Re: [gentoo-user] OpenVPN and DHCP
Hi, Patrick Holthaus schrieb: Hello everybody! Maybe this is a bit Off-Topic here, but maybe some of you like to help me anyway. I am trying to build a VPN network where the clients get their IP adresses from a local DHCP server (because it should notify the nameserver of the clients). The VPN should have its own adress pool 10.8.0.* while the unsecured clients in the server's LAN should get an 192.168.1.* adress. I got the VPN working but the clients do appearently not get their IP from the DHCP server but some random IP from the OpenVPN server. (The DHCP server only assignes 10.8.0.100-200 adresses but the clients get .8 or .10 for example) Now my questions are: Do I need bridging for making the DHCP server work in the VPN? Yes. DHCP is an ethernet protocol. DHCP over IP wouldn't make much sense, would it? To use your existing DHCP Server you need OSI Layer 2 VPN connections (TAP devices). How should the configuration files look like? Uhm, in your testing files, you try to configure IP's on a tap device? I think you mix the concepts up here. If you have a tap tunnel, your client sends ethernet frames to the server, who, when properly bridged, sends them to a local LAN, and vice versa. No IP involved on that level, you could use IPX or SCTP if you wanted. The only IP you mention in the config file is that of the server. But then a client could connect and use any IP you ask? Well, yes, as in any LAN. You can use iptables on the bridge to filter spoofed packets out, though. It's more easy and faster to stick with Layer3 vpn, though. Regards and HTH, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Spamassassin 3.1.8: sa-update
Dan Farrell schrieb: On Fri, 09 Mar 2007 09:35:27 + "Steve [Gentoo]" <[EMAIL PROTECTED]> wrote: I've used portage to upgrade from Spamassassin 3.1.4 to 3.1.8, and I'm surprised to find that sa-update now doesn't work for me. [snip] Is there some "obvious" bit of configuration I'm overlooking? perl-cleaner? I don't use sa-update myself but spamassassin-ruledujour _may_ have replaced it's functionality. ruledujour sets up new spam matchings to keep up with the spammers -- I'm guessing it's someting like sa-update. It's not. sa-update can update all kinds of rulesets (I use it for sa's internal rules and SARE), ruledujour is just another rule set. Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] off topic : Dolphin massacre in Japan
Aggelos schrieb: May I never get support from this list if all other users are like those. PS: Which I believe is not true. Leave please. Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Looking for advice on shared file system.
Peter Lewis schrieb: Hi, I've been looking around for a while now for some sort of "shared file system" which might meet my needs a little better than that which I am currently using SVN would allow you to transparently check in modifications if mounted correctly, or work offline with a normal checkout. Plus: you get a full history of your work. Minus: you get a full history of your work (space on server) and if it grows to large have to create a new repo/fiddle with svnadmin. Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] how does one temporarily disable a firefox plugin (SOLVED)
Hi, At Sat, 24 Feb 2007 21:02:05 -0500 Allan Gottlieb <[EMAIL PROTECTED]> wrote: I would like to temporarily not have totem handle the mp3s, but I was unable to see how to do it. I suspect there is a way inside firefox, but I couldn't find it. Illumination would be appreciated. And in the same vein, I'd like to know how I can disable flash for my liferea-profile. Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Re: Bon Echo (why?)
Grant Edwards schrieb: On 2007-02-24, Gyuszk <[EMAIL PROTECTED]> wrote: Dear gentoo users, As you all know, Firefox 2.0.0.2 is stable on x86 in Portage. When one emerges it, Gnome menu call, and the software calls itself (in about box) Bon Echo (the codename of Firefox 2 development tree). Why? Some licensing BS or other. Trademark Law, to be exact, and Mozilla.com's policy of not allowing patched Firefoxes to wear their brand badge. Debian calls it Iceweasel. (Ubuntu too?). Regards, T. -- gentoo-user@gentoo.org mailing list
Re: Mailing Lists [Was: [gentoo-user] wrong subscription]
Crayon wrote: On Thursday 04 January 2007 18:26, Thomas Rösner wrote: BTW, how/why was an ezmlm-clone chosen over Mailman for the gentoo lists? Performance? Possibly because mailman has had a fair number of security issues over the years whereas qmail/ezmlm had practically none. Well, Mailman has a Webfrontend, but you don't actually have to make it publically available. I wonder everytime I see a "unsubscribe"-Message on the lists. Those are from dozos who thinks they're on a majordomo managed list :) Mailman blocks them per default. Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Important security update for GnuPG!
