Re: [gentoo-user] Re: initramfs & RAID at boot time
On Sun, Apr 18, 2010 at 1:01 AM, Neil Bothwick wrote:
> On Sat, 17 Apr 2010 14:36:39 -0700, Mark Knecht wrote:
>
>> Empirically any way there doesn't seem to be a problem. I built the
>> new kernel and it booted normally so I think I'm misinterpreting what
>> was written in the Wiki or the Wiki is wrong.
>
> As long as /boot is not on RAID, or is on RAID1, you don't need an
> initrd. I've been booting this system for years with / on RAID1 and
> everything else on RAID5.
From my research on the topic (I also wanted to have both /boot
and / on RAID1) there are the following traps:
* there is an option for the kernel that must be enabled at
compile time that enables automatic RAID detection and assembly by the
kernel before mounting /, but it works only for MD metadata 0.96 (see
[1]);
* the default metadata for `mdadm` is 1.2 (see `man mdadm`, and
search for `--metadata`), so when creating the RAID you must
explicitly select the metadata you want;
* indeed the preferred may to do it is using an initramfs; (I've
posted below some shell snippets that create do exactly this: assemble
my RAID); (the code snippets are between {{{...}}}, it's from a
MoinMoin wiki page;)
Also a question for about /boot on RAID1... I didn't manage to
make it work... Could you Neil please tell me exactly how you did
this? I'm most interested in how you've convinced Grub to work...
Best,
Ciprian.
[1]
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=Documentation/md.txt;h=188f4768f1d58c013d962f993ae36483195fd288;hb=HEAD
Init-ramfs preparation
{{{
mkdir -p /usr/src/initramfs
cd /usr/src/initramfs
mkdir /usr/src/initramfs/bin
mkdir /usr/src/initramfs/dev
mkdir /usr/src/initramfs/proc
mkdir /usr/src/initramfs/rootfs
mkdir /usr/src/initramfs/sys
cp -a /bin/busybox /usr/src/initramfs/bin/busybox
cp -a /sbin/mdadm /usr/src/initramfs/bin/mdadm
cp -a /sbin/jfs_fsck /usr/src/initramfs/bin/jfs_fsck
cp -a /dev/console /usr/src/initramfs/dev/console
cp -a /dev/null /usr/src/initramfs/dev/null
cp -a /dev/sda2 /usr/src/initramfs/dev/sda2
cp -a /dev/sdc2 /usr/src/initramfs/dev/sdc2
cp -a /dev/md127 /usr/src/initramfs/dev/md127
}}}
{{{
cat >/usr/src/initramfs/init <<'EOS'
#!/bin/busybox ash
exec /dev/null 2>/dev/console
exec 1>&2
/bin/busybox mount -n -t proc none /proc || exit 1
/bin/busybox mount -n -t sysfs none /sys || exit 1
/bin/mdadm -A /dev/md127 -R -a md /dev/sda2 /dev/sdc2 || exit 1
/bin/jfs_fsck -p /dev/md127 || true
/bin/busybox mount -n -t jfs /dev/md127 /rootfs -o
ro,exec,suid,dev,relatime,errors=remount-ro || exit 1
/bin/busybox umount -n /sys || exit 1
/bin/busybox umount -n /proc || exit 1
# /bin/busybox ash /dev/console 2>/dev/console || exit 1
exec /bin/busybox switch_root /rootfs /sbin/init || exit 1
exit 1
EOS
chmod +x /usr/src/initramfs/init
}}}
{{{
( cd /usr/src/initramfs ; find . | cpio --quiet -o -H newc | gzip -9 >
/boot/initramfs )
}}}
Re: [gentoo-user] Are runlevels 3 4 5 the same?
Adam wrote: On 04/18/10 15:21, Dale wrote: Adam wrote: I want to choose console or X from grub, so i'm thinking i'll do something like 'rc-update delete xdm 4' and then pass softlevel=4 to my grub boot line, to make runlevel 4 a console runlevel. Is that the right way to do it? Gentoo doesn't use those runlevels. You need to read this: man rc-update Gentoo comes with the following runlevels: r...@smoker ~ # ls /etc/runlevels/ total 5 drwxr-xr-x 6 root root 152 Jun 11 2008 . drwxr-xr-x 81 root root 4832 Apr 18 00:16 .. drwxr-xr-x 2 root root 368 Jun 11 2008 boot drwxr-xr-x 2 root root 512 Apr 9 20:05 default drwxr-xr-x 2 root root 72 Jun 11 2008 nonetwork r...@smoker ~ # It generally boots to default. You can change that on the kernel boot line but with one of the above instead of a 4 as you posted. http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=2&chap=4 So gentoo does use the numerical runlevels (because that's what init uses) as well as the gentoo runlevels you've shown. It looks like it just maps the numbers to the names in inittab; l0:0:wait:/sbin/rc shutdown l0s:0:wait:/sbin/halt -dhp l1:1:wait:/sbin/rc single l2:2:wait:/sbin/rc nonetwork l3:3:wait:/sbin/rc default l4:4:wait:/sbin/rc default l5:5:wait:/sbin/rc default l6:6:wait:/sbin/rc reboot l6r:6:wait:/sbin/reboot -dk so, i guess this means i should point l4 to a custom runlevel in /etc/runlevels that is the same as default with the exception that xdm is removed... I'm assuming the linux kernel wont understand the gentoo named runlevels, and therefore using those names in grub wouldnt work. If you want to boot to the single runlevel, just add softlevel=single to the end of the boot line in grub. You can do this in the config or edit the boot line when grub comes up and it should work fine. I have never used the number runlevels. It may work but I have never done it that way so I can't really say one way or the other. You can also create custom runlevels if you need them. I created one a while back to play with and I just added the directory and added the services I wanted in there. That should work fine. There may be other ways to create them as well. Also, you can use eselect to manage this as well. The module is called rc. I don't use it but that is the up and coming way to do it. Dale :-) :-)
Re: [gentoo-user] Are runlevels 3 4 5 the same?
On 04/18/10 15:21, Dale wrote: > Adam wrote: >> I want to choose console or X from grub, so i'm thinking i'll do >> something like 'rc-update delete xdm 4' and then pass softlevel=4 to my >> grub boot line, to make runlevel 4 a console runlevel. Is that the right >> way to do it? >> >> > > Gentoo doesn't use those runlevels. You need to read this: > > man rc-update > > Gentoo comes with the following runlevels: > > r...@smoker ~ # ls /etc/runlevels/ > total 5 > drwxr-xr-x 6 root root 152 Jun 11 2008 . > drwxr-xr-x 81 root root 4832 Apr 18 00:16 .. > drwxr-xr-x 2 root root 368 Jun 11 2008 boot > drwxr-xr-x 2 root root 512 Apr 9 20:05 default > drwxr-xr-x 2 root root 72 Jun 11 2008 nonetwork > r...@smoker ~ # > > It generally boots to default. You can change that on the kernel boot > line but with one of the above instead of a 4 as you posted. http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=2&chap=4 So gentoo does use the numerical runlevels (because that's what init uses) as well as the gentoo runlevels you've shown. It looks like it just maps the numbers to the names in inittab; l0:0:wait:/sbin/rc shutdown l0s:0:wait:/sbin/halt -dhp l1:1:wait:/sbin/rc single l2:2:wait:/sbin/rc nonetwork l3:3:wait:/sbin/rc default l4:4:wait:/sbin/rc default l5:5:wait:/sbin/rc default l6:6:wait:/sbin/rc reboot l6r:6:wait:/sbin/reboot -dk so, i guess this means i should point l4 to a custom runlevel in /etc/runlevels that is the same as default with the exception that xdm is removed... I'm assuming the linux kernel wont understand the gentoo named runlevels, and therefore using those names in grub wouldnt work.
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
On 4/18/2010 12:29 AM, Jonathan wrote: On Sun, 18 Apr 2010 00:46:25 +0100 David W Noon wrote: If any Joe Schmoe could imbue a program with capabilities, this might be true. But that's not the way the system works. Sorry, I think i'm missing your point. Only root can run the setcap program to add capabilities to a program, at least on a normal, UNIX-style security system. On a role-based security system, even root might not be permitted to do this. If I had the root password to own system(which I do...) and I wanted Wine to uses IPX without running as root. I would set "setcap cap_net_raw=ep /usr/bin/wine" as root. Then I could run Wine as my normal user. No one in there right mind would run Wine as root. If you did you may as well use Windows. You say "no one in their right mind" would run Wine as root. But if you did not have capabilities support available, and wanted Wine to use IPX, then you wouldn't have any other choice but to run Wine as root. By using capabilities, you aren't increasing Wines permissions, you are decreasing the permissions needed to support IPX. Trying to compare Wine without IPX to Wine with CAP_NET_RAW isn't a fair comparison, as the two don't have the same feature set and thus clearly don't have the same security needs. --Mike
Re: [gentoo-user] Are runlevels 3 4 5 the same?
