Re: [gentoo-user] Re: Rooted/compromised Gentoo, seeking advice [Solved?]
On Tue, 10 Aug 2010 01:10:37 -0500, Paul Hartman wrote: > Second, the problem of chkrootkit telling me "find" and "netstat" were > INFECTED, in big scary upper-case letters. The files appear to be > genuine, chkrootkit hasn't been updated in over a year, a bit scary for a malware scanner. > I then tried rkhunter. It gave me numerous warnings, but after > checking the log for details they all appear to be harmless (For > example, it warns that /usr/bin/ldd is a script, not a binary... as > far as I can tell, that is how it's supposed to be) You can tweak the rkhunter config to skip specific tests on specific files (or patterns) to avoid these false positives. -- Neil Bothwick Top Oxymorons Number 3: Working vacation signature.asc Description: PGP signature
[gentoo-user] finding out current softlevel
Hello, I was wondering whether there is some way to find out the current running softlevel (which I gave to the kernel line in grub's menu.lst), for example to start another window manager depending on the softlevel or whatever other possible solutions? Maybe in a variable like $SOFTLEVEL ? Thanks for any hints, Gabriel
Re: [gentoo-user] finding out current softlevel
li...@gabriel-striewe.de writes:
> I was wondering whether there is some way to find out the current
> running softlevel (which I gave to the kernel line in grub's
> menu.lst), for example to start another window manager depending on
> the softlevel or whatever other possible solutions? Maybe in a
> variable like $SOFTLEVEL ?
At least you can get the complete kernel line from /proc/cmdline.
If you like, put something like this into your .bashrc:
# get boot parameters:
SOFTLEVEL=$( < /proc/cmdline )
# strip from left all up to and including 'softlevel=':
SOFTLEVEL=${SOFTLEVEL##*softlevel=}
# strip from the right all from the first blank on:
SOFTLEVEL=${SOFTLEVEL%% *} # strip all
Oh, or forget about all this, as I just see that there is the rc-status -r
command.
Wonko
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
On Mon, Aug 9, 2010 at 6:18 PM, William Hubbs wrote: > On Mon, Aug 09, 2010 at 05:30:40PM -0700, Kevin O'Gorman wrote: > > On Mon, Aug 9, 2010 at 1:20 PM, Bill Longman > wrote: > > > I actually prefer "sudo su -" -- as long as I'm giving it away! :o) > > Afaik, there is no reason for "sudo su -" It should be either > > su - > > or, if you are using sudo, > > sudo -i > > The disadvantage of "su -" is that it requires the user to know the root > password. But, "sudo -i" does the same thing without requiring the user > to know the root password. > > You either didn't think or didn't actually try it. "sudo su -" needs a password, but it's the user password. Running su as root never needs a password. Accordingly, this works on a stock Ubuntu with no root password. "su -" requires the root password unless you're already root, and the root password may or may not exist. I didn't know about "sudo -i" (thanks), but when I tried "sudo -i" it immediately asked for a password, for which the user password was sufficient. So it's entirely equivalent to but slightly shorter than my version. I'll stick with mine because it's made of parts I already know and won't forget. I think that if sudoers don't need to enter passwords, they're still equivalent, but I have not tried this. -- Kevin O'Gorman, PhD
Re: [gentoo-user] finding out current softlevel
On Tue, 10 Aug 2010 16:42:02 +0200, li...@gabriel-striewe.de wrote: > I was wondering whether there is some way to find out the current > running softlevel (which I gave to the kernel line in grub's > menu.lst), for example to start another window manager depending on > the softlevel or whatever other possible solutions? Maybe in a > variable like $SOFTLEVEL ? The arguments you gave to the kernel when booting are in /proc/cmdline, but that may not be the current softlevel, it may have been changed since booting. With baselayout-1, the current softlevel is in /var/lib/init.d/softlevel. There may be a similar file for baselayout-2 but I haven't had the need to find it yet. -- Neil Bothwick Q. How many mathematicians does it take to change a light bulb? A. Only one - who gives it to six Californians, thereby reducing the problem to an earlier joke. signature.asc Description: PGP signature
Re: [gentoo-user] Re: Rooted/compromised Gentoo, seeking advice
> > Another idea to help with your forensics would be to bring a netstat and > lsof > binary over to your machine and run them to see which actors are running > and > trying to get out. That could help you detect what is running on that > machine > and google your way from there. If your kernel has been subverted then userland is irrelevant, a kit can simply hook the system calls those binaries use and return whatever it wants you to know. -- Kyle
Re: [gentoo-user] finding out current softlevel
> At least you can get the complete kernel line from /proc/cmdline.
Strangely, my /proc/cmdline is empty; could I have forgotten some
kernel module or option?
> If you like, put something like this into your .bashrc:
>
> # get boot parameters:
> SOFTLEVEL=$( < /proc/cmdline )
> # strip from left all up to and including 'softlevel=':
> SOFTLEVEL=${SOFTLEVEL##*softlevel=}
> # strip from the right all from the first blank on:
> SOFTLEVEL=${SOFTLEVEL%% *} # strip all
>
> Oh, or forget about all this, as I just see that there is the rc-status -r
> command.
