[opensuse-factory] Re: Modules to include in initrd for ATI SB600 chipset
The problem was resolved adding as boot parameter: install pci=nomsi Thanks for Your Help! 2007/7/15, Juan Erbes [EMAIL PROTECTED]: I have a motherboard MSI K9A PLATINUM with a Athlon64 X2 5200, and I can't install any version of Suse or Opensuse beause the install program do'nt detects dthe har disk. The install program will load the ahci module, but it's buggy, and the bios is set to Native IDE I changed the setting to ahci, but do'nt works. I triyed to use the sata disk from my old computer with OSS 10.3 alpha5 32 bits, but I could'nt lograte to mount and load the system. I added to the initrd the modules atiixp, pata_atiixp and sata_sil. The bios is set to Native IDE. How appear the disk? as ide or scsi? How I need to name the patitions?. In my old computer the roor partition appear as /dev/sda2. I have installed a Asus dvd ide burner as first ide device. What modules I must to include in initrd? Thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
Mandag 16 juli 2007 18:00 skrev joe: Richard Creighton wrote: Just about every day, often several times a day, my logs include hours of log entries that look like this: Jul 16 00:35:25 raid5 sshd[6966]: Invalid user admin from 83.18.244.42 snip My question is what, if any firewall rule could I write that could detect such attacks and automatically shut down forwarding packets from the offending node or domain? That would give me an additional layer of defense as well as freeing up a significant amount of log file space. I prefer a more simple approach. Rather than adding more firewall rules, I set the sshd allowed_users parameter to the 2 accounts that actually have a reason to log in, and I also limit the IP addresses which will accept an ssh connection using tcp wrappers (hosts.allow, hosts.deny). Joe Hi Joe, quote: sshd allowed_users parameter to the 2 accounts in what file do you do that? Would that be an additional line in /etc/ssh/sshd_config, 'cause I can't seem to find an empty line like that in my system? -- - Med venlig hilsen/Best regards Verner Kjærsgaard -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] Re: MySQL encryption agent
Stuart Murray-Smith escribió:
Greetings list
openSuSe 10.2
MySQL 5.0.26
How can I establish what the standard encryption agent(s) is (are) for
MySQL?
SELECT ENCRYPT('password'), PASSWORD('password'), MD5('password');
generates a different encrypted password to what:
you are seriuolsy confused, this is the expected behaviuor.
ENCRYPT calls crypt() system call
PASSWORD is mysql specific way to encrypt password suitable for
encrypting MySQL passwords for storage in the Password column of the
user grant table. ( do not use this in your app)
MD5 quite obviuoly uses MD5
if you are coming from older mysql versions, and you used PASSWORD() to
encrypt your passwords in newver mysql versions you must use
OLD_PASSWORD() to obtain the same old result. this function is
deprecated and I suggets you convert your passwords (with the password
reminder form) ASAP because it may go away at anytime soon.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot shut down
[EMAIL PROTECTED] wrote: Okay, I've used the init 0 for shutting down for a week now. Well, it can always shut my machine down. But some of the time, the hard drive apparently wasn't unmounted because occasionally when I turn on the machine, it always replayed transactions. There's about 200 transaction replayed when this happens. So, I am worried that eventually it will corrupt my Linux. Is there any other way to solve this problem? Thanks. Hans defaber said: [EMAIL PROTECTED] wrote: Hi, I've installed a new SuSE 10.1 with some additional packages that I've downloaded from the net. Now I can't shut down. I think it was all because I installed fuse 2.6.5 and ntfs-3g 1.516. Even in startup the kernel is marked tainted because of the fuse package. How can I fix this? Thanks in advance. Fare thee well, Bawenang R. P. P. ERROR: Brain not found. Please insert a new brain! “Do nothing which is of no use.” - Miyamoto Musashi. I live for my dream. And my dream is to live my life to the fullest. Try to open a terminal window. login as root (su , password) Then type init 0 Does that work ? Succes, Hans -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] The shutdown procedure is not much more than a'n init 0 , the init program is the workhorse of the startup and shutdown. If you look at the shutdown messages on your screen, you should see at the end the unmount messages of all disks. I think your real problem is a program that should be shut down first before the systemshutdown. Mostly database applications have a separate shutdown. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John Andersen wrote: On Monday 16 July 2007, G T Smith wrote: The real problem starts when the attacker hits pay dirt, the entries I would worry about are the ones that are not in the log. Paydirt? You mean like guessing BOTH the account name and password? The chances of this are vanishingly slim with reasonable password scheme. Exactly, a security breech by this route is either a case of serious bad luck or serious incompetence on a Linux system, and it is often difficult to distinguish between the two :-) This is normally more of a nuisance than anything else. However, it is probably worthwhile keeping a weather eye on the usernames being targeted. If an unusually accurate set of usernames are scanned, it is possibly an indicator that the attack is directed rather than random and possibly is (or will be) one of many different attack vectors. Unusual usernames could be indicators of another type of attack. - -- == I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGnIH5asN0sSnLmgIRAhDdAJ97DAvdbp1hXBkqAfPnZ/zo5Yz3NgCeIQGS GK/iuQ9krB9vGOqR/txBr+8= =BEl2 -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot shut down
Hans defaber wrote: [EMAIL PROTECTED] wrote: Okay, I've used the init 0 for shutting down for a week now. Well, it can always shut my machine down. But some of the time, the hard drive apparently wasn't unmounted because occasionally when I turn on the machine, it always replayed transactions. There's about 200 transaction replayed when this happens. So, I am worried that eventually it will corrupt my Linux. Is there any other way to solve this problem? Thanks. Hans defaber said: [EMAIL PROTECTED] wrote: Hi, I've installed a new SuSE 10.1 with some additional packages that I've downloaded from the net. Now I can't shut down. I think it was all because I installed fuse 2.6.5 and ntfs-3g 1.516. Even in startup the kernel is marked tainted because of the fuse package. How can I fix this? Thanks in advance. Fare thee well, Bawenang R. P. P. ERROR: Brain not found. Please insert a new brain! “Do nothing which is of no use.” - Miyamoto Musashi. I live for my dream. And my dream is to live my life to the fullest. Try to open a terminal window. login as root (su , password) Then type init 0 Does that work ? Succes, Hans -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] The shutdown procedure is not much more than a'n init 0 , the init program is the workhorse of the startup and shutdown. If you look at the shutdown messages on your screen, you should see at the end the unmount messages of all disks. I think your real problem is a program that should be shut down first before the systemshutdown. Mostly database applications have a separate shutdown. Once more thinking about yout problem. Fuse is a userspace file system, I do'nt have any knowledge about this package, but userspace means that all actions are done and should be done in userspace. So the dismount of all userspace filesystem most done before you can shutdown or maybe logout. Shutdown (init) is a systemspace action. So far as I know is fuse not integrated in suse, You have to be your own systemsintegrator . A difficult and interesting job. Succes, Hans -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] Stuck with Beryl
In an experimental mood, I installed Beryl according to the instructions at http://en.opensuse.org/Beryl It went OK, except that all my windows lost their title bars. Having fiddled around a bit with the display settings, I decided to back out. So I reverted to the KDE window manager, uninstalled all the beryl packages using YaST, that is beryl-core beryl-manager beryl-plugins beryl-settings emerald emerald-themes aquamarine leaving compiz and xgl. Unfortunately, nothing's changed :( My desktops are still on the faces of a rotating cube, my windows have no title bars, and my theme has reverted to KDE-standard. This behaviour survives logging out/in and even rebooting. I've even deleted ~/.beryl Any suggestions, please? -- Bob openSUSE 10.2 x86_64, Kernel 2.6.18.8-0.3, KDE 3.5.6 r31.4 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] $HOME NFS-mounted
Hello. In our network we have the user $HOMEs mounted via NFS. This has been working ok for many years (the servers have changed over time, of course). This year, when we upgraded our server from Suse 9.1 to 10.1 things got very slow, mostly the KDE login. (note: the hardware didn't change and the problem is solved if I boot with the old version.) I suspect something to do with locks, but I have been unable to confirm it. I wonder if someone else had the same or similar problem and what they did about it. My kernel is: Linux 2.6.16.27-0.9-smp #1 SMP Tue Feb 13 09:35:18 UTC 2007 x86_64 x86_64 x86_64 GNU/Linux The filesystems are ext3 and the disks are 4 SATA drives with RAID-1 /dev/md0 /home/xxx/disco1 ext3 rw,data=ordered,usrquota 0 0 /dev/md1 /home/xxx/disco2 ext3 rw,data=ordered,usrquota 0 0 Thanks in advance -- rps -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
