Re: [gentoo-user] Its ground hog day... how to escape the syndrome?
On Wed, Mar 01, 2017 at 11:33:56PM -0500, Harry Putnam wrote > Setup: VBox vm running gentoo(amd64) guest on a win-10 (64bit) host > Hardware: HP xw8600 - 2x Xeon CPU X5450 @ 3.00GHz - 32 GB ram > > I've seen a few other mentions of the phenomena I'm about to describe. > It is not clear to me why something like this would happen. Or what is > to be done to prevent it. > > After going thru install and bulding of X based lxde desktop gentoo > OS, I'm at the stage where I would do another emerge world followed by > --depclean or something similar. > > Decided to take the @world in the two available bites; @system then > @world > > My cmdline was `emerge -vaDt @system' > > Showed 44 pkgs only 2 were updates and 42 were reinstalls. If you want to rebuild everything, including dependancies, try emerge -e @world You'll find out how many packages you have installed and how fast your system is. -- Walter DnesI don't run "desktop environments"; I run useful applications
[gentoo-user] Re: lxde no Desktop Preferences can be set
Neil Bothwickwrites: >> Also ran into a wall trying to use the regular tools like qlist to >> determine what is in there. I found the list after search a while on >> google but I'm curious why `qlist' doesn't list off >> what is in there, like it does in all other cases. > > Meta packages don't install files, they just have a list of dependencies. > Your previous post implied you hadn't installed lxde-meta, just the lxde > packages it depends on, which may exclude other requirements. > > A simple "emerge -a lxde-meta" should ensure that all deps are installed OK thanks. But then that leaves the issue that brought this up without a resolution: >From OP >> LXDE on the menu item Preferences ===> Desktop Preferences >> Nothing can be set there and it does not even show a dialog >> box... just an error messages that says: >> Desktop manager is not active Any other ideas what might be going on there?
Re: [gentoo-user] Re: lxde no Desktop Preferences can be set
On Thu, 02 Mar 2017 18:54:20 -0500, Harry Putnam wrote: > Neil Bothwickwrites: > >> All the lxde-base pkgs contained in lxde-meta are installed. > >> > >> Openbox wm is installed. > >> > >> Anyone know what that error message means or how to get around or fix > >> it? > > > > You're missing an essential package. Install lxde-meta to make sure > > you get it. Once working, you can remove unnecessary packages later. > > That sounded like a plan until I actually tried to re-install > lxde-meta. > > I found no way to make emerge do that. I thought by adding such > things as --deep --newuse --changed-use it would cause a reinstall > > But emerge just closes and tells me nothing is outated in lxde-meta > > Example: ># emerge --deep --newuse --changed-use -v lxde-meta > >These are the packages that would be merged, in order: > >Calculating dependencies... done! > >Total: 0 packages, Size of downloads: 0 KiB > > And that is also with bdeps=y from my make.conf > > EMERGE_DEFAULT_OPTS="--with-bdeps=y" > > After browsing thru `man emerge' a couple of times It appears there is > not some kind of `force' flag. > > Is there some combination of switches that will cause emerge to > re-install lxde-meta? Or baring that I thought I'd try emerging > individual pkgs... but there not exactly easy to find ebuilds of.. I > still haven't > > Also ran into a wall trying to use the regular tools like qlist to > determine what is in there. I found the list after search a while on > google but I'm curious why `qlist' doesn't list off > what is in there, like it does in all other cases. Meta packages don't install files, they just have a list of dependencies. Your previous post implied you hadn't installed lxde-meta, just the lxde packages it depends on, which may exclude other requirements. A simple "emerge -a lxde-meta" should ensure that all deps are installed -- Neil Bothwick I can't walk on water, but I can stagger on alcohol. pgpI0D8X5o92_.pgp Description: OpenPGP digital signature
Re: [gentoo-user] SHA-1 has just been broken
On Thu, Mar 2, 2017 at 6:26 PM, Andrew Savchenkowrote: > On Thu, 2 Mar 2017 03:42:24 -0500 taii...@gmx.com wrote: >> >> The IOMMU (theoretically) protects the CPU and memory from rogue >> devices, such as the hard drive. > > No. Any DMA capable device can bypass IOMMU. IOMMU was not > designed to protect OS from device. > Huh? I thought protection against DMA attacks was half the reason for an IOMMU in the first place. https://en.wikipedia.org/wiki/Input%E2%80%93output_memory_management_unit -- Rich
[gentoo-user] Re: lxde no Desktop Preferences can be set
Neil Bothwickwrites: > On Thu, 02 Mar 2017 00:27:47 -0500, Harry Putnam wrote: > >> LXDE on the menu item Preferences ===> Desktop Preferences >> Nothing can be set there and it does not even show a dialog >> box... just an error messages that says: >> >> Desktop manager is not active >> >> All the lxde-base pkgs contained in lxde-meta are installed. >> >> Openbox wm is installed. >> >> Anyone know what that error message means or how to get around or fix >> it? > > You're missing an essential package. Install lxde-meta to make sure you > get it. Once working, you can remove unnecessary packages later. That sounded like a plan until I actually tried to re-install lxde-meta. I found no way to make emerge do that. I thought by adding such things as --deep --newuse --changed-use it would cause a reinstall But emerge just closes and tells me nothing is outated in lxde-meta Example: # emerge --deep --newuse --changed-use -v lxde-meta These are the packages that would be merged, in order: Calculating dependencies... done! Total: 0 packages, Size of downloads: 0 KiB And that is also with bdeps=y from my make.conf EMERGE_DEFAULT_OPTS="--with-bdeps=y" After browsing thru `man emerge' a couple of times It appears there is not some kind of `force' flag. Is there some combination of switches that will cause emerge to re-install lxde-meta? Or baring that I thought I'd try emerging individual pkgs... but there not exactly easy to find ebuilds of.. I still haven't Also ran into a wall trying to use the regular tools like qlist to determine what is in there. I found the list after search a while on google but I'm curious why `qlist' doesn't list off what is in there, like it does in all other cases.