Yes, that works fine, thank you!!
> Wonko
Gabriel
Re: [gentoo-user] finding out current softlevel
The baselayout-2 method is rc-status --runlevel -- Neil Bothwick And on the seventh day God said :wq and then make signature.asc Description: PGP signature
[gentoo-user] Re: kde-4.4.5 & Seamonkey weirdness
Adam Carter gmail.com> writes: > > Ever since my upgrade to kde-4.4.5 my seamonkey windows > sporadically go black, when I move the mouse away from > them. Both the Web browser and the mail client do this > sporadically. Headers, toolbars and where the text appears > all sporadically get into the act. > Interesting - sounds similar to what i get - see my thread "Some corruption after gnome 2.30". I rebuilt world and still have the problem. So perhaps.there is something lower level than gnome/kde that causes this issue. Yep, maybe you are on to something. I rebuilt seamonkey and gnome-extra/evolution-data-server and still it croaks. I rebuild 'system' tonight and see if that helps. I have not sync'd and updated in 5 days, so I do that too. Let you know what I find. Since I run kde, it must be deep below the gnome or kde level.? Here are my seamonkey flags: alsa chatzilla composer crypt cups dbus java ldap mailclient roaming startup-notification -custom-optimization -gnome -system-sqlite James
[gentoo-user] emerge source code but don't build?
Hi, Is there an option in emerge to download and create the source code tree for an application, but then stop at that point, don't build the app and leave the source code tree in place so that I can look at it? Thanks, Mark
Re: [gentoo-user] emerge source code but don't build?
Mark Knecht writes: >Is there an option in emerge to download and create the source code > tree for an application, but then stop at that point, don't build the > app and leave the source code tree in place so that I can look at it? Probably not. But you can use the ebuild command: ebuild /path/to/category/package.ebuild unpack Read the man page, I'm not sure if things like fetching will be done when necessary. Wonko
Re: [gentoo-user] emerge source code but don't build?
On Tue, 10 Aug 2010 09:29:04 -0700, Mark Knecht wrote:
>Is there an option in emerge to download and create the source code
> tree for an application, but then stop at that point, don't build the
> app and leave the source code tree in place so that I can look at it?
ebuild ${PORTDIR}/cat/pkg/pkg-ver.ebuild unpack
--
Neil Bothwick
"There are no stupid questions, just too many inquisitive idiots."
signature.asc
Description: PGP signature
Re: [gentoo-user] emerge source code but don't build?
On Tue, 10 Aug 2010 18:53:12 +0200, Alex Schuster wrote: > ebuild /path/to/category/package.ebuild unpack > > Read the man page, I'm not sure if things like fetching will be done > when necessary. It will, ebuild carries out any prior steps if they are needed. You may want to use ebuild ... prepare instead of ebuild ... unpack. It carries out any pre-compilation steps, like applying patches. If you are doing this because you want to apply a patch yourself, you can use one of the above, apply your patches, then run ebuild ... merge to complete the process and install it. man 1 ebuild explains it all. -- Neil Bothwick What do you do when you see an endangered animal eating an endangered plant? signature.asc Description: PGP signature
Re: [gentoo-user] emerge source code but don't build?
On Tue, Aug 10, 2010 at 9:53 AM, Alex Schuster wrote: > Mark Knecht writes: > >> Is there an option in emerge to download and create the source code >> tree for an application, but then stop at that point, don't build the >> app and leave the source code tree in place so that I can look at it? > > Probably not. But you can use the ebuild command: > > ebuild /path/to/category/package.ebuild unpack > > Read the man page, I'm not sure if things like fetching will be done when > necessary. > > Wonko > > Thanks Wonko and you too Neil. Cheers, Mark
Re: [gentoo-user] Re: kde-4.4.5 & Seamonkey weirdness
On 2010-08-10 16:13, James wrote: > Adam Carter gmail.com> writes: >> Interesting - sounds similar to what i get - see my thread "Some corruption > after gnome 2.30". I rebuilt world and still have the problem. So > perhaps.there > is something lower level than gnome/kde that causes this issue. What X graphic card driver are you using? I ran into a similar issue with ati-drivers (>=10.6) where AMD has introduced a new 2D acceleration infrastructure (inherited from Windows); this doesn't work so good (at least not for me and others) so I disabled it with 'aticonfig --set-pcs-str=DDX,ForceXAA,TRUE' (as root of course, since this changes a ati config file in /etc). Best regards Peter K
Re: [gentoo-user] emerge source code but don't build?
On Tue, Aug 10, 2010 at 11:53 AM, Alex Schuster wrote: > Mark Knecht writes: > >> Is there an option in emerge to download and create the source code >> tree for an application, but then stop at that point, don't build the >> app and leave the source code tree in place so that I can look at it? > > Probably not. But you can use the ebuild command: > > ebuild /path/to/category/package.ebuild unpack > > Read the man page, I'm not sure if things like fetching will be done when > necessary. I think so, if you try to run a step whose prerequisite steps haven't been run then it'll run them, too.
