Re: how to automatically clean /tmp
On Wed, 2016-01-27 at 15:06 -0500, Jon LaBadie wrote: > I don't think you can reserve a partition for the use of a tmpfs. You don't. You mount a tmpfs on top of a directory. Once mounted, any attempt to access that directory goes into the temporary file system that you mounted there. Any files that were in the directory become inaccessible. > > If you want to use your partition as /tmp but have it cleaned out at > boot, check the manpage for tmpfiles.d There are some advantages to persistent /tmp files (such as if debugging information stays in there until you've used it). The old idea, when it worked, was to leave files in there and delete them a few days after they were created, or a few days since they were last read (using a cron job, to automate that). Though waiting for a few days of them not being read could last forever, in some cases. You only have to open the /tmp directory in a file browser, and the filebrowser will look into each file to see what they are, and that means that they've been "read". Likewise for anything else that scans the directory tree, and goes through /tmp. -- tim@localhost ~]$ uname -rsvp Linux 3.19.8-100.fc20.i686 #1 SMP Tue May 12 17:42:35 UTC 2015 i686 All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I will only read messages posted to the public lists. George Orwell's '1984' was supposed to be a warning against tyranny, not a set of instructions for supposedly democratic governments. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: cdrdao and gcdmaster
On 27 January 2016 at 00:05, jd1008wrote: > > > On 01/26/2016 04:59 PM, Ian Malone wrote: >> >> On 26 January 2016 at 21:05, jd1008 wrote: >>> >>> Have cdrdao-1.2.3-23.fc22.x86_64 installed, but no gcdmaster available. >>> Does anyone know of whereabouts of it? >>> dnf says no match for gcdmaster. >>> >> Looks gone, merged into cdrdao, >> >> http://pkgs.fedoraproject.org/cgit/rpms/gcdmaster.git/ >> >> Then removed and obsoleted due to dependencies: >> >> http://pkgs.fedoraproject.org/cgit/rpms/cdrdao.git/log/ >> >> Think F15 must have been the last release that had it. >> > Alas, your finding are like mine. > The problem with building from fc15 is that it requires (per the configure > file) > something like LIBGUIMM2 > which google fails to find. > gnomeuimm, also seems to be long-deprecated, to the point I can't actually find documentation for it either. gtk3mm may be the replacement. Would guess it'd be necessary to port it to get it to work as this stage. Why gcdmaster in particular? Reading toc files? -- imalone http://ibmalone.blogspot.co.uk -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: Can't access 398-ds Java console over https
Further update: SSL is working fine it's just the console not playing ball over SSL for some reason. I've been using LDAP Admin (http://www.ldapadmin.org/) as an alternative front end which works fine. I am still in a bit of a bind (no pun intended) as I don't have the original admin user setup on the LDAP server by the previous admin and only documentation I've found points to needing to do this via the console. Can't use LDAP Admin as the entry is not stored within LDAP itself. I need this password to setup replication so could do with getting the password reset via another means if possible. -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
[389-users] Re: Crash logs
On Wed, 2016-01-27 at 23:29 +0200, Todor Petkov wrote: > > > > > You might have hit a nss-softokn - processor mismatch issue. Could > > you > > please try this workaround? > > > > We would like to know setting the following environment variable(s) > > changes the behavior. > > 1) > > Open /etc/sysconfig/dirsrv and add the following line: > > export NSS_DISABLE_HW_GCM=1 > > Restart the Directory Server. > > Does the LDAP/TLS request crash the server? > > 2) > > If the server still crashes, add another variable to > > /etc/sysconfig/dirsrv: > > export NSS_DISABLE_HW_AES=1 > > Restart the Directory Server. > > Does the LDAP/TLS request crash the server? > > > Hello, > the first variable is set. Unfortunately I can not reproduce the > request, since I do not know it;( > > Regards, It looks like it just a client connection that is using AES GCM, it hasn't got to process the ldap request yet. I think that the following should work: openssl s_client -connect LDAPHOSTNAME:636 -cipher ECDHE-RSA-AES256- GCM-SHA384 Should be able to reproduce it. Else, you can wait patiently for the crash to happen again. Perhaps try unsetting the variables Noriko mentioned, test that the openssl command does indeed cause a crash, then re-apply the environment variables to see if that prevents it? -- Sincerely, William Brown Software Engineer Red Hat, Brisbane signature.asc Description: This is a digitally signed message part -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
