fglrx problem
I have a Dell Optiplex 980 with a Radeon HD 6450 card which was working fine with the elrepo fglrx-x11-drv and kmod-fglrx packages until I recently upgraded to kernel 2.6.32-573.12.1.el6.x86_64 and fglrx versions 15.12-1. Now when I move a window on the screen, the content isn't erased from the old location, leaving a trail of ghosts behind. This happens with more than one window manager (fvwm, icewm, fluxbox), so I think its an X problem, rather than a window manager bug. The guys at elrepo were very responsive, but they didn't have the problem on their own machines, and it's not really their software - it is closed source from ATI - and they have run out of guesses for what to try. I have tried installing ATI's own rpm and that behaves the same way. I've filed a bug on the unofficial ATI bugzilla, but don't have great hopes there. I'm wondering whether anyone here has ever seen symptoms like these. Using the radeon driver gets me a mostly usable system, but there is some stuff that says it won't work without glx. Stephen Isard
where do pdf viewers look for sound players?
Hello, I am on Scientific Linux release 6.7 (Carbon) and am trying to embed sound in a beamer presentation. The beamer multimedia package defines a control sequence \sound for the purpose. When I use it, the resulting pdf displays a button to click and the file contains a line /Subtype /Link /A << /S /Sound /Sound 12 0 R /Mix false /Repeat false >> However none of xpdf, evince or acroread will play the specified sound file when the button is clicked. The acroread error message says "Cannot find an appropriate player for the sound", and the less immediately interpretable messages from xpdf and evince presumably come down to the same thing. The system has the "play" command from sox as the default for audio/x-wav files, specified via /etc/mime.types and /etc/mailcap, and running xdg-open file.wav from the command line plays the file. So the pdf viewers are evidently not consulting /etc/mime.types and /etc/mailcap. Does anyone know where they do look for a sound player? Stephen Isard
empty mail messages from fcron
Does anyone else out there use fcron with SL? I have had it working on various systems, compiled from source, for a long time, and currently fcron 3.0.6 on SL6.7 is fine. However, on SL7, when fcron 3.0.6 is supposed to send a message containing the output from a job it has run, it sends the message ok, but the body is always empty. (There is a more recent fcron 3.2.0 and I've tried that too, but the same thing happens.) The /var/log/cron log is uninformative, just reporting that the job has run and the message has been sent. On both SL6 and SL7 I'm using exim as mta and mailx as mail program. I don't know where to look. Since fcron itself and the jobs it launches are running as they should, it's probably not the fault of systemd. I have mailed the maintainer of fcron and will report here if he can shed any light. Stephen Isard
fglrx file in /dev/shm?
Hello, I am using the elrepo fglrx driver and kmod packages (14.12-1.el6) with Scientific Linux SL6x. Just recently, rkhunter has started to complain about a file /dev/shm/sem.__AMD_GL_CACHE__0016fe1386291f1d_20. From the name, it looks as if the file is related to the driver and the file looks pretty innocent - 32 bytes consisting of a 1 and 31 0s. If I delete the file, it eventually regenerates, although I don't know what triggers the regeneration. Googling on the file name produces no results, but the documentation for the closed source driver says that you need /dev/shm for 3D effects. I can't find any filenames in that documentation and I'm not consciously using any 3D effects. The one thing that has changed recently is that I have added a second screen (without xinerama). The second screen was there for about a week before the first rkhunter warning. Can someone reassure me that the fglrx driver does put files with that kind of name in /dev/shm so that I can whitelist them for rkhunter? Stephen Isard
mesa-libGL and octave native graphics
Hello, I'm reporting a recent experience in case there is someone else out there wanting to try out octave's fltk alternative to gnuplot under RHEL/Centos/SL. I'm running SL 6.5, and the octave-3.4.3-1.el6.x86_64 available from EPEL only offers gnuplot, although /usr/share/doc/octave-3.4.3/NEWS announces the presence of fltk. While I was at it, I thought I would get a more recent octave than 3.4 and downloaded octave-3.8.1.tar.gz from the octave website. ../configure reported some missing libraries that yum located in various devel packages, but even after installing the packages I continued to get a report that OpenGL was missing and that native graphics would therefore be unavailable. I eventually spotted a "-lGL not found" line in config.log, in spite of the fact that /usr/lib64/libGL.so was present, having been provided by mesa-libGL-devel. The problem was that it was a broken symbolic link to libGL.so.1.2.0, which rpm -ql says mesa-libGL should provide. But what I actually had was libGL.so.1.2 instead. Making libGL.so point to that fixed the problem and octave now offers a choice of gnuplot and fltk graphics toolkits. (It also offers a matlab-like gui, which, as they tell you, is not yet ready for everyday use.) My guess is that the library name mixup is more likely to be a RedHat problem than a Scientific Linux one, so I have reported it on their bugzilla. Stephen Isard
