Re: restore/backup/snapshot
On Thu, Oct 23, 2003 at 05:54:24AM -0700, bruce wrote: [snip] > it would actually be helpful to be able to make sure the base OS and the > supporting apps are properly captured as one part of the application, with > the other data/apps on the system being "captured" in a separate part of the > process. This kind of segmentation would actually allow us to restore a > machine to it's base config without needing to be concerned with the rest of > the apps that a user may have added to the machine. It would also provide a > method of restoring the other apps if we needed to > > we're willing to consider commercial apps, but we would prefer open source. > any suggestions would be appreciated Do yourself a favor and segment your system on separate drives: system stuff on one or more, and your add-ons on one or more drives. Not only does this make it a piece of cake to upgrade but it also minimizes the danger of a catastrophic drive failure taking it all out. As for backup snapshots, go to freshmeat.net and do a search for rsnapshot, one of the better rsync-based snapshot apps. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Howto: Quicker web browsing, slower FTP traffic?
On Tue, Oct 21, 2003 at 11:43:51AM -0400, Reuben D. Budiardja wrote: > On Tuesday 21 October 2003 11:30 am, Rodolfo J. Paiz wrote: > > Hi! > > > > I don't know whether this is the right place to ask, but kindly point me to > > an FM that I can R if it isn't. Cross-posted to redhat-list and > > shrike-list. > > > > My wife is creating lots of Kazaa traffic, and I am using rsync to create a > > full mirror of Red Hat's FTP site, Aurora Linux FTP site, the LDP site, and > > some other stuff. Clearly, when one is moving well over 100GB over a 128 > > Kbps link, this is going to take a long time... but that's OK, we're in no > > hurry. [snip] As Jason pointed out, you want to use netfilter or PF's QoS capabilities. If using netfilter, a match module for Kazaa and other p2p protocols has recently been developed that will make it easier to set up marking of packets for instituting QoS, see: http://mega.ist.utl.pt/~filipe/ipt_p2p Note that the examples are slim at that site so some homework will be necessary. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Iptables denies access to web site
On Mon, Oct 20, 2003 at 08:29:41AM -0500, lrnobs wrote: > > > >Just so I get it right, I assume since there is only one nic declared in > >the ruleset that the Dlink is providing NAT for the LAN? > > Jack, > > I think the answer is yes. The configuration is dsl to dlink router, dlink > router to hub. Internal pcs have 192.168.0.X addresses. Once things are > prepared the dlink router will allow public port 80 to route to internal > port 8080 and will point to a specific internal pc, which has one network > board and a 192.168.0.X address. Larry - Try doing "hairpin NAT" on your iptables box. Add the following rule after your port 80 rule (placement not critical but nice to keep the webserver stuff together): $IPTABLES -t nat -A POSTROUTING -p tcp --dport 80 -s 192.168.0.0/24 \ -j MASQUERADE (Remember that the \ is a line continuation marker so if you can put the rule all on one line then just delete the \). What this rule translates to in english is: "change the IP header source of all packets coming from the LAN and bound for port 80 to that of the external IP." IOW, your apache httpd.conf will react to the packet as if it came from outside the firewall even though it didn't and should answer it accordingly. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Iptables denies access to web site
On Sun, Oct 19, 2003 at 10:29:38PM -0500, lrnobs wrote: > It is behind a Dlink router. When online the port 80 coming in will be > directed to 8080 internally which Tomcat is using. I haven't opened it up > for full time Internet access, until I get some things secure and > working. My internal network access via 192.168.0.X cannot connect to the > web site once I load this particular firewall. > > Is the > iptables -P INPUT DROP > iptables -P FORWARD DROP > iptables -P OUTPUT DROP Sorry, my bad. The policy statements are right there near the beginning where it should be. The lack of comments in the script makes it harder to follow than it should be. Just so I get it right, I assume since there is only one nic declared in the ruleset that the Dlink is providing NAT for the LAN? -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Iptables denies access to web site
On Sun, Oct 19, 2003 at 08:26:13PM -0500, lrnobs wrote: > I have the following iptables basically borrowed from > http://www.sns.ias.edu/~jns/security/iptables/rules.html but I need to open > up access to a web site running with Tomcat and Apache. > > I tried to modify it (in bold) below to open up access to my web site but I > am locked out. [snip] Firstly, IMO, any iptables ruleset that does not declare a default policy, as is the case here, should be rewritten. Despite that we do not really have enough information to help you. Is this a standalone box? Is it behind a router/firewall? -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Kickstart - post install cp of files from CD fails
On Fri, Oct 17, 2003 at 10:07:33AM -0500, Benjamin J. Weiss wrote: > > from http://256.com/gray/docs/rh_boot/ > > Darn, Marcel, I wish I'd seen this one yesterday! Would have saved me > several hours and two DVD-R's! Nice page. Thanks. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: C++ lib compatibility between Red Hat 9 and 7.3
On Fri, Oct 17, 2003 at 10:37:56AM -0500, Otto Haliburton wrote: > Further, only an idiot would interpret what I'm saying as a put down of > developers or the open source community. I'm saying plain and simple. In > order to further the growth and prosperity of the open source community we > need to solve quirks in development that cause the user grief. I was > offering what is deemed the biggest problem with open source development. > The lack of resources causes the solution to problems to come after release > rather than before release and that is a problem no matter whether it is the > open source community or elsewhere. I think that Jon needs to learn how to > read. Otto, not that you would care at all but the reason I am about to add you to my kill file is that your attitude of "I know everything and everybody else is an idiot" doesn't sit well with me. Not that I am expecting you to change your world view. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: graphing a data stream
On Thu, Oct 09, 2003 at 12:57:22AM -0500, ivan roseland wrote: > > Hey, > > my best guess would involve grabbing the data as it comes in with a perl > script and then write it to RRDTool > then let RRD tool draw the graph when it is needed. Thanks, Ivan. Not swure RRDTool would do any better than gnuplot here but thanks for the tip on using perl modules for the collection. Seems to be several out there. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
graphing a data stream
I have googled unsuccessfully for any relevant info on this but I am sure that it is old hat to many of you out there. At work, I would like to dump a stream of data points on two separate ttys into a spreadsheet or database and graph the data in "near real time". If there are any tutorials or suggestions for further research, please pass them on. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Open TCP & UDP Ports
On Wed, Oct 08, 2003 at 03:21:13PM -0400, Reuben D. Budiardja wrote: > On Wednesday 08 October 2003 03:11 pm, Staven Bruce wrote: > > I have a RedHat 8.0 box running Apache and Mailman. I am trying to make > > sure it is locked down. When I run a port scan with nmap, I find the > > following TCP ports open: > > > > 25 -- Mail > > 80 -- WWW > > 111 -- SUN RPC > > 443 -- SSL > > 515 -- spooler > > 6000 -- X Windows > > 32768 -- Filenet > > > > Now, I know I need 80 and 25 open, but can't I just close the rest? How do > > I close a specific port within the RedHat OS? > > > > One last question, the port scan also returns 81 UDP ports as open or not > > answering, should I close these as well? Port scans run from the same subnet as you are scanning always show more ports open than there actually are. For a true evaluation, run the scan from outside the subnet. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OS Desktop Business Model?
On Sun, Oct 05, 2003 at 09:17:37AM -0400, Kevin MacNeil wrote: > On Sat, Oct 04, 2003 at 10:54:46PM -0700, bruce wrote: > > > my $0.02 worth..and i don't normally follow this group/thread for > > linux to compete/succeed against windows/msoft on the desktop... there > > needs to be a rock solid office set of apps... for 20% of the price... > > > > then you would see msoft fall like a rock... if oracle put in a $1 > > billion, and sun gave their star office app, and then a huge open > > source app was create with the star office/funds as a start... within > > 12-18 months you'd put a dent in msoft > > I honestly think the desktop is pretty much there right now. For > ordinary office stuff a good distribution like Redhat and OO.o, mozilla, > evolution, etc. are more than enough for most office workers. And they > don't cost 20% of Windows + Office, they're free. It's old hat to us, > but your average clueless user (and IT manager) either doesn't know you > can get better software for nothing, or else believes it must be bad > because it's free. I've run into this over and over. In my corporation, there is a whole department that concerns itself with the procurement, installation and administration of MS products. If they were to drop MS products, there would need to be a wholesale retraining of the IT staff and the users of the software. As well, a couple of years down the road when it is found that open source software fits the bill nicely at much less cost, the existence of most of the layer of software support staffing would be called into question. So there is a built-in survival instinct for not letting open source in the door for some people. Having said that, it is a concern mainly for the desktop user (Exchange Server, XP). Linux is taking over more and more functions from our old HP-UX boxes in the backroom and will continue to do so. Eventually there will be a solid foundation of linux boxes with an easy to use but virus-sucking desktop layer on the desktop. I think it will be easier to rationalize the switch with time. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: iptables
On Mon, Sep 29, 2003 at 01:45:52PM -0400, Parker Morse wrote: > I'm not the best person to be asking about firewalls, but: > > I think you're confused about the way OUTPUT works. It acts on any > packets sent out by your system. Unless you are concerned about how > users of your system are going to be using it, you're creating more > problems than you're solving by having too many rules on OUTPUT. Unlike > INPUT, where you don't know what's coming in from outside, you're > better off with a permissive policy (only blocking ports which cause > trouble, instead of only opening ports you need) on OUTPUT. "Better off" is subjective. Having a permissive policy on the OUTPUT chain is certainly less work for the admin. But I lock all chains down cuz then I have to force myself to write the rules I need to get packets out as well as in. I like knowing what my firewall is set to do rather than take it on faith. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
test5+ bombing on uhci-hcd
I suspect there are a few RHers tracking the mainline test kernels. If so, has anybody run into a problem with uhci-hcd loading? My RH 8 box hangs instantly with no way of recovery except for a reset. This started with test5 and continues with test6. According to the changelogs there have been many USB changes in the past couple of releases as to be expected. But I'll make a diff and try to wade through it anyway. Just thought I'd put out an initial feeler. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: DHCP appears not to be working
On Mon, Sep 22, 2003 at 12:40:22PM -0500, Vidiot wrote: > >Did the firestarter open the dhcp ports? I think it broadcasts on port 68 > >TCP/UDP > > When I ran the firestarter wizard, I added DHCP to the list of stuff I run. > After that it worked. > > Here are the $64,000 questions: > > 1) Why is firestarter setting up the firewall to block stuff from eth1, >my internal lan, when I ran the wizard and gave it eth0 as the device? > 2) Why is firestarter letting VRAS (the Philips VPN software, which I believe >uses port 500) get through the system, or is that because I'm not trying >to VRAS to my box, but having it port forwarded out of the box? 1) Questions re firestarter should be directed to the developers at [EMAIL PROTECTED] 2) Best way to discern possible problems with firewall rules is to post the output of "/sbin/iptables -L -v -n" and "sbin/iptables -t nat -L -v -n" -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: procmail folders and filters
On Fri, Sep 19, 2003 at 01:15:37PM -0400, Parker Morse wrote: > On Friday, Sep 19, 2003, at 12:49 US/Eastern, christopher j bottaro > wrote: > >i have a linux account at school. to check my mail, i can ssh into > >one of the > >linux machines at school and just type mutt. problem with that is > >that i'm > >on like 20 mailing list and my inbox is just a huge mess. so instead, > >i use > >kmail from my home machine to log into the pop server and download all > >my > >emails and use filters to put them in different folders. > > > >my question is if i use procmail to filter my mail into different > >maildirs on > >my school machine, will i still be able to download them all on my home > >machine using kmail and using pop? > > No. POP just checks the inbox. If you use procmail to filter your mail > into different maildirs, it won't be in the inbox. Errmm. I had been doing this before going to mutt totally with zero problems. As long as you use the "keep" switch to mutt, kmail should still see all the new mails in the inbox and process accordingly. > Does kmail support IMAP? IMAP will let you see those maildirs from home. > > IMHO, if you're regularly checking your mail from multiple locations > and need folders, IMAP is the only way to go. If kmail won't do it, > switch to something that will. Yes, probably a better solution. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: PDF Converter on Linux/Redhat
On Wed, Sep 17, 2003 at 02:07:57PM -0400, Kenneth Goodwin wrote: [snip]> > In terms of Web Site, the person in question was not looking > for an automated > on the fly to/from conversion utility. As Far as I > understood it, he wanted a automated system that > would convert any file format into a PDF so his web site > could display it in > one standard format, namely PDF. Adobe Distiller Server > provides that functionality > as an Off the shelf solution, but you can craft up the > equivalent with Perl or Shell wrappers > around other functions and a cron based control script. [snip] This just popped up on freshmeat. Of possible interest and GPLed. http://alambic.iroise.net/ -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Prefered backup method?