Re: ssh colors vs. bash colors
On 01/27/2016 06:58 PM, Dennis Jacobfeuerborn wrote: Hi, I noticed that when I ssh into a CentOS 7 Host I get slightly darker colors in the ls output compared to the local (gnome-terminal) bash. Since I'm using a dark background the darker blue used for directories for example on the remote host is harder to read then the slightly brighter blue used on the local system. Does anyone have an idea why the colors are different and how to change that? Type "env" to see your environment variables: one of them is LS_COLORS. I'm guessing they are different on the two machines. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: ssh colors vs. bash colors
On 01/28/16 10:58, Dennis Jacobfeuerborn wrote: > Hi, > I noticed that when I ssh into a CentOS 7 Host I get slightly darker > colors in the ls output compared to the local (gnome-terminal) bash. > Since I'm using a dark background the darker blue used for directories > for example on the remote host is harder to read then the slightly > brighter blue used on the local system. > Does anyone have an idea why the colors are different and how to change > that? > You should have an environment variable of LS_COLORS. Check for differences or simply take the settings from the system you prefer and set it in the other system. Normally, you'd put that in your .bashrc if your using bash as your shell. -- In reality, some people should stick to running Windows and others should stay away from computers altogether. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
ssh colors vs. bash colors
Hi, I noticed that when I ssh into a CentOS 7 Host I get slightly darker colors in the ls output compared to the local (gnome-terminal) bash. Since I'm using a dark background the darker blue used for directories for example on the remote host is harder to read then the slightly brighter blue used on the local system. Does anyone have an idea why the colors are different and how to change that? Regards, Dennis -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: cdrdao and gcdmaster
On 01/27/2016 04:40 PM, Ian Malone wrote: On 27 January 2016 at 00:05, jd1008wrote: On 01/26/2016 04:59 PM, Ian Malone wrote: On 26 January 2016 at 21:05, jd1008 wrote: Have cdrdao-1.2.3-23.fc22.x86_64 installed, but no gcdmaster available. Does anyone know of whereabouts of it? dnf says no match for gcdmaster. Looks gone, merged into cdrdao, http://pkgs.fedoraproject.org/cgit/rpms/gcdmaster.git/ Then removed and obsoleted due to dependencies: http://pkgs.fedoraproject.org/cgit/rpms/cdrdao.git/log/ Think F15 must have been the last release that had it. Alas, your finding are like mine. The problem with building from fc15 is that it requires (per the configure file) something like LIBGUIMM2 which google fails to find. gnomeuimm, also seems to be long-deprecated, to the point I can't actually find documentation for it either. gtk3mm may be the replacement. Would guess it'd be necessary to port it to get it to work as this stage. Why gcdmaster in particular? Reading toc files? gcdmaster was also used to create CD text to be included in audio cd burner command args. That is the primary reason wanted the old versions of cdrdao, which used to include gcdmaster. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: selinux??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/23/2016 09:52 AM, bruce wrote: > Hi. > > In testing out creating/setting up remote droplets on digital > ocean/fed (centos), I realize that it should be secured as > much/tightly as possible. However, I also realize that if I screw > something up, I could have an instance that has issues. I'm not a > sys admin, and not trying to be one. > > So, here's my question. If I'm going to be spinning up/down an > instance, could I simply disable selinux? For my scenario, I'll be > creating a base instance, with the required apps/processes, and > then using that base instance for any testing droplets I need to > create, to test my apps. > > So, if I create an instance, spin it up, fire off my tests on the > instance, run everything for a few hours, and then shut it off, > would that be "reasonably safe/secure"? > > My testing apps are a mix of python/php/perl/shell scripts, there's > no web stuff as of yet. Although, there will be