Re: [gentoo-user] Re: Latest 4.9 kernels broken?
On Sat, Jun 9, 2018, 07:34 Ian Zimmerman wrote: > On 2018-06-08 22:38, Alexander Kapshuk wrote: > > > On Fri, Jun 8, 2018, 22:30 Ian Zimmerman wrote: > > > > > On 2018-06-08 22:00, Alexander Kapshuk wrote: > > > > > > > What's the output of: > > > > uname -r > > > > strings /path/to/your/module.ko | grep vermagic= > > > > > > Here are the results for 4.9.105 (working): > > > > > > matica!6 ~$ uname -r > > > 4.9.105 > > > matica!7 ~$ strings > > > /lib64/modules/4.9.105/kernel/drivers/video/console/fbcon.ko | > > > fgrep -e 'vermagic=' > > > vermagic=4.9.105 SMP > > > > > > Let me know if you need to see the ones for the broken kernel ... > > > > > > > Yes, we want to make sure the vermagic of the modules you're trying to > load > > matches the output of uname -r of the running kernel. > > Ok, here: > > Script started on 2018-06-08 21:11:04-0700 > matica!501 ~# ls -l > /lib64/modules/4.9.107/kernel/drivers/video/console/fbcon.ko > -rw-r--r-- 1 root root 54280 Jun 8 20:57 > /lib64/modules/4.9.107/kernel/drivers/video/console/fbcon.ko > matica!502 ~# uname -r > 4.9.107 > matica!503 ~# strings > /lib64/modules/4.9.107/kernel/drivers/video/console/fbcon > .ko | fgrep -e 'vermagic=' > vermagic=4.9.107 SMP > matica!504 ~# modprobe fbcon > modprobe: ERROR: could not insert 'fbcon': Exec format error > matica!505 ~# exit > > Script done on 2018-06-08 21:14:46-0700 > > Sorry to ruin the low-hanging hypothesis :-P > > Did dmesg have anything useful to say other than exec format error? Have you tried insmod'ing the modules instead of modprobe'ing them? > > -- > Please don't Cc: me privately on mailing lists and Usenet, > if you also post the followup to the list or newsgroup. > To reply privately _only_ on Usenet and on broken lists > which rewrite From, fetch the TXT record for no-use.mooo.com. > >
[gentoo-user] NFS and user IDs
Is there _any_ way around the need to keep the user IDs matched on NFS clients and servers? Or, is there any other remote filesystem (other than the one originally made by Microsoft) that avoids that chore? This is the main reason I have mostly stayed away from NFS all these years. Recently sshfs has been a good enough substitute, but now it's proving not reliable enough for long term connections. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
[gentoo-user] Re: Latest 4.9 kernels broken?
On 2018-06-08 22:38, Alexander Kapshuk wrote: > On Fri, Jun 8, 2018, 22:30 Ian Zimmerman wrote: > > > On 2018-06-08 22:00, Alexander Kapshuk wrote: > > > > > What's the output of: > > > uname -r > > > strings /path/to/your/module.ko | grep vermagic= > > > > Here are the results for 4.9.105 (working): > > > > matica!6 ~$ uname -r > > 4.9.105 > > matica!7 ~$ strings > > /lib64/modules/4.9.105/kernel/drivers/video/console/fbcon.ko | > > fgrep -e 'vermagic=' > > vermagic=4.9.105 SMP > > > > Let me know if you need to see the ones for the broken kernel ... > > > > Yes, we want to make sure the vermagic of the modules you're trying to load > matches the output of uname -r of the running kernel. Ok, here: Script started on 2018-06-08 21:11:04-0700 matica!501 ~# ls -l /lib64/modules/4.9.107/kernel/drivers/video/console/fbcon.ko -rw-r--r-- 1 root root 54280 Jun 8 20:57 /lib64/modules/4.9.107/kernel/drivers/video/console/fbcon.ko matica!502 ~# uname -r 4.9.107 matica!503 ~# strings /lib64/modules/4.9.107/kernel/drivers/video/console/fbcon .ko | fgrep -e 'vermagic=' vermagic=4.9.107 SMP matica!504 ~# modprobe fbcon modprobe: ERROR: could not insert 'fbcon': Exec format error matica!505 ~# exit Script done on 2018-06-08 21:14:46-0700 Sorry to ruin the low-hanging hypothesis :-P -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
[gentoo-user] Conkyrc and the troubles I have with it...
