Re: [newbie] Re: FYI - ssh security
On Tue 2004-12-21 at 13:11:12 -0500, [EMAIL PROTECTED] wrote: Bryan Phinney [EMAIL PROTECTED] writes: [...] Hi Bryan, pretty cool, the only thing I would suggest is using Damian Conways's Regexp::Common module in a Perl script to parse the IP address out. [...] #remove extra entries from hosts.deny cat /etc/hosts.deny | sort | uniq /etc/hosts.new cp /etc/hosts.new /etc/hosts.deny [...] Another thing I would change is to avoid changing host.deny directly. You can make hosts.deny look into other files like this: sshd: /etc/host.deny.foo This will look into /etc/hosts.deny.foo for further IPs to block. This way you lower the risk of accidently damaging your hosts.deny (and while it's not important for machine you administer alone, it's also prevents surprises if ever somebody wants to edit /etc/hosts.deny by hand). And yet another thing: replace the cp by mv. mv will replace the file atomically while with cp other processes could see a half-copied file. Bye, Benjamin. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] list etiquette - please, this is a question, so don't get any ideas about flames...:-)
On Thu 2004-01-08 at 18:19:42 +1300, [EMAIL PROTECTED] wrote: Does anybody know how to do this in mozilla 1.5. I just thought that it had to be done manually... # *Keep the Reply-To setting empty* * Please keep you Reply-To field empty when emailing any email list. Somewhere in your mailer's settings there is probably the option to fill in the Reply-To field. If it is filled in, then whenever a fellow listmember replies to your post, the message will go to you directly instead of to the list. For information on the problems this causes www.monkeynoodle.org/comp/reply-to http://www.monkeynoodle.org/comp/reply-to Hm. Didn't change Mozilla configs for quite some time, but maybe it's (when in the Mailer window): Edit (the menu) - Mail and Newsgroup Account Settings. After you have chosen the name of the server on the left, there is a field Reply-to address (which is empty in my case) on the right. Bye, Benjamin. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] free software frozen bubble Linus Torvalds
On Mon 2003-09-01 at 05:18:33 +0800, [EMAIL PROTECTED] wrote: [...] He is, I think this is because of an arguement between RS and Linus whereby RS wanted linux henseforth refered to as GNU linux. (Thereby getting lots of publicity for GNU and RS..) Just to clarify. RMS does not want the Linux kernel name to have any GNU extension. What RMS wants is that Linux based *distributions* and anyone referring to such Linux based distributions by the label Linux uses GNU/Linux instead, in order to give proper credits to GNU's part of such a distro. If you are interested in more details, you can read the FSF side of the story here (warning: it is heavily biased by idiology): http://www.gnu.org/gnu/gnu-linux-faq.html#why Bye, Benjamin. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] free software frozen bubble Linus Torvalds
Hi! On Mon 2003-09-01 at 00:00:59 +0300, [EMAIL PROTECTED] wrote: I was at the frozen bubble game site and there was this bit about free software: Free software is a very interesting (and important) concept. It was brought to mankind by Richard M. Stallman, the founder of the Free Software Foundation http://www.fsf.org/. Free software is copyrighted software with special licensing terms (the GPL, General Public License) that allow users to copy, ameliorate, and redistribute software as long as the licensing terms don't restrict those rights. Too many people simply refuse to see the ideology behind free software (unfortunately, that's the case of Linus Torvalds, the Linux kernel author). Free software is not only good quality software. Free software tells you that your freedom is valuable. It tells you that it's good for a society when people can share good software with friends, without being stopped by a license refusing you this right, and can ameliorate/bugfix programs if they are technically literate. It tells you that proprietary software is taking away your freedom. Because of these reasons, please promote and use Free Software. ... please somebody explain to what's that part about Linus Torvalds ... I thought he was the founder of Linux ... and suporter of free software .. stuff lik that ... This is in reference to statements from Linus Torvalds such as: (taken from: http://lwn.net/2002/0425/a/ideology-sucks.php3) Quite frankly, I don't _want_ people using Linux for ideological reasons. I think ideology sucks. This world would be a much better place if people had less ideology, and a whole lot more I do this because it's FUN and because others might find it useful, not because I got religion. So the statement above doesn't mean that Linus Torvalds hasn't done a a lot for the free software community. It just means, that he didn't do it with ideology as his primary motive. Linux wasn't created because he wanted to replace something, but because he thought it was fun to do. In contrast, GNU software has been created purely for ideologic reasons. Already the name GNU (GNU's Not Unix) gives it away: it was set out to be a replacement for the proprietary Unixes. Regards, Benjamin. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] ADSL again
Hi. On Wed 2003-04-02 at 07:44:00 +0200, [EMAIL PROTECTED] wrote: Nah...it is a fresh Mandrake 9.1-install where I have added both PPP and RP-PPPoE afterwards. RP-version is 3.5-3 which I downloaded from rpmfind.net. The only 3.5-3 I find there is for some PLD Linux Distribution. They seem to be similar to Mandrake, because they once took their rp-pppoe package (you can see that in the changelog), but I wouldn't imply too much into that. I will try to remove that version and install 3.5-2 in case something is misbehaving because of that. It should not normally be so I guess, Yes, that *is* normally so. You may not expect rpms for one distro to work on another. You wouldn't download some driver for Windows NT when you have Windows ME, would you? That they both use the same installer (RPM) doesn't necessarily mean that they are compatible. If you are lucky, a package works on a different distro. Either because all Linux based distributions are created using the same software pool or because the other distro has the goal to be compatible to the other one (early versions of Mandrake were full compatible with RedHat). An exeption is when a RPM is explicitly declared to be a general one. But that also only implies that it will work on the more common Linux based distros. but I have learned that when dealing with computing and you have a problem it is usually the cause that you don't believe that is actually the cause. What you have is variant of the 9.0/9.1 mixup I assumed, only worse: a 9.1/other mixup. I'll get back to ya people when I have tried that Yes, always nice to hear, if a suggestion helped. Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] ADSL again
Hi. On Tue 2003-04-01 at 19:14:10 +0200, [EMAIL PROTECTED] wrote: OK, here we go, now I think I have located why RP-PPPoE doesn't work however it didn't get me anywhere, I installed PPP2.4.1, which doesn't seems to be installed by default and after some dependencyproblems I got it installed, and then I installed RP-PPPoE-package and tried to run adsl-setup but it claims to not being able to start pppd and that I need to install PPP 2.3.something but as I earlier stated 2.4.1 is installed which rpm -q confirms, anyone knows what I can do there, is a simple reboot enough which seems to be strange There is somthing strange. Which version of Mandrake do you use? ppp-2.4.1 belong to 9.1. But 9.1. comes with the following rp-pppoe: $ rpm -q rp-pppoe rp-pppoe-3.5-2mdk $ rpm -q --requires rp-pppoe ppp = 2.4.1 [...] In other words, you should have been unable to install rp-pppoe-3.5-2mdk without ppp-2.4.1 at least. I am not sure what your problem is, but one possible explanation would be some mixed 9.0/9.1 install. HTH, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] How do I terminate an ASDL connection?
On Sat 2003-03-29 at 12:25:06 -0600, [EMAIL PROTECTED] wrote: If you look at this description you now know, why people prefer to refer to the shorter shell commands for giving advice. ;) Yes, too much on your part, I am sorry. No need to apalogize. This *is* the newbie-list, after all. My comment was more meant as explanation why people generally prefer to give instructions with shell commands (too lazy :-) and also that, even if shell commands are given there is often also a point-and-click way to do the same. Another advantage of shell commands (beside being easy on the lazy ones :) is that they are less ambigious. Bye, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] Neverwinter Nights
Hi. On Sat 2003-03-29 at 01:24:10 -0500, [EMAIL PROTECTED] wrote: Well, no one else has mentioned this, so... :-) Public beta number 3 of Neverwinter Nights is out, available from the Bioware web sight. You will have to register with them to be able to download though. Now. Does anyone here actually have it working? Jupp. Works fine. And for me (CPU-bound: Athlon 500 + GiForce 4200) between 50% and 100% faster (yes, really!) than the MS Windows version, depending on the area. The only glitch is that the mouse kind of lags behind a bit (even with the recommended work-arounds). I've bought the game, I used Icculus's (raven) installer to put it in /usr/local/games/nwn, but I get the dreaded SDL segmentation fault (parachute deployed) message. This seems to be simply some general error. Just a shot in the dark: Check for a patch.key file. If you have it, take away readable flag (chmod a-rwx patch.key) and check if it makes a difference. Probably not, but you can try. Else, I cannot help much, because I used the existing MS Windows install to copy the data file. (Don't forget to change the permissions afterwards, if the change it doesn't help). Bioware says to use v1.25 of SDL, which I don't have. I'm running Mandrake v9.0, with SDL 1.24 - if I try to upgrade I get (literally) a hundred dependency errors. Well, I have 9.1 (more precisily: Cooker) which comes with libSDL1.2-1.2.5-5mdk. Anyone care to recommend a good way to upgrade SDL without breaking everything else on a setup? Try 9.1? ;-) Sorry, don't have any solution for this. Never cared about SDL. Only noticed that it already existed in my install when I followed the install instructions. Bye, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] How do I terminate an ASDL connection?