dns/nfs/mysql > functionality. > > Thanks for thoughts.. > Sorry I'm late to the thread. Bruce, I'd love your opinion on the "SELinux for Mere Mortals" talk from Red Hat Summit: https://www.youtube.com/watch?v=MxjenQ31b70 Disclaimer: it's a video of me, and I work for Red Hat. I've gotten a lot of positive feedback on the video, and I hope that it will make your decision easier. It's only about an hour, and pretty much everyone who has watched it has said they'd use SELinux after watching it. I am clearly biased, but I would not run any internet-facing system without SELinux turned on. Heck, I don't run *any* system without it. I hope this helps! Thomas -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlao730ACgkQmzle50YHwaA4QgCfb3fp0uFady5EGd0WG/867tYs aM4AoK3QlegFtyVxc3VARtPe4h6Ctx7j =z6vI -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: mp3 rhythmbox
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/20/2016 03:01 PM, Karagkiaouris diamantis wrote: > Hello, > > I am not able to play mp3 file on Rhythmbox with Fedora 23 XFCE. I > have installed all drpm from RPM Fusion but for some reason i > cannot play mp3 with rhythmbox. The do not show up also in Musik > library under Rhythmbox, even if i enable the automatically import > from settings. > > Thank you! Diamantis I built this list of stuff to install from several other sites. It seems to make pretty much everything work for me on Fedora. I initially did this for F19, but it's worked for every distro from 19 through 23: http://www.camerontech.com/f19setup.html Thomas -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlao69oACgkQmzle50YHwaBdagCgynsP/I1uOj4zz4OlzuYXW7Vb 2f8An3GsMbLvEaG7c+3EbuX1Rlel3tZd =+Mgw -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Thunderbird doesn't accept password/username
Hi, Before the community sighing begins. Yes I've double, triple and quadruple checked that the setting to the server are correct. And googled umpteen hits starting with Account can not be verified - most of them telling me GMail changed their login routine ... No, it's not a Gmail account, it's a regular mail server. Yes, other clients (Evolution, KMail) are able to connect and yes I've tried accessing my mail account through webmail. I still get "Account can not be verified - are you sure your username or password are correct" in Thunderbird. Any ideas before I apply to the loony bin? /Martin S -- This address is for technical mail lists only.For all other matters, please use my main addressat the .org domain.-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Thunderbird doesn't accept password/username
On 01/28/16 15:48, Martin Skjöldebrand wrote: > Before the community sighing begins. > Yes I've double, triple and quadruple checked that the setting to the server > are correct. > And googled umpteen hits starting with Account can not be verified - most of > them > telling me GMail changed their login routine ... > No, it's not a Gmail account, it's a regular mail server. > Yes, other clients (Evolution, KMail) are able to connect and yes I've tried > accessing > my mail account through webmail. > > I still get "Account can not be verified - are you sure your username or > password are > correct" in Thunderbird. > > Any ideas before I apply to the loony bin? You're talking about a connection to read your email as opposed to sending, correct? IMAP or POP3? And what do you have set for "Connection Security" and "Authentication Method"? -- In reality, some people should stick to running Windows and others should stay away from computers altogether. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: Crash logs
On 1/27/2016 9:18 PM, Mark Reynolds wrote: > No problem. I tried to send the stack trace as attachment, and the mailing list software informed me that the message is currently pending approval. Thanks again for the fast answers. Regards, -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
[389-users] Re: Crash logs
On 01/27/2016 02:09 PM, Todor Petkov wrote: On 1/27/2016 4:00 PM, Mark Reynolds wrote: On 01/27/2016 02:44 AM, Todor Petkov wrote: Hello, few weeks ago I posted that I am experiencing crashes of the ldap server and I was advised how to collect the logs. I have managed to collect them, the file is around 120k, where do I have to post it? Do you mean stack traces? If you have stack traces just paste them into the email. I don't think error/access logs alone will provide any useful information without a stacktrace. Hello, I have stack traces, gathered by following http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-crashes I can not find any sensitive data, which has to be removed, but I see some lines like: "hash = "\177\000\000\000|\000\000" Is there anything 'hidden' as hex/decimal? There shouldn't be. Thanks in advance and sorry for the lame questions. No problem. -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
