Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 01:35:54 -0600, Dale wrote:

> I use Lastpass which does about the same as other password managers.

Doesn't LastPass store your passwords on their servers, and weren't they
compromised last year? I'll stick with KeePassX, the password database is
stored and encrypted locally. Even if I put it on DropBox, hacking that
will only give the encrypted database.


-- 
Neil Bothwick

You do not need a parachute to skydive. You only need a parachute to
skydive twice.


signature.asc
Description: PGP signature

Re: [gentoo-user] Questions about hacked sites and passwords

[Dale]

Neil Bothwick wrote:

On Tue, 17 Jan 2012 01:35:54 -0600, Dale wrote:


I use Lastpass which does about the same as other password managers.

Doesn't LastPass store your passwords on their servers, and weren't they
compromised last year? I'll stick with KeePassX, the password database is
stored and encrypted locally. Even if I put it on DropBox, hacking that
will only give the encrypted database.




None of the passwords were lost tho.  They got everyone to change them 
just in case but according to what I read, the hackers didn't get 
anything.  Keep in mind, they are encrypted locally, then sent to them.  
They can't see the passwords either.


So, Lastpass is basically the same thing you use.  It just has a 
different name.  lol


Dale

:-)  :-)

--
I am only responsible for what I said ... Not for what you understood or how 
you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] GLSA «201110-01 / openssl» and acroread-9.4.2

[Alan McKinnon]

On Mon, 16 Jan 2012 20:29:28 -0200
Urs Schutz  wrote:

> As far as I know acroread is not unmasked in this
> installation, nor is openssl 
> > # grep -i acro /etc/portage/*
> > # grep -i ssl /etc/portage/*  
> shows nothing, so acroread and ssl is «stable».
> 
> For now I just uninstalled acroread to prevent the
> installation of a buggy openssl version, but this seems
> wrong for a mostly stable installation...
> 
> Any hints how to proceed? Is there any danger to have an
> old (and apparently buggy) openssl lib installed in parallel
> with the recent one? 

That's always a tricky one. 

Users want Adobe's shiny stuff and Adobe is notorious for releasing
crap software. For whatever reason, acroread on x86 profile requires
openssl in the 0.9.8 series and that can't be worked around.

The answer to your question is "are you prepared to live with it?"

The GLSA indicates that this is quite a severe issue so maybe it should
be hard masked. However, that will break acroread and there's only one
version in the tree. Hardmask openssl:0.9.8 means hardmask acroread and
that means thousands of whinging users.

So the devs are between a rock and a hard place where all the issues
are out of their control. The only middle path left is to inform all
the users as much as possible and let them decide for themselves.

Personally, I would deep-six acroread and use any one of the many PDF
readers out there. 

The tax authority in my country uses new funky PDF features in Reader
for on-line tax returns so I need access to Reader once a year. For
that, there's wine, Windows in VirtualBox or the wife's computer.


-- 
Alan McKinnnon
alan.mckin...@gmail.com

Re: [gentoo-user] Questions about hacked sites and passwords

[Willie WY Wong]

On Tue, Jan 17, 2012 at 08:41:53AM +, Penguin Lover Neil Bothwick squawked:
> On Tue, 17 Jan 2012 01:35:54 -0600, Dale wrote:
> 
> > I use Lastpass which does about the same as other password managers.
> 
> Doesn't LastPass store your passwords on their servers, and weren't they
> compromised last year? I'll stick with KeePassX, the password database is
> stored and encrypted locally. Even if I put it on DropBox, hacking that
> will only give the encrypted database.
> 

For users of KeePassX, what are its main benefits? Best I can tell it
offers a searchable GUI (is it accesible on the command line?), and
AES or Twofish encryption of a database. Is there anything else
special, that sets it apart from, say, the built-in encryption
capabilities of vim (using blowfish)?

W

-- 
Data aequatione quotcunque fluentes quantitae involvente fluxiones invenire 
 et vice versa   ~~~  I. Newton

Re: [gentoo-user] want sound (alsa) muted on boot

[Willie WY Wong]

On Mon, Jan 16, 2012 at 10:14:28PM -0600, Penguin Lover »Q« squawked:
> I want sound muted on boot, but it always starts unmuted.  I don't know
> when this problem started; I only noticed it because I recently went
> through a stretch of being unable to hibernate, so I booted a lot.
> 
> grep -i =\" /etc/conf.d/alsasound 
> ENABLE_OSS_EMUL="yes"
> RESTORE_ON_START="no"
> SAVE_ON_STOP="no"
> LOAD_ON_START="no"
> 
> I thought the RESTORE_ON_START="no" should do what I want, but no such
> luck.  I tried the old `# alsactl store` after using alsamixer to mute
> sound, which also didn't help.

I think you may want RESTORE_ON_START="yes" but SAVE_ON_STOP="no" and
store a state which is muted? 

W

-- 
Data aequatione quotcunque fluentes quantitae involvente fluxiones invenire 
 et vice versa   ~~~  I. Newton

Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 04:27:09 -0600, Dale wrote:

> >> I use Lastpass which does about the same as other password
> >> managers.  
> > Doesn't LastPass store your passwords on their servers, and weren't
> > they compromised last year? I'll stick with KeePassX, the password
> > database is stored and encrypted locally. Even if I put it on
> > DropBox, hacking that will only give the encrypted database.
> >
> >  
> 
> None of the passwords were lost tho.

This time.

> They got everyone to change them 
> just in case but according to what I read, the hackers didn't get 
> anything.

This time.

> Keep in mind, they are encrypted locally, then sent to
> them. They can't see the passwords either.

How is it encrypted? If the encryption system is not open source, it is
not trustworthy.

> So, Lastpass is basically the same thing you use.  It just has a 
> different name.  lol

Not really.

I wouldn't store my banking passwords anywhere online, in fact I cannot
access my bank account with password alone. I also need my debit card,
PIN and the card reader they supply. This generates one-time password
using my card's details and no online component. I realise that card
security is not the greatest, but if they've got my card and PIN, I'm
screwed anyway.


-- 
Neil Bothwick

This man is depriving a village somewhere of an idiot


signature.asc
Description: PGP signature

Re: [gentoo-user] Re: using unstable gentoo-sources

[Neil Bothwick]

On Mon, 16 Jan 2012 22:05:03 -0600, Dale wrote:

> I need a rabbits foot.

Not as much as the rabbit needs it!


-- 
Neil Bothwick

Change is inevitable. Except from a vending machine.


signature.asc
Description: PGP signature

Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 12:06:40 +0100, Willie WY Wong wrote:

> For users of KeePassX, what are its main benefits? Best I can tell it
> offers a searchable GUI (is it accesible on the command line?), and

There's a command line interface out there, google for kpcli.

> AES or Twofish encryption of a database. Is there anything else
> special, that sets it apart from, say, the built-in encryption
> capabilities of vim (using blowfish)?

It's a lot more convenient than a plain text file, but at the end of the
day, both are encrypted databases. Being able to open a browser from
the GUI and copying the username/password to the clipboard are handy, as
is the ability to separate the entries into categories, but it's all
convenience. You can do most of this with an encrypted text file and
grep, although not so easily on an Android phone.


-- 
Neil Bothwick

Philosophical error: Demonstrate the existence of a key to continue


signature.asc
Description: PGP signature

Re: [gentoo-user] Questions about hacked sites and passwords

[Dale]

Neil Bothwick wrote:

On Tue, 17 Jan 2012 04:27:09 -0600, Dale wrote:


I use Lastpass which does about the same as other password
managers.

Doesn't LastPass store your passwords on their servers, and weren't
they compromised last year? I'll stick with KeePassX, the password
database is stored and encrypted locally. Even if I put it on
DropBox, hacking that will only give the encrypted database.



None of the passwords were lost tho.

This time.


And maybe not the next time either, or the next time, or the next time.  
Point is, can you state for a fact that no site will ever be broke into, 
ever?





They got everyone to change them
just in case but according to what I read, the hackers didn't get
anything.

This time.


See above.




Keep in mind, they are encrypted locally, then sent to
them. They can't see the passwords either.

How is it encrypted? If the encryption system is not open source, it is
not trustworthy.


The guy that owns it posted on this list a good while back.  This was 
before the hack job.  According to the things I have read, it has been 
improved even more than it was.  I agree open source can be good but 
that doesn't mean closed can't be since we don't know what it does.  If 
we don't know, neither does the hackers.





So, Lastpass is basically the same thing you use.  It just has a
different name.  lol

Not really.

I wouldn't store my banking passwords anywhere online, in fact I cannot
access my bank account with password alone. I also need my debit card,
PIN and the card reader they supply. This generates one-time password
using my card's details and no online component. I realise that card
security is not the greatest, but if they've got my card and PIN, I'm
screwed anyway.





Well, if I understand what you call a dropbox, that is online.  I have 
never used it so I have no idea.