On Sat 2003-03-29 at 08:01:08 -0600, [EMAIL PROTECTED] wrote: On Saturday 29 March 2003 12:30 pm, Frankie wrote: service internet stop try that.. Thank you, I have already, but service is not a Linux command. It is a valid command with Mandrake Linux. You have to be root to have it in your path. If you are trying as mere user, your shell won't find it. The full path is /sbin/service. So open a root shell or become root in an existing shell (e.g. su -) and then try again. An alternative method is to start up mcc (The Mandrake Control-Center), go to System, click on DrakXServices. Look for adsl and press stop. Alternatively, look for internet and also press stop. If you look at this description you now know, why people prefer to refer to the shorter shell commands for giving advice. ;) HTH, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] email showing up as attachments
Hi. On Thu 2003-03-27 at 18:49:31 -0800, [EMAIL PROTECTED] wrote: Hello folks, Does anyone know why some emails from the list are blank, with the text of the message in an attachment? Because the mail reader is too dumb to do something sensible with (MIME) multipart types it doesn't recognize. This mail will probably have the mentioned problem, because I digitally sign my mails which results in a content-type of multipart-signed with my (textual) reply as first part and the signature as second one. The sensible thing to do for the mailer would be to simply try it's best and treat unknown multipart types like multipart-mixed and simply display the text/plain content (and put the signature, which is not text/plain, as an attachment). Btw, multipart-signed is standartized for over 10 years or so, i.e. it's not that this is about supporting bleeding-edge stuff. Right now i am using lookout express, so if that's the problem, it'll be fixxed as soon as i get my installation done... Jupp. It's the problem and you will fix it that way. ;-) HTH, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] Final or rc3?
On Tue 2003-03-25 at 09:00:54 +1200, [EMAIL PROTECTED] wrote: Mandrake hasn't said yet. On Cooker, a few days ago they said 9.1 was final. For 9.0 they tricked people. They uploaded an RC then renamed it final. This may be what is happening here. The curious thing is that the CD's are all over 650MB which on list I thought Mandrake said it would not do. They are not: -rw-r--r-- 682164224 2003/03/24 14:17:37 MandrakeLinux-9.1-rc3-CD1.i586.iso -rw-r--r-- 681279488 2003/03/24 14:19:50 MandrakeLinux-9.1-rc3-CD2.i586.iso -rw-r--r-- 681574400 2003/03/24 14:22:07 MandrakeLinux-9.1-rc3-CD3.i586.iso 682164224 = 650.6MB 681279488 = 649.8MB 681574400 = 650.0MB They all fit well on my 74min CD-RW without overburning. Bye, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] Procmail Recipes
Hi. On Sun 2003-03-16 at 00:03:07 +0100, [EMAIL PROTECTED] wrote: On Saturday 15 March 2003 10:53 pm, Stephen Kuhn wrote: Hey y'all - anyone remember that I posed a PROCMAILRC a while ago - well, as y'all know, all my mail went the way of the wind, and if anyone can blast me a copy of it back - cuz I'm hustling to get my system back to specREALLY APPRECIATE! Stephen, is this what you want (attached file) ? Hehe. As Linus said, backup are for wimps. Real men let just the public mirror important stuff. :-) Bye, Benjamin: PS: The original quote is: Only wimps use tape backup: *real* men just upload their important stuff on FTP, and let the rest of the world mirror it ;) -- Linus Torvalds (about his failing hard drive) pgp0.pgp Description: PGP signature
Re: [newbie] cpuburn and memtest
Hi. On Sun 2003-03-16 at 00:01:29 -0500, [EMAIL PROTECTED] wrote: Should be fine at 50C. If your memory is in 2 sticks, try taking one out. If it still crashes, switch them! If it's ok you've found your problem. I doubt it is a memory problem. I am no hardware expert but had my share of misc. hardware problems and never had or heard of faulty memory causing immediate lock-ups. I agree with the docs which suggest either bad cooling (fan, bad heat dissipation, ...) or bad power supply (power supply unit, connector, motherboard, ...) are probably causes. Ronald, what kind of power supply do you have? 230W, 300W? (or whatever is standard where you come from ;) Make sure you,ve got good air circulation, esp. round your vid card - they can get real hot too. Agreed. A good test (not for the faint-hearted :-) is to run with open case and use a hair-dryer or alike (on cool setting - or whatever that might be called) in direction of the CPU and see if it makes a difference in how long it needs until the CPU locks up. What speed and timings are you running the memory at? Try slowing it down to CAS 2.5 or set it to a safer setting in BIOS Can this really be the cause of lock-ups? Never had that happen to me. From: Ronald J. Hall [EMAIL PROTECTED] [...] I grabbed and installed cpuburn 1.4 last night, then ran burnMMX. It won't run longer than 2 minutes before I get a full lockup that requires a hardware reset or powerdown and back up. That from a shell with X running and without. This is an AMD XP2100, 512megs DDR (PNY) Ram, Soyo Dragon Plus MB, Nvidia Geforce 4 Ti4200, etc, etc, with nothing overclocked. The CPU has a 5 1/4, 3000 rpm fan/heatsink attached to it, and BIOS reports 50 degrees celsius for it, and 27 degrees Celsius for the system. [...] The literature with cpuburn suggests that my CPU is not getting cooled enough but from what I've read, 50 degrees Celsius should be okay, right? Well, I would put more credibility in the CPU lock-up than into what the BIOS is reporting. ;-) PS Note that all the hardware is basically new, less than 3 months old. HTH, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] problem upgrading to new usermode package?
Hello. On Sat 2003-03-15 at 10:30:13 -0800, [EMAIL PROTECTED] wrote: don't know much about shell scripting. anyone care to tell me what it is doing? $ rpm -qp --scripts usermode-1.42-8.2mdk.i586.rpm postinstall scriptlet (through /bin/sh): if [ ! -z $SECURE_LEVEL ];then if [ -x /usr/sbin/msec -a $SECURE_LEVEL -gt 3 ]; then /usr/sbin/msec $SECURE_LEVEL || true ; fi fi If first checks whether $SECURE_LEVEL is set. If so, it looks if /usr/sbin/msec is a executable and $SECURE_LEVEL is greater than 3. If so, it runs /usr/sbin/msec $SECURE_LEVEL. I think it means that if you are running at level3, it calls msec to ensure all rules of your security setting are up to date. I just tested this script and for me it does what it is intended to do, i.e. with SECURE_LEVEL=3, it does nothing; with SECURE_LEVEL=4, it calls /usr/sbin/msec 4. it kind of scared me to upgrade a package as root and then have it automatically launch a shell script that messed with quite a few of the security settings. Except for the messed with part that is normal and a lot of packages do that. Or else, you would have to update the security settings (e.g. which files have suid) by hand whenever you install/update an rpm. especially since the script seemed to change things to make them more insecure by default instead of shutting off services and so on by default. I don't know what happened to you. What you describe sounds as if msec has been called with the wrong level. But I don't see how that could happen with the given script. HTH, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] Tar tumbling?
Hi. On Sat 2003-03-08 at 12:31:26 +0100, [EMAIL PROTECTED] wrote: I seem to have a problem with my tar backups. Yes, you do have. ;) When I check the backed up information, I see: -rw-r--r--1 paul paul 10240 Mar 8 12:00 backup1.tar.gz -rw-r--r--1 paul paul 10240 Mar 7 12:00 backup2.tar.gz The size is exactly 100.000*1KB. Looks like you are hitting an imposed file size limit. Type ulimit -a and you should get something like [...] file size (blocks, -f) 10 That means the system won't allow you to write files bigger than 100.000KB. One obvious way to change it is to use ulimit itself, although non-root users are limited in the ways changing the limits. From the top of my head, I am not sure where to change the system wide defaults. /etc/security/limits.conf might be one place to look at. HTH, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] normal user can delete root owned files!