Adam wrote: I want to choose console or X from grub, so i'm thinking i'll do something like 'rc-update delete xdm 4' and then pass softlevel=4 to my grub boot line, to make runlevel 4 a console runlevel. Is that the right way to do it? Gentoo doesn't use those runlevels. You need to read this: man rc-update Gentoo comes with the following runlevels: r...@smoker ~ # ls /etc/runlevels/ total 5 drwxr-xr-x 6 root root 152 Jun 11 2008 . drwxr-xr-x 81 root root 4832 Apr 18 00:16 .. drwxr-xr-x 2 root root 368 Jun 11 2008 boot drwxr-xr-x 2 root root 512 Apr 9 20:05 default drwxr-xr-x 2 root root 72 Jun 11 2008 nonetwork r...@smoker ~ # It generally boots to default. You can change that on the kernel boot line but with one of the above instead of a 4 as you posted. Post back if you get stumped along the way. Dale :-) :-)
[gentoo-user] Are runlevels 3 4 5 the same?
I want to choose console or X from grub, so i'm thinking i'll do something like 'rc-update delete xdm 4' and then pass softlevel=4 to my grub boot line, to make runlevel 4 a console runlevel. Is that the right way to do it?
[gentoo-user] Questions for my first ebuild
I intend to get the Silicon Dust HDHomerun dual tuner box. It has a
linux library and CLI plus a separate gtk+ GUI. The linux source comes
with a makefile that puts stuff in /usr/local. But I want at least a
"wrapper" ebuild so that Portage knows about the files, and can manage
them. I'd prefer to write my own ebuild rather than depend on somebody
else to always have the most recent version supported somwehere in
layman. I've RTFM'd a lot, including
http://devmanual.gentoo.org/ebuild-writing/index.html but am still
unsure about a few things. Here's my setup so far...
* The latest file is
http://download.silicondust.com/hdhomerun/libhdhomerun_20100213.tgz
(underscore instead of hyphen, bleagh).
* I've set PORTDIR_OVERLAY="/usr/local/portage" in /etc/make.conf
* I've actually created /usr/local/portage/media-tv
* my ebuild file in media-tv is named libhdhomerun-20100213.ebuild
* here it is so far...
# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
DESCRIPTION="HD Homerun networked TV tuner base library and API"
ACTUAL_P="${PN}_${PV}"
SRC_URI="http://download.silicondust.com/hdhomerun/${ACTUAL_P}.tgz";
HOMEPAGE="http://www.silicondust.com/downloads/linux";
KEYWORDS="x86"
SLOT="0"
LICENSE="LGPL-3"
IUSE=""
RESTRICT="test"
src_install () {
emake -j1 DESTDIR="${D}" install || die "make failed"
dobin hdhomerun_config
dolib libhdhomerun.so
dodoc README
insinto /usr/include/local/libhdhomerun
doins *.h
}
Now for the questions...
1) do I need to create /usr/local/portage/distfiles?
2) the provided Makefile is supposed to put everything into the
/usr/local hierarchy. Does portage/emerge over-ride that, and if so,
what do I have to do to get send all files to the /usr/local hierarchy?
3) any glaring errors ?
I intend to pick it up next week, so I won't be able to test it
immediately. I do want my laptop to be ready to go when I bring the
tuner box home.
--
Walter Dnes
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
On Sun, 18 Apr 2010 00:46:25 +0100 David W Noon wrote: > If any Joe Schmoe could imbue a program with capabilities, this might > be true. But that's not the way the system works. Sorry, I think i'm missing your point. > Only root can run the setcap program to add capabilities to a program, > at least on a normal, UNIX-style security system. On a role-based > security system, even root might not be permitted to do this. If I had the root password to own system(which I do...) and I wanted Wine to uses IPX without running as root. I would set "setcap cap_net_raw=ep /usr/bin/wine" as root. Then I could run Wine as my normal user. No one in there right mind would run Wine as root. If you did you may as well use Windows.
Re: [gentoo-user] Re: How many ways are there for a user to increase their permissions?
On Sat, 17 Apr 2010 20:05:23 -0700 walt wrote: > Have a leisurely browse through /usr/include/unistd.h to answer your question. That file has answer to my question. Thank you.
[gentoo-user] Re: How many ways are there for a user to increase their permissions?
On 04/17/2010 06:02 PM, Jonathan wrote: What does the E in EUID stand for? I did a quick Google and found RUID and EUID but I did not find anything else. Did you really type what you meant? Doesn't make much sense as is, so I assume there is a typo in there somewhere. Have a leisurely browse through /usr/include/unistd.h to answer your question.
Re: [gentoo-user] Re: How many ways are there for a user to increase their permissions?
On Sun, 18 Apr 2010 08:29:37 +1000
Lie Ryan wrote:
> sudoedit is mainly just a shortcut for "sudo $EDITOR" (plus doing a few
> things).
sudoedit is safer then sudo because sudoedit runs as root but nano (The editor)
runs as your user.
sudoedit uses a fixed path which is compiled into the program (The was a thread
about changing the editor on this mailing some time ago. ).
> Everything above (su,sudo,policykit,polkit) are just sugar for
> permission bits (owner,group,others+SUID,GUID); attempting to give finer
> control over the permissions or provide convenience services.
Mess up the configuration and you may as well hand out the root password.
> The basis of all Linux security scheme is the file permission bits
> (owner,group,other) and the SUID/GUID bit (ACL is a distinct security
> scheme, so we're explicitly excluding it here). Everything else is just
> sugar. If you want to lock everything, just remove the SUID/GUID-bit
> from all executables in your system (except for a select few) and remove
> all groups (make sure you know what you're doing though, lots of program
> won't work if you really do that). Starting from step zero, you can have
> very fine control over everything.
I just checked my system for files not owned by me and had a non root group set
to rw.
I found "/usr/share/games/eternal-lands" with rw set and all the sub-folders
and files.
It would be very easy to do a DOS attack on a system side partition but then
again
the same could be said about "/tmp".
If you setup quotas for the users home folder. Ones the home folder is full the
user will look for another place to save they files.
When I was at school. A kid ran out of space so he started to move his files to
the recycling bin, before creating
his new files. Of course the recycling bin had no quota nor was it backed up.
Some time after that the admin set a quota on the recycling bin and the kid
asked why he could not save.
So I showed him how to empty his recycling bin. I was 10 second away from
deleting all his work
before he pointed out he keeps his work in there!
That was some fun on windows but it could happen with Linux "/tmp" is wiped
after each reboot and any
other places that is not backed up, does not have quota and the user can write
to.
> Most security holes in Linux comes from a SUID program that lets
> untrusted programs into the "trusted-space".
53 SUID or GUID programs on my system!
Why does cdrecord have SUID set?
"/dev/sr0" is in the cdrom group with rw set so
SUID should not be needed in the first place.
> If you want simplify your environment, you can clear all the `group` and
> `other` permission bits from all files in your computer and everyone
> (except root) will only have access to files they own. Then you can
> start adding permissions on case-by-case basis. Too much hassle though,
> I think.
I could remove other from all the SUID programs then setup a ACL group that
could run then.
That would stop RandomFool from running then in the first place.
I could see that being useful for say "mount" (Yes it's has SUID set). If the
was security hole in it.
> the only way the program can chmod a file in your home folder is because
> the program have the permission to chmod a file in your home folder. The
> only program that have permission to chmod a file in your home folder is
> the one run with EUID-root or EUID-owner. The only way a program can be
> run with EUID root is they are executed by root himself or a SUID-root
> program. The only way a program can be run with EUID owner is SUID-owner
> program or program executed by the owner himself.
What does the E in EUID stand for?
I did a quick Google and found RUID and EUID but I did not find anything else.
> However, I don't think buggy program is the case here. It is much more
> likely that you accidentally runs chmod on your home folder when you
> actually want to run it in another directory.
No, this was before I used chmod for anything (read noob) I set the permissions
back with nautilus
but after each login or was reboot and login. The permissions got set back to
o+rwx.
The was a very help error box at login that said "The permissions for your home
folder are set wrong.".
That was the helpful version the real version was talking about some file in
"~/.config".
> You can use this to find all SUID program accesible by your user:
> find / -perm -u+s -exec ls -l '{}' \; 2> /dev/null
Yes, I have being making use of this page
http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=6
for a long time.
> I found sudo, although very handy for desktop, is a huge security hole.
