Re: Sound
On Saturday, January 14, 2012 07:47:05 PM Patrick Dupre wrote: Hello, After upgrade from fedora 14 to fedora 16 on a Inspiron 9400, I lost the sound! vlc run OK, but no sound! How can I check the hardware drivers? Thank. If you are now using pulse audio, and don't have pavucontrol installed, please install pavucontrol. Please use pavucontrol to check if the volume is muted. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Desktop stickiness under Fedora-16/KDE
On Saturday, December 31, 2011 07:36:56 AM Timothy Murphy wrote: My desktop siezes up every hour or so; I can continue in the current desktop, but cannot change to another desktop or go to another application by clicking on an icon in the panel. The problem cures itself in 20-30 seconds, so it is not life-threatening. I killall-ed upowerd, but that didn't do the trick. There is nothing untoward in /var/log/messages. The problem could be to do with Firefox or KDE or Fedora; I'm not sure which. I've seen a few comments on this, but has anyone found a cure? I'm still on Fedora 15, not sure when I will upgrade. I run KDE, kontact/kmail, pidgin, alternate between Firefox and google-chrome. My reason for not upgrading, so far, my desktop has only 1 G of ram. Even on Fedora 15, if I try to run Firefox + kmail + all of the friends, (the friends being Nepomuk, Akonadi, and what they call in), my system starts to swap. Depending what I'm doing in Firefox, Firefox and it's friend, the plugin-container, take lots of ram. I will upgrade to Fedora 16 eventually, either when I can afford a new desktop, or when I work up the courage to install on this desktop. If possible, can you see the disk light on your desktop? Is the disk light flashing when your desktop freezes up? People may suggest reducing the memory footprint of Firefox. I did a google search, found things to change in about:config, disabled ram caching -- don't remember the change so do your own search, disabled a number of Firefox plugins, all to control the memory footprint. I actually created 2 scripts, use them at your own risk. If my scripts are bad or wrong, hopefully someone will tell us. One script stops a number of services, including kontact (kmail). The other script starts those services. I always stop services before using Firefox or google-chrome. rsewill@rsewill:~ 3:3 $ more bin/stopmemoryhogs #!/bin/bash declare -i sleeptime=30 # qdbus im.pidgin.purple.PurpleService /im/pidgin/purple/PurpleObject PurpleCoreQuit qdbus org.kde.kontact /MainApplication quit # qdbus org.kde.kopete /MainApplication quit sleep ${sleeptime} declare printerapp=$(qdbus | grep printer-applet) [ ! -z ${printerapp} ] qdbus ${printerapp} /MainApplication quit akonadictl stop # qdbus org.kde.kmix /MainApplication quit sleep ${sleeptime} qdbus org.kde.NepomukServer /nepomukserver quit qdbus org.kde.korgac /MainApplication quit rsewill@rsewill:~ 3:4 $ more bin/startmemoryhogs #!/bin/bash declare -i sleeptime=30 nepomukserver # pidgin -f sleep ${sleeptime} akonadictl start # kopete # kmix sleep ${sleeptime} kontact -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: more than one bridge
On Tuesday, December 27, 2011 06:59:53 AM Hiisi wrote: On 27 December 2011 15:49, Sam Varshavchik mr...@courier-mta.com wrote: Hiisi writes: Hi, list! Is there a way to set up more than one bridged interface having one physical device? I'm setting up virtual machines and want them to share the same network with host computer. For one guest machine I simply created a bridged interface adding line 'BRIDGE=br0' to /etc/sysconfig/network-scripts/ifcfg-p21p1 (host computer network interface), then created /etc/sysconfig/network-scripts/ifcfg-br0 with nececarry configuration. How to create second interface for second guest machine and so on? Add the second machine to the same bridge. Hi, Sam! Thanks, I've already did it. But theoretically, is it possible to create more than one bridge on one interface? Have you looked into using VLANs? From http://en.wikipedia.org/wiki/Virtual_network, a few paragraphs down, VLANs (Virtual LANs) are logical LAN's (Local Area Networks), based on physical LAN's. A VLAN can be created by partitioning a physical LAN into multiple logical LAN's (subnets) using a VLAN ID. Alternatively, several physical LAN's can function as a single logical LAN. The partitioned network can be on a single router, or multiple VLAN's can be on multiple routers just as multiple physical LAN's would be. A VLAN can be on a VPN. Your question sounds similar to partitioning a physical LAN into multiple logical LAN's (subnets) using a VLAN ID. Can someone, who has used VLANs recently, comment if this approach will do what the OP wants, and help with the configuration on Linux if the OP wants to try it? Last time I used VLANs was the late 1990's...on a SOHO (FlowPoint) router. I'm afraid I'm a bit rusty and would have to test any help I might offer. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Bullies get into FireFox, and make a mess in F-14, way too easily, forcing me to DBAN the hd reinstall...
On Sunday, November 20, 2011 04:11:32 PM Linda McLeod wrote: The bullies who have been targeting my PC with computer problems have got into FireFox yet again, changing things.. Questions please. Are you running Firefox as root or as a normal user? Have you disabled SeLinux? Do your accounts, both root and your normal account, have strong passwords? Could the bullies know your passwords? Do these bullies have physical access to your PC? If the bullies physical access, the only way I can think to protect stuff, is to encrypt everything. I would prefer others describe how to do this. I've never encrypted my hard disk. If these bullies do not have physical access, are they coming in through the Internet? If yes, this leads to a bunch of questions. Do you have a firewall device or NAT router or something offering you some protection between your PC and the Internet? Have you made changes to your PC's firewall? How are the bullies coming in if they are coming in over the Internet? It's possible, if the bullies are not smart, you could look at log messages. Someone who's done this before, would she look in /var/log/secure? If a bully were coming in to my PC, over the Internet, I would first suspect they were using ssh. I dislike the default ssh server configuration on Fedora. I believe the default is to allow incoming ssh connections, to normal user accounts, using password authentication. The default iptables configuration for ssh is allow connections from anywhere. The first things I do on a new system is disable password authentication, only allow certain users ssh access, and restrict incoming ssh connections to a trusted subset of my local LAN. I wish the default Fedora configuration, at the very least, limited ssh connections to the local LAN. I wish the ssh server had an option to test passwords for strength, and reject incoming connections to accounts with weak passwords. Other ways they could come in over the Internet include things like VPN or VNC. If you don't know what VPN or VNC is, you haven't enabled it. If you are running a VNC server, are those passwords strong and secure? Have you installed any software or plugins that are letting the bullies in? Were you asked for the root password, by some program, unexpectedly? If I believe a bully has gotten into my system and compromised it, I would strongly recommend reloading my system from a backup I trust. This backup needs to be one I believe was before the bullies first got in. Otherwise, there are Linux rootkits designed to hide how bullies got in, what they are doing, and prevent you from keeping them out. To be perfectly honest, and not knowing any facts, I would first suspect you have a weak password they brute force guessed, and they are coming in through ssh. Unfortunately, once in, they could cause havoc in your user account, and if they got into your root account, there is no telling how much harm they did. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Need to change uid and gid
On Friday, November 11, 2011 04:22:52 PM Jonathan Ryshpan wrote: In the process of upgrading from Fedora-15 to Fedora-16, my uid and gid have both been changed from 500 to 1000. I maintain a mirror of my system as backup using rsync, so in order for the mirroring to continue properly the uid and gid in the mirror filesystem have to be changed to match the main one. There's no problem with my home directory, just use $ chown --recursive 1000.1000 in the mirror of my home directory. However there are a few odd files, like my crontab file /var/spool/cron/jonrysh which needs to have its uid (but NOT its gid) changed. Where is a convenient script to do this? There must be one, since this is essentially what was done in the upgrade from Fedora-15 to Fedora-15. Many Thanks - jon I would suggest find . -uid 500 -exec chown -h owner \; find . -gid 500 -exec chgrp -h group \; The -h option says do the chown or chgrp to the symbolic link instead of following the symbolic link. Without the -h option, the symbolic link is followed, causing the symbolic link ownership to not be changed. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Need to change uid and gid
On Friday, November 11, 2011 10:58:01 PM Rick Sewill wrote: On Friday, November 11, 2011 04:22:52 PM Jonathan Ryshpan wrote: In the process of upgrading from Fedora-15 to Fedora-16, my uid and gid have both been changed from 500 to 1000. I maintain a mirror of my system as backup using rsync, so in order for the mirroring to continue properly the uid and gid in the mirror filesystem have to be changed to match the main one. There's no problem with my home directory, just use $ chown --recursive 1000.1000 in the mirror of my home directory. However there are a few odd files, like my crontab file /var/spool/cron/jonrysh which needs to have its uid (but NOT its gid) changed. Where is a convenient script to do this? There must be one, since this is essentially what was done in the upgrade from Fedora-15 to Fedora-15. Many Thanks - jon I would suggest find . -uid 500 -exec chown -h owner \; find . -gid 500 -exec chgrp -h group \; Oops...It's late. My syntax for the find commands is bad. I forgot the {} to specify the file selected by the find command. find . -uid 500 -exec chown -h owner {} \; find . -gid 500 -exec chgrp -h group {} \; The -h option says do the chown or chgrp to the symbolic link instead of following the symbolic link. Without the -h option, the symbolic link is followed, causing the symbolic link ownership to not be changed. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Unable to ssh nodes with global IP
On Sunday, October 23, 2011 05:14:01 AM Harish Pillay wrote: On 10/23/2011 05:09 PM, Abu Attar Musharih wrote: The customer service said that ssh is not allowed. So, what to do then? I badly need a server with global IP for experimenting grid You can do the following: a) edit /etc/ssh/sshd_config and change the default port 22 to a higher port say 10022. Actually anything above 1024 would be sufficient. b) restart your sshd daemon c) from your client, say if you are running on the command line, you can do the following: ssh -p 10022 hostname replacing the 10022 with whatever you've changed your sshd to. d) do ensure that on your server you open up the port you want sshd to accept connections. you can do that from the command line via system-config-firewall. hth. harish Question to the OP please. Are you also behind your own router? Does it run NAT? If yes, is it configured to forward an ssh connection, from the Internet, to your local host? When you switch your ssh server (etc/ssh/sshd_config) to use a non-standard port, and if you are behind a router that is doing NAT, you will need to configure the router to forward the connection to your host. If you are behind a router, owned by the ISP, that is using NAT, our suggestions probably won't work...we need to know your network topology. How can one tell if one is behind a router that uses NAT? What is your local host's IP address? If your host's IP address is in the range, listed by rfc 1918, http://www.rfc-editor.org/rfc/rfc1918.txt 192.168.0.0 - 192.168.255.255, 172.16.0.0 - 172.31.255.255, or 10.0.0.0 - 10.255.255.255, you are behind a router running NAT. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Problems with Fedora15 and sound INTEL 82801DB0ICH4
On Thursday, October 20, 2011 11:35:06 PM Miguel Cardenas wrote: Hello I have just moved to Fedora 15 (used another distro before), but it appears that the sound control is managed by the Phonon... I don't know much about it except that tried it some time ago when compiled it as a module for KD4, and it did not recognize all my sound devices and some multimedia formats... I believe pulse audio is present on your system. I assume, if you do, ps wx | grep [p]ulseaudio you will see something like rsewill@rsewill:~ 3:6 $ ps wx | grep [p]ulseaudio 2463 ?Ssl 8:42 /usr/bin/pulseaudio --start Have you used pulse audio before? Try running kmix with KMIX_PULSEAUDIO_DISABLE=1 as in the following script. rsewill@rsewill:~ 3:1 $ more bin/kmix-alsa #!/bin/bash export KMIX_PULSEAUDIO_DISABLE=1 kmix rsewill@rsewill:~ 3:2 $ ls -l bin/kmix-alsa -rwx--. 1 rsewill rsewill 54 Oct 20 00:27 bin/kmix-alsa If I open the KMix it does not show the devices, just a single (one) control for each input and output, no pcm mic etc. but I guess it is due the Phonon that does not support my chipset at all... The above script may get kmix to show the alsa controls. My doubt is, if I install another mixer control software, would it work by accessing directly to the audio (kernel?) driver without causing conflict to the Phonon? There is a pulse audio mixer control, pavucontrol, for the PulseAudio sound server. rpm -q -i pavucontrol You may need to install it, yum install pavucontrol And another multimedia related question, when trying AMAROK it told that there was no MPEG-1 plugin detected, but looking at the repositories can't find something like (using yum)... any idea of what may be wrong? You say it did not recognize all your sound devices and multimedia formats? You will need to be more specific...what sound devices are recognized? What sound devices are not recognized? Do you mean you have multiple sound devices such as an internal sound card, a USB sound device, what? Do you mean you plugged something into the sound jack and the internal sound card isn't behaving properly, such as not doing surround sound or something? If this is a problem, this opens up, for me, a can of worms. It's possible you need to do something like create a file in /etc/modprobe.d that passes various options to snd-hda-intel Before going down this path, we need to know if this is, indeed, your problem. I always get lost and confused going down this path and welcome others help. What multimedia formats are recognized? What multimedia formats are not recognized? The comments, regarding pulse audio, are related to sound devices. When you say it doesn't recognize multimedia formats, do you mean formats like mp3? Fedora doesn't, by default, provide the software for mp3 because mp3 is a proprietary format. If you are using audacious, you might need rpm -q -i audacious-plugins-freeworld-mp3 found in the repository rpmfusion-nonfree If you are using something else that uses gstreamer, you might need gstreamer-plugins-bad or gstreamer-plugins-ugly or I don't know what else. A disclaimer...I am interested in sound discussions because I always have problems with my own sound configuration. Usually, when I try to answer these questions, some kind soul corrects me and both I and the OP learn. Thanks! Miguel -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Remote access