John, you have been a tremendous amount of help. I am posting my reply to the list as well as direct to you because your answer may be of benefit to the list members and the question I pose may also be of significance John Andersen wrote: On Tuesday 17 July 2007, Richard Creighton wrote: I am wondering if you know if that is even close to your recommendationor should I try 60 instead of 120 or is that even an equivilent field. Or like me, is that so obtuse that you too do not know the answer and would be guessing as did I when I tried to set it up :) ?? If you look at the times Jul 17 00:38:27 raid5 sshd[625]: Invalid user staff from 83.18.244.42 Jul 17 00:38:32 raid5 sshd[628]: Invalid user sales from 83.18.244.42 Jul 17 00:38:37 raid5 sshd[630]: Invalid user recruit from 83.18.244.42 Jul 17 00:38:42 raid5 sshd[632]: Invalid user alias from 83.18.244.42 Jul 17 00:38:48 raid5 sshd[634]: Invalid user office from 83.18.244.42 Jul 17 00:38:53 raid5 sshd[636]: Invalid user samba from 83.18.244.42 You see that they are around 5 seconds beteeen each attempt. Therefore your 3 in 120 should have started blocking after the 4th connection attempt. But it didn't, that's why I think your firewall is not honoring this setting at all, which is what I mentioned in my first post. It is possible that your version of the kernel does not have recent match support turned on. This is a feature that not all kernels have. Explained here: http://snowman.net/projects/ipt_recent/ To see if this is in your kernel type this as root in a shell iptables -m recent --help That should give a lot of help text which ends with ipt_recent v0.3.1: Stephen Frost [EMAIL PROTECTED] If it says Couldn't load match `recent' ... then you don't have recent match installed. This is what the last line says, once I found it in /usr/sbin as root: ipt_recent v0.3.1: Stephen Frost [EMAIL PROTECTED]. http://snowman.net/projects/ipt_recent/ I also found this when I dumped the contents of my IPTABLES with sudo /usr/sbin/iptables -L iptables.txt and extracted what I think pertains to the settings I *used* to have. For some reason (maybe I have to reboot nah, this is Linux but I must have to do something I forgot) the settings didn't take. I used to have settings of 5 and 300 instead of 3 and 120 but the numbers stood out. I don't know where the limit: avg 3/min burst setting comes in. LOGtcp -- anywhere anywherelimit: avg 3/min burst 5 tcp dpt:ssh state NEW recent: CHECK seconds: 300 hit_count: 5 name: ssh side: source LOG level warning tcp-options ip-options prefix `SFW2-INext-DROPr ' DROP tcp -- anywhere anywheretcp dpt:ssh state NEW recent: UPDATE seconds: 300 hit_count: 5 TTL-Match name: ssh side: source But in any event, I don't believe its being honored. What I'm wondering is if it *is* being honored as far as the hacker is concerned, ie, he is not getting past the 'DROP', but because of the LOG setting, I am still getting notice Does that seem plausible to you and if so, can you think of a way to test it? Thanks again, Richard -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
On Tue, 2007-07-17 at 12:21 +0100, Bob Williams wrote: In an experimental mood, I installed Beryl according to the instructions at http://en.opensuse.org/Beryl It went OK, except that all my windows lost their title bars. Having fiddled around a bit with the display settings, I decided to back out. So I reverted to the KDE window manager, uninstalled all the beryl packages using YaST, that is beryl-core beryl-manager beryl-plugins beryl-settings emerald emerald-themes aquamarine leaving compiz and xgl. Unfortunately, nothing's changed :( My desktops are still on the faces of a rotating cube, my windows have no title bars, and my theme has reverted to KDE-standard. This behaviour survives logging out/in and even rebooting. I've even deleted ~/.beryl Any suggestions, please? Try running aquamarine (or emerald) by hand ie. aquamarine --replace E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
On Tuesday 17 July 2007 13:47, Hans van der Merwe wrote: On Tue, 2007-07-17 at 12:21 +0100, Bob Williams wrote: In an experimental mood, I installed Beryl according to the instructions at http://en.opensuse.org/Beryl It went OK, except that all my windows lost their title bars. Having fiddled around a bit with the display settings, I decided to back out. So I reverted to the KDE window manager, uninstalled all the beryl packages using YaST, that is beryl-core beryl-manager beryl-plugins beryl-settings emerald emerald-themes aquamarine leaving compiz and xgl. Unfortunately, nothing's changed :( My desktops are still on the faces of a rotating cube, my windows have no title bars, and my theme has reverted to KDE-standard. This behaviour survives logging out/in and even rebooting. I've even deleted ~/.beryl Any suggestions, please? Try running aquamarine (or emerald) by hand ie. aquamarine --replace So I'd have to re-install all those packages? I'll give it a go :) -- Bob openSUSE 10.2 x86_64, Kernel 2.6.18.8-0.5, KDE 3.5.6 r31.4 Intel Celeron 2.53GB, 2GB DDR RAM, nVidia GeForce 7600GS -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
On Tue, 2007-07-17 at 13:53 +0100, Bob Williams wrote: On Tuesday 17 July 2007 13:47, Hans van der Merwe wrote: On Tue, 2007-07-17 at 12:21 +0100, Bob Williams wrote: In an experimental mood, I installed Beryl according to the instructions at http://en.opensuse.org/Beryl It went OK, except that all my windows lost their title bars. Having fiddled around a bit with the display settings, I decided to back out. So I reverted to the KDE window manager, uninstalled all the beryl packages using YaST, that is beryl-core beryl-manager beryl-plugins beryl-settings emerald emerald-themes aquamarine leaving compiz and xgl. Unfortunately, nothing's changed :( My desktops are still on the faces of a rotating cube, my windows have no title bars, and my theme has reverted to KDE-standard. This behaviour survives logging out/in and even rebooting. I've even deleted ~/.beryl Any suggestions, please? Try running aquamarine (or emerald) by hand ie. aquamarine --replace So I'd have to re-install all those packages? I'll give it a go :) -- Bob Why reinstall? just run emerald/aquamarine and then beryl-manager E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Automated CD Ripping
On Monday 16 July 2007 13:50, David McMillan wrote: I'd like to set up a script on my 10.2 box to automatically rip a CD whenever the drive is closed, and auto-eject the CD when the process completes or hits an error. Anyone know of a good set of resources that could help a complete novice achieve this? kaudiocreator will do this for you anway, and lookup the cddb entries. -- Simon Crute IST. Bracknell. UK. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
If you are in an experimenting mood. I would recommend going to Compiz-Fusion and skipping Beryl. Beryl is no longer being developed. Compiz-fusion is the merger between the old compiz and the old beryl and it looks great. It is very easily configured and seems to be mostly stable on two of my systems (one using an ATI card and the other with an NVidia card) There are some instructions here http://moosy.blogspot.com/search/label/compiz%20fusion (Scroll down) although they needed to be modified a little bit (I use Smart as my package manager) to install the packages. Suse has a some git-snapshopts here that take most of the work out. Just install compiz-git-all and it will get what you need. (http://software.opensuse.org/download/home:/cyberorg/openSUSE_10.2) Hope this helps. Tom Bob Williams wrote: On Tuesday 17 July 2007 13:47, Hans van der Merwe wrote: On Tue, 2007-07-17 at 12:21 +0100, Bob Williams wrote: In an experimental mood, I installed Beryl according to the instructions at http://en.opensuse.org/Beryl It went OK, except that all my windows lost their title bars. Having fiddled around a bit with the display settings, I decided to back out. So I reverted to the KDE window manager, uninstalled all the beryl packages using YaST, that is beryl-core beryl-manager beryl-plugins beryl-settings emerald emerald-themes aquamarine leaving compiz and xgl. Unfortunately, nothing's changed :( My desktops are still on the faces of a rotating cube, my windows have no title bars, and my theme has reverted to KDE-standard. This behaviour survives logging out/in and even rebooting. I've even deleted ~/.beryl Any suggestions, please? Try running aquamarine (or emerald) by hand ie. aquamarine --replace So I'd have to re-install all those packages? I'll give it a go :) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
On Tue, 2007-07-17 at 08:59 -0400, Tom Parker wrote: If you are in an experimenting mood. I would recommend going to Compiz-Fusion and skipping Beryl. Beryl is no longer being developed. Seriously? Ok, time to fireup smart. E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
On Tuesday 17 July 2007 13:56, Hans van der Merwe wrote: On Tue, 2007-07-17 at 13:53 +0100, Bob Williams wrote: On Tuesday 17 July 2007 13:47, Hans van der Merwe wrote: On Tue, 2007-07-17 at 12:21 +0100, Bob Williams wrote: In an experimental mood, I installed Beryl according to the instructions at http://en.opensuse.org/Beryl It went OK, except that all my windows lost their title bars. Having fiddled around a bit with the display settings, I decided to back out. So I reverted to the KDE window manager, uninstalled all the beryl packages using YaST, that is beryl-core beryl-manager beryl-plugins beryl-settings emerald emerald-themes aquamarine leaving compiz and xgl. Unfortunately, nothing's changed :( My desktops are still on the faces of a rotating cube, my windows have no title bars, and my theme has reverted to KDE-standard. This behaviour survives logging out/in and even rebooting. I've even deleted ~/.beryl Any suggestions, please? Try running aquamarine (or emerald) by hand ie. aquamarine --replace So I'd have to re-install all those packages? I'll give it a go :) -- Bob Why reinstall? just run emerald/aquamarine and then beryl-manager Because I'd previously removed them. What was strange, was that the effects persisted even after I'd removed them. -- Bob openSUSE 10.2 x86_64, Kernel 2.6.18.8-0.5, KDE 3.5.6 r31.4 Intel Celeron 2.53GB, 2GB DDR RAM, nVidia GeForce 7600GS -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
On Tue, 2007-07-17 at 08:59 -0400, Tom Parker wrote: If you are in an experimenting mood. I would recommend going to Compiz-Fusion and skipping Beryl. Beryl is no longer being developed. Compiz-fusion is the merger between the old compiz and the old beryl and it looks great. It is very easily configured and seems to be mostly stable on two of my systems (one using an ATI card and the other with an NVidia card) There are some instructions here http://moosy.blogspot.com/search/label/compiz%20fusion (Scroll down) although they needed to be modified a little bit (I use Smart as my package manager) to install the packages. Suse has a some git-snapshopts here that take most of the work out. Just install compiz-git-all and it will get what you need. (http://software.opensuse.org/download/home:/cyberorg/openSUSE_10.2) Hope this helps. Tom One word - Wow!! its actually beginning to be fast enough to use all day (not just to show off to Win users :) Even on my crappy onboard Intel Dell laptop. Congrats to the Beryl and Compiz people. E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] I/O error on non-existing device???
