Re:emerge [gentoo-user] logging output
Use less, emerge --ask --update --deep --newuse @world | less Or screen, screen emerge --ask --update --deep --newuse @world # then Ctrl+A Esc to go into copy mode which can be navigated with up and down arrow keys Or output to file, emerge --update --deep --newuse @world > emerge.log # then you can open it in a text editor and search around. # I took out the `--ask` so that it wouldn't prompt before starting On May 22, 2018 12:48:57 PM UTC, mad.scientist.at.la...@tutanota.com wrote: >when i type, for example "emerge --ask --update --deep --newuse >@world", how do i capture the output to a file and see it on the >display? It doesn't all fit in the konsole buffer (or should i bump it >way up?) I ask because it apparently failed to install selinux but i >couldn't reread it to see exactly what the issue might be. > >mad.scientist.at.large (a good madscientist) >--
Re: [gentoo-user] mutt, with USE="gpg", can't open a signed message
I recently had some troubles with mutt and gpg. I eventually switched to neomutt with gpgme. On April 20, 2018 6:18:57 PM UTC, Walter Dnes wrote: >mutt couldn't handle the message from Klaus Ethgen, listed in menu >as... > >Apr 19 Klaus Ethgen (1.5K) [gentoo-user] emerge colors and light >background > > Trying to open it gave following message in status line at bottom... > >Could not copy message > > Google searching found other people with the same problem, only with >signed messages. There was speculation about mutt and gpg not working >together well, but no solutions specified. I came up with a rather >heavy-handed solution. > > I originally had the "gpg" USE flag enabled for mail-client/mutt in >package.use. Setting "-gpg" for mutt, and rebuilding "solves the >problem", at the cost of removing gpg functionality. Just a heads up >in >case anybody else runs into the same problem. > >-- >Walter Dnes >I don't run "desktop environments"; I run useful applications
[gentoo-user] Enable SSH Logging with Sysklogd
Hello, I have sshd running and I have sysklogd installed, but I do not see any logs for attempted or successful connections. Here is my /etc/ssh/sshd_config, LoginGraceTime 2m PermitRootLogin no StrictModes yes MaxAuthTries 3 MaxSessions 2 PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no PrintMotd no PrintLastLog no Subsystem sftp/usr/lib64/misc/sftp-server AcceptEnv LANG LC_* That's the whole thing. Thanks, -- [image: Visit online journal] <https://lramage94.github.io> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] NeoMutt and GnuPG
Oh excellent! I will drop those in my dotfiles. I am going to try and write some of this down in the Gentoo Wiki since there isn't really that much on the existing page. https://wiki.gentoo.org/wiki/Mutt There isn't even a page for NeoMutt.
Re: [gentoo-user] NeoMutt and GnuPG
Hello again, I feel really stupid. So I had set imap_user/pass, but not smtp_url so I was receiving emails fine, but then instead of sending them, it was just encrypting them and saving them via `set record = "+[Gmail]/Sent Mail"`. ** face palm ** Thanks for your help!