My bank doesn't have all that.  Honestly, until it is absolutely needed, 
I wouldn't want to go through all that just to see if I have enough 
money to buy milk.  :/


Dale

:-)  :-)

--
I am only responsible for what I said ... Not for what you understood or how 
you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] Questions about hacked sites and passwords

[Florian Philipp]

Am 17.01.2012 12:14, schrieb Neil Bothwick:
> On Tue, 17 Jan 2012 12:06:40 +0100, Willie WY Wong wrote:
> 
>> For users of KeePassX, what are its main benefits? Best I can tell it
>> offers a searchable GUI (is it accesible on the command line?), and
> 
> There's a command line interface out there, google for kpcli.
> 
>> AES or Twofish encryption of a database. Is there anything else
>> special, that sets it apart from, say, the built-in encryption
>> capabilities of vim (using blowfish)?
> 
> It's a lot more convenient than a plain text file, but at the end of the
> day, both are encrypted databases. Being able to open a browser from
> the GUI and copying the username/password to the clipboard are handy, as
> is the ability to separate the entries into categories, but it's all
> convenience. You can do most of this with an encrypted text file and
> grep, although not so easily on an Android phone.
> 
> 

Other features:
- there is an android app (read-only access for now)
- there is a Windows version (including portable version for memory sticks)
- it has an integrated password generator with some nice options
- it allows 2-factor authentication (password + key file) for its files
- it clears your clipboard after a timeout or when it is closed so that
no passwords can be retrieved from it

Regards,
Florian Philipp



signature.asc
Description: OpenPGP digital signature

Re: [gentoo-user] Re: using unstable gentoo-sources

[Dale]

Neil Bothwick wrote:

On Mon, 16 Jan 2012 22:05:03 -0600, Dale wrote:


I need a rabbits foot.

Not as much as the rabbit needs it!





He needs four.  I only need one.  lol   I have seen plenty of three 
legged dogs that do fine.  Heck, I even saw one on youtube that had only 
one leg.  That crazy thing got around good.  Looked like a pogo stick.  
O_O  ROFL


Dale

:-)  :-)

--
I am only responsible for what I said ... Not for what you understood or how 
you interpreted my words!

Miss the compile output?  Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"

Re: [gentoo-user] Cross Compiling in Gentoo

[Joerg Schilling]

Chris Walters  wrote:

> I have a question about cross compiling in Gentoo - specifically cross
> compiling for W32/W64.  I tried their preferred method and didn't like it, so 
> I
> downloaded the appropriate Mingw64 build files, set up a cross compile 
> account,
> with the appropriate paths, variables, etc.  Most packages compile correctly
> (though it sometimes takes some code hacking - and yes they do run in Win 7),
> but there are some I can't seem to get to build properly - usually the ones
> that have make files for MS Visual Studio.  I have no interest in purchasing
> Visual Studio.
>
> My question is, does anyone know of any good resources (mailing lists, sites,
> etc.) on cross compiling on a GNU/Linux platform for a W32/W64 platform?  The
> searches I've run have directed me to sites that talk about using MSYS and
> Mingw on a W32 platform (I don't have all year to build a single package).  I
> am looking to build GraphicsMagick, and some helpful tools for W64 (though I'd
> accept W32, if that's the only way).

I am not sure what you really like. Cross compiling is a general "problem" and 
not related to a specific distro.

For your specific problem: it is most unlikely that you will get a MS cross 
compiler that runs on other platforms than WIN-DOS.

In general: The most annoying problem with cross compiling is that GNU autoconf 
does not support cross compiling and as a result, you need to manually create 
results if you like to cross compile. The reason for this problem is that many 
autoconf tests need to be run on the target platform in order to create useful 
results.

Since July 2011, the Schily autoconf system (available e.g. via: 
ftp://ftp.berlios.de/pub/schily) includes support for cross compiling by 
detecting cross compilation and by running those tests that need the target 
system either on a related target system or on an emulator. Note that the 
autoconf configuration in ftp://ftp.berlios.de/pub/schily includes aprox. 700
autoconf tests - 70 of these tests need to be run on the target, this can be 
seen as a hint that aprox. 10% of the tests need to be run on the target.

As you see, your question cannot be easily answered.

Jörg

-- 
 EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
   j...@cs.tu-berlin.de(uni)  
   joerg.schill...@fokus.fraunhofer.de (work) Blog: 
http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily

Re: [gentoo-user] ZIC, aka setting the time zone.

[Alan Mackenzie]

On Tue, Jan 17, 2012 at 08:13:53AM +0100, Hinnerk van Bruinehsen wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1

> On 17.01.2012 03:56, Alan Mackenzie wrote:
> > Hi, everybody.

> > I've finally become zic and tired of messages like

> > Tue Jan 17 02:48:28 Local time zone must be set--see zic manual
> > page 2012 on tty14

> > .  Trying to read man zic, my eyes just glaze over.  I "just" want
> > my time to be GMT (or UTC or UCT, or whatever it's called these
> > days). Surely I don't have to go through the palaver described in
> > the zic manual page.

> > Help, please!


> Should be done with:

> ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime

Thanks, that did it.

> (Berlin is my guess since you hail from Nuremberg, otherwise look in
> /usr/share/zoneinfo if something fits better)

Actually I set it to UTC.  Even though I live in De, I leave my watch set
to UTC and make the required conversion every time I look at it.  It's
not hard, begin only one or two hours different, depending on the season.

> Kind regards,

> Hinnerk

-- 
Alan Mackenzie (Nuremberg, Germany).

Re: [gentoo-user] Questions about hacked sites and passwords

[Florian Philipp]

Am 17.01.2012 12:29, schrieb Dale:
> Neil Bothwick wrote:
>> On Tue, 17 Jan 2012 04:27:09 -0600, Dale wrote:
>>
> I use Lastpass which does about the same as other password
> managers.
 Doesn't LastPass store your passwords on their servers, and weren't
 they compromised last year? I'll stick with KeePassX, the password
 database is stored and encrypted locally. Even if I put it on
 DropBox, hacking that will only give the encrypted database.


>>> None of the passwords were lost tho.
>> This time.
> 
> And maybe not the next time either, or the next time, or the next time. 
> Point is, can you state for a fact that no site will ever be broke into,
> ever?
> 
>>
>>> They got everyone to change them
>>> just in case but according to what I read, the hackers didn't get
>>> anything.
>> This time.
> 
> See above.
> 
>>
>>> Keep in mind, they are encrypted locally, then sent to
>>> them. They can't see the passwords either.
>> How is it encrypted? If the encryption system is not open source, it is
>> not trustworthy.
> 
> The guy that owns it posted on this list a good while back.  This was
> before the hack job.  According to the things I have read, it has been
> improved even more than it was.  I agree open source can be good but
> that doesn't mean closed can't be since we don't know what it does.  If
> we don't know, neither does the hackers.
> 

That last argument is flawed. What you describe is called security
through obscurity. That violates Kerckhoffs's principle, one of the
foundations of cryptography.

I agree that the crypto system doesn't necessarily need to be
open-source, depending on how much you trust the vendor. However, a good
percentage of all security breaks are inside-jobs. This is far harder to
pull off when the publish the source code or have some kind of
certification process.

Heck, even that might not protect you. See for example this thing:
http://arstechnica.com/business/news/2012/01/device-turns-any-laptop-storage-into-a-self-encrypted-drive.ars

It is NIST FIPS 140-2 level 1 certified. However, it used AES-ECB,
something that is known to be far too weak for full disk encryption. It
still got certified since it "works as expected."

In conclusion: There are lots of pitfalls and using "secret" crypto
systems makes it impossible to check for them, even if you know your stuff.

Regards,
Florian Philipp



signature.asc
Description: OpenPGP digital signature

Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 05:29:23 -0600, Dale wrote:

> >> None of the passwords were lost tho.
> > This time.
> 
> And maybe not the next time either, or the next time, or the next
> time. Point is, can you state for a fact that no site will ever be
> broke into, ever?

No, which is why I prefer not to entrust them with sensitive data.

> >> Keep in mind, they are encrypted locally, then sent to
> >> them. They can't see the passwords either.
> > How is it encrypted? If the encryption system is not open source, it
> > is not trustworthy.
> 
> The guy that owns it posted on this list a good while back.  This was 
> before the hack job.  According to the things I have read, it has been 
> improved even more than it was.  I agree open source can be good but 
> that doesn't mean closed can't be since we don't know what it does.  If 
> we don't know, neither does the hackers.

See Florian's answer. Open sourcing the encryption method means that
there can be no back doors and the many eyeballs principle applies to
inadvertent security holes. Closed source means you have to have complete
trust, blind faith even, in the developers to be 100% honest and 100%
fault free.

A friend of mine who codes for financial institutions and is an
encryption uber-geek once told me the principal they use is "keep the
algorithm open and the keys secret".