Hello, in /var/log/messages I find tons of lines like: Jul 17 11:20:42 venus kernel: hdc: tray open Jul 17 11:20:42 venus kernel: end_request: I/O error, dev hdc, sector 0 Jul 17 11:20:42 venus kernel: Buffer I/O error on device hdc, logical block 0 for several sectors and also for hdd (and then many similar message pairs of only the first two lines (without the Buffer I/O line...)). What makes me wonder is, that (as far as I know)- there is no hdc nor hdd in my computer. At least not in /etc/fstab and also not when looking at kdsikfree. With googling I only found some hints about defective CDs or DVDs, but there are no CD's or DVD's inserted, nor have they been since last reboot. Can somebody tell me what's gong on here? Thanks for hints. Daniel -- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com erotic art photos: http://www.bauer-nudes.com/en/linux.html Madagascar special: http://www.sanic.ch -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Stuck with Beryl
On Tuesday 17 July 2007 14:20, Bob Williams wrote: On Tuesday 17 July 2007 13:56, Hans van der Merwe wrote: On Tue, 2007-07-17 at 13:53 +0100, Bob Williams wrote: On Tuesday 17 July 2007 13:47, Hans van der Merwe wrote: On Tue, 2007-07-17 at 12:21 +0100, Bob Williams wrote: In an experimental mood, I installed Beryl according to the instructions at http://en.opensuse.org/Beryl It went OK, except that all my windows lost their title bars. Having fiddled around a bit with the display settings, I decided to back out. So I reverted to the KDE window manager, uninstalled all the beryl packages using YaST, that is beryl-core beryl-manager beryl-plugins beryl-settings emerald emerald-themes aquamarine leaving compiz and xgl. Unfortunately, nothing's changed :( My desktops are still on the faces of a rotating cube, my windows have no title bars, and my theme has reverted to KDE-standard. This behaviour survives logging out/in and even rebooting. I've even deleted ~/.beryl Any suggestions, please? Try running aquamarine (or emerald) by hand ie. aquamarine --replace So I'd have to re-install all those packages? I'll give it a go :) -- Bob Why reinstall? just run emerald/aquamarine and then beryl-manager Because I'd previously removed them. What was strange, was that the effects persisted even after I'd removed them. Bad form to reply to your own posts, but I need to report back that all is well. Somewhere along the line, compiz got upgraded from 0.2 to 0.5 (seemed like a good idea at the time), but it was incompatible with all the other bits and pieces. Downgrading has restored my window title bars, etc. So, that's lifted my spirits enough to try Compiz-Fusion (see Tom Parker's post lower down this thread). But maybe not yet, daughter's getting married on Saturday and I *still* haven't written that speech :( -- Bob openSUSE 10.2 x86_64, Kernel 2.6.18.8-0.5, KDE 3.5.6 r31.4 Intel Celeron 2.53GB, 2GB DDR RAM, nVidia GeForce 7600GS -- Bob openSUSE 10.2 x86_64, Kernel 2.6.18.8-0.5, KDE 3.5.6 r31.4 Intel Celeron 2.53GB, 2GB DDR RAM, nVidia GeForce 7600GS -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] openSUSE 10.2 Update package store location?
Hi, I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. What I would like to know, is where openSUSE stores its updates and how those same updates can be used again. What would I need to do to have them stored in a different location? I ask this as I want to add a 2ndry HDD into my system and use it as an install source. I would think that all I would need to do is copy the DVD into a partition on the new HDD and cut and paste the updates that I have already downloaded and applied. Comments or should I raise an RFE? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hylton Conacher (ZR1HPC) wrote: Hi, I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. What I would like to know, is where openSUSE stores its updates and how those same updates can be used again. What would I need to do to have them stored in a different location? I ask this as I want to add a 2ndry HDD into my system and use it as an install source. I would think that all I would need to do is copy the DVD into a partition on the new HDD and cut and paste the updates that I have already downloaded and applied. Comments or should I raise an RFE? There is the System Backup Tool in YaST which will generate an archive file containing all changes to your file system. The opensuse documentation on this is a little scanty on what exactly is stored and what exactly would happen if you did use it to restore. You need plenty of free disk space and it is slow I did a test run of generating a backup with this a couple of days ago, and it created 2.3Gb archive + xml file (which somehow contains info on a reported 13Gb), but I am bit wary about testing the archive it generated, (well not until I have sorted an alternative method of restoring the configuration on the target machine anyway). - -- == I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGnNu9asN0sSnLmgIRApzCAJ9P1VhuoMINKKZs8QW9JriFVxhQ8ACgzyNK MYAcG1q6CxeZoi0/fcDL8/o= =DGqg -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
On 7/17/07, Hylton Conacher (ZR1HPC) [EMAIL PROTECTED] wrote: Hi, I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. What I would like to know, is where openSUSE stores its updates and how those same updates can be used again. What would I need to do to have them stored in a different location? I ask this as I want to add a 2ndry HDD into my system and use it as an install source. I would think that all I would need to do is copy the DVD into a partition on the new HDD and cut and paste the updates that I have already downloaded and applied. Comments or should I raise an RFE? Why need to reinstall if you just want to move the installation? Put the new disk in, as well as the old one. Butt with Knoppix (or other live distro) and use either dd or partimage to move over the partitions. You can even use tar to get the partition content (it preserves the ownership) and untar on the new hard. Cheers -- Svetoslav Milenov (Sunny) Even the most advanced equipment in the hands of the ignorant is just a pile of scrap. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Apache 2.2 auth and multiple providers
Ian, Running apache 2.2 on a fully updated and patched opensuse 10.2 system. I'm trying to get apache auth set up, and I'd like to use multiple providers (ldap and flat file). Basically, the authentication logic should look kind of like this: If ((user is a valid LDAP user user is a member of ldap group apacheAccess) || (user is a valid user in the flat file)) then allow access I'm having a devil of a time getting this to work, trying to follow the apache docs. Anyone have pointers, suggestions, experience, advice, etc, that they might be able to offer? It's not the same as your LDAP problem but I had a similar problem with mod_auth_mysql Check: https://bugzilla.novell.com/show_bug.cgi?id=289249 Maybe it can help you in some way ;-) Leo -- Leo Eraly leo at unstable dot be -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
Sunny wrote: On 7/17/07, Hylton Conacher (ZR1HPC) [EMAIL PROTECTED] wrote: Hi, I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. What I would like to know, is where openSUSE stores its updates and how those same updates can be used again. What would I need to do to have them stored in a different location? I ask this as I want to add a 2ndry HDD into my system and use it as an install source. I would think that all I would need to do is copy the DVD into a partition on the new HDD and cut and paste the updates that I have already downloaded and applied. Comments or should I raise an RFE? Why need to reinstall if you just want to move the installation? Put the new disk in, as well as the old one. Butt with Knoppix (or other live distro) and use either dd or partimage to move over the partitions. You can even use tar to get the partition content (it preserves the ownership) and untar on the new hard. Cheers If you use tar, use the -a option to preserve special devices, etc. See the man page. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
On 7/17/07, Russell Jones [EMAIL PROTECTED] wrote: If you use tar, use the -a option to preserve special devices, etc. See the man page. I do not see -a option in man tar? What do I miss? Cheers -- Svetoslav Milenov (Sunny) Even the most advanced equipment in the hands of the ignorant is just a pile of scrap. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] I/O error on non-existing device???
Hi Rui Pedro, thanks for your answer... On Dienstag, 17. Juli 2007, Rui Pedro Mendes Salgueiro wrote: On Tue, Jul 17, 2007 at 03:52:33PM +0200, Daniel Bauer wrote: Hello, in /var/log/messages I find tons of lines like: Jul 17 11:20:42 venus kernel: hdc: tray open Jul 17 11:20:42 venus kernel: end_request: I/O error, dev hdc, sector 0 Jul 17 11:20:42 venus kernel: Buffer I/O error on device hdc, logical block 0 for several sectors and also for hdd (and then many similar message pairs of only the first two lines (without the Buffer I/O line...)). What makes me wonder is, that (as far as I know)- there is no hdc nor hdd in my computer. Don't you have a CD and/or DVD on that computer ? I have an old CD writer and a new DVD writer. do: ls -l /dev/cdrom /dev/dvd One or both should exist and be a symbolic link to /dev/hdc or /dev/hdd. hdc should be the master device on the second ATA interface, and hdd the slave device on the same interface. oh, I see... If not too much time has passed since the last reboot doing this command: grep hdc /var/log/messages | less will show you all the messages about that device. The first few ones will show you its identification string, so you can find what it is. oops, this gives me 2788 lines, starting April 6... But it doesn't really tell me much... First of all I havn't seen something like a program name that could tell me what wants access to my CD/DVD ... That error could be some program trying to read a CD/DVD and not finding any (I am not sure abouth this). Looks like if so. But how can I find out, which program? I havn't done anything that could ask for a CD The first message from today is: Jul 16 17:27:44 venus kernel: hdc: tray open But I havn't opened the tray nor did I do anything else with CD/DVD's today. The computer was running since early morning, but the first message today is from 17:27... Can you use a CD or DVD when you insert one ? Yes, I can read and write to CDs/DVDs just as usual (both drives work as they should)... If you can I think you can ignore those errors. well, ok. But anyway: I wonder what is looking after my drives without having my command to do so. Hey, we're not on Win here, aren't we? ;-) So, if anybody knows where/what I can look to find out more, I'll be happy for any hints. thanks and kind regards Daniel -- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com erotic art photos: http://www.bauer-nudes.com/en/linux.html Madagascar special: http://www.sanic.ch -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sunny wrote: On 7/17/07, Hylton Conacher (ZR1HPC) [EMAIL PROTECTED] wrote: Hi, I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. snip Comments or should I raise an RFE? Why need to reinstall if you just want to move the installation? Put the new disk in, as well as the old one. Butt with Knoppix (or other live distro) and use either dd or partimage to move over the partitions. You can even use tar to get the partition content (it preserves the ownership) and untar on the new hard. Cheers I think the OP is after something slightly different, a re-install + apply changes made to original but NOT to move the current location. - -- == I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGnOkBasN0sSnLmgIRApQyAJ9LgAy9vsOtXJE2JWJs3L3VD0n0MgCcCaTQ IEjIQT0p3OHwTG4NX+/TL/A= =ggaA -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