On Fri 2003-03-07 at 17:03:31 -, [EMAIL PROTECTED] wrote: Its all to do with the x. for a file it means the owner/group can execute that file. But for a directory, anybody in the group for that directory can delete any file in the root of that directory, even if the group permissions for that file say they can't. Sorry, but that is wrong. The x bit for directories is about being able access the content of a directory at all. The w bit determines whether you may delete (or create) files within a directory. And for completness' sake, the r bit controls whether you may list the content: # preparation newton:~ mkdir test newton:~ echo bar test/foo newton:~ ls -ld test drwxrwx---2 philemon philemon 4096 Mar 8 00:29 test newton:~ ls -l test total 4 -rw-rw1 philemon philemon4 Mar 8 00:29 foo # test what x does newton:~ chmod a-x test newton:~ ls test foo newton:~ cat test/foo cat: test/foo: Permission denied newton:~ cd test test: Permission denied. newton:~ touch test/foo2 touch: cannot touch `test/foo2': Permission denied newton:~ chmod a+x test # summary: lack of x forbids any access except accessing list of contents # test for w newton:~ chmod a-w test newton:~ ls test foo newton:~ cat test/foo bar newton:~ cd test newton:~/test cd .. newton:~ rm test/foo rm: cannot remove `test/foo': Permission denied newton:~ touch test/foo2 touch: cannot touch `test/foo2': Permission denied newton:~ echo wah test/foo2 test/foo2: Permission denied. newton:~ echo wah test/foo newton:~ cat test/foo wah newton:~ chmod a+w test # summary: lack of w forbids only deletion or creation of files, but # allows changing of existing ones # test for r newton:~ chmod a-r test newton:~ ls test ls: test: Permission denied newton:~ cat test/foo wah newton:~ cd test newton:~/test cd .. newton:~ touch test/foo2 newton:~ chmod a+r test newton:~ rm -rf test # summary: lack of r forbids listing the directories content, but # direct access to content still works If you think about a directory as being a list of files and the permissions working on that, at least the r and w behaviour is intuitive at once: r tells if you are allowed to read the list of files (but nothing about accessing the files themselves); w tells if you are allowed to write to the list (creating/deleting files would change the list, but changing the content of existing files would not); and x can be thought of really being about what is contained in the directory, not the list of files (therefore looking at the list is still allowed, but nothing else). HTH, Benjamin. PS: I did approach the issue from the side of what happens if I take away that bit. Doing the tests when only one is set is left as an excersise for the reader. ;-) pgp0.pgp Description: PGP signature
Re: [newbie] Installing RC2, never asked for CD2 or CD3
On Wed 2003-03-05 at 17:38:22 -0500, [EMAIL PROTECTED] wrote: During the installation of RC2, I am never prompted for CDs 2 or 3. Why is that?! Am I supposed to add the other two CDs with urpmi? No. You should be asked for CD2/CD3 during the package install (the part that takes most time :-). Did you sucessfully pass this step? If so, apparently you managed to only select programs that are on CD1.[1] HTH, Benjamin. [1] Although it is unusual, it is not too hard to accomplish... the packages are distributed on the CDs in a way that makes CD2 and CD3 less needed (e.g. CD3 mainly contains translations). pgp0.pgp Description: PGP signature
Re: [newbie] Unofficial February stats
On Sat 2003-03-01 at 16:40:07 +, [EMAIL PROTECTED] wrote: On Saturday 01 Mar 2003 3:34 pm, Todd Slater wrote: Most active posters 200 Robert Wideman 158 Anne Wilson Shucks - I'm still talking too much. I thought I'd been quieter lately. You just did it again. *lol* Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] What is sourcing?
Hello. On Fri 2003-02-21 at 16:58:47 +0100, [EMAIL PROTECTED] wrote: Hello I got some advise about a particular problem I have. Since I work with the bash shell and the advise seems to apply to ksh or csh, I would like to know how to translate the following: setenv IMAGINE_HOME /space/imagine/860 source /space/imagine/860/bin/imagine_environment setenv IMAGINE_BATCH_RUN The bash equivalent is something like export IMAGINE_HOME=/space/imagine/860 . /space/imagine/860/bin/imagine_environment export IMAGINE_BATCH_RUN= (the last line doesn't look to make sense) I don't know what this sourcing is. That means to read in a file and interpret it as commands as if you had typed them yourself. Something like an include. HTH, Benjamin. pgp0.pgp Description: PGP signature
Re: [newbie] ARTICLE: Windows XP password are useless
On Sat 2003-02-15 at 22:48:16 -0700, [EMAIL PROTECTED] wrote: Couldn't help but LMAO when i read THIS one. http://www.briansbuzz.com/w/030213/ There is nothing special about it. You have the same with Linux. Put in some install disk, choose rescue mode and you can access everything as root. With physical access to a standard PC, everything is possible (within about 15-30 mins), except if you encrypt your filesystems. The only new thing is, that you now have such a rescue disk for MS Windows XP by using a MS Windows 2000 CD, instead of having to make your own one. Benjamin. msg119758/pgp0.pgp Description: PGP signature
Re: [newbie] automatic filtering in Mozilla mail
Hi. On Thu 2003-02-13 at 23:51:13 -0500, [EMAIL PROTECTED] wrote: I wanted to try out Mozilla's Bayesian filtering and it's working amazingly well. But, I can't find how to automatically run my filter when Mozilla checks for new mail--I end up having to manually do it. Surely I'm just not finding the right check box? Using 1.3a BTW. No, it is not implemented in 1.3a. From http://www.mozilla.org/releases/mozilla1.3a/: Mozilla Mail now has basic junk-mail classification capabilities. This means you can train your client to distinguish between good mail and junk-mail. For this first release the junk-mail controls can mark a message as junk but automatic deleting has not been enabled. To learn more about this new feature check out the Mozilla Spam Filters info page. It is possible in 1.3b, tough, which is out since Monday. From http://www.mozilla.org/releases/mozilla1.3a/: Mozilla Mail's junk-mail classification is mostly complete. Users can now automatically move junk mail to a spam folder. HTH, Benjamin. msg119592/pgp0.pgp Description: PGP signature
Re: [newbie] Apache and PHP variables
On Tue 2003-02-11 at 22:17:38 -0600, [EMAIL PROTECTED] wrote: OK, so this is beyond the scope of a Mandrake forum, so forgive me for asking. I have transitioned my web server from Win2k to Linux. Everything seems to be working OK except I just noticed a page that is supposed to not show the banner, but does. In win2k, the PHP variable $URL was returning the name of the file for the page, and I have a structure to not display when the $URL is a certain set of values. php.ini has the global variables option turned on, so that's not the issue. Does anyone know if the variable is passed to PHP by the server or if it is strictly a PHP value? Was it an IIS varaible that's not in Apache2? Any ideas? Don't know, but did you try to simply print out the new value and look in which way it has changed? Aside from that, does $_SERVER[$PHP_SELF] or what you need? It is the recommended way to find out about (the local part) of the URL. HTH, Benjamin. msg119261/pgp0.pgp Description: PGP signature
Re: [newbie] C++ question.
On Wed 2003-02-12 at 00:06:24 -0800, [EMAIL PROTECTED] wrote: Hi, I am using the GNU gcc version 3.2 (Mandrake Linux 9.0 3.2-1mdk) to compile the program listed below. I get the compile time error: 23: field `cb' has incomplete type Can somebody please give me a hint on why the compiler is complaining? Because you try to use class C before it is defined (you declared it above, but the definition comes afterwards). As long as the class is only declared, you may only use it in limited context. For example, you may create a pointer or reference to the class, you may also define new types based on the class (typedef). But when you define class D, the compiler tries determine the memory layout of the class, and thefore has to know more about C than it does at that point. A more detailed explanation can be found in http://www.cuj.com/experts/2002/austern.htm?topic=experts HTH, Benjamin. [... reduced example to the relevant part ...] class C; class D { C cb; }; class C { int foo; }; int main() { } msg119264/pgp0.pgp Description: PGP signature
Re: [newbie] Rpmdrake in 9.1 needs to be stomped and burned
Aside from Tom's insighful comments[1], to set some facts straight... On Wednesday February 12 2003 01:09 pm, Lyvim Xaphir wrote: [...] thing. In LM91 beta 3, to duplicate the functionality of one LM82 Rpmdrake UI instance, you must activate all four icon instances of rpmdrake listed in MCC. Then you end up with four seperate windows, each one of which looks identical to the other one except for the title bars. It's absurd. For me, it's absurd to keep all four open. I keep my box up-to-date all the time and only need one (install). And from time to time, but far less often, I also need to start uninstall. I wonder how often you change your sources, if you need to keep it open... The only time I find the new scheme lacking is when I try to find out about the state of a package without knowing it's name (I try searching and cannot be sure whether I mistyped the name of it is not in the installed list). Now try running the new and improved rpmdrake from an Eterm. It puts you into software packages installation mode. Can you affect what mode you want it to go into? Not according to rpmdrake --help. There is not a method listed to do so. That's because they are four different programs. You don't expect to find rmdir when you type mkdir --help do you? Translation: Mandrake Update mode: unavailable. MandrakeUpdate Remove software mode: unavailable. rpmdrake-remove Software Sources Manager mode: unavailable. edit-urpm-sources.pl Previously all these functions were easily accessible from within the LM8X rpmdrake UI. What's wrong with using the GUI (mcc) to start a GUI-program? Or really using the CLI, if you start doing so (using urpmi instead of rpmdrake)? NOW you have to activate a seperate icon for each one. El dumb-o. The positive side to all this is that in the Mandrakeclub RPM voting page, you can let it be known if you do not like LM9X Rpmdrake by casting your vote for Ctardif's entry, listed as rpmdrake 1.4 (9.1/i586). This would bring back the old rpmdrake. I doubt that. There are technical reasons why it cannot be brought back with reasonable effort. Read the cooker list archives for why. Regards, Benjamin. [1] You are on the cooker list since at least October... Even if you had no opportunity to read the discussion about rpmdrake, you should know where to look for it by now. msg119271/pgp0.pgp Description: PGP signature
Re: [newbie] unkillable process?