> > I wouldn't store my banking passwords anywhere online, in fact I
> > cannot access my bank account with password alone. I also need my
> > debit card, PIN and the card reader they supply. This generates
> > one-time password using my card's details and no online component. I
> > realise that card security is not the greatest, but if they've got my
> > card and PIN, I'm screwed anyway.

> Well, if I understand what you call a dropbox, that is online.  I have 
> never used it so I have no idea.

I don't store my bank details on Dropbox.

> My bank doesn't have all that.  Honestly, until it is absolutely
> needed, I wouldn't want to go through all that just to see if I have
> enough money to buy milk.  :/

I was sceptical when it first arrived, but it's really easy to use and
no password needed since the card reader generates it for you. It looks
like a small calculator with a card slot, so easy enough to carry around
for remote access.


-- 
Neil Bothwick

Don't forget that MS-Windows is just a temporary workaround until you can
switch to a GNU system.


signature.asc
Description: PGP signature

Re: [gentoo-user] GLSA «201110-01 / openssl» and acroread-9.4.2

[Urs Schutz]

On Tue, 17 Jan 2012 12:35:50 +0200
Alan McKinnon  wrote:

> On Mon, 16 Jan 2012 20:29:28 -0200
> Urs Schutz  wrote:
> 
> > As far as I know acroread is not unmasked in this
> > installation, nor is openssl 
> > > # grep -i acro /etc/portage/*
> > > # grep -i ssl /etc/portage/*  
> > shows nothing, so acroread and ssl is «stable».
> > 
> > For now I just uninstalled acroread to prevent the
> > installation of a buggy openssl version, but this seems
> > wrong for a mostly stable installation...
> > 
> > Any hints how to proceed? Is there any danger to have an
> > old (and apparently buggy) openssl lib installed in
> > parallel with the recent one? 
> 
> That's always a tricky one. 
> 
> Users want Adobe's shiny stuff and Adobe is notorious for
> releasing crap software. For whatever reason, acroread on
> x86 profile requires openssl in the 0.9.8 series and that
> can't be worked around.
> 
> The answer to your question is "are you prepared to live
> with it?"
> 
> The GLSA indicates that this is quite a severe issue so
> maybe it should be hard masked. However, that will break
> acroread and there's only one version in the tree.
> Hardmask openssl:0.9.8 means hardmask acroread and that
> means thousands of whinging users.
> 
> So the devs are between a rock and a hard place where all
> the issues are out of their control. The only middle path
> left is to inform all the users as much as possible and
> let them decide for themselves.
> 
> Personally, I would deep-six acroread and use any one of
> the many PDF readers out there. 
> 
> The tax authority in my country uses new funky PDF
> features in Reader for on-line tax returns so I need
> access to Reader once a year. For that, there's wine,
> Windows in VirtualBox or the wife's computer.
> 
> 

Thanks for the reply. I switched to app-text/evince , this
seems fine for just reading pdf.

Urs

Re: [gentoo-user] ZIC, aka setting the time zone.

[Neil Bothwick]

On Tue, 17 Jan 2012 08:13:53 +0100, Hinnerk van Bruinehsen wrote:

> Should be done with:
> 
> ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime

Symlinking is not recommended as it breaks when /usr is on a separate
filesystem. The file should be copied instead.

The correct Gentoo/OpenRC way to do this is 

echo Europe/Berlin >|/etc/timezone

That will copy the correct file to /etc each time you update the
timezone-data package.


-- 
Neil Bothwick

When the going gets tough, upgrade.


signature.asc
Description: PGP signature

Re: [gentoo-user] Updating mysql-init-scripts to 2.0_pre1-r2 now Mysql restart fails!?

[Tanstaafl]

On 2012-01-15 2:11 PM, Mick  wrote:

On Sunday 15 Jan 2012 18:35:01 Stéphane Guedon wrote:

On Sunday 15 January 2012 18:26:09 Tanstaafl wrote:

After the update, I attempted to restart mysql but got:

myhost : Sun Jan 15, 12:23:47 : ~

   # /etc/init.d/mysql restart
   * Starting mysql ...
   * start-stop-daemon: /usr/sbin/mysqld is already running [ !! ]
   * ERROR: mysql failed to start

myhost : Sun Jan 15, 12:23:55 : ~

and in the log:

Jan 15 12:23:55 myhost /etc/init.d/mysql[16429]: start-stop-daemon:
/usr/sbin/mysqld is already running
Jan 15 12:23:55 myhost /etc/init.d/mysql[16396]: ERROR: mysql failed to
start



I have this since years !
Can't manage to get this error out !
I will look at the tread carefully !



You could try:

ps axf | grep mysql

and then kill  of mysql before you try to restart it.


I can try that this weekend (this is a production server), but that 
would not be a *fix*, only an ugly workaround.


No one else is having this problem or has an idea of how to fix it properly?

Re: [gentoo-user] ZIC, aka setting the time zone.

[Pandu Poluan]

On Jan 17, 2012 7:20 PM, "Neil Bothwick"  wrote:
>
> On Tue, 17 Jan 2012 08:13:53 +0100, Hinnerk van Bruinehsen wrote:
>
> > Should be done with:
> >
> > ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
>
> Symlinking is not recommended as it breaks when /usr is on a separate
> filesystem. The file should be copied instead.
>

Are you sure you're not confusing that with hardlinking?

Because AFAIK symlinking is the only linking that can cross filesystem
borders.

CMIIW

Rgds,

Re: [gentoo-user] Questions about hacked sites and passwords

[Tanstaafl]

On 2012-01-16 9:22 PM, Dale  wrote:

One reason I ask this.  I remember my passwords well.  If I go to
changing them every time someone gets hacked, I'll never be able to keep
up with them again.  I use Lastpass to remember them but it could stop
working because of a upgrade or something.  Then again, I could use its
autogenerate thing and just HOPE for the best on upgrades.

Thoughts?  What do you guys, and our gal, do in situations like this?


Again... passwordmaker.org (the site menu is now fixed)...

It cannot 'stop working' (if a Firefox update broke it completely, you 
could always install an older version to use just for your passwords 
until it was fixed)...


Also - 10 characters is *not* a very strong password these days... I use 
a minimum of 15, and for critical sites (banks etc), 25 characters 
(unless they have a max length, then I use the max)...

Re: [gentoo-user] Questions about hacked sites and passwords

[Tanstaafl]

On 2012-01-17 3:41 AM, Neil Bothwick  wrote:

I'll stick with KeePassX, the password database is
stored and encrypted locally. Even if I put it on DropBox, hacking that
will only give the encrypted database.


And I'll stick with passwordmaker, which doesn't store the passwords at 
all, anywhere...only the account settings used to generate them, which 
are useless without the Master Password...

Re: [gentoo-user] ZIC, aka setting the time zone.

[Hinnerk van Bruinehsen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 17.01.2012 13:29, Pandu Poluan wrote:
> On Jan 17, 2012 7:20 PM, "Neil Bothwick" 
> wrote:
>> 
>> On Tue, 17 Jan 2012 08:13:53 +0100, Hinnerk van Bruinehsen
>> wrote:
>> 
>>> Should be done with:
>>> 
>>> ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
>> 
>> Symlinking is not recommended as it breaks when /usr is on a
>> separate filesystem. The file should be copied instead.
>> 
> 
> Are you sure you're not confusing that with hardlinking?
> 
> Because AFAIK symlinking is the only linking that can cross
> filesystem borders.
> 
> CMIIW
> 
> Rgds,
> 
 Symlinking works (over filesystem borders, too, Pandu is right) and
it even "autoupdates" localtime when (why ever) something in zoneinfo
changes...
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPFWyMAAoJEJwwOFaNFkYcVxEH/jErMjFwb3mRBUvcty0WvOxH
GQXXeTKC03WV4UdGTvNIjWO7Ssp45WQQU1TTvnTPMxn93eEwV/m2Dzvnl9+DhHTv
96eylcxKA5QNO5Sn0Ol6p0NJcG62nGbzJ/5MQzNrhBTvZcu2jJ9g77Jpyzgr0hhx
nb/cEI0qwe+iyoxd0Aa34MAjJNjG7rUnFb9zw+8iFol4nt/1NT8ldQtYKZkaHlfZ
zHfSkSWDx9SCDqwVrcaxMGjZVK0Lb91cfPp1HvJ350L4gyCffskYE/gtKh3m0IXV
DS4JK2kVp7fDJjeWfBiVWUpDuNAs7zYiI0rTs6z6tvYyxrufUmtWux1xI2WOcGg=
=HBnE
-END PGP SIGNATURE-

Re: [gentoo-user] Questions about hacked sites and passwords

[Tanstaafl]

On 2012-01-17 6:29 AM, Florian Philipp  wrote:

Other features:
- there is an android app (read-only access for now)


As does passwordmaker (pwm) - and an iphone app too...