On Tue July 17 2007 09:32, Sunny wrote: On 7/17/07, Russell Jones [EMAIL PROTECTED] wrote: If you use tar, use the -a option to preserve special devices, etc. See the man page. I do not see -a option in man tar? What do I miss? It's an option of cp not of tar. If you use tar, you should include the option -p while extracting to preserve all settings. -- Carlos FL Who is General Failure, and why is he reading my disk? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
On 7/17/07, G T Smith [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sunny wrote: On 7/17/07, Hylton Conacher (ZR1HPC) [EMAIL PROTECTED] wrote: Hi, I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. I think the OP is after something slightly different, a re-install + apply changes made to original but NOT to move the current location. - -- actually, I think what OP wants is to define an update source that utilizes the already downloaded patches/updates that have been applied to the existing system. He figures that the downloaded updates are stored *somewhere* on the drive, and would like to use THOSE as the update repo, so that he does not have to download them all again, after he re-installs. I have no idea whether it is possible, or how to do it ... and I'm interested to learn along with him the answer. Peter -- Everything is vague to a degree you do not realize till you have tried to make it precise. Bertrand Russell www.the-brights.net -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] $HOME NFS-mounted
2007/7/17, Carlos F Lange [EMAIL PROTECTED]: On Tue July 17 2007 05:32, Rui Pedro Mendes Salgueiro wrote: Hello. Hi, Rui. I can't help you with your problem, but I know that your chances of getting help are bigger if you do not use the reply button to start a new message to the mailing-list. The way you did, your message gets buried under a lot of other messages about dictionary attacks and people will overlook it (for this and other hints, see here: http://en.opensuse.org/OpenSUSE_mailing_list_netiquette#Changing_the_subject_without_opening_a_new_thread ). Good luck. -- Carlos FL Who is General Failure, and why is he reading my disk? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Check the NFS protocol version used. Ciro -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
On Tue, Jul 17, 2007 at 11:15:52AM -0500, Peter Van Lone wrote: On 7/17/07, G T Smith [EMAIL PROTECTED] wrote: Sunny wrote: On 7/17/07, Hylton Conacher (ZR1HPC) [EMAIL PROTECTED] wrote: I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. I think the OP is after something slightly different, a re-install + apply changes made to original but NOT to move the current location. actually, I think what OP wants is to define an update source that utilizes the already downloaded patches/updates that have been applied to the existing system. He figures that the downloaded updates are stored *somewhere* on the drive, In previous versions it was in: /var/lib/YaST2/you/mnt IIRC, you could just point YAST2 at a copy of that directory and it would work. In 10.2 I am not sure. -- rps -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] HI-JACKED THREAD, was: dictionary attacks / [$HOME NFS-mounted]
* Ciro Iriarte [EMAIL PROTECTED] [07-17-07 12:26]: [...] Ciro PLEASE, do *not* reply to *hi-jacked* threads. Replying to *hi-jacked* threads further deteriorates the quality of the archives and makes searching a specific topic a mess. -- Patrick Shanahan Plainfield, Indiana, USAHOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535@ http://counter.li.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] openSUSE 10.2 Update package store location?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter Van Lone wrote: On 7/17/07, G T Smith [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sunny wrote: On 7/17/07, Hylton Conacher (ZR1HPC) [EMAIL PROTECTED] wrote: Hi, I would like to reload the entire system from scratch but do not want to have to re-download all the patches I have already downloaded. I think the OP is after something slightly different, a re-install + apply changes made to original but NOT to move the current location. - -- actually, I think what OP wants is to define an update source that utilizes the already downloaded patches/updates that have been applied to the existing system. Agreed, maybe I phrased it poorly but I was referring to what I inferred the final intent to be ... The dd option to my mind does not do what is required. Well I believe most (but not all) updates are deltas of the package on the system. With multiple cumulative updates probably the most effective way to restore these changes is to record the difference between the original distributed file and the current status of the file. I think but cannot be certain this is what the YaST System Backup Tool is doing (which is possibly one of the reasons it takes so long to run, it also does checksums on contents which problems does not help speed). This tool is also tied into the Auto Installation Tool technology in ways I have yet to completely figure out. He figures that the downloaded updates are stored *somewhere* on the drive, and would like to use THOSE as the update repo, so that he does not have to download them all again, after he re-installs. YaST does keep a record of the patches installed but I do not think it keeps a copy of the patch RPMs unless requested to (and I vaguely remember something about a bug which stops this from working anyway). I have no idea whether it is possible, or how to do it ... and I'm interested to learn along with him the answer. Peter - -- == I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup == -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGnPPvasN0sSnLmgIRAmEzAKCCQxYplmZQj2k9vA80OxztviBO6QCg6eui /V9wSebUFZ1b4axNimGP4MA= =4T1U -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] $HOME NFS-mounted
Sorry for the other message. I meant to erase the In-Reply-To header, I thought I had done it, but I forgot :( Trying again: Hello. In our network we have the user $HOMEs mounted via NFS. This has been working ok for many years (the servers have changed over time, of course). This year, when we upgraded our server from Suse 9.1 to 10.1 things got very slow, mostly the KDE login. (note: the hardware didn't change and the problem is solved if I boot with the old version.) I suspect the problem is something to do with locks, but I have been unable to confirm it. I wonder if someone else had the same or similar problem and what they -- did about it. - My kernel is: Linux 2.6.16.27-0.9-smp #1 SMP Tue Feb 13 09:35:18 UTC 2007 x86_64 x86_64 x86_64 GNU/Linux The filesystems are ext3 and the disks are 4 SATA drives with RAID-1 /dev/md0 /home/xxx/disco1 ext3 rw,data=ordered,usrquota 0 0 /dev/md1 /home/xxx/disco2 ext3 rw,data=ordered,usrquota 0 0 Thanks in advance -- rps -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] Re: HI-JACKED THREAD, was: dictionary attacks / [$HOME NFS-mounted]
2007/7/17, Patrick Shanahan [EMAIL PROTECTED]: * Ciro Iriarte [EMAIL PROTECTED] [07-17-07 12:26]: [...] Ciro PLEASE, do *not* reply to *hi-jacked* threads. Replying to *hi-jacked* threads further deteriorates the quality of the archives and makes searching a specific topic a mess. -- Patrick Shanahan Plainfield, Indiana, USAHOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535@ http://counter.li.org Sorry, i don't see it as part of another thread from GMail. Ciro -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] $HOME NFS-mounted
2007/7/17, Rui Pedro Mendes Salgueiro [EMAIL PROTECTED]: Sorry for the other message. I meant to erase the In-Reply-To header, I thought I had done it, but I forgot :( Trying again: Hello. In our network we have the user $HOMEs mounted via NFS. This has been working ok for many years (the servers have changed over time, of course). This year, when we upgraded our server from Suse 9.1 to 10.1 things got very slow, mostly the KDE login. (note: the hardware didn't change and the problem is solved if I boot with the old version.) I suspect the problem is something to do with locks, but I have been unable to confirm it. I wonder if someone else had the same or similar problem and what they -- did about it. - My kernel is: Linux 2.6.16.27-0.9-smp #1 SMP Tue Feb 13 09:35:18 UTC 2007 x86_64 x86_64 x86_64 GNU/Linux The filesystems are ext3 and the disks are 4 SATA drives with RAID-1 /dev/md0 /home/xxx/disco1 ext3 rw,data=ordered,usrquota 0 0 /dev/md1 /home/xxx/disco2 ext3 rw,data=ordered,usrquota 0 0 Thanks in advance -- rps -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Ok, trying again, hope nobody tries to cut my head... Check the NFS protocol used, try to force it to NFSv3 on both sides (client and server) Ciro -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Life after SP1
Re: ZMD - The entire Zenworks system is broken for SP1. My Zenworks 7.2 patch server still hasn't downloaded a single patch for SP1 even though several are present on Novell's web site. The Zenworks people have been very quite about this issue - I wrote folks at Novell about this issue at the end of June and got this response: the ZLM team is working on this. At the moment the only way to get SP1 patches in ZLM is to first use YUP, and use zlman to put the SP1 rpms into ZLM ... either manually or with yup2zlm. Now it could be that the patches are on different servers or in a different place on the same server - all you need to do is edit your xml config file for the Zenworks patch system's zlmmirror command and off you go - who knows. For what ever reason they don't seem to be saying - I searched Novell's web site several days ago and really can't find any mention about re-configuring a working Zenworks server to handle SP1 patches. So, in essence if you have a running/depending on a Zenworks server and transition to SP1 you can forget for who knows how long patching the OS. I'm starting to wonder if the Zenworks folks and the Suse folks ever talk to each other - how long was SP1 in testing? Someone in the Zenworks development team had to know that this was an issue. On 7/16/07, Marcus Meissner [EMAIL PROTECTED] wrote: On Sat, Jul 14, 2007 at 01:21:55PM -0400, Chris Arnold wrote: Chuck Stuettgen wrote: On Fri, 2007-07-13 at 21:28 -0400, Chris Arnold wrote: Marcus Meissner wrote: On Fri, Jul 13, 2007 at 05:50:04PM -0400, Chris Arnold wrote: Just a quick question. Since SP1, has there been any available updates? The reason i ask, is because since SP1 install i have not gotten any notice of updates. I even have packman repo in my installation source. Packman has updates just about once a week and i have not even gotten any notice about packman updates. With SLES10/SLED10 you have switched to SP1 using the migrate-to-sp1 patch? Ciao, Marcus That is correct. Since I upgraded to SLED SP1 I have to right click the update icon and tell it to check for updates. It will then find them. It seems like the mechanism for automatically checking is broken... Is there a log file for updates using zmd? Maybe this would help to find out the problem. /var/log/zmd* Ciao, Marcus -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
