[gentoo-user] Re: revdep-rebuild question
Alan, Seems reasonable. Would I (Could I?) then do an equery depends on each binary and assuming nothing depends on it remove them by hand without causing damage? I'd want to do another revdep-rebuild every so often to ensure that things remained consistent. Makes sense to me - doing the equery on the package that installed the binary (which may have a name unrelated). IIUC, there are two tools useful for second/third opinions for this task; dep and pquery. Here's an example of their use on fftw: dep -L fftw pquery --vdb --revdep sci-libs/fftw And as you idicated, do a revdep-rebuild after the manual deletion. -- gentoo-user@gentoo.org mailing list
[gentoo-user] Fluxbox without/with gdm ?
Tiring of bloat, I removed everything kde-ish and installed fluxbox - without installing gdm (gdm was recommended in the Gentoo fluxbox doc, but I figured I didn't need the GUI startup. (bloat avoidance)). I tweaked .initrc, startx'd and fluxbox was great. exceptwhen entering passwords (e.g. su; gpg), I'd frequently have to reenter 5-8 times. Out of desparation, I emerged gdm (without xdm startup) and BANG - password problem cured! Please explain why this happened!? How does GDM affect fluxbox which is invoked by startx/.initrc?? TIA -- gentoo-user@gentoo.org mailing list
[gentoo-user] Why emerge -uD forces mailx!? (long)
For some reason, emerge -auD world produces this: These are the packages that would be merged, in order: Calculating world dependencies... done! [ebuild N] mail-client/mailx-support-20030215 [ebuild N] net-libs/liblockfile-1.06 [ebuild N] mail-client/mailx-8.1.2.20040524-r1 Why do I want these -new- packages? So I do an equery depends on each of them and there is no dependency. e.g. you k # equery depends mail-client/mailx [ Searching for packages depending on mail-client/mailx... ] you k # equery depends mailx [ Searching for packages depending on mailx... ] revdep-rebuild is happy - no problems. So finally I went ahead and installed them, and emerge -auD world was happy. I ran another depends; and still no indication why they were there. I uninstalled them, and now emerge wants to reinstall. Any ideas? TIA p.s. you k # emerge --info Portage 2.1-r1 (default-linux/x86/2006.0, gcc-3.4.6, glibc-2.3.6-r4, 2.6.14-hardened-r8 i686) = System uname: 2.6.14-hardened-r8 i686 Intel(R) Pentium(R) 4 CPU 2.26GHz Gentoo Base System version 1.6.15 app-admin/eselect-compiler: [Not Present] dev-lang/python: 2.3.5-r2, 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox:1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -march=i686 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.osuosl.org/ http://gentoo.om.com"; PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole -file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' - -exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://acm.cs.rpi.edu/gentoo-portage" USE="x86 X acl alsa apache2 apm avi bash-completion berkdb bitmap-fonts bzip2 cli crypt cups cu rl dlloader dri eds emboss encode esd foomaticdb fortran gdbm gecko-sdk gif gnome gpm gstreamer gtk gtk2 hardened imlib ipv6 isdnlog java jpeg libg++ libwww lm_sensors mad mikmod motif mp3 m peg ncurses nls nptl nsplugin ogg opengl oss pam pcre pdflib perl pic png pppd python qt qt-sta tic qt3 qt4 quicktime readline reflection sdl session spell spl ssl tcpd truetype truetype-font s type1-fonts udev vim-with-x vorbis xml xmms xorg xv zlib elibc_glibc input_devices_keyboard i nput_devices_mouse kernel_linux userland_GNU video_cards_radeon video_cards_fglrx video_cards_v esa" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, P ORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY -- gentoo-user@gentoo.org mailing list
[gentoo-user] Re: chkrootkit LKM trojan ?