Hi, recently my conky stopped working due to a format change of the config file of conky. Unfortunately the provided convert scritp does not work at all: /usr/bin/lua: /tmp/convert.lua:139: attempt to index local 'settings' (a nil value) stack traceback: /tmp/convert.lua:139: in main chunk [C]: ? [1]7116 exit 1 /tmp/convert.lua .conkyrcA39-2 The provided informations here: https://github.com/brndnmtthws/conky/wiki/Convert-to-new-1.10-syntax are sparse...the page says "This page is very minimal and incomplete, if you feel like expanding this page please do!" at its to. The provided link: http://wiki.conky.be/index.php?title=conky2rc_format results in a page saying: Diese Domain kaufen. conky.be 2018 Copyright. All Rights Reserved. Die hier angezeigten Sponsored Listings werden von dritter Seite automatisch generiert und stehen weder mit dem Domaininhaber noch mit dem Dienstanbieter in irgendeiner Beziehung. Sollten markenrechtliche Probleme auftreten, wenden Sie sich bitte direkt an den Domaininhaber, welcher aus dem Whois ersichtlich wird. which is something like "The domain is free...buy it, if you want. Where can I find a sufficient explanation and a description of the new syntax ... I dont know lua enough to have a successful gues work here... Cheers! Meino
Re: [gentoo-user] Enable "regular" network traffic when using VPN
On 06/08/2018 06:20 PM, Hilco Wijbenga wrote: What would be the "correct" output for "ip route"? It's difficult to say. I'd look up some of the *.i.company.com names and see what IP addresses they resolve to. I'd then reconfigure the VPN with "Use only for resources on this connection." and then do something like this: ip route add 172.16.0.0/24 dev tun0 Adjust 172.16.0.0 and /24 as appropriate for your company. I'm not completely sure about the "dev" syntax as it's been a while since I've done routes via devices. Check IP's man page. The ides is that you want just the IP address space that your company uses to be routed through the VPN and everything else to go out your default gateway (192.168.151.1). -- Grant. . . . unix || die
Re: [gentoo-user] Enable "regular" network traffic when using VPN
On Fri, Jun 8, 2018 at 4:34 PM Mick wrote:
>
> On Friday, 8 June 2018 23:21:52 BST Grant Taylor wrote:
> > On 06/08/2018 03:31 PM, Hilco Wijbenga wrote:
> > > Sigh, I take it back. That causes the internal sites to no longer work.
> >
> > Okay.
> >
> > So you're on the proper track.
> >
> > I'm guessing the work network isn't a simple single prefix. Or at least
> > the VPN client doesn't route enough through the VPN.
> >
> > Check your routing table with the VPN connected. Is enough being routed
> > through? Do you need to add additional prefixes?
> >
> > If DNS is working properly for internal resources, make sure that what
> > they resolve to is routed through the VPN.
>
> I don't know what networkmanager offers in terms of VPN settings, but as Grant
> says you need to set split routing. As it currently is, everything is sent
> out through the tunnel and your work's router is not set up to route out to
> the Internet your VPN connection.
>
> If networkmanager does not get you what you want, you can do this with 'ip
> route'. Delete the default route, then set again the default route via the
> your local gateway:
>
> # ip route del default via 192.168.1.254 dev wlan0
> # ip route add default via 192.168.1.254 dev wlan0
>
> then create an additional route for the remote subnet if it's not there:
>
> # ip route add 10.10.20.0/24 via 172.16.1.1 dev wlan0
>
> Where 10.10.20.0/24 is your work's subnet and 172.16.1.1 is the local VPN IP
> address for your PC. Something along these lines ought to work.
I fooled around with "ip" but while removing ("del default") was easy,
"add default" did not seem to do anything.
Let me give some more information, perhaps that will help.