On Friday, October 14, 2011 06:05:29 AM Marko Vojinovic wrote: On Friday 14 October 2011 05:13:53 KC8LDO wrote: Is there a way to use ssh to get through a firewall for remote access to a system? The situation I'm looking at is a Fedora system sitting behind a company firewall, which I have no control over, that I wish to gain access to by logging into it over the Internet from a remote computer. In other words the connection is initiated from outside of the firewalled company network. What I'm thinking is using ssh to forward a port, 3389, to another computer on my own private network (also behind a firewall and NAT router) at home acting as a middle man. Then from another computer, lets say at a hotel, logging in to the same computer on my private home network and have it pass traffic bidirectionaly between the two end point computers. Is this something than can be done using ssh and if so how? I would also like to have the remote Fedora system connection to the middle man computer remain even if the remote computer is not connected. You want to look into OpenVPN. It does take some time to read the docs and set it up, but it's worth it. http://openvpn.net/index.php/open-source.html Essentially, it adds a virtual ethernet device (called tap) to each machine, and connects these into a virtual LAN. From that point on you can do whatever you want, as if the machines were next to each other in the same room, connected to an ethernet switch. It may happen that the default openvpn port is blocked by the company firewall. In that case just reconfigure your machines to use openvpn on some port that is not blocked. Other than that, openvpn will work for you all over the globe, and it is completely under your control. Best, :-) Marko Please talk with your manager and your sysadmin. A good sysadmin will look at the firewall logs, will see something strange, will report it up to the chain of command, to his boss. If the sysadmin doesn't, he should lose his job. If you do something, behind the companies back, the company can't trust you. If a company can't trust you, they have to design you out of the company. They have to get rid of you. I've worked remotely for a number of companies. In each case, the company, and the sysadmin, wanted me to vpn in. They helped me. They arranged which VPN I was to use and what I could access. They also insured their security wasn't compromised. If you bypassed security at a company where I worked, you would be discovered. You would be fired. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Remote access
On Friday, October 14, 2011 10:25:59 AM Rick Sewill wrote: On Friday, October 14, 2011 06:05:29 AM Marko Vojinovic wrote: On Friday 14 October 2011 05:13:53 KC8LDO wrote: Is there a way to use ssh to get through a firewall for remote access to a system? The situation I'm looking at is a Fedora system sitting behind a company firewall, which I have no control over, that I wish to gain access to by logging into it over the Internet from a remote computer. In other words the connection is initiated from outside of the firewalled company network. What I'm thinking is using ssh to forward a port, 3389, to another computer on my own private network (also behind a firewall and NAT router) at home acting as a middle man. Then from another computer, lets say at a hotel, logging in to the same computer on my private home network and have it pass traffic bidirectionaly between the two end point computers. Is this something than can be done using ssh and if so how? I would also like to have the remote Fedora system connection to the middle man computer remain even if the remote computer is not connected. You want to look into OpenVPN. It does take some time to read the docs and set it up, but it's worth it. http://openvpn.net/index.php/open-source.html Essentially, it adds a virtual ethernet device (called tap) to each machine, and connects these into a virtual LAN. From that point on you can do whatever you want, as if the machines were next to each other in the same room, connected to an ethernet switch. It may happen that the default openvpn port is blocked by the company firewall. In that case just reconfigure your machines to use openvpn on some port that is not blocked. Other than that, openvpn will work for you all over the globe, and it is completely under your control. Best, :-) Marko Please talk with your manager and your sysadmin. A good sysadmin will look at the firewall logs, will see something strange, will report it up to the chain of command, to his boss. If the sysadmin doesn't, he should lose his job. If you do something, behind the companies back, the company can't trust you. If a company can't trust you, they have to design you out of the company. They have to get rid of you. I've worked remotely for a number of companies. In each case, the company, and the sysadmin, wanted me to vpn in. They helped me. They arranged which VPN I was to use and what I could access. They also insured their security wasn't compromised. If you bypassed security at a company where I worked, you would be discovered. You would be fired. I should add, in each case, the company provided me with the laptop to use. The company insured the laptop had the firewall and virus software they wanted. The sysadmin managed the laptop; either remotely or I brought the laptop in. I was to use that laptop for work, and nothing else. I was not to use any other PC for accessing work, only that laptop. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: selinux is a pain
On Tuesday, September 20, 2011 10:30:38 AM Tim wrote: On Tue, 2011-09-20 at 08:14 -0300, Martín Marqués wrote: I reinstalled (better hardware) a server and had selinux enabled (was disabled before), and I starting to see why so many people don't use selinux. Let's clarify what you've written... You are, now, trying to run a system with SELinux enabled, that was previously running with it disabled. The same files on the drive, just changing the SELinux setting. Is that right? If so, no wonder you're having grief. While SELinux was off, your system was writing files without setting any SELinux contexts. So, those files are just default files. Now that SELinux is on, there's no contexts written in the file attributes that would tell SELinux to allow access, so the default (for safety) action is to disallow it. If the above is his problem, has he tried creating /.autorelabel and reboot? Please see man selinux, The best way to relabel the file system is to create the flag file /.autorelabel and reboot. system-config-securitylevel, also has this capability. The restorcon/fixfiles commands are also available for relabeling files. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: telnet on local LAN question
On Thursday, August 18, 2011 11:31:18 PM Paul Allen Newell wrote: On 8/17/2011 10:33 PM, Andre Speelmans wrote: Two things: First, try without any firewall (service iptables stop), or enter a first line like: iptables -I INPUT -j ACCEPT, just so we can isolate the problem. If that fails, look what actually gets send on the server (tcpdump -i eth0 -nnl port 25). Andre: Thanks for help. I did a service iptables stop on two of my machines (chalupa -- 192.168.2.10 and chowder -- 192.168.2.11). I then typed, on chowder: +++ telnet chalupa 23 telnet chalupa 25 telnet chalupa +++ In all three cases, the return was: +++ telnet: connect to address 192.168.2.0: Connection refused Is this a typo? Did it say telnet: connect to address 192.168.2.10: Connection refused +++ Paul -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: telnet on local LAN question
My iptables is the default per F14 installation: +++ # Generated by iptables-save v1.4.9 on Tue Aug 16 22:13:30 2011 # Used command iptables-save iptables_F14_ORIGINAL_yoyo *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [9950:627381] iptables entries are processed in the order found... -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT Above line jumps to ACCEPT for any packet with an established connection. -A INPUT -p icmp -j ACCEPT Above line jumps to ACCEPT for any icmp packet. -A INPUT -i lo -j ACCEPT Above line jumps to ACCEPT for any packet from the loopback interface. -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT Above line jumps to ACCEPT for any ssh packet establishing a new connection. May I suggest inserting an entry, at this spot, for mail, something like the following. -A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT The goal of the previous line is to jump to ACCEPT for any mail packet establishing a new connection. Instead of the above line, you might want to specify a source IP address range to limit which IP addresses can send mail to your machine. -A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -s 192.168.2.0/24 -j ACCEPT The goal of -s 192.168.2.0/24, in the above line, is to only accept incoming connections to port 25 (the default smtp port), if the source IP address of the packet is in the range 192.168.2.0 - 192.168.2.255. -A INPUT -j REJECT --reject-with icmp-host-prohibited Above line jumps to REJECT for any packet destined to the host. As I said the order of entries is important. -A FORWARD -j REJECT --reject-with icmp-host-prohibited Above line jumps to REJECT for any packet the host might forward. COMMIT # Completed on Tue Aug 16 22:13:30 2011 +++ I apologize for not reading your original message and going off on a telnet/ssh tangent in a previous email. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: telnet on local LAN question
On Tuesday, August 16, 2011 12:04:57 AM Paul Allen Newell wrote: Greetings I am trying to figure out how to get communication between my F14 boxes on a local wired LAN. The best test case I can come up with to prove that I don't know what I am doing wrong is telnet. ...snip... Ping works great between all of the machines for both otherX and otherX.localdomain, lists the 192.168.10.x address like a happy camper should But a telnet otherX 25 or telnet otherX.localdomain 25 fails. I can't tell if I need to add information about the other machines somewhere else on name or if they really are known but something is blocking it. You didn't say if you could telnet locally to your local host: Does this command work: telnet localhost If not, the telnet service needs to be enabled/started. Another possibility, iptables might be blocking it. See if your iptables allows new incoming connections on the tcp telnet port. There are other possibilities, but these are the first two I'd check. If you plan to use ssh instead of telnet anyway, is best to do ssh instead. I believe ssh is normally enabled/started. I believe iptables is normally set up to allow incoming ssh connections. I'm not sure the default sshd settings in /etc/ssh/sshd_config. I'd go through those options. Please see man sshd_config I think the default is now only protocol 2 -- good if that's true. I wish the default didn't allow PasswordAuthentication. For testing and getting ssh working, password authentication may be okay. Wouldn't want PasswordAuthentication as my default. Is best to use PubkeyAuthentication, at a minimum, with good keys. I think the default is to allow root login. Wish that were not the case. Make the person ssh in on a normal user account and su to root. Please change PermitRootLogin yes to PermitRootLogin no Please limit which users can come in over ssh in /etc/sshd_config. Use AllowGroups and/or AllowUsers. Not sure if you want X11Forwarding or not. Some object to security by obscurity, but you might wish to change the ssh port from port 22 to some other port. It doesn't stop hackers if they discover your open ssh port. It slows down those hackers who only look for ssh on port 22. Question for iptables/firewall GUI people... is there a way to specify ip address ranges in any firewall GUIs? Rather than allow new incoming ssh connections from any IP address given by the rule, -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT I think the OP would like to specify acceptable IP address ranges. The OP sounds like he only wants local hosts coming in. By hand, I would have entries with the source IP address range specified as in -s 192.168.0.0/16, -s 10.0.0.0/8, -s 172.16.0.0/12 I can muck up /etc/sysconfig/iptables manually...most people shouldn't. Bad things can happen if they don't know what they are doing. It would be nice if firewall GUIs did this for them. Which firewall GUIs do? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: NM_CONTROLLED=no not working
On Friday, July 15, 2011 02:48:53 PM Ian Pilcher wrote: I feel like I'm losing my mind. Can someone confirm that this is supposed to work before I bugzilla this? I am trying to get NetworkManager to ignore my wireless adapter (while still managing my Ethernet adapter and VPN connections). I have created /etc/sysconfig/network-scripts/ifcfg-wlan0: DEVICE=wlan0 TYPE=Wireless HWADDR=00:23:14:12:C1:38 NM_CONTROLLED=no Does the following work? NM_CONTROLLED=no -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: NM_CONTROLLED=no not working
On Friday, July 15, 2011 08:14:43 PM Rick Sewill wrote: On Friday, July 15, 2011 02:48:53 PM Ian Pilcher wrote: I feel like I'm losing my mind. Can someone confirm that this is supposed to work before I bugzilla this? I am trying to get NetworkManager to ignore my wireless adapter (while still managing my Ethernet adapter and VPN connections). I have created /etc/sysconfig/network-scripts/ifcfg-wlan0: DEVICE=wlan0 TYPE=Wireless HWADDR=00:23:14:12:C1:38 NM_CONTROLLED=no Does the following work? NM_CONTROLLED=no It was a long shot if NM_CONTROLLED=no works...documentation indicates NM_CONTROLLED=no should work. I think what you have should work too Documentation says one must have the correct HWADDR address. Looking at your followup emails, it appears you have the correct HWADDR address. Another long shot...documentation suggests you can have HWADDR=00:23:14:12:C1:38 as you have...but as an experiment, please put quotes around the MAC address HWADDR=00:23:14:12:C1:38 Why am I asking for quotes around things? I'm not sure how NetworkManager reads ifcfg-wlan0. It may have internal routines for reading the file -or- it may use a shell (like the bash shell) to read ifcfg-wlan0. I believe the non-NetworkManager network has scripts in /etc/sysconfig/network-scripts that use the bash shell to read ifcfg-wlan0. I am trying to guess what syntax might make NetworkManager and non-NetworkManager happy. To tell the truth, what you have should work. I just want to rule out this possibility. Another line of questions. What is in /etc/NetworkManager/NetworkManager.conf? I have the following: rsewill@rsewill:~ 3:1 $ more /etc/NetworkManager/NetworkManager.conf [main] plugins=ifcfg-rh According to the documentation, man NetworkManager.conf, on a Redhat/Fedora system, one might have plugins=ifcfg-rh and/or keyfile If one has both, the order the plugins are listed matters. For example, do you have plugins=ifcfg-rh -or- plugins=keyfile -or- plugins=ifcfg-rh,keyfile -or- plugins=keyfile,ifcfg-rh? Ideally you will say you have plugins=ifcfg-rh and we still won't have an idea what is wrong. It's a possibility that needs to be ruled out. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Bash: (foo==0)?foo=1:foo=0 valid?