On Tuesday 17 July 2007, Richard Creighton wrote: But in any event, I don't believe its being honored. Ok, its safe to say you have rate limit installed and available What I'm wondering is if it *is* being honored as far as the hacker is concerned, ie, he is not getting past the 'DROP', but because of the LOG setting, I am still getting notice Does that seem plausible to you and if so, can you think of a way to test it? You can test with any external ssh client (from the outside). But if the logging shows up prefixed with sshd as yours does: Jul 17 00:38:27 raid5 sshd Then you can be assured that the connection attempt DID get to the ssh daemon, and was NOT dropped. If it was dropped the sshd would never see these packets. I suspect you will have to restart iptables somehow, if not by reboot then by iptables commands. (Shorewall does this for me so I don't know the base level syntax). FWIW here is the pertinent part of the output from /usr/sbin/iptables -L iptables.txt Chain %Limit (1 references) target prot opt source destination 0-- anywhere anywhererecent: SET name: SSHA side: source %Limit%0-- anywhere anywhere recent: UPDATE seconds: 60 hit_count: 4 name: SSHA side: source ACCEPT0-- anywhere anywhere The only significant difference I see is my name: SSHA is unique, not any common name such as ssh. Your badssh should have worked. BTW, can you turn off html mail to the mailing list? It messes up the qouteing style and I am having a bit of a problem following the thread... I thought thuunderbird had this as a per-destination option, but I donno for sure. -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
John Andersen wrote: On Tuesday 17 July 2007, Richard Creighton wrote: But if the logging shows up prefixed with sshd as yours does: Jul 17 00:38:27 raid5 sshd Then you can be assured that the connection attempt DID get to the ssh daemon, and was NOT dropped. If it was dropped the sshd would never see these packets. I suspect you will have to restart iptables somehow, if not by reboot then by iptables commands. (Shorewall does this for me so I don't know the base level syntax). I did and all hell broke looseThere were error messages during the system reboot that said that well, here is the pertinent line: Starting Firewall Initialization (phase 2 of 2) SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled. SuSEfirewall2: Error: unknown parameter name=ssh in FW_SERVICES_ACCEPT_EXT - 0/0,tcp,22,,hitcount=3,blockseconds=120,name=ssh snip The only significant difference I see is my name: SSHA is unique, not any common name such as ssh. Your badssh should have worked. Since then, I manually added the following to the IPTABLES bypassing SUSEFIREWALL2; iptables -A FORWARD -p tcp -i eth0 --dport 22 -m recent --name badssh --set -j DROP iptables -A FORWARD -m recent --name badssh --update --hitcount 3 --seconds 60 -j DROP Which gave an 'iptables -L' of; Chain FORWARD (policy DROP) target prot opt source destination LOG0-- anywhere anywherelimit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING ' DROP tcp -- anywhere anywheretcp dpt:ssh recent: SET name: badssh side: source DROP 0-- anywhere anywhererecent: UPDATE seconds: 60 hit_count: 3 name: badssh side: source which looks like it made i to the IPTABLES however, as I type this, my entire LAN is under attack, including this machine with a concerted sshd dictionary attack Jul 17 16:04:56 raid5 sshd[7401]: Invalid user admin from 61.145.119.180 Jul 17 16:05:02 raid5 sshd[7403]: Invalid user admin from 61.145.119.180 Jul 17 16:05:06 raid5 sshd[7405]: Invalid user admin from 61.145.119.180 Jul 17 16:05:08 raid5 sshd[7407]: Invalid user admin from 61.145.119.180 Jul 17 16:05:11 raid5 sshd[7409]: Invalid user admin from 61.145.119.180 Jul 17 16:05:14 raid5 sshd[7411]: Invalid user admin from 61.145.119.180 Jul 17 16:05:17 raid5 sshd[7413]: Invalid user admin from 61.145.119.180 Jul 17 16:05:20 raid5 sshd[7415]: Invalid user admin from 61.145.119.180 Jul 17 16:05:23 raid5 sshd[7418]: Invalid user admin from 61.145.119.180 Jul 17 16:05:26 raid5 sshd[7420]: Invalid user admin from 61.145.119.180 Jul 17 16:05:29 raid5 sshd[7422]: Invalid user admin from 61.145.119.180 Jul 17 16:05:31 raid5 sshd[7425]: Invalid user admin from 61.145.119.180 Jul 17 16:05:34 raid5 sshd[7428]: Invalid user admin from 61.145.119.180 Jul 17 16:05:37 raid5 sshd[7430]: Invalid user admin from 61.145.119.180 and going through .So, for some reason even though it would appear that IPTABLES is *supposed* to be dropping packets, I still don't have the magic incantation yet. Maybe I am putting it in the wrong place? Help Richard -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
* Richard Creighton [EMAIL PROTECTED] [07-17-07 16:09]: Starting Firewall Initialization (phase 2 of 2) SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled. SuSEfirewall2: Error: unknown parameter name=ssh in FW_SERVICES_ACCEPT_EXT - 0/0,tcp,22,,hitcount=3,blockseconds=120,name=ssh yes, the line is wrong :^( FW_SERVICES_ACCEPT_EXT=0/0,tcp,22,,hitcount=3,blockseconds=120,recentname=ssh -- Patrick Shanahan Plainfield, Indiana, USAHOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535@ http://counter.li.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] Cannot hear any sound
Hey, I posted this about a week or so ago, and got no response, so I'll try again. I have a sound card built in to my motherboard, and for some reason I cannot get it to play mp3 files. I downloaded the correct driver for it, from http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1PNid=23PFid=23Level=4Conn=3DownTypeID=3GetDown=false#AC and I used the installer script they provided and it seemed to work fine. But when I try to start amarok 1.4 to try and play a file, I get an error saying xine was unable to initialize any audio drivers. When I try to do a cat tst/dev/audio or cat tst/dev/dsp, with tst just being a text file, I get an error: bash: /dev/dsp: No such device and bash: /dev/audio: No such device. I am running openSUSE 10.2 on the KDE gui. Also, when I go into hardwaresound in Yast, it shows the device as not configured, but when I do a quick automatic setup it says: An error occurred during the installation of 'VT8233/A/8235/8237 AC97 Audio Controller'. The kernel module snd-via82xx for sound support could not be loaded. The can be caused by incorrect module parameters, including invalid IO or IRQ parameters. Does that mean I have to recompile the kernel? -Brandon -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
On Tuesday 17 July 2007, Richard Creighton wrote: John Andersen wrote: On Tuesday 17 July 2007, Richard Creighton wrote: But if the logging shows up prefixed with sshd as yours does: Jul 17 00:38:27 raid5 sshd Then you can be assured that the connection attempt DID get to the ssh daemon, and was NOT dropped. If it was dropped the sshd would never see these packets. I suspect you will have to restart iptables somehow, if not by reboot then by iptables commands. (Shorewall does this for me so I don't know the base level syntax). I did and all hell broke looseThere were error messages during the system reboot that said that well, here is the pertinent line: Starting Firewall Initialization (phase 2 of 2) SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled. SuSEfirewall2: Error: unknown parameter name=ssh in FW_SERVICES_ACCEPT_EXT - 0/0,tcp,22,,hitcount=3,blockseconds=120,name=ssh snip The only significant difference I see is my name: SSHA is unique, not any common name such as ssh. Your badssh should have worked. Since then, I manually added the following to the IPTABLES bypassing SUSEFIREWALL2; iptables -A FORWARD -p tcp -i eth0 --dport 22 -m recent --name badssh --set -j DROP iptables -A FORWARD -m recent --name badssh --update --hitcount 3 --seconds 60 -j DROP Which gave an 'iptables -L' of; Chain FORWARD (policy DROP) target prot opt source destination LOG0-- anywhere anywherelimit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING ' DROP tcp -- anywhere anywheretcp dpt:ssh recent: SET name: badssh side: source DROP 0-- anywhere anywhererecent: UPDATE seconds: 60 hit_count: 3 name: badssh side: source Does it make sense to put this in the forward chain? Thats way too late, they have already been seen by the daemon running in THIS machine. If you are going to drop these you want it in the input chain. In my setup (configured by shorewall) The INPUT chain references an eth0-In chain The ETH0-In chain references a chain named net2fw and Net2fw references a chain named %Limit which defines the rate limit. So effectively rate limit is done on the INPUT chain. -- _ John Andersen pgp3utii2tK9H.pgp Description: PGP signature
Re: [opensuse] dictionary attacks
Patrick Shanahan wrote: * Richard Creighton [EMAIL PROTECTED] [07-17-07 16:09]: Starting Firewall Initialization (phase 2 of 2) SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled. SuSEfirewall2: Error: unknown parameter name=ssh in FW_SERVICES_ACCEPT_EXT - 0/0,tcp,22,,hitcount=3,blockseconds=120,name=ssh yes, the line is wrong :^( FW_SERVICES_ACCEPT_EXT=0/0,tcp,22,,hitcount=3,blockseconds=120,recentname=ssh I had that line in there originally and the error message stated that 'recentname' was wrong also so I changed it based upon 'man iptables', but apparently that also isn't right for susefirewall2 syntax. That said, I am going to plug that line in using cut and paste and reboot the machine and pray :) Thanks for your help Richard -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot hear any sound
On Tue, July 17, 2007 1:18 pm, Brandon Carl wrote: Hey, I posted this about a week or so ago, and got no response, so I'll try again. I have a sound card built in to my motherboard, and for some reason I cannot get it to play mp3 files. I downloaded the correct driver for it, from I'm assuming you're issue is more than with the legacy MP3 format and you cannot play other sound files either? When you go to YaST to setup your sound, and it states not-configured, then try a generic ac97 driver. Then test the sound. (I think there's a button thingy in YaST to test your sound.) What do you get there? Failing all this - does your mainboard manufacturer include a linux driver for the sound card? Have you asked? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