> And is inadequate for any secure system. This is simply because if you
> run a program as sudo, then in the next five minute you start a
> malicious program *without* sudo; the malicious program can gain root
> access by stealing your previous sudo's timestamp (yes, it can steal the
> timestamp without being explicitly invoked with sudo[1]). Before
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
On Sat, 17 Apr 2010 23:40:01 +0200, Jonathan wrote about Re: [gentoo-user] How many ways are there for a user to increase their permissions?: >On Sat, 17 Apr 2010 21:45:57 +0100 >David W Noon wrote: > >> In fact, POSIX capabilities are a mechanism to *reduce* a program's >> permissions, not increase them. > >It's true that Linux "capabilities" are used to replace SUID and that >does reduce the programs permissions. On the other hand programs like >Wine. Which no one would never run with SUID could be run with >CAP_NET_RAW. That would be a increase in permissions. Wine needs to be >able to ping because some program need to use IPX[1], Like Red Alert >2. Someone has made a patch for Red Alert 2 to use TCP/IP and I can >not think of another program off the top of my head. If any Joe Schmoe could imbue a program with capabilities, this might be true. But that's not the way the system works. Only root can run the setcap program to add capabilities to a program, at least on a normal, UNIX-style security system. On a role-based security system, even root might not be permitted to do this. >That information came from "man 7 capabilities". So I guess it's all >about how you look at it. > >[1] http://en.wikipedia.org/wiki/Internetwork_Packet_Exchange Unfortunately, I'm old enough to have used IPX/SPX networking in the days when Novell Netware (a.k.a. Slowvell Slugware) was considered a serious network system. -- Regards, Dave [RLU #314465] == dwn...@ntlworld.com (David W Noon) == signature.asc Description: PGP signature
Re: [gentoo-user] Recompiling tthe kernel seems way too fast?
On 2010-04-17 6:31 PM, Alexander Tanyukevich wrote: > If you want to compile whole kernel with new compiler you should run > "make clean" first. Crap, I remember that now... thanks for taking it easy with the cluestick... ;) -- Charles
[gentoo-user] Re: How many ways are there for a user to increase their permissions?
On 04/17/10 08:13, Jonathan wrote:
> I'm trying to work out how many ways there are to increase the permissions of
> a user.
>
> 1: su -: Needs root password and you need to be in the group "wheel".
> 2: sudo: You need to be in the group "wheel" or in the /etc/sudoers file,
> using your own user password.
> I'm not counting gksu and gksudo they are just front ends.
> 3: sudoedit: This is the best way to edit text files, it uses the same rules
> as sudo.
sudoedit is mainly just a shortcut for "sudo $EDITOR" (plus doing a few
things).
> 4: Linux "Capabilities" or "caps": Which increases permissions on a
> per-file basis. e.g. removing SUID from ping and adding CAP_NET_RAW
> to ping.
> This is much safer than running the whole program as root.
> http://linux.die.net/man/7/capabilities
> 5: Policykit: (Give this a read
> http://hal.freedesktop.org/docs/PolicyKit/introduction.html )
> 6: Polkit: Is the new name for Policykit, it's a higher version and they do
> not talk to each other.
> If you run a mixed architecture there is a good chance you will have both.
> 8: SUID and SGID: One of the fastest ways to open up a security hole in your
> system.
Everything above (su,sudo,policykit,polkit) are just sugar for
permission bits (owner,group,others+SUID,GUID); attempting to give finer
control over the permissions or provide convenience services.
> 9: Groups: Lots of groups, but not much information on what
> permissions you get. http://en.gentoo-wiki.com/wiki/List_of_Groups
> Udev and Fuse use group settings right?
The basis of all Linux security scheme is the file permission bits
(owner,group,other) and the SUID/GUID bit (ACL is a distinct security
scheme, so we're explicitly excluding it here). Everything else is just
sugar. If you want to lock everything, just remove the SUID/GUID-bit
from all executables in your system (except for a select few) and remove
all groups (make sure you know what you're doing though, lots of program
won't work if you really do that). Starting from step zero, you can have
very fine control over everything.
> 7: Access Control Lists: (ACL) Very easy to setup and forget because
> Nautilus and others do not list the ACL settings.
> A remote windows user configuring a samba share could let more
> people read and write to it then Nautilus shows.
ACL is largely there for compatibility with Windows' permission scheme,
it's a distinct security scheme than Linux.
> Did I miss any way of increasing your rights? (not counting security holes)
Most security holes in Linux comes from a SUID program that lets
untrusted programs into the "trusted-space".
> I see that the stable net-misc/iputils (ping) does not use capabilities.
> Is this included in the unstable version, or is it planned for the future?
> I wish there was a way to run gedit with sudoedit, is there?
> I think Polkit support for gedit is planned, does anyone know the bug number?
>
> Right now my system has all of the above but not Linux "capabilities".
> I'm having very hard time working out:
> Which users can do what and how.
> Which groups can do what and how.
> Which files can do what and who can run them.
> How the user's status affects what the program can do.
All users can modify the permission bits for the files they owned,
everything else is governed by the permission bits.
Except for root, which has full access to everything.
If you want simplify your environment, you can clear all the `group` and
`other` permission bits from all files in your computer and everyone
(except root) will only have access to files they own. Then you can
start adding permissions on case-by-case basis. Too much hassle though,
I think.
> Is there an all-in-one program for keeping track of all this or do I have to
> write one?
>
> It's very easy for users to set their home folder to other, read, write
> and execute. It's not just silly users doing that, but any program running
> with the users rights.
> There was a buggy program in Ubuntu which set your home folder to other
> rwx, I never worked out which one was doing that.
the only way the program can chmod a file in your home folder is because
the program have the permission to chmod a file in your home folder. The
only program that have permission to chmod a file in your home folder is
the one run with EUID-root or EUID-owner. The only way a program can be
run with EUID root is they are executed by root himself or a SUID-root
program. The only way a program can be run with EUID owner is SUID-owner
program or program executed by the owner himself.
However, I don't think buggy program is the case here. It is much more
likely that you accidentally runs chmod on your home folder when you
actually want to run it in another directory.
> A fast work around was to set the user's home folder to owner root and
> make sure that group was set to rwx. Is that safe?
You can use this to find all SUID program accesible by your user:
find / -perm -u+s -exec ls -l '{}
Re: [gentoo-user] Recompiling tthe kernel seems way too fast?
On Sun, Apr 18, 2010 at 12:27 AM, Tanstaafl wrote: > > Ok, maybe I'm missing something... > > The first time I compile a kernel, it takes at least 4 or 5 minutes, if > not longer (never really timed it)... > > But, I just switched my compiler from 4.1.2 to 4.3.4, and wanted to > recompile the kernel, so, I change to the /usr/src/kernel dir and ran > make again, but it only took a few seconds... is this right? Is there a > way to make it full recompile? Or is it necessary? If you want to compile whole kernel with new compiler you should run "make clean" first. -- Alexander Tanyukevich atanyukev...@gmail.com
Re: [gentoo-user] Recompile system but omit package?
On 2010-04-17 6:06 PM, Vincent Launchbury wrote: > On 04/17/10 17:09, Tanstaafl wrote: >> On 2010-04-17 4:59 PM, Tanstaafl wrote: >>> emerge system -gcc (where '-gcc' serves to tell portage to compile >>> everything *but* gcc)? >> Of course I meant: >> >> emerge -e system -gcc > You could try temporarily masking it: > #echo sys-devel/gcc >> /etc/portage/package.mask > > Then updating: > #emerge -e system > > Then removing the mask: > #sed -i '$d' /etc/portage/package.mask > > I don't know of any emerge flag that does this in one step. Hmmm, good idea, thanks Vincent... I just don't see any reason to recompile gcc so many times (system and then again when I do world), when its already been recompiled with itself... -- Charles
[gentoo-user] Recompiling tthe kernel seems way too fast?
Ok, maybe I'm missing something... The first time I compile a kernel, it takes at least 4 or 5 minutes, if not longer (never really timed it)... But, I just switched my compiler from 4.1.2 to 4.3.4, and wanted to recompile the kernel, so, I change to the /usr/src/kernel dir and ran make again, but it only took a few seconds... is this right? Is there a way to make it full recompile? Or is it necessary? Thanks... -- Charles
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Sat, 17 Apr 2010 23:10:01 +0200, Alan McKinnon wrote about Re: [gentoo-user] Re: vixie-cron keeps stopping: >On Saturday 17 April 2010 20:12:42 Mick wrote: [snip] >> Are they meant to make entries in cron.daily when installed? > >Not at all. > >They are meant to install crontabs in cron.monthly Strictly speaking, they install scripts in /etc/cron.monthly. The crontabs are installed somewhere under /var; exactly where varies with cron daemon. -- Regards, Dave [RLU #314465] == dwn...@ntlworld.com (David W Noon) == signature.asc Description: PGP signature
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
On Sat, 17 Apr 2010 23:59:07 +0200 KH wrote: > Sounds a little like putting someone in prison and than telling him > walking through the prison yard is increasing his freedom. As Linux is a prison for programs then I guess your right.