On Saturday, July 02, 2011 02:11:52 PM inode0 wrote: On Sat, Jul 2, 2011 at 2:07 PM, Daniel B. Thurman d...@cdkkt.com wrote: I used: (((foo==0)?foo=1:0)) and it works in a bash script! I don't think that is quite the same as what I'm guessing your original attempt intended. In this case if foo does not equal 0 to begin with it won't be set to 0. Perhaps that doesn't matter in your particular case. John If you know that foo is always initialized to either a value of zero or one, would the following seem reasonable? let foo=1-$foo -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: No sound since upgrading to F15
On Sunday, May 29, 2011 10:59:42 PM John Aldrich wrote: With the disclaimer, I haven't tried to upgrade to Fedora 15 yet, so I am getting my information from my Fedora 14 system, I have a question on the alsa-info.sh script output. I didn't see any !!Modprobe options (Sound related) in your output. I assume Fedora 15 still needs modprobe options for sound. I have sound options in my Fedora 14 /etc/modprobe.d/local.conf file. ...skip options not related to sound... options snd cards_limit=8 alias snd-card-0 snd-hda-intel options snd-hda-intel index=0 alias snd-card-7 snd-usb-audio options snd-usb-audio index=7 I need to repeat the disclaimer, I am still using Fedora 14. On my Fedora 14 system, alsa-info.sh script output gives the following: ...Skip beginning of my output... !!Advanced information - PCI Vendor/Device/Susbsystem ID's !! 00:10.1 0403: 10de:026c (rev a2) Subsystem: 103c:2a45 !!Modprobe options (Sound related) !! snd-hda-intel: index=0 snd-usb-audio: index=7 !!Loaded sound module options !!-- ...Skip rest of my output... -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: No ethernet connection -
On Monday, May 30, 2011 04:35:54 AM Bob Goodwin wrote: New F-15 install. How is the ethernet connection made/assigned, whatever? I made some changes via chkconfig and lost eth0 and eth1. Ethtool simply reports no devices. Is there a routine for setting up ethx or does it just have to happen automatically? That seems unlikely. With the caveat, I am still on Fedora 14 and haven't tried to upgrade yet, I assume Fedora 15 still has needed configuration files in /etc/modprobe.d. What is in your /etc/modprobe.d/local.conf? My Fedora 14 /etc/modprobe.d/local.conf file contains the following: rsewill@rsewill:~ 3:1 $ more /etc/modprobe.d/local.conf alias eth0 via-rhine alias eth1 via-rhine alias eth2 forcedeth alias scsi_hostadapter libata alias scsi_hostadapter1 sata_nv alias scsi_hostadapter2 pata_amd alias scsi_hostadapter3 usb-storage options snd cards_limit=8 alias snd-card-0 snd-hda-intel options snd-hda-intel index=0 alias snd-card-7 snd-usb-audio options snd-usb-audio index=7 On Fedora 14 this was how I associated which ethernet driver for which device. I assume it's still the same way on Fedora 15. Another person is having sound problems, and I remember there is sound stuff in /etc/modprobe.d/local.conf too. I am wondering if Fedora 15 did things to the modprobe files -or- if the format of the modprobe files has changed -or- if the modprobe files have been replaced by something else. I will try to upgrade to Fedora 15, in time. At this moment, I am hesitant. I have an old system, with limited RAM. I need to have good file backups. I am concerned my attempt to upgrade to Fedora 15 may fail. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: No ethernet connection -
On Monday, May 30, 2011 07:22:45 AM Frank Murphy wrote: On 30/05/11 13:19, Rick Sewill wrote: snip I will try to upgrade to Fedora 15, in time. At this moment, I am hesitant. I have an old system, with limited RAM. I need to have good file backups. I am concerned my attempt to upgrade to Fedora 15 may fail. If upgrading F15 should preserve the ethX stuff, but if a fresh install pci slots (nic) will be emX They changed the names? Thank you for the heads up. I will need to switch to the new names, in time, then. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: No sound since upgrading to F15
On Monday, May 30, 2011 07:08:14 AM John Aldrich wrote: On Sunday, May 29, 2011 10:59:42 PM John Aldrich wrote: Ok... I put the info you had in your local.conf file WRT audio, except for the USB as I don't have any USB audio. I'm tempted to put an old PCI sound card in to see if that might help things, but I don't really want to. I want to figure out what is going on with sound and why it doesn't work now, but it did before I upgraded to F15! Do you, by chance, know what you had in your /etc/modprobe.d/ files, related to sound, on Fedora 14? If I do a google search, options snd_hda_intel model it appears snd_hda_intel has other options. My modprobe options might not be enough, or even correct for your hardware. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Antivirus for Fedora 14
On Friday, May 20, 2011 12:29:23 PM John Aldrich wrote: On Fri May 20 2011, Andrew Jamison wrote: I always install ClamAV which is free from the repositories, that may work for now. When viruses become a bigger threat on Linux (not to far-fetched to say it could happen) then you may see commercial programmers offering Linux versions of their clients. You can already by commercial antivirus for Linux. Kaspersky offers a Linux version, as does AVG and Symantec. How well those work is anyone's guess. I don't have any info on whether or how well they work, simply advising that they already exist. Now, I agree that it's not too far-fetched to expect to see a linux virus in the wild. Apple is now reportedly advising users to get some sort of antivirus for the Mac, and since Apple's O/S is based on BSD, it doesn't seem like a huge stretch to imagine that a Linux virus could be developed. I would like to see more workstation antiviruses be developed for linux. Most of the antivirus products I've seen for linux have been for servers. There have been Linux viruses in the past. Please see URL: http://en.wikipedia.org/wiki/Linux_malware -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[OT] My paranoia and skype, was Re: Protected WLAN
On Wednesday, May 18, 2011 07:01:53 AM Marko Vojinovic wrote: Except for skype, of course... ;-) But that's old news. And now that Microsoft took it over, they will probably trade with the nsa for a backdoor... :-) I apologize for the off topic remarks I am about to make. I would be very surprised if skype didn't have back doors for governments. Skype is proprietary and we can't examine the source for back doors. There were allegations the Chinese Skype had a text chat back door. http://blogs.skype.com/en/2008/10/skype_president_addresses_chin.html My paranoia causes me to believe the back doors don't stop with text chat. My paranoia causes me to believe multiple governments demanded back doors. This is one of two reasons I don't want to use skype. The other reason I don't want to use skype is I don't want to be a super node. In my mind, it would be very easy for governments to be men in the middle, to intercept interesting skype traffic, to be able to store conversations. To put it plainly, I don't trust skype. Sorry to go off topic. Flame me if you wish. I think I deserve to be flamed. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Networking problem
On Saturday, May 14, 2011 11:45:47 PM JD wrote: ... Well, that bridge is the router. Wireless clients that are associated with an Access Point in infrastructure mode cannot directly talk to each other. Their traffic must flow through the router. If I had set the two computers to use AdHoc mode of association with each other, then indeed, their traffic would go directly to each other without any other facility in between. I've been quiet because I don't know enough about the internals of wireless. This discussion gives me a question. What would happen if the computers were set to AdHoc mode? It's unclear to me if the gateway has to be set to AdHoc mode too. As an aside, I'm curious if most devices allow an AdHoc mode setting. From a 64000 foot view, I'd expect the following. The two wireless computers would find each other. The two wireless computers would not find 192.168.1.1, the computer on the LAN, UNLESS the gateway answered the ARP for computers on the LAN. From the ARP table on the Powerbook, from another response in this thread, it appears the gateway answers ARP requests for computers on the LAN. This may be a wild goose chase, but I'm curious what happens in this case. I'm not sure if you would want to actually run your network in AdHoc mode. I don't know the direct and indirect consequences of doing this. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Networking problem
On Saturday, May 14, 2011 09:27:55 AM JD wrote: On 05/14/11 08:48, G.Wolfe Woodbury wrote: On 05/14/2011 09:36 AM, JD wrote: On my F14, I am running a firewall that accepts specific connection on specific ports from some machines on the LAN. However, for one machine I made a general rule to accept all connections: -A INPUT -s 192.168.1.60 -j ACCEPT After restarting the firewall, I still am unable to ping that machine and it is unable to ping me. That machine is not running a firewall. I can ping the router and another machine I have on the LAN. The machine at 192.168.1.60 can do the same. What else do I need to do to be able to talk to machine 192.168.1.60 and it to my fedora machine? Try: -A INPUT -s 192.168.1.60/32 -j ACCEPT there needs to be a netmask in the syntax. Tried it. Did not change anything :( Could we see more of the network topology please? Can you do on both machines: /bin/netstat -rn /sbin/ifconfig If you don't mind, it might be easiest to copy your filewall rules so we can see them. As root, /sbin/iptables -L -v If you are concerned with security and sharing your public IP address, may I suggest changing the public IP address ranges to something else, like xxx.xxx.xxx.0, yyy.yyy.yyy.0, etc, in the output. Another question...if you have multiple ethernet devices, which device is 192.168.1.60 connected to? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Networking problem
On Saturday, May 14, 2011 10:46:51 AM JD wrote: On 05/14/11 09:17, Rick Sewill wrote: On Saturday, May 14, 2011 09:27:55 AM JD wrote: On 05/14/11 08:48, G.Wolfe Woodbury wrote: On 05/14/2011 09:36 AM, JD wrote: On my F14, I am running a firewall that accepts specific connection on specific ports from some machines on the LAN. However, for one machine I made a general rule to accept all connections: -A INPUT -s 192.168.1.60 -j ACCEPT After restarting the firewall, I still am unable to ping that machine and it is unable to ping me. That machine is not running a firewall. I can ping the router and another machine I have on the LAN. The machine at 192.168.1.60 can do the same. What else do I need to do to be able to talk to machine 192.168.1.60 and it to my fedora machine? Try: -A INPUT -s 192.168.1.60/32 -j ACCEPT there needs to be a netmask in the syntax. Tried it. Did not change anything :( Could we see more of the network topology please? Can you do on both machines: /bin/netstat -rn On Fedora Machine: # /bin/netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.0.0.00.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 10.1.1.00.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 0.0.0.0 192.168.1.254 0.0.0.0 UG0 0 0 wlan0 On the machine in question (192.168.1.60) # /sbin/netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.1.254 UGSc80en1 127127.0.0.1 UCS 00lo0 127.0.0.1 127.0.0.1 UH 04lo0 169.254link#6 UCS 00en1 192.168.1 link#6 UCS 20en1 192.168.1.10:26:18:6:ef:7 UHLW0 113en1566 192.168.1.60 127.0.0.1 UHS 00lo0 192.168.1.254 0:1d:5a:c8:91:c1 UHLW 15 153en1565 Internet6: Destination Gateway Flags Netif Expire ::1 link#1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#1 UHL lo0 ff01::/32 ::1 U lo0 ff02::/32 fe80::1%lo0 UC lo0 /sbin/ifconfig On Fedora machine: # /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:03:0D:15:2B:9E inet addr:10.1.1.1 Bcast:10.1.1.255 Mask:255.255.255.0 inet6 addr: fe80::203:dff:fe15:2b9e/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:1340 errors:0 dropped:0 overruns:0 frame:0 TX packets:849 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:174589 (170.4 KiB) TX bytes:418153 (408.3 KiB) Interrupt:19 Base address:0xd800 eth0:0Link encap:Ethernet HWaddr 00:03:0D:15:2B:9E inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 Interrupt:19 Base address:0xd800 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4734603 errors:0 dropped:0 overruns:0 frame:0 TX packets:4734603 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:373719874 (356.4 MiB) TX bytes:373719874 (356.4 MiB) virbr0Link encap:Ethernet HWaddr 22:3E:A6:BB:CD:51 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:8391 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:1617830 (1.5 MiB) wlan0 Link encap:Ethernet HWaddr 00:34:56:00:03:43 inet6 addr: fe80::234:56ff:fe00:343/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4976669 errors:0 dropped:0 overruns:0 frame:0 TX packets:4947232 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1062494718 (1013.2 MiB) TX bytes:500756007 (477.5 MiB) wlan0:0 Link encap:Ethernet HWaddr 00:34:56:00:03:43
Re: Networking problem
On Saturday, May 14, 2011 03:27:53 PM JD wrote: On 05/14/11 12:55, Rick Sewill wrote: On Saturday, May 14, 2011 10:46:51 AM JD wrote: On 05/14/11 09:17, Rick Sewill wrote: On Saturday, May 14, 2011 09:27:55 AM JD wrote: On 05/14/11 08:48, G.Wolfe Woodbury wrote: On 05/14/2011 09:36 AM, JD wrote: On my F14, I am running a firewall that accepts specific connection on specific ports from some machines on the LAN. However, for one machine I made a general rule to accept all connections: -A INPUT -s 192.168.1.60 -j ACCEPT After restarting the firewall, I still am unable to ping that machine and it is unable to ping me. That machine is not running a firewall. I can ping the router and another machine I have on the LAN. The machine at 192.168.1.60 can do the same. What else do I need to do to be able to talk to machine 192.168.1.60 and it to my fedora machine? Try: -A INPUT -s 192.168.1.60/32 -j ACCEPT there needs to be a netmask in the syntax. Tried it. Did not change anything :( Could we see more of the network topology please? Can you do on both machines: /bin/netstat -rn On Fedora Machine: # /bin/netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.0.0.00.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 10.1.1.00.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 0.0.0.0 192.168.1.254 0.0.0.0 UG0 0 0 wlan0 On the machine in question (192.168.1.60) # /sbin/netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.1.254 UGSc80 en1 127127.0.0.1 UCS 00lo0 127.0.0.1 127.0.0.1 UH 04lo0 169.254link#6 UCS 00en1 192.168.1 link#6 UCS 20en1 192.168.1.10:26:18:6:ef:7 UHLW0 113en1 566 192.168.1.60 127.0.0.1 UHS 00lo0 192.168.1.254 0:1d:5a:c8:91:c1 UHLW 15 153en1 565 Internet6: Destination Gateway Flags Netif Expire ::1 link#1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#1 UHL lo0 ff01::/32 ::1 U lo0 ff02::/32 fe80::1%lo0 UC lo0 /sbin/ifconfig On Fedora machine: # /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:03:0D:15:2B:9E inet addr:10.1.1.1 Bcast:10.1.1.255 Mask:255.255.255.0 inet6 addr: fe80::203:dff:fe15:2b9e/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:1340 errors:0 dropped:0 overruns:0 frame:0 TX packets:849 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:174589 (170.4 KiB) TX bytes:418153 (408.3 KiB) Interrupt:19 Base address:0xd800 eth0:0Link encap:Ethernet HWaddr 00:03:0D:15:2B:9E inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 Interrupt:19 Base address:0xd800 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4734603 errors:0 dropped:0 overruns:0 frame:0 TX packets:4734603 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:373719874 (356.4 MiB) TX bytes:373719874 (356.4 MiB) virbr0Link encap:Ethernet HWaddr 22:3E:A6:BB:CD:51 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:8391 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:1617830 (1.5 MiB) wlan0 Link encap:Ethernet HWaddr 00:34:56:00:03:43 inet6 addr: fe80::234:56ff:fe00:343/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4976669 errors:0 dropped:0 overruns:0 frame:0 TX
Re: Best FOSS alternative for skype?
