F23: qtox and libsqlchiper
Hi, I try to build qTox on f23 follow this how to https://github.com/tux3/qTox/blob/master/INSTALL.md#simple-install but I cannot find sqlcipher and I get this error: /usr/bin/ld: cannot find -lsqlcipher I have try to use last generic build https://build.tox.chat/view/Clients/job/qTox_build_linux_x86-64_release/lastSuccessfulBuild/artifact/qTox_build_linux_x86-64_release.tar.xz but last version do not work anymore (previous version work ok) with this error: > [lesca@dodo ~]$ qtox > qtox: error while loading shared libraries: libcrypto.so.1.0.0: > cannot open shared object file: No such file or directory > [lesca@dodo ~]$ rpm -q openssl-devel openssl > openssl-devel-1.0.2e-3.fc23.x86_64 > openssl-1.0.2e-3.fc23.x86_64 Someone can help me to build from source or run the generic build? Many thanks -- Dario Lesca (inviato dal mio Linux Fedora 23 Workstation) -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
No second monitor - Fedora23 KDE spin
All; I'm running Fedora 23, KDE spin. I've fully updated my system. several updated back I could plug in a second monitor, go to system settings --> display and click on the second monitor to 'enable' it However a few updates back this functionality stopped working. Now I plug in the HDMI cable, go to system settings --> Display and it only show the laptop screen. I've installed the Cinnamon desktop and it seems to work flawlessly per auto-adding the second monitor as soon as I plug the HDMI cable in. I suspect this confirms that it's a KDE issue and not a Kernel issue, but I'm not 100% sure. Any thoughts on debugging this? I'm running on a Lenovo X1 Carbon 3rd gen, lspci listing below, thanks in advance $ lspci 00:00.0 Host bridge: Intel Corporation Broadwell-U Host Bridge -OPI (rev 09) 00:02.0 VGA compatible controller: Intel Corporation Broadwell-U Integrated Graphics (rev 09) 00:03.0 Audio device: Intel Corporation Broadwell-U Audio Controller (rev 09) 00:14.0 USB controller: Intel Corporation Wildcat Point-LP USB xHCI Controller (rev 03) 00:16.0 Communication controller: Intel Corporation Wildcat Point-LP MEI Controller #1 (rev 03) 00:19.0 Ethernet controller: Intel Corporation Ethernet Connection (3) I218-LM (rev 03) 00:1b.0 Audio device: Intel Corporation Wildcat Point-LP High Definition Audio Controller (rev 03) 00:1c.0 PCI bridge: Intel Corporation Wildcat Point-LP PCI Express Root Port #2 (rev e3) 00:1c.1 PCI bridge: Intel Corporation Wildcat Point-LP PCI Express Root Port #3 (rev e3) 00:1c.5 PCI bridge: Intel Corporation Wildcat Point-LP PCI Express Root Port #6 (rev e3) 00:1d.0 USB controller: Intel Corporation Wildcat Point-LP USB EHCI Controller (rev 03) 00:1f.0 ISA bridge: Intel Corporation Wildcat Point-LP LPC Controller (rev 03) 00:1f.3 SMBus: Intel Corporation Wildcat Point-LP SMBus Controller (rev 03) 00:1f.6 Signal processing controller: Intel Corporation Wildcat Point-LP Thermal Management Controller (rev 03) 04:00.0 Network controller: Intel Corporation Wireless 7265 (rev 59) 0a:00.0 SATA controller: Samsung Electronics Co Ltd Device a801 (rev 01) -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
problems to upgrade to 22