Patrick Shanahan wrote: * Richard Creighton [EMAIL PROTECTED] [07-17-07 16:09]: Starting Firewall Initialization (phase 2 of 2) SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled. SuSEfirewall2: Error: unknown parameter name=ssh in FW_SERVICES_ACCEPT_EXT - 0/0,tcp,22,,hitcount=3,blockseconds=120,name=ssh yes, the line is wrong :^( FW_SERVICES_ACCEPT_EXT=0/0,tcp,22,,hitcount=3,blockseconds=120,recentname=ssh Patrick, Thank you very muchObviously despite everything, I must have fat-fingered something somewhere. After a cut and paste session PLUS a system reboot (something I very rarely do in Linux), I ended up with: LOGtcp -- anywhere anywherelimit: avg 3/min burst 5 tcp dpt:ssh state NEW recent: CHECK seconds: 120 hit_count: 3 name: badssh side : source LOG level warning tcp-options ip-options prefix `SFW2-INext-DROPr ' DROP tcp -- anywhere anywheretcp dpt:ssh state NEW recent: UPDATE seconds: 120 hit_count: 3 TTL-Match name: badssh side: source LOGtcp -- anywhere anywheretcp dpt:ssh state NEW limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INe xt-ACC ' ACCEPT tcp -- anywhere anywheretcp dpt:ssh state NEW recent: SET name: badssh side: source ACCEPT tcp -- anywhere anywheretcp dpt:ssh Which seems to be actually *in* the iptables -L. Now, if that SOB from China would just return and start his attack over again...he hit me from a to z a little while ago but only managed to fill my log on all my machines. If this works, my log files will lose a lot of weight I suspect. Oh...I inserted the word 'bad' in front of ssh to be better able to see it if it appeared in the iptables...which it did Richard PS Thanks to all that have endured this thread and to all that have contributed their ideas. BTW, I did install 'fail2ban' and it did execute but it never caught any attacks...so obviously I screwed up in configuration somehow even though I pointed the thing to the syslog-ng file as input, etc but it never reported either an error or an attack. I expect stupidity on my part is the biggest problem. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot hear any sound
On Tuesday 17 July 2007, Brandon Carl wrote: The kernel module snd-via82xx for sound support could not be loaded. The can be caused by incorrect module parameters, including invalid IO or IRQ parameters. Not if that module snd-via82xx exists Mine is in /lib/modules/2.6.18.8-0.1-default/kernel/sound/pci/snd-via82xx.ko the kernel version may differ on your machine. You need to find out a) that snd-via82xx.ko exists on your machine, and b) what the interrupts should be. Might scan thru /var/log/boot.msg to find these or try lspci You might then try modprobe or insmod to manually load snd-via82xx.ko and see if the log reveals anything. -- _ John Andersen pgpFGQS4RxuP7.pgp Description: PGP signature
Re: [opensuse] OpenOffice.org:/UNSTABLE repo
Petr Mladek schrieb: On Wednesday 27 June 2007 11:44, Michael Riess wrote: hi to all readers, i recognized the new repo OpenOffice.org:/UNSTABLE but there are no langugage packs like OpenOffice_org-de-2.2.99-211-2.1.i586.rpm I somewhat have tell the Build Service that there is also the second spec file. does anyone know or tried if the UNSTABLE packages could be used with lang ones of OpenOffice.org:/STABLE Hmm, I am afraid that it will not work because there is another version. You might try the lang packages from FACTORY, e.g. from: ftp://ftp.tu-chemnitz.de/pub/linux/opensuse/distribution/SL-OSS-factory/inst-source/suse/noarch Please, be patient. We had the Hack Week. I have vacation the following week... I will try to fix it within two weeks. OK, i was patient and recognized the update of /OpenOffice.org:/UNSTABLE/openSUSE_10.2/noarch/ from 2007-07-14 Thanks 4 this, but the packages dont work because it installs into another folder(/usr/share) than the rest(/usr/lib) You have to do a rpm -Uvh --relocate=/usr/share=/usr/lib OpenOffice_org-de-2.2.99.211-2.1.noarch.rpm after downloading it. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] sensors.conf -Help !
On Sunday 15 July 2007 10:21:32 Rajko M. wrote: On Sunday 15 July 2007 00:26, Bob S wrote: Hello SuSE people, Been trying to get my sensors.conf file to report accurately on my system. .snipped many non-pertinent parts It would be good to read http://www.lm-sensors.org/wiki/FAQ section 3. Problems. http://www.lm-sensors.org/wiki/FAQ/Chapter3 Hi Rajko, thanks for trying to help. Sorry for the delay in responding. For some unknown reason this mail has been rejected by the list twice so far. I had to create a new message which will break the threading. G !!! Anyway, Nothing in the above URL's about these problems. I really hate posting these really long mails for fear of the other members being upset, Maybe we should take this off list. Short: Sensors will show what you set in sensors.conf, and that can be correct or out of way. Wel. not exactly, I made some changes today in sensors.conf and one of the changes is not being honored. To bring you up to date. Today, I just commented out the -12V parameter because the bios doesn't report it and that worked OK. But,I created a new problem when I removed the comment lines for in0, the Vcore. See that in my latest sensors printout just below: Still have the alarm problem for the 3.3V parameter. EasyStreet:/ # sensors w83627thf-isa-0290 Adapter: ISA adapter VCore: +1.54 V (min = +1.94 V, max = +1.94 V) ALARM +12V: +12.28 V (min = +10.82 V, max = +13.19 V) +3.3V: +0.45 V (min = +3.14 V, max = +3.47 V) ALARM +5V: +5.09 V (min = +4.75 V, max = +5.25 V) V5SB: +5.16 V (min = +4.76 V, max = +5.24 V) VBat: +3.62 V (min = +2.40 V, max = +4.08 V) Sys Fan: 3183 RPM (min = 2800 RPM, div = 2) CPU Fan: 5672 RPM (min = 5487 RPM, div = 2) M/B Temp: +46°C (high = +86°C, hyst = +2°C) sensor = thermistor CPU Temp: +33.5°C (high = +80°C, hyst = +75°C) sensor = diode alarms: beep_enable: Sound alarm enabled EasyStreet:/ # Write down BIOS reports and post it here. OK,,Here is what is reported in the bios CPU 55 degrees C Sys Tmp 45 degrees C CPU Fan 5720 rpm Sys Fan 3185 rpm Vcore =1.54V +5 =5.25V +12 =11.8V +3.3 =3.4V Also the section of /etc/sensors.conf that is used with your sensor: chip w83627thf-* OK, Here is sensors.conf: (Mind you I have made changes to this conf file) I uncommented and commented in0 several times and still come up with the crazy min/max levels for Vcore as shown above. chip w83627thf-* w83637hf-* # Rather than an internal inverting op amp, the 627thf uses standard positive # inputs and the negative voltages are level shifted by a 3.6V reference # (same as 82d/83s). # The math is convoluted, so we hope that your motherboard # uses the recommended resistor values. # Note that in1 (+12V) is the usual in4, and in4 (-12V) is the usual in5. # Data sheet is obviously wrong for in4, the usual formula should work. # No in5 nor in6. # sensors doesn't need the ignore lines but sensord does... ignore in4 (this removed the -12V parameter) ignore in5 ignore in6 label in0 VCore label in1 +12V label in2 +3.3V label in3 +5V # label in4 -12V label in7 V5SB label in8 VBat # Mori Hiroyuki reported to need this (P4P800) # compute in0 @/2, @*2 compute in1 ((28/10)+1)*@, @/((28/10)+1) compute in3 ((34/51)+1)*@, @/((34/51)+1) compute in4 (5.14*@)-14.91, (@+14.91)/5.14 compute in7 ((6.8/10)+1)*@ , @/((6.8/10)+1) # adjust this if your vid is wrong; see doc/vid # set vrm 9.0 # set limits to 5% for the critical voltages # set limits to 10% for the non-critical voltages # set limits to 20% for the battery voltage # if your vid is wrong, you'll need to adjust in0_min and in0_max # set in0_min vid * 0.95 (these two lines were uncommented which caused the new alarm problem. They were commented again and the problem remains) # set in0_max vid * 1.05 # set in1_min 12 * 0.90 # set in1_max 12 * 1.10 # set in2_min 3.3 * 0.95 # set in2_max 3.3 * 1.05 # set in3_min 5.0 * 0.95 # set in3_max 5.0 * 1.05 # set in4_min -12 * 1.10 # set in4_max -12 * 0.90 # set in7_min 5 * 0.95 # set in7_max 5 * 1.05 # set in8_min 3.0 * 0.80 # set in8_max 3.0 * 1.20 # set up sensor types (thermistor is default) # 1 = PII/Celeron Diode; 2 = 3904 transistor; # 3435 = thermistor with Beta = 3435 # If temperature changes very little, try 1 or 2. # set sensor1 1 # set sensor2 2 # set sensor3 3435 label temp1 M/B Temp label temp2 CPU Temp ignore temp3 # examples for temperature limits # set temp1_over 40 # set temp1_hyst 37 # set temp2_over 52 # set temp2_hyst 47 # set temp3_over 52 # set temp3_hyst 47 label fan1 Sys Fan label fan2 CPU Fan ignore fan3 What is your motherboard and chipset? What tells lspci -v EasyStreet:/ # lspci -v 00:00.0 Host
Re: [opensuse] OpenOffice.org:/UNSTABLE repo
Petr Mladek schrieb: On Wednesday 27 June 2007 11:44, Michael Riess wrote: hi to all readers, i recognized the new repo OpenOffice.org:/UNSTABLE but there are no langugage packs like OpenOffice_org-de-2.2.99-211-2.1.i586.rpm I somewhat have tell the Build Service that there is also the second spec file. does anyone know or tried if the UNSTABLE packages could be used with lang ones of OpenOffice.org:/STABLE Hmm, I am afraid that it will not work because there is another version. You might try the lang packages from FACTORY, e.g. from: ftp://ftp.tu-chemnitz.de/pub/linux/opensuse/distribution/SL-OSS-factory/inst-source/suse/noarch Please, be patient. We had the Hack Week. I have vacation the following week... I will try to fix it within two weeks. OK, i was patient and recognized the update of /OpenOffice.org:/UNSTABLE/openSUSE_10.2/noarch/ from 2007-07-14 Thanks 4 this, but the packages dont work because it installs into another folder(/usr/share) than the rest(/usr/lib) You have to do a rpm -Uvh --relocate=/usr/share=/usr/lib OpenOffice_org-de-2.2.99.211-2.1.noarch.rpm after downloading it. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[opensuse] mouse pointer jumping arround
suse 9.3. all of a sudden, my usb mouse stopped working. it stopped when I swapped a suse 8.2/dos box with a vista box on my 2 channel kvm switch. I only found 2 ways to modify the mouse: yast to choose a model type and port, and the kde control to do a few items that are not of interest. I am able to get the ball mouse working thru or not thru the kvm switch-it's the same: as I move the mouse it jumps, like it is not tracking the speed or dots pet inch as I move the mouse. But, when I cycle the computer power, again the mouse does not work. 2 Q: 1: how do I get my usb optical mouse working? 2: how do I tweak the mouse settings so the ps2/ball mouse works smoothly? tia, -- John R. Sowden AMERICAN SENTRY SYSTEMS, INC. Residential Commercial Alarm Service UL Listed Central Station Serving the San Francisco Bay Area Since 1967 [EMAIL PROTECTED] www.americansentry.net -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