On Thursday, May 12, 2011 02:08:56 AM Zoltan Hoppar wrote: HI Fernando, Yesterday night I have tried out your suggestion, and works surprisingly well. By the way, a far as I know there is an possibility to use our Fedora SIP inside at FAS, right? Please correct me if I am wrong, but I am under the impression Fedora talk has been retired. Please see URL: https://insight.fedoraproject.org/content/kevin-fenzi-fedora-talk-first-static- then-silence-talkfedoraprojectorg-closing-2011-05-05 If Fedora talk has indeed, been retired, could someone update the wiki and other references to Fedora Talk? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Best FOSS alternative for skype?
On Tuesday, May 10, 2011 04:54:33 PM Marko Vojinovic wrote: ... Thus the question: is there a FOSS VoIP app that provides roughly the same quality, reliability and free-as-in-beer service? I would like to know the answer to this question also. I've been reading about Google and xmpp and jingle. http://en.wikipedia.org/wiki/Jingle_%28protocol%29 I found a firefox plugin I could download. From URL: http://www.google.com/chat/video I clicked Install voice and video chat and got to URL: http://www.google.com/chat/video/download.html I installed the rpm. I haven't tested it much...I did call my google voice number to see if I could answer and I could. I assume I can call out too, but haven't tried. Always keeping firefox running is not satisfactory for me. I have an older machine, with not enough ram or cpu power. I was hoping to use an open source voip client program. empathy seems to use libjingle and will let me know when there is an incoming google voice call, but it doesn't work. Google voice wants me to press 1 to accept the call. I have no way to press 1 in empathy. I haven't had any success with any other client program. I tried kopete, gajim, without success. It used to be google voice worked with sip if one had a gizmo5 account. Google discontinued gizmo5 recently. I heard rumors there are still ways to call google voice from sip, but that doesn't help me. I want to use an open source client, and can no longer use a sip client. If anyone knows how to get one of these xmpp client programs working with google voice, please share that information. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: dhcpd gateway settings
On Friday, April 22, 2011 12:11:38 PM Aaron Gray wrote: I am trying to set up a network and gateway on 192.168.1.x that I am using for BOOTP'ing servers. dhcpd.conf ~~~ allow booting; allow bootp; ddns-update-style interim; ignore client-updates; subnet 192.168.1.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.1; option router-discovery true; option domain-name-servers 8.8.8.8; range dynamic-bootp 192.168.1.200 192.168.1.240; next-server 192.168.0.140; filename pxelinux.0; } subnet 192.168.0.0 netmask 255.255.255.0 { } ~~ But I cannot seem to get HTTP or other services to work on 192.168.1.x I have the existing 192.168.0.x network and was wondering how gateway requests should get from 192.168.1.x to 192.168.0.1 ? Many thanks in advance, Aaron If I were a dhcp client, with no other routing configuration information, I will arp for the router at 192.168.1.1 to find the router's mac address. I would send the packet not destined to my local subnet to the router. I will not arp for 192.168.0.140 because it is not on my local subnet. The question becomes, how is the router at 192.168.1.1 configured? The router needs to forward the packets to the 192.168.0.x network. To see the path, on the 192.168.1.x machine, try traceroute -n 192.168.0.x -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: dhcpd gateway settings
On Friday, April 22, 2011 01:58:35 PM Aaron Gray wrote: On 22 April 2011 19:37, Rick Sewill rsew...@gmail.com wrote: On Friday, April 22, 2011 12:11:38 PM Aaron Gray wrote: I am trying to set up a network and gateway on 192.168.1.x that I am using for BOOTP'ing servers. dhcpd.conf ~~~ allow booting; allow bootp; ddns-update-style interim; ignore client-updates; subnet 192.168.1.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.1; option router-discovery true; option domain-name-servers 8.8.8.8; range dynamic-bootp 192.168.1.200 192.168.1.240; next-server 192.168.0.140; filename pxelinux.0; } subnet 192.168.0.0 netmask 255.255.255.0 { } ~~ But I cannot seem to get HTTP or other services to work on 192.168.1.x I have the existing 192.168.0.x network and was wondering how gateway requests should get from 192.168.1.x to 192.168.0.1 ? Many thanks in advance, Aaron If I were a dhcp client, with no other routing configuration information, I will arp for the router at 192.168.1.1 to find the router's mac address. I would send the packet not destined to my local subnet to the router. I will not arp for 192.168.0.140 because it is not on my local subnet. The question becomes, how is the router at 192.168.1.1 configured? The router needs to forward the packets to the 192.168.0.x network. How do I do that ? I was reading your answers to Jame's questions on the other sub-thread. His questions were actually better than my questions. What is device 192.168.1.1? Is that the Netgear or your laptop? From the other thread I gather 192.168.0.140 is your laptop. What is the IP address for the Netgear, 192.168.0.1? A strange question, do you wish your laptop, running Linux, to filter packets from the 192.168.1/24 network to the Internet? If the answer to the above question is no, you might consider configuring the Netgear to be the gateway for both the 192.168.0/24 and 192.168.1/24 subnets. http://documentation.netgear.com/fvs336g/enu/202-10257-01/FVS336G_RM-05-08.html The Netgear will be the gateway for both subnets. The Netgear will route traffic between the two subnets. If, on the other hand, you want your laptop to filter packets from the 192.168.1/24 subnet to the Internet, you have two choices. You can configure your laptop to route packets between the 192.168.0/24 and 192.168.1/24 subnets -or- you can configure your laptop to masquerade packets from the 192.168.1/24 subnet when it forwards packets from the 192.168.1/24 subnet to the 192.168.0/24 subnet (and, by extension, to the Internet). For both choices where you want your laptop filtering packets from the 192.168.1/24 subnet, you need to do the following: 1) your laptop needs to do multihoming on the ethernet port One IP address, for your laptop, should be 192.168.0.140. The other IP address, for your laptop, should be 192.168.1.1. I get these two IP addresses based on your dhcpd.conf file. If you need help with this, we can go into more detail in another email. I know how to do this if you are NOT using NetworkManager. Someone else may know how to do this if you are using NetworkManager. 2) Your laptop needs to be set to enable IP forwarding. You can dynamically turn on IP forwarding with the following command (as root), echo 1 /proc/sys/net/ipv4/ip_forward The above command would need to be done each time your laptop boots. Alternatively, you can change the line, net.ipv4.ip_forward = 0 in the file, /etc/sysctl.conf, change the value from 0 to 1, to have the laptop always want to do IP forwarding when it boots. 3) You will need to examine your iptables and change your iptables configuration, as needed, to permit packets flowing between the 192.168.0/24 and 192.168.1/24 subnet. This is where you decide if you want to masquerade packets from the 192.168.1/24 subnet or simply route packets from the 192.168.1/24 subnet. If you want to simply route 192.168.0/24 packets, your step 4 is as follows: 4) configure the Netgear to route any packets to the 192.168.1/24 subnet through your laptop by telling the Netgear the gateway for the 192.168.1/24 subnet is 192.168.0.140. If you wish to do this, we need to search the internet to learn how to configure static routes on the Netgear. Alternatively, if you want to have your laptop do masquerading, step 4 is: 4) configure iptables on your laptop to do iptables masquerading when your laptop is forwarding the 192.168.1/24 subnet. I would suggest google: iptables masquerading linux The following is a result for a device with two physical interfaces. http://www.revsys.com/writings/quicktips/nat.html I assume one can use a single multihomed
Re: Help with PPTP VPN connection keeps failing
On Tuesday, April 19, 2011 10:43:32 AM Eric B. wrote: CCP terminated by peer Compression disabled by peer. LCP terminated by peer I don't know if this means anything. I would have thought not successfully negotiating compression would not be a good enough reason to terminate the connection. Still, I've been wrong more times than I care to admit. Can you change the compression on your side to match what the peer expects? I don't know if the peer expects a specific compression or no compression. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Help with PPTP VPN connection keeps failing
On Tuesday, April 19, 2011 10:38:34 PM Eric B. wrote: Rick Sewill rsew...@gmail.com wrote in message news:201104191901.17623.rsew...@gmail.com... On Tuesday, April 19, 2011 10:43:32 AM Eric B. wrote: CCP terminated by peer Compression disabled by peer. LCP terminated by peer I don't know if this means anything. I would have thought not successfully negotiating compression would not be a good enough reason to terminate the connection. Still, I've been wrong more times than I care to admit. Can you change the compression on your side to match what the peer expects? I don't know if the peer expects a specific compression or no compression. This may sound like a stupid question, but how/where does one configure compression using the Network Manager? I can't seem to find documentation on option configuration anywhere. Thanks, Eric I use KDE so I am limited in what I can do with GNOME Network Manager, but... Can you go to the Network Connections, select VPN, select the pptp connection and edit it. Click the Advanced button, which I think is above the Save button. Doing a google search: networkmanager pptp compression I got the URL http://blog.herbertm.ca/archives/258 which may help us. Can you tell us what the old settings were before changing any settings? Can you make the settings be similar to the screen shot in the above URL? I.e., have only MSCHAP selected, MPPE checked, 128 bit (most secure), I think it doesn't matter if TCP header compression is checked/unchecked, but have the other compressions unchecked. While I would not terminate a connection if compression was not negotiated, I would terminate a connection if encryption were not successfully negotiated. Were there any messages about encryption negotiation in the log? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Running ssh on unreserved ports
On Saturday, February 19, 2011 04:28:11 am Anne Wilson wrote: On Saturday 19 February 2011 10:20:30 Tim wrote: On Fri, 2011-02-18 at 16:07 -0500, Alex wrote: I'd like to move it to a higher port to avoid the normal doorknob rattling that occurs with ssh running on a public server. Even with it on a different port, you'd probably want to implement some firewalling that auto-bans an IP after few failed attempts. That stops them from continually trying to get through. I think there was a package called fail2ban, or something similar, that did that automatically. Fail2ban is easy to set up, and I've seen it stop attempts here. Anne The one time I suffered a rootkit on Linux was when someone used a bug in ssh to get into my system. Fortunately, for me, I discovered the rootkit within hours of it happening and reloaded. I am paranoid about ssh and welcome suggestions that increase my ssh security configuration, in particular, and overall security, in general. Currently, for ssh on my system, I do the following: 1) in my /etc/ssh/sshd_config file a) I specify which users can use ssh (AllowUsers rsewill ...) b) I explicitly specified only protocol 2 could be used until that was the default in later versions of ssh. (Protocol 2) c) I switch to a non-standard port (Port ...) d) I do not permit root logins, (PermitRootLogin no) e) I ignore user known hosts (IgnoreUserKnownHosts yes) f) I do not permit password authentication (PasswordAuthentication no) I do not permit kerberos authentication. This leaves public key authentication. Please make sure the key bits are large enough, default is 2048 for RSA, and make sure the person, with the private key, protects the private key. 2) in iptables a) I whitelist the IP addresses of those I permit coming in through ssh. If one can't whitelist IP addresses,one might try blacklisting IP address ranges. For example, if one lives in Europe, one might not expect an ssh connection from the United States or Russia or China. Please note, I do not believe blacklisting is that effective. First, the zombie PCs can be anywhere, in any country. Second, people can use proxy services to get around country blacklists. If you still want to try to blacklist countries, please do a google search, China IP range, to get some sites that list IP address ranges for various countries. I can't/won't recommend any particular site, but can list a few examples from this google search: http://www.ipaddresslocation.org/ip_ranges/get_ranges.php http://www.countryipblocks.net/country-blocks/select-formats/ http://www.find-ip-address.org/ip-country/ With the advent of IPv6, you need to start whitelisting and blacklisting IPv6 addresses when your ISP switches to IPv6. The default, for most ports, is to drop incoming connects. IPSec seems to be an exception. I'm not sure I like having IPSec as an exception unless I expect IPSec traffic. Why aren't there iptables filters that allow outgoing IPSec connections, but not incoming IPSec connections The normal IPv4 iptables filters also allow IPSec connections. Is this the default or have I accidentally enabled IPSec? b) I set up my iptables filters to drop packets from a source that fails to connect in n attempts over a certain period of time. I would suggest doing a google search: ssh-evil iptables for examples. If you are not comfortable with iptables and iptables filters, please get a trusted friend to help you. The iptables filters are your firewall; you want all filters correct, and in the correct order, or you leave yourself open to attack. It sounds like fail2ban scans log files for break-in attempts, not just for ssh, but for other protocols as well. It would be a welcome addition. signature.asc Description: This is a digitally signed message part. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: why is my Linux so damn slow?