Hi, I have some problems to upgrade to 22. Here are the errors: [root@localhost ~]# dnf system-upgrade reboot Error getting authority: Error initializing authority: Error calling StartServiceByName for org.freedesktop.PolicyKit1: GDBus.Error:org.freedesktop.DBus.Error.TimedOut: Activation of org.freedesktop.PolicyKit1 timed out (g-dbus-error-quark, 20) Failed to start reboot.target: Connessione scaduta Traceback (most recent call last): File "/bin/dnf", line 58, in main.user_main(sys.argv[1:], exit_code=True) File "/usr/lib/python2.7/site-packages/dnf/cli/main.py", line 174, in user_main errcode = main(args) File "/usr/lib/python2.7/site-packages/dnf/cli/main.py", line 60, in main return _main(base, args) File "/usr/lib/python2.7/site-packages/dnf/cli/main.py", line 112, in _main cli.run() File "/usr/lib/python2.7/site-packages/dnf/cli/cli.py", line 1091, in run return self.command.run(self.base.extcmds) File "/usr/lib/python2.7/site-packages/dnf-plugins/system_upgrade.py", line 434, in run self._call_sub("run", extcmds) File "/usr/lib/python2.7/site-packages/dnf-plugins/system_upgrade.py", line 442, in _call_sub subfunc(*args) File "/usr/lib/python2.7/site-packages/dnf-plugins/system_upgrade.py", line 541, in run_reboot reboot() File "/usr/lib/python2.7/site-packages/dnf-plugins/system_upgrade.py", line 106, in reboot check_call(["systemctl", "reboot"]) File "/usr/lib/python2.7/subprocess.py", line 540, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '[u'systemctl', u'reboot']' returned non-zero exit status 1 I have also found those in the boot log: [FAILED] Failed to start Authorization Manager. See "systemctl status polkit.service" for details. so that I have typed: [root@localhost ~]# systemctl status polkit.service � polkit.service - Authorization Manager Loaded: loaded (/usr/lib/systemd/system/polkit.service; static; vendor preset: enabled) Active: activating (start) since lun 2016-01-04 12:12:11 CET; 35s ago Docs: man:polkit(8) Main PID: 1562 (polkitd) CGroup: /system.slice/polkit.service └─1562 /usr/lib/polkit-1/polkitd --no-debug Thank u for any help. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: 389 Windows Console
Any thoughts on this please ? - On 20 Dec, 2015, at 16:02, Phil Daws ux...@splatnix.net wrote: > Hello, > > Have now got to the point where it says "Select a certificate to authenticate" > yet the drop down box is empty. > > If I check the NSS database it looks okay ? > > D:\Scratch\firefox_add-certs\bin>certutil.exe -d "c:\Documents and > Settings\pmdaws\.389-console" -L > > Certificate Nickname Trust Attributes > SSL,S/MIME,JAR/XPI > > LAB CA Certificate CT,, > Phil Dawsp,p,p > > Seems as though the console is not picking them up :( > > Thanks, Phil > - On 15 Dec, 2015, at 20:35, Noriko Hosoi nho...@redhat.com wrote: > >> On 12/15/2015 11:40 AM, Phil Daws wrote: >>> Hello, >>> >>> Unfortunately I do not have a console under Fedora/RHEL. >>> >>> I can log into the Administration console fine, but when I click on Server >>> Group, and then double click on the Directory Server it prompts me for the >>> Distinguished name and password. The status is showing as: >>> >>> Server status: Stopped >>> Port: 636 >>> >>> The ports are listening fine: >>> >>> Active Internet connections (only servers) >>> Proto Recv-Q Send-Q Local Address Foreign Address State >>> PID/Program name >>> tcp0 0 0.0.0.0:22 0.0.0.0:* LISTEN >>> 301/sshd >>> tcp0 0 0.0.0.0:98300.0.0.0:* LISTEN >>> 1261/httpd >>> tcp6 0 0 :::22 :::*LISTEN >>> 301/sshd >>> tcp6 0 0 :::636 :::*LISTEN >>> 1196/ns-slapd >>> tcp6 0 0 :::389 :::*LISTEN >>> 1196/ns-slapd >>> >>> So am guessing it's probably due to when I enabled "Secure Connection" in >>> the >>> console :( >>> >>> Any thoughts please ? >> Not sure yet, but did you have a chance to see this section? >> http://www.port389.org/docs/389ds/howto/howto-ssl.html#admin-server-tlsssl-information >>> >>> Thanks, Phil >>> >>> >>> >>> - On 15 Dec, 2015, at 19:01, Noriko Hosoi nho...