Richard Creighton [EMAIL PROTECTED] wrote on 07/17/2007 02:02:51 PM: Thanks to all that have endured this thread and to all that have contributed their ideas. BTW, I did install 'fail2ban' and it did execute but it never caught any attacks...so obviously I screwed up in configuration somehow even though I pointed the thing to the syslog-ng file as input, etc but it never reported either an error or an attack. I've been watching this thread and have had fail2ban in the back of my mind. Is Fail2ban not necessary anymore with the recent addition to the kernel. Is this the new way of doing things? Should fail2ban be considered a workaround/hack/old technology? ~Dale -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot shut down
On Monday 16 July 2007 22:16, [EMAIL PROTECTED] wrote: Okay, I've used the init 0 for shutting down for a week now. Well, it can always shut my machine down. But some of the time, the hard drive apparently wasn't unmounted because occasionally when I turn on the machine, it always replayed transactions. There's about 200 transaction replayed when this happens. So, I am worried that eventually it will corrupt my Linux. Is there any other way to solve this problem? You can't shutdown using what? The init 0 from console gives very little time applications to exit cleanly, but most of them, if they listen the kernel, will have enough time to exit. So this seems to be some buggy application that doesn't pay attention to kernel messages. Is that fuse and ntfs-3g or something else you can find out if you remove them from system, if symptoms remain than it is not this 2 and you can go further. What I would do is Ctrl-Alt-F1 to get text mode terminal. Log in as root, and that run init 3 to see what is hanging. If you don't get command prompt after init 3 than press Enter it should appear. I suspect that some of GUI application doesn't exit. If all seems OK and you get your command prompt, than from here you can run init 0 to shutdown or init 6 to reboot computer and see is there again error messages and transaction replay. -- Regards, Rajko. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
* Richard Creighton [EMAIL PROTECTED] [07-17-07 17:05]: Thank you very muchObviously despite everything, I must have fat-fingered something somewhere. After a cut and paste session PLUS a system reboot (something I very rarely do in Linux), I ended up with: ... A quick simple solution for one or two... addresses: enable SuSEfirewall-custom and add to /etc/sysconfig/scripts/SuSEfirewall-custom iptables -I INPUT 1 -s address.as.dotted.quad -j DROP I now use fail2ban to help keep my logs in tow :^) tail /var/log/fail2ban.log 2007-07-17 15:17:48,638 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 203.239.102.253 2007-07-17 16:16:59,593 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 88.233.59.219 2007-07-17 16:21:59,842 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 88.233.59.219 2007-07-17 17:16:40,567 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 74.212.33.47 2007-07-17 17:20:11,928 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 196.12.206.93 2007-07-17 17:21:41,075 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 74.212.33.47 2007-07-17 17:23:26,242 fail2ban.actions: WARNING [postfix-tcpwrapper] 196.12.206.93 already banned 2007-07-17 17:25:12,589 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 196.12.206.93 2007-07-17 17:26:43,823 fail2ban.actions: WARNING [postfix-tcpwrapper] Ban 75.73.74.254 2007-07-17 17:31:43,980 fail2ban.actions: WARNING [postfix-tcpwrapper] Unban 75.73.74.254 just added ssh and http filters and stopped denyhosts. Testing phase. I like the basics of fail2ban, and I sense that it will get better. It is packaged by Rauch Christian [EMAIL PROTECTED] type = rpm-md name = suser-crauch baseurl = ftp://ftp.gwdg.de/pub/linux/misc/suser-crauch/ -- Patrick Shanahan Plainfield, Indiana, USAHOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535@ http://counter.li.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] dictionary attacks
On Tuesday 17 July 2007, Dale Schuster wrote: Richard Creighton [EMAIL PROTECTED] wrote on 07/17/2007 02:02:51 PM: Thanks to all that have endured this thread and to all that have contributed their ideas. BTW, I did install 'fail2ban' and it did execute but it never caught any attacks...so obviously I screwed up in configuration somehow even though I pointed the thing to the syslog-ng file as input, etc but it never reported either an error or an attack. I've been watching this thread and have had fail2ban in the back of my mind. Is Fail2ban not necessary anymore with the recent addition to the kernel. Is this the new way of doing things? Should fail2ban be considered a workaround/hack/old technology? ~Dale I don't thing F2B is needed any more once you get a working recent installed. Doing this in iptables is so much more efficient than all the other hacks I've seen, and since installing recent I never get any of these dictionary attacks in my logs. (Well ok, I see three hits then the site is dropped and I never see them again. They soon just give up and never try my site again, its very effective). Tempest in a teapot if you ask me. Dictionary attacks are never going to be successful at my sites anyway due to password standards. On some sites we don't even allow password, and insist on public key. -- _ John Andersen -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Re: HI-JACKED THREAD, was: dictionary attacks / [$HOME NFS-mounted]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Tuesday 2007-07-17 at 12:55 -0400, Ciro Iriarte wrote: Sorry, i don't see it as part of another thread from GMail. Then change your mail client. The gmail webmail is broken in this respect (and others). - -- Cheers, Carlos E. R. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGnVY/tTMYHG2NR9URAoEGAJ0YmfQaQ8gf3v8MZHRzVYfDQxL+bQCdFbZd apZmMyNaBFncmlqM0iO4nh0= =yG6t -END PGP SIGNATURE- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot hear any sound
On Tuesday 17 July 2007, Brandon Carl wrote: Hey, I posted this about a week or so ago, and got no response, so I'll try again. I have a sound card built in to my motherboard, and for some reason I cannot get it to play mp3 files. I downloaded the correct driver for it, from http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1PNid= 23PFid=23Level=4Conn=3DownTypeID=3GetDown=false#AC and I used the installer script they provided and it seemed to work fine. But when I try to start amarok 1.4 to try and play a file, I get an error saying xine was unable to initialize any audio drivers. When I try to do a cat tst/dev/audio or cat tst/dev/dsp, with tst just being a text file, I get an error: bash: /dev/dsp: No such device and bash: /dev/audio: No such device. I am running openSUSE 10.2 on the KDE gui. Also, when I go into hardwaresound in Yast, it shows the device as not configured, but when I do a quick automatic setup it says: An error occurred during the installation of 'VT8233/A/8235/8237 AC97 Audio Controller'. The kernel module snd-via82xx for sound support could not be loaded. The can be caused by incorrect module parameters, including invalid IO or IRQ parameters. Does that mean I have to recompile the kernel? -Brandon = Brandon, If it's just mp3 files you can't play or hear, then you must be using the SuSE files for your Amarok. Go to Packman mirrors to get the fixed files(Amarok, etc) to install/replace the SuSE ones. But if no sound is working, you'll need to still replace the files, but also do a bit more investigation. As John mentions, the driver/module for your motherboard sound is already part of the kernel, so no need to install other files or recompile the kernel. Built-in sound is a hit and miss with SuSE many times. Sometimes you have good luck, other times not so good. But it's not all SuSE's fault either, because the built-in sound is not the best choice if you value your sound quality. Get a good sound card to add to the system, if possible. It's very seldom, if at all, that the motherboard manufacturer will provide Linux drivers, so I'm not sure what you installed. There was a trick involved in an earlier version of SuSE to get this working when you get the error you mention. I'm sorry, I don't remember what that was. You might be able to check the email archives to get an answer. Hopefully helpful, Lee -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] RE: Self initiated HTTP messages to www.kde.org
* Registration Account [EMAIL PROTECTED] [07-17-07 21:23]: MY IPS system has been warning me of regular - time initiated http messages to www.kde.org. These messages are auto sent 24/7 even by idle Workstations. I cannot test a gnome desktop, however I think they may not be auto sent. http://users.tpg.com.au/adslmi38/linux/kde04_Jul_17_2007_14_36_32.pdf Looks to be a traffic report from your router. Check your router configuration. note: 198.168.1.1 is normally a router addr. -- Patrick Shanahan Plainfield, Indiana, USAHOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535@ http://counter.li.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Automated CD Ripping
Simon Crute wrote: On Monday 16 July 2007 13:50, David McMillan wrote: I'd like to set up a script on my 10.2 box to automatically rip a CD whenever the drive is closed, and auto-eject the CD when the process completes or hits an error. Anyone know of a good set of resources that could help a complete novice achieve this? kaudiocreator will do this for you anway, and lookup the cddb entries. You can set up Kaudiocreator to start every time the CD drive is closed? And auto-eject the disk afterwards? I've been using KAC quite a bit, but I'm pretty sure I've explored most of the setup menu options w/o coming across those. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Automated CD Ripping
You should be able to set Kaudiocreator as the default application to launch when a cd is inserted. Look under Configure Desktop - Periperals - Storage Media - Mounted CD Rom You should be able to add a new command there. Hope this helps Tom David McMillan wrote: Simon Crute wrote: On Monday 16 July 2007 13:50, David McMillan wrote: I'd like to set up a script on my 10.2 box to automatically rip a CD whenever the drive is closed, and auto-eject the CD when the process completes or hits an error. Anyone know of a good set of resources that could help a complete novice achieve this? kaudiocreator will do this for you anway, and lookup the cddb entries. You can set up Kaudiocreator to start every time the CD drive is closed? And auto-eject the disk afterwards? I've been using KAC quite a bit, but I'm pretty sure I've explored most of the setup menu options w/o coming across those. -- Tom Parker Systems Delivery Specialist Lottery Systems Division Canadian Bank Note Company -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot shut down