[gentoo-user] VDR, but...
Hi, still searching for a good EPG-creating application, which additional may record DVB-t broadcasts I am now struggling with vdr. I am at the point, where vdr displays one channel via ShmClinet. But it does not except any keyboard input and does not react in any way on my hammering on the keys. And it has a very noticeable delay between audio and video, which cannot be recognized when playing the same channel via vlc. I am using X11 with input-evdev. I read about the installation of vdr here: http://www.gentoo.org/doc/en/vdr-guide.xml But it seems, that this doc is somewhat outdated...I cannot find the util "pcimodules" which is used in this description. How can I fix the two problems described above... Little frustrated, best regards, mcc
[gentoo-user] Icons at startup of a KDE session
Hello, i've installed Gentoo and KDE 4.4 on an AMD64 system, configured /etc/conf.d/xdm to start kdm as login server. After login the KDE4 desktop starts up - a little box with at least 5 or 6 icons in it where one after the other icon displays blurred and then comes clear (Disk, Tools, World, ...). This process stops at the fourth icon (after the world icon) which remains blurred. At this stage the PC simply hangs - no ssh, no VT-switch, nothing. So my first question is - what stage the fourth icon stands for. And where to look for the issue. After a reboot to the command line i viewed the logs (/var/log/messages, /var/log/Xorg.0.log) but nothing looks suspicious. The last line in /var/log/messages reads: kdm: 0:[]: pam_unix(kde:session): session opened for ... The user was newly created using "useradd -m -g ...). There was no .kde4 directory in his home directory. Other window managers (fluxbox) don't show this problem. Kernel is gentoo-sources-2.6.34-r1. All components are from the stable tree. This may not be an gentoo problem. All hints are welcome. regards Petric
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
On Tuesday 10 August 2010 15:03:19 Kevin O'Gorman wrote: > On Mon, Aug 9, 2010 at 6:18 PM, William Hubbs wrote: > > On Mon, Aug 09, 2010 at 05:30:40PM -0700, Kevin O'Gorman wrote: > > > On Mon, Aug 9, 2010 at 1:20 PM, Bill Longman > > > > wrote: > > > > I actually prefer "sudo su -" -- as long as I'm giving it away! :o) > > > > Afaik, there is no reason for "sudo su -" It should be either > > > > su - > > > > or, if you are using sudo, > > > > sudo -i > > > > The disadvantage of "su -" is that it requires the user to know the root > > password. But, "sudo -i" does the same thing without requiring the user > > to know the root password. > > > > You either didn't think or didn't actually try it. "sudo su -" needs a > > password, but it's the > user password. Running su as root never needs a password. Accordingly, > this works on > a stock Ubuntu with no root password. > > "su -" requires the root password unless you're already root, and the root > password may or may not exist. > > I didn't know about "sudo -i" (thanks), but when I tried "sudo -i" it > immediately asked for a password, for which > the user password was sufficient. So it's entirely equivalent to but > slightly shorter than my version. I'll stick with > mine because it's made of parts I already know and won't forget. > > I think that if sudoers don't need to enter passwords, they're still > equivalent, but I have not tried this. Sounds to me like he's whinging about sudo and not much else. I find this to be common and far too many people advancing the idea can't define to me basic security concepts. I have also yet to meet someone with a beef against sudo that can show a fundamental weakness with it, and I'm not talking about an isolated case of buffer overflow either - that can happen with any software. I mean a weakness in the methodology of sudo itself. Many people have a stuck idea in their heads that the root password is a magic security bullet. In fact, it's no such thing. Like any other password it is simply something you need to prove you know in order to to authenticate yourself. The major threat by analysis on a workstation is stepping away for a leak and forgetting to lock the screen. sudo is adequate protection against this as long as more than 5 minutes have elapsed since the last sudo was run - the prankster may have access to the machine but still does not know any password, including yours. A major threat to finding passwords is shoulder surfing. If one frequently enters the root password, it is equally easy for a shoulder surfer to find it as to find the user's password. Note that if you leave your workstation unlocked with a root session open, there is no such timeout as what one has with sudo. Additionally, on a shared machine (i.e. server at work), the root password has to be shared which is a huge hole in itself due to the difficulty of communicating the new password when it is changed. It is trivially easy to communicate a single password for a single user and guarantee it stays secure (major advances in cryptanalysis excepted). -- alan dot mckinnon at gmail dot com
[gentoo-user] Kmail storage of TLS certificate
Hi All, I've set up an IMAP account on Kmail and the first time I logged in it flagged up that the SSL certificate offered by the server was not valid. I accepted it and ticked to save it and not ask me again. This seems to me has caused Kmail to never again check mail on that account (it tries to, but never connects). My assumption (judging from other accounts (on the same mail server) is that the certificate session expires, but it does not start a new session because of some malfunction with the certificate and the fact that I asked it to save it as accepted. Other accounts, bring up a notification, I have to accept the certificate afresh and then they connect normally. Any idea how I can reset this certificate as far as Kmail is concerned? When has it stored my clicking to save the acceptance of the certificate and how can I reset this? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