@redhat.com wrote: >>> On 12/15/2015 09:51 AM, Phil Daws wrote: > Hello, > > I have 389 up and running in my lab, with encryption enabled, but when I > connect > too the Administration panel and double click on the Directory Server it > just > hangs. The CA certificate has been imported using: > > d:\Scratch\firefox_add-certs\bin>certutil -A -d "C:\Documents and > Settings\phild\.389-console" -n "CA Certificate" -t CT,, -i > d:\Downloads\CA-chain.pem -a > > Am I missing something obvious please ? > > Thanks, Phil > > -- > 389 users mailing list > 389-users@%(host_name)s > http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org Administration URL starts with https? If you use Console on Fedora/RHEL, you have no problem? Thanks. -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org >>> -- >>> 389 users mailing list >>> 389-users@%(host_name)s >>> http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org >> -- >> 389 users mailing list >> 389-users@%(host_name)s >> http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org > > -- > 389 users mailing list > 389-users@%(host_name)s > http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
Re: Cannot access my phone storage from fc22
Hi, I know a lot of people mentioned about the cable, the only one that seems to work for me is the cable that came with the phone. I had this same issue before. Keep trying cables until I found one that worked. It is a pain, but it happened in windows too with my father. Regards, Will W. http://code-heads.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
802.11n WIFI speeds
Does Fedora/Linux support the faster than 54 Mbit/sec 802.11n speeds? My OpenWRT AP has a status page that claims that the 5 Ghz radio is configured for a 150 Mbits/sec 40Mhz (double-wide) channel. I'm only seeing a 54 Mbit/sec throughput over WIFI though. (Over ethernet to the same router I'm seeing the expected 180 Mbits/sec to the internet.) This is what lshw(1) has to say about the wifi card: *-network description: Wireless interface product: RTL8821AE 802.11ac PCIe Wireless Network Adapter vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@:03:00.0 logical name: wlp3s0 version: 00 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless configuration: broadcast=yes driver=rtl8821ae driverversion=4.2.8-300.fc23.x86_64 firmware=N/A ip=192.168.75.107 latency=0 link=yes multicast=yes wireless=IEEE 802.11abgn resources: irq:52 ioport:3000(size=256) memory:b200-b2003fff Does this ring any bells? I can easily believe that the faster speeds are proprietary extensions but figured I'd check. -wolfgang -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: CentOS 7: unable to create AdmldapInfo
> On Jan 4, 2016, at 07:53, Rich Megginsonwrote: > > We'll need to know what platform/version you are upgrading from, because > there is not supposed to be a missing log directory, and the SELinux labels > are already supposed to be provided. In order for us to fix this issue, we > need to know how to reproduce it. I’m not going to be able to figure out the previous version, but it turns out it doesn’t matter. I have a “Blow It Away And Start Over” script[1], and going through that process has been illuminating. The delete and install section for CentOS 7 is relevant for the two possible bug write ups: ``` (case statement separating CentOS 6 and CentOS 7) 7) systemctl stop dirsrv.target systemctl stop dirsrv-admin yum -y remove \ 389-ds-base \ 389-ds-base-libs \ 389-admin \ 389-adminutil selinuxenabled \ && semanage port \ --delete \ --proto tcp \ 9830 rm -rf /etc/dirsrv \ /usr/lib64/dirsrv \ /var/lib/dirsrv \ /var/log/dirsrv \ /var/run/dirsrv yum -y install \ 389-ds-base \ 389-ds-base-libs \ 389-admin \ 389-adminutil if [ ! -d /var/log/dirsrv/admin-serv ] then mkdir -p /var/log/dirsrv/admin-serv fi # Open the port for the httpd running the admin server. selinuxenabled \ && semanage port \ --add \ --type http_port_t \ --proto tcp \ 9830 ;; esac /usr/sbin/setup-ds-admin.pl --file=${df_389ds_setup} --silent ``` When I run the script with `set -x`, I see the test for the absence of the admin-serv log directory return true and the directory gets created. Also, the `semanage port —add` returns without error, particularly without the error telling me that port 9830 has already been added. I have not tried the directory and semanage tests *after* setup-ds-admin.pl. If the directory and the port setup are handled in the script, I’m just catching the changes early. Now, on to my original problem, which still appears. First, some `cn=config` setting changes in my “BIAASO" script: ``` dn: cn=config changetype: modify replace: passwordStorageScheme passwordStorageScheme: SSHA256 - replace: nsslapd-security nsslapd-security: on - replace: nsslapd-ssl-check-hostname nsslapd-ssl-check-hostname: off - replace: nsslapd-certdir nsslapd-certdir: ${d_nssdb} - replace: nsslapd-allow-anonymous-access nsslapd-allow-anonymous-access: off - replace: nsslapd-require-secure-binds nsslapd-require-secure-binds: on - replace: nsslapd-listenhost nsslapd-listenhost: 127.0.0.1 - replace: nsslapd-securelistenhost nsslapd-securelistenhost: $(hostname -f) ``` So, I edit `/etc/dirsrv/admin-serv/adm.conf` to change `ldapurl: ldaps://$(hostname -f):636/o=NetscapeRoot`. Now, I can get to http://localhost:9830, and log in with the admin user and password. I click through to get to the “Start Config DS” button. Once I click on that, I get a “StartConfigDS Error, your request could not be fulfilled.” And, my slapd access log shows this (with some obfuscation): ``` [04/Jan/2016:19:15:53 -0800] conn=6 fd=65 slot=65 SSL connection from ${correct_ip} to ${correct_ip} [04/Jan/2016:19:15:53 -0800] conn=6 TLS1.2 256-bit AES [04/Jan/2016:19:15:53 -0800] conn=6 op=0 BIND dn="cn=admin-serv-$(hostname -s),cn=389 Administration Server,cn=Server Group,cn=$(hostname -f),ou=$(hostname -d),o=NetscapeRoot" method=128 version=3 [04/Jan/2016:19:15:53 -0800] conn=6 op=0 RESULT err=48 tag=97 nentries=0 etime=0 [04/Jan/2016:19:15:53 -0800] conn=6 op=1 UNPROCESSED OPERATION - Anonymous access not allowed [04/Jan/2016:19:15:53 -0800] conn=6 op=1 RESULT err=48 tag=101 nentries=0 etime=0 [04/Jan/2016:19:15:53 -0800] conn=6 op=2 UNBIND [04/Jan/2016:19:15:53 -0800] conn=6 op=2 fd=65 closed - U1 ``` Now, the contents of `adm.conf`, again with some obfuscation: ``` # cat /etc/dirsrv/admin-serv/adm.conf AdminDomain: $(hostname -d) sysuser: nobody isie: cn=389 Administration Server,cn=Server Group,cn=$(hostname -f),ou=$(hostname -d),o=NetscapeRoot SuiteSpotGroup: nobody sysgroup: nobody userdn: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot ldapStart: /usr/lib64/dirsrv/slapd-${instance}/start-slapd ldapurl: ldaps://$(hostname -f):636/o=NetscapeRoot SuiteSpotUserID: nobody sie: cn=admin-serv-$(hostname -s),cn=389 Administration Server,cn=Server Group,cn=$(hostname -f),ou=$(hostname -d),o=NetscapeRoot ``` So, my questions at this point: - Why is the `sie` value being used as the BIND DN, and not the `userdn` value? - How do I provide a password to `cn=admin-serv-$(hostname -s)`? Is it the same password as the admin user? - Or, how do I tell the Admin Server to use the `userdn` and (presumably) the password in `admpw`? - More generally, if I’m going to require that every BIND be authenticated, how do I set up the `adm.conf` file to specify that? (Did I miss a wiki page, somewhere? Wouldn’t surprise me…) Thanks!