Re: [gentoo-user] SHA-1 has just been broken
On Tue, 28 Feb 2017 18:05:29 +0100 Miroslav Rovis wrote: [...] > Gentoo Keys > --- > > ### About > > Gentoo Keys is a Python based project that aims to manage the GPG keys used > for validation on users and Gentoo's infrastracutre servers. Gentoo Keys > will be able > to verify GPG keys used for Gentoo's release media, such as installation > CD's, > Live DVD's, packages and other GPG signed documents. It will also be used by > Gentoo infrastructure to achieve GPG signed git commits in the forthcoming > git > migration of the main CVS tree. > > ### License > > Gentoo Keys is under GPL-2 License > # > > But do I read this correctly?: > > ...Gentoo Keys will be able > to verify GPG keys used for Gentoo's release media, such as installation > CD's, > Live DVD's, packages and other GPG signed documents. > > Again, about this (syntactical) object (in the sentence), with other > objects removed: > > ...Gentoo Keys will be able > to verify GPG keys used for ... > ... packages... > > Does that mean what I read? That with gkeys any user will be able to get > packages via git, and somehow automatically gpg -verify the signature of > each package that (s)he got when (s)he, say: Yes and no. AFAIK gkeys is not yet fully implemented. Right now it can be used to verify dev keys, but I'm not aware about a way to verity git tree using gkeys. Probably this should be done at the end of emaint sync process. Best regards, Andrew Savchenko pgpprJPSHYH3u.pgp Description: PGP signature
Re: [gentoo-user] SHA-1 has just been broken
On Thu, 2 Mar 2017 03:42:24 -0500 taii...@gmx.com wrote: > It is possible to have a reasonably secure system where the hard drive > firmware (or any other devices) can't fuck around with the stuff on > disk, although I highly doubt that the gentoo infrastructure (and > kernel.org, and all the source repos for all the other software) does this Hard drive's firmware is a drive's micro OS, it can manipulate data on the disk as it pleases. The only way to protect privacy of the data is to write it already encrypted, so it still can be mangled and become unusable, but privacy will be kept. But see below about DMA. > One way is to use a blob-free coreboot IOMMU supporting board and > bootstrap the crypto/kernel off of the board firmware EEPROM chip to > load the initial kernel thus no plaintext touches the disk and thus > nothing can mess with it. > > The IOMMU (theoretically) protects the CPU and memory from rogue > devices, such as the hard drive. No. Any DMA capable device can bypass IOMMU. IOMMU was not designed to protect OS from device. > In terms of ethics IBM *for now* is a way better company than Intel/AMD, > their POWER servers are owner controlled as there isn't any boot > guard/secure boot/management engine/platform "security" processor (amd's > ME) to stop you from re-writing the firmware as you please. They also > have an getting-there-almost-reasonable open source effort (OpenPOWER) Indeed they are. But that boxes are quite expensive and hard to get. Best regards, Andrew Savchenko pgpwYnzvVK92P.pgp Description: PGP signature
Re: [gentoo-user] ifconfig - display/list hostname with IP address
On 02/03/2017 23:31, the...@sys-concept.com wrote: > On 03/02/2017 02:11 PM, Alan McKinnon wrote: >> On 02/03/2017 22:57, the...@sys-concept.com wrote: >>> running "ifconfig" is it possible to display hostname, especially with >>> "tun" interfaces. >> >> No. >> >> ifconfig operates at layer 2. >> Hostnames is a dns/resolver concept operating at a much higher level. >> >> DNs relies on layer 2 so using rDNS to display hostnames (or worse, that >> abomination called /etc/hosts) is logically circular and nonsensical >> >> Hostnames are there to abstract addresses when addresses don't matter. >> Addresses very much do matter at the ifconfig level so if you need them >> then, you probably shouldn't be looking at ifconfig at all (don't you >> know your own addresses?) >> >> And finally the relationship between address and names is many<->many, >> so which one you gonna use? > > Thanks for the input Alan, > Yes, I do remember them when I'm setting it UP; but after a while I have > to think if I get the correct IP or tun address. > > I think "yellow" note sticker on the side of the monitor will do the > trick :-) Come work for me (you will have to leave Canada and move to Africa), managing a bucket load of /16s will teach you real quick to think in addresses. Can you considered giving your tun interfaces descriptive names? -- Alan McKinnon alan.mckin...@gmail.com