On Tue, Aug 10, 2010 at 2:50 PM, Alan McKinnon wrote: > On Tuesday 10 August 2010 15:03:19 Kevin O'Gorman wrote: > > On Mon, Aug 9, 2010 at 6:18 PM, William Hubbs > wrote: > > > On Mon, Aug 09, 2010 at 05:30:40PM -0700, Kevin O'Gorman wrote: > > > > On Mon, Aug 9, 2010 at 1:20 PM, Bill Longman > > > > > > > wrote: > > > > > I actually prefer "sudo su -" -- as long as I'm giving it away! > :o) > > > > > > Afaik, there is no reason for "sudo su -" It should be either > > > > > > su - > > > > > > or, if you are using sudo, > > > > > > sudo -i > > > > > > The disadvantage of "su -" is that it requires the user to know the > root > > > password. But, "sudo -i" does the same thing without requiring the > user > > > to know the root password. > > > > > > You either didn't think or didn't actually try it. "sudo su -" needs > a > > > > password, but it's the > > user password. Running su as root never needs a password. Accordingly, > > this works on > > a stock Ubuntu with no root password. > > > > "su -" requires the root password unless you're already root, and the > root > > password may or may not exist. > > > > I didn't know about "sudo -i" (thanks), but when I tried "sudo -i" it > > immediately asked for a password, for which > > the user password was sufficient. So it's entirely equivalent to but > > slightly shorter than my version. I'll stick with > > mine because it's made of parts I already know and won't forget. > > > > I think that if sudoers don't need to enter passwords, they're still > > equivalent, but I have not tried this. > > Sounds to me like he's whinging about sudo and not much else. I find this > to > be common and far too many people advancing the idea can't define to me > basic > security concepts. I have also yet to meet someone with a beef against sudo > that can show a fundamental weakness with it, and I'm not talking about an > isolated case of buffer overflow either - that can happen with any > software. I > mean a weakness in the methodology of sudo itself. > > Many people have a stuck idea in their heads that the root password is a > magic > security bullet. In fact, it's no such thing. Like any other password it is > simply something you need to prove you know in order to to authenticate > yourself. The major threat by analysis on a workstation is stepping away > for a > leak and forgetting to lock the screen. sudo is adequate protection against > this as long as more than 5 minutes have elapsed since the last sudo was > run - > the prankster may have access to the machine but still does not know any > password, including yours. A major threat to finding passwords is shoulder > surfing. If one frequently enters the root password, it is equally easy for > a > shoulder surfer to find it as to find the user's password. Note that if you > leave your workstation unlocked with a root session open, there is no such > timeout as what one has with sudo. > > Additionally, on a shared machine (i.e. server at work), the root password > has > to be shared which is a huge hole in itself due to the difficulty of > communicating the new password when it is changed. It is trivially easy to > communicate a single password for a single user and guarantee it stays > secure > (major advances in cryptanalysis excepted). > > > -- > alan dot mckinnon at gmail dot com > > Good Luck getting people to change them frequently and haveing your techs and it departments meeting complexity and length policy. Remeber the only secure system is off and disconnected. If you are willing to use it you must apriase the community of the risk of failure; and plan for said risk. Most projects I've enjoyed had various password books usually encrypted with a "God" key for each department and it's respective responsbile area. Then those keys become an issue in and of themselfs; then it's a matter of procedural control. When the admin or admins leave, change them. Sounds simple, but far too rarely as it happens in pratice that I've headed to a client I haven't visited in a decade or so and find the same password I once used by guessing. Wich always rings true for me as a means to ensure disclosure is to those that I trust; or would trust. The discretionary access model in Gentoo is nice and to be expected; what I'd really like is a way to have my groups integrate from whichever directory service I'm using to meet the DAC mappings required on the local machine so I can enable RBAC or some other Lattice based control with local admins and limit their functions to thier jobs in an EASY fashon. Regards, -- Hazen Valliant-Saunders
Re: [gentoo-user] VDR, but...
On Tue, 10 Aug 2010 20:25:16 +0200, meino.cra...@gmx.de wrote: > But it seems, that this doc is somewhat outdated...I cannot > find the util "pcimodules" which is used in this description. That's been replaced by lspci -k. -- Neil Bothwick Don't take life too seriously, you won't get out alive. signature.asc Description: PGP signature
[gentoo-user] Re: kde-4.4.5 & Seamonkey weirdness
pk coolmail.se> writes: 'aticonfig --set-pcs-str=DDX,ForceXAA,TRUE' You are GENIUS, well as far as I can tell. works for me, so far thx, James
Re: [gentoo-user] emerge source code but don't build?