[389-users] Re: Crash logs
On 1/27/2016 4:00 PM, Mark Reynolds wrote: > > > On 01/27/2016 02:44 AM, Todor Petkov wrote: >> Hello, >> >> few weeks ago I posted that I am experiencing crashes of the ldap >> server and I was advised how to collect the logs. I have managed to >> collect them, the file is around 120k, where do I have to post it? > Do you mean stack traces? If you have stack traces just paste them into > the email. I don't think error/access logs alone will provide any > useful information without a stacktrace. Hello, I have stack traces, gathered by following http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-crashes I can not find any sensitive data, which has to be removed, but I see some lines like: "hash = "\177\000\000\000|\000\000" Is there anything 'hidden' as hex/decimal? Thanks in advance and sorry for the lame questions. -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
how to automatically clean /tmp
Dear Linux Experts, I've recently passed from Fedora 20 to Fedora 23 on my laptop. I've a separate partition for /tmp that I'm used to see it wiped out at any reboot on my previous installation but now this is never wiped out. This is a real partition: /dev/sda10 5029504 1154204 3596772 25% /tmp whereas previously it was a tmpfs partition. I've read on the web that after Fedora 20 the tmpfs has been dropped in favor of real partition but I was expecting anacron/cron entry that wipe the content of the partition at boot but my system doesn't have any. It is also difficult to create my own anacron/cron entry because this should take effect before the system starts and create its temp files/sockets in there. I'm also puzzled because I also have a couple of tmpfs partitions: tmpfs1633640 0 1633640 0% /run/user/989 tmpfs163364016 1633624 1% /run/user/526 that I don't what they are for and if I can (and how) rid of them. Probably I could add an entry like this tmpfs /tmptmpfs rw,seclabel 0 0 in /etc/fstab but this would means a waste of the space I currently have reserved for /tmp (4Gb not much but I would prefer to use them). So there is a way to wipe out the /tmp partition before it has been mounted and the system creates its files and use the current partition for it? Thank you Walter -- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
GNOME Extensions for time/date and autologin
Hi all, Does anyone know of a GNOME extension (fedora23 desktop) to control the date/time in the top menubar thing to change it to 12-hr time instead of 24-hr? Is an extension even necessary for that, or am I missing some other ability to control that? Is there an extension that enables autologin? I'd like to save my password and have it login automatically, since it's only my desktop with no other users. Any other extensions you think are really useful you might recommend? Thanks, Alex -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: Crash logs
On 1/27/2016 9:35 PM, Mark Reynolds wrote: > A single stack trace is not that large, you could paste it in the email. Actually it's around 100k (2000 lines). I put it on pastebin, http://pastebin.com/5AePWyRm Thanks -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
Re: mp3 rhythmbox
On 01/27/2016 11:10 AM, Thomas Cameron wrote: > I built this list of stuff to install from several other sites. It > seems to make pretty much everything work for me on Fedora. I > initially did this for F19, but it's worked for every distro from 19 > through 23: > > http://www.camerontech.com/f19setup.html 1) shouldn't yum-fastestmirror be yum-plugin-fastestmirror? 2) I didn't know that Google had released a 64 bit chrome. Is there a 64 bit repo for it so it will update automatically? Thanks for sharing such a comprehensive list! > Thomas -- Kevin J. Cummings kjch...@verizon.net cummi...@kjchome.homeip.net cummi...@kjc386.framingham.ma.us Registered Linux User #1232 (http://www.linuxcounter.net/) -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: how to automatically clean /tmp