Re: [gentoo-user] ifconfig - display/list hostname with IP address
On 03/02/2017 02:11 PM, Alan McKinnon wrote: > On 02/03/2017 22:57, the...@sys-concept.com wrote: >> running "ifconfig" is it possible to display hostname, especially with >> "tun" interfaces. > > No. > > ifconfig operates at layer 2. > Hostnames is a dns/resolver concept operating at a much higher level. > > DNs relies on layer 2 so using rDNS to display hostnames (or worse, that > abomination called /etc/hosts) is logically circular and nonsensical > > Hostnames are there to abstract addresses when addresses don't matter. > Addresses very much do matter at the ifconfig level so if you need them > then, you probably shouldn't be looking at ifconfig at all (don't you > know your own addresses?) > > And finally the relationship between address and names is many<->many, > so which one you gonna use? Thanks for the input Alan, Yes, I do remember them when I'm setting it UP; but after a while I have to think if I get the correct IP or tun address. I think "yellow" note sticker on the side of the monitor will do the trick :-) -- Thelma
Re: [gentoo-user] ifconfig - display/list hostname with IP address
On 03/02/2017 03:57 PM, the...@sys-concept.com wrote: > running "ifconfig" is it possible to display hostname, especially with > "tun" interfaces. > > It would be easier to recognize which network is Up or Down. > The closest thing I was able to manage is # ip -r addr show
Re: [gentoo-user] ifconfig - display/list hostname with IP address
On 02/03/2017 22:57, the...@sys-concept.com wrote: > running "ifconfig" is it possible to display hostname, especially with > "tun" interfaces. No. ifconfig operates at layer 2. Hostnames is a dns/resolver concept operating at a much higher level. DNs relies on layer 2 so using rDNS to display hostnames (or worse, that abomination called /etc/hosts) is logically circular and nonsensical Hostnames are there to abstract addresses when addresses don't matter. Addresses very much do matter at the ifconfig level so if you need them then, you probably shouldn't be looking at ifconfig at all (don't you know your own addresses?) And finally the relationship between address and names is many<->many, so which one you gonna use? -- Alan McKinnon alan.mckin...@gmail.com
[gentoo-user] ifconfig - display/list hostname with IP address
running "ifconfig" is it possible to display hostname, especially with "tun" interfaces. It would be easier to recognize which network is Up or Down. -- Thelma
Re: [gentoo-user] SHA-1 has just been broken
On 170302-03:42-0500, taii...@gmx.com wrote: > On 02/28/2017 12:05 PM, Miroslav Rovis wrote: > > > On 170227-21:59-0500, Rich Freeman wrote: > >> On Mon, Feb 27, 2017 at 8:10 PM, Miroslav Rovis > >>wrote: ... > > And finally Andrew Shavchenko pointed me to gkeys ! > > > > Here's the answer to my query (ah, just the beginning of, my > > implementation of it will take time): > > > > emerge -tuDN app-crypt/gkeys app-crypt/gkeys-gen > > > > # equery f gkeys-gen > > ... > > /usr/share/doc/gkeys-gen-0.2/README.md.bz2 > > ... > > > > ( > > NOTE: The: > > /usr/share/doc/gkeys-0.2/README.md.bz2 > > of the gkeys package is identical. > > ) > > > > # bzcat /usr/share/doc/gkeys-gen-0.2/README.md.bz2 > > > > Gentoo Keys > > --- > > > > ### About > > > > Gentoo Keys is a Python based project that aims to manage the GPG keys > > used > > for validation on users and Gentoo's infrastracutre servers. Gentoo Keys > > will be able > > to verify GPG keys used for Gentoo's release media, such as installation > > CD's, > > Live DVD's, packages and other GPG signed documents. It will also be used > > by > > Gentoo infrastructure to achieve GPG signed git commits in the > > forthcoming git > > migration of the main CVS tree. > > > > ### License > > > > Gentoo Keys is under GPL-2 License > > # > > > > But do I read this correctly?: > > > > ...Gentoo Keys will be able > > to verify GPG keys used for Gentoo's release media, such as installation > > CD's, > > Live DVD's, packages and other GPG signed documents. > > > > Again, about this (syntactical) object (in the sentence), with other > > objects removed: > > > > ...Gentoo Keys will be able > > to verify GPG keys used for ... > > ... packages... > > > > Does that mean what I read? That with gkeys any user will be able to get > > packages via git, and somehow automatically gpg -verify the signature of > > each package that (s)he got when (s)he, say: > > > > emerge -tuDN world > > > > ? > > > > Does that mean that? > > ... > It is possible to have a reasonably secure system where the hard drive > firmware (or any other devices) can't fuck around with the stuff on > disk, although I highly doubt that the gentoo infrastructure (and > kernel.org, and all the source repos for all the other software) does this Rogue elements everywhere (even the most known Person in the world, throughout the history (which counts from His birth), had His traitors), but you are correct, it is still little likely. I'll keep you thought below for reference, when I some day, find more time to learn about these things: > One way is to use a blob-free coreboot IOMMU supporting board and > bootstrap the crypto/kernel off of the board firmware EEPROM chip to > load the initial kernel thus no plaintext touches the disk and thus > nothing can mess with it. > > The IOMMU (theoretically) protects the CPU and memory from rogue > devices, such as the hard drive. > > In terms of ethics IBM *for now* is a way better company than Intel/AMD, > their POWER servers are owner controlled as there isn't any boot > guard/secure boot/management engine/platform "security" processor (amd's > ME) to stop you from re-writing the firmware as you please. They also > have an getting-there-almost-reasonable open source effort (OpenPOWER) > > You can buy a TYAN OpenPOWER8 "Palmetto" (100% FOSS out of the box, > although not that powerful) or an IBM POWER8 S822 "Firestone" (very > powerful) which needs only a small amount of final work to be open sourced. > > IBM's POWER8 has a supervisor processor, although it is owner controlled > (the key difference) unlike ME/PSP. > > It is a shame that TALOS (POWER workstation board) never went anywhere, > it seems the linux community won't care about real freedom - right up > until microsoft finally locks us out for good and it is too late to do > anything about it. > > https://www.coreboot.org/Board_freedom_levels Yes, I looked up that page, and searched a little about Power8 pocessors... I wish I was aware how important Board freedom is back four and a half years ago. Not so ugly what I have, but neither is open hardware ( Asrock Extreme4, a few of them (so I can clone the systems): Use old amd64 gentoo image on new amd64 hardware, possible? https://forums.gentoo.org/viewtopic-t-940916.html#7172822 I can't believe they're still selling them! If I'm not mistaken: http://www.asrock.com/mb/AMD/970%20Extreme4/ I have to say, they are really not bad, but are not openhardware either. ) I can't follow all the info that you gave, it's too advanced for me (at least at this time). And I couldn't reply sooner... I had to finish, finally successfully, some steep learning of mine about how to use virtualization. VoilĂ : Devuan's precursor's, as Tails, image in Qemu (10) https://www.croatiafidelis.hr/foss/cap/cap-161015-qemu-devuan/qemu-devuan-10.php Finally using Tails from my grsecurity-hardened Gentoo, in a
Re: [gentoo-user] Its ground hog day... how to escape the syndrome?
On 03/02/2017 05:07 AM, Andrew Savchenko wrote: > On Thu, 2 Mar 2017 09:44:20 +0200 Alan McKinnon wrote: >> On 02/03/2017 06:33, Harry Putnam wrote: >>> Setup: VBox vm running gentoo(amd64) guest on a win-10 (64bit) host >>> Hardware: HP xw8600 - 2x Xeon CPU X5450 @ 3.00GHz - 32 GB ram >>> >>> I've seen a few other mentions of the phenomena I'm about to describe. >>> It is not clear to me why something like this would happen. Or what is >>> to be done to prevent it. >>> >>> After going thru install and bulding of X based lxde desktop gentoo >>> OS, I'm at the stage where I would do another emerge world followed by >>> --depclean or something similar. >>> >>> Decided to take the @world in the two available bites; @system then >>> @world >>> >>> My cmdline was `emerge -vaDt @system' >> >> Add -u to the options, it activates update behaviour >> >> Without it, emerge takes you literally at your word and emerges >> everything in the system set. > > Also add -N, otherwise USE flags changes will be ignored if no > update or rebuild, and add --with-bdeps y if you don't want to > miss updates for packages pulled an build-only deps, so use > `-DNuavt --with-bdeps y'. "vt" here is optional and affects only > on-screen output. > > > Best regards, > Andrew Savchenko Adding -q option is nice (you don't need to watch the code scrolling by on the screen). -uDNavq -- Thelma