On Tue, Aug 10, 2010 at 10:22 AM, Neil Bothwick wrote: > On Tue, 10 Aug 2010 18:53:12 +0200, Alex Schuster wrote: > >> ebuild /path/to/category/package.ebuild unpack >> >> Read the man page, I'm not sure if things like fetching will be done >> when necessary. > > It will, ebuild carries out any prior steps if they are needed. You may > want to use ebuild ... prepare instead of ebuild ... unpack. It carries > out any pre-compilation steps, like applying patches. > > If you are doing this because you want to apply a patch yourself, you can > use one of the above, apply your patches, then run ebuild ... merge to > complete the process and install it. man 1 ebuild explains it all. > > > -- > Neil Bothwick > > What do you do when you see an endangered animal eating an endangered > plant? > In my case, due to conversations on another list about a piece of software that's important to me, it was simply to look at how copyrights are set up in that program's source code. (I.e. - who's names are named, what dates, etc.) Cheers, Mark
[gentoo-user] write failed on dvd with growisofs
Hello, I am incurring a strange problem when trying to burn DVDs. When I apply the command: # growisofs -dvd-compat -Z /dev/sr0 -R -J test/ I get the following output: Executing 'mkisofs -R -J test/ | builtin_dd of=/dev/sr0 obs=32k seek=0' Total translation table size: 0 Total rockridge attributes bytes: 273 Total directory bytes: 0 Path table size(bytes): 10 Max brk space used 0 182 extents written (0 MB) /dev/sr0: "Current Write Speed" is 2.5x1352KBps. :-[ wr...@lba=0h failed with SK=5h/WRITE PROTECTED]: Input/output error :-( write failed: Input/output error I am using a kernel 2.6.33-rt from the proaudio-overlay with the new serial and parallel ATA stack, not the old deprecated ATA-stack. This is what dvd+rw-mediainfo says: INQUIRY:[SONY][DVD RW DW-Q58A ][UFS2] GET [CURRENT] CONFIGURATION: Mounted Media: 1Bh, DVD+R Media ID: RITEK/F16 Current Write Speed: 2.4x1385=3324KB/s Write Speed #0:2.4x1385=3324KB/s GET [CURRENT] PERFORMANCE: Write Performance: 2.4x1385=3324KB/s...@[0 -> 0] Speed Descriptor#0:00/0 r...@8.0x1385=11080kb/s w...@2.4x1385=3324kb/s READ DVD STRUCTURE[#0h]: Media Book Type: 00h, DVD-ROM book [revision 0] Legacy lead-out at:2295104*2KB=4700372992 READ DISC INFORMATION: Disc status: blank Number of Sessions:1 State of Last Session: empty "Next" Track: 1 Number of Tracks: 1 READ TRACK INFORMATION[#1]: Track State: blank Track Start Address: 0*2KB Next Writable Address: 0*2KB Free Blocks: 2295104*2KB Track Size:2295104*2KB ROM Compatibility LBA: 265696 READ CAPACITY: 0*2048=0 Unfortunately, I reproduced this error on an non-RT 2.6.34 kernel with the same config. Anybody has got any ideas? Regards, Gabriel
Re: [gentoo-user] Icons at startup of a KDE session
Hello, On Tuesday, 10. August 2010 20:26:29 Petric Frank wrote: > i've installed Gentoo and KDE 4.4 on an AMD64 system, configured > /etc/conf.d/xdm to start kdm as login server. To be clear - it is not an 64 Bit OS, it is still x86. > After login the KDE4 desktop starts up - a little box with at least 5 or 6 > icons in it where one after the other icon displays blurred and then comes > clear (Disk, Tools, World, ...). > This process stops at the fourth icon (after the world icon) which remains > blurred. At this stage the PC simply hangs - no ssh, no VT-switch, nothing. > > So my first question is - what stage the fourth icon stands for. And where > to look for the issue. > > After a reboot to the command line i viewed the logs (/var/log/messages, > /var/log/Xorg.0.log) but nothing looks suspicious. The last line in > /var/log/messages reads: > kdm: 0:[]: pam_unix(kde:session): session > opened for ... > > The user was newly created using "useradd -m -g ...). There was no .kde4 > directory in his home directory. Usually i add new users also to the plugdev group. As a test i removed the user from this group i got past the plash screen. Now the normal screen came up. So it seems that the problem has something to do with the plugging system. At which places i should throw an eye ? regards Petric
[gentoo-user] How can I create "dynamic" link?