Nelson wrote: This is strange, I just made a emerge sync and then a emerge --update world. I have still version 1.4.5. I use x86 (no ~x86). [...] Maybe have I to do an emerge -uD ? because I do only emerge --update ? I don't think that's the problem. To my knowledge the -D means update related packages (it means "deep"). Half way right: in this case, gnupg-1.4.6 *is* a related package. If you have gnupg in world, and tell portage to --update world, it will update the highest slot version of gnupg, in this case 1.9. Only when you say --deep, it will go for the other slots, too, *if* something else still depends on them. See the original GLSAs for reference - the first GLSA used --update gnupg, the second corrected GLSA said --update =gnupg-1.4* or something equivalent (all from memory). Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Important security update for GnuPG!
qfpvajdy wrote: Maybe have I to do an emerge -uD ? because I do only emerge --update ? Yes. Or use glsa-check. Regards, T. -- gentoo-user@gentoo.org mailing list
Mailing Lists [Was: [gentoo-user] wrong subscription]
Uwe Thiem wrote: Hi folks, who subscribed to this list as "[EMAIL PROTECTED]"? Idot! How did this get through the confirmation step? BTW, how/why was an ezmlm-clone chosen over Mailman for the gentoo lists? Performance? I wonder everytime I see a "unsubscribe"-Message on the lists. Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Important security update for GnuPG!
qfpvajdy wrote: Hello, [...advisory..] Could the maintainer please update to gnupg version 1.4.6? Currently the Gentoo GNU/Linux distribution delivers version 1.4.5. Then how did I get this? Installed versions: 1.4.6 Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] spamassassin + razor -> learning
Thomas Rösner wrote: Graham Murray wrote: Thomas Rösner <[EMAIL PROTECTED]> writes: Spamassassin has an autolearn hook, but I don't know if the razor/pyzor/etc. plugins use it, or if it's only used by the bayes engine. I'd like to know, though, so why don't you ask on a Spamassassin ML and report back here? ^^ Autolearn only affects the Bayes engine. To report to Razor (and Pyzor, DCC and Spamcop if configured) you have to use 'spamassassin --report' (for spam) or 'spamassassin --revoke' (to report as Ham messages which Razor has marked as spam). These also update Bayes. Ah, that easy. For completeness, spamc has an equivalent option: -L learn type To correct myself: -C report type Report or revoke a message to one of the configured collaborative filtering databases. Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] spamassassin + razor -> learning
Graham Murray wrote: Thomas Rösner <[EMAIL PROTECTED]> writes: Spamassassin has an autolearn hook, but I don't know if the razor/pyzor/etc. plugins use it, or if it's only used by the bayes engine. I'd like to know, though, so why don't you ask on a Spamassassin ML and report back here? ^^ Autolearn only affects the Bayes engine. To report to Razor (and Pyzor, DCC and Spamcop if configured) you have to use 'spamassassin --report' (for spam) or 'spamassassin --revoke' (to report as Ham messages which Razor has marked as spam). These also update Bayes. Ah, that easy. For completeness, spamc has an equivalent option: -L learn type Send message to spamd for learning. The "learn type" can be either spam, ham or forget. Must have missed it when setting it all up. Thanks & Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] spamassassin + razor -> learning
Enrico Weigelt wrote: Hi folks, I've set up spamassassin + razor on one host, which is accessed from some other host via spamc. Is it possible to learn/report-to razor via spamc, too ? Spamassassin has an autolearn hook, but I don't know if the razor/pyzor/etc. plugins use it, or if it's only used by the bayes engine. I'd like to know, though, so why don't you ask on a Spamassassin ML and report back here? ^^ Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Mysql vs Mysql-community...