On Sun, 16 Jul 2006 15:54:18 -0400, Dave S <[EMAIL PROTECTED]> wrote: On Sunday 16 July 2006 19:54, Hemmann, Volker Armin wrote: On Sunday 16 July 2006 20:25, Dave S wrote: > HI, I have a potential security problem ... > > and err its not on gentoo, its on ubuntu but I am not getting any > response there & you guys are the most tech bunch I know - Thought I > would lay it on the table :) > > I just had an email from chkrootkit last night - > > --- > > The following suspicious files and directories were found: > > You have 3 process hidden for readdir command > You have 3 process hidden for ps command > chkproc: Warning: Possible LKM Trojan installed > > --- > > Running chkrootkit now and all is OK > > [EMAIL PROTECTED]:~# > [EMAIL PROTECTED]:~# chkrootkit | grep chkproc > Checking `lkm'... chkproc: nothing detected > [EMAIL PROTECTED]:~# > > I have even 'sudo install --reinstall chkrootkit' in case its binarys > have been modified (paranoid) if you installed using the tools of the system, it could be worthless, because compromised. Boot from a cd and check from the cd. I understand. Booted from knoppix 5.0.1, executed a 'chroot /mnt/hda1 chkrootkit' and a 'chroot /mnt/hda1 rkhunter -c' - both scans brought back nothing. From what I have read the chkrootkit & rkhunter binarys would have been from the CD and therefore untainted ? Am I correct ? Are there any other checks I can do - re-installing the system is not my preferred option :) Dave I'm a newbie, so discount this appropriately. 1. IIUC, running rkhunter/chkrootkit from knoppix simply checks the knoppix cd. 2. You want second/third opinions. IIWU, i. I'd scan the box with a Trojan signature scanner - e.g. fprotect, AntiVir, etc. from Knoppix - first assuring that you have current signatures. ii. I'd reemerge/recompile the kernel WITHOUT modules or module support, and clear out your usr/lib/modules (though IIUC, this can be foiled). iii. I'd try zeppoo. 3. Try to figure out how you got it. e.g. you installed software from an unreliable source; your privileges are screwed up; you have an unpatched server(s) running; etc. Maybe you could find the both the vector and the lkm - but understanding that the only real solution to a rootkit is restoring from a clean backup, or rebuilding :-( -- gentoo-user@gentoo.org mailing list
[gentoo-user] Re: Problems upgrading X
Last, but not least, scrolling down in firefox works abnormally slow for some reason. Does this -again- have something to do with all the other problems? I didn't have the other problems, but following X upgrading, I have this issue - in spades. Takes forever to bring up FF; everything is slow motion. I can avoid it by using Opera. But, when I bring up the superuser filemanager mode in kde, everything is again in slow motion. -- gentoo-user@gentoo.org mailing list
[gentoo-user] Re: Things that can be improved
On Fri, 07 Jul 2006 17:12:13 -0400, Richard Fish <[EMAIL PROTECTED]> wrote: On 7/7/06, Rafael Fernández López <[EMAIL PROTECTED]> wrote: The first thing that I'd change is "etc-update" or "dispatch-conf". I'd suggest to create some kind of tool like "dpkg-reconfigure" in Debian. I don't know anything about dpkg-reconfigure, so I can't really comment on this. But one thing I really do like about gentoo is that I *can* go modify configuration files directly, without worrying about some distribution tool clobbering my changes, or choking on something it wasn't setup to deal with. This is one of the things that drove me from SuSE. I would really object to some kind of "configuration file configurator" app. Agree wholeheartedly. I want to learn and use Linux (well, Gentoo Linux :-) )- not some distribution-dependent GUI(s). -- gentoo-user@gentoo.org mailing list
[gentoo-user] Re: Protecting my server against an individual
On Tue, 04 Jul 2006 18:56:02 -0400, Grant <[EMAIL PROTECTED]> wrote: It has come to my attention that a particular person I know may be intent on attacking my server/website in any way possible. He doesn't know much about Linux but does know Windows. What kind of things should I lock down to protect my remote hosted server? I don't have time to get too crazy with security right now, but what kinds of simple tricks might this fellow learn by asking around on forums, etc? A Windows guy has all of the techniques/tools that a 'nix guy has - he'll figure out what servers you have, which ports, which software, what vulnerabilities .. all of it. He'll even use some of the same tools (e.g. nmap). If your server is misconfigured (e.g allows root logon); if passwords are trivial; if software is out-of-date with known vulnerabilities; he could break in and deface the site; erase the OS; install a root kit and hide a key logger. Suggest that you shut this thing down 'til you have a security plan that you understand, and with which you are comfortable. If that is not possible, then implement the items mentioned earlier, and additionally assure: 1. that your passwords are at least 15 characters long with capitals and numerics. A repeated password is fine (e.g. gentoo becomes gEnt0*gEnt0*gEnt0*) 2. that you can easily and confidently restore your backups (you do have backups!?) 