On Wed, Sep 17, 2003 at 10:24:50AM -0400, Javier Gostling wrote: > On Tue, Sep 16, 2003 at 11:25:36PM -0600, Rodolfo J. Paiz wrote: > > The only catch is my wife's computer, since I do not have rsync for Windows > > 2000. I need a way to use Putty (more likely, pscp) to do rsync's job, but > > I have not figured that out yet. > > What about using cygwin to run rsync and openssh on the Windows machine? I'll be doing exactly this in the few spare moments I have at work today... -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: IPTables overhead
On Sat, Sep 06, 2003 at 08:30:30PM -0700, Gordon Messmer wrote: > Res wrote: > >On Wed, 3 Sep 2003, David Hart wrote: > > > >>I've about had it with attacks to our web server emanating from certain > >>geographical areas. This is not a display of Xenophobia. I have never > >>really used IPT. > >> > >>It takes about 4,000 lines for Korea and China alone and that's with > >>CIDR formatting. > > > >You could shrink it a bit... > > > > In addition to shrinking the list by using larger networks, you can > optimize your IPTables setup by testing more specific packets. > > For instance, if you only want to block connections to apache from those > networks, create a new chain and only jump there on packets that > initiate a connection to apache. example: > > # Create a chain which will filter out unwanted networks > iptables -N DROP-ATTACKERS > # Populate the chain with rules which will drop packets from > # the unwanted networks > iptables -A DROP-ATTACKERS -s 202.80.0.0/12 -j DROP > iptables -A DROP-ATTACKERS -s 202.96.0.0/11 -j DROP > # etc... > # Create a rule in the input chain that will check incoming > # connections to apache against the rules in the new chain > iptables -A INPUT -p tcp --dport 80 --syn -j DROP-ATTACKERS > > Now, an incoming syn packet destined for port 80 will run through the > costly iptables check for unwanted source networks. All other traffic > will pass through the very short INPUT chain with minimal processing. > This is a very effective optimization, especially when you plan to > include a lot of filter rules. > > Also, because you have your unwanted networks in an existing chain, you > can later choose to filter other network ports using the same list of > unwanted source networks. Yay, Gordon. I'm glad somebody brought user-defined chains into this thread. They really are the best way to stop packet traversal of huge firewall sets in iptables. If web hits are your main problem, put the user-defined chain near the front of your firewall rules so the packets get dropped early. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Configure X without redhat-config-xfree86?
On Wed, Sep 17, 2003 at 12:44:29AM +0200, [EMAIL PROTECTED] wrote: > > * and then Lists declared > > Assuming you haven't had any luck with the other suggestions regarding > > redhat-config-xfree86, some things to look at (in no specific order) > > > > 1) Does your monitor def have freq ranges that would allow higher res? > > Look in /usr/share/hwdata/MonitorsDB to see if you can find the info for > > your monitor. > > > Right, got it sorted. Nightmare. I'll write it up and post to the list > in the morning. It was the prosavage card in the end but I got it fixed. > Thanks everyone ;-) A followup would be appreciated, Nick. I note the following that dropped into freshmeat the past 24 hours: http://www.mediom.com/~rener/linux/ which is a repository for the Knoppix hardware detection/config code which has recently been ported to RH and MAndrake. The changelog mentions a script for configuring X settings without rebooting. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Vmware on Red Hat 9
** Reply to message from Jason Dixon <[EMAIL PROTECTED]> on Tue, 16 Sep 2003 09:24:18 -0400 > On Tue, 2003-09-16 at 09:20, Ed Greshko wrote: > > On Tue, 2003-09-16 at 21:12, Jason Dixon wrote: > > > > > > > > No kidding. You're offering an answer to a question that was never > > > asked. You're also trying to qualify your assumptions as relevant, when > > > they are not. > > > > Is this "flame bait"? > > No, it's called a "summary". Jason/Ed - You aren't 13 anymore. Takre this offlist, please. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Wu-ftp config question
** Reply to message from Sasa Stupar <[EMAIL PROTECTED]> on Tue, 16 Sep 2003 07:44:24 +0200 > Ed Wilts pravi: > > >On Mon, Sep 15, 2003 at 08:03:03PM +0200, Sasa Stupar wrote: > > > > > >>I have a question regarding the configuration of wu-ftp: I have it > >>working for guest and anonymous (I don't want to enable real unix). How > >>do I set up default permissions for upload (eg. 755) for guest? Now it > >>is set to 022. > >> > >> > > > >I use upload clauses like so: > >upload /cust/*/* * no > >upload /cust/*/* /pub/upload yes * * 2770 > > > >This forces all uploads to go the upload folder and allows group access. > >There are a bunch of examples in the man page for ftpaccess. Also look > >at the upload.configuration.HOWTO file which was installed as part of > >the rpm. > > > >You can also use the defumask statement to tweak the permissions. > > > > > > > I am using webmin to configure wu-ftp. I have setup default umask to 755 > for all classes but looks like this doesn't work because when I upload > files they have 022 permission. Which is exactly what you told it to do with the umask which is *subtractive* from the 777 permission ordinal. So a umask of 755 gets you a file permission of 022. A "man bash" will get you all the gory details. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: starting kde/gnome
** Reply to message from Joseph A Nagy Jr <[EMAIL PROTECTED]> on Sun, 14 Sep 2003 19:40:01 -0500 > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Sunday 14 September 2003 19:29, Mark McDonald wrote this in an > attempt to be witty or informative: > > I'm using cygwin/Xfree86 for X windows hosting on > > windows - I'm pretty sure > > that using PuTTY is a similiar solution to what I've > > got (but it might be a > > PuTTY fits on a floppy disk (340+KB). I also suggest WinSCP321 (sFTP > client (sFTP is part of SSH so nothing extra to install if you have > sshd running)) as it will fit on the same floppy as PuTTY (WinSCP is > around 758KB). > > > smaller footprint). I know I should use SSH, and will > > if I open it to the > > firewall. Right now, I just want a way to log into > > the Linux box from the > > other computers on the LAN. > > Well, you should be able to just issue 'startx' like normal and your > local display manager /should/ take it from there. If not, try kdm and > gdm (K Desktop Manager and Gnome Desktop Manager respectively). > > > > > So what I'm looking for is what command *should* I use > > to run Gnome &/or KDE > > ie. what is supposed to start these correctly. > > > > Mark. > > > Not having done this myself (on the computers I remotely log in from, > I'm not able to install additional software). Perhaps I am misinterpreting Mark's query. PuTTY will get you a command line session to your remote box, but you need an X environment of some kind on your local Windows box to *see* any X GUI app such as GNOME or KDE locally. That is where cygwin or VNC come in. Or am I totally misunderstanding here? jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: php on RH8
** Reply to message from Kalin Mintchev <[EMAIL PROTECTED]> on Sat, 13 Sep 2003
01:57:38 -0400 (EDT)
[snip]
> this code works perfectly fine on the bsd machine. on the rh8 i get this
> cli output (both installed the SAME way and from the SAME source 4.3.0):
>
> # ./ratLL.php
> ./ratLL.php: line 2: ?: No such file or directory
> ./ratLL.php: line 3: syntax error near unexpected token `('
> ./ratLL.php: line 3: ` $db = mysql_connect(localhost, "user", "pass");'
>
> i posted a week ago this code. i was told that the cli compiled on the rh8
> is not a "redhat one". so my problem question is why? why wouldn't the
> install script detect the os as RH8 and compile the "correct redhat" cli..
This smells of a unicode issue. Backup your /etc/sysconfig/i18n file and then
edit it to something like this:
LANG="en_US:en"
SUPPORTED="en_US.en:en_US.UTF-8"
SYSFONT="latarcyrheb-sun16"
LC_COLLATE="C"
and see if it makes a difference.
jb
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
Re: Buiild - RED HAT lLinux - 2.6.0-test5
** Reply to message from srinivask <[EMAIL PROTECTED]> on Sat, 13 Sep 2003 11:50:59 +0530 > Hi, > > I have built Linux kernel 2.6.0-test5. > when installed i am getting the following error. > > Kernel panic:VFS: Unable to mount root fs - error. > also , the initrd-2.6.0-test5.img file is not there in /boot die. > > can anybody help me out . We need to know if you started from pristine source. If you did, then with the new kernels, all you have to do is: make && make modules_install && make install and it should do everything for you. The module target has been folded into the make process so you do not have to explicitly ask for it. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Routing problem
** Reply to message from gaston <[EMAIL PROTECTED]> on Fri, 12 Sep 2003 15:32:32 -0300 > -Original Message- > This is feeling like a firewall issue to me so lets look more closely at > that. > > Not knowing your firewall script (I have lazily allowed shorewall to > abstract my thinking to it way of doing things) why don't we take a look > at the rules as the are actually in iptables > > why don't you post the output of iptables-save -c and lets take a look > at what iptables is really doing? > > Bret > > -- > These are the scripts I'm using for iptables, i really appreciate your > help, my job depends on this. > > > #!/bin/bash > > iptables -F > iptables -t nat -F > iptables -t mangle -F > > > iptables -A INPUT -i lo -p all -j ACCEPT > iptables -A OUTPUT -o lo -p all -j ACCEPT > > iptables -A INPUT -i eth0 -p ICMP -j ACCEPT > > iptables -A INPUT -p ALL -i eth0 > > iptables -A FORWARD -i eth0 -p ALL -j ACCEPT > > iptables -A OUTPUT -o eth0 -p all -j ACCEPT > > iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT > > > iptables -A INPUT -i eth0 -p TCP --dport 22 -m state --state NEW -j ACCEPT > iptables -A INPUT -i eth0 -p TCP --dport 80 -m state --state NEW -j ACCEPT > iptables -A INPUT -i eth0 -p UDP --dport 53 -m state --state NEW -j ACCEPT > iptables -A INPUT -i eth0 -p TCP --dport 3306 -m state --state NEW -j ACCEPT > > iptables -P INPUT DROP > iptables -P FORWARD DROP > iptables -P OUTPUT ACCEPT > > > then I run other script which enables forwarding for the clients > > iptables -A INPUT -s $IP -i eth1 -m mac --mac $MAC > iptables -A FORWARD -s $IP -i eth1 -m mac --mac $MAC Do not use two scripts. Instead, move your default policy (iptables -P ...) stanza to the front of your first script and then move the contents of your 2nd script to follow the default policy stanza. As well, adding the following catch all rule to the very end of your script is considered a good idea for added insurance: # Drop everything not let through earlier iptables -A INPUT -j DROP jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: 2.6.0-test5 won't boot
On Fri, Sep 12, 2003 at 03:36:20PM -0400, Kevin Breit wrote: > Hey, >I compiled 2.6.0-test5 (latest) today and am having a hard time > booting it. During boot, I get: > > Kernel panic. No kernel found. Trey passing init= to kernel. > > My .img file is specified in grub.conf and does exist in the proper > directory. As does the kernel. > > Any help would be appreciated. Test-5 doesn't like me either. It hangs hard when trying to load the uhci-hcd driver. Oh well, test-4 is running nicely here so will stay with that until the next rev. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Prefered backup method?