- there is a Windows version (including portable version for memory sticks)


Since it is a firefox plugin, it is supported on all platforms supported 
by Firefox - and I think it even works on Firefox mobile (but haven't 
tried it yet)...


There is also a Desktop Version and an online version, and many many others:

http://passwordmaker.org (look at the 'Editions')...


- it has an integrated password generator with some nice options


As does pwm...


- it allows 2-factor authentication (password + key file) for its files


That would be nice for generating passwords, but since pwm doesn't store 
anything (unless you tell it to - it does have the ability to store 
them), this isn't necessary...



- it clears your clipboard after a timeout or when it is closed so that
no passwords can be retrieved from it


As does pwm...

Pwm also will auto-populate your username/password on web forms for you.

Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 07:37:38 -0500, Tanstaafl wrote:

> > I'll stick with KeePassX, the password database is
> > stored and encrypted locally. Even if I put it on DropBox, hacking
> > that will only give the encrypted database.  
> 
> And I'll stick with passwordmaker, which doesn't store the passwords at 
> all, anywhere...only the account settings used to generate them, which 
> are useless without the Master Password...

It comes to the same thing really. whether you store the passwords
themselves or the methods and data used to generate them, both systems
are as strong as the master password and useless if that is compromised.
So stick with whatever suits your way of working. Choice is good :)


-- 
Neil Bothwick

WinErr 01A: Operating system overwritten - Please reinstall all your
software. We are terribly sorry.


signature.asc
Description: PGP signature

Re: [gentoo-user] Questions about hacked sites and passwords

[Tanstaafl]

On 2012-01-17 2:02 AM, Florian Philipp  wrote:

Concerning how I'd handle it: I use app-admin/keepassx with a master
password. I'd just change the random amazon password as I've not
memorized it.


KeePassX looks interesting, and although I dearly love pwm, there are 
some irritating things about it (cannot sort or easily reorder accounts 
for example)... but, the deal breaker for me is it apparently doesn't 
have the option to *not* store the passwords locally, and simply 
regenerate them on the fly each time...


Maybe one day when I'm rich I'll commission a rewrite of PWM to fix all 
the niggling things about it and make it even better...

Re: [gentoo-user] Questions about hacked sites and passwords

[Tanstaafl]

On 2012-01-17 7:50 AM, Neil Bothwick  wrote:

On Tue, 17 Jan 2012 07:37:38 -0500, Tanstaafl wrote:


I'll stick with KeePassX, the password database is
stored and encrypted locally. Even if I put it on DropBox, hacking
that will only give the encrypted database.



And I'll stick with passwordmaker, which doesn't store the passwords at
all, anywhere...only the account settings used to generate them, which
are useless without the Master Password...



It comes to the same thing really. whether you store the passwords
themselves or the methods and data used to generate them, both systems
are as strong as the master password and useless if that is compromised.
So stick with whatever suits your way of working. Choice is good :)


This is actually not correct...

Since PWM doesn't store the passwords, there is nothing to 'crack'... 
there would never be any way for an attacker who got ahold of your RDF 
file to run an attack program against it - how would the attack program 
ever be able to determine 'success'?

Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 07:52:56 -0500, Tanstaafl wrote:

> KeePassX looks interesting, and although I dearly love pwm, there are 
> some irritating things about it (cannot sort or easily reorder accounts 
> for example)... but, the deal breaker for me is it apparently doesn't 
> have the option to *not* store the passwords locally, and simply 
> regenerate them on the fly each time...

PWM looks interesting too, especially the auto-completion, however
there's no ebuild for the desktop client :(


-- 
Neil Bothwick

One-seventh of your life is spent on Monday.


signature.asc
Description: PGP signature

Re: [gentoo-user] ZIC, aka setting the time zone.

[Pandu Poluan]

On Tue, Jan 17, 2012 at 19:41, Hinnerk van Bruinehsen
 wrote:
>
> On 17.01.2012 13:29, Pandu Poluan wrote:
>> On Jan 17, 2012 7:20 PM, "Neil Bothwick" 
>> wrote:
>>>
>>> On Tue, 17 Jan 2012 08:13:53 +0100, Hinnerk van Bruinehsen
>>> wrote:
>>>
 Should be done with:

 ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
>>>
>>> Symlinking is not recommended as it breaks when /usr is on a
>>> separate filesystem. The file should be copied instead.
>>>
>>
>> Are you sure you're not confusing that with hardlinking?
>>
>> Because AFAIK symlinking is the only linking that can cross
>> filesystem borders.
>>
>  Symlinking works (over filesystem borders, too, Pandu is right) and
> it even "autoupdates" localtime when (why ever) something in zoneinfo
> changes...

As to the "why" ...

Just two sample cases: In 2010 (or 2009, I forgot) the USA Federal
Govt "redefines" the changeover dates for DST. Also, at the very end
of 2011, Samoa changed their timezone from UTC-11 to UTC+13 (+14 in
summer) [1][2]

[1] 
http://en.wikipedia.org/wiki/International_Date_Line#Samoan_Islands_and_Tokelau
[2] http://www.webcitation.org/64jx2ob6X

Rgds,
-- 
FdS Pandu E Poluan
~ IT Optimizer ~

 • LOPSA Member #15248
 • Blog : http://pepoluan.tumblr.com
 • Linked-In : http://id.linkedin.com/in/pepoluan

Re: [gentoo-user] ZIC, aka setting the time zone.

[Neil Bothwick]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, 17 Jan 2012 13:41:48 +0100, Hinnerk van Bruinehsen wrote:

> >> Symlinking is not recommended as it breaks when /usr is on a
> >> separate filesystem. The file should be copied instead.
> >>   
> > 
> > Are you sure you're not confusing that with hardlinking?
> > 
> > Because AFAIK symlinking is the only linking that can cross
> > filesystem borders.

It can... if the filesystem is mounted at the time. AFAIR this causes
problem setting the timezone at boot time.

>  Symlinking works (over filesystem borders, too, Pandu is right) and
> it even "autoupdates" localtime when (why ever) something in zoneinfo
> changes...

The localtime files change all the time, look at how often timezone-data
is updated. Everyone some bright spark comes up with another clever way
of squeezing 25 hours into a day, his country's DST rules change. That's
why openrc has a setting to manage this automatically for you.


- -- 
Neil Bothwick

Make like a tree and leave.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.18 (GNU/Linux)

iEYEARECAAYFAk8VcnMACgkQum4al0N1GQPbRQCfSP/xhZyb5pvn9RY4B/OfcsHT
B5UAn1QvHsp22qTsEaOGZ43HMQDvWhsm
=p+9j
-END PGP SIGNATURE-

Re: [gentoo-user] Questions about hacked sites and passwords

[Érico Porto]

is there a gal here?

Érico V. Porto


On Tue, Jan 17, 2012 at 11:00 AM, Tanstaafl wrote:

> On 2012-01-17 7:50 AM, Neil Bothwick  wrote:
>
>> On Tue, 17 Jan 2012 07:37:38 -0500, Tanstaafl wrote:
>>
>>  I'll stick with KeePassX, the password database is
 stored and encrypted locally. Even if I put it on DropBox, hacking
 that will only give the encrypted database.

>>>
>  And I'll stick with passwordmaker, which doesn't store the passwords at
>>> all, anywhere...only the account settings used to generate them, which
>>> are useless without the Master Password...
>>>
>>
>  It comes to the same thing really. whether you store the passwords
>> themselves or the methods and data used to generate them, both systems
>> are as strong as the master password and useless if that is compromised.
>> So stick with whatever suits your way of working. Choice is good :)
>>
>
> This is actually not correct...
>
> Since PWM doesn't store the passwords, there is nothing to 'crack'...
> there would never be any way for an attacker who got ahold of your RDF file
> to run an attack program against it - how would the attack program ever be
> able to determine 'success'?
>
>

Re: [gentoo-user] ZIC, aka setting the time zone.

[Hinnerk van Bruinehsen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 17.01.2012 14:06, Neil Bothwick wrote:
> On Tue, 17 Jan 2012 13:41:48 +0100, Hinnerk van Bruinehsen wrote:
> 
 Symlinking is not recommended as it breaks when /usr is on a 
 separate filesystem. The file should be copied instead.
 