Hi, I am facing this problem: I have subdirectory, let's say "/some/dir". I would like to create some kind of "dynamic" and "preliminary" link, so that any future subdirectories, created later in /some will in fact be links, pointing to /some/dir. So if later any user does: cd /some mkdir whatever There should not be subdirectory /some/whatever, but actually link: /some/whatever -> /some/dir Is it possible? Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] write failed on dvd with growisofs
li...@gabriel-striewe.de wrote: > Hello, > > I am incurring a strange problem when trying to burn DVDs. When I > apply the command: > > # growisofs -dvd-compat -Z /dev/sr0 -R -J test/ > > I get the following output: > > Executing 'mkisofs -R -J test/ | builtin_dd of=/dev/sr0 obs=32k seek=0' > Total translation table size: 0 > Total rockridge attributes bytes: 273 > Total directory bytes: 0 > Path table size(bytes): 10 > Max brk space used 0 > 182 extents written (0 MB) > /dev/sr0: "Current Write Speed" is 2.5x1352KBps. > :-[ wr...@lba=0h failed with SK=5h/WRITE PROTECTED]: Input/output error > :-( write failed: Input/output error Did you try to use cdrecord instead? Did you try to kill hald before? Jörg -- EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin j...@cs.tu-berlin.de(uni) joerg.schill...@fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
Re: [gentoo-user] write failed on dvd with growisofs
On Tue, Aug 10, 2010 at 10:27:27PM +0200, li...@gabriel-striewe.de wrote: > Hello, > > I am incurring a strange problem when trying to burn DVDs. When I > apply the command: > > # growisofs -dvd-compat -Z /dev/sr0 -R -J test/ > > I get the following output: > > Executing 'mkisofs -R -J test/ | builtin_dd of=/dev/sr0 obs=32k seek=0' > Total translation table size: 0 > Total rockridge attributes bytes: 273 > Total directory bytes: 0 > Path table size(bytes): 10 > Max brk space used 0 > 182 extents written (0 MB) > /dev/sr0: "Current Write Speed" is 2.5x1352KBps. > :-[ wr...@lba=0h failed with SK=5h/WRITE PROTECTED]: Input/output error > :-( write failed: Input/output error > > I am using a kernel 2.6.33-rt from the proaudio-overlay with the new > serial and parallel ATA stack, not the old deprecated ATA-stack. > > This is what dvd+rw-mediainfo says: > > INQUIRY:[SONY][DVD RW DW-Q58A ][UFS2] > GET [CURRENT] CONFIGURATION: > Mounted Media: 1Bh, DVD+R > Media ID: RITEK/F16 > Current Write Speed: 2.4x1385=3324KB/s > Write Speed #0:2.4x1385=3324KB/s > GET [CURRENT] PERFORMANCE: > Write Performance: 2.4x1385=3324KB/s...@[0 -> 0] > Speed Descriptor#0:00/0 r...@8.0x1385=11080kb/s w...@2.4x1385=3324kb/s > READ DVD STRUCTURE[#0h]: > Media Book Type: 00h, DVD-ROM book [revision 0] > Legacy lead-out at:2295104*2KB=4700372992 > READ DISC INFORMATION: > Disc status: blank > Number of Sessions:1 > State of Last Session: empty > "Next" Track: 1 > Number of Tracks: 1 > READ TRACK INFORMATION[#1]: > Track State: blank > Track Start Address: 0*2KB > Next Writable Address: 0*2KB > Free Blocks: 2295104*2KB > Track Size:2295104*2KB > ROM Compatibility LBA: 265696 > READ CAPACITY: 0*2048=0 > > > Unfortunately, I reproduced this error on an non-RT 2.6.34 kernel with > the same config. > > Anybody has got any ideas? > > Regards, > > Gabriel I have to add that writing DVD+RW works fine. How could this be? Regards, Gabriel
[gentoo-user] Re: How can I create "dynamic" link?
On 08/11/2010 12:06 AM, Jarry wrote: Hi, I am facing this problem: I have subdirectory, let's say "/some/dir". I would like to create some kind of "dynamic" and "preliminary" link, so that any future subdirectories, created later in /some will in fact be links, pointing to /some/dir. So if later any user does: cd /some mkdir whatever There should not be subdirectory /some/whatever, but actually link: /some/whatever -> /some/dir Is it possible? mkdir creates directories, not links. You need to do "ln -s /some/dir /some/whatever". Having mkdir create links would be a bug.
Re: [gentoo-user] Re: kde-4.4.5 & Seamonkey weirdness
On 2010-08-10 22:06, James wrote: > You are GENIUS, If you say so... ;-) ...but other people have walked this path before me so I'm only passing on the knowledge... glad I could help. Best regards Peter K
Re: [gentoo-user] How can I create "dynamic" link?
On 08/10/2010 02:06 PM, Jarry wrote: > Hi, > I am facing this problem: I have subdirectory, let's say > "/some/dir". I would like to create some kind of "dynamic" > and "preliminary" link, so that any future subdirectories, > created later in /some will in fact be links, pointing to > /some/dir. > > So if later any user does: > cd /some > mkdir whatever > > There should not be subdirectory /some/whatever, but actually link: > /some/whatever -> /some/dir > > Is it possible? Unless you write your own kernel module, the answer is "No."
Re: [gentoo-user] How can I create "dynamic" link?
On 08/10/2010 11:06 PM, Jarry wrote: Hi, I am facing this problem: I have subdirectory, let's say "/some/dir". I would like to create some kind of "dynamic" and "preliminary" link, so that any future subdirectories, created later in /some will in fact be links, pointing to /some/dir. So if later any user does: cd /some mkdir whatever There should not be subdirectory /some/whatever, but actually link: /some/whatever -> /some/dir Is it possible? Jarry Hello, this is probably not an answer for your question but... You can achieve this in different way - write small script and after this use some program (for example cron) which will execute that script every few seconds/minutes. The script may remove every empty directory located in /some (excluding /some/dir) and create a link to it. Regards, Paul.