Re: [gentoo-user] Recompile system but omit package?
On 04/17/10 17:09, Tanstaafl wrote: > On 2010-04-17 4:59 PM, Tanstaafl wrote: >> emerge system -gcc (where '-gcc' serves to tell portage to compile >> everything *but* gcc)? > > Of course I meant: > > emerge -e system -gcc You could try temporarily masking it: #echo sys-devel/gcc >> /etc/portage/package.mask Then updating: #emerge -e system Then removing the mask: #sed -i '$d' /etc/portage/package.mask I don't know of any emerge flag that does this in one step. Kind Regards, Vincent.
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Saturday 17 April 2010 23:01:19 you wrote: > On Saturday 17 April 2010 21:55:52 Alan McKinnon wrote: > > On Saturday 17 April 2010 20:12:42 Mick wrote: > > > > Do you have these packages installed: > > > > > > > > > > > > nazgul ~ # equery belongs /etc/cron.monthly/update-pciids > > > > > > > > * Searching for /etc/cron.monthly/update-pciids ... > > > > > > > > sys-apps/pciutils-3.1.7 (/etc/cron.monthly/update-pciids) > > > > nazgul ~ # equery belongs /etc/cron.monthly/update-usbids > > > > > > > > * Searching for /etc/cron.monthly/update-usbids ... > > > > > > > > sys-apps/usbutils-0.87 (/etc/cron.monthly/update-usbids) > > > > > > Hmm ... Nill returns. :-( > > > > > > I have however already installed both pciutils and usbutils. > > > > > > Are they meant to make entries in cron.daily when installed? > > > > Not at all. > > > > They are meant to install crontabs in cron.monthly > > No luck there either: > > > # ls -la /etc/cron.monthly/ > total 9 > drwxr-x--- 2 root root 4 Feb 28 15:13 . > drwxr-xr-x 74 root root 160 Apr 17 22:58 .. > -rw-r--r-- 1 root root 0 Jan 21 01:33 .keep > -rw-r--r-- 1 root root 0 Feb 28 15:13 .keep_sys-process_cronbase-0 > > What's gone wrong? Doh! Just saw Walter's post - better set up network-cron flag then. :-) -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Saturday 17 April 2010 21:55:52 Alan McKinnon wrote: > On Saturday 17 April 2010 20:12:42 Mick wrote: > > > Do you have these packages installed: > > > > > > > > > nazgul ~ # equery belongs /etc/cron.monthly/update-pciids > > > > > > * Searching for /etc/cron.monthly/update-pciids ... > > > > > > sys-apps/pciutils-3.1.7 (/etc/cron.monthly/update-pciids) > > > nazgul ~ # equery belongs /etc/cron.monthly/update-usbids > > > > > > * Searching for /etc/cron.monthly/update-usbids ... > > > > > > sys-apps/usbutils-0.87 (/etc/cron.monthly/update-usbids) > > > > Hmm ... Nill returns. :-( > > > > I have however already installed both pciutils and usbutils. > > > > Are they meant to make entries in cron.daily when installed? > > Not at all. > > They are meant to install crontabs in cron.monthly No luck there either: # ls -la /etc/cron.monthly/ total 9 drwxr-x--- 2 root root 4 Feb 28 15:13 . drwxr-xr-x 74 root root 160 Apr 17 22:58 .. -rw-r--r-- 1 root root 0 Jan 21 01:33 .keep -rw-r--r-- 1 root root 0 Feb 28 15:13 .keep_sys-process_cronbase-0 What's gone wrong? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: initramfs & RAID at boot time
On Sat, 17 Apr 2010 14:36:39 -0700, Mark Knecht wrote: > Empirically any way there doesn't seem to be a problem. I built the > new kernel and it booted normally so I think I'm misinterpreting what > was written in the Wiki or the Wiki is wrong. As long as /boot is not on RAID, or is on RAID1, you don't need an initrd. I've been booting this system for years with / on RAID1 and everything else on RAID5. -- Neil Bothwick Scientists decode the first confirmed alien transmission from outer space ... "This really works! Just send 5*10^50 H atoms to each of the five star systems listed below. Then, add your own system to the top of the list, delete the system at the bottom, and send out copies of this message to 100 other solar systems. If you follow these instructions, within 0.25 of a galactic rotation you are guaranteed to receive enough hydrogen in return to power your civilization until entropy reaches its maximum!" signature.asc Description: PGP signature
Re: [gentoo-user] Re: How many ways are there for a user to increase their permissions?
On Fri, 16 Apr 2010 17:25:18 -0700 walt wrote: > I've been an amateur linux/*BSD user for about ten years or so, and I would > love to > answer your questions -- but I don't know the answers. Yet. Around 4 years, 3 years with Ubuntu and one with Gentoo. > While you and I wait for a guru to enlighten us, you might learn something > here: > > http://en.wikipedia.org/wiki/The_UNIX-HATERS_Handbook I had a look at it. The whole thing is a rant. I think half of it does not apply to Linux and it's all very out of date. On the other hand in "Accidents Will Happen" he talks about 'rm'. I have never done a 'rm /' but I have done 'chmod 660 /', it made my blood run cold but that was very easy to fixes. Now I always use the 'u+rwx' syntax. Still waiting on the guru's!
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
Am 17.04.2010 23:32, schrieb Jonathan: On Sat, 17 Apr 2010 21:45:57 +0100 David W Noon wrote: In fact, POSIX capabilities are a mechanism to *reduce* a program's permissions, not increase them. It's true that Linux "capabilities" are used to replace SUID and that does reduce the programs permissions. On the other hand programs like Wine. Which no one would never run with SUID could be run with CAP_NET_RAW. That would be a increase in permissions. Wine needs to be able to ping because some program need to use IPX[1], Like Red Alert 2. Someone has made a patch for Red Alert 2 to use TCP/IP and I can not think of another program off the top of my head. That information came from "man 7 capabilities". So I guess it's all about how you look at it. [1] http://en.wikipedia.org/wiki/Internetwork_Packet_Exchange Sounds a little like putting someone in prison and than telling him walking through the prison yard is increasing his freedom. kh
Re: [gentoo-user] raid autodetection uuid differences
On Sat, Apr 17, 2010 at 12:00 PM, David Mehler wrote: > Hello, > I've got a new gentoo box with two drives that i'm using raid1 on. On > boot the md raid autodetection is failing. Here's the error i'm > getting: > > > I've booted with a live CD and checked the arrays they look good, i'm > not sure how to correct this UUID issue, any suggestions welcome. > Thanks. > Dave. > > Dave, I suspect this is the same problem I had two weeks ago. Search for my thread called: "How does grub assemble a RAID1 for / ??" and read that for background. If I'm correct this is a metadata issue. You have two choices: 1) What I think you've done is create the RAID1 without specifying --metadata=0.90. If that's correct then you __must__ use an initramfs to load mdadm. I'm studying how to do that myself. 2) Rebuild the RAID1 specifying --metadata=0.90 which is the only metadata type that the kernel can auto-assemble for you at boot time without an initramfs, and what I'm currently using here. Hope this helps, Mark
[gentoo-user] Re: initramfs & RAID at boot time
On Sat, Apr 17, 2010 at 10:32 AM, Mark Knecht wrote: > Hi, > I've never learned to do an initramfs as I've never used hardware > in a Linux box that required it. However now I find myself using mdadm > software-RAID and getting dinged on the linux-raid list when I ask > about things like the kernel autodetecting RAID drives at boot time as > the mdadm developers are firmly fixated on using initramfs and > auto-detecting nothing. Going with the flow I'm studying this Gentoo > Wiki link: > > http://en.gentoo-wiki.com/wiki/Initramfs > > and most specifically this portion on software RAID: > > http://en.gentoo-wiki.com/wiki/Initramfs#Software_RAID > > where the statement "But if you use an initramfs the kernel will not > automatically scan for RAIDs until it is told to." caught my > attention. Does anyone know if the word "not" in that statement is > absolutely true? I.e. - if I take a kernel that today finds a RAID1 / > drive and boots, that if I do nothing other than turn on that feature > in the kernel then the boot process is not going to assemble my RAID, > not find / and then fail to boot? > > Maybe I'm reading too much into that but I like that my system > boots and I don't think I want to do things that stop it from doing > so... ;-) > > That said, if it's true, does the "noinitrd" kernel parameter > override it and then RAID would work and the boot completes normally? > > Thanks, > Mark > Empirically any way there doesn't seem to be a problem. I built the new kernel and it booted normally so I think I'm misinterpreting what was written in the Wiki or the Wiki is wrong. Now to try building the actual initramfs... Cheers, Mark
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
On Sat, 17 Apr 2010 21:45:57 +0100 David W Noon wrote: > In fact, POSIX capabilities are a mechanism to *reduce* a program's > permissions, not increase them. It's true that Linux "capabilities" are used to replace SUID and that does reduce the programs permissions. On the other hand programs like Wine. Which no one would never run with SUID could be run with CAP_NET_RAW. That would be a increase in permissions. Wine needs to be able to ping because some program need to use IPX[1], Like Red Alert 2. Someone has made a patch for Red Alert 2 to use TCP/IP and I can not think of another program off the top of my head. That information came from "man 7 capabilities". So I guess it's all about how you look at it. [1] http://en.wikipedia.org/wiki/Internetwork_Packet_Exchange
Re: [gentoo-user] Recompile system but omit package?