>>> 
>>> Are you sure you're not confusing that with hardlinking?
>>> 
>>> Because AFAIK symlinking is the only linking that can cross 
>>> filesystem borders.
> 
> It can... if the filesystem is mounted at the time. AFAIR this
> causes problem setting the timezone at boot time.
> 
>> Symlinking works (over filesystem borders, too, Pandu is right)
>> and it even "autoupdates" localtime when (why ever) something in
>> zoneinfo changes...
> 
> The localtime files change all the time, look at how often
> timezone-data is updated. Everyone some bright spark comes up with
> another clever way of squeezing 25 hours into a day, his country's
> DST rules change. That's why openrc has a setting to manage this
> automatically for you.
> 
> 
 I know that it happens, I just fail to understand why... ;)
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPFXP6AAoJEJwwOFaNFkYc3XQIAMnFUGScoaV9hg5mCcMwthmj
i2k3iWxPaYNCwfoC64TlW6vijf/SpRwdLZULRq0N1Yc6t8sAs8cTY8u0CzZjVMPG
WL9mK2lYOyzhE41kjBjxvjfV3Tee6mgeBHXfeFqIglR9/jfEBFp3ZFF1kX++R2K3
fXFuOffEGczcXHyv6TCNYYcLU0VYqRYvrJ0NGFQHRjpXcLJffFO9FTpdeg0VJHar
8eSpFMKjy0505iggFVvdB2DMx/SdrLJ4UWlBI/O/Lxztk8VUHnZYzPhMn1W8lz9p
fyGf8BTGJieQvijN4njORZ4GGEEHOX3myFPbS1nNoRWXbqzjk44Mog3GDGu9WR4=
=V+Pc
-END PGP SIGNATURE-

Re: [gentoo-user] Questions about hacked sites and passwords

[Tanstaafl]

On 2012-01-17 8:03 AM, Neil Bothwick  wrote:

PWM looks interesting too, especially the auto-completion, however
there's no ebuild for the desktop client:(


Yeah, but you could always just us the Firefox extension to test it 
our/play with it. I don't use the Desktop Edition...

Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 08:00:07 -0500, Tanstaafl wrote:

> > It comes to the same thing really. whether you store the passwords
> > themselves or the methods and data used to generate them, both systems
> > are as strong as the master password and useless if that is
> > compromised. So stick with whatever suits your way of working. Choice
> > is good :)  
> 
> This is actually not correct...
> 
> Since PWM doesn't store the passwords, there is nothing to 'crack'... 
> there would never be any way for an attacker who got ahold of your RDF 
> file to run an attack program against it - how would the attack program 
> ever be able to determine 'success'?

I'm guessing to an extent here as I haven't yet tried PWM (no ebuild and
I'd want a desktop client) but if the file can be read, you have the
correct password, same as with KeePassX. It doesn't matter whether the
file contains "4" or "2 2 +", once you can load it into PWM you can
regenerate the passwords (the program would be somewhat useless
otherwise).


-- 
Neil Bothwick

WinErr 008: Broken window - Watch out for glass fragments


signature.asc
Description: PGP signature

Re: [gentoo-user] ZIC, aka setting the time zone.

[Neil Bothwick]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, 17 Jan 2012 14:13:30 +0100, Hinnerk van Bruinehsen wrote:

> > The localtime files change all the time, look at how often
> > timezone-data is updated. Everyone some bright spark comes up with
> > another clever way of squeezing 25 hours into a day, his country's
> > DST rules change. That's why openrc has a setting to manage this
> > automatically for you.

>  I know that it happens, I just fail to understand why... ;)

It's a government/civil service thing, you're not supposed to understand.
Just be a good boy and vote for them next time :-/


- -- 
Neil Bothwick

Windows - software package to turn a 486 into an Etch-A-Sketch!
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.18 (GNU/Linux)

iEYEARECAAYFAk8Veq4ACgkQum4al0N1GQMi0wCfRdHSd3KKTfmbzYHEtq4icEVg
4HgAn0rIa2VpAvt829RiBdtIO/jib7BN
=cloF
-END PGP SIGNATURE-

Re: [gentoo-user] Questions about hacked sites and passwords

[Neil Bothwick]

On Tue, 17 Jan 2012 08:14:36 -0500, Tanstaafl wrote:

> > PWM looks interesting too, especially the auto-completion, however
> > there's no ebuild for the desktop client:(  
> 
> Yeah, but you could always just us the Firefox extension to test it 
> our/play with it. I don't use the Desktop Edition...

I could be really picky and say I don't use FF either, but you'd only
point to the Chrome extension :P

I would want a desktop client, I use KeePassX to store more than online
passwords. For that reason, I also need something that will actually
store data, but it seems that PWM can do that.


-- 
Neil Bothwick

Experience is what you get when you didn't get what you wanted.


signature.asc
Description: PGP signature

Re: [gentoo-user] Cross Compiling in Gentoo

[Chris Walters]

On 1/17/2012 06:41 AM, Joerg Schilling wrote:
> I am not sure what you really like. Cross compiling is a general "problem" 
> and 
> not related to a specific distro.
> 
> For your specific problem: it is most unlikely that you will get a MS cross 
> compiler that runs on other platforms than WIN-DOS.
> 
> In general: The most annoying problem with cross compiling is that GNU 
> autoconf 
> does not support cross compiling and as a result, you need to manually create 
> results if you like to cross compile. The reason for this problem is that 
> many 
> autoconf tests need to be run on the target platform in order to create 
> useful 
> results.
> 
> Since July 2011, the Schily autoconf system (available e.g. via: 
> ftp://ftp.berlios.de/pub/schily) includes support for cross compiling by 
> detecting cross compilation and by running those tests that need the target 
> system either on a related target system or on an emulator. Note that the 
> autoconf configuration in ftp://ftp.berlios.de/pub/schily includes aprox. 700
> autoconf tests - 70 of these tests need to be run on the target, this can be 
> seen as a hint that aprox. 10% of the tests need to be run on the target.
> 
> As you see, your question cannot be easily answered.
> 
> Jörg

I am using the equivalent of the Debian cross compiler - without Debian.  This
has been used to cross compile many 32 bit applications from Debian for W32,
from what I understand.  I have managed to cross compile bzip2, lame, libogg,
libvorbis, vorbis-tools, and a few others - they all work.  With most, I only
needed to set the correct path (to mingw), and specify the tools and target and
run the configure script.  I ran into problems with gzip and zlib, however.

Thanks for the link, I will look into it.  Though I hate the idea of running
msys and mingw or anything like that in a W64 environment.

The really annoying thing for me is that if you look at the Mingw64 site on
sourceforge, they indicate that you can cross compile from a GNU/Linux
distribution to W32 or W64 - and they give a list of apps that were
successfully cross compiled, but little in the way of documentation.

Chris



signature.asc
Description: OpenPGP digital signature

Re: [gentoo-user] Cross Compiling in Gentoo

[Mike Edenfield]

On 1/17/2012 1:55 AM, Chris Walters wrote:

Hi,

I have a question about cross compiling in Gentoo - specifically cross
compiling for W32/W64.  I tried their preferred method and didn't like it, so I
downloaded the appropriate Mingw64 build files, set up a cross compile account,
with the appropriate paths, variables, etc.  Most packages compile correctly
(though it sometimes takes some code hacking - and yes they do run in Win 7),
but there are some I can't seem to get to build properly - usually the ones
that have make files for MS Visual Studio.  I have no interest in purchasing
Visual Studio.


Just a point of interest: "Visual Studio" doesn't use 
Makefiles; Visual C++ can import Makefile projects if you 
ask it to, but it has its own project file format. If you're 
seeing actual make files (and not, say, a .sln file or 
.cproj file) then you don't need Studio, just an 
nmake-compatible version of make.


If you do have project and solution files from Visual 
Studio, they are just MSBuild projects (think "ant for 
Windows"). I'm pretty sure there are open-source variants of 
MSBuild, possibly in the Mono project?


And of course, Visual C++ Express is free, though you'd need 
to find somewhere to set it up.



My question is, does anyone know of any good resources (mailing lists, sites,
etc.) on cross compiling on a GNU/Linux platform for a W32/W64 platform?  The
searches I've run have directed me to sites that talk about using MSYS and
Mingw on a W32 platform (I don't have all year to build a single package).  I
am looking to build GraphicsMagick, and some helpful tools for W64 (though I'd
accept W32, if that's the only way).

Chris

Re: [gentoo-user] Cross Compiling in Gentoo

[Mike Edenfield]

On 1/17/2012 6:41 AM, Joerg Schilling wrote:

Chris Walters  wrote:


I have a question about cross compiling in Gentoo - specifically cross
compiling for W32/W64.  I tried their preferred method and didn't like it, so I
downloaded the appropriate Mingw64 build files, set up a cross compile account,
with the appropriate paths, variables, etc.  Most packages compile correctly
(though it sometimes takes some code hacking - and yes they do run in Win 7),
but there are some I can't seem to get to build properly - usually the ones
that have make files for MS Visual Studio.  I have no interest in purchasing
Visual Studio.

My question is, does anyone know of any good resources (mailing lists, sites,
etc.) on cross compiling on a GNU/Linux platform for a W32/W64 platform?  The
searches I've run have directed me to sites that talk about using MSYS and
Mingw on a W32 platform (I don't have all year to build a single package).  I
am looking to build GraphicsMagick, and some helpful tools for W64 (though I'd
accept W32, if that's the only way).