Setup without VPN
$ ip route
default via 192.168.151.1 dev eth0 proto static metric 100
127.0.0.0/8 via 127.0.0.1 dev lo
192.168.151.0/24 dev eth0 proto kernel scope link src 192.168.151.103 metric 100
(192.168.151.1 is my own gateway, an old computer functioning as router)
Setup with VPN (Gateway: vpn.company.com; Other DNS Servers:
dns1,dns2; Search Domains:
r1.i.company.com,r2.i.company.com,r3.i.company.com,r4.i.company.com,r5.i.company.com,r6.i.company.com,r7.i.company.com,r8.i.company.com,i.company.com,config)
$ ip route
default via 192.168.151.1 dev eth0 proto static metric 100
$SOME_COMPANY_IP_1 dev tun0 proto kernel scope link src
$SOME_COMPANY_IP_1 metric 50
127.0.0.0/8 via 127.0.0.1 dev lo
192.168.151.0/24 dev eth0 proto kernel scope link src 192.168.151.103 metric 100
192.168.151.1 dev eth0 proto static scope link metric 100
$VPN_GATEWAY via 192.168.151.1 dev eth0 proto static metric 100
(where $SOME_COMPANY_IP is the IP of some internal server, and
$VPN_GATEWAY is the IP of vpn.company.com).
==> This does _not_ allow me to access (e.g.) *.i.company.com but
everything else works fine.
Same setup but without "Use only for resources on this connection":
$ ip route
default dev tun0 proto static scope link metric 50
default via 192.168.151.1 dev eth0 proto static metric 100
$SOME_COMPANY_IP_2 dev tun0 proto kernel scope link src
$SOME_COMPANY_IP_2 metric 50
127.0.0.0/8 via 127.0.0.1 dev lo
192.168.151.0/24 dev eth0 proto kernel scope link src 192.168.151.103 metric 100
192.168.151.1 dev eth0 proto static scope link metric 100
$VPN_GATEWAY via 192.168.151.1 dev eth0 proto static metric 100
(note that $SOME_COMPANY_IP_1 and $SOME_COMPANY_IP_2 differ only in
the last digit; this seems to go up by one every time I connect to
VPN, so probably irrelevant)
==> This allows me to access *.i.company.com but breaks everything else.
What would be the "correct" output for "ip route"?
Re: [gentoo-user] Enable "regular" network traffic when using VPN
On Friday, 8 June 2018 23:21:52 BST Grant Taylor wrote: > On 06/08/2018 03:31 PM, Hilco Wijbenga wrote: > > Sigh, I take it back. That causes the internal sites to no longer work. > > Okay. > > So you're on the proper track. > > I'm guessing the work network isn't a simple single prefix. Or at least > the VPN client doesn't route enough through the VPN. > > Check your routing table with the VPN connected. Is enough being routed > through? Do you need to add additional prefixes? > > If DNS is working properly for internal resources, make sure that what > they resolve to is routed through the VPN. I don't know what networkmanager offers in terms of VPN settings, but as Grant says you need to set split routing. As it currently is, everything is sent out through the tunnel and your work's router is not set up to route out to the Internet your VPN connection. If networkmanager does not get you what you want, you can do this with 'ip route'. Delete the default route, then set again the default route via the your local gateway: # ip route del default via 192.168.1.254 dev wlan0 # ip route add default via 192.168.1.254 dev wlan0 then create an additional route for the remote subnet if it's not there: # ip route add 10.10.20.0/24 via 172.16.1.1 dev wlan0 Where 10.10.20.0/24 is your work's subnet and 172.16.1.1 is the local VPN IP address for your PC. Something along these lines ought to work. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Enable "regular" network traffic when using VPN
On 06/08/2018 03:31 PM, Hilco Wijbenga wrote: Sigh, I take it back. That causes the internal sites to no longer work. Okay. So you're on the proper track. I'm guessing the work network isn't a simple single prefix. Or at least the VPN client doesn't route enough through the VPN. Check your routing table with the VPN connected. Is enough being routed through? Do you need to add additional prefixes? If DNS is working properly for internal resources, make sure that what they resolve to is routed through the VPN. -- Grant. . . . unix || die
Re: [gentoo-user] Enable "regular" network traffic when using VPN
On Fri, Jun 8, 2018 at 2:19 PM Hilco Wijbenga wrote: > > On Fri, Jun 8, 2018 at 1:59 PM Grant Taylor > wrote: > > > Any ideas? > > > > My bet is routing. Specifically the default gateway probably gets > > changed to route through the VPN when connected. > > > > You may want to reconfigure the VPN client to only route work prefixes > > through the VPN and let everything else go through your local default > > gateway. > > > > Note: What I'm suggesting is typically called "Split Horizon" routing / > > VPN. > > Yup, "Use only for resources on this connection" seems to have done > the trick. Thanks! Sigh, I take it back. That causes the internal sites to no longer work.