On Saturday, February 12, 2011 12:09:34 pm M. Fioretti wrote: On Sat, Feb 12, 2011 19:03:56 PM +0100, Marco Fioretti (mfiore...@nexaima.net) wrote: On Sat, Feb 12, 2011 12:55:16 PM -0500, Lamar Owen (lo...@pari.edu) wrote: On Saturday, February 12, 2011 12:19:33 pm M. Fioretti wrote: besides hard drive and DVD burner there are only Logitech webcam, wheelmouse and earphone microphone, but everything is plugged in the back which is not really accessible without moving furniture. I'll do that if needed, but isn't a way to check for those interrupts from the prompt? Let's see if iowaits are you issue. Install the sysstat package (yum install sysstat) and run: iostat -x 1 here it is, thanks for the tip. When it isn't zero, the await column gives anything from 27.36 to 35.78 (last line) to 5 (I have already posted top output in a comment to the web page): [root@polaris ~]# iostat -x 1 | egrep -i 'device|sda' Sorry, of course that's only the part of the story about sda. here is one complete run of iostat: Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 5.000.00 5.00 0.0064.0012.80 0.036.00 6.00 3.00 dm-0 0.00 0.000.008.00 0.0064.00 8.00 0.04 4.38 3.75 3.00 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 other runs show all null values for dm-0 / dm-1, or values similar to these Marco Could you show the output of iostat -x 1, not iostat -x 1 | egrep -i 'device|sda' please? On my system, when I do iostat -x 1 I get avg-cpu besides drive information. avg-cpu: %user %nice %system %iowait %steal %idle 5.050.004.040.000.00 90.91 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 It might help to see the avg-cpu. If we are lucky, either the %user or %system or ... will show high cpu usage. signature.asc Description: This is a digitally signed message part. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: why is my Linux so damn slow?
On Saturday, February 12, 2011 12:27:55 pm Rick Sewill wrote: On Saturday, February 12, 2011 12:09:34 pm M. Fioretti wrote: On Sat, Feb 12, 2011 19:03:56 PM +0100, Marco Fioretti (mfiore...@nexaima.net) wrote: On Sat, Feb 12, 2011 12:55:16 PM -0500, Lamar Owen (lo...@pari.edu) wrote: On Saturday, February 12, 2011 12:19:33 pm M. Fioretti wrote: besides hard drive and DVD burner there are only Logitech webcam, wheelmouse and earphone microphone, but everything is plugged in the back which is not really accessible without moving furniture. I'll do that if needed, but isn't a way to check for those interrupts from the prompt? Let's see if iowaits are you issue. Install the sysstat package (yum install sysstat) and run: iostat -x 1 here it is, thanks for the tip. When it isn't zero, the await column gives anything from 27.36 to 35.78 (last line) to 5 (I have already posted top output in a comment to the web page): [root@polaris ~]# iostat -x 1 | egrep -i 'device|sda' Sorry, of course that's only the part of the story about sda. here is one complete run of iostat: Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 5.00 0.00 5.00 0.0064.0012.80 0.036.00 6.00 3.00 dm-0 0.00 0.000.008.00 0.0064.00 8.00 0.04 4.38 3.75 3.00 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 other runs show all null values for dm-0 / dm-1, or values similar to these Marco Could you show the output of iostat -x 1, not iostat -x 1 | egrep -i 'device|sda' please? On my system, when I do iostat -x 1 I get avg-cpu besides drive information. avg-cpu: %user %nice %system %iowait %steal %idle 5.050.004.040.000.00 90.91 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 It might help to see the avg-cpu. If we are lucky, either the %user or %system or ... will show high cpu usage. Another question please...if it's spurious interrupts, I found the device file, /proc/interrupts, which has a row for Spurious interrupts. We haven't demonstrated the problem is interrupt related. Can we try to isolate or rule out this as a problem please? Could you show us the output of twice, the second time a few seconds after the first time so we can see if any interrupt number changes fast. more /proc/interrupts ... more /proc/interrupts Can people suggest any information/files in /proc which might help us? I assume there is a periodic hardware clock interrupt for your CPU. Can we find out this clock interrupt rate somewhere? signature.asc Description: This is a digitally signed message part. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: why is my Linux so damn slow?
On Saturday, February 12, 2011 12:43:53 pm M. Fioretti wrote: On Sat, Feb 12, 2011 12:27:55 PM -0600, Rick Sewill (rsew...@gmail.com) wrote: Could you show the output of iostat -x 1, not iostat -x 1 | egrep -i 'device|sda' please? Sure, sorry, here you go (this is with Firefox open, right now) Linux 2.6.35.10-74.fc14.x86_64 (polaris.localdomain) 02/12/2011 _x86_64_(2 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 28.930.003.230.690.00 67.15 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.7612.231.72 2.0796.94 111.7654.97 0.10 26.58 4.13 1.57 dm-0 0.00 0.002.45 13.9896.65 111.7612.68 2.18 132.68 0.95 1.57 dm-1 0.00 0.000.010.00 0.09 0.00 8.00 0.005.45 3.18 0.00 avg-cpu: %user %nice %system %iowait %steal %idle 48.760.000.500.000.00 50.75 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 0.000.00 0.00 0.00 0.00 0.00 0.000.00 0.00 0.00 dm-0 0.00 0.000.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 avg-cpu: %user %nice %system %iowait %steal %idle 16.580.001.010.000.00 82.41 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 0.000.00 19.00 0.00 152.00 8.00 0.010.79 0.11 0.20 dm-0 0.00 0.000.00 19.00 0.00 152.00 8.00 0.01 0.79 0.11 0.20 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 avg-cpu: %user %nice %system %iowait %steal %idle 4.460.000.994.950.00 89.60 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.0027.000.00 9.00 0.00 272.0030.22 0.077.67 7.67 6.90 dm-0 0.00 0.000.00 34.00 0.00 272.00 8.00 0.10 2.82 2.03 6.90 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 avg-cpu: %user %nice %system %iowait %steal %idle 4.500.001.000.000.00 94.50 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 0.000.00 0.00 0.00 0.00 0.00 0.000.00 0.00 0.00 dm-0 0.00 0.000.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 avg-cpu: %user %nice %system %iowait %steal %idle 12.870.000.990.000.00 86.14 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 0.000.00 0.00 0.00 0.00 0.00 0.000.00 0.00 0.00 dm-0 0.00 0.000.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 avg-cpu: %user %nice %system %iowait %steal %idle 39.300.000.500.000.00 60.20 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util sda 0.00 0.000.00 0.00 0.00 0.00 0.00 0.000.00 0.00 0.00 dm-0 0.00 0.000.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-1 0.00 0.000.000.00 0.00 0.00 0.00 0.000.00 0.00 0.00 Is there any correlation between avg-cpu %user and Device sda wsec/s writes? Is there a burst of %user cpu activity followed by a burst of wsec/s writes? If the system is doing so little, I'd expect less %user cpu activity. Since the system is 2 CPU, does 48% means one cpu ran solid for a second? Someone help us...I know there is a command to show open files, lsof. Does that command include a way to find out disk activity per file or is there another command that can find out disk activity per file? I'm hoping, if we identify the file(s) with disk activity, we might identify the service/application/kernel feature that is hogging the cpu. signature.asc Description: This is a digitally signed message part. -- users mailing list users
Re: why is my Linux so damn slow?
On Saturday, February 12, 2011 12:55:12 pm M. Fioretti wrote: On Sat, Feb 12, 2011 12:47:13 PM -0600, Rick Sewill (rsew...@gmail.com) wrote: Could you show us the output of twice, the second time a few seconds after the first time so we can see if any interrupt number changes fast. more /proc/interrupts here are two runs, 5/6 seconds apart: [root@polaris ~]# more /proc/interrupts CPU0 CPU1 0:136180 IO-APIC-edge timer 1: 0 2 IO-APIC-edge i8042 4: 0 2 IO-APIC-edge 7: 1 0 IO-APIC-edge parport0 8: 0 1 IO-APIC-edge rtc0 9: 0 0 IO-APIC-fasteoi acpi 12: 0 4 IO-APIC-edge i8042 14: 0 0 IO-APIC-edge pata_amd 15: 0 0 IO-APIC-edge pata_amd 17: 0 2 IO-APIC-fasteoi firewire_ohci 20: 116972135 IO-APIC-fasteoi ohci_hcd:usb3, nvidia 21:947289 IO-APIC-fasteoi ehci_hcd:usb2, hda_intel 22: 0 3 IO-APIC-fasteoi ehci_hcd:usb1 23: 252957 24 IO-APIC-fasteoi ohci_hcd:usb4 43: 449718 5490 PCI-MSI-edge ahci 44: 850242 23 PCI-MSI-edge eth0 NMI: 0 0 Non-maskable interrupts LOC: 12772218 13583547 Local timer interrupts SPU: 0 0 Spurious interrupts PMI: 0 0 Performance monitoring interrupts PND: 0 0 Performance pending work RES:68964877547957 Rescheduling interrupts CAL: 8607 11701 Function call interrupts TLB: 43915 42920 TLB shootdowns TRM: 0 0 Thermal event interrupts THR: 0 0 Threshold APIC interrupts MCE: 0 0 Machine check exceptions MCP:103103 Machine check polls ERR: 1 MIS: 0 [root@polaris ~]# [root@polaris ~]# more /proc/interrupts CPU0 CPU1 0:136180 IO-APIC-edge timer 1: 0 2 IO-APIC-edge i8042 4: 0 2 IO-APIC-edge 7: 1 0 IO-APIC-edge parport0 8: 0 1 IO-APIC-edge rtc0 9: 0 0 IO-APIC-fasteoi acpi 12: 0 4 IO-APIC-edge i8042 14: 0 0 IO-APIC-edge pata_amd 15: 0 0 IO-APIC-edge pata_amd 17: 0 2 IO-APIC-fasteoi firewire_ohci 20: 116985135 IO-APIC-fasteoi ohci_hcd:usb3, nvidia 21:947289 IO-APIC-fasteoi ehci_hcd:usb2, hda_intel 22: 0 3 IO-APIC-fasteoi ehci_hcd:usb1 23: 252957 24 IO-APIC-fasteoi ohci_hcd:usb4 43: 449809 5490 PCI-MSI-edge ahci 44: 850456 23 PCI-MSI-edge eth0 NMI: 0 0 Non-maskable interrupts LOC: 12774821 13585530 Local timer interrupts SPU: 0 0 Spurious interrupts PMI: 0 0 Performance monitoring interrupts PND: 0 0 Performance pending work RES:68969747548786 Rescheduling interrupts CAL: 8608 11703 Function call interrupts TLB: 43919 42921 TLB shootdowns TRM: 0 0 Thermal event interrupts THR: 0 0 Threshold APIC interrupts MCE: 0 0 Machine check exceptions MCP:103103 Machine check polls ERR: 1 MIS: 0 [root@polaris ~]# will try now to find out the clock interrupt rate. Thanks I think the clock interrupt rate is shown by the Local timer interrupts. I don't know if that number is okay or not. I think it might be okay. I am curious about the Rescheduling interrupts. I do not have a dual core system so I have no rescheduling interrupts. I do not know how many rescheduling interrupts is too many. I did google searches, Resheduling interrupts and Linux Resheduling interrupts It appears there have been problems, in this area, over the years. We should be careful to limit ourselves to any recent problems. I found some sort of explanation of rescheduling interrupts at https://help.ubuntu.com/community/ReschedulingInterrupts Also at this URL were suggestions for troubleshooting problems. One suggestion, from this URL was to use vmstat 1. I haven't used vmstat before so this is educational. Another suggestion was troubleshooting ACPI and APIC problems. This problem sounds similar to another person's problem: http://www.spinics.net/lists/kvm/msg49558.html I mention this problem because of the date and also it's Debian (not Fedora). We don't know if this person's problem is a Rescheduling interrupt problem...but it sounds similar. signature.asc Description
Re: outout format of time command
On Tuesday, February 01, 2011 04:13:20 am Adel ESSAFI wrote: Hello, I have followed the man page of time commande to put a certain output format. However, time command does not recognise -f option. Could you help please. [adel@localhost generateInstance]$ time -f %e ls bash: -f: command not found There are two separate time commands. One is a bash built-in. To set the format for this time, please set the environment variable, TIMEFORMAT. Please do info bash and search for TIMEFORMAT. The other is the time command described by man time. To use this time command, please do $(which time) -f %e ls On my system, $(which time) happens to be /usr/bin/time so I can also do /usr/bin/time -f %e ls signature.asc Description: This is a digitally signed message part. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: [Fedora] Re: [Fedora] Re: korganizer crash
On Thursday, January 27, 2011 04:10:46 pm Walter Cazzola wrote: Dear all, just to add something to my problem, this affect only my user, from root korganizer starts like a charm. I've noticed that it is bound to the akonadi server but also killing all the process related to akonadi korganizer from my user doesn't start. :-( any help is appreciated I just started using kde a little while ago so I may not be much help. I believe, to identify a problem, one needs to isolate the problem. To this end, what calendar(s) were you working with just before it failed? If they were local calendars, can you move them out of the way, until you identify which local calendar causes the problem, and then examine that calendar to see what might be causing the problem? I would strongly encourage you to make a backup before moving files. It would be bad if my suggestion made matters worse. If they are calendars from the Internet, can you bring up korganizer with your PC not connected to the Internet--korganizer will fail to get to the internet, but you might be able to disable the Internet calendar. If disabling an Internet calendar stops the crashing, we get a hint. Once the calendar(s) causing problems can be identified, others may have hints what is causing the crashing problem. Also, when it crashes, I assume abrt wants to make a report. Do the details of the report give a hint why korganizer is crashing? The hint may have no meaning to me, but might help a developer. With the hint, one might google to see what others did to fix similar problems. I wish I could give you an answer. I'm afraid I can only suggest isolating the problem. Hopefully others, who have used kde longer or develop kde will recognize the problem and suggest a fix or workaround. signature.asc Description: This is a digitally signed message part. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: iptables and NAT