[gentoo-user] NeoMutt and GnuPG
Hello, I know I have posted about this once before, but basically, even though I can receive and decrypt messages in neomutt, I am not able to send encrypted emails. Here is my muttrc on github: https://github.com/lramage94/dotfiles/blob/master/.mutt/muttrc When I receive an encrypted message, it is all inline: -BEGIN PGP MESSAGE- ASDKNALSKFASF!#@$!@ # <-- All that good encrypted stuff. -END PGP MESSAGE- When I send an encrypted message I see two files: - noname (1kb) - msg.asc (10kb) # <-- this one changes size depending on my message. Thanks, -- [image: Visit online journal] <https://lramage94.github.io> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] dhcpcd: disable zerconf
Is your scenario related to running Gentoo on a workstation? I am using gentoo as a hypervisor for lxc and my veth interface for my guest is getting assigned a 169.254.x.x address (host side). I can't see it from inside the guest, but it's screwing with my routing tables. On Mon, Jan 22, 2018 at 3:10 PM, wrote: > that works. myself, i like to totally misconfigure it and then change > access to read only even for root, usually takes care of updates starting > it. i've also sabotaged one of there scripts so it just always returns a > 1, i.e. error, also locked down afterwards. the zero config stuff is > tricky sometimes with updates and installs. I also block router solicit > and router advertising in the firewall. I've been owned before, can't be > too careful (pretty obvious when the system monitor won't launch, kinda > pathetic when they knock out the sysmon for gnome but leave the one for kde > working, glad i had both). > > mad.scientist.at.large (a good madscientist) > -- > God bless the rich, the greedy and the corrupt politicians they have put > into office. God bless them for helping me do the right thing by giving > the rich my little pile of cash. After all, the rich know what to do with > money. > > > 22. Jan 2018 11:14 by gentoo-u...@c-14.de: > > > Holle, > On 18-01-22 at 12:49, Lucas Ramage wrote: > > Hello, > > How does one disable zerconf for dhcpcd or at all in Gentoo for that > matter? > > Do you mean ipv4ll? Add noipv4ll to /etc/dhcpcd.conf . > > -- > Simon Thelen > > -- [image: Visit online journal] <https://lramage94.github.io> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] dhcpcd: disable zerconf
Ah yes! Thank you! On Mon, Jan 22, 2018 at 1:14 PM, Simon Thelen wrote: > Holle, > On 18-01-22 at 12:49, Lucas Ramage wrote: > > Hello, > > > > How does one disable zerconf for dhcpcd or at all in Gentoo for that > matter? > Do you mean ipv4ll? Add noipv4ll to /etc/dhcpcd.conf . > > -- > Simon Thelen > > -- [image: Visit online journal] <https://lramage94.github.io> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
[gentoo-user] dhcpcd: disable zerconf
Hello, How does one disable zerconf for dhcpcd or at all in Gentoo for that matter? Search results gave me this little snippet but it doesn't apply to Gentoo. [HowTo Disable the “ZEROCONF” in Linux](http://blog.omotech.com/?p=1005) [bash] # vi /etc/sysconfig/network NOZEROCONF=yes # or no (either answer will disable the “ZEROCONF route”) And here again it's the same thing (Fedora). [Disable the zeroconf route]( https://linuxstgo.wordpress.com/fedora-16/disable-the-zeroconf-route/) Thanks, -- [image: Visit online journal] <https://lramage94.github.io> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] Where can I find "recent" qemu out-of-tree ebuild
Have you tried bumping the ebuild down from 2.9.0-r56 and seeing if it builds? https://wiki.qemu.org/ChangeLog/2.9 Nothing looks to strange upstream, maybe that's just when the maintainer bumped the package? On Wed, Oct 25, 2017 at 9:24 PM, Walter Dnes wrote: > I keep an OS/2 VM around to play Galactic Civilizations. The last > couple of "upgrades" to qemu have totally buggered-up things for me. > The OS/2 VM doesn't boot up. And the install disks don't boot either so > I can't re-install from scratch. The only in-tree versions versions of > qemu are 2.9.0-r56 and 2.10.0. A Google search leads me to > https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/ > app-emulation/qemu/?hideattic=1 > whch ends at v2.3.0-r5 with last log entry 2 years ago. I'm looking for > 2.9.0 (before -r56). What's with the big gap, and where can I find more > recent out-of-tree ebuilds? > > -- > Walter Dnes > I don't run "desktop environments"; I run useful applications > > -- Regards, [image: Visit online journal] <https://lramage94.github.io/> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io/> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] Key reinstallation attack on WPA2 - new vulnerability discovered