kashani wrote: Jerry McBride wrote: Can someone tell me the major differences between mysql and mysql-community? Thank you, in advance... P.S. before you beat me up too badly, I've googled this one to death and not found anything that satisfies my curiousity. I've been trying to figure out that myself and would be interested in some enlightenment. However I do know that 5.0.30, which appears to be enterprise, has a number of high thread/concurrency Innodb fixes that many of us 5.0 beta test^H^Husers have been waiting for. Is it only me or is the marketing fluff on the mysql homepage getting worse? The MaxDB announcement without any meat, mysql-"cluster" (which made me laugh when I figured out what they think constitutes a cluster), and now the "huh, we do enterprise, too", which on the homepage seems like a normal support scheme, but then why are there different tarballs? Maybe this is an answer to EnterpriseDB/Postgres? But EnterpriseDB at least is quite clear about what they add. Regards and Happy Holidays, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Gnome 2.16 and FAM
Fredrik Tolf wrote: I just noticed that Gnome 2.16 wants Gamin instead of SGI FAM. I don't, though, since I use NFS and, last I looked, Gamin doesn't support monitoring NFS exports, unlike SGI FAM. AFAIK it polls. Does anyone know if it's really necessary to use Gamin instead of SGI FAM with Gnome 2.16, and, if not, how to make emerge not do that? gnome-base/gnome/gnome-2.16.1.ebuild doesnt dep on either of them, and contains: einfo "To take full advantage of GNOME's functionality, please emerge" einfo "gamin, a File Alteration Monitor." einfo "Make sure you have inotify enabled in your kernel ( >=2.6.13 )" einfo einfo "Make sure you rc-update del famd and emerge unmerge fam if you" einfo "are switching from fam to gamin." einfo einfo "If you have problems, you may want to try using fam instead." Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] [OT] Specifying file size in dvd::rip
Mick wrote: On Tuesday 12 December 2006 02:28, Thomas Rösner wrote: Mick wrote: How do you set dvd::rip to end up with a 16:9 aspect avi file taking up close to (but no more than) 4.7G? It's really pretty unusual to make avis that large. Are you using XviD? There is a maximum quality you can achieve with each codec. With 4.7 GB target size, you could as well use MPEG2. Or try h264 (wild guess, but this is the codec with the best quality in linuxland atm). Thanks Thomas, Yes, I am using xvid which is using the h263 quantization method by default. Should I choose mpeg instead of h263? Without going into too much detail, that's something different. XviD is a dialect of MPEG-4. H.264 is a different, newer standard. MPEG-2 is yet another standard used on DVD's (=ooold ;-)). Hardware players can do MPEG-2, some can do DivX/some parts of MPEG-4 and XviD if you are careful not to enable the advanced coding options. I know of none doing H.264. Then there are containers: mp2 (only mpeg2), mp4 (only mpeg4), avi (anything, but limited), ogg (anything), mkv (anything and more, not in DVD::Rip last time I checked). If you don't care about HW players, you might find ogg a better container format then avi (uses less space, audio/video don't get out of sync as easily, multiple Audio tracks/subtitels supported...). Hm, or stay with avi, I don't want to confuse you. All of this is a bit of voodoo. :) xvid is the default codec selection. I can't find h264 in the transcode options. ffmpeg does, it's a library providing different codecs. Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Re: avoiding pdf print restrictions
james wrote: It worked for the first 4 pages Um, I had to grab a copy of the file from /tmp then it worked beautifully. Hehe. You had no print restrictions, you had a half-downloaded PDF... Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] [OT] Specifying file size in dvd::rip
Mick wrote: How do you set dvd::rip to end up with a 16:9 aspect avi file taking up close to (but no more than) 4.7G? It's really pretty unusual to make avis that large. Are you using XviD? There is a maximum quality you can achieve with each codec. With 4.7 GB target size, you could as well use MPEG2. Or try h264 (wild guess, but this is the codec with the best quality in linuxland atm). Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] gnome 2.16 block by non-installed blocker
Allan Gottlieb wrote: My normal emerge --tree --ask --verbose --newuse --update --deep world showed that gnome 2.16 is now stable. The output starts with These are the packages that would be merged, in reverse order: Calculating world dependencies... done! [blocks B ] Did you see the I know that when A blocks B, you emerge --unmerge A (or do without B). In this case it's enough to update A ;-). Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] browser advice