On Tuesday, January 25, 2011 09:12:07 am Ian Pilcher wrote: What is the default gateway on the web server? It's possible that packets are getting through the gateway server just fine, but getting lost on the way back. Can the OP run wireshark and look for the packets? Also, if one does iptables -L -v -t nat -and- iptables -L -v before and after trying to send a packet from the Internet to his server, do the byte and packet counts for the nat iptables entries and the other iptables entries (for forwarding the packet) get incremented as expected? signature.asc Description: This is a digitally signed message part. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Checking whether Gnome screensaver currently active
On Tuesday, January 18, 2011 08:52:57 pm Robert Nichols wrote: On 01/18/2011 12:28 PM, Rick Sewill wrote: On Tuesday, January 18, 2011 09:00:22 am Robert Nichols wrote: On 01/18/2011 01:34 AM, Rick Sewill wrote: On Monday, January 17, 2011 10:57:00 pm Robert Nichols wrote: On 01/17/2011 09:57 PM, Rick Sewill wrote: Question please: Can you use gnome-screensaver-command -q man gnome-screensaver-command I'm currently trying out KDE so I don't know what is returned by the above command for the various gnome-screensaver states. As I said in my original message, when run from a cron job that fails: ** Message: Failed to connect to the D-BUS daemon: /bin/dbus-launch terminated abnormally with the following error: Autolaunch error: X11 initialization failed. And yes, I did try it with DISPLAY=:0.0 in the environment. You have a good puzzle! I read all the responses for the problem, http://www.mail-archive.com/debian-kde@lists.debian.org/msg30421.html I tried to condense their answer to the following...please give it a try: I created a file, ${HOME}/bin/testscreensaver = Please begin contents of file testscreensaver with following line #!/bin/bash # We must set the DISPLAY variable so dbus is happy. export DISPLAY=:0.0 # We must find the DBUS_SESSION_BUS_ADDRESS so dbus is happy. for pid in $(pgrep -u $USER) do declare DBUS_SESSION_BUS_ADDRESS=$(cat /proc/${pid}/environ | \ tr '\0' '\n' | grep DBUS_SESSION_BUS_ADDRESS=) # I looked for the first DBUS_SESSION_BUS_ADDRESS found. [ -z ${DBUS_SESSION_BUS_ADDRESS} ] || break done # Strip off the DBUS_SESSION_BUS_ADDRESS= string at the beginning. DBUS_SESSION_BUS_ADDRESS=${DBUS_SESSION_BUS_ADDRESS:25} # I echo it for debugging purposes...you probably don't want to echo it. echo Set bus address to${DBUS_SESSION_BUS_ADDRESS} # If I have a string, I call the gnome-screensaver-command [ -z ${DBUS_SESSION_BUS_ADDRESS} ] || gnome-screensaver-command -q = Please end file testscreensaver with previous line Hmmm, in that script you're not doing anything with DBUS_SESSION_BUS_ADDRESS beyond testing for non-null (it's not exported), so Set bus address to is a misnomer. Found bus address might be more to the point. It does test whether this user currently has a session, which is useful. Please see man dbus-daemon. I believe the variable, DBUS_SESSION_BUS_ADDRESS, must be set for desktop applications to find the per-session daemon to have interprocess communication amongst themselves. From man dbus-daemon, I am referring to the per-session daemon, not the systemwide daemon. Look again at the script you posted and explain where it does anything but set and test for non-null an internal shell variable that has no special meaning to the shell itself. Had you in some manner exported that variable so that gnome-screensaver-command could see it, then I would have more reason to believe you. I stand corrected. I ran a test without DBUS_SESSION_BUS_ADDRESS set. Only the export DISPLAY=:0.0 seems to be needed. signature.asc Description: This is a digitally signed message part. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: xmms only playing mp3 as root
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Mchael, This system was installed - clean - from dvd on 28-12-2010. I use my laptop like my car. Drive it - stick to the rules - not messing with things I do not know about. When beyond me I ask for advice. Your positive input is appreciated. Before I try anything is your advice still standing since this is new install? Await your comment Thanks. Johan I just noticed this thread. Please forgive me if my comments are not germane. When you are logged in, as root, do you have a file, ~/.xmms/config, and if so, is there a line in this file, output_plugin= When you are logged in, as a normal user, do you have a file, ~/.xmms/config, and if so, is there a line in this file, output_plugin= For me, when I am logged in, as a normal user, I do have a file, ~/.xmms/config, and the line in my file is output_plugin=/usr/lib64/xmms/Output/libxmms-pulse.so I have not run xmms, as root. I do not have a directory, /root/.xmms I thought, somewhere, I read, your xmms was looking for /dev/dsp. I thought /dev/dsp was for the audio system, Open Sound System (OSS). I thought, but could be wrong, OSS, was replaced, in the default Fedora installation, by Pulse Audio (with ALSA actually used to drive the sound hardware). I do not have the device file, /dev/dsp. xmms does play mp3 files, for me, as a normal user. In my setup, xmms must use Pulse Audio. I don't have OSS installed. I apologize if my comments are not germane. I missed the start of this thread. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0d9KQACgkQyc8Kn0p/AZTHXgCfTUj0MJTDhsfwr8qi5AqlQvVk dOYAoIuwuLynII/pRpEzyY1V7xXvCzh4 =JrHI -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: How do I set up DHCP in order to upgrade the software on my router?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/28/2010 08:31 AM, Colin Paul Adams wrote: I edited /etc/dhcp/dhcpd.conf to look like this: # # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.sample # see 'man 5 dhcpd.conf' # authoritative; use-host-decl-names on; ddns-update-style none; option domain-name colin.demon.co.uk; next-server 192.168.254.201; filename linux/pxelinux.0; allow bootp; subnet 192.168.254.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; option broadcast-address 192.168.254.255; } group { host 192.168.254.254 { hardware ethernet 00:14:7F:F8:83:DD; } } I looked at /usr/share/doc/dhcp-4.2.0/dhcpd.conf.sample, and saw the following: # This declaration allows BOOTP clients to get dynamic addresses, # which we don't really recommend. subnet 10.254.239.32 netmask 255.255.255.224 { range dynamic-bootp 10.254.239.40 10.254.239.60; option broadcast-address 10.254.239.31; option routers rtr-239-32-1.example.org; } If the above, in the sample file, is correct, and your router is using BOOTP instead of DHCP, I would think you need range dynamic-bootp ... -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0aADAACgkQyc8Kn0p/AZRzlACfeZe3M257Yjd7hJxLdIJDqHzt srIAnjHnPolQVWotLGs7lw9E2Wsz8vjr =Q7Av -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: How do I set up DHCP in order to upgrade the software on my router?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/28/2010 09:20 AM, Rick Sewill wrote: On 12/28/2010 08:31 AM, Colin Paul Adams wrote: I edited /etc/dhcp/dhcpd.conf to look like this: # # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.sample # see 'man 5 dhcpd.conf' # authoritative; use-host-decl-names on; ddns-update-style none; option domain-name colin.demon.co.uk; next-server 192.168.254.201; filename linux/pxelinux.0; allow bootp; subnet 192.168.254.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; option broadcast-address 192.168.254.255; } group { host 192.168.254.254 { hardware ethernet 00:14:7F:F8:83:DD; } } Hmmm. I did a little more digging. I found, in man dhcpd.conf, the following: BOOTP Support Each BOOTP client must be explicitly declared in the dhcpd.conf file. A very basic client declaration will specify the client network interface's hardware address and the IP address to assign to that client. If the client needs to be able to load a boot file from the server, that file's name must be specified. A simple bootp client declaration might look like this: host haagen { hardware ethernet 08:00:2b:4c:59:23; fixed-address 239.252.197.9; filename /tftpboot/haagen.boot; } Could you instead of doing what I thought previously, replace group { host 192.168.254.254 { hardware ethernet 00:14:7F:F8:83:DD; } } with something like the following... host myrouter { hardware ethernet 00:14:7F:F8:83:DD; fixed-address 192.168.254.254; filename /var/lib/tftpboot/ZZQIAA8.225.bli; } -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0aCigACgkQyc8Kn0p/AZTTqgCdHDl7KvO+2RfFy2Eep3k/RFOL v1UAoJYrZnNwME92MLP5o8vsH9Wn3dBt =GgOI -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: nm-applet autoload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/21/2010 10:28 AM, Richard Heck wrote: After an upgrade from F12 to F14, which went very smoothly even on an old laptop (yea!), nm-applet is no longer loaded automatically under KDE. I can load it manually from a terminal, and then all is well, but this is a hassle. I could also add it to the Autostart folder, but that seems the wrong way to handle it. Suggestions? Thanks, Richard For me, nm-applet is loaded as a Startup Application (System-Startup Application-Network Manager) The command found in the Startup Program was nm-applet --sm-disable Note: I am using Gnome, not KDE. Your mileage may vary. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0Q20gACgkQyc8Kn0p/AZTJwgCffog0UDfOQNgW6XYDqdSzIBTb +AsAoJPwVACpkmGOa7ZK8/eCmBfv2Bfi =wbYG -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: nm-applet autoload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/21/2010 10:52 AM, Rick Sewill wrote: On 12/21/2010 10:28 AM, Richard Heck wrote: After an upgrade from F12 to F14, which went very smoothly even on an old laptop (yea!), nm-applet is no longer loaded automatically under KDE. I can load it manually from a terminal, and then all is well, but this is a hassle. I could also add it to the Autostart folder, but that seems the wrong way to handle it. Suggestions? Thanks, Richard For me, nm-applet is loaded as a Startup Application (System-Startup Application-Network Manager) The command found in the Startup Program was nm-applet --sm-disable Note: I am using Gnome, not KDE. Your mileage may vary. I mistyped...that should be (System-Preferences-Startup Applications-Network Manager) Sorry. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0Q29sACgkQyc8Kn0p/AZQccwCfUcAdM5gDnalJ8hE/Byy2SMVP PJMAoJTEV0CnFA4vvQyxuUes4PBPF2ZZ =++4C -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Still having problems with mount of USB drive at boot time
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/14/2010 03:33 PM, Robert Moskowitz wrote: This is for Fedora 12 and a 1.5Tb USB seagate drive. How do I get this drive recognixzed at boot time? Once it is set up it is known as: /media/d4ae05a3-c60f-489d-8159-e16c9a271f0b Caution: I am on Fedora 14. I can't remember if the following is true for Fedora 12. I believe the following is true for Fedora 13. When the disk is on and plugged in, does an entry for it appear in ls -l /dev/disk/by-uuid What I have done is the following: 1) In my /etc/fstab I have (following is all one line, forgive the line wrap) UUID=90de18a5-489b-40bd-85a4-9a2ff3a15d81 /media/wd ext2 noauto 0 0 2) When I turn on my USB disk, the following appears: ls -l /dev/disk/by-uuid/90de* rsew...@rsewill:~ 2:6 $ ls -l /dev/disk/by-uuid/90de* lrwxrwxrwx. 1 root root 10 Dec 15 01:42 /dev/disk/by-uuid/90de18a5-489b-40bd-85a4-9a2ff3a15d81 - ../../sdf1 It appears I can use UUID=name where name is found in /dev/disk/by-uuid in my /etc/fstab file. 3) I do, sudo mount /media/wd Please note: I have my /etc/sudoers file set up so I can do sudo mount As root, one edits the /etc/sudoers file using the visudo command to set up what user can do what with the sudo command. Similarly, I believe I can use LABEL=label for the disk if it appears in /dev/disk/by-label. I have a walkman which I have labeled, WALKMAN. My fstab entry for it is as follows: (following is all one line, forgive the line wrap) LABEL=WALKMAN /media/walkman vfat noauto,user 0 0 The entry, when the walkman is plugged in, in /dev/disk/by-label is rsew...@rsewill:~ 2:11 $ ls -l /dev/disk/by-label/WALKMAN lrwxrwxrwx. 1 root root 10 Dec 15 01:47 /dev/disk/by-label/WALKMAN - ../../sdg1 I can mount my walkman, as a normal user, because of the user option in the /etc/fstab file. mount /media/walkman I use noauto or noauto,user so I can control when the device is mounted. I mount these devices manually. Please see man 8 mount for the definitions of these options, noauto, user, defaults. I assume, since you say you want it mounted automatically, and I assume at boot time, you will not want the noauto option. Would you, instead, use the defaults option instead of noauto? If the device is not turned on during boot, with the defaults option, I'm not sure what will happen. I expect the system to wait a long time and/or hang waiting for the device to appear. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0Id6gACgkQyc8Kn0p/AZR65gCfSjpKUXRNqj0KzLgfazGY4Y8U 4xgAnRjdZ0kiUMGBUmXgfV4oUqn5ZGy/ =tTbg -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Testing changes to fstab