Re: Install the whole TeX/LaTeX distribution
On Fri, 17 May 2013 11:12:53 +1000, W K Daniel PUN wrote: >I haven't been able to find a way to install the whole comprehensive >TeX/LaTeX distribution on Scientific Linux. > >Does anyone have a clue? yum groupinstall "TeX support" ? What are you lacking? Stephen Isard
lynx browser in SL6.3
Is anybody else out there trying to use lynx in SL6.3? When I bring it up, the text for url links comes up as yellow on a white background, and is pretty much invisible. This wasn't the case in SL5.5. I know how to fix the problem for my own use, but lynx shouldn't come up unusable by default. Before I try reporting it as a bug to the packagers, I want to be sure it happens to other people too, and isn't due to some idiosyncracy of my own setup. Anyone? Stephen Isard
Re: sl6 livedvd with nonpae kernel
Hi Urs, Thanks for the hints. >Since you have replace kernel with kernel-ml-NONPAE in sl6rolling-live-base.ks, I guess that an other package requires "kernel". And the package "kernel" is >installed as dependency. > >The following command (run on the LiveDVD) may give some hints: > >rpm -qa | while read rpm; do rpm -q --requires $rpm | grep "^kernel " &a mp;& echo "*** $rpm ***"; done Correct. There are several packages - a couple of xorg-x11 drivers, fuse and a few others - that require "kernel". >Furthermore, does the rpm kernel-ml-NONPAE provides "kernel"? > >rpm -q -provides kernel-ml-NONPAE > >If this is the case, kernel should not be installed as dependency...? Yes, kernel-ml-NONPAE does provide kernel = 3.5.3-1.el6.elrepo The "requires" are all for kernel >= 2. So is it just an ordering problem? If kernel-ml-NONPAE had been installe d before the other packages, would they still have pulled in the other kern el? >2. Edit boot menu > >The boot menu is customized in sl6rolling-live-base.ks. Look for the scr ipt /root/postnochroot-install. In fact $LIVE_ROOT/isolinux/isolinux.cfg is c reated. >Have a look at /isolinux/isolinux.cfg on your LiveDVD. It should be possible to remove all boot entries for "kernel" in /isolinux/isolinux.cf g with the help of >some "magic" sed-commands in /root/postnochroot-install. I'll have to study that. >BTW. if we (you) get the this working, I will try to add it to the SL Li ve kickstart files as an option Good, I think there are others who would use it as well. Stephen Isard
sl6 livedvd with nonpae kernel
I wanted to run sl6 on a non-pae laptop using the ELRepo nonpae ml kernel, and thought that it might work to run the livecd-creator script with Urs Beyerle's sl6rolling-livedvd.ks kickstart file, just editing sl6rolling-live-base.ks to include the elrepo-kernel repository and changing the name of the "kernel" package to "kernel-ml-NONPAE". I'm pleased to report that this does in fact work; at least the resulting iso boots and starts up normally - I haven't tested it extensively. However, even without a mention of the ordinary sl6 kernel, the script installs the most recent one from sl-security and constructs a rather confusing boot menu with four separate kernel entries all labelled nonpae, some of which try to boot the standard pae kernel. This isn't fatal, but it's a bit messy. Can anyone suggest a way of getting the script to not install the standard kernel, or at least to label the boot menu entries in a more informative way? Stephen Isard
802-1x authentication failure
Hello, I've put a fresh SL5.8 on an old laptop and find I can't connect to a university network with 802-1x authentication. I've done this successfully in the past with other SL laptops, but now I get an error from nm-applet "Unhandled setting secret type (write) '802-1x/phase2-private-key' : 'GArray_guchar_'" Google turns up bug reports involving this error, but they all date from 2009, when that bug was apparently fixed. I don't see anything more recent. The nm-applet I'm using comes from NetworkManager-gnome 1:0.7.0-13.el5, which I think makes it up to date for SL5. Just for completeness, the 802-1x network uses tunnelled tls, PAP and a certificate from the bundle in /etc/pki/tls/certs/ca-bundle.crt. As I say, I've authenticated with it before, both with an older SL5 and with SL6.1. Thanks for any advice.
Re: What's diff btw yum-autoupdate and yum-cron?