For your specific problem: it is most unlikely that you will get a MS cross
compiler that runs on other platforms than WIN-DOS.


I've had very good luck with gcc's x86_64-w64-mingw32 
target, and gcc has supported Win32 builds for years, so I 
dunno why you think this is "unlikely". My biggest problem 
with MingW has been their occasional lag behind gcc in 
versions, but I believe gcc 4.5 can cross-compile for 64-bit 
Windows.


The setup is rather a pain but then again, if you wanted 
"easy", you probably wouldn't be using Gentoo :)


http://sourceforge.net/apps/trac/mingw-w64/wiki/Cross%20Win32%20and%20Win64%20compiler

For the OP's specific problem, I'll have to try and build 
GraphicsMagick on Gentoo and see what kind of build 
structure is uses that is giving him problems but its 
possible he just needs xbuild (the Mono msbuild 
implementation.) Worst case it has an old VC++-style 
workspace but those are usually just auto-generated out of 
the makefiles anyway.


--Mike

[gentoo-user] Re: Cross Compiling in Gentoo

[Nikos Chantziaras]

On 01/17/2012 08:55 AM, Chris Walters wrote:

Hi,

I have a question about cross compiling in Gentoo - specifically cross
compiling for W32/W64.  I tried their preferred method and didn't like it, so I
downloaded the appropriate Mingw64 build files, set up a cross compile account,
with the appropriate paths, variables, etc.  Most packages compile correctly
(though it sometimes takes some code hacking - and yes they do run in Win 7),
but there are some I can't seem to get to build properly - usually the ones
that have make files for MS Visual Studio.  I have no interest in purchasing
Visual Studio.

My question is, does anyone know of any good resources (mailing lists, sites,
etc.) on cross compiling on a GNU/Linux platform for a W32/W64 platform?  The
searches I've run have directed me to sites that talk about using MSYS and
Mingw on a W32 platform (I don't have all year to build a single package).  I
am looking to build GraphicsMagick, and some helpful tools for W64 (though I'd
accept W32, if that's the only way).


I'm using mingw-cross-env and it works like a charm.  It's for w32 only.

http://www.nongnu.org/mingw-cross-env

With it, you can build apps for Windows very easily, including apps 
using Qt, Gtk, SDL, etc.

Re: [gentoo-user] Cross Compiling in Gentoo

[YoYo Siska]

On Tue, Jan 17, 2012 at 01:55:25AM -0500, Chris Walters wrote:
> My question is, does anyone know of any good resources (mailing lists, sites,
> etc.) on cross compiling on a GNU/Linux platform for a W32/W64 platform?  The
> searches I've run have directed me to sites that talk about using MSYS and
> Mingw on a W32 platform (I don't have all year to build a single package).  I
> am looking to build GraphicsMagick, and some helpful tools for W64 (though I'd
> accept W32, if that's the only way).

You should also ask on the gentoo-embedded mailling list. Mingw might not
be reallly 'embedded' but that list would still be the most relevant
place to ask gentoo-related crosscompile questions...
Gentoo also has a crossdev tool that should also support mingw, though I
only ever used it for i686 and arm crosscompiles.

yoyo

Re: [gentoo-user] Cross Compiling in Gentoo

[Chris Walters]

On 1/17/2012 08:39 AM, Mike Edenfield wrote:
> On 1/17/2012 1:55 AM, Chris Walters wrote:
>> that have make files for MS Visual Studio.  I have no interest in purchasing
>> Visual Studio.
> 
> Just a point of interest: "Visual Studio" doesn't use Makefiles; Visual C++ 
> can
> import Makefile projects if you ask it to, but it has its own project file
> format. If you're seeing actual make files (and not, say, a .sln file or 
> .cproj
> file) then you don't need Studio, just an nmake-compatible version of make.
> 
> If you do have project and solution files from Visual Studio, they are just
> MSBuild projects (think "ant for Windows"). I'm pretty sure there are
> open-source variants of MSBuild, possibly in the Mono project?
> 
> And of course, Visual C++ Express is free, though you'd need to find somewhere
> to set it up.

Just a note:  I used to do all of my programming in Visual Studio.  I stopped
when I needed to do things that VS wouldn't let me do, and also because I
discovered GNU/Linux.

As for the types of files I've seen, I have seen both VS Solution/Project
files, and nmake files.  Most of the time, I just use the configure script with
x86_64-w64-mingw32 as my host, and it works fine.

Do you, by chance, know where I can find an nmake-compatible version of make?
Also, do you have a link for Visual C++ Express?  I like to do most programming
in C/C++ anyway (though this is OT).

Thanks for your reply, it was enlightening...  When I did most of my
programming, portability was not an issue - now it is virtually a must.

Chris


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120117-0, 01/17/2012
Tested on: 1/17/2012 9:26:56 AM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com

Re: [gentoo-user] Cross Compiling in Gentoo

[Joerg Schilling]

Chris Walters  wrote:

> I am using the equivalent of the Debian cross compiler - without Debian.  This
> has been used to cross compile many 32 bit applications from Debian for W32,
> from what I understand.  I have managed to cross compile bzip2, lame, libogg,
> libvorbis, vorbis-tools, and a few others - they all work.  With most, I only
> needed to set the correct path (to mingw), and specify the tools and target 
> and
> run the configure script.  I ran into problems with gzip and zlib, however.
>
> Thanks for the link, I will look into it.  Though I hate the idea of running
> msys and mingw or anything like that in a W64 environment.
>
> The really annoying thing for me is that if you look at the Mingw64 site on
> sourceforge, they indicate that you can cross compile from a GNU/Linux
> distribution to W32 or W64 - and they give a list of apps that were
> successfully cross compiled, but little in the way of documentation.

GNU autoconf allows to set up "default results" for cross compiling when trying 
to test things that need to run on the target.

Some of the basic GNU text utils either return most pessimistic values in case 
of a cross compilation or someone did handcraft the related results for MinGW 
and publishes such a modified source that probably will no longer compile 
correctly on other systems.

BTW: I introduced the cross compilation extensions to schily autoconmf in order 
to permit to compile my software for android.

Jörg

-- 
 EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
   j...@cs.tu-berlin.de(uni)  
   joerg.schill...@fokus.fraunhofer.de (work) Blog: 
http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily

Re: [gentoo-user] Cross Compiling in Gentoo

[Joerg Schilling]

Chris Walters  wrote:

> Do you, by chance, know where I can find an nmake-compatible version of make?

Be careful microsofts "nmake" is not compatible to nmake

nmake has been written by David Korn and Glenn Fowler in the mid 1980s.

Microsoft much later "resused" the name for something non-compatible.

It does not make sense to look at the MS "nmake" syntay as it is completely 
non-portable.


Jörg

-- 
 EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
   j...@cs.tu-berlin.de(uni)  
   joerg.schill...@fokus.fraunhofer.de (work) Blog: 
http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily

[gentoo-user] Disable IPv6 on an interface?

[Grant Edwards]

How does one disable IPv6 for a particular interface?

I want eth2 "up" but with no IP address.  Just doing an "ifconfig eth2
up" worked fine until I enabled IPv6 support in the kernel.  Now I get
a link-local IPv6 address just by bringing the interface up -- and I
don't want one.

Google has found me the anser for Debian, but for Gentoo all it found
was somebody else asking the qeustion (with no answers).


-- 
Grant Edwards   grant.b.edwardsYow! I know things about
  at   TROY DONAHUE that can't
  gmail.comeven be PRINTED!!

Re: [gentoo-user] Disable IPv6 on an interface?

[Paul Hartman]

On Tue, Jan 17, 2012 at 9:48 AM, Grant Edwards
 wrote:
> How does one disable IPv6 for a particular interface?
>
> I want eth2 "up" but with no IP address.  Just doing an "ifconfig eth2
> up" worked fine until I enabled IPv6 support in the kernel.  Now I get
> a link-local IPv6 address just by bringing the interface up -- and I
> don't want one.
>
> Google has found me the anser for Debian, but for Gentoo all it found
> was somebody else asking the qeustion (with no answers).

I didn't try it myself, but what about sysctl?

net.ipv6.conf.eth0.disable_ipv6=1

or something like that...

[gentoo-user] Re: want sound (alsa) muted on boot

[Hartmut Figge]

»Q«:

>I want sound muted on boot, but it always starts unmuted.

Then you have to mute after boot and to take care, that the change is
saved and restored on booting. Hence

SAVE_ON_STOP="yes"
RESTORE_ON_START="yes"

If you do not want that later changes be saved, switch afterwards to
SAVE_ON_STOP="no"

'Afterwards' can be after 'sudo /etc/init.d/alsasound restart', spares
one boot. Convenient for lazy ones. :)

On my machine i always want, that changes done with alsamixer survive
the next boot, therefore i have "yes" for both permanently.