On Fri, Sep 12, 2003 at 11:35:41AM -0400, Kent Borg wrote: > On Thu, Sep 11, 2003 at 08:23:39AM -0700, Jack Bowling wrote: > > I think backup methods are determined by your level of paranoia. For > > myself, I use a dedicated backup hard drive and rsnapshot > > http://rsnapshot.sourceforge.net for doing the grunt work. > > I am doing backups with a similar hard links-based technique and I > have a question: How can I tell how much space one of my backups > takes? I can't do a "du one_of_several_backups -s" because the hard > links make all the files real in there, even though they are possibly > shared with adjacent incremental backups. Ideas? Theoretically, the space used will be the size of all the copied files plus that of the increments. I can't see how it could be any greater. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: problem with cdrw drive
** Reply to message from shishir patil <[EMAIL PROTECTED]> on Thu, 11 Sep 2003 09:08:17 -0700 (PDT) > I've installed rh 8.0 and have been running it for about 3 weeks now. > But I've been having this irritating problem with my cdrw drive. I can > access it as a cd-rom drive, but > only for awhile. Sooner or later, after I remove a cd and place another > one in, it does not want to work anymore. The message says something > about a bad fs mount(I'm at work and this is my home machine, so I don't > have the specifics with me). I typcially shut down the machine and > reboot again. Most of the time this works (sometimes it > doesn't). The grub.conf is sets up hdc as an ide-scsi. the fstab file > looks fine. Any thoughts? In a terminal window logged in as root, do: rpm -e magicdev and enjoy bliss. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Restricting DHCP services by MAC address
On Thu, Sep 11, 2003 at 04:24:55PM -0500, Brent Herring wrote: > Actually, I'm using the dhcpd from www.isc.org. > > If I understand correctly, the configuration below would statically IP > addresses to the specified MAC addresses. I still want to assign IP > addresses dynamically since I have thousands of workstations to deal > with. > > Simply put I would like the server to DROP all requests for IP > addresses unless it is from MAC addresses that I have specified. Iptables can do this at the packet level. Write a rule that denies all dhcp requests on the port in question except for defined MAC addresses using the -m --match MAC option. Should work as long as the MAC address has not already been stripped out upstream. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Prefered backup method?
** Reply to message from Denham Eva <[EMAIL PROTECTED]> on Thu, 11 Sep 2003 15:21:38 +0200 > Hello > > Just wondering > Do you folks have prefered backup utils and methods? > ie tar or cpio, perhaps something else? > Is there a beter way to backup, instead of tape perhaps to another > Harddrive? > > Just a thought that occured to me, I would like to see if my backup > methodologies are correct. I think backup methods are determined by your level of paranoia. For myself, I use a dedicated backup hard drive and rsnapshot http://rsnapshot.sourceforge.net for doing the grunt work. It could easily be adapted to an offsite drive via the network, I used to do a laborious nightly tar backup but rsnapshot is so much faster and less work for the host box that it is no contest. -- Jack Bowling Prince George, BC mailto:[EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: dependency problems w/mailscanner
** Reply to message from Bret Hughes <[EMAIL PROTECTED]> on Mon, 01 Sep 2003 21:01:52 -0500 > On Mon, 2003-09-01 at 20:27, Kevin MacNeil wrote: > > On Mon, Sep 01, 2003 at 06:03:18PM -0500, Bret Hughes wrote: > > > > > Does MailScanner work or are you just worried about the dependency > > > errors? Did you use Julian's install.sh script to install it? > > > > I just installed the MailScanner rpm file. It works fine, but the > > dependency errors are keeping apt-get dist-upgrade from working as it > > should. It wants to uninstall MailScanner to make the problem go away. > > > OK I get it. This is one of the reasons I like to keep everything > possible rpm based, including perl modules. > > As I see it you have two reasonable choices: > > 1. build and install the perl-MIME-tools rpm this can get funky as you > know. This is still the method I prefer. > > 2 dl the src.rpm for MailScanner and tweak the specfile by removing the > dependency for perl-MIME-tools, rebuild the Mailscanner rpm and install > it. > > There may be a way to tell apt to ignore the deps for a specific package > but I really do not know what that is. http://www.quantumlinux.com/~kevin/rpmpan/ The above may be a useful link for those wishing to install perl modules via RPM. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: changing resolution of forwarded X traffic - SOLVED
** Reply to message from Rick Warner <[EMAIL PROTECTED]> on Fri, 29 Aug 2003 14:42:23 -0700 > On Fri, 2003-08-29 at 14:27, [EMAIL PROTECTED] wrote: > > > > > Ah. Thank you, Reuben. This make sense. > > > > Reuben's advice was very good. There might be another aspect, too. If > you scale the geometry, you get a different sized window but the data in > the window might still be as large, thus you will see less data at one > time. You might check the app to see if it will allow further tweaks > on components to scale them. For example, xterm allows for you to > select font size; try the following two commands and look at the > difference: > > xterm -geometry 80x24+0+0 -fn 7x14 > > and > > xterm -geometry 80x24+0+0 -fn 10x20 > > Both open xterm windows at the upper left corner of the screen, the > windows are both 80 characters by 24 lines, but there are two different > fonts. Not all X apps will allow such changes of components, and > some will force the changes to be in an app-defaults file rather > than specified on the command line, but it might be worth exploring > what options are available. Thanks, Rick. As it turned out for this particular app, all I had to do was pass it the -geometry 800x600 argument to the app name and it came up perfectly. Since the app is running on a HP-UX box, it apparently does not recognize the long version of the --geometry argument so it only takes the single dash. -- Jack Bowling Prince George, BC mailto:[EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
changing resolution of forwarded X traffic
I have tried to google for a solution to this but couldn't get any relevant hits. Does anybody know if it is possible to change the resolution of incoming forwarded X traffic? I have an app that I need forwarded to my laptop which only does 1024x768 res but the app is coming from a source where it is based on big 21" monitors. I can only see the top half of the app on my laptop. It would be nice if I could scale it somehow. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: I need WAV editor, with some basic features? Where can I get one?
** Reply to message from Clive Harris <[EMAIL PROTECTED]> on Mon, 08 Sep 2003 11:14:20 +1000 > I found Audacity very good (www.audacity.sourceforge.net). I haven't > tried in on RH9, but it works fine on RH8. I found the latest revision > (1.1.1) was a bit unreliable, but revision 1.0.0 worked fine for me. > > > I am looking for a good easy WAV editor. I have RH9 and I am having > problems with > > some packages I found, since RH9 has newer stuff that is not recognized. > > Any suggestions? Another one you may want to give a run is mhwaveedit (ya...crappy name): http://freshmeat.net/projects/mhwaveedit/?topic_id=120 It uses sox for the backend but does most things well. Just make sure you save frequently if you do large edits. Very simple layout, though. jb -- Jack Bowling Prince George, BC mailto:[EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: realtek 8139 mystery
** Reply to message from [EMAIL PROTECTED] on Mon, 11 Aug 2003 09:10:59 +0100 > Good morning all, > > The mystery still wonders around in my laptop. I posted a few weeks back > with a problem on a realtek 8139 netword card. > > Well here are the results of mii-diag --watch (this app watches the link) > > [EMAIL PROTECTED] root]# ./mii-diag --watch > Using the default interface 'eth0'. > Basic registers of MII PHY #32: 780d 01e1 . > Basic mode control register 0x: Auto-negotiation disabled, with > Speed fixed at 10 mbps, half-duplex. > You have link beat, and everything is working OK. > Link partner information is not exchanged when in fixed speed mode. >End of basic transceiver information. > > Monitoring the MII transceiver status. > 09:32:54.698 Baseline value of MII BMSR (basic mode status register) is > 780d. > 09:32:58.829 MII BMSR now 7809: no link, NWay busy, No Jabber (). > 09:33:01.169 MII BMSR now 780d: Good link, NWay busy, No Jabber (). > 09:33:04.699 MII BMSR now 7809: no link, NWay busy, No Jabber (). > 09:33:06.829 MII BMSR now 780d: Good link, NWay busy, No Jabber (). > 09:34:12.959 MII BMSR now 7809: no link, NWay busy, No Jabber (). > 09:34:17.689 MII BMSR now 780d: Good link, NWay busy, No Jabber (). > 09:34:19.419 MII BMSR now 7809: no link, NWay busy, No Jabber (). > 09:34:21.549 MII BMSR now 780d: Good link, NWay busy, No Jabber (). > 09:34:22.479 MII BMSR now 7809: no link, NWay busy, No Jabber (). > 09:34:24.789 MII BMSR now 780d: Good link, NWay busy, No Jabber (). > 09:34:25.029 MII BMSR now 7809: no link, NWay busy, No Jabber (). > 09:34:27.359 MII BMSR now 780d: Good link, NWay busy, No Jabber (). > > > > So as you can see when it says no link - I pulled the cable, when its says > Good link the cable was plugged in. > > In previous posts we established that module is loading ok. > > I can rmmod 8139too > insmod 8139too > ifconfig eth0 up > > > cool assigns a fixed IP and then bam ... no transmission > > Anyone got any ideas, before I use this laptop as a javalin..? Sure. Try the following: /usr/sbin/ethtool -s eth0 duplex full autoneg on and see what happens. jb -- Jack Bowling Prince George, BC mailto:[EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Can't play video DVD
** Reply to message from "M. Parcheur" <[EMAIL PROTECTED]> on Mon, 11 Aug 2003 17:01:58 +1100 > Edward Dekkers wrote: > > >>In fact with Ogle I get nothing, but with Xine I get the fist images and it > >>crashes. With mplayer it doesn't crash, but images are a mosaic of small squares > >>and if visible it 's really ugly. > > > > > DMA is set and and the processor is PIV 1.8GHz; nevertheless with mplayer I get the > message: "too many video packets in the buffer (4096 in 8289897 bytes) !! > I don't know much about drivers, I'll look over this matter. > > Thanks and regards. Try doing the following: echo 1024 > /proc/sys/dev/rtc/max-user-freq If that makes mplayer happy, add the line to your /etc/rc.d/rc.local jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: GRUB failure
On Mon, Aug 04, 2003 at 12:33:26PM -0600, Ashley M. Kirchner wrote: > Otto Haliburton wrote: > > >I have a dual boot system with HDA containing XP PRO and RH9 on HDB GRUB > >is the boot loader and it is written to the MBR or HDA along with the XP > >boot loader. I just removed HDB and guess what I got a black screen > >with GRUB in the left hand corner. > > > > >Welcome to my world. At that point in the game, I doubt it even > knows about hdb, to even go find the config file. It read the MBR, and > ... fell off the planet. Hi, Ashley. Sorry to butt my head in so late. When you yanked the 2nd drive, did you go into the BIOS and tell it that it no longer exists? -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Basic Dumb Logging Question
** Reply to message from Leonard Miller <[EMAIL PROTECTED]> on Thu, 31 Jul 2003 08:13:39 -0500 > tail -f /var/log/httpd/access_log > tail -f /var/log/httpd/error_log > > >>> [EMAIL PROTECTED] 07/31/03 09:11AM >>> > Suppose, for testing purposes, that I want to display my httpd access > and error logs, on the screen, updating in real time. Is there a way to > do this? Go to http://freshmeat.net and do a search for multitail jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: rpm question
** Reply to message from Barry Johnson <[EMAIL PROTECTED]> on Thu, 31 Jul 2003 08:18:35 -0400 > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of RedHat Mailing List > Sent: Wednesday, July 30, 2003 11:40 PM > To: [EMAIL PROTECTED] > Subject: rpm question > > > RedHat 9, fresh install. > > rpm -i perl-CGI-2.81-88.i386.rpm > > Entered the command and nothing happened for 10 minutes and it seemed my > session had locked up, so I disconnected and reconnected. The process > was orphaned, so I killed it. > > Now, just running rpm -qa doesn't seem to work. I entered the command > 10 minutes ago and it's still sitting there with no apparent activity. > > Any ideas on how to fix the problem? > > Thanks, > > -Ed > I have run into similar weird problems with rpm, sometimes just > rebuilding the rpm database fixed my problems. Rpm --rebuilddb as root > > Barry Johnson > Try doing this first (as root): rm -f /var/lib/rpm/__db* then if that doesn't work try: rpm --rebuilddb -- jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Shell Scripts for automating Telnet sessions
On Wed, Jul 30, 2003 at 11:10:18AM -0500, Ed Wilts wrote: > On Wed, 2003-07-30 at 02:48, anil garrepally wrote: > > Can anyone tell me how to write a Bash script, that will do > > telnet login to one machine and do some activity on that logged > > machine. > > > > I was informed that .telnetrc file will help,if so what is the > > entry i should add in to that file. > > > > where can i found Any kind of information related to scripting for > > Networking activities.Any help would be appreciated. > > My suggestion would be to use ckermit. It's included with Red Hat Linux > and is an extremely powerful scripting language. > > Alternatively, copy the script over to the other machine and then use an > ssh or rsh commmand line to execute it. i.e. > $ scp foo system: > $ ssh system ./foo > The later example would only work if the script doesn't require any > input of course. ckermit is the ticket. It also has hooks for ssh. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: IPTables and Natting question
On Sun, Jul 27, 2003 at 12:52:32AM -0400, [EMAIL PROTECTED] wrote: > > Hey all, > > I have a question regarding iptables and natting. What I'm trying to do is > setup a iptables firewall to protect my LAN and Servers. > The ketch is that I'm using my Cisco Router to do the Natting.. So what I'm > trying to do bascially is just route across the 2 nics in the > Redhat 9 box and use the iptabes to allow/deny stuff from getting across. [snip] There is lots of reference material out there for netfilter/iptables. Start your reference search at http://www.netfilter.org What you will be doing is part of what is termed "defence in depth" and is a recommended course of action. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Mutt alias file to Squirrelmail address book?
