenworthy wrote:


use lsmod to get the module list.  The modules are usbmouse and psmouse
(not sure if you have said what mouse type you are using) .  Note that
you will need to revisit your kernel configuration if you dont have
them. If they dont show in "lsmod", try "modprobe psmouse" etc.
 

Thanks for the reply.  I have neither usbmouse nor psmouse in my lsmod 
output.  Trying to load with modprobe doesn't work either:


tv mythtv # modprobe psmouse
FATAL: Module psmouse not found.
tv mythtv # modprobe usbmouse 
FATAL: Module usbmouse not found.


Because I haven't made any changes, I suspect my system never used 
them.  I'll try changing the batteries in the mouse as another poster 
suggested.  If that doesn't solve it, then I'll venture into this further.


Thanks,

Drew


On Tue, 2005-09-06 at 21:03 -0700, Drew Tomlinson wrote:
 


On 9/6/2005 8:49 PM W.Kenworthy wrote:

   


The module thats responsible for /dev/input/mouse0 creates the node when it 
loads via udev: is the modules loaded?  /dev/mouse is usually (on


 

I come from the FreeBSD world and thus, I'm a linux newb.  Sorry for the 
simple questions.  What module should I look for?  How can I check to 
see if it's loaded?


   


newer systems) a symlink to /dev/input/mouse0 if it
exists.  /dev/input/mice is a concentrator.  i.e., on my laptop I have a
ps2 mouse (actually the gspot/touchpad) and a plugged in usb mouse.  All
three work through /dev/input/mice at the same time.  Individually they
are accessed via /dev/input/mouseX.


 


Thanks for the explanation.

   


To test try "cat /dev/input/mice" and move the mouse - rubbish will
print to terminal if its working.  CTRL-C to exit.



 


No rubbish.  Not working.

Thanks for your help.

Drew

--
Visit The Alchemist's Warehouse
Magic Tricks, DVDs, Videos, Books, & More!

http://www.alchemistswarehouse.com

   




--
Visit The Alchemist's Warehouse
Magic Tricks, DVDs, Videos, Books, & More!

http://www.alchemistswarehouse.com

--
gentoo-user@gentoo.org mailing list

[gentoo-user] init script dependency problem

2005-09-07 Thread A. Khattri 

Anyone else encountered this?

 * Re-caching dependency info (mtimes differ)...
 * Could not get dependency info for "nscd"!
 * Please run:

 *   # /sbin/depscan.sh

 * to try and fix this.
 * Starting Name Service Cache Daemon ...   
[ ok ]

[root:/etc]# /sbin/depscan.sh
 * Caching service dependencies ...
gawk: /lib/rcscripts/awk/cachedepends.awk:72: fatal: extension: library
`/lib/rcscripts/filefuncs.so': cannot call function `dlload'
(/lib/rcscripts/filefuncs.so: undefined symbol: dlload)

bash: /var/lib/init.d/depcache: No such file or directory
 * Failed to cache service dependencies


Just wondering if a recent update to gawk broke something?


-- 
Aj.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /dev/input/mouse0 Doesn't Exist

2005-09-07 Thread Drew Tomlinson 

On 9/6/2005 10:00 PM Willie Wong wrote:


On Tue, Sep 06, 2005 at 09:03:09PM -0700, Drew Tomlinson wrote:
 


No rubbish.  Not working.

Thanks for your help.

   


That means it is not an X problem, but a problem at the kernel
(unlikely) or your hardware. 


You said it is part of a wireless combo? Try changing the battery. I
also have a wireless mouse/keyboard combo from Logitech (actually
Logitech rebranded as Acer), the keyboard runs on a single AAA for
over two years now and is still going, but I've had to change the
batteries for my mouse every three months. I think it has to do with
the fact that it is an optical mouse and the little red LED just keeps
going On my mouse, when the battery dies, the LED will still be
working for a bit, but the batteries won't provide enough voltage to
drive other electronics, and so while it seems like the mouse should
work, it actually doesn't. 
 

This could be the problem as the mouse batteries have been in for at 
least 2 months.  Like you, I assumed the mouse should work as it did the 
first time I rebooted because the red light is still on.  I'll try it 
tonight when I get home.


Thanks,

Drew

--
Visit The Alchemist's Warehouse
Magic Tricks, DVDs, Videos, Books, & More!

http://www.alchemistswarehouse.com

--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] mplayer and/or X optimization