Re: [gentoo-user] sg_map etc
Am 2017-03-02 um 13:41 schrieb Bill Kenworthy: > try lshw to get that info: we had that already in the other leg of the thread doesn't work for me: # lshw -c disk *-disk:0 description: SCSI Disk physical id: 0.0.0 bus info: scsi@1:0.0.0 logical name: /dev/sda size: 68GiB (73GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 signature=00047c2f *-disk:1 description: SCSI Disk physical id: 0.1.0 bus info: scsi@1:0.1.0 logical name: /dev/sdb size: 68GiB (73GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 signature=f31b *-disk:2 description: SCSI Disk physical id: 0.2.0 bus info: scsi@1:0.2.0 logical name: /dev/sdc size: 697GiB (749GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 *-disk:3 description: SCSI Disk physical id: 0.3.0 bus info: scsi@1:0.3.0 logical name: /dev/sdd size: 697GiB (749GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 *-disk:4 description: SCSI Disk physical id: 0.4.0 bus info: scsi@1:0.4.0 logical name: /dev/sde size: 697GiB (749GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 *-disk:5 description: SCSI Disk physical id: 0.5.0 bus info: scsi@1:0.5.0 logical name: /dev/sdf size: 697GiB (749GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 *-disk:6 description: SCSI Disk physical id: 0.6.0 bus info: scsi@1:0.6.0 logical name: /dev/sdg size: 697GiB (749GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 *-disk:7 description: SCSI Disk physical id: 0.8.0 bus info: scsi@1:0.8.0 logical name: /dev/sdh size: 697GiB (749GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 *-disk:8 description: SCSI Disk physical id: 0.c.0 bus info: scsi@1:0.12.0 logical name: /dev/sdi size: 697GiB (749GB) capabilities: partitioned partitioned:dos configuration: sectorsize=512 *-disk:9 UNCLAIMED description: SCSI Disk physical id: 1.0.0 bus info: scsi@1:1.0.0 *-disk:10 UNCLAIMED description: SCSI Disk physical id: 1.1.0 bus info: scsi@1:1.1.0 *-disk:11 UNCLAIMED description: SCSI Disk physical id: 1.3.0 bus info: scsi@1:1.3.0 *-disk:12 UNCLAIMED description: SCSI Disk physical id: 1.4.0 bus info: scsi@1:1.4.0 *-disk:13 UNCLAIMED description: SCSI Disk physical id: 1.5.0 bus info: scsi@1:1.5.0 *-disk:14 UNCLAIMED description: SCSI Disk physical id: 1.6.0 bus info: scsi@1:1.6.0 *-disk:15 UNCLAIMED description: SCSI Disk physical id: 1.7.0 bus info: scsi@1:1.7.0 *-disk:16 UNCLAIMED description: SCSI Disk physical id: 1.9.0 bus info: scsi@1:1.9.0 *-disk:17 UNCLAIMED description: SCSI Disk physical id: 1.a.0 bus info: scsi@1:1.10.0 *-disk:18 UNCLAIMED description: SCSI Disk physical id: 1.b.0 bus info: scsi@1:1.11.0 *-disk:19 UNCLAIMED description: SCSI Disk physical id: 1.f.0 bus info: scsi@1:1.15.0
Re: [gentoo-user] sg_map etc
On 02/03/17 18:03, Stefan G. Weichinger wrote: > Am 2017-03-01 um 23:21 schrieb Bill Kenworthy: > >> Is there actually a disk on that interface? - I have a system where one >> sdx allocated to an unused sata port with nothing attached - it returns >> similar information to yours above - check the other entries. > > I checked them, sure. > to me it seems that there are 2 sg-devices created per port or so. > > One as ICP-device: does not tell me serials or so, but has an sd-device > mapped to it according to sg_map > > # smartctl -d auto -i /dev/sg2 > smartctl 6.4 2015-06-04 r4109 [x86_64-linux-3.18.11-gentoo-smp] (local > build) > Copyright (C) 2002-15, Bruce Allen, Christian Franke, www.smartmontools.org > > === START OF INFORMATION SECTION === > Vendor: ICP > Product: SAS1 > Revision: V1.0 > User Capacity:73,284,976,640 bytes [73.2 GB] > Logical block size: 512 bytes > scsiModePageOffset: response length too short, resp_len=4 offset=4 bd_len=0 > scsiModePageOffset: response length too short, resp_len=4 offset=4 bd_len=0 >>> Terminate command early due to bad response to IEC mode page > A mandatory SMART command failed: exiting. To continue, add one or more > '-T permissive' options. > > --- > > and the higher ones tell me stuff via smartctl, but I don't know exactly > which sd-device they are mapped to: > > > # smartctl -d auto -i /dev/sg11 > smartctl 6.4 2015-06-04 r4109 [x86_64-linux-3.18.11-gentoo-smp] (local > build) > Copyright (C) 2002-15, Bruce Allen, Christian Franke, www.smartmontools.org > > === START OF INFORMATION SECTION === > Vendor: SEAGATE > Product: ST373455SS > Revision: 0002 > User Capacity:73,407,868,928 bytes [73.4 GB] > Logical block size: 512 bytes > Rotation Rate:15015 rpm > Logical Unit id: 0x5000c50002448407 > Serial number:3LQ11JWH9748U10J > Device type: disk > Transport protocol: SAS (SPL-3) > Local Time is:Thu Mar 2 11:06:33 2017 CET > SMART support is: Available - device has SMART capability. > SMART support is: Enabled > Temperature Warning: Enabled > > --- > > > btw: the serial in this query is a valid one. > This is what I am looking for. > > try lshw to get that info: *-scsi:0 physical id: 1 logical name: scsi0 capabilities: emulated *-disk description: ATA Disk product: INTEL SSDSC2CW12 physical id: 0.0.0 bus info: scsi@0:0.0.0 logical name: /dev/sda version: 400i serial: CVCV247001A3120BGN size: 111GiB (120GB) capabilities: partitioned partitioned:dos configuration: ansiversion=5 sectorsize=512 signature=11afac57 *-volume:0 description: Linux filesystem partition vendor: Linux physical id: 1 bus info: scsi@0:0.0.0,1 logical name: /dev/sda1 version: 1.0 serial: 8ad3b35a-8ecf-4b8b-8098-c3c9518a3307 size: 128MiB capacity: 128MiB capabilities: primary extended_attributes ext2 initialized configuration: filesystem=ext2 modified=2017-03-02 19:49:54 state=clean *-volume:1 description: Linux swap volume physical id: 2 bus info: scsi@0:0.0.0,2 logical name: /dev/sda2 version: 1 serial: 9d440711-04e3-46f4-9ec5-0495daed6896 size: 23GiB capacity: 23GiB capabilities: primary nofs swap initialized configuration: filesystem=swap pagesize=4096 *-volume:2 description: EXT4 volume vendor: Linux physical id: 3 bus info: scsi@0:0.0.0,3 logical name: /dev/sda3 logical name: / version: 1.0 serial: bc719d32-cecc-47f1-9826-a8b12827ee3b size: 87GiB capacity: 87GiB capabilities: primary journaled extended_attributes large_files huge_files dir_nlink recover extents ext4 ext2 initialized configuration: created=2013-07-02 06:41:32 filesystem=ext4 lastmountpoint=/ modified=2016-12-09 21:09:25 mount.fstype=ext4 mount.options=rw,noatime,discard,data=ordered mounted=2017-02-11 11:17:20 state=mounted
Re: [gentoo-user] Its ground hog day... how to escape the syndrome?
On Thu, 2 Mar 2017 09:44:20 +0200 Alan McKinnon wrote: > On 02/03/2017 06:33, Harry Putnam wrote: > > Setup: VBox vm running gentoo(amd64) guest on a win-10 (64bit) host > > Hardware: HP xw8600 - 2x Xeon CPU X5450 @ 3.00GHz - 32 GB ram > > > > I've seen a few other mentions of the phenomena I'm about to describe. > > It is not clear to me why something like this would happen. Or what is > > to be done to prevent it. > > > > After going thru install and bulding of X based lxde desktop gentoo > > OS, I'm at the stage where I would do another emerge world followed by > > --depclean or something similar. > > > > Decided to take the @world in the two available bites; @system then > > @world > > > > My cmdline was `emerge -vaDt @system' > > Add -u to the options, it activates update behaviour > > Without it, emerge takes you literally at your word and emerges > everything in the system set. Also add -N, otherwise USE flags changes will be ignored if no update or rebuild, and add --with-bdeps y if you don't want to miss updates for packages pulled an build-only deps, so use `-DNuavt --with-bdeps y'. "vt" here is optional and affects only on-screen output. Best regards, Andrew Savchenko pgpyvddSFDcaV.pgp Description: PGP signature
Re: [gentoo-user] sg_map etc
Am 2017-03-01 um 22:42 schrieb Daniel Frey: > I'm not sure how the sg? -> sd? mapping is supposed to work. I find it > odd that there seems to be two nodes reported for each sd? entry. > However, this could be the way the controller driver reports it to the > kernel... > >> 07:01.0 SCSI storage controller: LSI Logic / Symbios Logic 53c1030 >> PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 08) >> 0a:0e.0 RAID bus controller: Adaptec AAC-RAID >> > > Well, if you are using a hw raid card in jbod mode the controller will > generally not report that info. You'd have to install the controller's > cli management tools and use that. You'd have to figure out which > controller your drives are attached to. > > Adaptec uses sys-block/arcconf > LSI uses sys-block/megacli > 3ware uses sys-block/tw_cli yes, thanks. arcconf