On Fri, 13 Jul 2012 10:30:12 +0100, Winnie Lacesso wrote: >What is the difference between the packages yum-autoupdate and yum-cron? > >rpm -qi yum -cron says "Install this package if you want auto yum updates >nightly via cron." > >rpm -qi yum-autoupdate says "Automatically update your machine daily via >yum." > >The 2 pkgs seem to do the same thing (I just got bit by an automatic >update when I knew yum-cron had not been installed). Apols for not having >time to dig, but do experts know the few-sentence summary of the >differences between these 2 pkgs? Not an expert, but recently had the same question and looked into it a bit. As far as I can see, the main difference is in the way you manage the behaviour of the two packages. yum-cron has an /etc/sysconfig/yum-cron file in which you set variables for whether you want automatic updates or just a list of packages available for update or nothing at all, while cron-autoupdate has separate files, /etc/yum.d/original.yum.cron, /etc/yum.d/checkonly.yum.cron, /etc/yum.d/byhand.yum.cron that you copy or link into /etc/cron.daily to get the behaviour you want. yum-autoupdate also has a /etc/yum.d/yum.cron.excludes file in which you can specify packages that you don't want automatically updated, or reported on. I don't know whether there's a way of getting that effect in yum-cron. yum-cron calls the file it puts in /etc/cron.daily yum-cron, while yum-autoupdate uses yum.cron (hyphen versus dot) so that you can have both packages installed at the same time, although I can't see why anyone would want to. Hope that's helpful.
revisor with kernel-ml
I have a test SL 6.1 system on an old thinkpad x31 laptop using the ELRepo kernel-ml-NONPAE produced by Alan Bartlett. I got there in a roundabout way, starting from the netinstall instructions at http://scientificlinuxforum.org/index.php?showtopic=621 and then upgrading to 6.1 and replacing the old nonpae kernel with the ELRepo kernel-ml-NONPAE. I'd like to produce an installation disk for SL6 with the ELRepo kernel for installing on other, slightly less old but still nonpae, hardware. I've installed revisor, but can't find a way of convincing it to accept the ELRepo package as a kernel. I get an error message "No Package Matching kernel. This is a required package." This is in spite of includepkg=kernel-ml-NONPAE in the elrepo-kernel section of my config file and kernelpkgnames=kernel-ml-NONPAE both there and in the main section. I've also replaced "kernel" by "kernel-ml-NONPAE" in the kickstart file and "kernel-headers" and "kernel-firmware" by their "kernel-ml" counterparts. Google turns up a couple of other people with similar problems, but no solutions offered. Any guidance? Stephen Isard
Re: How do I set default gdm session?
On Wed, 14 Dec 2011 09:49:03 -0800, Todd And Margo Chester wrote: >>> Question, how do I change my gdm default from gnome to Xfce? https://bugzilla.redhat.com/show_bug.cgi?id=617465 seems to describe a similar problem. It's on Fedora, but ...
Re: usb patch
On Sun, 30 Oct 2011 15:02:47 -0700, Akemi Yagi wrote: >> If you would like to have a SL kernel based on 2.6.32, please install SL 6.x :) >> >> Regards, >> Alan. > >I was rather surprised that Alan did not mention ELRepo's kernel-ml. :-O > >kernel-ml-2.6.35 does have the patch referenced here: > >https://lkml.org/lkml/2010/11/19/609 > >I should also note that kernel-ml is not for production use but it's >been quite stable and Alan has been doing a good job of keeping it up >to date. :-) > >http://elrepo.org/tiki/kernel-ml Thanks very much, Akemi. That looks like a good solution apart from the known bug in iptables, which is a bit scary. I'll have to check into whether I use any of the commands that trigger the bug and cause iptables to stop working. Regards, Stephen Isard
Re: usb patch
On Sun, 30 Oct 2011 21:00:39 +, Alan Bartlett wrote: > > >> I don't want to get into a position of maintaining my own kernel. I'd >> rather wait until I catch up with 2.6.32 and impose on friends with newer >> kernels or windows machines in the meantime. > >Hi Stephen, > >You will have a very long wait. The SL 5.x kernels will remain to be >based on 2.6.18 until EOL. ;) That is how TUV maintain a stable kernel >ABI for the life of EL5. >If you would like to have a SL kernel based on 2.6.32, please install SL 6.x Right, I really meant "until I go over to SL6". There are two reasons I haven't yet: first, up until now, SL5 has been doing everything I've asked of it and second, I have two machines that I'd like to run the same operating system on for convenience, and one of them is a non-pae laptop, that, so far, SL6 won't run on. However, there is this cool guy named Alan Bartlett who says on the ELREPO list that he is getting close to producing a non-pae kernel for SL6 :-) . So I had been thinking of switching over when he does. Regards, Stephen Isard
usb patch