** Reply to message from Jason Dixon <[EMAIL PROTECTED]> on Sat, 26 Jul 2003 10:48:30 -0400 > On Sat, 2003-07-26 at 10:38, Ed Wilts wrote: > > > Red Hat Linux includes both mutt and Squirrelmail, so this posting was > > definitely not off-topic. > > Red Hat Linux also contains Perl and Sendmail, but it would not be > considered appropriate to ask for assistance writing a spam harvester > using both of these applications. In your case, the right place to pose > your question would have been a Squirrelmail forum or mailing list. > Nevertheless, I'm glad it worked for you. It's a beautiful day here and I'm just about to head for the beach. But before I do, I would just like to let Jason know that if he doesn't want to read some of the posts here, USE THE FREAKING DELETE KEY. Just like I did on your whiney little post. See y'all later. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Simple Query
** Reply to message from Logan Linux <[EMAIL PROTECTED]> on Fri, 25 Jul 2003 11:46:13 +1000 > Hi all, > > Being a noob most of my time is taken up "hacking" commands that Ive pieced > together from what Ive been gathering from the usual sources. > > Something I dont understand (forgive me) is the locate and find commands. > > Basically I want to > dir nessus* /s > ie. find all files and folders containing nessus and searching in all sub > directories. > > I thought locate was doing that by default but I jynxed it today. > Please help! Locate will only find a file if three things have occurred: 1) The package was installed on your system. 2) The package was installed via rpm. 2) The updatedb process has run before you did the locate command. So you can check if it is there by doing "rpm -qa | grep nessus" and if you get some hits, then try "locate nessus" again. If you don't get any hits, double check that you have an updated package database by running "locate -u" then try it again. If you know that nessus has been installed and the previous does not work, then it was likely installed via a tarball rather than an rpm. Note that nessus is no longer installed by default by RH. I do not have it on my RH8 nor my RH9 box. jb -- Jack Bowling Prince George, BC mailto:[EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: buggy gtk theme
** Reply to message from "Kim, Hidong" <[EMAIL PROTECTED]> on Sat, 05 Jul 2003 21:43:27 -0700 > Thanks, > > Do you have to be in a particular shell to execute these commands? I'm working in > bash. When I issued the unicode_stop command, VueScan launched, with the same > messed up labels. I shut down VueScan. When I issued the unicode_start command, my > whole system locked up. I couldn't issue any keyboard commands. I >just got a beep > every time I hit a key. Thanks, Argh! Not sure what happened there. Try entering this in a terminal: #!/bin/bash env LANG=C /path_to_vuescan/vuescan and save it as vuescan2. Then use vuescan2 to launch vuescan. Should work. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: buggy gtk theme
** Reply to message from Hidong Kim <[EMAIL PROTECTED]> on Sat, 05 Jul 2003 14:20:21 -0700 > Hi, > > I'm having a problem with a scanner application called VueScan. I've > been using it for a couple of years on Red Hat exclusively, and I use > the XFce window manager. I just reinstalled Red Hat 9 on my computer. > Now when I try to run VueScan, the buttons on the VueScan interface > aren't properly labelled. Instead of normal letters, the buttons are > labelled with strings of squares. I tried running it on the default Red > Hat Bluecurve window manager. I got the same results on the VueScan > interface. In the X terminal from where I launched VueScan, I got an > error message saying that the widgets were disabled due to a buggy gtk > theme. How can I get the proper labels back on VueScan? Thanks, I'd bet my bottom dollar this is a unicode problem since I doubt Vuescan is unicode enabled. Try the following from the X window: unicode_stop ; path_to_vuescan substituting the proper path for vuescan. You might have to run this as root. Then run the unicode_start macro after shutting down Vuescan. I have Vuescan also and it is very good at what it does. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: usb 2.0 or 1.1?
** Reply to message from Martin Marques <[EMAIL PROTECTED]> on Fri, 04 Jul 2003 09:21:00 -0300 > On Vie 04 Jul 2003 09:04, Cannon, Andrew wrote: > > USB 1.1 has a maximum data transfer rate of 12Mb per sec. > > USB 2.0 has a maximum data transfer rate of 480Mb per second. > > > > They are hardware ports on your pc. USB 2.0 is backwards compatible > > with USB1.1, but if your device needs USB 2.0, it probably won't work. > > > > Also, software is an issue. > > > > So it is hardware and software dependant. > > Would this mean I have a USB 1.0 compatible port on my Linux Box? > > # cat /proc/bus/usb/devices > T: Bus=02 Lev=00 Prnt=00 Port=00 Cnt=00 Dev#= 1 Spd=12 MxCh= 2 > B: Alloc= 0/900 us ( 0%), #Int= 0, #Iso= 0 > D: Ver= 1.00 Cls=09(hub ) Sub=00 Prot=00 MxPS= 8 #Cfgs= 1 > P: Vendor= ProdID= Rev= 0.00 > S: Product=USB UHCI Root Hub > S: SerialNumber=cc00 > C:* #Ifs= 1 Cfg#= 1 Atr=40 MxPwr= 0mA > I: If#= 0 Alt= 0 #EPs= 1 Cls=09(hub ) Sub=00 Prot=00 Driver=hub > E: Ad=81(I) Atr=03(Int.) MxPS= 8 Ivl=255ms > T: Bus=01 Lev=00 Prnt=00 Port=00 Cnt=00 Dev#= 1 Spd=12 MxCh= 2 > B: Alloc= 0/900 us ( 0%), #Int= 0, #Iso= 0 > D: Ver= 1.00 Cls=09(hub ) Sub=00 Prot=00 MxPS= 8 #Cfgs= 1 > P: Vendor= ProdID= Rev= 0.00 > S: Product=USB UHCI Root Hub > S: SerialNumber=d000 > C:* #Ifs= 1 Cfg#= 1 Atr=40 MxPwr= 0mA > I: If#= 0 Alt= 0 #EPs= 1 Cls=09(hub ) Sub=00 Prot=00 Driver=hub > E: Ad=81(I) Atr=03(Int.) MxPS= 8 Ivl=255ms That is USB 1.1 which uses the uhci driver. USB 2 uses the ehci driver. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: PCI USB Card Causing Problems
** Reply to message from Joseph A Nagy Jr <[EMAIL PROTECTED]> on Thu, 12 Jun 2003 17:01:13 -0500 > Jack Bowling wrote: > > ** Reply to message from Joseph A Nagy Jr > > <[EMAIL PROTECTED]> on Thu, 12 Jun 2003 14:25:47 -0500 > > > > > >> Although I no longer have the device in question (got pissed and > >> gave it to my future bro-in-law), I have some questions that I'd > >> like answered before I blow another $20-$40 on a USB PCI card. > >> (((big snip))) > > > > > > FWIW, I have an off-the-shelf USB 2.0 PCI card that works flawlessly > > in RH8. You need to have the ehci-hcd module loaded for USB 2.0 to > > work. And for those who say that PCs only come with 2 USB > > portsmine came with 4 builtin with another add-on adapter for > > four more! > > > > jb > > > > > > Okay, fine. But why did I get that error message about mounting > /proc/partitions and lose use of my keyboard?! > My guess would be that it has to do with the ordering of USB probing during the init on boot. You could try to add the following two lines to your /etc/rc.local to see what happens: /sbin/modprobe usb-uhci /sbin/modprobe ehci-hcd jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: PCI USB Card Causing Problems
** Reply to message from Joseph A Nagy Jr <[EMAIL PROTECTED]> on Thu, 12 Jun 2003 14:25:47 -0500 > Although I no longer have the device in question (got pissed and gave it > to my future bro-in-law), I have some questions that I'd like answered > before I blow another $20-$40 on a USB PCI card. (((big snip))) FWIW, I have an off-the-shelf USB 2.0 PCI card that works flawlessly in RH8. You need to have the ehci-hcd module loaded for USB 2.0 to work. And for those who say that PCs only come with 2 USB portsmine came with 4 builtin with another add-on adapter for four more! jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Quota Question
** Reply to message from Ben Russo <[EMAIL PROTECTED]> on Wed, 11 Jun 2003 19:10:23 -0400 > Phil Savoie wrote: > > >Nevermind... I was up late and failed to read the screen in front of me > >regarding inodes. Being blond, I had a moment. Thankyou anyway > > > > > > > WAIT A MINUTE, I have blonde hair, too (some of it anyway) and I have > always maintained > that the blonde syndrome only affects females!!!:-P Well, I'm a dirty blonde in winter and a sun-bleached blonde in summer. Do phototropic people succumb as well? Oh shit.. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: FutureDomain SCSI controller & RH 9
** Reply to message from [EMAIL PROTECTED] (David L. Dewey) on Sat, 05 Apr 2003 19:12:34 -0500 > I have an old old old FutureDomain SCSI controller, with the > TMC-18C50 chip set. Apparently this card doesn't have a > bios, but it worked great under RedHat 6.2 and 7.1 with the > stock fdomain.o driver. > > I just put it into a newer machine running RH 9, and I can't > get the thing to work. On boot, this is what I get: > > Apr 3 23:14:19 kernel: scsi0: BIOS version 0.0 at > 0x0 using scsi id 6 > Apr 3 23:14:19 kernel: scsi0: TMC-18C50 chip at > 0x160 irq > Apr 3 23:14:19 kernel: scsi: Card Detected, but > driver not loaded (no IRQ) > Apr 3 23:14:19 kernel: Trying to free nonexistent resource > <0160-016f> > Apr 3 23:14:19 kernel: scsi : 0 hosts left. > > Any ideas to try? Trying to feed it an IRQ with insmod > using the following dies also: > > insmod fdomain = 0x160,11,6 > Using /lib/modules/2.4.20-8/kernel/drivers/scsi/fdomain.o > Warning: ignoring =, no such parameter in this module > /lib/modules/2.4.20-8/kernel/drivers/scsi/fdomain.o: > init_module: No such device > Hint: insmod errors can be caused by incorrect module > parameters, including invalid IO or IRQ parameters. > You may find more information in syslog or the output > from dmesg > > All that's in syslog is the first error above. Any ideas? > This is only to drive a tape drive on my home network, so > I'd hate to spend money on a new scsi card. Sorry to say, but I have an old fdomain card in the box I loaded up with RH 9 the other day. All works as expected. This was a fresh install. I'll check the chipset version when I get back to work Monday. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: unknown FTP connections
** Reply to message from Dene Ulmschneider <[EMAIL PROTECTED]> on Sat, 05 Apr 2003 12:15:18 -0500 > Hey all- > > I recently installed RHL 9 onto a old box I had just to verify the media > and take a practice run on the install. So now I have a second RH system on > my network. The first one is RHL7.3 and is running all of my production > services. > > I have noticed that since the RH9 system was installed and running that I > am seeing FTP connection in my logs. > Throughout the day yesterday, the RH9 system made 136 FTP connections to my > RHL 7.3 system and I have no idea why. I did not setup anything that would > do this. > > I have never had two Linux systems running at the same time on my network. > Does anyone know if by default Linux will see Linux and try to FTP for some > type of file sharing, backup, or whatever? Any connection made by one machine to another without the express knowledge of the owner of the box is questionable, IMHO. You would have to check what services are running on the machine by doing: /sbin/service --status-all and checking to see if something got enabled that should not have. RH still has a long way to go in better tailoring the startup services in Anaconda. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: hack in progress from babble-on.systems.:ircd
On Sat, Apr 05, 2003 at 05:18:32PM +0100, gregory mott wrote: > well la ti da, i've joined the esteemed company of those who have been > hacked. My condolences. Before you wipe the drive and restore from backups , download chkrootkit-0.40 from www.chkrootkit.org to see if its forensics can pick out how you were rooted. Useful to know for the chkrootkit authors. Now you'll have to ask yourself if playing around with DCC on IRC is really worth it. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: I want my ipchains back
On Wed, Apr 02, 2003 at 05:50:45AM -0800, Mingle, Michael wrote: > I have noticed in Redhat 8 that ipchains is not longer available. This is a > problem for me because i have some elaborate scripts that I wrote about a > year ago that use ipchains exclusively. I have heard that the stateful > environment provided by iptables and netfilter are better; however, I would > like to gradually move into that sort of configuration. Is there a way to > make ipchains work again in Red Hat 8? Note that the kernel 2.4 series only has an ipchains compatability module which does not have the full functionality of the kernel 2.2 ipchains. If you have elaborate scripts that have been working on kernel 2.2 then it behooves you to test their functionality on kernel 2.4 before implementation. However, I echo the others' advice that moving your scripts to iptables is the best course of action. Netfilter/iptables is simply superior technology. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: rsync, leave files compressed?