doesn't do much here ... tried some commands, but the controller doesn't return info. Maybe not the disks itself die but the controller gets flaky ... quite old already and I had issues at warm boot lately that were only solved by removing power completely. See these lines in dmesg: [74403.796012] aacraid: Host adapter abort request (1,0,0,0) [74403.804011] aacraid: Host adapter abort request (1,0,1,0) [74403.804033] aacraid: Host adapter reset request. SCSI hang ? [74403.804040] AAC: Host adapter BLINK LED 0x7 [74403.804056] AAC0: adapter kernel panic'd 7. [74509.788015] aacraid: Host adapter abort request (1,0,0,0) [74511.804015] aacraid: Host adapter abort request (1,0,1,0) [74511.804041] aacraid: Host adapter reset request. SCSI hang ? [74511.804044] AAC: Host adapter BLINK LED 0x7 [74511.804068] AAC0: adapter kernel panic'd 7. And sdi throws errors: [31529.901711] md/raid:md3: read error corrected (8 sectors at 11190152 on sdi1) [31529.901713] md/raid:md3: read error corrected (8 sectors at 11190160 on sdi1) [31529.901715] md/raid:md3: read error corrected (8 sectors at 11190168 on sdi1) [31529.901717] md/raid:md3: read error corrected (8 sectors at 11190176 on sdi1) [31529.901718] md/raid:md3: read error corrected (8 sectors at 11190184 on sdi1) I wonder if one or more disks do any kind of electrical "noise" on the SATA bus and confuse the controller in a way. This is why I would like to remove sdi ... and the reason why I want to spot that specific hdd. Back then I used the trick to stress that specific disk by dd or something (read everything in for example) and let a person spot the disk by looking at the LEDs on the drive cages ;-) Maybe the faster way in this case. > The management tools for the other cards should provide this sort of > functionality. > > If you had used the raid card to create an array the management cli > tools with show that a specific port is dead and you query it for the > serial number. > > This doesn't help you with the sg mapping. The problem for you now will > be figuring out why sg_map is reporting the way it is. The disks were originally configured via StorMan under SLES10 or so, that server was a SLES server back then and I moved it to gentoo later on. I could boot into SLES to have StorMan again, but this leads to the mentioned boot-failure, so I want to avoid that for now. Something is wrong with this box and I have to spot if it's the disk(s) or the controller. All this while I am >600km away from the server. Thanks, Stefan
Re: [gentoo-user] sg_map etc
Am 2017-03-01 um 23:21 schrieb Bill Kenworthy: > Is there actually a disk on that interface? - I have a system where one > sdx allocated to an unused sata port with nothing attached - it returns > similar information to yours above - check the other entries. I checked them, sure. to me it seems that there are 2 sg-devices created per port or so. One as ICP-device: does not tell me serials or so, but has an sd-device mapped to it according to sg_map # smartctl -d auto -i /dev/sg2 smartctl 6.4 2015-06-04 r4109 [x86_64-linux-3.18.11-gentoo-smp] (local build) Copyright (C) 2002-15, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Vendor: ICP Product: SAS1 Revision: V1.0 User Capacity:73,284,976,640 bytes [73.2 GB] Logical block size: 512 bytes scsiModePageOffset: response length too short, resp_len=4 offset=4 bd_len=0 scsiModePageOffset: response length too short, resp_len=4 offset=4 bd_len=0 >> Terminate command early due to bad response to IEC mode page A mandatory SMART command failed: exiting. To continue, add one or more '-T permissive' options. --- and the higher ones tell me stuff via smartctl, but I don't know exactly which sd-device they are mapped to: # smartctl -d auto -i /dev/sg11 smartctl 6.4 2015-06-04 r4109 [x86_64-linux-3.18.11-gentoo-smp] (local build) Copyright (C) 2002-15, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Vendor: SEAGATE Product: ST373455SS Revision: 0002 User Capacity:73,407,868,928 bytes [73.4 GB] Logical block size: 512 bytes Rotation Rate:15015 rpm Logical Unit id: 0x5000c50002448407 Serial number:3LQ11JWH9748U10J Device type: disk Transport protocol: SAS (SPL-3) Local Time is:Thu Mar 2 11:06:33 2017 CET SMART support is: Available - device has SMART capability. SMART support is: Enabled Temperature Warning: Enabled --- btw: the serial in this query is a valid one. This is what I am looking for.