LEDE has already patched this issue. That's what I run on my router. But android? I doubt my phone would be getting an update if I wasn't running lineageos. On Thu, Oct 19, 2017 at 3:30 PM, Daniel Frey wrote: > On 10/19/2017 11:35 AM, Mick wrote: > >> In case you are not aware of this vulnerability: >> >> https://www.krackattacks.com/ >> >> https://bugs.gentoo.org/634440 >> >> > I read this the other day. It seems that pretty much all devices are > affected by this. I'm curious to know how many Android handsets will > actually get fixed. > > Apparently if one of the client or AP is patched it is better but not > completely fixed. So now I wonder of all those old home routers that > probably haven't had a firmware update ever. > > Then what about all the crappy IoT devices which rarely update? Ugh. > > This is really nasty. > > Looks like Google is working on it, so is Apple, Microsoft, and a bunch of > other vendors. > > There looks to be a patch for my UBNT AP already. I read yesterday > Microsoft is advising people to update Windows to get the fix. > > Ugh, I can hear people asking me questions about this already. > > Having a CVE on pretty much every wifi device in existence... Wow. > > Dan > > -- Regards, [image: Visit online journal] <https://lramage94.github.io/> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io/> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] Re: Mutt not displaying encrypted attachments
Oh that's odd. I wonder if it's an issue with gpg? On Thu, Oct 19, 2017 at 2:45 PM, Mick wrote: > On Thursday, 19 October 2017 19:21:43 BST Lucas Ramage wrote: > > I just used 'set crypt_use_gpgme' > > Interesting! I better look into my set up then when I get some time to > discover what's wrong, because I need the full configuration as posted in > order for it to work. :-/ > > -- > Regards, > Mick -- Regards, [image: Visit online journal] <https://lramage94.github.io/> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io/> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] Re: Mutt not displaying encrypted attachments
I just used 'set crypt_use_gpgme' On Thu, Oct 19, 2017 at 2:17 PM, Mick wrote: > On Thursday, 19 October 2017 14:51:00 BST Lucas Ramage wrote: > > That worked!!! Thanks a ton!! > > Cool, but which suggestion worked? > > Setting a single entry of: > > set crypt_use_gpgme > > > or the full settings I use on my configuration? > > > -- > Regards, > Mick -- Regards, [image: Visit online journal] <https://lramage94.github.io/> *Lucas Ramage* / Software Engineer ramage.lu...@openmailbox.org / (941) 404-6794 *PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/> EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7 <https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7> *Visit online journal* http://lramage94.github.io <https://lramage94.github.io/> [image: Github] <https://github.com/lramage94>[image: Linkedin] <https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] Re: Mutt not displaying encrypted attachments
That worked!!! Thanks a ton!! On Oct 17, 2017 1:00 PM, Mick wrote: > > On Tuesday, 17 October 2017 17:13:19 BST Ian Zimmerman wrote: > > On 2017-10-17 11:49, Mick wrote: > > > Lucas may want to try these settings which seem to work here, but I am > > > > > no mutt guru to know if they are optimal: > > I'm now a neomutt user and this may make a difference, but ... > > I've only used mutt sparingly, so I wouldn't count myself as advanced in > mutt- > fu. > > > > > set crypt_use_gpgme > > > > This should make all the rest redundant at best, and conflicting at worst. > > Not here. If I comment out what follows in my previously posted > configuration, then mutt fails to decrypt, or display, or sign. > > -- > Regards, > Mick
[gentoo-user] Mutt not displaying encrypted attachments
Hello all,
I have been having an issue with mutt not displaying encrypted attachments.
My configs are on github,
https://github.com/lramage94/dotfiles/{.mutt,.gnupg}
--
Regards,
[image: Visit online journal] <https://lramage94.github.io/>
*Lucas Ramage* / Software Engineer
ramage.lu...@openmailbox.org / (941) 404-6794
*PGP Fingerprint* / Learn More <https://emailselfdefense.fsf.org/en/>
EAE7 45DF 818D 4948 DDA7 0F44 F52A 5A96 7B9B 6FB7
<https://pgp.mit.edu/pks/lookup?op=get&search=0xF52A5A967B9B6FB7>
*Visit online journal*
http://lramage94.github.io <https://lramage94.github.io/>
[image: Github] <https://github.com/lramage94>[image: Linkedin]
<https://www.linkedin.com/in/lramage94>
Re: [gentoo-user] [OT] Block multiple IP addresses; iptables or route...reject?