Re: [gentoo-user] Re: kde-4.4.5 & Seamonkey weirdness
On Wed, Aug 11, 2010 at 6:06 AM, James wrote: > pk coolmail.se> writes: > > 'aticonfig --set-pcs-str=DDX,ForceXAA,TRUE' > > Works for me to (after a restart). Thanks.
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
On Tuesday 10 August 2010 20:22:13 Hazen Valliant-Saunders wrote: > Good Luck getting people to change them frequently and haveing your > techs and it departments meeting complexity and length policy. > > Remeber the only secure system is off and disconnected. I hope you know whom you're talking to here. -- Rgds Peter. Linux Counter 5290, 1994-04-23.
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
On Tue, Aug 10, 2010 at 04:14:41AM +0200, Frank Steinmetzger wrote > Am Dienstag, 10. August 2010 schrieb Paul Hartman: > > > Typing that long password into sudo every time I ran a command was a > > hassle > > I???ve never used sudo, and never really liked the idea of it. In > fact I???m always amused and slightly annoyed by the sheer amount > of sudo one can find in your typical ubuntu howto. ;-) There are some things that have to be done as root, but are needed by a regular user. E.g. I have a backup dialup account with 295.ca (guess how much they charge per month ). When using it, I not only have to run "pon", but I also have to copy over the correct ssmtp.conf settings for my dialup ISP. My ~/bin/udialup (USB dialup) script reads like so... #!/bin/bash /usr/bin/sudo /bin/cp -f /etc/ssmtp/295.ssmtp.conf /etc/ssmtp/ssmtp.conf /usr/bin/sudo /usr/sbin/pon u295.ca When I exit, I have to copy back the ssmtp.conf that points to my broadband ISP's MTU. My ~/bin/dialdown script reads like so... #!/bin/bash /usr/bin/sudo /usr/sbin/poff /usr/bin/sudo /bin/cp -f /etc/ssmtp/teksavvy.ssmtp.conf /etc/ssmtp/ssmtp.conf This is after I figured out how to use "metric" in my network config so that ppp0 and eth0 could co-exist side by side. ppp0 can talk to the outside world via the dialup modem, while eth0 *SIMULTANEOUSLY* talks to my other machines on 192.168.123.248/29 (aka 192.168.123.240 netmask 255.255.255.240). Before that, my udialup script had to tear down eth0, and dialdown had to restart it. Here are some of the entries in /etc/sudoers on my machine "i3"... waltdnesi3 = (root) NOPASSWD: /bin/cp -f /etc/ssmtp/295.ssmtp.conf /etc/ssmtp/ssmtp.conf waltdnesi3 = (root) NOPASSWD: /usr/sbin/pon 295.ca waltdnesi3 = (root) NOPASSWD: /usr/sbin/poff waltdnesi3 = (root) NOPASSWD: /bin/cp -f /etc/ssmtp/teksavvy.ssmtp.conf /etc/ssmtp/ssmtp.conf waltdnesi3 = (root) NOPASSWD: /sbin/poweroff waltdnesi3 = (root) NOPASSWD: /usr/bin/rdate time.nrc.ca -s waltdnesi3 = (root) NOPASSWD: /sbin/hwclock --systohc waltdnesi3 = (root) NOPASSWD: /usr/sbin/hibernate This gives me the power to do specific root-level stuff as a regular user, without giving away the keys to the kingdom. Note that none of the entries accepts any parameters, let alone $*. Also. specifying the path prevents running the wrong executable with root-level privileges. -- Walter Dnes
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
Walter Dnes wrote: On Tue, Aug 10, 2010 at 04:14:41AM +0200, Frank Steinmetzger wrote Am Dienstag, 10. August 2010 schrieb Paul Hartman: Typing that long password into sudo every time I ran a command was a hassle I???ve never used sudo, and never really liked the idea of it. In fact I???m always amused and slightly annoyed by the sheer amount of sudo one can find in your typical ubuntu howto. ;-) There are some things that have to be done as root, but are needed by a regular user. E.g. I have a backup dialup account with 295.ca (guess how much they charge per month). When using it, I not only have to run "pon", but I also have to copy over the correct ssmtp.conf settings for my dialup ISP. My ~/bin/udialup (USB dialup) script reads like so... #!/bin/bash /usr/bin/sudo /bin/cp -f /etc/ssmtp/295.ssmtp.conf /etc/ssmtp/ssmtp.conf /usr/bin/sudo /usr/sbin/pon u295.ca When I exit, I have to copy back the ssmtp.conf that points to my broadband ISP's MTU. My ~/bin/dialdown script reads like so... #!