Jorge Almeida wrote: [...] I use KDE, not because I find it perfect but because AFAIK it's the only DE that has two features that for me are a must: (1) Several virtual desktops, plus the possibility to switch desktops via configurable keyboard shortcuts, and (2) the possibility of setting different background images for different desktops. The latter is not just a matter of eye candy, it's just how I see which virtual desktop is the current one. I don't think Gnome can do this, at least not unless you're a guru-wizard, which I'm not. Can do 1 (using it a lot), can't do 2 (yet?). Not to convince you no matter what, just for completeness. Happy surfing, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Gentoo apache2 VirtualHost :443 config
Grant wrote: Compare your ssl vhosts to your non ssl ones. I think you made some little mistake while adapting the gentoo config file copy. See below for our (working) config, note the similarity of IP and port... ;-) Did you turn SSL on in the second :443 vhost? I can't get it to work when both are SSL. Yes. Thats right below the etc pp part :-). Do you have a namevirtualhost directive for :443 somewhere in your configs? Do you have one for :80? Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Gentoo apache2 VirtualHost :443 config
Grant wrote: >> > Ok, knowing that others like it I'm more comfortable trying to get >> > used to it. It's all the IfDefine stuff I don't like. >> >> Actually that makes it super flexible. > > At the expense of simplicity. The learning curve may be steeper, adding hosts is easier (IMHO etc of course). How does the layout facilitate adding hosts? I added a 01_vhost.conf file to be included in httpd.conf. Adding vhosts = dropping the config in /etc/apache2/vhosts.d/, no need to touch other files. Enabling PHP? Just add one -Define in /etc/conf.d/apache2. >> > domain but not for another, and you need both of the domains to >> > function under SSL? Is multiple IPs the only way? >> >> YES. > > What would you do if you needed a certain block for one > > Or multiple ports. Or make a certificate for multiple domains. But the problem is that I need a Location block for one SSL domain and not for another. I can't do that on the same IP, domain, and port no matter what kind of certificates I have right? Uhhhm, why, yes, you can. I'm not quite sure I understand your problem right now, but basically you can do (seen from apache) anything with your 443 hosts you can do with the 80 ones. The only problem is 1. You can only use one (1) certificate per IP/port, 2. If you host both domains "foo" and "bar" behind one IP/port, and your certificate is "foo" only, visitors of bar will get a validation nag. Compare your ssl vhosts to your non ssl ones. I think you made some little mistake while adapting the gentoo config file copy. See below for our (working) config, note the similarity of IP and port... ;-) Regards, Thomas ServerName issues.serverkommune.de DocumentRoot /var/www/www.serverkommune.de/htdocs/trac SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile conf/ssl/cacert-signed.crt SSLCertificateKeyFile conf/ssl/cacert.key SetHandler mod_python [...] ServerName www.serverkommune.de DocumentRoot /var/www/www.serverkommune.de/htdocs [...etc pp...] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] browser advice
Etaoin Shrdlu wrote: On Thursday 30 November 2006 10:22, Jorge Almeida wrote: On Thu, 30 Nov 2006, Dale wrote: used epiphany before. What's it look like? Have no idea, I didn't tried either. Being something from Gnome, I suspect it's not very customizable, but I may be completely wrong. You can find more info here: http://www.gnome.org/projects/epiphany/ seems that it uses the gecko rendering engine, the same used by firefox and seamonkey (and can use the plugins too). Like many Gnome programs, it aims to be simple, easy to use and probably not very customizable (no flames, just my impression). If all apps were like Epiphany, Gnome wouldn't be beaten around that much, me thinks (and I wouldn't use ROX-Filer instead of Nautilus). If you want to try something fresh, perhaps you find this article gives you an impulse: http://ploum.frimouvy.org/?2006/03/15/100-why-you-should-try-epiphany-as-your-default-browser-with-gnome-214 Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Gentoo apache2 VirtualHost :443 config
Grant wrote: > Ok, knowing that others like it I'm more comfortable trying to get > used to it. It's all the IfDefine stuff I don't like. Actually that makes it super flexible. At the expense of simplicity. The learning curve may be steeper, adding hosts is easier (IMHO etc of course). > domain but not for another, and you need both of the domains to > function under SSL? Is multiple IPs the only way? YES. > What would you do if you needed a certain block for one Or multiple ports. Or make a certificate for multiple domains. Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] eix double naming with colon?