On Wed, Jan 27, 2016 at 08:29:57PM +0100, Walter Cazzola wrote: > Dear Linux Experts, > > I've recently passed from Fedora 20 to Fedora 23 on my laptop. > > I've a separate partition for /tmp that I'm used to see it wiped out at > any reboot on my previous installation but now this is never wiped out. > > This is a real partition: > > /dev/sda10 5029504 1154204 3596772 25% /tmp > > whereas previously it was a tmpfs partition. I've read on the web that > after Fedora 20 the tmpfs has been dropped in favor of real partition > but I was expecting anacron/cron entry that wipe the content of the > partition at boot but my system doesn't have any. > > It is also difficult to create my own anacron/cron entry because this > should take effect before the system starts and create its temp > files/sockets in there. > > I'm also puzzled because I also have a couple of tmpfs partitions: > > tmpfs1633640 0 1633640 0% /run/user/989 > tmpfs163364016 1633624 1% /run/user/526 > > that I don't what they are for and if I can (and how) rid of them. > > Probably I could add an entry like this > tmpfs /tmptmpfs rw,seclabel 0 0 > > in /etc/fstab but this would means a waste of the space I currently have > reserved for /tmp (4Gb not much but I would prefer to use them). > > So there is a way to wipe out the /tmp partition before it has been > mounted and the system creates its files and use the current partition > for it? Couple of points. I don't think you can reserve a partition for the use of a tmpfs. It uses your RAM memory and swap space instead. You could add /dev/sda10 as another swap partition. Then perhaps add the fstab entry. However, I think systemd has a way mount /tmp as a tmpfs without having an fstab entry. If you want to use your partition as /tmp but have it cleaned out at boot, check the manpage for tmpfiles.d Jon -- Jon H. LaBadie jo...@jgcomp.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: how to automatically clean /tmp
On 01/27/2016 11:29 AM, Walter Cazzola wrote: I've a separate partition for /tmp that I'm used to see it wiped out at any reboot on my previous installation but now this is never wiped out. That's the expected behavior. If you specify a partition during install, it will be used. If you use the default layout, you'll get tmp on tmpfs. There's no active wiping involved, either way. tmpfs simply isn't persistent. If you'd like to use tmpfs now, you can "systemctl enable tmp.mount" and comment out the /tmp item you currently have in fstab. When you reboot, you should have /tmp mounted as tmpfs. Once you've done that, you can remove the partition or LV that you're using for /tmp now. Then you can resize another LV to use the free space or, if you're not using LVM, try to figure out how to do something useful with the space. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: installing via VNC over ipv6
On 01/26/2016 08:44 PM, Chris Murphy wrote: And netstat isn't on non-live media apparently so I don't have access to that while xvnc is running to see if it's listening over something other than just an ipv4 address. Is "ss"? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: selinux??
On 01/26/2016 06:41 PM, Shawn Bakhtiar wrote: In fact there isn’t a single good reason to have SELinux enabled out of the box ... The functions it (as with systemD) servers are limited to a select area of operations. I'd like to point out that the default policy is "targeted", which means that it only affects the "select area of operations" where it can help to contain an attack. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: GNOME Extensions for time/date and autologin
On Wed, Jan 27, 2016 at 03:37:11PM -0500, Alex wrote: > Hi all, > > Does anyone know of a GNOME extension (fedora23 desktop) to control > the date/time in the top menubar thing to change it to 12-hr time > instead of 24-hr? Is an extension even necessary for that, or am I > missing some other ability to control that? gsettings is probably what you want. You can see what you have set currently with: $ gsettings get org.gnome.desktop.interface clock-format And, you can change it to 12-hr time with: $ gsettings set org.gnome.desktop.interface clock-format '12h' Hope that helps. Regards, Mike -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
[389-users] Re: Crash logs