On 2010-04-17 4:59 PM, Tanstaafl wrote: > emerge system -gcc (where '-gcc' serves to tell portage to compile > everything *but* gcc)? Of course I meant: emerge -e system -gcc
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Saturday 17 April 2010 20:12:42 Mick wrote: > > Do you have these packages installed: > > > > > > nazgul ~ # equery belongs /etc/cron.monthly/update-pciids > > > > * Searching for /etc/cron.monthly/update-pciids ... > > > > sys-apps/pciutils-3.1.7 (/etc/cron.monthly/update-pciids) > > nazgul ~ # equery belongs /etc/cron.monthly/update-usbids > > > > * Searching for /etc/cron.monthly/update-usbids ... > > > > sys-apps/usbutils-0.87 (/etc/cron.monthly/update-usbids) > > Hmm ... Nill returns. :-( > > I have however already installed both pciutils and usbutils. > > Are they meant to make entries in cron.daily when installed? Not at all. They are meant to install crontabs in cron.monthly -- alan dot mckinnon at gmail dot com
[gentoo-user] Recompile system but omit package?
Is there a way to emerge, say, system, but omit one package in it? For example, I've already recompiled gcc 4.3.4 with itself... is there a way to now do something like: emerge system -gcc (where '-gcc' serves to tell portage to compile everything *but* gcc)? Its not a big deal, I'm just curious... -- Charles
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
On Sat, 17 Apr 2010 20:30:02 +0200, Mick wrote about Re: [gentoo-user] How many ways are there for a user to increase their permissions?: >On Friday 16 April 2010 23:13:34 Jonathan wrote: [snip] >> 4: Linux "Capabilities" or "caps": Which increases permissions on a >> per-file basis. e.g. removing SUID from ping and adding CAP_NET_RAW >> to ping. This is much safer than running the whole program as root. >> http://linux.die.net/man/7/capabilities > >This is a first for me. I haven't used it before and it seems it is >not set up on my box by default. In fact, POSIX capabilities are a mechanism to *reduce* a program's permissions, not increase them. With a default system, any program that needs to do, say, one privileged operation must be run as root. The typical example is to open a service port (i,e, 1023 or lower) rather than an ephemeral port in the TCP/IP stack. Such a program receives full root privileges, which allow it to have full access to the filesystems, modprobe new drivers into the kernel, etc., etc., even though it only wants to listen on a service port. With caps, it is given the capability (CAP_NET_BIND_SERVICE) to open service ports without regard to the userid under which it is running. This means that it will *NOT* have permissions to modprobe drivers, mess about with files arbitrarily, etc. man 7 capabilities If you don't have that man page, you will need to emerge libcap. -- Regards, Dave [RLU #314465] == dwn...@ntlworld.com (David W Noon) == signature.asc Description: PGP signature
Re: [gentoo-user] raid autodetection uuid differences
On Samstag 17 April 2010, David Mehler wrote: > Hello, > I've got a new gentoo box with two drives that i'm using raid1 on. On > boot the md raid autodetection is failing. Here's the error i'm > getting: > > md: Waiting for all devices to be available before autodetect > md: If you don't use raid, use raid=noautodetect > md: Autodetecting RAID arrays. > md: Scanned 4 and added 4 devices. > md: autorun ... > md: considering sda3 ... > md: adding sda3 ... > md: sda1 has different UUID to sda3 > md: adding sdb3 ... > md: sdb1 has different UUID to sda3 > md: created md3 > md: bind > md: bind > md: running: > md: personality for level 1 is not loaded! > md: do_md_run() returned -22 > md: md3 stopped. > md: unbind > md: export_rdev(sda3) > md: unbind > md: export_rdev(sdb3) > md: considering sda1 ... > md: adding sda1 ... > md: adding sdb1 ... > md: created md1 > md: bind > md: bind > md: running: > md: personality for level 1 is not loaded! > md: do_md_run() returned -22 > md: md1 stopped. > md: unbind > md: export_rdev(sda1) > md: unbind > md: export_rdev(sdb1) > md: ... autorun DONE. > EXT3-fs: unable to read superblock > FAT: unable to read boot sector > VFS: Cannot open root device "md3" or unknown-block(9,3) > Please append a correct "root=" boot option; here are the available > partitions: 1600 4194302 hdc driver: ide-cdrom > 081020971520 sdb driver: sd > 0811 40131 sdb1 > 0812 530145 sdb2 > 081320394517 sdb3 > 080020971520 sda driver: sd > 0801 40131 sda1 > 0802 530145 sda2 > 080320394517 sda3 > Kernel panic - not syncing: VFS: Unable to mount root fs on > unknown-block(9,3) Pid: 1, comm: swapper Not tainted 2.6.32-gentoo-r7 #1 > Call Trace: > [] ? panic+0x38/0xd3 > [] ? mount_block_root+0x1e9/0x1fd > [] ? mount_root+0x39/0x4d > [] ? prepare_namespace+0x142/0x168 > [] ? kernel_init+0x167/0x172 > [] ? kernel_init+0x0/0x172 > [] ? kernel_thread_helper+0x7/0x10 > > I've booted with a live CD and checked the arrays they look good, i'm > not sure how to correct this UUID issue, any suggestions welcome. > Thanks. > Dave. well, don't make raid1 support a module. Put it into the kernel.
Re: [gentoo-user] System clean-up - removing unneeded packages *and* dependencies not used by other packages
On 2010-04-17 3:42 PM, KH wrote: > Am 17.04.2010 21:30, schrieb Jarry: >> On 17. 4. 2010 21:20, Tanstaafl wrote: >>> Whats the best way to uninstall a package - in this case, openldap, but >>> really for any package - and get all of the dependencies it pulls in, >>> but only ones that are not required for other unrelated (to openldap) >>> packages? >> I'm using this sequence: >> >> emerge -C >> emerge --depclean >> revdep-rebuild > Or: > > emerge --depclean > > Depclean serves as a dependency aware version of --unmerge. When > given one or more atoms, it will unmerge matched packages that have no > reverse dependencies. Use --depclean together with --verbose to show > reverse dependencies. Excellent! Thanks guys... -- Charles
[gentoo-user] Re: vixie-cron keeps stopping
On 04/17/2010 11:12 AM, Mick wrote: I have however already installed both pciutils and usbutils. Are they meant to make entries in cron.daily when installed? I just discovered the network-cron useflag, thanks :)
Re: [gentoo-user] System clean-up - removing unneeded packages *and* dependencies not used by other packages
Am 17.04.2010 21:30, schrieb Jarry: On 17. 4. 2010 21:20, Tanstaafl wrote: Whats the best way to uninstall a package - in this case, openldap, but really for any package - and get all of the dependencies it pulls in, but only ones that are not required for other unrelated (to openldap) packages? I'm using this sequence: emerge -C emerge --depclean revdep-rebuild Jarry Or: emerge --depclean Depclean serves as a dependency aware version of --unmerge. When given one or more atoms, it will unmerge matched packages that have no reverse dependencies. Use --depclean together with --verbose to show reverse dependencies. kh
Re: [gentoo-user] System clean-up - removing unneeded packages *and* dependencies not used by other packages
On 17. 4. 2010 21:20, Tanstaafl wrote: Whats the best way to uninstall a package - in this case, openldap, but really for any package - and get all of the dependencies it pulls in, but only ones that are not required for other unrelated (to openldap) packages? I'm using this sequence: emerge -C emerge --depclean revdep-rebuild Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
[gentoo-user] System clean-up - removing unneeded packages *and* dependencies not used by other packages
Subject says it all... I've had openldap installed on my system since forever but never used it (always meant to, but honestly I really don't need it). Now I'm wanting to uninstall unused stuff before switching gcc versions and recompiling system and world. Whats the best way to uninstall a package - in this case, openldap, but really for any package - and get all of the dependencies it pulls in, but only ones that are not required for other unrelated (to openldap) packages? Thanks...