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/15/2010 07:29 PM, Robert Moskowitz wrote: A long time ago I got burned with a type in /etc/fstab and back then I was told how to test out changes to fstab. Well I just added my USB drive to fstab and want to make sure I got it right. The line I added is: /dev/sdb1/media/usbdriveext4defaults1 2 I figure this out from the fstab man page and that the following works: mount /dev/sdb1 /media/usbdrive But I want to test first before I reboot. BTW, the messages I now get for this drive during boot are: Dec 15 19:56:06 homebase kernel: usb 1-2: New USB device found, idVendor=0bc2, idProduct=3300 Dec 15 19:56:06 homebase kernel: usb 1-2: New USB device strings: Mfr=1, Product=2, SerialNumber=3 Dec 15 19:56:06 homebase kernel: usb 1-2: Product: Desktop Dec 15 19:56:06 homebase kernel: usb 1-2: Manufacturer: Seagate Dec 15 19:56:06 homebase kernel: usb 1-2: SerialNumber: 2GHJTCB4 Dec 15 19:56:06 homebase kernel: usb 1-2: configuration #1 chosen from 1 choice Oh, and I used e2label to label the partition the same as its serial #). A suggestion please. Instead of using /dev/sdb1 in /etc/fstab, can you use either, UUID=uuid-for-the-partition or LABEL=label-for-the-partition? I speak from personal experience. At one time, I tried using /dev/sdf1 for a usb drive. Then I added another usb device. Depending how usb devices were discovered, my usb drive wasn't /dev/sdf1 any more. When the device is plugged in, even if the device is not mounted, can you check ls -l /dev/disk/by-uuid or ls -l /dev/disk/by-label to learn the uuid or label for the usb drive, respectively? Since you stated you labeled the partition, 2GHJTCB4, you should be able to do, in your /etc/fstab, LABEL=2GHJTCB4 /media/usbdriveext4defaults1 2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0JuO4ACgkQyc8Kn0p/AZQyrACdEWkPCbLuz8TiB1vLCmH3eeAS ow4AnR4ixd/G68+1q27kLzK4NIALOcVp =6CP2 -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Fedora14.Impossible Internet.More and More data.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/15/2010 12:18 AM, Rick Sewill wrote: On 11/14/2010 10:23 PM, Luis Suzuki wrote: All below was taken when Gnome NetworkManager was saying that Auto eth0 was active and OK. Below some more data:# ping 192.168.1.254 PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. 64 bytes from 192.168.1.254: icmp_req=1 ttl=64 time=1.15 ms 64 bytes from 192.168.1.254: icmp_req=2 ttl=64 time=0.700 ms 64 bytes from 192.168.1.254: icmp_req=3 ttl=64 time=0.733 ms 64 bytes from 192.168.1.254: icmp_req=4 ttl=64 time=0.715 ms 64 bytes from 192.168.1.254: icmp_req=5 ttl=64 time=0.706 ms 64 bytes from 192.168.1.254: icmp_req=6 ttl=64 time=0.775 ms 64 bytes from 192.168.1.254: icmp_req=7 ttl=64 time=0.801 ms 64 bytes from 192.168.1.254: icmp_req=8 ttl=64 time=0.716 ms 64 bytes from 192.168.1.254: icmp_req=9 ttl=64 time=0.726 ms 64 bytes from 192.168.1.254: icmp_req=10 ttl=64 time=0.708 ms 64 bytes from 192.168.1.254: icmp_req=11 ttl=64 time=0.709 ms This means the ethernet hardware is working. You can ping the router. #less /etc/resolv.conf # Generated by NetworkManager domain lan search lan nameserver 192.168.1.254 /etc/resolv.conf (END) This is good as long as the router will do DNS for you. #ifconfig -a eth0 Link encap:Ethernet HWaddr 00:21:70:BC:71:84 inet addr:192.168.1.64 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::221:70ff:febc:7184/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:120 errors:0 dropped:0 overruns:0 frame:0 TX packets:153 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:11211 (10.9 KiB) TX bytes:19119 (18.6 KiB) Interrupt:43 Base address:0x8000 The interface IP address is 192.168.1.64...okay. # ip route 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.64 metric 1 # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 You have no default route...this is part of the problem. When doing ip route, you should have something like default via 192.168.1.254 dev eth0 When doing netstat -rn, you should have something like 0.0.0.0 192.168.1.2540.0.0.0 UG0 0 0 eth0 # cat /etc/sysconfig/network-scripts/ifcfg-eth0 cat: /etc/sysconfig/network-scripts/ifcfg-eth0: No such file or directory Argh. I don't use NetworkManager...if there is no ifcfg-eth0 file, what does NetworkManager do? People? What you need to do is add a default route to 192.168.1.254 for eth0 I have no plans to use NetworkManager any time soon so I can only give you general hints...I wish someone who does use NetworkManager would take over this discussion. Needless to say...I will try. When you start the Network Manager client to examine/modify configurations, you should find the configuration for eth0. I'm only guessing, but is it something like Network connections? Can you select the ethernet network connection and push the edit button? When you do that, does a pop-up appear? Does it have a IPv4 Settings tab? Can you select the IPv4 Settings tab. What is the Method: Automatic (DHCP) or Automatic (DHCP) addresses only or Manual or what? I'm guessing the Method is Manual...but please tell me. The following advice is based on the belief the Method is Manual. Is there a Routes button? Please press it. Does another pop-up appear, something like Editing IPv4 routes for Can you add a route, AddressNetmask Gateway Metric 0.0.0.00.0.0.0 192.168.1.254 1 Can someone who does use NetworkManager correct the above please? I'm sure I have things wrong since I don't use NetworkManager. Hopefully, people can get the idea what I want tried. Please let me know how far off I am regarding the NetworkManager GUI. When you are done, please do either ip route or netstat -rn I wish to see if the default route has been added. If you have a default route...try to ping something on the Internet. I manage my interfaces myself...I do networking things for a living. NetworkManager was not my friend, in the past, when it interfered with what I needed to do...so I turned it off, and never turned it back on. Shows what I know about NetworkManager...yes, I'm learning, if for your eth0 connection, You have Method: Manual Instead of doing what I suggested by pushing the Routes button and adding the default gateway there... Change the Addresses entry from Address Netmask Gateway 192.168.1.64255.255.255.0 0.0.0.0 to Address Netmask Gateway 192.168.1.64255.255.255.0 192.168.1.254 That's probably the NetworkManager
Re: Fedora14.Still Impossible Internet.More data.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/14/2010 02:02 PM, Luis Suzuki wrote: Well it seems my problem is related with this one: bugzilla 649570.However my NIC is a Realtek RTL 8102E. the DHCP discovery packets may not be responded as well.However the workaround, does not work for me(place acpi=off or pcie_aspm=off in grub kernel boot options). So,I probably need to completely stop processes that are in charge of automatic network discovery and configure all,manually from scratch. I tried once and it did not work,I did: chkconfig NetworkManager off /etc/init.d/network stop ifconfig eth0 192.168.1.64 netmask 255.255.255.0 /etc/init.d/network start Note: my DNS server is 192.168.1.254(when auto configured). Given you are using 192.168.x.x, you must have a router doing NAT. When you believe your ethernet connection is up, can you ping your router IP address? Is your router IP address 192.168.1.254? Is your router also your DNS server? Can you please give us the information from the following commands: ifconfig -a This will give us a hint if your ethernet interface thinks it's up. The ping command above will tell us if it's really up and you can ping your router. netstat -rn(or ip route) Either of these commands will give us an idea of your current routing table. We need to be certain 192.168.1.254 isn't some other interface on your PC. We need to see what your default route actually is. We need to make sure you don't have other routes that are interfering with your ability to get to the Internet. cat /etc/sysconfig/network-scripts/ifcfg-eth0 This will give us a hint how the eth0 interface is coming up... I assume you haven't put anything special in /etc/sysconfig/network I assume you don't have any /etc/sysconfig/network-scripts/route* files cat /etc/resolv.conf This will give us a hint of your current DNS information. If you can ping the router, and the router is your gateway, and you still can't get to the Internet, we need to know information about the router. Is that router configured as a dhcp server for your local lan? Does that router do DNS for your local lan? Can you access your router, examine its configuration, and make sure it is configured to do DNS for your local lan. Can you access your router, examine the information for its WAN interface, and insure it has the correct IP address and DNS information from your ISP? I assume your ISP is providing you with a dynamic IP address. Tell me if I'm wrong. Please tell us the DNS information your router has from your ISP. Please tell us the first number of your WAN dynamic IP address, as in 24.x.x.x, I don't wish you to advertise your IP address in a public forum. I just wish to see you have a reasonable WAN IP address. Does your router have any special parental features blocking your access to the Internet? Does your router have any firewall rules blocking your access to the Internet? We may need to know more information about your ISP...I hope we don't. If you can get to your router, and your router looks okay...meaning the LAN side looks okay (correct DHCP, etc) and the WAN side looks okay (correct IP address and DNS information), I will ask about the ISP. I will ask, what kind of Internet connection are you using? xDSL, cable, etc. Does your ISP require you to log in to their web site to validate your Internet connection (MAC address) the first time you try to get to the Internet with a new device (is the router a new device as far as the ISP is concerned)? I had a cable company that did something like that...I don't have that cable company any longer. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkzgf+kACgkQyc8Kn0p/AZSjSwCgg3+cdd+POgmcT519yzjDxMuL ecAAn0k2EmvWBmJdXnQeAC9jXo2Mo1r5 =JjRr -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Fedora14.Impossible Internet.More and More data.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/14/2010 10:23 PM, Luis Suzuki wrote: All below was taken when Gnome NetworkManager was saying that Auto eth0 was active and OK. Below some more data:# ping 192.168.1.254 PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. 64 bytes from 192.168.1.254: icmp_req=1 ttl=64 time=1.15 ms 64 bytes from 192.168.1.254: icmp_req=2 ttl=64 time=0.700 ms 64 bytes from 192.168.1.254: icmp_req=3 ttl=64 time=0.733 ms 64 bytes from 192.168.1.254: icmp_req=4 ttl=64 time=0.715 ms 64 bytes from 192.168.1.254: icmp_req=5 ttl=64 time=0.706 ms 64 bytes from 192.168.1.254: icmp_req=6 ttl=64 time=0.775 ms 64 bytes from 192.168.1.254: icmp_req=7 ttl=64 time=0.801 ms 64 bytes from 192.168.1.254: icmp_req=8 ttl=64 time=0.716 ms 64 bytes from 192.168.1.254: icmp_req=9 ttl=64 time=0.726 ms 64 bytes from 192.168.1.254: icmp_req=10 ttl=64 time=0.708 ms 64 bytes from 192.168.1.254: icmp_req=11 ttl=64 time=0.709 ms This means the ethernet hardware is working. You can ping the router. #less /etc/resolv.conf # Generated by NetworkManager domain lan search lan nameserver 192.168.1.254 /etc/resolv.conf (END) This is good as long as the router will do DNS for you. #ifconfig -a eth0 Link encap:Ethernet HWaddr 00:21:70:BC:71:84 inet addr:192.168.1.64 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::221:70ff:febc:7184/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:120 errors:0 dropped:0 overruns:0 frame:0 TX packets:153 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:11211 (10.9 KiB) TX bytes:19119 (18.6 KiB) Interrupt:43 Base address:0x8000 The interface IP address is 192.168.1.64...okay. # ip route 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.64 metric 1 # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 You have no default route...this is part of the problem. When doing ip route, you should have something like default via 192.168.1.254 dev eth0 When doing netstat -rn, you should have something like 0.0.0.0 192.168.1.2540.0.0.0 UG0 0 0 eth0 # cat /etc/sysconfig/network-scripts/ifcfg-eth0 cat: /etc/sysconfig/network-scripts/ifcfg-eth0: No such file or directory Argh. I don't use NetworkManager...if there is no ifcfg-eth0 file, what does NetworkManager do? People? What you need to do is add a default route to 192.168.1.254 for eth0 I have no plans to use NetworkManager any time soon so I can only give you general hints...I wish someone who does use NetworkManager would take over this discussion. Needless to say...I will try. When you start the Network Manager client to examine/modify configurations, you should find the configuration for eth0. I'm only guessing, but is it something like Network connections? Can you select the ethernet network connection and push the edit button? When you do that, does a pop-up appear? Does it have a IPv4 Settings tab? Can you select the IPv4 Settings tab. What is the Method: Automatic (DHCP) or Automatic (DHCP) addresses only or Manual or what? I'm guessing the Method is Manual...but please tell me. The following advice is based on the belief the Method is Manual. Is there a Routes button? Please press it. Does another pop-up appear, something like Editing IPv4 routes for Can you add a route, AddressNetmask Gateway Metric 0.0.0.00.0.0.0 192.168.1.254 1 Can someone who does use NetworkManager correct the above please? I'm sure I have things wrong since I don't use NetworkManager. Hopefully, people can get the idea what I want tried. Please let me know how far off I am regarding the NetworkManager GUI. When you are done, please do either ip route or netstat -rn I wish to see if the default route has been added. If you have a default route...try to ping something on the Internet. I manage my interfaces myself...I do networking things for a living. NetworkManager was not my friend, in the past, when it interfered with what I needed to do...so I turned it off, and never turned it back on. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkzg0KcACgkQyc8Kn0p/AZTTPwCdHKiyosgZVP2T6xhv8+3s9IWz ncMAnjTVRt5qm1BLkygIDI+jgqddysHI =ZkNj -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: DNS on F13