On Wed 2003-02-12 at 14:22:41 -0700, [EMAIL PROTECTED] wrote: [...] what i'm doing: ps ax | grep process su (passwd) kill -s signal pid using all kinds of signals starting with sigterm, sigkill, Those two is all you need. kill -s TERM will ask the process to terminate (the process may refuse), kill -s KILL forcefully tries to kill the process (. If it doesn't terminate after a KILL signal, there is no way to do it. Usually it means that your kernel got a hickup which shouldn't normally happen. There are cases where the kernel cannot remove a process due to its internal state[1], but I only encountered these with either broken kernels (i.e. an update fixed it) or with broken hardware. signals like sigrtmin+2 even were [and man kill does not say]) man 7 signal (that's mentioned in man kill) not wanting to get mucking around too much with something i didn't fully understand i didn't use them ALL but it seems like sigkill should kill just about anything :-/ Correct. If it does not, there is nothing a mere user (or admin) can do about it. HTH, Benjamin. [1] AFAIK, a killed process which currently happens to be somewhere in the kernel space, will not terminate until it jumped back to user space. So one explanation for such an unkillable process is that it got stuck in the kernel space somehow. msg119277/pgp0.pgp Description: PGP signature
Re: [newbie] Rpmdrake in 9.1 needs to be stomped and burned
On Wed 2003-02-12 at 14:30:04 -0700, [EMAIL PROTECTED] wrote: [...] the most important feature of 8.2's rpmdrake was that you could see... right there in front of you... what files it would put where if you installed it. with rpmdrake in 9.0 it's not there. Choose maximum information. If it is not there as button (I think that is only there in Cooker), use the context menu (press right mouse button while in the right side of the window. [...] so, since rpmdrake's become enigmatic, anyone know what command used to query a package BEFORE istallation to list every file it's going to install (and where) so i could, for example, out the output to a text file and read it first? (ie command [option] [pakcage] files.txt) Aside from the example above, you can use rpm for that, presumed you know a server holding the file, e.g. rpm -qlp http://mandrake.secsup.org/Mandrake/9.0/i586/Mandrake/RPMS/Apache-ASP-2.37-3mdk.noarch.rpm Learned that myself only this week. :-) HTH, Benjamin. msg119281/pgp0.pgp Description: PGP signature
Re: [newbie] Vi vs Emacs... Not a flamewar!!! Any flames will be ignored
On Mon 2003-02-10 at 17:31:26 -0500, [EMAIL PROTECTED] wrote: [...] Ok, but how do you turn on number lines insise Emacs. If I've coding in Java and the compiler tells me I've got an OutOfBoundsException on line 4893 I don't want to have to count 1,2,3... from the top if the page, ya know? ;) M-x goto-line 4893 will jump to the line in question[1] M-x line-number-mode will toggle display of the line number in the status bar. If you put (setq line-number-mode t) into your .emacs file, it will be enabled on startup. You can set (setq column-number-mode t) to get column numbering, too. (global-set-key \C-cg 'goto-line) will allow you to press Control-c g instead of typing M-x goto-line. I don't claim that this is the most effective way to do this, but it works fine for me. Ah, and by the way, there is a nice reference sheet coming with emacs (in /usr/share/emacs/version/etc/refcard.tex). It's written in TeX and you would have to call tex refcard.tex and dvips refcard.dvi, but there are already made PDF's out there, e.g. http://faculty.uml.edu/mbumble/courses/16.342/help/refcard.pdf HTH, Benjamin. [1] That is, meta-key with x goto-line RETURN 4893 RETURN where meta-key with x is either press ESC, press x or hold left-ALT and press x whichever you prefer. msg119006/pgp0.pgp Description: PGP signature
Re: [newbie] This fellow needs help. His mails are being rejected.
Hi. From: Terry Smith [EMAIL PROTECTED] Date: 08 Feb 2003 18:05:40 -0500 [...] Final-Recipient: RFC822; [EMAIL PROTECTED] Action: failed Status: 5.2.0 Remote-MTA: dns; linux-mandrake.com Diagnostic-Code: smtp; 450 Client host rejected: cannot find your hostname, [64.8.50.181] [...] On Sat 2003-02-08 at 19:58:04 -0500, [EMAIL PROTECTED] wrote: [...] When you send a message to sympa, the Mandrake list server, it tries to do a reverse lookup on the ip address of the smtp server sending the connection to match the smtp domain name against the domain name of the from address. I gather that this technique is to prevent a spam attack from happening. Looks like that is the problem. Yes, reverse lookups are common practice, not only by mail software. It's an easy and reasonable way to raise the bar for abuse. This kind of thing happens when the mailhost you are sending through is a virtual server, meaning there is one numeric ip address for many domains. Not completely correct. What you refer to is the fact that it can happen that the reverse lookup results in a different name than the domain provided originally, e.g. $ urpmi bind-utils $ host www.nic.de www.nic.de has address 194.246.96.76 but $ host 194.246.96.76 76.96.246.194.in-addr.arpa domain name pointer direct.denic.de. 76.96.246.194.in-addr.arpa domain name pointer intern.denic.de. 76.96.246.194.in-addr.arpa domain name pointer member.denic.de. 76.96.246.194.in-addr.arpa domain name pointer secure.denic.de. 76.96.246.194.in-addr.arpa domain name pointer project.denic.de. 76.96.246.194.in-addr.arpa domain name pointer transit.denic.de. 76.96.246.194.in-addr.arpa domain name pointer wwwtest.denic.de. 76.96.246.194.in-addr.arpa domain name pointer intern-old.denic.de. 76.96.246.194.in-addr.arpa domain name pointer www.denic.de. 76.96.246.194.in-addr.arpa domain name pointer jobs.denic.de. 76.96.246.194.in-addr.arpa domain name pointer test.denic.de. 76.96.246.194.in-addr.arpa domain name pointer board.denic.de. Although they made the effort to list all the reverse lookups, they missed www.nic.de in their list. So if the server makes a connection as www.nic.de (which they probably don't do), the other side would end up with a different name by the reverse lookup. But the cited error message (cannot find your hostname, [64.8.50.181]) indicates that the reverse lookup failed completely. You can easily check this yourself: $ host 64.8.50.181 Host 181.50.8.64.in-addr.arpa not found: 3(NXDOMAIN) If you look at me, I am currently online as pD9EB55B6.dip.t-dialin.net, which resolves fine: $ host pD9EB55B6.dip.t-dialin.net pD9EB55B6.dip.t-dialin.net has address 217.235.85.182 $ host 217.235.85.182 182.85.235.217.in-addr.arpa domain name pointer pD9EB55B6.dip.t-dialin.net. In this case, sympa cannot do the reverse lookup and quietly rejects the message. Well, not exactly quietly. You did get a bounce, didn't you? The reason it takes 4-5 days to bounce is because your mail server (@adelphia.net) handles it as temporary failure and retries for some time before giving up (that's perfectly okay, because most times this error will be due to some DNS problems). I am also a subscriber to Adelphia PowerLink and I cannot use my @adelphia.net address to send to the list. I must use a POP3 account I have on my professional association. Although I am no specialist regarding this issue, I consider it a misconfiguration of adelphia.net DNS entries. You should probably report the problem to [EMAIL PROTECTED] and see what they say. Another problem with Adelphia specifically is the way they route their mail. He may have been allowed by sympa to subscribe, but then the smtp server he was using changed because of Adelphia's load balancing, rotation or network problems, which sympa does not like. Really? The mailing list should not care at all which way a mail is routed. I did not notice any problem when my mail routing changed last November. As long as he is receiving messages, it may be worthwhile to get a free portal address at Yahoo or Excite and send messages to the list from there. As I said, if I am not mistaken, that is a problem with Adelphia's DNS configuration. They should either fix the problem or be able to tell specifically who else is the culprit. If not, then I would seriously consider another provider, because you cannot know what else they don't know how to handle. I have tried sending an e-mail to MandrakeSoft to get an explanation for this and no one responded, so this is what I have surmised from the evidence I have. Well, they are kind of over-worked all the time and it is not a problem they can do much about anyhow, I think. HTH, Benjamin. msg118783/pgp0.pgp Description: PGP signature
Re: [newbie] This fellow needs help. His mails are being rejected.