Hartmut
-- 
Usenet-ABC-Wiki http://www.usenet-abc.de/wiki/
Von Usern fuer User  :-)

[gentoo-user] Re: Disable IPv6 on an interface?

[Grant Edwards]

On 2012-01-17, Paul Hartman  wrote:
> On Tue, Jan 17, 2012 at 9:48 AM, Grant Edwards
> wrote:
>> How does one disable IPv6 for a particular interface?
>>
>> I want eth2 "up" but with no IP address. ?Just doing an "ifconfig eth2
>> up" worked fine until I enabled IPv6 support in the kernel. ?Now I get
>> a link-local IPv6 address just by bringing the interface up -- and I
>> don't want one.
>>
>> Google has found me the anser for Debian, but for Gentoo all it found
>> was somebody else asking the qeustion (with no answers).
>
> I didn't try it myself, but what about sysctl?
>
> net.ipv6.conf.eth0.disable_ipv6=1
>
> or something like that...

That does it!

The next question is what do I put in the Gentoo network configuration
file (/etc/conf.d/net) to get that result (eth2 up with no IP
addresses).

-- 
Grant Edwards   grant.b.edwardsYow! Like I always say
  at   -- nothing can beat
  gmail.comthe BRATWURST here in
   DUSSELDORF!!

Re: [gentoo-user] Re: Disable IPv6 on an interface?

[Michael Mol]

Grant Edwards wrote:
> On 2012-01-17, Paul Hartman  wrote:
>> On Tue, Jan 17, 2012 at 9:48 AM, Grant Edwards
>>  wrote:
>>> How does one disable IPv6 for a particular interface?
>>>
>>> I want eth2 "up" but with no IP address. ?Just doing an "ifconfig eth2
>>> up" worked fine until I enabled IPv6 support in the kernel. ?Now I get
>>> a link-local IPv6 address just by bringing the interface up -- and I
>>> don't want one.
>>>
>>> Google has found me the anser for Debian, but for Gentoo all it found
>>> was somebody else asking the qeustion (with no answers).
>>
>> I didn't try it myself, but what about sysctl?
>>
>> net.ipv6.conf.eth0.disable_ipv6=1
>>
>> or something like that...
> 
> That does it!
> 
> The next question is what do I put in the Gentoo network configuration
> file (/etc/conf.d/net) to get that result (eth2 up with no IP
> addresses).
> 

/etc/sysctl.conf

net.ipv6.conf.eth0.disable_ipv6=1

It may be sufficient to just use:
net.ipv6.conf.eth0.autoconf=0
net.ipv6.conf.eth0.accept_ra=0

I'm just guessing that .autoconf corresponds to link-local addresses,
though.

Re: [gentoo-user] Re: Disable IPv6 on an interface?

[Pandu Poluan]

On Jan 17, 2012 11:56 PM, "Grant Edwards"  wrote:
>
> On 2012-01-17, Paul Hartman  wrote:
> > On Tue, Jan 17, 2012 at 9:48 AM, Grant Edwards
> > wrote:
> >> How does one disable IPv6 for a particular interface?
> >>
> >> I want eth2 "up" but with no IP address. ?Just doing an "ifconfig eth2
> >> up" worked fine until I enabled IPv6 support in the kernel. ?Now I get
> >> a link-local IPv6 address just by bringing the interface up -- and I
> >> don't want one.
> >>
> >> Google has found me the anser for Debian, but for Gentoo all it found
> >> was somebody else asking the qeustion (with no answers).
> >
> > I didn't try it myself, but what about sysctl?
> >
> > net.ipv6.conf.eth0.disable_ipv6=1
> >
> > or something like that...
>
> That does it!
>
> The next question is what do I put in the Gentoo network configuration
> file (/etc/conf.d/net) to get that result (eth2 up with no IP
> addresses).
>

You don't.

Put it in /etc/sysctl.conf instead.

Rgds,

[gentoo-user] Re: Disable IPv6 on an interface?

[Grant Edwards]

On 2012-01-17, Michael Mol  wrote:

>>> net.ipv6.conf.eth0.disable_ipv6=1

>> The next question is what do I put in the Gentoo network configuration
>> file (/etc/conf.d/net) to get that result (eth2 up with no IP
>> addresses).
>> 
>
> /etc/sysctl.conf
>
> net.ipv6.conf.eth0.disable_ipv6=1

Well that's just too simple and obvious.  I put a sysctl command in a
preup() function in conf.d/net, and that worked, but it's definitly
the wrong way to do it.

After putting the above line in sysctl.conf (and removing my preup()
function), everything worked as expected except that I had to manually
start the interface with the command "/etc/init.d/net.eth2 start".

Google told me to fix that by using rc-update to add net.eth2 to the
default runlevel.

Everything's tickety-boo now, but I don't remember have to do that
last step in the past when I added a network interface -- all I had to
do was create the symlink from net. to net.lo.

Is the rc-update runlevel stuff new?

-- 
Grant Edwards   grant.b.edwardsYow! BARBARA STANWYCK makes
  at   me nervous!!
  gmail.com

Re: [gentoo-user] Cross Compiling in Gentoo

[Michael Mol]

Mike Edenfield wrote:
> On 1/17/2012 1:55 AM, Chris Walters wrote:
>> Hi,
>>
>> I have a question about cross compiling in Gentoo - specifically cross
>> compiling for W32/W64.  I tried their preferred method and didn't like
>> it, so I
>> downloaded the appropriate Mingw64 build files, set up a cross compile
>> account,
>> with the appropriate paths, variables, etc.  Most packages compile
>> correctly
>> (though it sometimes takes some code hacking - and yes they do run in
>> Win 7),
>> but there are some I can't seem to get to build properly - usually the
>> ones
>> that have make files for MS Visual Studio.  I have no interest in
>> purchasing
>> Visual Studio.
> 
> Just a point of interest: "Visual Studio" doesn't use Makefiles; Visual
> C++ can import Makefile projects if you ask it to, but it has its own
> project file format. If you're seeing actual make files (and not, say, a
> .sln file or .cproj file) then you don't need Studio, just an
> nmake-compatible version of make.
> 
> If you do have project and solution files from Visual Studio, they are
> just MSBuild projects (think "ant for Windows"). I'm pretty sure there
> are open-source variants of MSBuild, possibly in the Mono project?
> 
> And of course, Visual C++ Express is free, though you'd need to find
> somewhere to set it up.

You don't even need that much; you can just use the Windows SDK to get
the compilers. (I don't know if it comes with MSBuild, though) The
Windows SDK might work via WINE, dunno.

http://www.microsoft.com/downloads/dlx/en-us/listdetailsview.aspx?FamilyID=6b6c21d2-2006-4afa-9702-529fa782d63b

> 
>> My question is, does anyone know of any good resources (mailing lists,
>> sites,
>> etc.) on cross compiling on a GNU/Linux platform for a W32/W64
>> platform?  The
>> searches I've run have directed me to sites that talk about using MSYS
>> and
>> Mingw on a W32 platform (I don't have all year to build a single
>> package).
>> I
>> am looking to build GraphicsMagick, and some helpful tools for W64
>> (though I'd
>> accept W32, if that's the only way).

"info gcc" tells me that the install of gcc on my Gentoo box supports
the mingw target. "eix mingw" shows me that there are ebuilds for the
import libraries, but they're hardmasked on my amd64 system for some reason.

Re: [gentoo-user] Questions about hacked sites and passwords

[Willie WY Wong]

On Tue, Jan 17, 2012 at 12:11:14PM +, Penguin Lover Neil Bothwick squawked:
> I was sceptical when it first arrived, but it's really easy to use and
> no password needed since the card reader generates it for you. It looks
> like a small calculator with a card slot, so easy enough to carry around
> for remote access.

Yours is slightly more convenient then. 

Mine requires a password first _then_ a challenge-response with the
calculator thingie, the first step of which seems to me slightly pointless. 
If someone has my pin and debit card already, they can just go to the
ATM and bypass the first password. 

W

-- 
Data aequatione quotcunque fluentes quantitae involvente fluxiones invenire 
 et vice versa   ~~~  I. Newton

Re: [gentoo-user] Re: Disable IPv6 on an interface?

[Paul Hartman]

On Tue, Jan 17, 2012 at 11:50 AM, Grant Edwards
 wrote:
> After putting the above line in sysctl.conf (and removing my preup()
> function), everything worked as expected except that I had to manually
> start the interface with the command "/etc/init.d/net.eth2 start".
>
> Google told me to fix that by using rc-update to add net.eth2 to the
> default runlevel.
>
> Everything's tickety-boo now, but I don't remember have to do that
> last step in the past when I added a network interface -- all I had to
> do was create the symlink from net. to net.lo.
>
> Is the rc-update runlevel stuff new?

AFAIR you've had to do it that way forever... but it's not exactly
something I set up every day.

Maybe if you used ifplugd, wicd, networkmanager etc. it works differently.