Thanks, I'll try that. Well, I can't shutdown using either: 1. Shutdown using KDE's K menu 2. Ctrl-Alt-F1, root login, and call shutdown -h Even when rebooting, sometimes it just didn't work. I have to reboot from KDE's K menu and press Ctrl-Alt-Backspace, root login, and then init 0. But after this, in the next boot there's lots of transaction replaying. I'll try using init 3 to check it out. Thanks. Rajko M. said: On Monday 16 July 2007 22:16, [EMAIL PROTECTED] wrote: Okay, I've used the init 0 for shutting down for a week now. Well, it can always shut my machine down. But some of the time, the hard drive apparently wasn't unmounted because occasionally when I turn on the machine, it always replayed transactions. There's about 200 transaction replayed when this happens. So, I am worried that eventually it will corrupt my Linux. Is there any other way to solve this problem? You can't shutdown using what? The init 0 from console gives very little time applications to exit cleanly, but most of them, if they listen the kernel, will have enough time to exit. So this seems to be some buggy application that doesn't pay attention to kernel messages. Is that fuse and ntfs-3g or something else you can find out if you remove them from system, if symptoms remain than it is not this 2 and you can go further. What I would do is Ctrl-Alt-F1 to get text mode terminal. Log in as root, and that run init 3 to see what is hanging. If you don't get command prompt after init 3 than press Enter it should appear. I suspect that some of GUI application doesn't exit. If all seems OK and you get your command prompt, than from here you can run init 0 to shutdown or init 6 to reboot computer and see is there again error messages and transaction replay. -- Regards, Rajko. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Fare thee well, Bawenang R. P. P. ERROR: Brain not found. Please insert a new brain! Do nothing which is of no use. - Miyamoto Musashi. I live for my dream. And my dream is to live my life to the fullest. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot hear any sound
[...] Brandon, If it's just mp3 files you can't play or hear, then you must be using the SuSE files for your Amarok. Go to Packman mirrors to get the fixed files(Amarok, etc) to install/replace the SuSE ones. But if no sound is working, you'll need to still replace the files, but also do a bit more investigation. I don't know what I am using for Amarok. The sound has never worked in this machine, because I don't think i set it up correctly originally. [...] Built-in sound is a hit and miss with SuSE many times. Sometimes you have good luck, other times not so good. But it's not all SuSE's fault either, because the built-in sound is not the best choice if you value your sound quality. Get a good sound card to add to the system, if possible. It's very seldom, if at all, that the motherboard manufacturer will provide Linux drivers, so I'm not sure what you installed. I am pretty sure I found the correct driver for my built in sound, as I said in my previous post. It came with a shell script to install it, and it seemed to install correctly. [...] Hopefully helpful, Lee I have a feeling the problem might have something to do with me switching machines. I used to have this hard drive in a different machine, but now I updgraded to a faster processor. The sound didn't work then either. I'm not gonna spend the money on a nice sound card for this box, because it mainly acts as a server for my lan, but it would be nice to be able to review some of the mp3's the various users upload to it. It's not something I absolutely need, but it would be nice. Thanks, -Brandon -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot shut down
Well, when I looked at Yast, there's actually a Fuse package. But it is still the 2.5.2-10 version. When I look at ntfs-3g's website, it said that I should install fuse version 2.6 or more. So I decided to download the latest stable fuse source code and install it with the usual configure, make, make install steps. Btw, when I look at Yast or do a rpm -qa|grep fuse, it said my fuse is still the fuse from SuSE (v2.5.2-10). But when I do a dmesg|grep fuse, it displayed this: fuse: module not supported by Novell, setting U taint flag. fuse init (API version 7.8) fuse distribution version: 2.6.5 So maybe there're 2 instances of fuse in my computer and this is causing my computer cannot be shut down. As for a program that needs to be closed, maybe that's the case. But I don't use any database. My usual applications used were KDevelop, Firefox, Amarok, Konsole, Kwrite, Konqueror (for browsing local or intranet), and sometimes KGet. And for the service daemons running in the background, I think they're the standard ones from SuSE. I can't integrate any package to the system. Didn't have the knowledge yet. I'm probably still 1 - 2 level above a Linux newbie. :D Thanks. Hans defaber said: Hans defaber wrote: The shutdown procedure is not much more than a'n init 0 , the init program is the workhorse of the startup and shutdown. If you look at the shutdown messages on your screen, you should see at the end the unmount messages of all disks. I think your real problem is a program that should be shut down first before the systemshutdown. Mostly database applications have a separate shutdown. Once more thinking about yout problem. Fuse is a userspace file system, I do'nt have any knowledge about this package, but userspace means that all actions are done and should be done in userspace. So the dismount of all userspace filesystem most done before you can shutdown or maybe logout. Shutdown (init) is a systemspace action. So far as I know is fuse not integrated in suse, You have to be your own systemsintegrator . A difficult and interesting job. Succes, Hans Fare thee well, Bawenang R. P. P. ERROR: Brain not found. Please insert a new brain! Do nothing which is of no use. - Miyamoto Musashi. I live for my dream. And my dream is to live my life to the fullest. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] sensors.conf -Help !
On Tuesday 17 July 2007 17:01, Bob S wrote: On Sunday 15 July 2007 10:21:32 Rajko M. wrote: On Sunday 15 July 2007 00:26, Bob S wrote: Hello SuSE people, Been trying to get my sensors.conf file to report accurately on my system. . It would be good to read http://www.lm-sensors.org/wiki/FAQ section 3. Problems. http://www.lm-sensors.org/wiki/FAQ/Chapter3 Nothing in the above URL's about these problems. Maybe we should take this off list. If you want to. We can post result in this thread. Short: Sensors will show what you set in sensors.conf, and that can be correct or out of way. Wel. not exactly, What I meant is that you can do whatever math you want on raw values. You get those values if /etc/sensors.conf has only one line: chip w83627thf-* and than run sensors -s and than sensors Make backup copy of original. Make one copy that has only your chip section, it will be easier to edit. To create one line sensors.conf run: echo chip \w83627thf-*\ /etc/sensors.conf I made some changes today in sensors.conf and one of the changes is not being honored. To bring you up to date. Today, I just commented out the -12V parameter because the bios doesn't report it and that worked OK. BIOS might not use all values even if they are present. The previous oneliner sensors.conf will give you all values that are reported by chip. But,I created a new problem when I removed the comment lines for in0, the Vcore. See that in my latest sensors printout just below: Still have the alarm problem for the 3.3V parameter. EasyStreet:/ # sensors w83627thf-isa-0290 Adapter: ISA adapter VCore: +1.54 V (min = +1.94 V, max = +1.94 V) ALARM This is Vcore, but min and max values are wrong. See /usr/share/doc/packages/sensors/vid to understand what is going on with this, and your chip driver should be able to recognize command set vrm 2.4 according to above file put that right below section title: chip w83627thf-* w83637hf-* set vrm 2.4 +12V: +12.28 V (min = +10.82 V, max = +13.19 V) +3.3V: +0.45 V (min = +3.14 V, max = +3.47 V) ALARM Simply wrong input is taken as 3.3 V. From raw values listing and more reading it should be possible to find input line. +5V: +5.09 V (min = +4.75 V, max = +5.25 V) V5SB: +5.16 V (min = +4.76 V, max = +5.24 V) VBat: +3.62 V (min = +2.40 V, max = +4.08 V) Sys Fan: 3183 RPM (min = 2800 RPM, div = 2) CPU Fan: 5672 RPM (min = 5487 RPM, div = 2) M/B Temp: +46°C (high = +86°C, hyst = +2°C) sensor = thermistor CPU Temp: +33.5°C (high = +80°C, hyst = +75°C) sensor = diode For CPU temperature you should try other options for sensor until you get what BIOS reports. I doubt it is diode, as above report tells. * # set up sensor types (thermistor is default) # 1 = PII/Celeron Diode; 2 = 3904 transistor; # 3435 = thermistor with Beta = 3435 # If temperature changes very little, try 1 or 2. # set sensor1 1 # set sensor2 2 # set sensor3 3435 ** ... OK,,Here is what is reported in the bios CPU 55 degrees C Sys Tmp 45 degrees C CPU Fan 5720 rpm Sys Fan 3185 rpm Vcore =1.54V +5 =5.25V +12 =11.8V +3.3 =3.4V Also the section of /etc/sensors.conf that is used with your sensor: chip w83627thf-* OK, Here is sensors.conf: (Mind you I have made changes to this conf file) I uncommented and commented in0 several times and still come up with the crazy min/max levels for Vcore as shown above. This has to wait until you see raw values. What is your motherboard and chipset? # lspci -v K8T800Pro Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Micro-Star International Co., Ltd. K8T NEO 2 motherboard ... MSI is not very verbose about hardware. Maybe if one asks, and explain details why they are needed, we can get some information. -- Regards, Rajko. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Cannot hear any sound
On Tuesday 17 July 2007 21:49, Brandon Carl wrote: I am pretty sure I found the correct driver for my built in sound, as I said in my previous post. It came with a shell script to install it, and it seemed to install correctly. Have you read README in realtek-linux-audiopack-4.06a? Though, I would try YaST to configure sound. It will find the card and install proper drivers. The mp3 support is provided with Real Player, but it has to be installed and set as default player for mp3. -- Regards, Rajko. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [opensuse] Unable to Install OpenSUSE10.2
Hi all, Yesterday and the day before i was trying to install getting them from the internet. The update is that when run from the internet the yeast loaded and the installation initiation screen showed up but after the first screen it crashed again. My guess is that the particular hardware combination of my system is the reason. Though i think there could be many systems that use this hardware. Update on WLAN, I wanted to directly run the online installation through WLAN. But it does not load the WLAN card on my system so i had to bring the actual modem and hook it up using Ethernet cable. The card uses Prism RT61 chipset(DLink) but the RT61 driver loaded did not work. When i give the SSID it says cannot find the AP and complete DHCP procedure. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