Re: [gentoo-user] lxde no Desktop Preferences can be set
On Thu, 02 Mar 2017 00:27:47 -0500, Harry Putnam wrote: > LXDE on the menu item Preferences ===> Desktop Preferences > Nothing can be set there and it does not even show a dialog > box... just an error messages that says: > > Desktop manager is not active > > All the lxde-base pkgs contained in lxde-meta are installed. > > Openbox wm is installed. > > Anyone know what that error message means or how to get around or fix > it? You're missing an essential package. Install lxde-meta to make sure you get it. Once working, you can remove unnecessary packages later. -- Neil Bothwick Every morning is the dawn of a new error... pgpkfKGSjvfFE.pgp Description: OpenPGP digital signature
Re: [gentoo-user] VIDEO_CARDS= apparently ignored and new pkgs assigned
On Thu, 02 Mar 2017 00:07:50 -0500, Harry Putnam wrote: > Decided to see what `emerge @preserved-rebuild would bring me. > > ran `emerge -va @preserved-rebuild' and I notice that it appears my > setting in /etc/portage/make.conf for VIDEO_CARDS="virtualbox" is > being ignored... the output of above command shows: > > Calculating dependencies... done! > > [ebuild R ] x11-libs/libdrm-2.4.75::gentoo USE="-libkms -static-libs > -valgrind" ABI_X86="(64) -32 (-x32)" VIDEO_CARDS="amdgpu* nouveau* >radeon* (-exynos) (-freedreno) -intel (-omap) (-tegra) (-vc4) > (-vivante) -vmware" 0 KiB Check for typos in make.conf. For example, if you used VIDEO-CARDS it will be ignored. You'll also find the output from emerge easier to parse if you don't use -v all the time, that way you see only more relevant information. -- Neil Bothwick In possession of a mind not merely twisted, but actually sprained. pgp5N47X3fCr0.pgp Description: OpenPGP digital signature
Re: [gentoo-user] SHA-1 has just been broken
On 02/28/2017 12:05 PM, Miroslav Rovis wrote: On 170227-21:59-0500, Rich Freeman wrote: On Mon, Feb 27, 2017 at 8:10 PM, Miroslav Roviswrote: Apologies for my not being able to reply sooner! On 170227-18:18+0300, Andrew Savchenko wrote: And via a new private big business, the Github. Giving over all users to big Github brother. ??? Github is entirely optional and is only for those who want to use it (we have both users and devs willing so), but in no way anyone demands its usage. Yeah! Still, it would be great if git was used in distributed way, and not from a central private business... Git can pretty-much ONLY be used in a distributed way. Correct, in that sense. But I didn't express clearly what I meant. I really meant in this sense (invented quotations in this paragraph): Git was intended for everyone to run their own little git server and pull from each other. Git was NOT invented for centralized commercial social networking clouds such as github! That was from: https://wiki.gentoo.org/wiki/Overlay:Youbroketheinternet In the sync workflow github is basically just a mirror. A lot of our mirrors are run by private businesses, and nobody knows what OS they're even hosted on, let alone whether the firmware and CPU microcode are FOSS along with their hard drive firmware. I understand that. And I support any honess business. What I hate is examples like Google, Oracle, Microsoft, IBM is a little more honest, I think... The few at the control of those ruined so much in computing and the internet. GNU and FOSS, to lesser extent OSi, are good, even beautiful, socially and philosophically. As far as distribution goes I think github is the wrong thing to worry about. What you want is traceable signatures from dev to user. Once you have that you can download from an NSA mirror and there shouldn't be any risk. All a mirror does is replicate data, and if modifications are detectable the worst they can do is a DoS. I see. Most of the concerns that people tend to have with github is that you can become dependent on them for issue and pull request tracking and then if they decide to pull the plug you lose all that data. We try to minimize the use of these features and not make it a core part of the dev workflow. Good practice! But, we do use pull requests and in theory we could lose those someday. The actual code itself gets pushed to the Gentoo infra Repo from a developer's box using plain old git after they've inspected/tested/etc it. So, there isn't really any way for Github to go injecting commits into the repositories we actually use. I guess they could do it for anybody using our github mirrors on the distribution side, but that's only because we don't have that all locked down and the same issue applies with any other mirror (rsync, etc). Again, you really need end-to-end signature checking to make any of these things truly safe. Absolutely! I did figure that out since long! -- Rich And what I've spent some time doing today, is figuring out about the info that I finally got from you people! About time! My rattling was all about whether there was or wasn't a way to do what is still in the title of that mail that I linked to, and gave Message-ID of, to do this: Is it safe to switch from webrsync to the git repo now? And finally Andrew Shavchenko pointed me to gkeys ! Here's the answer to my query (ah, just the beginning of, my implementation of it will take time): emerge -tuDN app-crypt/gkeys app-crypt/gkeys-gen # equery f gkeys-gen ... /usr/share/doc/gkeys-gen-0.2/README.md.bz2 ... ( NOTE: The: /usr/share/doc/gkeys-0.2/README.md.bz2 of the gkeys package is identical. ) # bzcat /usr/share/doc/gkeys-gen-0.2/README.md.bz2 Gentoo Keys --- ### About Gentoo Keys is a Python based project that aims to manage the GPG keys used for validation on users and Gentoo's infrastracutre servers. Gentoo Keys will be able to verify GPG keys used for Gentoo's release media, such as installation CD's, Live DVD's, packages and other GPG signed documents. It will also be used by Gentoo infrastructure to achieve GPG signed git commits in the forthcoming git migration of the main CVS tree. ### License Gentoo Keys is under GPL-2 License # But do I read this correctly?: ...Gentoo Keys will be able to verify GPG keys used for Gentoo's release media, such as installation CD's, Live DVD's, packages and other GPG signed documents. Again, about this (syntactical) object (in the sentence), with other objects removed: ...Gentoo Keys will be able to verify GPG keys used for ... ... packages... Does that mean what I read? That with gkeys any user will be able to get packages via git, and somehow automatically gpg -verify the signature of each package that (s)he got when (s)he, say: emerge -tuDN world ? Does that mean that? And then, to achieve true verifiability in the open (machine connected to online, and doing