I have an RCA VR5320 digital voice recorder. It has a usb connector, but isn't recognized by SL 5.6. I get log messages of the form kernel: usb 1-5: new high speed USB device using ehci_hcd and address 4 kernel: usb 1-5: ep0 maxpacket = 32 This is evidently a known problem and there is a patch for drivers/usb/core/hub.c with the comment "A few devices (such as the RCA VR5220 voice recorder) are so non-compliant with the USB spec that they have invalid maxpacket sizes for endpoint 0. Nevertheless, as long as we can safely use them, we may as well do so." I think this patch is incorporated in 2.6.32 kernels. Q1: Am I correct in thinking that I would have to compile a whole new kernel, as opposed to just a module, to incorporate a patch to hub.c? Q2: Is there any sort of module or userspace hack I could try instead? I don't want to get into a position of maintaining my own kernel. I'd rather wait until I catch up with 2.6.32 and impose on friends with newer kernels or windows machines in the meantime. Thanks. Stephen Isard
Re: klist -s segfaults
On Sun, 7 Aug 2011 16:51:16 -0500, Connie Sieh wrote: >On Sat, 6 Aug 2011, Stephen Isard wrote: > >> SL 5.5 x86_64, krb5 1.6.1-55.el5_6.1 (most recent available in >> sl-security). >> >> When I run klist -s with an expired ticket, I get a segfault, but not >> with a valid ticket or without '-s'. It looks like >> https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=707145 which >> has apparently been fixed in a later krb5. Any chance we'll get the >> fixed version? > >707145 is a Fedora bug and thus a Fedora fix. > >Did you find this bug for RHEL 5 ? > >If not then I suggest you add a bugzilla entry for RHEL 5 . > >It is up to TUV to fix bugs . But they need to know about them. Ok, https://bugzilla.redhat.com/show_bug.cgi?id=729067 now reports that the bug has been fixed in krb5-1.6.1-64.el5. Is it just a matter of time before this package shows up in the sl-security repo?
Re: .xps files on SL5
On Fri, 16 Sep 2011 14:54:25 -0700, Yasha Karant wrote: >I tried the binary executables of mudpf for linux on 5.7, but the glibc >is not compatible. Yes, I found that too. >I then tried to make from source: > >[ykarant@localhost mupdf-0.9] make > MKDIR build/debug (snip) > CC build/debug/dev_text.o >fitz/dev_text.c:8:10: error: #include expects "FILENAME" or >fitz/dev_text.c: In function fz_text_extract_span: >fitz/dev_text.c:324: warning: implicit declaration of function >FT_Get_Advance >make: *** [build/debug/dev_text.o] Error 1 > >Also, no go. What did you do differently? You don't mention getting the third party libraries at http://www.mupdf.com/download/mupdf-thirdparty.zip as instructed in the README. I did and unzipped them in the mupdf-0.9 directory. Apart from that, I just did "make" the way you did. Stephen Isard
Re: .xps files on SL5
On Fri, 16 Sep 2011 08:08:21 +0100, Dr Andrew C Aitchison wrote: >On Thu, 15 Sep 2011, Stephen Isard wrote: > >> Can anyone suggest a way to read Microsoft's XML Paper Specification (.xps) >> files on SL5? ... >mupdf http://mupdf.com/ works on SL6 >but I haven't tried building it on SL5. Thanks for the pointer. It does build and work on SL5.5 too. Better than gxps for displaying a .xps file on the screen without needing to convert it to pdf first. But if you do want to convert the file to pdf, or print it, it's not immediately obvious whether mupdf can do that. Maybe I just haven't looked hard enough. Stephen Isard
Re: .xps files on SL5
On Thu, 15 Sep 2011, Christopher Tooley wrote: Thanks very much, Christopher. Ghostxps did the job for me. You might try using kpdf... apparently okular is based upon that. That's located in the kdegraphics package. However, it looks like okular is specifically the one that reads xps. I had tried kpdf, but without success. There is also ghostxps which can apparently convert from xps to pdf format. (you'll probably have to compile that, but it's easy!) http://www.ghostscript.com/download/ Easy, but not quick :-) The documentation for gxps is a bit thin, so I'll include a couple of things I learned in hopes of saving time for the next person who goes through this. You can speed up compilation of gxps by doing 'make xps' instead of 'make', assuming you don't want to compile the pcl interpreter as well. gxps -h gives you commandline options. Use gxps -dNOPAUSE -sDEVICE=pdfwrite -sOutputFile= to convert to . If you leave out -dNOPAUSE, you are prompted to press ENTER for each separate page of the document. When I ran just gxps the file was displayed on the screen, but there were no controls for moving back and forth among pages, and the text was in a barely readable font. There was a warning on the command line "Some glyphs of the font TimesNewRomanPSMT requires a patented True Type interpreter." There was no such warning when I converted to pdf and the text looked much better. Stephen Isard On 2011-09-15, at 8:52 AM, Stephen Isard wrote: Can anyone suggest a way to read Microsoft's XML Paper Specification (.xps) files on SL5? I've found web postings saying that okular can read them, but I can't find a version of that for SL5. I tried installing kdegraphics, but it wasn't included. It's apparently on the way for evince, but not here yet. Thanks, Stephen Isard