Re: 802.11n WIFI speeds
how due you calculate throughput? i have a wireless config for 54 Mbit/sec but never measured... On Mon, Jan 4, 2016 at 4:30 PM, Wolfgang S. Rupprecht < wolfgang.ruppre...@gmail.com> wrote: > > Does Fedora/Linux support the faster than 54 Mbit/sec 802.11n speeds? > > My OpenWRT AP has a status page that claims that the 5 Ghz radio is > configured for a 150 Mbits/sec 40Mhz (double-wide) channel. I'm only > seeing a 54 Mbit/sec throughput over WIFI though. (Over ethernet to the > same router I'm seeing the expected 180 Mbits/sec to the internet.) > > This is what lshw(1) has to say about the wifi card: > > *-network > description: Wireless interface > product: RTL8821AE 802.11ac PCIe Wireless Network Adapter > vendor: Realtek Semiconductor Co., Ltd. > physical id: 0 > bus info: pci@:03:00.0 > logical name: wlp3s0 > version: 00 > width: 64 bits > clock: 33MHz > capabilities: pm msi pciexpress bus_master cap_list > ethernet physical wireless > configuration: broadcast=yes driver=rtl8821ae > driverversion=4.2.8-300.fc23.x86_64 firmware=N/A ip=192.168.75.107 > latency=0 link=yes multicast=yes wireless=IEEE 802.11abgn > resources: irq:52 ioport:3000(size=256) > memory:b200-b2003fff > > Does this ring any bells? I can easily believe that the faster speeds > are proprietary extensions but figured I'd check. > > -wolfgang > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org > -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
https://lists.fedoraproject.org/pipermail/ for devel and test: archives not actual
Hi, anybody knows why the mailing list archives for devel and test are not up-to-date? (https://lists.fedoraproject.org/pipermail/devel resp. https://lists.fedoraproject.org/pipermail/test). In both archives, the last month entries are november 2015 entries! NB: The users archives are up-to-date! Kind regards Joachim Backes -- Fedora release 23 (Twenty Three) Kernel-4.2.8-300.fc23.x86_64 Joachim Backeshttp://www-user.rhrk.uni-kl.de/~backes/ -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: problems to upgrade to 22
On Jan 4, 2016 1:09 PM, "Frank White"wrote: > > Hi, > I have some problems to upgrade to 22. > Here are the errors: > > [root@localhost ~]# dnf system-upgrade reboot > [...] I think you need to use fedup, not dnf, to upgrade from F21 to F22. Andras -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Cannot access my phone storage from fc22
Allegedly, on or about 04 January 2016, Will W sent: > I know a lot of people mentioned about the cable, the only one that > seems to work for me is the cable that came with the phone. With something like that, it makes me wonder whether there's a problem with the contacts in the phone's socket, and some cables just make poor connections. -- [tim@localhost ~]$ uname -rsvp Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64 Boilerplate: All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I only get to see the messages posted to the mailing list. I'd just like to say that vinyl record crackles and pops are far less annoying than digigigigital mu-u-u-u-usic hiccicicicups and yooo-u tu-be ... pauses. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: https://lists.fedoraproject.org/pipermail/ for devel and test: archives not actual
On 01/04/16 22:27, Joachim Backes wrote: > Hi, > > anybody knows why the mailing list archives for devel and test are not > up-to-date? > (https://lists.fedoraproject.org/pipermail/devel resp. > https://lists.fedoraproject.org/pipermail/test). In both archives, the last > month > entries are november 2015 entries! > > NB: The users archives are up-to-date! > > Kind regards > > Joachim Backes > Because those lists have been migrated to an updated mailman. https://lists.fedoraproject.org/archives/list/test%40lists.fedoraproject.org/ is the archives for the test list. -- In reality, some people should stick to running Windows and others should stay away from computers altogether. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: https://lists.fedoraproject.org/pipermail/ for devel and test: archives not actual