On 01/27/2016 12:33 PM, Todor Petkov wrote: On 1/27/2016 10:20 PM, Mark Reynolds wrote: The server is crashing in the NSS library: Program terminated with signal 4, Illegal instruction. #0 0x7f82f5bdad60 in ?? () from /usr/lib64/libfreeblpriv3.so Thread 1 (Thread 0x7f82d7fff700 (LWP 25001)): #0 0x7f82f5bdad60 in ?? () from /usr/lib64/libfreeblpriv3.so No symbol table info available. #1 0x7f82f5bd7998 in ?? () from /usr/lib64/libfreeblpriv3.so No symbol table info available. #2 0x7f82f5ba0b36 in ?? () from /usr/lib64/libfreeblpriv3.so No symbol table info available. #3 0x7f82f5ba10f3 in ?? () from /usr/lib64/libfreeblpriv3.so No symbol table info available. #4 0x7f82f60a9aef in ?? () from /usr/lib64/libsoftokn3.so No symbol table info available. #5 0x7f82f60aa504 in ?? () from /usr/lib64/libsoftokn3.so No symbol table info available. #6 0x7f8300684dbe in PK11_Decrypt () #7 0x7f83009902bd in ssl3_AESGCM (} #8 0x7f83009952fd in ssl3_HandleRecord () #9 0x7f830099669f in ssl3_GatherCompleteHandshake () #10 0x7f8300999022 in ssl_GatherRecord1stHandshake () #11 0x7f83009a0185 in ssl_Do1stHandshake () #12 0x7f83009a13b7 in ssl_SecureRecv () #13 0x7f83009a5402 in ssl_Recv () ... ... This might be a known issue with NSS. What version of 389 and NSS are you using? rpm -qa | grep 389-ds-base rpm -qa | grep "^nss" 389-ds-base-1.2.11.15-68.el6_7.x86_64 389-ds-base-debuginfo-1.2.11.15-68.el6_7.x86_64 389-ds-base-libs-1.2.11.15-68.el6_7.x86_64 nss-3.19.1-8.el6_7.x86_64 nss-softokn-freebl-3.14.3-23.el6_7.x86_64 nss-util-3.19.1-2.el6_7.x86_64 nss-softokn-3.14.3-23.el6_7.x86_64 nss-sysinit-3.19.1-8.el6_7.x86_64 nss-debuginfo-3.19.1-8.el6_7.x86_64 nss-tools-3.19.1-8.el6_7.x86_64 -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org You might have hit a nss-softokn - processor mismatch issue. Could you please try this workaround? We would like to know setting the following environment variable(s) changes the behavior. 1) Open /etc/sysconfig/dirsrv and add the following line: export NSS_DISABLE_HW_GCM=1 Restart the Directory Server. Does the LDAP/TLS request crash the server? 2) If the server still crashes, add another variable to /etc/sysconfig/dirsrv: export NSS_DISABLE_HW_AES=1 Restart the Directory Server. Does the LDAP/TLS request crash the server? -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
[389-users] Re: Crash logs
>> > You might have hit a nss-softokn - processor mismatch issue. Could you > please try this workaround? > > We would like to know setting the following environment variable(s) > changes the behavior. > 1) > Open /etc/sysconfig/dirsrv and add the following line: > export NSS_DISABLE_HW_GCM=1 > Restart the Directory Server. > Does the LDAP/TLS request crash the server? > 2) > If the server still crashes, add another variable to /etc/sysconfig/dirsrv: > export NSS_DISABLE_HW_AES=1 > Restart the Directory Server. > Does the LDAP/TLS request crash the server? Hello, the first variable is set. Unfortunately I can not reproduce the request, since I do not know it;( Regards, -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
[389-users] Re: Crash logs
On 01/27/2016 02:44 AM, Todor Petkov wrote: Hello, few weeks ago I posted that I am experiencing crashes of the ldap server and I was advised how to collect the logs. I have managed to collect them, the file is around 120k, where do I have to post it? Do you mean stack traces? If you have stack traces just paste them into the email. I don't think error/access logs alone will provide any useful information without a stacktrace. Mark Thanks, -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
Re: selinux??
On 27 January 2016 at 02:41, Shawn Bakhtiarwrote: > >> On Jan 26, 2016, at 10:33 AM, Ian Malone wrote: >> >> On 26 January 2016 at 17:23, Shawn Bakhtiar wrote: >>> On Jan 26, 2016, at 9:13 AM, Ian Malone wrote: On 26 January 2016 at 17:07, Shawn Bakhtiar wrote: > I couldn't agree more bruce. > > It's the 1% who get paid too much for doing too little that have such > indulgent luxuries. > > The rest of us 99% have to work for it :P > > Remember that next time your bank gets hacked. >>> Seriously!!?!??! You're comparing a multi-bilion dollar multi-national >>> institution with a SMB/SOHO engineer. Sorry they fall int the 1% last I >>> checked. >> >> Every two bit company that leaks other people's data because they >> can't be bothered makes things worse for its customers. Who are often >> soon ex-customers. Which means SMBs become former SMBs. >> > > This is such a load of fear mongering crap. You are acting as if SELinux is > the end all and be all of security, which any “two bit” sysadmin can tell you > it is not. It is a SMALL part of security one that for the pain it causes is > simply not worth it. > > In fact there isn’t a single good reason to have SELinux enabled out of the > box (or SystemD for that matter- whole other story). > > The functions it (as with systemD) servers are limited to a select area of > operations. > It's fairly clear you've understood nothing I said. Pointless to continue. -- imalone http://ibmalone.blogspot.co.uk -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org