.xps files on SL5
Can anyone suggest a way to read Microsoft's XML Paper Specification (.xps) files on SL5? I've found web postings saying that okular can read them, but I can't find a version of that for SL5. I tried installing kdegraphics, but it wasn't included. It's apparently on the way for evince, but not here yet. Thanks, Stephen Isard
Re: klist -s segfaults
On Sun, 7 Aug 2011 16:51:16 -0500, Connie Sieh wrote: >On Sat, 6 Aug 2011, Stephen Isard wrote: > >> SL 5.5 x86_64, krb5 1.6.1-55.el5_6.1 (most recent available in >> sl-security). >> >> When I run klist -s with an expired ticket, I get a segfault, but not >> with a valid ticket or without '-s'. It looks like >> https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=707145 which >> has apparently been fixed in a later krb5. Any chance we'll get the >> fixed version? > >707145 is a Fedora bug and thus a Fedora fix. > >Did you find this bug for RHEL 5 ? > >If not then I suggest you add a bugzilla entry for RHEL 5 . > >It is up to TUV to fix bugs . But they need to know about them. > >> >> Stephen Isard >> > >-Connie Sieh Ok, it's now https://bugzilla.redhat.com/show_bug.cgi?id=729067 Stephen Isard
Re: klist -s segfaults
On Sun, 7 Aug 2011 16:51:16 -0500, Connie Sieh wrote: >Did you find this bug for RHEL 5 ? No. A search of their bugzilla for 'klist -s' comes up with nothing, and just 'klist' gives five entries not mentioning this bug. >If not then I suggest you add a bugzilla entry for RHEL 5 . I've never used their bugzilla and am not sure about the etiquette. Will they accept a report even though I haven't seen the bug on an actual RHEL system? Wouldn't it be better if someone with access to such a system could replicate it there? >It is up to TUV to fix bugs . But they need to know about them. Understood. Thanks for your time. Stephen Isard
klist -s segfaults
SL 5.5 x86_64, krb5 1.6.1-55.el5_6.1 (most recent available in sl-security). When I run klist -s with an expired ticket, I get a segfault, but not with a valid ticket or without '-s'. It looks like https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=707145 which has apparently been fixed in a later krb5. Any chance we'll get the fixed version? Stephen Isard
Re: Very slow DNS lookups
On Sat, 12 Feb 2011 14:35:51 +0100, Aram Avetisyan wrote: >Hello, > >Using SL 5.4 ( 2.6.18-194.32.1.el5 ) from my apartment results in very >slow DNS lookups -- on the order of 30 seconds for each new page. I am >pretty sure the problem is with DNS because it goes away if I use vpnc >to tunnel to Fermilab. Google led me to the following workaround: add > >alias ipv6 off >alias net-pf-10 off > >to /etc/modprobe.conf . This works, but the system now complains about >some error with ipv6 tables when it boots. Is there a better way to fix >this (without changing any router settings -- I don't have the password) ? > >Thanks. > >-- Aram The advice at http://wiki.centos.org/FAQ/CentOS5#head-47912ebdae3b5ac10ff76053ef057c366 b421dc4 (that's all one line) worked for me. In particular running "/sbin/chkcon fig ip6tables off", once there is no ipv6 traffic for the ip6tables firewall to protect. HTH, Stephen Isard
Re: Installing SL 5.5 from DVD iso
This isn't going to be any help to you, but, just to add another datapoin t, I successfully installed SL5.5 on a Thinkpad X60 laptop from a usb dvd pl ayer. Stephen Isard
Re: X problems with 2.6.18-194 kernels
Section "Screen" Identifier "Screen1" Device "Videocard1" Monitor "Monitor1" DefaultDepth 8 SubSection "Display" Viewport 0 0 Depth 8 Modes "1920x1080" "1280x1024" "1024x768" "800x600" "640x480" EndSubSection SubSection "Display" Viewport 0 0 Depth 24 Modes "1920x1080" "1280x1024" "1024x768" "800x600" "640x480" EndSubSection EndSection where obviously the key statements are "DefaultDepth 8" and the "Depth 8" subsection Display. Does your xorg.conf already include the analogous statements, in addition to the Option "PseudoColorVisuals" "on" you cited as being necessary with the proprietary driver ? The above depth 8 -related statements alone do the trick for me with the default radeon driver in SL appropriate for my ATI Radeon 7000 or 7500 video boards. Thanks, Jim. No, I haven't tried a Depth 8 subsection. I will. With the fglrx driver, xview seems to find the pseudocolor visual without that, but maybe the free drivers are different. Stephen Isard
Re: X problems with 2.6.18-194 kernels