> The best tool for this is the pf packet filter, but it runs on FreeBSD. It's too bad this still isn't around.. https://wiki.gentoo.org/wiki/Gentoo_FreeBSD On Wed, Oct 4, 2017 at 11:21 AM, Alan McKinnon wrote: > On 04/10/2017 07:28, Walter Dnes wrote: > > I have some doubts about massive "hosts" files for adblocking. I > > downloaded one that listed 13,148 sites. I fed them through a script > > that called "host" for each entry, and saved the output to a text file. > > The result was 1,059 addresses. Note that some adservers have multiple > > IP address entries for the same name. A back-of-the-envelope analysis > > is that close to 95% of the entries in the large host file are invalid, > > amd return "not found: 3(NXDOMAIN)". > > > > I'm not here to trash the people compiling the lists; the problem is > > that hosts files are the wrong tool for the job. Advertisers know about > > hosts files and deliberately generate random subdomain names with short > > lifetimes to invalidate the hosts files. Every week the sites are > > probably mostly renamed. Further analysis of the 1,059 addresses show > > 810 unique entries, i.e. 249 duplicates. It gets even better. 44 > > addresses show up in 52.84.146.xxx; I should probably block the entire > > /24 with one entry. There are multiple similar occurences, which could > > be aggregated into small CIDRs. So the number of blocking rules is > > greatly reduced. > > > > I'm not a deep networking expert. My question is whether I'm better > > off adding iptables reject/drop rules or "reject routes", e.g... > > > > route add -net 10.0.0.0 netmask 255.0.0.0 metric 1024 reject > > > > (an example from the "route" man page). iptables rules have to be > > duplicated coming and going to catch inbound and outbound traffic. A > > reject route only needs to be entered once. This excercise is intended > > to block web adservers, so another question is how web browsers react to > > route versus iptables blocking. > > > > While I'm at it (I did say I'm not an expert) is there another way to > > handle this? E.g. redirect "blocked CIDRs" via iptables or route to a > > local pixel image? Will that produce an immediate response by the web > > browser, versus timing out with "regular blocking"? > > > > > This is a complex problem with no cut-and-dried solution. It's real life > and as you know real life is murky. > > Let's define the real problem you are wanting to solve: there's a bunch > of ad servers out there, and you want them to disappear. Or more > accurately, you want their traffic to disappear from *your* wires. > > There are really 3 approaches as you know: > redefine the hostname to be a blackhole (e.g. 127.0.0.1) > find the addresses or subnets and drop/reject the packets with iptables > find the subnets (sometimes the individual hosts) and route them into a > blackhole > > Each has their strengths and weaknesses. > packet filters work best at the TCP/UDP/ICMP layer where you have an > addresses and often a port. > routing works best at the IP layer where you have whole chunks of > subnets and tell the router what to do with all traffic from that entire > subnet > host files work best at the name layer where you have dns names > > Your problem seems to slot in somewhere between a firewall and a routing > solution, explaining why you can't decide. Host files for this sucks > major big eggs as you know, people still use it as it seems legit (but > isn't) and they understand it whereas they don't understand the other 2. > > Ad providers are well aware of this. I was surprised to see > 52.84.146.0/24 show up in your mail, as that is Amazon's AWS range. Yes, > you could null-route that subnet, but it's Amazon and maybe there's > hosts in there that you DO want to use. > > I'd suggest you use a packet filter, but not on Linux and certainly not > iptables. That thing is a god-awful mess looking like it was built by > unsupervised schoolkids masquerading as internes. The best tool for this > is the pf packet filter, but it runs on FreeBSD. Get yourself a spare > machine, load pfsense on it (it's an appliance like wrt) and drop the > traffic from all offensive addresses. Drop, not reject. > > You could in theory do the same thing with iptables, but the ruleset > will quickly drive you nuts. Perhaps the ipset plugin would help, I've > been meaning to check it out for ages and never got around to it. > > > -- > Alan McKinnon > alan.