On 04.01.2016 15:48, Ed Greshko wrote: On 01/04/16 22:27, Joachim Backes wrote: Hi, anybody knows why the mailing list archives for devel and test are not up-to-date? (https://lists.fedoraproject.org/pipermail/devel resp. https://lists.fedoraproject.org/pipermail/test). In both archives, the last month entries are november 2015 entries! NB: The users archives are up-to-date! Kind regards Joachim Backes Because those lists have been migrated to an updated mailman. https://lists.fedoraproject.org/archives/list/test%40lists.fedoraproject.org/ is the archives for the test list. Thanks, works for me! JB -- Fedora release 23 (Twenty Three) Kernel-4.2.8-300.fc23.x86_64 Joachim Backeshttp://www-user.rhrk.uni-kl.de/~backes/ -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: 389 Windows Console
On 01/04/2016 09:23 AM, Phil Daws wrote: Hello Rich, Have ran in debug mode and connected to the admin interface which has been secured with a cert: {SUBJECT_DN=CN=ads01-admin.lab, SUBJECT={CN=ads01-admin}, SERIAL=8741097289627376099, AFTERDATE=Tue Dec 19 14:05:35 2017, ISSUER={CN=LAB-CA, O=LAB, C=GB}, SIGNATURE=SHA256withRSA, BEFOREDATE=Sun Dec 20 14:05:35 2015, KEYTYPE=RSA, REASONS={}, VERSION=3, ISSUER_DN=C=GB, O=LAB, CN=LAB-CA} JButtonFactory: button width = 54 JButtonFactory: button height = 20 JButtonFactory: button width = 54 JButtonFactory: button height = 20 JButtonFactory: button width = 72 JButtonFactory: button height = 20 JButtonFactory: button width = 72 JButtonFactory: button height = 20 JButtonFactory: button width = 54 JButtonFactory: button height = 20 JButtonFactory: button width = 72 HttpsChannel::select(...) - SELECT CERTIFICATE Unable to create ssl socket org.mozilla.jss.ssl.SSLSocketException: SSL_ForceHandshake failed: (-8186) security library: invalid algorithm. at org.mozilla.jss.ssl.SSLSocket.forceHandshake(Native Method) at com.netscape.management.client.comm.HttpsChannel.open(Unknown Source) at com.netscape.management.client.comm.CommManager.send(Unknown Source) at com.netscape.management.client.comm.HttpManager.get(Unknown Source) at com.netscape.management.client.console.Console.invoke_task(Unknown Source) at com.netscape.management.client.console.Console.authenticate_user(Unknown Source) at com.netscape.management.client.console.Console.(Unknown Source) at com.netscape.management.client.console.Console.main(Unknown Source) So it accepts the admin certificate fine but then shows an empty selection box for a certificate ? Not sure what it means by "invalid algorithm" but it looks as though that is the root cause. The console doesn't know what to do with that error, so it asks you to select another cert, which is just a distraction at that point. Please open a ticket. Thanks, Phil - On 4 Jan, 2016, at 15:50, Rich Megginson rmegg...@redhat.com wrote: On 01/04/2016 01:11 AM, Phil Daws wrote: Any thoughts on this please ? - On 20 Dec, 2015, at 16:02, Phil Daws ux...@splatnix.net wrote: Hello, Have now got to the point where it says "Select a certificate to authenticate" yet the drop down box is empty. Can you run the console with -D 9 -f console.log, then check console.log to remove any sensitive information, then post that to this list? The easiest way to do this is to make a copy of the .bat file that runs the console, then add those arguments to the command line in the copy of the .bat file. I'm assuming you have not configured the admin server/directory server to require client cert authentication. If you don't know, then you probably haven't. If I check the NSS database it looks okay ? D:\Scratch\firefox_add-certs\bin>certutil.exe -d "c:\Documents and Settings\pmdaws\.389-console" -L Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI LAB CA Certificate CT,, Phil Dawsp,p,p Seems as though the console is not picking them up :( Thanks, Phil - On 15 Dec, 2015, at 20:35, Noriko Hosoi nho...