Re: [gentoo-user] Enable "regular" network traffic when using VPN
On Fri, Jun 8, 2018 at 1:59 PM Grant Taylor wrote: > > Any ideas? > > My bet is routing. Specifically the default gateway probably gets > changed to route through the VPN when connected. > > You may want to reconfigure the VPN client to only route work prefixes > through the VPN and let everything else go through your local default > gateway. > > Note: What I'm suggesting is typically called "Split Horizon" routing / > VPN. Yup, "Use only for resources on this connection" seems to have done the trick. Thanks!
Re: [gentoo-user] Enable "regular" network traffic when using VPN
On 06/08/2018 01:42 PM, Hilco Wijbenga wrote: Hi all, Hi Hilco, I am logging all DNS requests and I can see that dnsmasq is responding correctly (and, in fact, identically) to, say, google.com with or without VPN. But the browser just hangs. Until I disconnect VPN, then everything works again. So it seems that I'm close but something is still missing. Any ideas? My bet is routing. Specifically the default gateway probably gets changed to route through the VPN when connected. You may want to reconfigure the VPN client to only route work prefixes through the VPN and let everything else go through your local default gateway. Note: What I'm suggesting is typically called "Split Horizon" routing / VPN. -- Grant. . . . unix || die
[gentoo-user] The TALOS 2 Lite is now for sale - a very affordable OpenPOWER9 owner controlled workstation with open source firmware/hw init and documentation
In case anyone is interested I thought I would share. https://www.phoronix.com/scan.php?page=news_item&px=Raptor-Talos-2-Lite https://raptorcs.com/TALOSIILITE/ They're really making strides for making high performance owner controlled, open source firmware systems very affordable - now they are much less than a proprietary single socket x86 system of equivilant performance. The regular dual socket TALOS 2 is already a good price for server hardware in its class but this is even better for those who don't need dual socket or many PCI-e slots (although you can always use a PCI-e PLX switch based expansion system if you later want more) I find it simply incredible that a brand new open source firmware OpenPOWER9 system now costs less than the last and best open source firmware owner controlled x86 motherboards (KCMA-D8 and KGPE-D16) where even buying used CPU's you would be spending more money than this to get worse performance.
[gentoo-user] Enable "regular" network traffic when using VPN
Hi all, I'm working from home today. :-) (*) To access parts of my employer's infrastructure, I need to use VPN. So I installed NetworkManager, and vpnc, and dnsmasq and configured it all. I can now VPN in successfully and I can see the internal sites. Unfortunately, while VPN is active, "regular" (i.e. non-internal) network traffic fails. I am logging all DNS requests and I can see that dnsmasq is responding correctly (and, in fact, identically) to, say, google.com with or without VPN. But the browser just hangs. Until I disconnect VPN, then everything works again. So it seems that I'm close but something is still missing. Any ideas? Cheers, Hilco (*) Actually, I'm _not_ working since I'm experiencing this little hiccup. ;-)
Re: [gentoo-user] Re: Latest 4.9 kernels broken?
On Fri, Jun 8, 2018, 22:30 Ian Zimmerman wrote: > On 2018-06-08 22:00, Alexander Kapshuk wrote: > > > What's the output of: > > uname -r > > strings /path/to/your/module.ko | grep vermagic= > > Here are the results for 4.9.105 (working): > > matica!6 ~$ uname -r > 4.9.105 > matica!7 ~$ strings > /lib64/modules/4.9.105/kernel/drivers/video/console/fbcon.ko | > fgrep -e 'vermagic=' > vermagic=4.9.105 SMP > > Let me know if you need to see the ones for the broken kernel ... > Yes, we want to make sure the vermagic of the modules you're trying to load matches the output of uname -r of the running kernel. > -- > Please don't Cc: me privately on mailing lists and Usenet, > if you also post the followup to the list or newsgroup. > To reply privately _only_ on Usenet and on broken lists > which rewrite From, fetch the TXT record for no-use.mooo.com. > >
[gentoo-user] Re: Latest 4.9 kernels broken?