Sorry folks. Dumb mistake on my part. I needed to re-run the proprietar y ATI driver installer to get fglrx modules for the new kernel. In the meantime, I found that the free r500 driver, which the SL live dvd uses for my machine, is nearly good enough for my purposes. The only problem is that I can't get it to give me a pseudocolor visual. With the proprietary driver, I put a line Option "PseudoColorVisuals" "on" in the device section of xorg.conf, but that doesn't seem to work for r50 0. Does anyone know whether it's possible to get a pseudocolor visual with the free driver? Stephen Isard
X problems with 2.6.18-194 kernels
Hello, After upgrading my kernel from 2.6.18-164.15.1.el5 to 2.6.18-194.8.1.el5, I found that my machine would go through periods of running very slowly wit h the mouse moving jerkily. Top showed 98%+ wait state, although nothing wa s going on. The machine is an HP 64 bit dx5150 with 3G of memory and X1300 graphics. I have been running the proprietary ATI fglrx driver because i t appeared to be the only way of getting a pseudocolor visual for the xwave s speech processing package, whose graphics are based on xview. I've been using it for several years and not seen anything like this before. I noticed that hald-addon-storage was occasionally using large amounts of cpu time polling my empty dvd drive, so I killed that process, but that didn't solve the problem. Then I found that the xwaves display was showi ng the wrong colors and scaling was distorted. Reverting to the old kernel makes everything work normally again. I susp ect that it's X that is the problem, although I don't know for sure. Nothing interesting shows up in the xorg log or any other log that I can find. Has anyone else seen symptoms like this? Any hints on what to try? In particular, is there a way of finding out what the cpu is waiting on when it is spending all its time waiting? Thanks. Stephen Isard
Re: nox - [was can't boot livedvd64_SL54_2009-11-20.iso]
On Mon, 22 Mar 2010 15:39:47 +0100, Urs Beyerle wrote: >"nox" only sets the default runlevel to 3. The X server is still configu red. >Having runlevel=3, rhgb does not start up (see /usr/share/doc/rhgb-0.16.4/HOW_IT_WORKS) Just for my general education, do you know what program interprets the 'n ox' parameter and sets the runlevel? As I understand it, init usually gets t he runlevel from /etc/inittab, so nox must somehow be overriding that. I've run strings on the init and grub binaries and grepped the output for nox, but not come up with anything. HOW_IT_WORKS doesn't mention nox either.
Re: can't boot livedvd64_SL54_2009-11-20.iso
On Mon, 22 Mar 2010 12:31:12 +0100, Urs Beyerle wrote: >Therefore "norhgb" as no effect. As you already mentioned, only "linux n ox" and a manual "startx" is working. :-( > >To avoid this problem in future releases of the SL LiveCDs, I see three possibilities: > >1. remove "rhgb" from the default boot options - no graphical bootup per default. >2. make "norhgb" working - /etc/rc.sysinit has to be modified. >3. (at least) remove "rhgb" from failsafe bootup options. > >or just leave it like it is. > >Anybody has an opinion on that? Is it out of the question to configure X before rhgb starts? For my case at least, the problem isn't that SL can't figure out how to run X on my hardware, just that it doesn't do so early enough. What would be the consequences of turning off rhgb? Would it stop gdm f rom running and force all users to type 'startx' after logging in if they wan t an X session? Or does rhgb just hide the details of the boot process? I f the second, then I personally would be happy with your option 1. Btw, what is the 'nox' option supposed to do? It evidently doesn't stop X from being configured. Does it really just mean 'no graphical login'? I t doesn't get consulted in /etc/rc.sysinit. Where does it have its effect?
Re: can't boot livedvd64_SL54_2009-11-20.iso
On Wed, 17 Mar 2010 16:11:47 -0500, Stephen Isard <7p03xy...@sneakemail.c OM> wrote: >On Wed, 17 Mar 2010 20:23:12 +0100, Urs Beyerle > wrote: > >>Try to boot with boot parameter "norhgb/"/ >> >>linux norhgb >> >>norhgb turns graphical bootup off. >> >>If this help I should add norhgb to the failsafe option in the next >>LiveCD release. > >Thanks, Urs. Booting with norhgb didn't change anything, but then I tri e >d >"nox" and that got me a console session. After I logged in as sluser, I > >was able to start an X session with "startx" and everything seemed norma l > >except that the time was off by 4 hours (ntpd wasn't running). Hi Urs, Is it possible that the reason "norhgb" has no effect is the line in /etc/rc.sysinit that begins "if strstr "$cmdline" rhgb && ". rhg b won't get invoked if the command line doesn't mention rhbg at all, but since "rhgb" is a substring of "norhgb" ... My problem seems to be that an xorg.conf that works for my hardware doesn 't get configured until your runlast script, and whatever default configurat ion there is at the beginning causes a crash if rhgb is allowed to run.