On Sat 2003-02-08 at 21:17:47 -0500, [EMAIL PROTECTED] wrote: On Saturday 08 February 2003 08:59 pm, Benjamin Pflugmann wrote: [...] Well, not exactly quietly. You did get a bounce, didn't you? The reason it takes 4-5 days to bounce is because your mail server (@adelphia.net) handles it as temporary failure and retries for some time before giving up (that's perfectly okay, because most times this error will be due to some DNS problems). I meant quiet from the standpoint that sympa does not respond, but the isp finally gives up. But yes, you are right. I am not sure if what you mean is completely correct. It sounds as if you think the mailing list server does answer at all. You are right that sympa (the mailing list software) does not respond, but that it because the mail never comes so far. But the SMTP server for the mailing list does respond (the cannot find your hostname, [64.8.50.181] bit). The mail does not get to passed to sympa, because the error is raised earlier in the chain. So it is not that the ISP does not reach the mandrake mailing list server. It does reach it, but the server says, I take no mail from you, because I cannot find your hostname. You get the bounce from your ISP, because it is the last server in the chain that accepted responsibility for the mail. Mandrake's server rejected the mail before it accepted responsibility, therefore it's up to your ISP to possibly retry and at the end generate the bounce. [...] specifically who else is the culprit. If not, then I would seriously consider another provider, because you cannot know what else they Not an option as they are the only broadband provider at my address :-( Another option would be to find someone with a mail server who would be willing to be a mail relay for you (only needed as outgoing server). HTH, Benjamin. msg118800/pgp0.pgp Description: PGP signature
Re: [newbie] This fellow needs help. His mails are being rejected.
Please trim what you quote to the relevant part. On Sat 2003-02-08 at 22:58:05 -0500, [EMAIL PROTECTED] wrote: On Sun, Feb 09, 2003 at 02:59:42AM +0100, Benjamin Pflugmann wrote: [...] Although they made the effort to list all the reverse lookups, they missed www.nic.de in their list. So if the server makes a connection as www.nic.de (which they probably don't do), the other side would end up with a different name by the reverse lookup. Having a different name on reverse lookup does not block the mail. If you read my mail again, you will notice that I never said so. I only said, they will end up with a different name. I only exercised that example to make clear what the original author claimed in order to show afterwards that in real the resolving errored out. Anyhow, saying that a different name on reverse lookups does not block mail is not complete either. Reverse lookups are common, but there is no general rule how much consistency applications (not only mail software) require. Some do not require any reverse lookup at all, some (as the example you cite refer to) require only that the reverse lookup is really possible, and some that a full reverse lookup is consistent, i.e. that you end up with the name/ip you started with (in your example, a lookup starting with the ip ends up with the same ip at least). In short: It's a matter of configuration (whether such a mail will be accepted or not). This message got through from topoi.pooq.com, and it looks up as follows: [..] So although reverse lookip of the IP number gives a different name from topoi.pooq.com, when (if?) it looks up that different name it still gets the proper IP number. By the way, I'm told that one of the purposes of using the reverse name lookup is to catch stolen IP numbers, which apparently has been a big problem in some countries. Bye, Benjamin. msg118802/pgp0.pgp Description: PGP signature
Re: [newbie] OT: Shorthand
On Fri 2003-02-07 at 20:30:49 +1300, [EMAIL PROTECTED] wrote: To us Newbs acronyms are a PITA FWIW IMHO Really? Having had English as third language only in school, I had no particular trouble with acronyms when I first hit the internet - I had trouble with a lot of words, but acronyms where not worse. Sure, I did not know what they stand for, but I soon knew their meaning (that was around 1990 - man, I am getting old ;). Maybe it was easier for me, because I was used to not knowing every word in an English sentence (and no, looking up each is not reasonable when skimming through newsgroups). I knew that when something is a PITA, I don't want to have to do it. Hehe, and when I learned what YMMV means (your mileage may vary), I was none the wiser, because I was not familiar with neither the idiom, nor the relevant words. So, yes, acronyms are unfamiliar, but a PITA? Well, just imagine how all the people have to struggle, who are not native English speakers and therefore miss to know even more words. :) Bye, Benjamin. PS: AFAICT, for any down here LOL is known as Loughing Out Loud, a variant of ROTFL (Rolling On The Floor, Loughing). And, btw, I never heard of TTYTT before, neither had Google (125 hits - PITA has 117.000). Up here in Utah even in notes passed in jr. high school it was used as either Laugh Out Loud, Lots of Laughs or Lots Of Love, depending on context (it got confusing at times =)~ ). A few i don't see listed as net jargon but still see in chats/email: TTYTT:to tell you the truth GMTA:great minds think alike ;-) msg118609/pgp0.pgp Description: PGP signature
Re: [newbie] Complete newbie, trouble trying to install mandrake 8.2 on a Mac G-4
Hi. On Fri 2003-02-07 at 00:31:22 -0800, [EMAIL PROTECTED] wrote: Howdy, I have d'loaded two disk images from the Mandrake site, both are iso's, what exactly do I have to do to to make these iso's into somehtign I can use to boot off of for my mac? I tried doing it through Toast 5.0.2. But have had no luck with that, my machine would not boot from the disks, using the C key at start up, or through the open firm ware (cmd + opt + O + F) key combo. For the life of me, I can not figure out what to do with the iso's. Any insight into what is needed to be done with these iso so I can use them, and then actually ask some Linux related questions later would be greatly appreciated. I am not too familiar with Mac usage. That said, simply burning should be enough. There shouldn't anything special to be aware of. Hm. Are you sure that you got the right images for Macs (and not accidently those for PC or whatever)? Do you still have the URLs from where you got the images? HTH, Benjamin. msg118611/pgp0.pgp Description: PGP signature
Re: [newbie] Vi vs Emacs... Not a flamewar!!! Any flames will
On Thu 2003-02-06 at 14:56:31 -0900, [EMAIL PROTECTED] wrote: On Thursday 06 February 2003 01:55 pm, FemmeFatale wrote: [...] Thx CM. Question: what are regular expressions ? And sed? Heard of it... but no clue what it is... I'll look it up later. The regular expressions has me stumped though mostly. [...] A regular expression is something like ^[K][k].*retry\ [[:lower:]] Which would match lines starting with K or k and have retry followed by a space and lowercase characters Not completly correct ;) That would be ^[kK].*retry\ [[:lower:]] The one you wrote expects Kk (sic) at the start. Aside from that, your example looks complex for starters. IMHO, the nice thing about regular expressions is that you can start slowly, some examples (read man regexp for more, it's really not so hard, if you are concentrating on what you need). hello that's a valid regular expression, simply for hello ^hello now hello has to be the start of the line h[ae]llo this may be hallo or hello h.llo . matches any character: hallo, hbllo, hcllo, ... hal*o * means any times: hao, halo, hallo, halllo, ... So .* means any charachter, as often as you want It allows for REALLY advanced searches and works well with grep egrep rgrep etc. That would look like grep '^[hH]' somefile which will search for all lines starting with a h in somefile. Everyone, try it out now! :-) Regular expressions are a mightly tool. It's like vi, everyone should know the basics. ;-) HTH, Benjamin, now goes trolling elsewhere. PS: I know, that one could use grep -i '^h' instead, but no need to get my example more complicated. Figuring out why this does the same is left as exercise to the reader. ;) msg118489/pgp0.pgp Description: PGP signature
Re: [newbie] Update the kernel ?
Hi. On Thu 2003-02-06 at 21:52:04 -0600, [EMAIL PROTECTED] wrote: [...] [root@rwideman2 boot]# df -h FilesystemSize Used Avail Use% Mounted on /dev/sda1 981M 138M 793M 15% / /dev/sda7 12G 2.7G 9.2G 23% /home /dev/sda6 3.9G 2.2G 1.6G 59% /usr [root@rwideman2 boot]# pwd /boot Am i correct in thinking it is on sda1 with 793mb left? Yes, you can always look for the longest (left-side) match of the path-name, because that's the way mount works. But an easier way is to simply give the path you are interested in to df, like this: df -h /boot and it will only display the relevant partition. HTH, Benjamin. msg118493/pgp0.pgp Description: PGP signature
Re: [newbie] Vi vs Emacs... Not a flamewar!!! Any flames will be ignored
On Tue 2003-02-04 at 21:21:06 -0900, [EMAIL PROTECTED] wrote: [... cool overview about available editors ...] If I am on a desktop and I need a quick edit, I usually grab for kedit, but any heavy work is emacs unless it is a sudoers file in which case a special variant of vi called visudo is absolutely the only way to do it without adding a session of hair-pulling getting things to work as you planned afterward. Well, just a clarification: visudo is not an editor, but only the Right Way to call an editor for the /etc/sudoers file. visudo will call anything you put in your EDITOR environment variable. So it will gladly use emacs, if you want it to (I assume, you know that civilme, but it was ambigous, IMHO). Now my personal opinion about editor choice: learn the most basic vi keystrokes - one day you will be glad to know how to edit a line and save it using vi, believe me. Although both emacs and vi (and variants) are very commonplace on UNIX, if only one editor is installed (e.g. on a minimal server), it will be vi. Aside from that, I prefer emacs for almost everything (startup speed and size are not really an argument with even yesterday's hardware). And it can do anything you want (news mail reading, shells, remote editing, file browsing, being a full IDE, some games, web browsing with(!) images... you name it). But both, emacs and vi, will take some time to learn. And setting them up to do everything the way you prefer will take some time and involves config files in a way or another. This only pays of, if you need to use them regularly (I do). If you want something with a short learning curve, nedit, kedit and friends are more suitable, but will show their limits somewhen. Bye, Benjamin. msg118203/pgp0.pgp Description: PGP signature
Re: [newbie] OT?, help convince my b/f running as root is bad!