/bin/bash /usr/bin/sudo /usr/sbin/poff /usr/bin/sudo /bin/cp -f /etc/ssmtp/teksavvy.ssmtp.conf /etc/ssmtp/ssmtp.conf This is after I figured out how to use "metric" in my network config so that ppp0 and eth0 could co-exist side by side. ppp0 can talk to the outside world via the dialup modem, while eth0 *SIMULTANEOUSLY* talks to my other machines on 192.168.123.248/29 (aka 192.168.123.240 netmask 255.255.255.240). Before that, my udialup script had to tear down eth0, and dialdown had to restart it. Here are some of the entries in /etc/sudoers on my machine "i3"... waltdnesi3 = (root) NOPASSWD: /bin/cp -f /etc/ssmtp/295.ssmtp.conf /etc/ssmtp/ssmtp.conf waltdnesi3 = (root) NOPASSWD: /usr/sbin/pon 295.ca waltdnesi3 = (root) NOPASSWD: /usr/sbin/poff waltdnesi3 = (root) NOPASSWD: /bin/cp -f /etc/ssmtp/teksavvy.ssmtp.conf /etc/ssmtp/ssmtp.conf waltdnesi3 = (root) NOPASSWD: /sbin/poweroff waltdnesi3 = (root) NOPASSWD: /usr/bin/rdate time.nrc.ca -s waltdnesi3 = (root) NOPASSWD: /sbin/hwclock --systohc waltdnesi3 = (root) NOPASSWD: /usr/sbin/hibernate This gives me the power to do specific root-level stuff as a regular user, without giving away the keys to the kingdom. Note that none of the entries accepts any parameters, let alone $*. Also. specifying the path prevents running the wrong executable with root-level privileges. I used to use wvdial as well as pon and I don't recall having to be root. I added myself the dial-up group if I recall correctly. It just worked for me. I also don't use sudo here either. ;-) Dale :-) :-)
[gentoo-user] Re: How can I create "dynamic" link?
On 2010-08-10, Jarry wrote: > I am facing this problem: I have subdirectory, let's say > "/some/dir". I would like to create some kind of "dynamic" > and "preliminary" link, so that any future subdirectories, > created later in /some will in fact be links, pointing to > /some/dir. Short answer: you can't do that. Long answer: tell us what problem you're really facing (for which you think "dynamic link" is a solution), and we'll try to help you solve it. -- Grant
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
On Tue, Aug 10, 2010 at 09:16:20PM -0500, Dale wrote > I used to use wvdial as well as pon and I don't recall having to be > root. I added myself the dial-up group if I recall correctly. It just > worked for me. > > I also don't use sudo here either. ;-) As I mentioned, I also have to copy a new ssmtp.conf. I'm aware of the -C option for ssmtp, but then I'd have to muck around with mutt when switching between ADSL and dialup. This way, mutt doesn't care. It "just works". -- Walter Dnes
Re: [gentoo-user] Icons at startup of a KDE session
Le Tuesday 10 August 2010 22:48:34, Petric Frank a écrit : > Hello, > > On Tuesday, 10. August 2010 20:26:29 Petric Frank wrote: > > i've installed Gentoo and KDE 4.4 on an AMD64 system, configured > > /etc/conf.d/xdm to start kdm as login server. > > To be clear - it is not an 64 Bit OS, it is still x86. > > > After login the KDE4 desktop starts up - a little box with at least 5 or > > 6 icons in it where one after the other icon displays blurred and then > > comes clear (Disk, Tools, World, ...). > > This process stops at the fourth icon (after the world icon) which > > remains blurred. At this stage the PC simply hangs - no ssh, no > > VT-switch, nothing. > > > > So my first question is - what stage the fourth icon stands for. And > > where to look for the issue. > > > > After a reboot to the command line i viewed the logs (/var/log/messages, > > /var/log/Xorg.0.log) but nothing looks suspicious. The last line in > > > > /var/log/messages reads: > > kdm: 0:[]: pam_unix(kde:session): session > > > > opened for ... > > > > The user was newly created using "useradd -m -g ...). There was no .kde4 > > directory in his home directory. > > Usually i add new users also to the plugdev group. As a test i removed the > user from this group i got past the plash screen. Now the normal screen > came up. > > So it seems that the problem has something to do with the plugging system. > > At which places i should throw an eye ? > > regards > Petric first of all, do you have some disk space in your $HOME ? kde won't start until it have some space ... -- Stéphane Guedon page web : http://www.22decembre.eu/ carte de visite : http://www.22decembre.eu/downloads/Stephane-Guedon.vcf clé publique gpg : http://www.22decembre.eu/downloads/Stephane-Guedon.asc signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Rooted/compromised Gentoo, seeking advice
Walter Dnes wrote: On Tue, Aug 10, 2010 at 09:16:20PM -0500, Dale wrote I used to use wvdial as well as pon and I don't recall having to be root. I added myself the dial-up group if I recall correctly. It just worked for me. I also don't use sudo here either. ;-) As I mentioned, I also have to copy a new ssmtp.conf. I'm aware of the -C option for ssmtp, but then I'd have to muck around with mutt when switching between ADSL and dialup. This way, mutt doesn't care. It "just works". A, so it's not pon that needs the permissions but another program. That makes sense. Sort of had me confused for a minute. Don't worry, I have those minutes a lot. lol They sometimes pass pretty quick but some take a bit longer. Dale :-) :-)