Re: can't boot livedvd64_SL54_2009-11-20.iso
On Wed, 17 Mar 2010 20:23:12 +0100, Urs Beyerle wrote: >Try to boot with boot parameter "norhgb/"/ > >linux norhgb > >norhgb turns graphical bootup off. > >If this help I should add norhgb to the failsafe option in the next >LiveCD release. Thanks, Urs. Booting with norhgb didn't change anything, but then I trie d "nox" and that got me a console session. After I logged in as sluser, I was able to start an X session with "startx" and everything seemed normal except that the time was off by 4 hours (ntpd wasn't running). This machine has a Radeon X1300 card - actually I think it's on the motherboard - and I've been using version 8.36 of the linux driver from t he Radeon website, with "fglrx" as the driver in my xorg.conf file.
can't boot livedvd64_SL54_2009-11-20.iso
Machine is a Compaq dx5150 64 bit desktop with 3Gb of memory. It has bee n having no problems with 64 bit SL5.3. Before upgrading to SL5.4, I thoug ht I'd be cautious and try out the live dvd, but it won't boot. Even if I t ry "failsafe", the boot sequence prints the "ok" after starting udev and the n the screen goes blank and never comes back again. I have no other reason to suspect the machine itself. The only time I ne ed to reboot is for new kernels or drivers. I tried the memtest program on the dvd and it didn't report any problems. Md5sum gives the right answer for the dvd containing the iso image. I downloaded and burned it again just in case, but it didn't make any diffe rence. The dvd drive is ok as far as I can tell. I'm able to boot and run from an old Knoppix dvd. Any suggestions for what to try? Thanks
laptop screen dims
I am running SL5.3 on a Thinkpad x60 laptop. I don't run a screensaver, just xset to blank the screen after a period of inactivity. With the lap top running on ac power, the screen goes blank as it should, but when I press a key to bring it back, it is only about half as bright as it was before turning off. (/proc/acpi/ibm/brightness says it's level 3 vs. level 7). Searching the web, I've found people blaming this kind of behaviour on gnome-power-manager and hal, so for purposes of this posting, I've killed both of those, and the problem remains. Any ideas? Thanks.
Re: which repositories select in order to access scientific packages
On Tue, 29 Sep 2009 17:08:43 +0100, Alexandre Pereira wrote: ... >Scilab, Octave/QtOctave/Octave Forge, Paraview ... Octave and octave-forge are already available at the epel repository.
Re: login to 5.3 livedvd
Mystery solved, Urs. Entirely my own fault. There was an SL_LIVECD directory with gzipped password and shadow files in it on one of the hard disk partitions that must have been left over from playing around with an earlier live cd/dvd over a year ago. I had completely forgotten about it, if I ever knew it was there in the first place. When I removed that, booting proceeded with no problem. Sorry to have wasted your time. Stephen Isard
Re: login to 5.3 livedvd
On Mon, 4 May 2009, Urs Beyerle urs.beyerle-at-env.ethz.ch |Scientific Linux| wrote: Hi Stephen, Booting with option "failsafe" is equal to booting with "linux |nonet simplex apm=off acpi=off noapic nofstab". One or more of these options make your system work correctly. Can you try to identify which option(s) are needed? Hi Urs, It seems to be nofstab that is required. When I use that on its own, I get to set the password. None of the others on their own help. Stephen Isard
login to 5.3 livedvd
Hello, I've downloaded livedvd_SL53_2009-03-23.iso and it works fine when I boot it with the "failsafe" command. However with "linux [options]", I don't get a chance to set a password and all attempts at login are rejected for either sluser or root. I've tried the "pw=" and "nopasswd" options, but they seem to have no effect. I'm just taken straight from the keyboard choice screen to the login screen, rather than being asked to choose a password as I am with "failsafe". Has anyone else seen this behaviour? Is there something else I should be doing? In case it matters, the machine in question is an IBM Thinkpad x31 laptop with an external usb dvd drive. Stephen Isard
fvwm
Can anyone explain why the fvwm window manager has been dropped in SL5? I've searched and found no discussion apart from a remark at http://www-zeuthen.desy.de/technisches_seminar/texte/sl3z.pdf that "we probably can't fight UTF-8 any longer". However, fvwm 2.5 claims "full internationalization" and the man page makes a number of references to utf-8, so that doesn't appear to be a complete explanation. The tar file from the fvwm site compiles with no problems and runs as it always has, as far as I can see.