On 2018-06-08 22:00, Alexander Kapshuk wrote: > What's the output of: > uname -r > strings /path/to/your/module.ko | grep vermagic= Here are the results for 4.9.105 (working): matica!6 ~$ uname -r 4.9.105 matica!7 ~$ strings /lib64/modules/4.9.105/kernel/drivers/video/console/fbcon.ko | fgrep -e 'vermagic=' vermagic=4.9.105 SMP Let me know if you need to see the ones for the broken kernel ... -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
Re: [gentoo-user] Re: Latest 4.9 kernels broken?
Hmm i had mentioned this to #gentoo-hardened, but it's good to know it's broken in the non hardened kernel too, i am used to waiting for those packages to update i guess. On Fri, Jun 8, 2018 at 3:00 PM, Alexander Kapshuk < alexander.kaps...@gmail.com> wrote: > On Fri, Jun 8, 2018 at 7:37 PM Ian Zimmerman wrote: > > > > On 2018-06-08 09:22, Alexander Kapshuk wrote: > > > > > > matica!501 ~# modprobe fbcon > > > > modprobe: ERROR: could not insert 'fbcon': Exec format error > > > > > Could this be a multilib issue? Does you kernel have > > > CONFIG_IA32_EMULATION enabled? > > > See https://forums.gentoo.org/viewtopic-p-7647744.html. > > > > CONFIG_IA32_EMULATION is definitely set in the _current_ working kernel > > (ie. 4.9.105), and I use the working config-* file as the start for the > > new one (with make oldconfig), so unless there was a radical change in > > the kernel build, this doesn't look like a possible cause. > > > > -- > > Please don't Cc: me privately on mailing lists and Usenet, > > if you also post the followup to the list or newsgroup. > > To reply privately _only_ on Usenet and on broken lists > > which rewrite From, fetch the TXT record for no-use.mooo.com. > > > > What's the output of: > uname -r > strings /path/to/your/module.ko | grep vermagic= > >
Re: [gentoo-user] Re: Latest 4.9 kernels broken?
On Fri, Jun 8, 2018 at 7:37 PM Ian Zimmerman wrote: > > On 2018-06-08 09:22, Alexander Kapshuk wrote: > > > > matica!501 ~# modprobe fbcon > > > modprobe: ERROR: could not insert 'fbcon': Exec format error > > > Could this be a multilib issue? Does you kernel have > > CONFIG_IA32_EMULATION enabled? > > See https://forums.gentoo.org/viewtopic-p-7647744.html. > > CONFIG_IA32_EMULATION is definitely set in the _current_ working kernel > (ie. 4.9.105), and I use the working config-* file as the start for the > new one (with make oldconfig), so unless there was a radical change in > the kernel build, this doesn't look like a possible cause. > > -- > Please don't Cc: me privately on mailing lists and Usenet, > if you also post the followup to the list or newsgroup. > To reply privately _only_ on Usenet and on broken lists > which rewrite From, fetch the TXT record for no-use.mooo.com. > What's the output of: uname -r strings /path/to/your/module.ko | grep vermagic=
[gentoo-user] Re: Latest 4.9 kernels broken?
On 2018-06-08 09:22, Alexander Kapshuk wrote: > > matica!501 ~# modprobe fbcon > > modprobe: ERROR: could not insert 'fbcon': Exec format error > Could this be a multilib issue? Does you kernel have > CONFIG_IA32_EMULATION enabled? > See https://forums.gentoo.org/viewtopic-p-7647744.html. CONFIG_IA32_EMULATION is definitely set in the _current_ working kernel (ie. 4.9.105), and I use the working config-* file as the start for the new one (with make oldconfig), so unless there was a radical change in the kernel build, this doesn't look like a possible cause. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