Mark Knecht wrote: Why is a package now shown as ~2.6.19-r1:2.6.19-r1 instead of just ~2.6.19-r1 It's showing you the SLOT the package is in. *-sources have the version as slot, allowing you to install them in parallel, so in that case it's not very informative. Try eix -e qt, there it makes more sense. Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] hibernation and various programs.
Xamindar wrote: Richard Fish wrote: On 12/6/06, Xamindar <[EMAIL PROTECTED]> wrote: I have hibernation set up on my laptop and am just wondering if there are any programs that are unsafe to have running when hibernating. One of the main ones im wondering about would be vmware. Can I hibernate while I have windows xp running in vmware and still have it exactly how I left it when I power back on? I will probably try it soon anyway but just wondering if anyone else out there has more experience. I have done this, but end up rebooting the vmware session every time I try, because I move around to different networks and the networking between linux and XP gets confused. So generally I'd recommend suspending the virtual machine with vmware's suspend function first, and then hibernate. You are right, it kills the vmware machine on hibernate. I just tried it. Oh well, at least it doesn't freeze. I'll try that vmware suspend function. vmware uses Alsa, no? I see no way you can keep sound apps running if you have to unload the alsa module before hibernating. Regards, T. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] fine grained net dependancies
Mike Williams wrote: Hey, At some point I was sure baselayout supported full runscript depend(){} syntax, in the form depend_${iface}(){}. That'd be nice! I didn't know it ever worked. It would be nice if this could be made to work again. I have tried adding depend_br0(){ before heartbeat } I've used both the old and new depend syntax to make the bonds need/NEED the eth interfaces, and the bridge need/NEED the bonds. But heartbeat continues to start after the first net service starts, so it fails to start as the interface it needs doesn't exist yet. Why not set RC_NET_STRICT_CHECKING="yes" in /etc/conf.d/rc? Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Very OT - gnome-panel notification area applet
Michael Sullivan wrote: On Wed, 2006-12-06 at 12:54 -0500, Phil Sexton wrote: Michael Sullivan wrote: I have a notification applet on my panel in gnome. I upgraded a package yesterday and used the new version for the first time time. The new version places a very large gaudy icon in my notification area applet. Without knowing the programs name we can only guess, but as you are indicating willingness to look under the hood, the program uses http://developer.gnome.org/doc/API/2.0/gtk/GtkStatusIcon.html if written for GTK+ 2.10, the gnome libs else. Commenting out the respective calls should be enough. Regards, Thomas -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] less and colourisation
Willie Wong wrote: On Fri, Nov 24, 2006 at 09:22:24AM +0800, Penguin Lover W.Kenworthy squawked: I recently had cause to use "less" from a real console, not an xterm and found that it really does colourise text. It has never done this in an xterm - how do I turn it on? "man" isnt being very helpful here :( BillK My best guess is the -R option: This is for programs having color output you want to pipe to less, not less showing a syntax highlighted file. This is done by the gentoo less filter that automagically unzips README.gz files when viewing them with less, fx. Does ls --color=auto produce colors in your xterm? Is your TERM envvar set to xterm (xterm should do this)? Do you have compared the current /etc/skel files to your user's home; when you create a new user with those files in his home, does xterm/less work for this account as intended? Regards, T. -- gentoo-user@gentoo.org mailing list