On Sun 2003-02-02 at 21:03:25 -0700, [EMAIL PROTECTED] wrote: Heh, thx Benjamin. On the bright side we've got a router up running. Well, a router doesn't protect against downloaded, trojaned applications. I'll work on him hopefully get him to see the error of his way. Tho that is hard to do cause I run as Admin on 2k. Mostly b/c 2k doesn't handle multi-users very well IMO. *sigh* Yeah, easy and secure are mostly orthogonal. You can only make a box as safe as it still allows you to still get some work done. So, if the main reason for your (I mean you as well as him) Admin usage is that Microsoft has made it too hard to use without, then, well, that's not the case with Linux and therefore no argument anymore. Fwiw, when he first came to live here, I told him I'm going to do my utmost to secure our LAN. And that I wouldn't allow him to compromise it if at all possible. With luck I can use that argument again with yours in there too, it may sway him. :) Yeah! Go, go, go! :-) Bye, Benjamin. msg118032/pgp0.pgp Description: PGP signature
Re: [newbie] Unofficial January list stats
On Mon 2003-02-03 at 21:36:15 +1100, [EMAIL PROTECTED] wrote: On Mon, 2003-02-03 at 15:25, Todd Slater wrote: [...] 403 Stephen Kuhn [...] Egads - I can't be THAT talkative, now can I? [...] Well, I considered to ask you that earlier, but regarding these numbers I cannot hold off myself any longer... ;-) -- Mon, 3 Feb 2003 21:30:01 +1100 9:30pm up 1:56, 5 users, load average: 0.26, 0.24, 0.24 -- |____ | kuhn media australia| [... cut 18 further lines of signature ... 403 * 1168 bytes = ~460KB to each subscriber ...] ...would you mind stripping your signature a bit? Netiquette recommends 4, but even getting it down to the half would be a advancement. Bye, Benjamin. PS: Take that with a grain of salt... although I really prefer the signature to be shorter, it is meant light-hearted. And any misunderstanding is due to my lack of mastering English. msg118034/pgp0.pgp Description: PGP signature
Re: [newbie] RE: ACCOUNT REMOVAL
Hi. On Sun 2003-02-02 at 11:36:10 -0700, [EMAIL PROTECTED] wrote: On Sunday 02 February 2003 06:15 am, Charles A Edwards wrote: [...] Spamassassin thought so much of it that it routed the orig post to my Spam_Box. Hmm... doesn't like Hotmail, or has Spamassasin seen that 'handle' before? g If you are really interested in it, my Spamassassin configuration said this: [...] X-Spam-Checker-Version: SpamAssassin 2.43 (1.115.2.20-2002-10-15-exp) X-Spam-Report: Detailed Report SPAM: Start SpamAssassin results -- SPAM: This mail is probably spam. The original message has been altered SPAM: so you can recognise or block similar unwanted mail in future. SPAM: See http://spamassassin.org/tag/ for more details. SPAM: SPAM: Content analysis details: (5.40 hits, 5 required) SPAM: X_LOOP (-0.2 points) Found a X-Loop header SPAM: NO_REAL_NAME (1.3 points) From: does not include a real name SPAM: HTML_70_90 (0.9 points) BODY: Message is 70-90% HTML tags SPAM: SPAM_PHRASE_02_03 (0.8 points) BODY: Spam phrases score is 02 to 03 (medium) SPAM:[score: 2] SPAM: HTML_FONT_FACE_ODD (0.3 points) BODY: HTML font face is not a commonly used face SPAM: LINES_OF_YELLING_2 (0.2 points) BODY: 2 WHOLE LINES OF YELLING DETECTED SPAM: LINES_OF_YELLING (0.2 points) BODY: A WHOLE LINE OF YELLING DETECTED SPAM: FORGED_HOTMAIL_RCVD (0.5 points) Forged hotmail.com 'Received:' header found SPAM: UPPERCASE_75_100 (1.4 points) message body is 75-100% uppercase SPAM: SPAM: End of SpamAssassin results - So it mainly got rated negatively for - not using a real name (1.3 points), - using an excessive amount of HTML (0.9 points; 151 lines HTML vs. 12 lines text, resp. 4400 vs. 430 bytes) and - all SHOUTING (1.8 points = 1.4+0.2+0.2) The things he could not do much about are - alleged spam phrases (0.9 points) and - stripped received headers by mailing list (0.5 points) [Hmmm. Thought I had already disabled this] Had he either not used Microsoft Office(!) for writing the mail, disabled his CAPSLOCK or simply configured his mailer correctly, the mail had not reached the level (5.0) for being considered unwanted mail. Considering the displayed ignorance resp. lack of common courtesy, I must admit, I am fine with Spamassassin's rating. Either way, if you want to be sure to not miss any real mail, you can simply increase the threshold a bit (7 should be fine, 10 is for the paranoids). Regards, Benjamin. msg117935/pgp0.pgp Description: PGP signature
Re: [newbie] mutt fetchmail
Hi. On Sun 2003-02-02 at 21:09:20 +0200, [EMAIL PROTECTED] wrote: How to set mutt to find mails that fetchmail pulls and puts somewhere I don't know where, I lost 30 mails allready :) System is Mdk9.0 I am not expert in this matter, but if the mail system is configured correctly, mutt should find your incoming mails automatically (via the $MAIL environment variable). I am not sure where to start to look. Are you sure that not fetchmail is the problem? What is the output of (run in a shell): echo $MAIL ls -l /var/spool/mail /sbin/service postfix status mailq (except for the first, it may be that you need to be root to run them). If you have a ~/.muttrc, move it away temporarily to make sure the configuration doesn't get in the way. Btw, in order to avoid losing mails until it works, you can fetchmail say to not remove messages from your server (keep) and for testing force re-fetching of mails (all). It may mean that you get some mail multiple times, but it assures that you do not lose any. HTH, Benjamin. msg117941/pgp0.pgp Description: PGP signature
Re: [newbie] OT?, help convince my b/f running as root is bad!
Hi. On Mon 2003-02-03 at 01:07:41 +0200, [EMAIL PROTECTED] wrote: FemmeFatale wrote: My b/f is a windows MCSE. Fine. In windows you run as root anyway. Even on 2k I run as an Admin. Now he says he sees no diff from that to running as Root in linux. That's quite correct. So, for the same reasons that running as root on Linux is not a great idea, doing the same on Windows is not either. (I tried really hard to avoid saying is equally stupid ;-) I can't give him any better argument for not doing so other than its insecure (he doesn't care about that on a home compy) So he does not care that running some downloaded program may screw up his whole system. And if he got lucky it contains some backdoor that runs some attack and and he does not care getting cut off by his ISP (who may decide to prevent the attack and ask questions later). Security is not only about keeping your files safe, but mainly about keeping control over your computer (which also keeps your files safe). And no, that is not some theoretical issue. He should know that by now, considering all the worms and stuff that has been covered in the main press in the meantime. And security comes in layers. Even if you have some firewall in place, that protects against most of the known exploits, having an additional protection, if a new one comes out, surely does not hurt. that you can reall botch Xwindow. Botching that doesn't faze him either cause he'll just reinstall anyway. Well, given someone who doesn't care about who controls his computer and neither does value his time (just reinstall), there is really not much to argue for not running as root. It's like trying to convince someone who doesn't care about his life to fasten his seat-belts before driving. [...] If he has that much of a Windows mentality, tell him that logging on as root can corrupt the registry, then watch the blood drain from his face ;-) :-) More seriously, one reason why I barred myself from being root after more than two glasses of raki is that one typing mistake can kill your system. Well, even without raki, I consider protecting me from myself a good idea. :) Like you think you're in /mnt/windows/My\ Documents\Downloads and you want to delete a bunch of junk directories with names like ???sefdljvn5+5, ???fdsre8344 etc., so you type rm -Rf ./?* Just after you hit Enter you realise that (a) you were in /usr and (b) ? is a regular expression. Minor nitpit: You mean shell pattern / globbing. Most shells don't understand regular expressions. If it was a regular expression, ? would make the / optional and * would repeat that 0-n times, so ., ./, .//, .///, etc. would match. Btw, at least bash and tcsh support a nice feature. When your cursor is at the end of the pattern, press ^X-* (that is: press and hold CTRL and press x, then let go of CTRL, press * - that is: SHIFT-8 for american keyboard, I think). This will expand the pattern in-line and you can see without hitting return, which files match. I never use rm together with patterns without this trick anymore and never have deleted a file accidently since then (quite some years...). Maybe you could just ask him why he should bother to run as root? Agreed. That is probably the better argument. You have at least security and common (UNIX) practice on your side, make him argue what *good* reasons he has (and no, laziness is not a good reason). [...] Still, if he wants to break his computer, that's his business. If it's your computer he's running, just change the root password and don't tell him what it is. Was about saying the same. ;-) Another point regarding his ignorance regarding security is: If he has to access your computer (file sharing, login, whatever...), consider his computer untrusted (i.e. owned by some script kiddie) and apply appropriate (tight) access restrictions accordingly. Make him use different passwords for your computer, if he has an account for it (because the password for his computer has to be considered to be already logged by some script kiddie). And so on. In other words: imply his machine as untrusted as you would if it operated by some malicious stranger - because maybe it is, and he doesn't seem to care enough. Bye, Benjamin. msg117949/pgp0.pgp Description: PGP signature
Re: [newbie] Is there a way to Powerdown/Off the computer a =?iso-8859-1?q?la Winsucks=20with=20a=20cmd=20on=20the=20CLI=20or?= Gui?