[gentoo-user] raid autodetection uuid differences
Hello, I've got a new gentoo box with two drives that i'm using raid1 on. On boot the md raid autodetection is failing. Here's the error i'm getting: md: Waiting for all devices to be available before autodetect md: If you don't use raid, use raid=noautodetect md: Autodetecting RAID arrays. md: Scanned 4 and added 4 devices. md: autorun ... md: considering sda3 ... md: adding sda3 ... md: sda1 has different UUID to sda3 md: adding sdb3 ... md: sdb1 has different UUID to sda3 md: created md3 md: bind md: bind md: running: md: personality for level 1 is not loaded! md: do_md_run() returned -22 md: md3 stopped. md: unbind md: export_rdev(sda3) md: unbind md: export_rdev(sdb3) md: considering sda1 ... md: adding sda1 ... md: adding sdb1 ... md: created md1 md: bind md: bind md: running: md: personality for level 1 is not loaded! md: do_md_run() returned -22 md: md1 stopped. md: unbind md: export_rdev(sda1) md: unbind md: export_rdev(sdb1) md: ... autorun DONE. EXT3-fs: unable to read superblock FAT: unable to read boot sector VFS: Cannot open root device "md3" or unknown-block(9,3) Please append a correct "root=" boot option; here are the available partitions: 1600 4194302 hdc driver: ide-cdrom 081020971520 sdb driver: sd 0811 40131 sdb1 0812 530145 sdb2 081320394517 sdb3 080020971520 sda driver: sd 0801 40131 sda1 0802 530145 sda2 080320394517 sda3 Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(9,3) Pid: 1, comm: swapper Not tainted 2.6.32-gentoo-r7 #1 Call Trace: [] ? panic+0x38/0xd3 [] ? mount_block_root+0x1e9/0x1fd [] ? mount_root+0x39/0x4d [] ? prepare_namespace+0x142/0x168 [] ? kernel_init+0x167/0x172 [] ? kernel_init+0x0/0x172 [] ? kernel_thread_helper+0x7/0x10 I've booted with a live CD and checked the arrays they look good, i'm not sure how to correct this UUID issue, any suggestions welcome. Thanks. Dave.
Re: [gentoo-user] How many ways are there for a user to increase their permissions?
On Friday 16 April 2010 23:13:34 Jonathan wrote: > I'm trying to work out how many ways there are to increase the permissions > of a user. > > 1: su -: Needs root password and you need to be in the group "wheel". > 2: sudo: You need to be in the group "wheel" or in the /etc/sudoers file, > using your own user password. I'm not counting gksu and gksudo they are > just front ends. > 3: sudoedit: This is the best way to edit text files, it uses the same > rules as sudo. > > 4: Linux "Capabilities" or "caps": Which increases permissions on a > per-file basis. e.g. removing SUID from ping and adding CAP_NET_RAW to > ping. This is much safer than running the whole program as root. > http://linux.die.net/man/7/capabilities This is a first for me. I haven't used it before and it seems it is not set up on my box by default. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Saturday 17 April 2010 16:39:19 Alan McKinnon wrote: > On Saturday 17 April 2010 17:10:14 Mick wrote: > > On Saturday 17 April 2010 14:08:22 Alan McKinnon wrote: > > > On Saturday 17 April 2010 14:59:09 Lie Ryan wrote: > > > > On 04/17/10 18:47, Mick wrote: > > > > > On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: > > > > >> On Friday 16 April 2010 20:29:27 Dale wrote: > > > > > > > > > > Blimey! That sounds like horribly_broken! > > > > > > > > > > Which cron do you recommend for a desktop? > > > > > > > > One question, do you actually need cron for desktop? I installed > > > > vixie because the installation manual says to, but never need to > > > > write any cron rule for anything and I don't think there any program > > > > I uses installs a cron rule. So why bother with cron? > > > > > > A default install will configure cron to run > > > > > > mkwhatis > > > slocate > > > logrotate > > > updatepciids > > > updateusbids > > > > > > These are all very useful and your machine is somewhat crippled without > > > > > > them. > > > > Hmm... mine has: > > > > ls -la /etc/cron.daily/ > > total 10 > > drwxr-x--- 2 root root 7 Mar 14 19:11 . > > drwxr-xr-x 74 root root 160 Apr 17 14:58 .. > > -rw-r--r-- 1 root root 0 Jan 21 01:33 .keep > > -rw-r--r-- 1 root root 0 Feb 28 15:13 .keep_sys-process_cronbase-0 > > -rwxr-xr-x 1 root root 52 Feb 28 15:15 logrotate.cron > > -rwxr-xr-x 1 root root 115 Mar 14 19:11 makewhatis > > -rwxr-xr-x 1 root root 152 Feb 28 15:15 slocate > > > > but not updatepciids and updateusbids. Grant you I don't need them > > daily, but last time I checked I had to update these myself. Should they > > have been added automatically in my /etc/cron.daily/* ? > > They go in cron.monthly, but no matter. > > Do you have these packages installed: > > nazgul ~ # equery belongs /etc/cron.monthly/update-pciids > * Searching for /etc/cron.monthly/update-pciids ... > sys-apps/pciutils-3.1.7 (/etc/cron.monthly/update-pciids) > nazgul ~ # equery belongs /etc/cron.monthly/update-usbids > * Searching for /etc/cron.monthly/update-usbids ... > sys-apps/usbutils-0.87 (/etc/cron.monthly/update-usbids) Hmm ... Nill returns. :-( I have however already installed both pciutils and usbutils. Are they meant to make entries in cron.daily when installed? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
[gentoo-user] initramfs & RAID at boot time
Hi, I've never learned to do an initramfs as I've never used hardware in a Linux box that required it. However now I find myself using mdadm software-RAID and getting dinged on the linux-raid list when I ask about things like the kernel autodetecting RAID drives at boot time as the mdadm developers are firmly fixated on using initramfs and auto-detecting nothing. Going with the flow I'm studying this Gentoo Wiki link: http://en.gentoo-wiki.com/wiki/Initramfs and most specifically this portion on software RAID: http://en.gentoo-wiki.com/wiki/Initramfs#Software_RAID where the statement "But if you use an initramfs the kernel will not automatically scan for RAIDs until it is told to." caught my attention. Does anyone know if the word "not" in that statement is absolutely true? I.e. - if I take a kernel that today finds a RAID1 / drive and boots, that if I do nothing other than turn on that feature in the kernel then the boot process is not going to assemble my RAID, not find / and then fail to boot? Maybe I'm reading too much into that but I like that my system boots and I don't think I want to do things that stop it from doing so... ;-) That said, if it's true, does the "noinitrd" kernel parameter override it and then RAID would work and the boot completes normally? Thanks, Mark
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Saturday 17 April 2010 17:10:14 Mick wrote: > On Saturday 17 April 2010 14:08:22 Alan McKinnon wrote: > > On Saturday 17 April 2010 14:59:09 Lie Ryan wrote: > > > On 04/17/10 18:47, Mick wrote: > > > > On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: > > > >> On Friday 16 April 2010 20:29:27 Dale wrote: > > > > Blimey! That sounds like horribly_broken! > > > > > > > > Which cron do you recommend for a desktop? > > > > > > One question, do you actually need cron for desktop? I installed vixie > > > because the installation manual says to, but never need to write any > > > cron rule for anything and I don't think there any program I uses > > > installs a cron rule. So why bother with cron? > > > > A default install will configure cron to run > > > > mkwhatis > > slocate > > logrotate > > updatepciids > > updateusbids > > > > These are all very useful and your machine is somewhat crippled without > > > > them. > > Hmm... mine has: > > ls -la /etc/cron.daily/ > total 10 > drwxr-x--- 2 root root 7 Mar 14 19:11 . > drwxr-xr-x 74 root root 160 Apr 17 14:58 .. > -rw-r--r-- 1 root root 0 Jan 21 01:33 .keep > -rw-r--r-- 1 root root 0 Feb 28 15:13 .keep_sys-process_cronbase-0 > -rwxr-xr-x 1 root root 52 Feb 28 15:15 logrotate.cron > -rwxr-xr-x 1 root root 115 Mar 14 19:11 makewhatis > -rwxr-xr-x 1 root root 152 Feb 28 15:15 slocate > > but not updatepciids and updateusbids. Grant you I don't need them daily, > but last time I checked I had to update these myself. Should they have > been added automatically in my /etc/cron.daily/* ? They go in cron.monthly, but no matter. Do you have these packages installed: nazgul ~ # equery belongs /etc/cron.monthly/update-pciids * Searching for /etc/cron.monthly/update-pciids ... sys-apps/pciutils-3.1.7 (/etc/cron.monthly/update-pciids) nazgul ~ # equery belongs /etc/cron.monthly/update-usbids * Searching for /etc/cron.monthly/update-usbids ... sys-apps/usbutils-0.87 (/etc/cron.monthly/update-usbids) -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Saturday 