@redhat.com wrote: On 12/15/2015 11:40 AM, Phil Daws wrote: Hello, Unfortunately I do not have a console under Fedora/RHEL. I can log into the Administration console fine, but when I click on Server Group, and then double click on the Directory Server it prompts me for the Distinguished name and password. The status is showing as: Server status: Stopped Port: 636 The ports are listening fine: Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp0 0 0.0.0.0:22 0.0.0.0:* LISTEN 301/sshd tcp0 0 0.0.0.0:98300.0.0.0:* LISTEN 1261/httpd tcp6 0 0 :::22 :::*LISTEN 301/sshd tcp6 0 0 :::636 :::*LISTEN 1196/ns-slapd tcp6 0 0 :::389 :::*LISTEN 1196/ns-slapd So am guessing it's probably due to when I enabled "Secure Connection" in the console :( Any thoughts please ? Not sure yet, but did you have a chance to see this section? http://www.port389.org/docs/389ds/howto/howto-ssl.html#admin-server-tlsssl-information Thanks, Phil - On 15 Dec, 2015, at 19:01, Noriko Hosoi nho...@redhat.com wrote: On 12/15/2015 09:51 AM, Phil Daws wrote: Hello, I have 389 up and running in my lab, with encryption enabled, but when I connect too the Administration panel and double click on the Directory Server it just hangs. The CA certificate has been imported using:
Re: problems to upgrade to 22
On 01/04/2016 09:05 AM, Frank White wrote: # rpm -qa | grep fc21 | wc -l says that I have 1354 packages that are till to fedora 21.. Fedora is not in the practice of rebuilding unchanged packages just to give them a new distro number. You might try package-cleanup --dupes to make sure that all of the old packages got properly tidied up. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: 389 Windows Console
- On 4 Jan, 2016, at 16:45, Rich Megginson rmegg...@redhat.com wrote: > On 01/04/2016 09:23 AM, Phil Daws wrote: >> Hello Rich, >> >> Have ran in debug mode and connected to the admin interface which has been >> secured with a cert: >> >> {SUBJECT_DN=CN=ads01-admin.lab, SUBJECT={CN=ads01-admin}, >> SERIAL=8741097289627376099, AFTERDATE=Tue Dec 19 14:05:35 2017, >> ISSUER={CN=LAB-CA, O=LAB, C=GB}, SIGNATURE=SHA256withRSA, BEFOREDATE=Sun Dec >> 20 >> 14:05:35 2015, KEYTYPE=RSA, REASONS={}, VERSION=3, ISSUER_DN=C=GB, O=LAB, >> CN=LAB-CA} >> JButtonFactory: button width = 54 >> JButtonFactory: button height = 20 >> JButtonFactory: button width = 54 >> JButtonFactory: button height = 20 >> JButtonFactory: button width = 72 >> JButtonFactory: button height = 20 >> JButtonFactory: button width = 72 >> JButtonFactory: button height = 20 >> JButtonFactory: button width = 54 >> JButtonFactory: button height = 20 >> JButtonFactory: button width = 72 >> HttpsChannel::select(...) - SELECT CERTIFICATE >> Unable to create ssl socket >> org.mozilla.jss.ssl.SSLSocketException: SSL_ForceHandshake failed: (-8186) >> security library: invalid algorithm. >> at org.mozilla.jss.ssl.SSLSocket.forceHandshake(Native Method) >> at com.netscape.management.client.comm.HttpsChannel.open(Unknown Source) >> at com.netscape.management.client.comm.CommManager.send(Unknown Source) >> at com.netscape.management.client.comm.HttpManager.get(Unknown Source) >> at com.netscape.management.client.console.Console.invoke_task(Unknown >> Source) >> at >> com.netscape.management.client.console.Console.authenticate_user(Unknown >> Source) >> at com.netscape.management.client.console.Console.