Re: printer discovery and iptables
On Mon, 18 Aug 2008 08:49:24 +0100, Dr Andrew C Aitchison <[EMAIL PROTECTED]> wrote: >Printer discovery doesn't need to be done very often, >but do check how often it *is* being done. >I've seen printer widgets that check the print queue every 3 >seconds every when no jobs have been sent. The user didn't even know he >was running the widget, Thanks, I'll watch out for that. No sign of it so far.
Re: printer discovery and iptables
>On Thu, 14 Aug 2008, Shane Voss wrote: >... >> You may be able to use "recent" - something like this: >> >> # Record the port being used when cups sends a broadcast >> iptables -A OUTPUT -m recent --name cups-snmp --dport 161 --pkt-type >> broadcast --set --rdest -j ACCEPT >> >> # Accept incoming packets presumed "in reply" from port 161 >> # but only for the number of seconds configured in cups-snmp.conf >> iptables -A INPUT -m recent --rcheck --seconds 10 --sport 161 ... -j A C >CEPT >> >> (I haven't tested any of this!) Shane, People on the netfilter list gave me a pair of rules very close to yours that seem to work. -A OUTPUT -d xxx.yyy.zzz.255 -p udp --dport 161 -m recent --name cups_snm p --rsource --set -j ACCEPT -A INPUT -p udp -s xxx.yyy.zzz.255/24 --sport 161 -m recent --name cups_s nmp --rdest --rcheck -j ACCEPT The only problem is that "-m recent --rsource --set" only records the out put ip address, not the port number, so that the INPUT line accepts packets t o any port, not just the port that cups sent its broadcast from. However, the use of "recent" means that such packets will only be accepted during a br ief time window following a broadcast. Since printer discovery doesn't need to be done very often, the risk (if there really is a risk in the first plac e) is reduced.
Re: printer discovery and iptables
On Thu, 14 Aug 2008, Shane Voss shane-at-blether.org.uk wrote: ... > You may be able to use "recent" - something like this: > > # Record the port being used when cups sends a broadcast > iptables -A OUTPUT -m recent --name cups-snmp --dport 161 --pkt-type > broadcast --set --rdest -j ACCEPT > > # Accept incoming packets presumed "in reply" from port 161 > # but only for the number of seconds configured in cups-snmp.conf > iptables -A INPUT -m recent --rcheck --seconds 10 --sport 161 ... -j AC CEPT > > (I haven't tested any of this!) Thanks, Shane. I've just tried, but no joy. My iptables man page says t hat "-m recent --set" will add the *source* address to the list, which isn't what we need. The man page makes no mention of rdest. Googling around, I've found a thread from 2004 in which people were discussing what looks like the same problem with regard to samba. The broadcast and reply setup is apparently the same. I couldn't find a resolution, however.
printer discovery and iptables
I'm running SL5.2 with cups-1.2.4-11.18.el5_2.1.x86_64. This version of cups has a module which finds network printers using snmp (simple network management protocol), so that when you go to the printer administration panel on the cups web interface, you are automatically offered a list of possible printers on your local network that you can ad d to your system by just clicking an "add printer" button. Very neat. However, I am wondering about the security implications of the holes that you apparently have to make in your firewall to let the printer discovery module operate. I'm somewhat out of my depth here, so if my description of what is going on is misleading or plain wrong, I hope someone more knowledgeable will step in. The way it appears to work is that cups broadcasts FROM some high (>1024) numbered port (a different one each time) TO port 161 (the snmp port as listed in /etc/services) of all devices on the local network. It then listens for replies FROM port 161 of devices on the network TO the high numbered port that it sent the broadcast from. Since the original broadcast was a broadcast, and not a connection to a specific machine, th e replies are not treated as ESTABLISHED or RELATED for purposes of iptable s. It thus seems that for the replies to be received, you have to let throu gh udp packets from port 161 of any machine on the network to any high numbe red port on your machine, at any time, with no way of allowing only packets addressed to a port that recently sent a broadcast. Since bad guys can s end whatever they like from port 161, this looks like a potential security ri sk. Question 1: How bad a risk is it in an environment like a large universit y department where you have to assume that intruders will occasionally mana ge to break into the local network? Question 2: Is there actually some way that I don't know about of identifying replies to a recent snmp broadcast with iptables rules? Thanks for your attention.