2005-09-07 Thread Volker Armin Hemmann 
On Wednesday 07 September 2005 12:56, [EMAIL PROTECTED] wrote:
> On Wed, Sep 07, 2005 at 03:15:51AM +0200, Volker Armin Hemmann wrote
>
> > does xine also have a speed problem?
> > If yes:
>
>   I don't have xine loaded.  I've had problems building it in the past.
> mplayer has been trouble-free.
>
> > could you please post xorg.conf/Xorg.0.log?
> >
> > Maybe they contain somethin obvious...
>
>   To avoid cluttering up the list, I've posted them on my webpage; see
> http://www.waltdnes.org/xorg.conf.txt
> http://www.waltdnes.org/Xorg.0.log.txt
>
>   According to the box, the card is a PowerColor X300 SE, with PCI
> Express and full DirectX 9 support.
>
>   One thing I notice is at the very end of xorg.conf...
>
> # Section "DRI"
> #Mode 0666
> # EndSection
>
> According to "man radeon"
>
>Option "BusType" "string"
>   Used to replace previous ForcePCIMode option.   Should  only  be
>   used  when  driver's  bus  detection is incorrect or you want to
>   force a AGP card to PCI mode. Should NEVER force a PCI  card  to
>   AGP bus.
>   PCI-- PCI bus
>   AGP-- AGP bus
>   PCIE   -- PCI Express (falls back to PCI at present)
>   (used only when DRI is enabled)
>   The default is auto detect.
>
>   I uncommented the 3 lines and in the video card section I added...
>
> Option  "BusType"   "PCIE"
>
>   but it looks like it's not enabled.
>


you have to load dri in the modules section first (and glx maybe too).
BUT from your log: your card is to new for dri/render, so it falls back to 
some.. I don't know-mode ;)

but you can try to load them. Change this:
# This loads the GLX module
#Load   "glx"
# This loads the DRI module
#Load   "dri"

to this:
# This loads the GLX module
   Load   "glx"
# This loads the DRI module
   Load   "dri"

but I am pretty sure, that it will not help much.
Hm - xv and ATI were never good friends...
-- 
gentoo-user@gentoo.org mailing list

RE: [gentoo-user] [OT] VPN question

2005-09-07 Thread Michael Kintzios 


> -Original Message-
> From: krzaq [mailto:[EMAIL PROTECTED] 
> Sent: 07 September 2005 14:58
> To: gentoo-user@lists.gentoo.org
> Subject: Re: [gentoo-user] [OT] VPN question
> 
> Right you are ;)
> The other endpoint is supposed to be WinXP box.
> I was wondering if there's some magical way to establish an IPX tunnel
> inside a TCP based VPN (using openvpn client at one endpoint).
> Why does everything besides random clicking have to be so 
> hard in this damn OS..

It's been some time ago, so I can't remember the details - but can't you
bind IPX over TCP/IP in WinXP?  I know for sure that you can bind
NetBIOS to TCP/IP.
-- 
Regards,
Mick

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] "Copying" between hard drives potential newbie question

2005-09-07 Thread Matthias Bethke 
Hi waltdnes,
on Tuesday, 2005-09-06 at 21:08:20, you wrote:
> > Most UPSs below about US$400 are junk.  You'd be served just as well
> > with a decent surge suppressor power strip.  Don't waste your money
> > on a UPS.
> 
>   Not if all you want is to give your home system 5 minutes to shut down
> in a power failure, or to handle the occasional 30-second outage, of
> which my area seems to have more than its fair share.

Oh yes, it depends very much on the grid in your area.
I lived in the Philippines for a while where brownouts are a very common
thing---usually, you get a UPS "free" there when you buy a computer.
It's really no fun without one, and for what they have to do the cheap
lil things work very well. Their lead accus don't usually last more than
a year, but then you just get a new one for $5 or so and you're set for
another year. In Germany OTOH, hardly anybody has one, and people still
get uptimes of over a year.

regards
Matthias
-- 
I prefer encrypted and signed messages.   KeyID: 90CF8389
Fingerprint: 8E 1F 10 81 A4 66 29 46  B9 8A B9 E2 09 9F 3B 91


pgpFKpH2HolBJ.pgp
Description: PGP signature

SOLVED: Re: [gentoo-user] emerge dev-python/python-fchksum-1.7.1 fails

2005-09-07 Thread Andreas K. Huettel 

Sorry for the noise- problem is a known bug, I have solved it for myself. 
See

http://marc.theaimsgroup.com/?l=gentoo-embedded&m=112066327800026&w=2
http://bugs.gentoo.org/show_bug.cgi?id=88777


#]From: Andreas K. Huettel <[EMAIL PROTECTED]>
#]To: gentoo-user@lists.gentoo.org
#]Date: Wed, 7 Sep 2005 16:50:12 +0200 (CEST)
#]Subject: [gentoo-user] emerge dev-python/python-fchksum-1.7.1 fails (wrong
#]compiler called?)
#]Reply-To: gentoo-user@lists.gentoo.org
#]
#]
#]
#]Dear list,
#]
#]emerge of dev-python/python-fchksum-1.7.1 fails (for details see below).
#]It seems to me as if the script is calling i386-pc-linux-gnu-gcc, where it
#]should call i686-pc-linux-gnu-gcc (as for all the other packages).
#]
#]Do you have any hints how I could fix this error?
#]Can I safely skip this package?
#]
-- 
gentoo-user@gentoo.org mailing list

  1   2   >