3. that you can tell if you've been hacked (e.g. samhain, tripwire). 4. And that your software is up to date. After that, you can look into IDS, Trojan scanning, chroot jails, hardening, and other things that servers under attack might consider. -- gentoo-user@gentoo.org mailing list
[gentoo-user] Re: xorg worked! Minor issues....Thanks, Gentoo
4. I routinely use xterm, xmessage, and xkill - all needed to be emerged. Problem here was that eix and eix -S didn't find them, but emerge did. Perhaps you haven't regenerated eix's cache lately? Didn't help. Perhaps you could try? 5. revdep-rebuild found the missing libXaw.so.8, but crashed during re-emergence (bad order, and something else that I did not understand). So I emerged them one at a time in a different order, and everything worked except for the kde office applications. If you just want the libXaw.so.8 back, emerge libXaw with USE=xprint. Good to know; but having recompiled the few problems, I don't need it anymore. :-) Thanks for your detailed report, Donnie Thank you! . -- gentoo-user@gentoo.org mailing list
[gentoo-user] xorg worked! Minor issues....Thanks, Gentoo
It just plain worked! Emerge even identified -only- my drivers (mouse, keyboard, etc.) before I scanned xorg.conf. Minor problems: 1. The emerge stoped at one point because the uninstall failed to remove an obscure library (perhaps /var/lib/xkb ? sorry, I should have noted it). But emerge identified the directory and told me to delete it. A restart allowed successful completion. 2. Before starting, I renamed /etc/X11 to /etc/X11old so that any accumulated junk would be out of the picture, and so that the new xorg.conf.example file would be clean. Heh, it doesn't build a new xorg.conf.example file, so I copied over the old file and everything worked - except for the rgb file. 3. My first xmessage complained of not understanding "black". So I emerged rgb, edited the xorg.conf file, and repointed it. RgbPath "/usr/share/X11/rgb" 4. I routinely use xterm, xmessage, and xkill - all needed to be emerged. Problem here was that eix and eix -S didn't find them, but emerge did. 5. revdep-rebuild found the missing libXaw.so.8, but crashed during re-emergence (bad order, and something else that I did not understand). So I emerged them one at a time in a different order, and everything worked except for the kde office applications. 6. kde office applications depend upon kde 3.4, which I no longer have - and revdep pointed this out :-) . This obviously is not an xorg issue, but rather an emerge issue; allowing me to unemerge 3.3 and 3.4 a month ago, while still having a need for their libraries if I need to recompile the office stuff. But I'm "guessing" that the office "libraries", available in portage, will fix this. But I don't care right now, as the programs (e.g. word, spread) work fine without recompiling. :-) So thank you to Gentoo the Developers - another successful plan and instructions on your part, that worked just fine for newbies like me! .. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Lost KDE 3.5 screensaver (3.3 worked fine)
Got it!~ SSP was killing it. <[EMAIL PROTECTED]> wrote: Screen saver worked fine on 3.3; won't work at all on 3.5. If I bring up control center and go to "appearance and themes" and then to "Screen Saver" the usual screen saver configuration appears momentarily, and then disappears; taking control center with it. kde-base/kdebase-3.5.2-r1 Any ideas? -- gentoo-user@gentoo.org mailing list
[gentoo-user] Lost KDE 3.5 screensaver (3.3 worked fine)
Screen saver worked fine on 3.3; won't work at all on 3.5. If I bring up control center and go to "appearance and themes" and then to "Screen Saver" the usual screen saver configuration appears momentarily, and then disappears; taking control center with it. kde-base/kdebase-3.5.2-r1 Any ideas? -- gentoo-user@gentoo.org mailing list