(Unknown Source) >> at com.netscape.management.client.console.Console.main(Unknown Source) >> >> So it accepts the admin certificate fine but then shows an empty selection >> box >> for a certificate ? > > Not sure what it means by "invalid algorithm" but it looks as though > that is the root cause. The console doesn't know what to do with that > error, so it asks you to select another cert, which is just a > distraction at that point. Please open a ticket. Hmm, but that "invalid algorithm" message only appeared when I clicked on continue with no certificate showing in the selection dropdown list. The admin certificate was accepted fine and then it showed the empty selection list. > > > >> >> Thanks, Phil >> >> - On 4 Jan, 2016, at 15:50, Rich Megginson rmegg...@redhat.com wrote: >> >>> On 01/04/2016 01:11 AM, Phil Daws wrote: Any thoughts on this please ? - On 20 Dec, 2015, at 16:02, Phil Daws ux...@splatnix.net wrote: > Hello, > > Have now got to the point where it says "Select a certificate to > authenticate" > yet the drop down box is empty. >>> Can you run the console with -D 9 -f console.log, then check console.log >>> to remove any sensitive information, then post that to this list? The >>> easiest way to do this is to make a copy of the .bat file that runs the >>> console, then add those arguments to the command line in the copy of the >>> .bat file. >>> >>> I'm assuming you have not configured the admin server/directory server >>> to require client cert authentication. If you don't know, then you >>> probably haven't. >>> > If I check the NSS database it looks okay ? > > D:\Scratch\firefox_add-certs\bin>certutil.exe -d "c:\Documents and > Settings\pmdaws\.389-console" -L > > Certificate Nickname Trust > Attributes > > SSL,S/MIME,JAR/XPI > > LAB CA Certificate CT,, > Phil Dawsp,p,p > > Seems as though the console is not picking them up :( > > Thanks, Phil > - On 15 Dec, 2015, at 20:35, Noriko Hosoi nho...@redhat.com wrote: > >> On 12/15/2015 11:40 AM, Phil Daws wrote: >>> Hello, >>> >>> Unfortunately I do not have a console under Fedora/RHEL. >>> >>> I can log into the Administration console fine, but when I click on >>> Server >>> Group, and then double click on the Directory Server it prompts me for >>> the >>> Distinguished name and password. The status is showing as: >>> >>> Server status: Stopped >>> Port: 636 >>> >>> The ports are listening fine: >>> >>> Active Internet connections (only servers) >>> Proto Recv-Q Send-Q Local Address Foreign Address >>> State >>> PID/Program name >>> tcp0 0 0.0.0.0:22 0.0.0.0:* >>> LISTEN >>> 301/sshd >>> tcp0 0 0.0.0.0:98300.0.0.0:* >>> LISTEN >>> 1261/httpd >>> tcp6 0 0 :::22 :::*
Re: problems to upgrade to 22
Oh thank u joe, now with --cleandupes argument some problems are solved. 2016-01-04 18:14 GMT+01:00 Joe Zeff: > On 01/04/2016 09:05 AM, Frank White wrote: > >> # rpm -qa | grep fc21 | wc -l >> says that I have 1354 packages that are till to fedora 21.. >> > > Fedora is not in the practice of rebuilding unchanged packages just to > give them a new distro number. > > You might try package-cleanup --dupes to make sure that all of the old > packages got properly tidied up. > > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org > -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: problems to upgrade to 22
fedup says that the system is updated... I mean "need a --releasever greater than the current system version". I have used **fedup --network 22** to upgrade the system If I use **dnf distro-sync** it says nothing to do.. then it looks updated.. but a # rpm -qa | grep fc21 | wc -l says that I have 1354 packages that are till to fedora 21.. and also # dnf update says I am ok.. and **dnf repolist** says that all repos are at f22.. ciao luigi 2016-01-04 14:24 GMT+01:00 Andras Simon: > > On Jan 4, 2016 1:09 PM, "Frank White" wrote: > > > > Hi, > > I have some problems to upgrade to 22. > > Here are the errors: > > > > [root@localhost ~]# dnf system-upgrade reboot > > > [...] > > I think you need to use fedup, not dnf, to upgrade from F21 to F22. > > Andras > > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org > > -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org