17 April 2010 14:08:22 Alan McKinnon wrote: > On Saturday 17 April 2010 14:59:09 Lie Ryan wrote: > > On 04/17/10 18:47, Mick wrote: > > > On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: > > >> On Friday 16 April 2010 20:29:27 Dale wrote: > > > > > > Blimey! That sounds like horribly_broken! > > > > > > Which cron do you recommend for a desktop? > > > > One question, do you actually need cron for desktop? I installed vixie > > because the installation manual says to, but never need to write any > > cron rule for anything and I don't think there any program I uses > > installs a cron rule. So why bother with cron? > > A default install will configure cron to run > > mkwhatis > slocate > logrotate > updatepciids > updateusbids > > These are all very useful and your machine is somewhat crippled without > them. > Hmm... mine has: ls -la /etc/cron.daily/ total 10 drwxr-x--- 2 root root 7 Mar 14 19:11 . drwxr-xr-x 74 root root 160 Apr 17 14:58 .. -rw-r--r-- 1 root root 0 Jan 21 01:33 .keep -rw-r--r-- 1 root root 0 Feb 28 15:13 .keep_sys-process_cronbase-0 -rwxr-xr-x 1 root root 52 Feb 28 15:15 logrotate.cron -rwxr-xr-x 1 root root 115 Mar 14 19:11 makewhatis -rwxr-xr-x 1 root root 152 Feb 28 15:15 slocate but not updatepciids and updateusbids. Grant you I don't need them daily, but last time I checked I had to update these myself. Should they have been added automatically in my /etc/cron.daily/* ? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
[gentoo-user] win7x64 in kvm does not have sound
hi, i use kvm -soundhw ac97 ... to start my win7 guest, and i see a 'Multimedia Audio Device' in my device manager. but i cannot manage to get a driver for it. according to kvm -soundhw ?, the ac97 sound card is a intel ac97 audio device. but windows cannot find a driver for it, neither can i find a driver for it on google... -- Best Regards, David Shen http://twitter.com/davidshen84/
[gentoo-user] Re: vixie-cron keeps stopping
On 04/17/10 23:08, Alan McKinnon wrote: > On Saturday 17 April 2010 14:59:09 Lie Ryan wrote: >> On 04/17/10 18:47, Mick wrote: >>> On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: On Friday 16 April 2010 20:29:27 Dale wrote: >>> Blimey! That sounds like horribly_broken! >>> >>> Which cron do you recommend for a desktop? >> >> One question, do you actually need cron for desktop? I installed vixie >> because the installation manual says to, but never need to write any >> cron rule for anything and I don't think there any program I uses >> installs a cron rule. So why bother with cron? > > A default install will configure cron to run > > mkwhatis > slocate > logrotate > updatepciids > updateusbids I don't install `locate` as I don't have that many files to start with and `find` is more than adequate for when I need to search (and I typically only do searches on newly downloaded file or system files, those that aren't indexed in locate's database in the first place). In a typical desktop system you only rarely actually read logs (typically only when debugging kernel, X, and failed emerge; you don't meet kernel OOPS every day, don't you?), for the rest of the times I could probably live without logging and I can turn it on when I need to examine some logs. A typical desktop system do not update their hardware everyday and running those updater programs manually isn't such a pain when you do (on the other hand I run `emerge --sync` and `q -r` every week, but then I still much prefer running emerges manually). And bash's tab completion is much more efficient for searching commands than `whatis`. So I don't think a typical desktop system gets crippled much without cron (or even logging). Yes, you lose some features, and you will need to manually update system's database and do certain things manually which otherwise would have been handled for you; but if I have to choose between wasting system resources running cron/logging or losing features I use once in a month, I probably would not bother with cron.
Re: [gentoo-user] how to get microphone work in gentoo?
On Sat, Apr 17, 2010 at 9:54 PM, Mark Knecht wrote: > Intel HDA here. Mic input on my works fine. > > 1) Make sure mic volume is up and mix is not muted. > > 2) Compile Alsa as modular. Almost always works better and is > recommended modular by Alsa developers over the years. > > The one thing that hasn't worked for me so far is passing the mic > input up to to VMWare's sound card. Audio works fine - I can hear > Windows apps - but Windows apps don't receive my mic. > thanks man, Thomas from gentoo-china helped me solve this problem. the problem is that i did not enable the 'CAPTURE' function of my record device. the record device should be set list this in the alsamixer https://mail.google.com/mail/?ui=2&ik=c262ed02b8&view=att&th=1280bfbaf4fe4fbd&attid=0.1&disp=inline&realattid=f_g84gy3tr1&zw use 'SPACE' to toggle the capture. -- Best Regards, David Shen http://twitter.com/davidshen84/
Re: [gentoo-user] how to get microphone work in gentoo?
On Sat, Apr 17, 2010 at 5:55 AM, Xi Shen wrote: > hi, > > i searched for a while and found out microphone does not work in linux > for most people... > > despite of this, i still post here, and hope someone could help me. > > my system is thinkpad t61, intel HD audio, gentoo amd64, i have ALSA > and intel audio driver compiled in my kernel. > > > -- > Best Regards, > David Shen > > http://twitter.com/davidshen84/ > > Intel HDA here. Mic input on my works fine. 1) Make sure mic volume is up and mix is not muted. 2) Compile Alsa as modular. Almost always works better and is recommended modular by Alsa developers over the years. The one thing that hasn't worked for me so far is passing the mic input up to to VMWare's sound card. Audio works fine - I can hear Windows apps - but Windows apps don't receive my mic. - Mark - Mark
Re: [gentoo-user] how to get microphone work in gentoo?
On Sa, 2010-04-17 at 20:55 +0800, Xi Shen wrote: > hi, > > i searched for a while and found out microphone does not work in linux > for most people... > > despite of this, i still post here, and hope someone could help me. > > my system is thinkpad t61, intel HD audio, gentoo amd64, i have ALSA > and intel audio driver compiled in my kernel. > > Hello, if you use GNOME try gnome-volume-control and play with the settings. For me works a configuration with "Capture" (Tab "Recording") switched on and in the upper third and in "Options" I need to define the "Input Source" (probably you want need that). Best wishes Thomas
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Sat, 17 Apr 2010 22:59:09 +1000 Lie Ryan wrote: > On 04/17/10 18:47, Mick wrote: > > On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: > >> On Friday 16 April 2010 20:29:27 Dale wrote: > > > > Blimey! That sounds like horribly_broken! > > > > Which cron do you recommend for a desktop? > > > One question, do you actually need cron for desktop? I installed vixie > because the installation manual says to, but never need to write any > cron rule for anything and I don't think there any program I uses > installs a cron rule. So why bother with cron? Possibly not. ... depends on what you have installed. /etc/cron.daily has some useful stuff, notably slocate.cron.
Re: [gentoo-user] Re: vixie-cron keeps stopping
On Saturday 17 April 2010 14:59:09 Lie Ryan wrote: > On 04/17/10 18:47, Mick wrote: > > On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: > >> On Friday 16 April 2010 20:29:27 Dale wrote: > > Blimey! That sounds like horribly_broken! > > > > Which cron do you recommend for a desktop? > > One question, do you actually need cron for desktop? I installed vixie > because the installation manual says to, but never need to write any > cron rule for anything and I don't think there any program I uses > installs a cron rule. So why bother with cron? A default install will configure cron to run mkwhatis slocate logrotate updatepciids updateusbids These are all very useful and your machine is somewhat crippled without them. -- alan dot mckinnon at gmail dot com
[gentoo-user] Re: vixie-cron keeps stopping
On 04/17/10 18:47, Mick wrote: > On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: >> On Friday 16 April 2010 20:29:27 Dale wrote: > > Blimey! That sounds like horribly_broken! > > Which cron do you recommend for a desktop? One question, do you actually need cron for desktop? I installed vixie because the installation manual says to, but never need to write any cron rule for anything and I don't think there any program I uses installs a cron rule. So why bother with cron?