On Mon, Mar 31, 2003 at 04:07:53PM +0100, gregory mott wrote: > by the way, why is redhat dropping bzip2? Huh? RH uses bz2 by default for its uploads internally, I believe. This sounds like misinformation. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
new sendmail vulnerability
In case somebody has not seen it yet: http://lwn.net/Articles/27217/ Red Hat is working on a fix. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: vsftpd
** Reply to message from KC <[EMAIL PROTECTED]> on Fri, 28 Mar 2003 21:51:05 -0700 > I have vsftpd configured, but i can't figure out how to start it "must be started > through xinted" > I can't find any documentation on how to do so..how do I do this? > > Thanks in advance Aha!! Skill testing question. But I know the answer to this one. There are two ways: 1) If you want vsftpd to start with every bootup, do (as root): /sbin/chkconfig vsftpd on I found out today that turning it on in chkconfig automatically turns it on in xinetd. 2) Then once you have done this, you restart xinetd by doing: /sbin/service xinetd reload This reloads all the services started by xinetd and should start up vsftpd. I take it that the wireless card worked with the new kernel? jb -- Jack Bowling Prince George, BC mailto:[EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: How to shut down X without shutting down the computer?
** Reply to message from "Richard S. Crawford" <[EMAIL PROTECTED]> on Fri, 28 Mar 2003 10:07:13 -0800 > Forgive an amateur... > > When I'm at home, I work exclusively on my RH8.0 box, and I like to have > X running so I can run applications like Evolution, Mozilla, and so on. > > When I'm on the road (which I am far too often for my job), I use a > Windows XP laptop, and I log into my desktop computer remotely with SSH, > and use Squirrelmail to check my personal e-mail. I gave up on remotely using X for mail reading a long time ago. Learn to use ssh and then use fetchmail->procmail->mutt and you will be much happier as well as amazed at the speed gain you will obtain. I still like eye-candy when I am at home :)) jb -- Jack Bowling Prince George, BC mailto:[EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Log Viewers
** Reply to message from "Burke, Thomas G." <[EMAIL PROTECTED]> on Fri, 28 Mar 2003 08:35:27 -0800 > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Isn't a log viewer a voyeuristic beaver? > > Sorry, I couldn't resist... ROFL jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: what's the function of the /lib/modules/???/build symlink?
** Reply to message from Michael Fratoni <[EMAIL PROTECTED]> on Thu, 27 Mar 2003 18:58:14 -0500 > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Thursday 27 March 2003 03:05 am, Jack Bowling wrote: > > ** Reply to message from Michael Fratoni > > on Wed, 26 Mar 2003 23:08:22 -0500 > > > > On Wednesday 26 March 2003 04:14 pm, Robert P. J. Day wrote: > [...] > > > > so, before i spend a lot of time on this, what is the function > > > > of that symlink, and could having it point at a non-existent > > > > kernel source directory be causing the rebuild of my NVIDIA > > > > kernel src rpm to blow up with dozens of parse errors from > > > > include files? > [...] > > > > (not having the kernel source directory for the current running > > > > kernel doesn't affect anything else -- system runs fine otherwise.) > > > > > > But building kernel modules will fail, as modules require the headers > > > from the kernel tree, not the headers installed in > > > /usr/include/linux/, (which are the headers glibc was compiled with, > > > and are provided by the glibc-kernheaders package). Any kernel module > > > that tries to include system headers should generate warning messages > > > similar to: > > > #warning Using kernel header in userland! > > > #warning Using kernel headers in userspace. > > > > > > In the case above, if /lib/modules/`uname -r`/build is a broken link, > > > the build will fail with the above warnings followed by many parse > > > errors. > > > > > > So, the short version is reinstall the kernel-source package if you > > > want to build kernel modules. > > > > And most drivers will not be able to build until you do a "make > > oldconfig" and "make dep" in the kernel source tree. > > I used to think so as well. And I'm sure I had to do both in the past at > some point. However on the Pheobe list, this was disputed by > Arjan van de Ven. > (https://listman.redhat.com/pipermail/phoebe-list/2003-January/000762.html) > > I'll quote the relevent parts of the mail message: > Begin quote: > > > make oldconfig > > make dep > > > > ** THEN you can compile stuff against that kenel (like spca-50x driver > > or wlan-ng drivers, vmware, etc etc.. but I have had better luck just > > modifying the config file and using the built in wireless drivers :) > > (peruse the psyche-list for examples) > > (To which Arjan replied:) > > I'm sorry to say it but you're full of shit here ;) > All you just achieved is that you've blown away the proper kernel symbol > version setup you need to compile against the kernel. > > 1) The *ONLY* place the kernel headers of the current kernel live is > /lib/modules/`uname -r`/build/include > not /usr/include/linux, not /usr/include/linux-2.4 not anything else > this is per Linus' decree fwiw Interesting. Take a look at this: /usr/lib/modules/2.4.18-14]$ ll total 336 lrwxrwxrwx1 root root 32 Feb 16 23:42 build -> ../../../usr/src/linux-2.4.18-14 drwxr-xr-x9 root root 4096 Feb 16 23:42 kernel -rw-r--r--1 root root94610 Feb 17 01:10 modules.dep -rw-r--r--1 root root 31 Feb 17 01:10 modules.generic_string -rw-r--r--1 root root 147 Feb 17 01:10 modules.ieee1394map -rw-r--r--1 root root 8257 Feb 17 01:10 modules.isapnpmap -rw-r--r--1 root root 29 Feb 17 01:10 modules.parportmap -rw-r--r--1 root root94767 Feb 17 01:10 modules.pcimap -rw-r--r-- 1 root root 24 Feb 17 01:10 modules.pnpbiosmap -rw-r--r--1 root root95129 Feb 17 01:10 modules.usbmap drwxr-xr-x2 root root 4096 Feb 16 23:42 pcmcia > > 2) You do NOT need all these steps; the headers RHL ships by default > Just Work(tm) and will generate a module for the currently running > kernel. The key being "that RHL ships". Lots of people roll their own kernels on RH boxes. jb -- Jack Bowlingmailto:[EMAIL PROTECTED] Prince George, BC -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: dmesg
** Reply to message from Mark Hutchinson <[EMAIL PROTECTED]> on Thu, 27 Mar 2003 14:36:59 -0700 > To get memory do this: > > cat /proc/meminfo > > dmesg reads the kernel log buffer > > Mark > > Quoting Jianping Zhu <[EMAIL PROTECTED]>: > > > I want to use dmesg to check how much memory is on my redhat 7.3 machine. > > i user > > dmesg | more > > but get > > > > cdrom: This disc doesn't have any tracks I recognize! > > cdrom: This disc doesn't have any tracks I recognize! > > cdrom: This disc doesn't have any tracks I recognize! > > --- > > --- > > cdrom: This disc doesn't have any tracks I recognize! > > cdrom: This disc doesn't have any tracks I recognize! The best way to get rid of these annoying messages is to do: rpm -e magicdev jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Linux vs Windows
** Reply to message from David Busby <[EMAIL PROTECTED]> on Thu, 27 Mar 2003 13:17:50 -0800 > Word to business sense > Cheers to Linux stability: > 2:17pm up 189 days, 14:42, 1 user, load average: 0.31, 0.23, 0.21 > Jeers to Windows reboots for almost every "Windows Update" > Today's 331953 Security Update made me reboot a server :( That must be a busy server or a RAM starved one with a loadavg of 0.31. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: what's the function of the /lib/modules/???/build symlink?
** Reply to message from Michael Fratoni <[EMAIL PROTECTED]> on Wed, 26 Mar 2003 23:08:22 -0500 > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Wednesday 26 March 2003 04:14 pm, Robert P. J. Day wrote: > > in a fit of poor judgment, i tried to test the new 2.5.66 kernel > > on my RH 8.0 box, and not only did it explode in glorious ways, > > it made a mess of my nvidia setup. > > > > in recovering to an older, working kernel, i now find i can't > > rebuild the NVIDIA kernel src rpms (loads of parse errors from > > /usr/include files). > > > > i'm not sure why i'm getting compile-time errors when i've > > never had them before, but i accidentally removed the kernel > > source directory for the current good kernel, which means that > > the sym link "/lib/modules/???/build" is now pointing at a > > non-existent kernel source directory under /usr/src (yes, i > > was eventually going to get around to that). > > > > so, before i spend a lot of time on this, what is the function > > of that symlink, and could having it point at a non-existent > > kernel source directory be causing the rebuild of my NVIDIA > > kernel src rpm to blow up with dozens of parse errors from > > include files? > > (most?) Modules that require the headers for the running kernel point to > /lib/modules/`uname -r`/build. I don't have Nvidia's drivers installed but > I've seen others that do something like: > > LINUX=/lib/modules/`uname -r`/build > CFLAGS=-DMODULE -D__KERNEL__ -DDBG=0 -Wall -Wstrict-prototypes -O6 > - -I$(LINUX)/include > > > (not having the kernel source directory for the current running > > kernel doesn't affect anything else -- system runs fine otherwise.) > > But building kernel modules will fail, as modules require the headers from > the kernel tree, not the headers installed in /usr/include/linux/, (which > are the headers glibc was compiled with, and are provided by the > glibc-kernheaders package). Any kernel module that tries to include > system headers should generate warning messages similar to: > #warning Using kernel header in userland! > #warning Using kernel headers in userspace. > > In the case above, if /lib/modules/`uname -r`/build is a broken link, the > build will fail with the above warnings followed by many parse errors. > > So, the short version is reinstall the kernel-source package if you want > to build kernel modules. And most drivers will not be able to build until you do a "make oldconfig" and "make dep" in the kernel source tree. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: RedHat 8.0 on Via (Cyrix) C3 1GHz - very slow
** Reply to message from Runar Bell <[EMAIL PROTECTED]> on Wed, 26 Mar 2003 16:49:06 +0100 (CET) > Hi! > > Just to clarify things: > I am running an AGP card, and the computer is extremely slow doing > everything, not just X. This includes SCP, SSH, cp, JSP-compiling > (Tomcat), etc. > > I've never experienced a computer being slower than this. When I was > running on a Celeron 300a (and Nvidia TNT (also AGP)) the entire computer > was MUCH faster. Even though I only had half the RAM (128MB) and was > running the same HD's... > > > Best regards, > Runar Bell > > PS I have checked the BIOS on the motherboard and verified that the system > bus and multiplier are correct. (System bus = auto = (133MHz) and > multiplier = 7,5) First thing to do is run top and see if you have a runaway process hog. Will be slow if something is sucking up most of the CPU. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: beta install change not good?
** Reply to message from Bill Anderson <[EMAIL PROTECTED]> on Tue, 25 Mar 2003 01:13:40 -0700 > On Mon, 2003-03-24 at 19:50, Jack Bowling wrote: > > ** Reply to message from Bill Anderson <[EMAIL PROTECTED]> on Mon, 24 Mar 2003 > > 19:27:20 -0700 > > > > > > > That said, RH is already beginning to differentiate between Enterprise > > > and non-enterprise. Since the "personal" is the base for sales (as in: > > > the "smallest" one), that would be a good start, IMO. Personally, I > > > install much more like a cross between server/workstation as personal, > > > but that's me. > > > > And this would be a mistaken assumption. They plan on making their money on the > > Enterprise version, not the desktop version. > > > > How is what you said different? I said perosna was the base, the > smallest one. You said they make their money elsewhere. I do not see the > two as mutually exclusive. Indeed, it was not an assumption. Sorry, Bill, I thought you meant base as in "base for their money-making proposition", not base as in core set. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: beta install change not good?