Hi. Just a minor clarification on the usage of halt/powerdown/shutdown. halt (and also reboot) calls shutdown to do the work in the common case, so there is no difference in using halt for the 08/15 user. powerdown is a link to halt and will act the same in the common case, i.e. run shutdown. In other words, it does not matter whether you call powerdown, halt or shutdown, they all end up executing shutdown. reboot acts the same, except that it calls shutdown with -r instead of -h. I don't know if there is a point to make what is the Right Thing to do. Once, it was clearly shutdown, but today...? At least for multi-user systems you should still use shutdown, because of the timeout and message before rebooting. (Yes, you should give other users time to save. Yes, really.). Regards, Benjamin. PS: And, which should be clear by now, which one you use has nothing to do at all with whether the hardware really turns off itself. On Sun 2003-02-02 at 20:29:19 -0400, [EMAIL PROTECTED] wrote: On Sun, 2003-02-02 at 19:58, Chuck Burns wrote: On Sun, February 2 2003 5:42 pm, Adolfo Bello wrote: : On Sun, 2003-02-02 at 19:30, Jason Greenwood wrote: : I've got a laptop and halt works fine here : : Sorry, the command is shutdown -h now. : : Anyway, neither halt or shutdown power off my laptop. 'poweroff' works for me.. has for years. Nope. In my case it has something to do with enabling ACPI. msg117952/pgp0.pgp Description: PGP signature
Re: [newbie] poor performance on software raid setup
Hi. On Thu 2003-01-30 at 21:47:11 +1100, [EMAIL PROTECTED] wrote: [...] raid, I would get results around 387mb cache, and 45mb read. The settings I would use on these systems would be hdparm -X68 -c3 -d1 -u1 -m16. Now, when I ran hdparm in md9 (had to install, the distro didn't have it included) with the s/raid, I get results around 330mb cache, and 5.5mb read. BIG performance drop. Sounds as if DMA is disabled. When trying to set any parameter setting through hdparm, it tells me that it can not use these setting on a scsi device. I think, using the command on the underlying devices (/dev/hda? etc.) should work. The /dev/md0 is only a logical device. Btw, note, that hdparm only measures raw throughput whereas the speed advantage of RAID also comes from improving access times (i.e. lowering latency). In other words: The RAID-level with highest hdparm rating is not necessarily the one which is fastest for real applications. Regards, Benjamin. msg117460/pgp0.pgp Description: PGP signature
Re: [newbie] Dell Optiplex
Hi. On Tue 2003-01-28 at 01:55:33 -0500, [EMAIL PROTECTED] wrote: On Mon, 2003-01-27 at 17:38, Kaj Haulrich wrote: Anyone here managed to install Mandrake 9.0 upon a Dell Optiplex ? - If yes, what's your mileage / experience ? My reason for asking : I just contacted Dell Denmark and asked for an *empty* Optiplex. They were quite negative, asking why I don't want Windows preinstalled. I told them that I wanted to install Mandrake. Long pause. Then they cheered up quite a bit : Actually, they could deliver an Optiplex with Linux ( RedHat, I suppose) preinstalled ! [...] I'm glad to hear that they are giving consumers a choice. Although I'm disappointed to hear that they expect to give winblows preinstalled. IIRC, it's a concession to their Microsoft OEM license, which doesn't allow them to ship without OS. But they found that they can circumvent it, if they install a different OS. IMHO it was less about expecting Microsoft Windows preinstalled than having any OS preinstalled. That would well explain their change in attitude. I guess they talked about Windows, because that is simply still what most customers ask for (i.e. they would confuse 9 of 10 customers if they asked, if it would be okay to install Linux instead). HAND, Benjamin. msg117141/pgp0.pgp Description: PGP signature
Re: [newbie] MySQL users DB corrupted
Hi. On Thu 2003-01-09 at 11:21:49 -0800, [EMAIL PROTECTED] wrote: I have a small problem where a power outage has corrupted the user database for mysql, now no users can authenticate/manipulate any databases hosted by the MySQL Engine... This is rather annoying since I am no longer able to administer the databases, and I appear to be unable to modify, or create users all together. The engine is running, and the availability of data is still there, but in a read only manner. I can pull data out, but unless I can authenticate, I cant enter any in! How can I fix this? Almost all of the admin tools I have found will not work without logging in. If there is no other solution, is it possible to import the existing database I have (used for inventory purposes) into a fresh mysql install? I cant export anything, and the database files are basically flat files at this point... A good web resource would also be appreciated! any help would be appreciated. There are several possibilities, some of them depend on how recent your version of MySQL is. - You can try repairing the tables from the shell with myisamchk (be sure to stop mysqld beforehand), like this: myisamchk -r /var/lib/mysql/mysql/*.MYI If there are no files ending in .MYI, but only .ISM, use the following instead: isamchk -r /var/lib/mysql/mysql/*.ISM Usually you would use REPAIR TABLES from the mysql prompt (or some graphic utility), but since you have problems authenticating I won't go into depth about that. The (my-)isamchk solution only requires that you have the file privileges (i.e. that you can become root). Make sure that the files belong to the same user as they did beforehand, when you are done. - Alternatively you can start MySQL so that ignores the privileges tables at all. *Note that running it this will is a security risk*, depending on your configuration and you should keep the time running MySQL this way short. Using --skip-networking reduces this risk, because only connection from the localhost are allowed then. You have to start MySQL with --skip-grant-tables (or short: -Sg). You can start it using safe_mysql: /usr/bin/safe_mysql --skip-grant-tables --skip-networking If that makes problems, you can alternatively edit the MySQL startup-script /etc/init.d/mysql (don't forget to change it back afterwards). When you connect to MySQL after starting it this way, you have all privileges the MySQL root usually has. You can try the mentioned REPAIR TABLES, if you want (it will do the same as myisamchk) or you can make a dump of your data - something like mysqldump --opt your_database somefile should do. Then remove all files in /var/lib/mysql and use /usr/bin/mysql_install_db to setup the privilege tables from scratch. Then play in your dump with something like mysqladmin create your_database mysql your_databaes somefile Well, I'll stop for now. Hope that gets you along. Bye, Benjamin. msg114910/pgp0.pgp Description: PGP signature
Re: [newbie] stupid newbie mozilla question about tabs
On Sun 2002-12-29 at 18:04:15 -0700, [EMAIL PROTECTED] wrote: At 12:13 AM 12/30/2002 +0100, you wrote: http://www.mozilla.org/docs/end-user/moz_shortcuts.html#tabbed_browsing Helps muchly! Ty! You are welcome. Now how come when I go to a site Search I find nothing??? Tell me! :-) Well, I had the advantage that I knew the info is there. I stumbled upon it once in some news posting (mozillazine?), so I only had to come up with the right search phrase. keybord shortcuts did the trick. Without keyboard you find only a lot about the context menus, which are also called shortcuts. Bye, Benjamin. msg113163/pgp0.pgp Description: PGP signature
Re: [newbie] stupid newbie mozilla question about tabs
Hi. On Sun 2002-12-29 at 14:17:48 -0700, [EMAIL PROTECTED] wrote: I use Mozilla in winfucksme linux both. yet on neither can I find docs in their help files on tabbing by Keyboard. You might find this keyboard shortcut page helpful: http://www.mozilla.org/docs/end-user/moz_shortcuts.html#tabbed_browsing HTH, Benjamin. msg113096/pgp0.pgp Description: PGP signature
Re: [newbie] When is root not root?