Re: [gentoo-user] want sound (alsa) muted on boot

[Walter Dnes]

On Mon, Jan 16, 2012 at 10:14:28PM -0600, ??Q?? wrote
> I want sound muted on boot, but it always starts unmuted.  I don't know
> when this problem started; I only noticed it because I recently went
> through a stretch of being unable to hibernate, so I booted a lot.
> 
> grep -i =\" /etc/conf.d/alsasound 
> ENABLE_OSS_EMUL="yes"
> RESTORE_ON_START="no"
> SAVE_ON_STOP="no"
> LOAD_ON_START="no"
> 
> I thought the RESTORE_ON_START="no" should do what I want, but no such
> luck.  I tried the old `# alsactl store` after using alsamixer to mute
> sound, which also didn't help.

  Here's a heavy-handed way to over-ride that; do this as root...

1) Use alsamixer to mute sound

2) Immediately afterwards, save the settings to e.g. /root/muted.state
# alsactl store -f /root/muted.state

3) Create file /etc/local.d/000.start and set it executable.  It should
   have 2 lines
#!/bin/bash
alsactl restore -f /root/muted.state

  This will cause the muted configuration to be restore near the end of
the boot process

4) If you're really paranoid...
# cp /etc/local.d/000.start /etc/local.d/000.stop
to force muting when shutting down.

***IMPORTANT***  This does not affect what happens at hibernation.
"man hibernate.conf" and check the syntax of "OnSuspend" and "OnResume"
for handling issuing custom commands when hibernating or starting up from
hibernation.

-- 
Walter Dnes 

Re: [gentoo-user] Gentoo-sources: can't make menuconfig with user? User can't access ncurses?

[Gregory Shearman]

In linux.gentoo.user, Mick wrote:
>>
>> I use a separate output directory that is under control of the user.
>> What I do as an ordinary user:
>>
>> mkdir 
>>
>> zcat /proc/config.gz > /.config
>>
>> # assuming you have this option set in your kernel ie the current
>> kernel # config saved in /proc/config.gz
>>
>> cd /usr/src/linux
>>
>> # assuming that /usr/src/linux is a soft link to your new kernel #
>> directory.
>>
>> make O= oldconfig
>>
>> # The "O=" makes sure that any kernel output goes to the directory
>> under # the permissions and control of the kernel builder user rather
>> than in # the kernel directory under root permissions.
>>
>> # If you want to make changes to the new kernel then:
>>
>> make O= menuconfig
>>
>> You can then proceed with building kernel and modules. Yes, I know
>> that "make" without a command will automatically build both kernel
>> image and modules but I prefer to do things explicitly.
>>
>> make O= bzImage make O= modules
>>
>> You can then install the new kernel and modules as root:
>>
>> make O= modules_install make O=
>> install
>>
>> You need to set the following environment variable:
>>
>> KBUILD_OUTPUT=
>>
>> This variable ensures that any emerged app can find the kernel output
>> if necessary. I've created a script in /etc/profile.d that
>> automatically keeps this environment variable up to date. Oh,
>> remember to unset this variable if you do *anything* requiring a
>> busybox build (eg genkernel).
>>
>> An enjoyable side-effect of this system is that when you remove an
>> obselete kernel from your system using "emerge -C
>> ", everything will be removed because there are no
>> changes, no files added to those portage added kernel directory.
>>
>> The kernel builder user does nothing but build new kernels. This
>> user's home directory is a hierarchy containing current kernel
>> builds.
>>
>> I've been using this system for years now, on all my gentoo systems.
>> It is second nature. Of course, the .bash_history of the kernel
>> builder user is *very* useful for quickly doing all this from the
>> command line.
>>
>> I used to have a script to automate all this, but it is just as easy
>> to do from the command line.
>
> What is the benefit of this approach vis a vis su to root first as the
> gentoo handbook suggests?

You've answered your own question. I'm of the opinion that it is far
better to do the absolute *minimum* commands as the superuser, for your
own system security. My way of compiling a new kernel means that only
the "install" commands are done as superuser.

-- 
Regards,
Gregory.

[gentoo-user] Gentoo + Macbook

[.]

Hello there!

I've tried to install Gentoo on Macbook, but got stuck with GRUB.
Here is the topic: http://forums.gentoo.org/viewtopic-p-6932124.html


Cheers!

RE: [gentoo-user] Cross Compiling in Gentoo

[Mike Edenfield]

> From: Chris Walters [mailto:cjw20...@comcast.net]
> Sent: Tuesday, January 17, 2012 9:27 AM
> 
> On 1/17/2012 08:39 AM, Mike Edenfield wrote:
> > On 1/17/2012 1:55 AM, Chris Walters wrote:
> >> that have make files for MS Visual Studio.  I have no interest in
> >> purchasing Visual Studio.
> >
> > Just a point of interest: "Visual Studio" doesn't use Makefiles;
> > Visual C++ can import Makefile projects if you ask it to, but it has
> > its own project file format. If you're seeing actual make files (and
> > not, say, a .sln file or .cproj
> > file) then you don't need Studio, just an nmake-compatible version of
> make.
> >
> > If you do have project and solution files from Visual Studio, they are
> > just MSBuild projects (think "ant for Windows"). I'm pretty sure there
> > are open-source variants of MSBuild, possibly in the Mono project?
> >
> > And of course, Visual C++ Express is free, though you'd need to find
> > somewhere to set it up.
> 
> Just a note:  I used to do all of my programming in Visual Studio.  I stopped
> when I needed to do things that VS wouldn't let me do, and also because I
> discovered GNU/Linux.

While I program a lot on my Linux machines, I haven't actually found an IDE 
that doesn't make me wish VS ran on Linux. MonoDevelop isn't horrible but if I 
wanted to write .NET code I'd just use Windows; Eclipse makes me want to drill 
my brain out with a corkscrew and the only other decent IDE's I've seen are 
KDE-specific. I've falling back to the default of Emacs at this point; it's 
powerful enough, especially when I'm doing Lisp or Scheme, but I have an 
internal mental limit of 150,110 hotkey combinations that I think is holding me 
back. If you have any suggestions I'm all ears :)
 
> As for the types of files I've seen, I have seen both VS Solution/Project 
> files,
> and nmake files.  Most of the time, I just use the configure script with
> x86_64-w64-mingw32 as my host, and it works fine.
> 
> Do you, by chance, know where I can find an nmake-compatible version of
> make?

> Also, do you have a link for Visual C++ Express?  I like to do most
> programming in C/C++ anyway (though this is OT).

Well, if you're willing to go the "install a Windows OS" route, everything you 
need command-line wise is found in the Windows SDK: 
http://msdn.microsoft.com/en-us/windowsserver/bb980924.aspx.  
Visual C++ 2010 Express can be downloaded from: 

http://www.microsoft.com/visualstudio/en-us/products/2010-editions/visual-cpp-express
 
Mostly what you lose with Express are the TFS integrations, unit testing, and 
other "application lifecycle management" stuff they pack into the full 
editions. Express editions can't build & debug 64-bit applications, but the 
64-bit compilers come with the SDK. Depends on how much effort you're willing 
to put into it. 

If you don't want to install Windows you're options are going to be mostly 
limited to the GNU binutils and GCC, which support targeting Win32 and Win64.  
In theory you could run the command-line tools, for example, under Wine, but 
I've never tried it. I don't actually know of a make for Linux that is 
compatible with NMAKE. If you can't find one then you'll need to do a lot of 
work to build any applications that require it. However, I think the number of 
applications using Microsoft make files is vanishingly small: they're either 
going to produce a GNU makefile (since GNU make runs on Windows) or an MSBuild 
project.

And yes, AT&T also released a tool called "nmake" that is not compatible with 
Microsoft NMAKE (or either of the other two incompatible makes), so don't get 
them confused.

--Mike

[gentoo-user] Re: want sound (alsa) muted on boot

[»Q«]

On Mon, 16 Jan 2012 22:14:28 -0600
»Q«  wrote:

> I want sound muted on boot, but it always starts unmuted.

Thank you for all the helpful replies.  Unfortunately, I asked the
wrong question.  :/  I apologize.  I've saved the answers, because
there was good stuff in there.

Sound *is* muted on boot -- logging in to KDE unmutes it, maybe part
of session restore.  I'll play with my KDE settings and if I can't
fix it, I'll be back.  

Re: [gentoo-user] Gentoo + Macbook

[Keith Dart]

On Wed, 18 Jan 2012 02:48:38 +0300
"."  wrote:

> I've tried to install Gentoo on Macbook, but got stuck with GRUB.
> Here is the topic: http://forums.gentoo.org/viewtopic-p-6932124.html

I've done it. Don't use grub. Use refit and elilo. At least that's
what I used, but it was a couple of years ago. 

http://refit.sourceforge.net/



-- 

-- ~
   Keith Dart 
   public key: ID: 19017044
   
   =