** Reply to message from Bill Anderson <[EMAIL PROTECTED]> on Mon, 24 Mar 2003 19:27:20 -0700 > That said, RH is already beginning to differentiate between Enterprise > and non-enterprise. Since the "personal" is the base for sales (as in: > the "smallest" one), that would be a good start, IMO. Personally, I > install much more like a cross between server/workstation as personal, > but that's me. And this would be a mistaken assumption. They plan on making their money on the Enterprise version, not the desktop version. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: IPTABLES Routing
** Reply to message from Ralph Guzman <[EMAIL PROTECTED]> on Sat, 22 Mar 2003 17:51:42 -0800 > Larry, > > I corrected the typo, but I still get this error: > > iptables v1.2.6a: Unknown arg `--to' > Try `iptables -h' or 'iptables --help' for more information. $IPTABLES -A PREROUTING -t nat -p TCP -d --dport \ 2000 -j dnat --to 10.200.200.10:23 Ralph - I suggest you take some time to study the iptables syntax. Note that you need the line continuation backslash at the end of the first line if you cannot fit it all on one line. Here is a link to some tutorials: http://www.netfilter.org/documentation/index.html#tutorials jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Ext3fs/ReiserFS Performance Enhancing
** Reply to message from Me <[EMAIL PROTECTED]> on Sat, 22 Mar 2003 14:25:55 -0500 (EST) > Okay, I just did my write tests. You may be a bit supprised at my > results. I know I was. :/ > > Upgraded to samba 2.2.8 custom build > Used speedtest.tar.bz2. Changed to socket options = TCP_NODELAY > SO_RCVBUF=32768 SO_SNDBUF=32768 > 3/21/03 /dev/hdcnyonker 1972.375287 412.34 6.87 > > Used speedtest.tar.bz2. Changed to socket options = TCP_NODELAY > SO_RCVBUF=32768 SO_SNDBUF=32768 > 3/22/03 nyonker /dev/hdc1972.375272 435.08 7.25 > > Used speedtest directory. Changed to socket options = TCP_NODELAY > SO_RCVBUF=32768 SO_SNDBUF=32768 > 3/22/03 /dev/hdcnyonker 2,026 290 419.13 6.99 > > Used speedtest directory. Changed to socket options = TCP_NODELAY > SO_RCVBUF=32768 SO_SNDBUF=32768 > 3/22/03 nyonker /dev/hdc2,026 294 413.42 6.89 > > The speedtest directory has 416 files in 29 directories. > > According to these results, I'm getting the same performance on reads AND > writes. Combine this with the data I got from upgrading my CPU and > switching to 2.2.8 leaves me with only one conclusion: > > I am getting the maximum speed I can over a 100Mb network (switched)... > That means SMB incurs an almost 30% performance hit as compared to FTP. > The only real way for me to make sure though is to go to gigabit. It's > not that important to me right now. There is a nice discussion on the latest lwn.net about ext2/ext3 (subscriber only). Apparently Alex Tomas recently killed a locking problem in ext2 which sped up throughput for one user from 62 to 104 MB/s! This change will likely be accepted for the 2.5 series. As for ext3, you really are trading off scalability and performance for journalling. Ext3 is still a heavy user of the Big Kernel Lock and does not scale well as a result. Hopefully changes in ext2 will force corresponding changes in ext3 as ext3 gains prominence as the "default" linux fs. jb -- Jack Bowlingmailto:[EMAIL PROTECTED] Prince George, BC -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: RPM 4.1 Segfault
On Tue, Mar 18, 2003 at 01:32:38PM -0800, Jim Wilferling wrote: > > OOps, I spoke too soon. while plain rpm worked, synaptic still caused RPM to > segfault "error:sub-process /bin/rpm returned a segmentation fault" >Any help? Probably a stale lock in the apt tree. Do: rm /var/apt/cache/archives/*lock* -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Is RH8 Ever Going to be Updated?
On Mon, Mar 17, 2003 at 10:54:00AM -0600, Ed Wilts wrote: > Remember that Red Hat is more of a distributor and packager than > developer. The sooner you understand the roles of Red Hat, SuSe, > Caldera, etc. in the open source community, the more intelligent > decisions you can make. Currently, you seem to be under the impression > that Red Hat is taking responsibility for every bug in every package, > and that simply is not going anytime soon, especially at the price most > people pay. Ed, you are bound to get some developer hate mail over this one. Linux is linux - a global development effort. To say that RH is more of a packager than a developer outfit is a smack in the face of all the RH developers who code for RH and donate that code back to the commons. Which is about 100% of it as far as I can see. I know what you are trying to say, but I think the message came out a bit twisted. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: OT : light years, arrrrggggh
On Mon, Mar 17, 2003 at 07:14:06PM +, Jack Byers wrote: > great example! > my trouble with this type of stuff is I can never tell > when the the author is unconscious > or just (mis)using the language to make a joke > or worse misusing bc they know most people dont know > how to read carefully enough to make the distinction, > so they put in hotsounding garbage. Jeez. And I thought I was anal.... -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: program to monitor directory changes (new files) and send e-mail
On Mon, Mar 17, 2003 at 08:35:57AM -0500, Douglas, Stuart wrote: > Yikes...it's the topic that won't go away... :) > > Everything is working, just a little too well. Take a look at the script below...no > matter how I structure the two snapshot ls files that are compared, they are ALWAYS > deemed different and so always result in an e-mail notification being sent. I've > tried it both with/without the --full-time option, and also with/without the pipe to > the md5sum function. > > Many have suggested using FAM instead, if I don't get this working I may just punt > and go that route (resulting in a whole new round of questions for you all, of > course). > > Thanks everyone! > > Stuart > > > -Original Message- > From: Anthony E. Greene [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 13, 2003 12:30 PM > To: [EMAIL PROTECTED] > Subject: Re: program to monitor directory changes (new files) and send > e-mail > > > Douglas, Stuart wrote: > > Ah, important safety tip as that will be the case. > > > > Since I'm not comfortable implementing technology I don't fully > > understand, would you be so kind as to translate into English each line > > of your script? I think I get the basic drift of it..."take a snapshot > > of the contents of a directory, take another and compare the two, if > > their different send an e-mail, if their not, start all over again" or > > something like that. Getting warm? > > > That is exactly it. For the record, here is a commented version, as I > would have written it if I were implementing it on my own server: > > > #!/bin/sh > # > # Notify the admin if a directory's contents has changed. > # > > # The directory to monitor. > watchdir='/path/to/ftpdir' > > # Who gets notified of changes. This may be a > # comma-delimited list, but no spaces. > recipient='[EMAIL PROTECTED]' > > # The file that holds an md5sum of the directory > # listing, as of the last time it was changed. > sumfile='/path/to/sumfile' > > ## End of settings ## > > # Get the previous md5sum of the directory listing. > olddirsum=`cat $sumfile` > > # Get the current md5sum of the directory listing. Use the > # --full-time option to avoid errors based on ls changing the > # displayed date format based on the age of the file. > newdirsum=`ls --full-time $watchdir | md5sum` > > # Compare the previous md5sum to the current md5sum. > if [ "$newdirsum" != "$olddirsum" ]; then ># The directory listing changed. ># Send notification message. >ls $watchdir | mail -s "Updated dirlist: $watchdir" $recipient > ># Update the summmary file with the current md5sum. >echo "$newdirsum" > "$sumfile" > fi > Doug - Remove everything after the #Compare ... line in your script and replace it with the following. You need the if...then block. # Compare the previous md5sum to the current md5sum. if [ "$newdirsum" != "$olddirsum" ]; then # Get the process ID and scriptname and use them to # generate a tempfile name. This method is not guaranteed # unique, but it should be Good Enough. pid=$$ scriptname=$(basename $0) mailfile=/tmp/$scriptname.mailfile.$pid # Check each file in $watchdir to see if it was created or changed # since the last md5sum was generated. for file in $(ls $watchdir); do if [ $file -nt $sumfile ]; then ls --full-time $file >> $mailfile ## Now mail a notification message to the recipients list ## mail -s 'New voicemail message detected' $recipient < $mailfile ## then delete mailfile rm $mailfile fi done fi # Finally, update the summary file with # the current md5sum echo "$newdirsum" > "$sumfile" -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: problems with rh8
On Mon, Mar 17, 2003 at 11:39:19AM +0100, Michael Schwendt wrote: > > problem 2) securitylevel or gnome-lokkit does not seems to be working. after > > setting some rules in securitylevel, i click on it again then i got back the > > setting to high which i had change. why is it not saving anything i change? > > It *is* saving your changes, see /etc/sysconfig/iptables where you > can verify it. Upon restart it just starts with "high" as a default > because it does not recognize the current configuration. Rant time again. I cannot understand RH's recalcitrance in either: 1) modifying lokkit so that it also reads current rules; 2) coding another app to parse the iptables rules in more human readable form. Having a user assured of one part of their "security level" is necessary. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: program to monitor directory changes (new files) and send e-mail
** Reply to message from "Douglas, Stuart" <[EMAIL PROTECTED]> on Fri, 14 Mar 2003 13:34:47 -0500 > Tony (et al), > > Thanks...haven't tried your additional config yet, still working with the first > setup. I'm hitting a wall trying to get the mail to actually send. The md5sum is > working correctly (updating with changes), but I never get any e-mail. Ideas? Hi, Douglas. I got it working last night after some hints from Tony. Here is my working version: - begin script #!/bin/bash # # Notify the admin if a directory's contents has changed. # # The directory to monitor. watchdir='/var/spool/voice/incoming' #watchdir='/home/jb/Mail/incoming/jbinpg' #watchdir='/tmp' # Who gets notified of changes. This may be a # comma-delimited list, but no spaces. recipient='[EMAIL PROTECTED]' # The file that holds an md5sum of the directory # listing, as of the last time it was changed. sumfile='/home/jb/sumfile' ## End of settings ## ## Now we compare old sumfile of watchdir to new sumfile and if different ## ## overwrite old with new ## # Get the previous md5sum of the directory listing. #olddirsum=`cat $sumfile` olddirsum=$(cat $sumfile) # Get the current md5sum of the directory listing. Use the # --full-time option to avoid errors based on ls changing the # displayed date format based on the age of the file. #newdirsum=`ls --full-time $watchdir | md5sum` newdirsum=$(ls --full-time $watchdir | md5sum) # Compare the previous md5sum to the current md5sum. if [ "$newdirsum" != "$olddirsum" ]; then # Get the process ID and scriptname and use them to # generate a tempfile name. This method is not guaranteed # unique, but it should be Good Enough. pid=$$ scriptname=$(basename $0) mailfile=/tmp/$scriptname.mailfile.$pid # Check each file in $watchdir to see if it was created or changed # since the last md5sum was generated. for file in $(ls $watchdir); do if [ $file -nt $sumfile ]; then ls --full-time $file >> $mailfile ## Now mail a notification message to the recipients list ## mail -s 'New voicemail message detected' $recipient < $mailfile ## then delete mailfile rm $mailfile fi done fi # Finally, update the summary file with the current md5sum. echo "$newdirsum" > "$sumfile" -- end script -- I have it monitoring my dump directory for my voicemail app, VOCP (shameless plug: awesomely useful set of perl apps at http://www.vocpsystems.com). Naturally, it can be tailored to watch anything you want. If you are having trouble, I would suggest commenting out the "rm $mailfile" until you know it is being written. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: port scan
** Reply to message from Yujie Liang <[EMAIL PROTECTED]> on Wed, 12 Mar 2003 10:26:45 +1100 > Hi, > > How can I detect which ports are opened on my firewall? I remember there is a > command with "snmp" can do the job. > > Any idea? The only true way to do this is to get a friend that you trust to scan your box with a toold such as nmap. Doing it from the inside out almost always results in spurious open ports. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Firewall "ipchains-rule" questions
On Tue, Mar 11, 2003 at 09:08:05AM -0800, Gordon Messmer wrote: > [EMAIL PROTECTED] wrote: > > Hello to you, > > > > After the following "iptables-rules" on Linux Redhat 7.2 Server : > > I think your rules are out of order. You've got rules to drop > everything at the > beginning of the chain, so packets never make it far enough in to match > the "allow" rules. Re-order like this: > > > /etc/rc.d/rc.local : > ## Flush first > > iptables -F > ## Allow related packets > > iptables -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT > ## Allow traffic to service ports you want to provide > > iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT > > iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT > > iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT > ## *THEN* drop everything else > > iptables -A INPUT -i eth0 -m state --state NEW,INVALID -j DROP > If these boxes will not be running services open to the internet, then the NEW,INVALID state match should be the first line followed by the ESTABLISHED, RELATED. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: MySQL Gui