Hello. I am no security expert, read the following with that in mind. On Fri 2002-12-27 at 16:56:32 +, Anne Wilson wrote: On Friday 27 Dec 2002 3:16 pm, David Williams wrote: On Friday 27 December 2002 08:56 am, Anne Wilson wrote: Although I practically never log in as root, there are many things that require root priveleges, so opening File Manager (Super User Mode) or a root console is a common task. Why is this not as dangerous? I am not sure if I understand your question correctly. If your question is why it is safer to run the application in question that way: it isn't. The point is to run *only* that application as root, which is safer than running everything as root. Although it is not a big safety win, why would you expose yourself unnecessarily? Should we be closing those sessions as soon as possible? Yes. But not because it is unsafe per se to have this session running, but only to be sure to not forget to close it. Leaving your computer alone with an open root session is not a good idea. What safeguards are there? sudo is a nice way to make root access safer and its use is quite standard in Linux production environments. It allows to execute a single command as root like this: sudo -H urpmi mozilla and gives up the root privilege afterwards, at once. It uses a config file (/etc/suduers) to determine who may execute which commands as root (yes, that means you may allow your roommate to only restart the webserver). It requires to authenticate with your (user) password (can be overridden), but only if you did not use it for some minutes (can be overridden, too). The advantage is that you don't have to remember to close anything in order to lose root privileges after you are done with the task. For home use, setting up sudo and getting used to it is probably not worthwhile. OTOH, once you know sudo, it is a matter of less than a minute to have a basic setup running. To add to that question (and mostly for my clarification), -- Is opening a console as superuser and installing something the same as logging out as a user and logging in as root.? Basically, yes. At least, if you login as root on the text console. If you have a graphic login, you will end up running everything as root, including KDE/GNOME, the file managers, the panels. Everything. And most of these applications where not designed with safe-as-root in mind. Although, in realitity, there is not much that will go wrong this way, you should restrict such a session to the task at hand. And not read mail, surf the web and so on. But, for a comparison, doing so is still safer than downloading a program from untrusted sources (yes, that means almost any website) and using root (either way) to install it. The risk of being harmed by a malicious program is much higher than something going wrong with your root session. There are two things to keep in mind: Security comes in layers. You do not want to have a single point of failure. Therefore you try to minimize your exposure in every layer. That's why you want to keep your actions as root to the necessary only: Not because it has any immediate risk, but because it lowers the possibility that another hole can be escalated this way. Therefore you stop unused services. Therefore you do not want to run more applications as root as needed. Second, there is no perfect security and how much you invest in security depends on how paranoid you are and what you have to lose. And, of course, how inconvenient the security measure would be. You don't keep your watch in a safe, except perhaps, if it is a Rolex. ;) OTOH, you lock your doors when you go out, and you do not have valuable jewelry lying around openly, do you? HTH, Benjamin. PS: Ah, and because it cannot be said often enough: Most important is that you keep your computer up-to-date with security fixes, of course. Especially for programs that handle untrusted input (any internet-related program, compilers, ...) msg112933/pgp0.pgp Description: PGP signature
Re: [newbie] When is root not root?
On Fri 2002-12-27 at 19:03:04 +, Anne Wilson wrote: On Friday 27 Dec 2002 6:47 pm, Benjamin Pflugmann wrote: [...] sudo is a nice way to make root access safer and its use is quite standard in Linux production environments. It allows to execute a single command as root like this: sudo -H urpmi mozilla [...] Thank you Benjamin for a most thorough reply. You are welcome. sudo looks interesting - though I presume it is CL only? Correct. Sorry that I did not mention this explicitly. I thought your mail was mainly about console use, but only on re-read I realized that it wasn't. Bye, Benjamin. msg112955/pgp0.pgp Description: PGP signature
Re: [newbie] about to give up
Hello. On Sat 2002-12-07 at 17:17:19 +1100, Stephen Kuhn wrote: On Sat, 2002-12-07 at 16:00, Mark Weaver wrote: [...] AND, dig this - those installations are going on the SAME machine - nothing changed. Nothing. Nada. The first five times I installed MDK on this workstation, I changed some things here and there just so that I could get the feel of the install. After that, though, the installations were by the book as I wanted them - and as stated, two of the five installations would NOT hold the settings properly. That sounds like a hardware problem. Programs are deterministic (except if randomness is explicitly implemented), i.e. given the same inputs, you will get the same execution path and the same output. If the output changes (your installation sometimes has problems and sometimes not), the input (in the widest sense) must have changed. Maybe the machine changed them indirectly, e.g. because the RAM is faulty. Maybe you gave different inputs, by changing the configuration, but I doubt that. There is one option left: Changing inputs due to operations that depend on timing, but usually that is accounted for in the programs. I have installed Mandrake 9.0 about 10 times and never observed any changes that looked abitrary or randomly. My experience is, that such random changes are most often caused by hardware problems. Even if they are only observed with one OS. That simply means, that it does something different, so that it triggers that behaviour. (I even had that with faulty RAM. X under Debian 2.2 was unstable, but Microsoft Windows 98 run fine, a memtest showed the RAM was broken - only with certain storage patterns). So, instead of all of us that know something about something throwing blame back at those less experienced, there are some things that have to be realized - there ARE problems with the MDK 9 distro and they HAVE to be fixed. The best way to get them fixed is to find a reliable way to reproduce them and post the recipe. [...23 lines of signature deleted...] Btw, would you please trim that down when posting to the list. Thanks. HTH, Benjamin. msg111099/pgp0.pgp Description: PGP signature
Re: [newbie] O.T. - Looks like somebody is making a buck off selling Mandrake
Hi. On Fri 2002-12-06 at 09:00:09 -0600, Tom Brinkman wrote: On Friday December 6 2002 07:17 am, Steve Jeppesen wrote: If this person is burning copies off a set of disks and then selling them, isn't that illegal though? I mean I will (and have) burned a set of disks from my copy, then GAVE it to a friend is ok, but selling the high number of sets of disks this person is doing is wrong, **unless** endorsed by Mandrake somehow. Just my 2 cents worth, thus the reason for the first post - I have no idea if this person is legit or not. It is legit, tho slightly expensive. This person is doin nothin different (or illegal) than the many websites like cheapbytes do. The software is still free. The packaging and SH is what's being charged for. I do not believe that it is legit. Of course, copying and selling Mandrake CDs is perfectly legal, as that is explicitly allowed by the GPL. But the page makes it look like it were the official package I would get. It is at least in the legal questionable. http://www.opensoars.com/?page=shop/flypageproduct_id=73 is sellin Mdk 9.0, 3 CD sets for $2.99 But those make quite clear, that you only get the CDs and not support or whatever else may be contained in the official packages. They also mention where you can download it for free (well, except your online costs, of course ;-). Bye, Benjamin. msg04/pgp0.pgp Description: PGP signature
Re: [newbie] OT help writing my deny IE page
Hi. On Thu 2002-09-19 at 08:10:08 +0100, Alastair Scott wrote: On Wed, 2002-09-18 at 23:36, Franki wrote: I don't think the answer would be yes... By a strange coincidence a very interesting post from Thor Larholm (of the IE list) regarding Mozilla appeared on [bugtraq]. I reproduce it in full; it would seem that the yes can't be very confident (of course, we will never know what Microsoft finds, and fixes, internally): You are going to compare apples with oranges. I read that posting on bugtraq, too, and think it was way off (claiming that one would/should get a different view of mozilla): 1. These are bugs _fixed_, not open bugs as with IE. 2. Mozilla has never made a secret about 1.0.0 having security bugs, but strongly recommended an upgrade to 1.0.1 when it came out (http://www.mozilla.org/, topic Mozilla 1.0.1 released) 3. You can complain about them not listing all bugs explicitly, but then 4. complain to your vendor (aka distribution). mozilla.org does not provide end-user support. 5. The list contains bugs of which is not known if they have security relevance or not, but only, that they *might* have. 6. Some of those were serious, other were mere inconveniences. 7. There are three open security bugs listed for 1.0.1. Have a look at them and (hopefully) feel warm and safe, if these are the worst to fear... 8. As you said yourself, you will never know, how such a list for IE would look like. In short, the main thing one can accuse mozilla.org of, according to the proof this posting provided, is that they did not listed comprehensive details about all bugfixes which may have security relevance. Well, I have yet to see such a list from Microsoft. My point is: Although I would also prefer mozilla.org to push information about such bugs more, this lack cannot compared in any way to a company which still has more than a dozen security related bugs not fixed for *several* months in their equivalent product (not counting mail components and others, which Mozilla provides, too). Btw, it is common practise to *not* announce any bug with possible security implications. That is, because most time it is not worth the time to find out if the bug really had potential to be exploited. Just as abitrary example, consider which announcements you read about PHP. Then go and dig into their Changelog and look for any fixes which might have security relevance (e.g. all crashes related to variables and function calls). Then reconsider the Mozilla list you forwarded. /rant off ;-) Bye, Benjamin. msg104536/pgp0.pgp Description: PGP signature