[gentoo-user] how to get microphone work in gentoo?
hi, i searched for a while and found out microphone does not work in linux for most people... despite of this, i still post here, and hope someone could help me. my system is thinkpad t61, intel HD audio, gentoo amd64, i have ALSA and intel audio driver compiled in my kernel. -- Best Regards, David Shen http://twitter.com/davidshen84/
Re: [gentoo-user] Re: [OT] Setting up a fall back ISP SMTP in sendmail
On Saturday 17 April 2010 00:51:39 Harry Putnam wrote: > Mick writes: > > Hi All, > > > > Is there a (native) way to configure sendmail to send messages via a > > secondary smtp account, if dor some reason the primary ISP smtp is > > down, without some bespoke DIY script? > > Not give you the runaround, and there may well be some sendmail > experts here... but I think your question is more likely to get a > really helpful response if you put it on comp.mail.sendmail. > > You might get an answer from Per Hedlund or one of the other heavy > hitters there. > > I've used sendmail for yrs but just on homeboy little local lans. > > I'd be surprised if there is not some well trod way to do what you are > asking. Sendmail is probably the most widely used MTA around so it > seem really likely that problem has been dealt with in some way. For the purpose of posterity: The way to set up a fall back host is to use confFALLBACK_SMARTHOST to define a fall back smtp server. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] net-im/emesene-1.5.1: No download source available.
Yeah checked...at time of install sourceforge was doing maintenance... Thanks :) On 17/04/10 18:32, Daniel Pielmeier wrote: > 2010/4/17 ubiquitous1980 : > >> Hey guys...no downloadable source for emesene from the sunrise overlay... >> Thought I would check first before I write a bug for bugzilla. >> >> Thanks >> >> ubiquitous1980 >> > Go to http://sourceforge.net/ and you will find out. > >
Re: [gentoo-user] net-im/emesene-1.5.1: No download source available.
Yeah checked...at time of install sourceforge was doing maintenance... Thanks :) On 17/04/10 18:32, Daniel Pielmeier wrote: > 2010/4/17 ubiquitous1980 : > >> Hey guys...no downloadable source for emesene from the sunrise overlay... >> Thought I would check first before I write a bug for bugzilla. >> >> Thanks >> >> ubiquitous1980 >> > Go to http://sourceforge.net/ and you will find out. > >
Re: [gentoo-user] net-im/emesene-1.5.1: No download source available.
2010/4/17 ubiquitous1980 : > Hey guys...no downloadable source for emesene from the sunrise overlay... > Thought I would check first before I write a bug for bugzilla. > > Thanks > > ubiquitous1980 Go to http://sourceforge.net/ and you will find out. -- Daniel Pielmeier
Re: [gentoo-user] vixie-cron keeps stopping
On Saturday 17 April 2010 10:47:15 Mick wrote: > On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: > > On Friday 16 April 2010 20:29:27 Dale wrote: > > > Alan McKinnon wrote: > > > > On Thursday 15 April 2010 02:58:15 Matt Harrison wrote: > > > >> I apologise if this has come twice, it didn't appear to post > > > >> correctly first time, not even on the archives. > > > >> > > > >> Its been happening for a while but I haven't got round to find out > > > >> why, but every so often (anything between a week or an hour) > > > >> vixie-cron just stops. There's nothing in the logs, the service just > > > >> stops. > > > >> > > > >> I have no idea where to start looking for a culprit so I'm hoping > > > >> someone here has some good ideas :) > > > >> > > > >> thanks in advance > > > >> > > > >> Matt > > > > > > > > You probably don't want to hear this, but: > > > > > > > > vixie-cron is problematic in the extreme. I have endless hassle with > > > > it's weird behaviours. > > > > > > > > Use a different cron daemon. > > > > > > I am using vixie as well. It was in the install guide many years ago. > > > What all would have to be changed to switch to fcron? I think some > > > packages "detect" which cron you have installed and put things in the > > > proper place for cron jobs to run. I could be wrong on that since it > > > has been a while since I noticed packages doing this. > > > > emerge -C vixie-cron && emerge > > > > You might have to tweak crontabs. > > > > I have come to detest with a passion every piece of software written or > > inspired by Paul Vixie. It took 10-15 years to get bind into a shape > > where > > > > it takes less than 20 minutes to start here, it's low, buggy and > > performance is pathetic. dhcp is just way too complex for my liking, ... > > > > ... and as for vixie-cron: When software doesn't act like it's supposed > > to, breaks in horrible ways without giving me any clue (like, "cron > > restart" > > > > works with no known init scripts on any platform I have) and instead > > says "cron restarted [OK]", which brings down 5000 Cisco devices as as > > a nasty side effect, and causes a Severity 0 committee to be called, > > twice, then that software's remaining life span on my boxes is measured > > in > > milliseconds :-) > > > > rant over > > Blimey! That sounds like horribly_broken! > > Which cron do you recommend for a desktop? Strangely enough, I'd tell folk to use vixie-cron if it's already working for them and they know it. I don't see the point in advising someone to switch a package that is working well for them and doing it's job. Most folk let cron be installed then they never touch it again, or add at most a few entries. Everything they need or want to be done is covered with the default /etc/cron.*/*. Why change it? Besides, they know how to work vixie- cron. But if they are run into problems or weird errors (like the OP where the thing just dies), then fcron is good. -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] vixie-cron keeps stopping
On Sat, 17 Apr 2010 11:00:02 +0200, Mick wrote about Re: [gentoo-user] vixie-cron keeps stopping: >On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: [snip] >> ... and as for vixie-cron: When software doesn't act like it's >> supposed to, breaks in horrible ways without giving me any clue >> (like, "cron restart" works with no known init scripts on any >> platform I have) and instead says "cron restarted [OK]", which >> brings down 5000 Cisco devices as as a nasty side effect, and causes >> a Severity 0 committee to be called, twice, then that software's >> remaining life span on my boxes is measured in milliseconds :-) >> >> rant over > >Blimey! That sounds like horribly_broken! > >Which cron do you recommend for a desktop? I switched from vixie-cron to fcron within a couple of days of first installing Gentoo. The Gentoo handbook suggested vixie-cron, but it proved to be a bucket of bolts. The version of fcron then available had problems in those days (late 2003) with daylight saving switch-overs, but these have long been fixed. Consequently, I recommend fcron to anybody dumb enough to take my word for such things. ... :-) -- Regards, Dave [RLU #314465] == dwn...@ntlworld.com (David W Noon) == signature.asc Description: PGP signature
Re: [gentoo-user] Re: [OT] Setting up a fall back ISP SMTP in sendmail
On Saturday 17 April 2010 00:51:39 Harry Putnam wrote: > comp.mail.sendmail Thank you Harry, I will. Just thought that there may be a Gentoo user who's already tried this - plus this is my favorite list alright. ;-) -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] vixie-cron keeps stopping
On Friday 16 April 2010 22:25:47 Alan McKinnon wrote: > On Friday 16 April 2010 20:29:27 Dale wrote: > > Alan McKinnon wrote: > > > On Thursday 15 April 2010 02:58:15 Matt Harrison wrote: > > >> I apologise if this has come twice, it didn't appear to post correctly > > >> first time, not even on the archives. > > >> > > >> Its been happening for a while but I haven't got round to find out > > >> why, but every so often (anything between a week or an hour) > > >> vixie-cron just stops. There's nothing in the logs, the service just > > >> stops. > > >> > > >> I have no idea where to start looking for a culprit so I'm hoping > > >> someone here has some good ideas :) > > >> > > >> thanks in advance > > >> > > >> Matt > > > > > > You probably don't want to hear this, but: > > > > > > vixie-cron is problematic in the extreme. I have endless hassle with > > > it's weird behaviours. > > > > > > Use a different cron daemon. > > > > I am using vixie as well. It was in the install guide many years ago. > > What all would have to be changed to switch to fcron? I think some > > packages "detect" which cron you have installed and put things in the > > proper place for cron jobs to run. I could be wrong on that since it > > has been a while since I noticed packages doing this. > > emerge -C vixie-cron && emerge > > You might have to tweak crontabs. > > I have come to detest with a passion every piece of software written or > inspired by Paul Vixie. It took 10-15 years to get bind into a shape where > it takes less than 20 minutes to start here, it's low, buggy and > performance is pathetic. dhcp is just way too complex for my liking, ... > > ... and as for vixie-cron: When software doesn't act like it's supposed to, > breaks in horrible ways without giving me any clue (like, "cron restart" > works with no known init scripts on any platform I have) and instead says > "cron restarted [OK]", which brings down 5000 Cisco devices as as a nasty > side effect, and causes a Severity 0 committee to be called, twice, then > that software's remaining life span on my boxes is measured in > milliseconds :-) > > rant over Blimey! That sounds like horribly_broken! Which cron do you recommend for a desktop? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