On Mon, Mar 10, 2003 at 01:16:55PM -0500, Mikkel L. Ellertson wrote: > On Mon, 10 Mar 2003, DuSTiN KRySaK wrote: > > > Can anyone recommend a MySQL Gui besides phpMyAdmin? I also tried the > > MySQLcc as well and it just locks up on connection to the SQL > > server > > > > > > Dustin > > > I have MySQLcc workign fine on a couple of 7.3 systems. Connecting to > both local and remote systems. I even have the Windows version running > on a Win98 system. Note that a Security fix cam out for MySQLcc yesterday. Just in case you didn't see it... -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Installing a custom kernel and ext3
On Mon, Mar 10, 2003 at 12:24:04PM -0500, Me wrote: > Ah! Perhaps it's the CONFIG_JBD=y. It works! Happy day!!! > > Thank you to everyone for your help. With that out of the way, do most of > you guys use loadable module support? I've avoided it because it seemed > like an unneeded security risk. What does everyone think? > Note that none other than Alan Cox is lobbying for only having loadable modules in the kernel and doing away with static builds. Who am I to argue with the Wizard? -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Sound Problems: can't find module sound-service
** Reply to message from Jim Wilferling <[EMAIL PROTECTED]> on Sun, 09 Mar 2003 18:47:33 -0800 >The symtoms include "can't find module-sound-slot 0" and "can't find > module-sound-service 0" upon shutdown.(when the system is trying to save > the mixer settings) Note that There's no indication of this error at > boot. When using redhat-config-soundcard, It detects the device and even > the driver just fine, but won't play the test sound. Xmms, with and yes > that is WITH thw XMMS mpg123 fix installed, just rapidly zings through > the playlist without a peep, just AS IF the mp3 support WASN'T > installed. I ran lsmod and both "sound" and "soundcore"seem to be shown, Do you have the necessary sound driver module anywhere on your system? First you must determine if it is built ready to be used, and then you have to modprobe it so that it can interact with the base sound and soundcore modules to produce sound. I have found that the redhat-config-soundcard does not pick up my SBLive but the old /sbin/sndconfig does. Go figure. I bet that the config for your card failed and you are only assuming that it succeeded. The module for your card should be the via82cxxx_audio.o so load it manually (as root): /sbin/modprobe via82cxxx_audio and see if your soundcard comes alive. If it does, then the redhat-config-sound had failed. Just for kicks, you may want to try running /sbin/sndconfig to see how it does. It should not work for an onboard sound controller but then stranger things have happened. You should add the following to your /etc/modules.conf: alias sound-slot-0 via82cxxx_audio post-install sound-slot-0 /bin/aumix-minimal -f /etc/.aumixrc -L >/dev/null 2>&1 || : pre-remove sound-slot-0 /bin/aumix-minimal -f /etc/.aumixrc -S >/dev/null 2>&1 || : Beware the linewrap on the above. The first line aliases your sound module to sound-slot-0 and the following two lines save and reload your mixer settings on a reboot. Give it a shot. jb jb jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: chkconfig
** Reply to message from Nicholas Marsh <[EMAIL PROTECTED]> on Sun, 09 Mar 2003 13:02:16 -0600 > Anyone know of good documentation for the chkconfig command? The man page is a > lacking, and a Google only came up with a few lame results. Nick - Pick any of the scripts in /etc/rc.d/init.d and study the comments at the beginning of the file. You can learn more from reading through these scripts than you will learn anywhere else. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: boot to compactflash
** Reply to message from Benjamin <[EMAIL PROTECTED]> on Sun, 09 Mar 2003 10:27:28 -0800 (PST) > Update. I returned the 256mb flash and the new one seems to work brilliantly. I was > forced to get another of the same simpletech brand by the store though. > I'm working on hacking down the kernel to fit the compactflash. Has anyone used RH8 > for this specific journey? > Benny > Benjamin <[EMAIL PROTECTED]> wrote: > I was instantly able to use a 32mb mem card (sandisk) where my 256mb (simpletech) > was not ever attached. > the 32mb upon insertion was placed to /dev/hde(1) immediatly. Easily mountable and > usable in RH8 on dell 7500 laptop. > Anyone else having issues with 256mb or higher flash type cards. Not with 256Mb cards. But I had a 128Mb CF card that would only allow reading from if I specifically gave it the following mount options: mount -t vfat -o noauto,nosuid,rw /dev/sdd1 /mnt/flash Without these options, I could not read from the card. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: traceroute
** Reply to message from CM Miller <[EMAIL PROTECTED]> on Sat, 08 Mar 2003 11:13:40 -0800 (PST) > Yes the computer is connected to a network, which is > mine, and I do have a linksys router/firewall, but I > can do tracert from my windows box ok, but not from > Linux. Apples and oranges. Most if not all Windows traceroute clients use icmp whereas most *nix traceroute clients use udp unless you tell it to use icmp. > > Even simple command like root > > traceroute olug.org > > still get > > 1 * * * > 2 * * * > 3 * * * > 4 * * * > 5 * * * > 6 * * * The reply is being filtered somewhere down the line, if not by your box then somewhere upstream. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: USB Device
** Reply to message from [EMAIL PROTECTED] on Tue, 04 Mar 2003 13:01:10 +0100 > I have a digital camera but I don't know how to mount it. I put the usb-cable in > >the computer but I can't enter in the camera(windows sees it as a hard drive). >I > want to dpwnload picture from it to the computer. Check out GPhoto. On my RH 8.0 box, it is listed under Graphics--> Digital Camera Tool. jb -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Strange Stutter
On Mon, Mar 03, 2003 at 05:11:39PM -0600, Tim Willis wrote: > Does anyone have any ideas about this? > > On Mon, 2003-03-03 at 09:02, Tim Willis wrote: > > Hello all, > > > > I left my machine on over the weekend this weekend to test something > > I've been having a problem with. Seems as though if I leave my machine > > idle for some time, and the screensaver comes on and locks the screen, > > then when I log back in, the machine *stutters.* What I mean is, it > > seems to be locking up every three or four seconds, for about a second > > and a half...this makes it hard to manipulate the mouse as you can > > imagine. > > > > While it's exhibiting this behavior, I check out sysmon, and nothing is > > out of the ordinary there...I've even been able to stop the xscreensaver > > process, but still, there's no change in behavior. I had thought that > > it might be the power management functionality, so I turned that off and > > left for a while. When I came back, everything was fine. So I thought > > "problem solved." A little demon (or daemon) voice in my head said "do > > a longer test," so I left it on over the weekend, without the PM stuff, > > and the same thing happenedany ideas? > > > > Running RH8 on a Dell OptiPlex GX400. I experienced some weirdness when I installed the Phoebe3 beta a while ago. There was a runaway process that pegged CPU usage near 100%. It finally died after a few days but until it did, the whole system was dog slow as could be expected. This is all a long-winded way to say that the best way to try to track it down is to run top and look for a hog. Sounds to me like xscreensaver - or some other app interacting with xscreensaver - is pegging things for a bit after resuming. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Screen Capture
On Mon, Mar 03, 2003 at 02:03:09PM -0600, Bret Hughes wrote: > On Mon, 2003-03-03 at 13:48, Jack Bowling wrote: > > > > On my RH 8 box, ALT-Printscreen captures the window and CTRL-Printscreen > > captures the whole desktop. Try it. > > > > can you tell what that key combination is mapped to? That sounds pretty > neat? KDE or gnome? RH8/Gnome, Bret. And as someone else posted, whole desktop is just Printscreen, not Ctrl-Printscreen. Of note, this functionality has apparently been scrubbed from the Phoebe betas. More is the pity. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Screen Capture
On Mon, Mar 03, 2003 at 12:37:36PM -0600, Mike Vanecek wrote: > On Mon, 03 Mar 2003 09:17:02 -0800, Gene Yoo wrote > > Tim Willis wrote: > > > What does anyone here use for screen capture in RH8? > > > > > i just use my print screen button and use gimp to open the > > image. > > > > The print screen button captures the entire screen. Does anything exist to > select a portion of the screen and capture it? > > I have not yet configured the gimp. When I start it for the first time as a > non-root user it wants to install a rather large directory tree. Does gimp do > this for all users? Does gimp use any shared folders after starting? On my RH 8 box, ALT-Printscreen captures the window and CTRL-Printscreen captures the whole desktop. Try it. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: iptables and ip masquerading
** Reply to message from "Thomas E. Dukes" <[EMAIL PROTECTED]> on Sat, 01 Mar 2003 11:00:49 -0500 > I was trying to setup my RH 8.0 box to act as a gateway. Currently, I'm > using Win XP Pro. I just want to switch things around. > > I got TKppoe working but am unable to reach the internet now from the XP > box. I didn't setup ip masquerading which is probably the problem. > > I was reading the IP Masquerade HOW-TO and got to the part about > rc.firewall. My question is: Do I run iptables and rc.firewall? Or > just rc.firewall? This should be an FAQ. First of all, firewall rules are held in kernel memory during any one session. How those rules get there is the crux of your question. There are two main ways to get those firewall rules into memory: - use the RH supplied lokkit - run your own script such as rc.firewall The RH lokkit sets up the rules then writes them to /etc/sysconfig/iptables using the iptables-save function of the core iptables code (called from their iptables wrapper script with the "service iptables save" command). When the iptables service is started on bootup, those rules are then read back from /etc/sysconfig/iptables using the iptables-restore command. This works although lokkit itself has more than a few problems. If you are using your own script such as rc.firewall, then the same method as described above may pertain, or the script just loads the rules up at initialization without reading them back from /etc/sysconfig/iptables. The key is you should not have both the RH iptables service and your own firewall script loading at the same time since they would stomp on each other and you would run the chance of a rule being either overwritten, deleted or inserted in the wrong order. So you must do: /sbin/chkconfig --level 2345 iptables off if you are running your own script such as rc.firewall. Then your own script can do all the rules loading, saving and restoring by itself. The key here is to only have one method of rules manipulation. Pick your poison and stick with it. jb P.S. - My main beef with lokkit is that the user learns nothing from using it due to its obfuscated interface. Many of the better scripts available on the internet are copiously commented and the user can follow the logic of the rules. Anybody serious about maintaining their own firewall will one day have to get down and dirty with writing rules and they will not learn how to do it by using lokkit. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: rpm questions
** Reply to message from Ralf Corsepius <[EMAIL PROTECTED]> on Sat, 01 Mar 2003 06:06:19 +0100 > Am Sam, 2003-03-01 um 00.06 schrieb CM Miller: > > Is anyone using apt-get for rpms in RH 8.0? > I do. > > > Whenever I issue the following command, I get a > > strange error: > > > > apt-get install foo > > > > warning: cannot get exclusive lock on > > /var/lib/rpm/Packages > > What does this mean? All of these directories do > > exist. > > This means that something else but apt-rpm has locked your rpm database. > > This typically indicates that > (a) there might be another process running accessing your rpm database > in parallel to apt-rpm > (b) you have a stale file lock on your rpm database. > (c) you are trying to run "apt-rpm install" without root privileges. > > In case of > (a) Terminate all other processes trying access your rpm database in > parallel to apt-rpm > (b) Remove rpm's lock files (rm /var/lib/rpm/__db*) and rerun apt-rpm. > This typically happens after having interrupted rpm or apt by "Ctrl C". > (c) Become root. There might also be an apt-get lock itself from a previous instantiation, so get rid of it: rm -f /var/cache/apt/archives/lock jb -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: RedHat 8 kernel compile
** Reply to message from Matthew Simpson <[EMAIL PROTECTED]> on Mon, 24 Feb 2003 14:02:43 +1100 > Hi, > > I've just installed Redhat 8 and need to add some options to the > kernel. I've done. > > cd /usr/src/linux-2.4/ > make xconfig > > and then changed the config to my needs and then > > make clean && make dep && make && make bzImage && make modules && > make modules_install && make install > > this line use to work with my 7.1 box but it wont work with 8 You have a superfluous "make" all by itself between "make dep" and "make bzImage". Scrub it and you should be fine. Oh, BTW, I understand make clean is no longer necessary. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Gnome/(KDE?) NFS home dir base locks
** Reply to message from [EMAIL PROTECTED] on Sun, 23 Feb 2003 12:13:16 -0500 (EST) > There has been an issue brewing for a while in the fancy X desktops, > specifically Gnome, but I beleive KDE has the same problem. > > Gnome wants to make a lock file based in the user's home directory. > This is problematic if the home directory is NFS mounted, as the > lock then is expected to be manged using statd and/or lockd. The > history of statd/lockd has been at best chequered; not just in the > Linux community but in general. Would moving to the new tcp-enabled version of NFS be a solution? Or does this still require statd/lockd? The docs state that portmapper is no longer required for the tcp version. Trond??? jb -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: System freeze / hang, ping responding,can connect but no service answers
** Reply to message from Stefan Neufeind <[EMAIL PROTECTED]> on Sun, 23 Feb 2003 01:05:20 +0100 > Hi, > > I got a very weird problem with a RedHat-server. Occasionally (can't > even say that its under "high load" or something like that) the > system freezes / hangs. It's possible to ping the machine (responds > normal) and you can even connect to ports like pop3 (110) which were > open before. The connection is established but no service responds. > The same for mail in general, ssh, http etc. Nothing! Even console > doesn't work anymore until reboot. > > The PC consists of a ASUS-P4B533-V-board with 2 Maxtor-HDDs and a cd- > drive. Machine is running regular redhat 8.0 (kernel etc.), with all > RHN-updates applied, running latest apache 1.3.xx ... > > It's a server in a serverhousing-farm and it's there for production > use. So I can't simply take it off for a few days to play around with > it. > > Had the same problems with another server, different board, running > RedHat 7.3 with all updates applied. After looking for every possible > problem-solution I thought maybe it's a hardware defect. So I changed > from Athlon-cpu to a Intel P4 with different board, also installed > RedHat 8.0 (instead of 7.3) new from scratch. But problem still > exists. > > Only common thing: Both computers using same Maxtor-harddisks. But > could this be the problem? Unfortunately (as described above) I can't > simply take the computer down, change harddisks etc. ... not > possible. > > Did anybody experience such problem? Yes, I had the same thing on my RH 8.0 box. Started with the first kernel 2.4.18 builds, both RH's version and mainline 2.4.18. Same symptoms. It became so tiresome that I moved to the Phoebe 8.1 beta. I am now back to 8.0 but the problem has disappeared. I can only assume that it was kernel related since I am now running the latest 2.4.18-24.8.0 with no problems. When Marcelo releases 2.4.21, I will give that a whirl and see if the bug is still around. FYI, here are my two Maxtor IDE drives (out of 4 IDE and 2 scsi): $ dmesg|grep Maxtor hdc: Maxtor 5T030H3, ATA DISK drive hdg: Maxtor 52049H4, ATA DISK drive jb -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Sound Recording Issues
** Reply to message from Jacen _ <[EMAIL PROTECTED]> on Sat, 22 Feb 2003 13:36:30 -0500 > I just recently installed Redhat 8.0, and i needed to record a tape into a > wav through the line out, but even though the volume control was set to > record line out, sound recorder would just pick up blank air. I have tried > different programs than the already installed sound recorder, and none seem > to record the line out. They record from the mic when it is selected, but > not from the line out. My sound is CMedia 8738 built in, and all other > sounds work fine. Fire up the mixer program and ensure that the output gain "OGAIN" is cranked up. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
Re: USB CompactFlash reader problems
On Tue, Feb 18, 2003 at 09:50:37PM -0500, Darcy Boese wrote: > I have a camera+mp3 player that isn't well supported by "gphoto2", so I > picked up a fairly standard USB CompactFlash reader, made by Verbatim. > But when I tried to use it under my Redhat 8.0 system, I get these error > messages: > > >> root# dmesg > >> hub.c: USB new device connect on bus1/1, assigned device number 2 > >> usb.c: USB device 2 (vend/prod 0x55aa/0xb000) is not claimed by any active driver. > >> Initializing USB Mass Storage driver... > >> usb.c: registered new driver usb-storage > >> scsi0 : SCSI emulation for USB Mass Storage devices > >> usb-uhci.c: interrupt, status 2, frame# 1914 > >> Vendor: Model: Rev: > >> Type: Direct-Access ANSI SCSI revision: 02 > >> WARNING: USB Mass Storage data integrity not assured > >> USB Mass Storage device found at 2 > >> USB Mass Storage support registered. > >> > >> root# mount -t msdos /dev/sda1 /mnt/flash > >> mount: /dev/sda1 is not a valid block device Darcy, often zip disks are partitioned with an extended/logical setup rather than as a primary. Perhaps this is the case with your flash disk. Try: mount -t vfat /dev/sda4 /mnt/flash and see if it succeeds. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: I need EVERYONE's help!NOW!
On Tue, Feb 18, 2003 at 02:33:15PM -0500, Francisco Neira wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Robert Canary wrote: > | What a "DEMOCRTIC REPUBLIC"!! That alone tells me someone dosen't > | know what they arre talking about!!! > | > > The link is about the letter the Peruvian Congressman Villanueva sent to > local Microsft Manager. My boss and me ourselves had a couple of > meetings with the congressman to talk about Open Source > and the FSF. And yes, PerĂº, my country, lives in democracy (AFAIK) ;-) If anybody out there has not read Senor Villanueva's riposte yet, please do yourself a favour and seek it out. A delicious dressing down if there ever was one, done in the best literary style. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: "Broken pipe" during rsync, tunneled over ssh: Help!
** Reply to message from RD Egeland <[EMAIL PROTECTED]> on Fri, 31 Jan 2003 10:39:14 + > I'm running rsync tunneled over ssh in a cron job (the error also occurs if > run manually) to send nightly backup files to a remote server, and I've got > troublesome problems with either rsync or ssh. Has anyone had similar errors? > > The rsync command in my cron job is: > rsync -e ssh -avz /mnt/claws/backups/mail/mail\@foo.com-`date +%A`.tar.gz > [EMAIL PROTECTED]:~/backups/foo/ > > Uploading machine (.com): > RH 7.3 with > openssh-3.5p1-1 (I upgraded) > rsync-2.5.4-2 > > Downloading machine (.ac.uk): > RH 8.0 with > openssh-3.4p1-2 > rsync-2.5.5-1 > > Error which comes out quite regularly (usually less than 10M into the > upload, but sometimes not at all): > rsync: error writing 9 unbuffered bytes - exiting: Broken pipe > rsync error: error in rsync protocol data stream (code 12) at io.c(464) > > > Greek to me. At first, I assumed this was due to intermittent connectivity > (I am using a cable modem and D-Link firewall router on one side), but the > connection (amazingly) is quite rock-solid. I've read about bugs in ssh, > and notably, I notice that ssh connections to the 7.3 machine are dropped > occasionally, sometimes with "bad network packet size" (or something like > that). > > So I believe this could be due to SSH problems. But before I upgrade SSH > using the sources, I figure I'd ask if anyone has been through this before. ssh prefers having the line to itself and since theoretically nothing else is occurring while you are transferring, try this: rsync -e ssh --blocking-io -avz /mnt/claws/backups/mail/mail\@foo.com-`date +%A`.tar.gz I do the same regularly and it is rock solid. jb [EMAIL PROTECTED]:~/backups/foo/ -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Fax programs for Redhat 8.0
** Reply to message from Ted Gervais <[EMAIL PROTECTED]> on Sat, 18 Jan 2003 19:37:44 -0400 > Wondering what might be available for RH8 as far as fax is concerned. I see > that EFAX is installed in RH8 but I can't find how to run it. Seems pretty > simple but not sure it will RECEIVE faxes.. > > Does anyone know anything about this program or others that might be > available? Ted - mgetty+sendfax is all you will ever need. The unix tradition of a medley of programs working in concert to provide a robust solution. efax is also good. Note that if you are into voicemail, a very good set of perl proggies called VOCP that uses all the built-in mgetty and vgetty stuff is available at: http://vocpsystem.com/ Jack -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sizing server for sendmail & mailscanner
** Reply to message from Gordon Messmer <[EMAIL PROTECTED]> on Thu, 16 Jan 2003 15:13:22 -0800 > On Thu, 2003-01-16 at 12:36, Jack Bowling wrote: > > On Thu, Jan 16, 2003 at 11:33:29AM -0800, Gordon Messmer wrote: > > > > > > The whole thing takes less than a day to set up. NFS is available on a > > > standard Server install of RHL, but I use this kickstart file instead: > > > http://rh-install.prognet.com/kickstart/ks-73-default.cfg > > > Set up the NFS share and LDAP or NIS access (in my case, already > > > provided on other machines) on that server and it's done. > > > > Gordon - Have you checked out the NFS over TCP version yet? I just > > wonder if it is any faster than the portmap version. Perhaps others have > > tried it? > > No, NFS still defaults to UDP, and I haven't changed that particular > setting. However, I'm pretty sure you still need portmap when using NFS > over TCP as it's used for the initial mount process. As coincidence would have it, I stopped in at my fave book store at lunch today and what is there in the rack but the Dec/Jan British issue of Linux Magazine (pricey with the exchange to Canuck Bucks but well worth it). Therein is a very nice how-to article about shh and tunnelling using the new tcp capabilities of NFS. The article states that with the TCP-enabled version, UDP is not used at all and portmap does not need to be running since you can take care of all the mount setup in fstab. > In any case, NFS over TCP should not gain you speed on an "ideal > network" according to the NFS-HOWTO's optimization guide. I'm going to > go ahead and call my network "ideal" since the whole cluster sits on a > very good switch, and shares it with very little else. Indeed, the above article also states that speed gain is not the issue. The real gain is in security. You can turn off portmapper and you only have to expose your ssh port via tcp in your firewall rules. Big wins in my book. jb -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Online Backup Software?
On Thu, Jan 16, 2003 at 02:54:37PM -0500, Kent Borg wrote: > Does anyone here know of good online backup software? That is, with > disks getting so big that they can be hard to fill up and tapes are > getting impractical, why not back up a Linux machine to a different > computer, or in the case of a raid 1 machine, maybe even to itself (to > a normally unmounted partition). > > As a first approximation a simple rsync could be pretty efficient at > making backups, but I also want to be abe to fetch old versions of > changed (or deleted) files. > > I think I want rsync with history. To save space I would like to run > it immediately after installing the OS to establish a baseline that > wouldn't actually have to be stored, maybe just kept as md5s like a > tripwire database. > > Is there such a thing? I think you want something like rdiff-backup. It can be found on freshmeat.net. Basically keeps some history around as well as rsyncing for backups. I use rsync to backup my work Win98 partitions to my home linux box. Works a champ and keeps the backups offsite. -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sizing server for sendmail & mailscanner
On Thu, Jan 16, 2003 at 11:33:29AM -0800, Gordon Messmer wrote: > > The whole thing takes less than a day to set up. NFS is available on a > standard Server install of RHL, but I use this kickstart file instead: > http://rh-install.prognet.com/kickstart/ks-73-default.cfg > Set up the NFS share and LDAP or NIS access (in my case, already > provided on other machines) on that server and it's done. Gordon - Have you checked out the NFS over TCP version yet? I just wonder if it is any faster than the portmap version. Perhaps others have tried it? -- Jack Bowling mailto: [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: how to turn off all firewall and ip filters in red hat 8.0?
** Reply to message from Michael Schwendt <[EMAIL PROTECTED]> on Wed, 15 Jan 2003 12:05:53 +0100 > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Tue, 14 Jan 2003 23:44:24 -0800, Jack Bowling wrote: > > > Checking the chkconfig script, "service iptables panic" changes all > > default policies on all chains in all three tables to DROP, then > > flushes the chains, then deletes them all. No way for a packet to get > > through after that. > > > > A well written bash script this one. > > Except for bugs #76367 and #75723. Good catches, Michael. My scripts have been amended. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: how to turn off all firewall and ip filters in red hat 8.0?
** Reply to message from Bret Hughes <[EMAIL PROTECTED]> on Tue, 14 Jan 2003 21:46:15 -0600 > On Tue, 2003-01-14 at 14:19, gabriel wrote: > > On January 14, 2003 12:08 pm, Yu Liang wrote: > > > What command should I use? Or how can I verify that they have been turned > > > off? > > > > i believe redhat has two special scripts that will allow you to either (a) > > blow away all iptables rules or (b) lock down your box so nothing enters and > > nothing leaves. they should be called "accept-all" and "panic" respectively. > > > > > > > > this is pretty cool. BTW the panic is an argument to service > ip[chains|tables] not a special script. At least not on my 7.3 systems. > > e.g. service ipchains panic > > Never even crossed my mind, but I like it. Checking the chkconfig script, "service iptables panic" changes all default policies on all chains in all three tables to DROP, then flushes the chains, then deletes them all. No way for a packet to get through after that. A well written bash script this one. jb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