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/10/2010 10:28 AM, Paolo Galtieri wrote: On 11/10/10 00:13, François Patte wrote: Le 10/11/2010 00:14, Paolo Galtieri a écrit : I had configured a local DNS server under F12 and everything was working fine. I upgraded the system to F13 and setup DNS again. Now I see the following errors. Nov 9 15:46:28 darkstar named[17913]: validating @0xb4e48968: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:46:28 darkstar named[17913]: error (insecurity proof failed) resolving 'dlv.isc.org/DLV/INhttp://dlv.isc.org/DLV/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: validating @0xb49766e8: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: validating @0xb4977160: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: validating @0xb4977bd8: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: error (no valid RRSIG) resolving 'howtoforge.com.dlv.isc.org/DS/IN http://howtoforge.com.dlv.isc.org/DS/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: error (insecurity proof failed) resolving 'howtoforge.com.dlv.isc.org/DLV/IN http://howtoforge.com.dlv.isc.org/DLV/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: validating @0xb4724d60: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: error (no valid RRSIG) resolving 'www.howtoforge.com.dlv.isc.org/DS/IN http://www.howtoforge.com.dlv.isc.org/DS/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: error (insecurity proof failed) resolving 'www.howtoforge.com.dlv.isc.org/DLV/IN http://www.howtoforge.com.dlv.isc.org/DLV/IN': 168.158.8.15#53 I have 2 servers configured in the forwarders section of named.conf forwarders { 68.2.16.30; 168.158.8.15; }; It only complains about the second one. I found Bug 577639 which seems related, but it's marked closed notabug. So if it's not a bug why am I seeing these errors and how do I go about resolving them? Is this a configuration issue on my side, or is this an issue with my ISP? The file /etc/named.iscdlv.key contains the correct key. Any assistance is appreciated. Did you test if it is not related to selinux? I don't believe it has anything to do with SElinux since the errors only show up for one of the 2 DNS servers I have listed in the forwarders entry. Also I don't get any SElinux alert messages. Paolo May we see your /etc/named.conf file please? I am wondering if you have an old /etc/named.conf file. Please look for /etc/named.conf.rpmnew, and if it's there, please compare the two files, save your current /etc/named.conf, and mv /etc/named.conf.rpmnew /etc/named.conf When I do, [r...@rsewill ~]# service named start Starting named:[ OK ] followed by [r...@rsewill ~]# host -a energy.gov localhost Too much stuff got printed to reproduce here without reason Output looks reasonable I do not have bind-chroot installed. Are you using bind-chroot? For this test, I am using [r...@rsewill ~]# rpm -q bind bind-9.7.1-2.P2.fc13.x86_64 What version of bind are you using please? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkza40YACgkQyc8Kn0p/AZRDHQCglJg1SNUT0qN/PAWKyE1+CDHJ VbQAn1ueb1AKs4SUXIj2iZi3CJapPrdP =yyT5 -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: DNS on F13
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 10/11/2010 00:14, Paolo Galtieri a écrit : I had configured a local DNS server under F12 and everything was working fine. I upgraded the system to F13 and setup DNS again. Now I see the following errors. Nov 9 15:46:28 darkstar named[17913]: validating @0xb4e48968: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:46:28 darkstar named[17913]: error (insecurity proof failed) resolving 'dlv.isc.org/DLV/INhttp://dlv.isc.org/DLV/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: validating @0xb49766e8: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: validating @0xb4977160: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: validating @0xb4977bd8: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: error (no valid RRSIG) resolving 'howtoforge.com.dlv.isc.org/DS/IN http://howtoforge.com.dlv.isc.org/DS/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: error (insecurity proof failed) resolving 'howtoforge.com.dlv.isc.org/DLV/IN http://howtoforge.com.dlv.isc.org/DLV/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: validating @0xb4724d60: dlv.isc.orghttp://dlv.isc.org SOA: got insecure response; parent indicates it should be secure Nov 9 15:48:02 darkstar named[17913]: error (no valid RRSIG) resolving 'www.howtoforge.com.dlv.isc.org/DS/IN http://www.howtoforge.com.dlv.isc.org/DS/IN': 168.158.8.15#53 Nov 9 15:48:02 darkstar named[17913]: error (insecurity proof failed) resolving 'www.howtoforge.com.dlv.isc.org/DLV/IN http://www.howtoforge.com.dlv.isc.org/DLV/IN': 168.158.8.15#53 I have 2 servers configured in the forwarders section of named.conf forwarders { 68.2.16.30; 168.158.8.15; }; I didn't see anything wrong in your named.conf or named.rfc1912.zones I tried dig, found in bind-utils-9.7.1-2.P2.fc13.x86_64. When I did, [r...@rsewill etc]# dig +dnssec @168.158.8.15 energy.gov ; DiG 9.7.1-P2-RedHat-9.7.1-2.P2.fc13 +dnssec @168.158.8.15 energy.gov ; (1 server found) ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: FORMERR, id: 28148 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;energy.gov.IN A ;; Query time: 78 msec ;; SERVER: 168.158.8.15#53(168.158.8.15) ;; WHEN: Wed Nov 10 21:33:15 2010 ;; MSG SIZE rcvd: 39 It appears I didn't get a valid answer. When I just changed the nameserver, [r...@rsewill etc]# dig +dnssec @68.2.16.30 energy.gov ; DiG 9.7.1-P2-RedHat-9.7.1-2.P2.fc13 +dnssec @68.2.16.30 energy.gov ; (1 server found) ... ;; Query time: 99 msec ;; SERVER: 68.2.16.30#53(68.2.16.30) ;; WHEN: Wed Nov 10 21:34:23 2010 ;; MSG SIZE rcvd: 1720 I got a very large, which looks valid to me, answer. If I leave off the +dnssec option, [r...@rsewill etc]# dig @168.158.8.15 energy.gov ; DiG 9.7.1-P2-RedHat-9.7.1-2.P2.fc13 @168.158.8.15 energy.gov ; (1 server found) ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 31441 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;energy.gov.IN A ;; ANSWER SECTION: energy.gov. 2380IN A 205.254.148.200 ;; Query time: 79 msec ;; SERVER: 168.158.8.15#53(168.158.8.15) ;; WHEN: Wed Nov 10 21:37:37 2010 ;; MSG SIZE rcvd: 44 I seem to get a valid answer. The bind I am using is [r...@rsewill etc]# rpm -q bind bind-9.7.1-2.P2.fc13.x86_64 What version of bind are you using? I have two questions about the name server at 168.158.8.15 1) Do we know if that name server supports dnssec? 2) If it supports dnssec, can we find out what name server (software and version) is being used so we can search the Internet to see if that name server is supposed to be interoperable with bind-9.x.x when doing dnssec? I am wondering why FC12 worked. I don't know what version of bind (rpm -q bind) is in FC12. I can see 3 possibilities why FC12 bind might have worked 1) perhaps the name server at 168.158.8.15 has a bug when doing dnssec, but was interoperable with the bind found in FC12, but not bind FC13. 2) Perhaps there is an error introduced into FC13 3) Perhaps, if 168.158.8.15 is not doing dnssec, FC12 bind would fall back to normal DNS. I'd be surprised if FC13 bind didn't also fall back to normal DNS...unless there is an option in your /etc/named.conf telling FC13 bind to only do dnssec. I am still parsing those options in /etc/named.conf...if someone who already has
Re: Intermittent freezing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/29/2010 04:05 AM, Nigel Bishop wrote: I am running Fedora 13 with Linux Kernel 2.6.33-3.85.fc13.x86_64 with Gnome 2.30.0 on HP laptop ProBook 4510S At times, it almost freezes, with very slow response to the keyboard. System monitor shows that something is hogging the CPU. Sometimes, after a few minutes, it recovers, other times I have to re-boot. Any ideas? Nigel Which system monitor program are you using? To my surprise, gnome-system-monitor shows me, under Processes, only my processes, not all the processes in the system. Question to everyone, is there a way to have gnome-system-monitor show all processes, in the system, not just my processes? The KDE system monitor, ksysguard, on the other hand, can show me all processes in the system. One can also run top in a shell. If top -i is done, idled or zombied processes will not be displayed. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkzKubwACgkQyc8Kn0p/AZTsFwCgiho/zN2j72lhTKzxFR3Bhhu1 OFQAn0sZdAc/PPEljKDDJqu1SpbqySXi =lL83 -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: More on DNS issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/23/2010 09:32 PM, Joe Zeff wrote: On 10/23/2010 06:58 PM, Rick Sewill wrote: [snip] Can you show your ifcfg-eth0, ifcfg-lo, and /etc/resolv.conf please? My pleasure! [r...@khorlia network-scripts]# cat ifcfg-eth0 # Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ DEVICE=eth0 BOOTPROTO=none HWADDR=00:10:dc:3a:6b:74 ONBOOT=yes SEARCH=zeff.us USERCTL=no PEERDNS=yes IPV6INIT=no NM_CONTROLLED=no TYPE=Ethernet DHCP_HOSTNAME=khorlia.zeff.us IPADDR=192.168.0.30 NETMASK=255.255.255.0 GATEWAY=192.168.0.1 PREFIX=24 DNS1=207.217.77.82 DNS2=207.217.120.83 [r...@khorlia network-scripts]# cat ifcfg-lo DEVICE=lo IPADDR=127.0.0.1 NETMASK=255.0.0.0 NETWORK=127.0.0.0 # If you're having problems with gated making 127.0.0.0/8 a martian, # you can change this to something else (255.255.255.255, for example) BROADCAST=127.255.255.255 ONBOOT=yes NAME=loopback DNS1=207.217.77.82 DNS2=207.217.120.83 [r...@khorlia etc]# cat resolv.conf # Generated by NetworkManager search zeff.us # No nameservers found; try putting DNS servers into your # ifcfg files in /etc/sysconfig/network-scripts like so: # # DNS1=xxx.xxx.xxx.xxx # DNS2=xxx.xxx.xxx.xxx # DOMAIN=lab.foo.com bar.foo.com nameserver 207.217.77.82 nameserver 207.217.120.83 nameserver 71.242.0.12 Interesting. I thought I'd disabled Network Manager several years ago, but checking, system-config-services had it enabled. I've tried disabling it again, but don't have much faith in that anymore! I can think of two possibilities: 1) the DNS information is first being written to /etc/resolv.conf when interface eth0 is brought up, and then overwritten later. 2) the DNS information is not successfully being written to /etc/resolv.conf when interface eth0 is brought up. For the first possibility, I notice /etc/sysconfig/network-scripts/ifup-post will call /sbin/ifup-local if it exists and is executable. Also, /etc/sysconfig/network-scripts/ifdown-post will call /sbin/ifdown-local if it exists and is executable. Could you create /sbin/ifup-local and /sbin/ifdown-local (or add some lines to these files if they exist) for debugging purposes I'm thinking something along the lines of having a file in /root that captures what /etc/resolv.conf is each time an interface is brought up or down...would something like the following for both files seem reasonable: #!/bin/bash echo # $(date) # ${0} ${1} /root/debug-resolv-conf cat /etc/resolv.conf /root/debug-resolv-conf The files, /sbin/ifup-local and /sbin/ifdown-local, need to be executable to work. I hope you get the idea. For the second possibility, I searched /etc/sysconfig/network-scripts to see what scripts have DNS1 and found /etc/sysconfig/network-scripts/ifup-post If I read ifup-post correctly, ... there are 2 if statements that both need to execute for the section of code that writes /etc/resolv.conf You have PEERDNS=yes so the first if statement, if [ $PEERDNS != no ] ... is satisfied correctly. Could the second if statement be failing somehow: if [ -n $DNS1 ] ! grep -q nameserver $DNS1 /etc/resolv.conf tr=$(mktemp /tmp/XX) ; then Assuming $DNS1 equals 207.217.77.82, and the entry is not already in /etc/resolv.conf, the only way I can see this if statement failing is if tr=$(mktemp /tmp/XX) fails. It's only a guess...could selinux be causing tr=$(mktemp /tmp/XX) to fail somehow? When you get a repeatable failure condition, does changing selinux to permissive mode cause things to work? I am not sure which file(s) to examine in /var/log to find log messages when selinux prevents an action...that might be a better way to check. Final question, when you get a failure condition, does bringing the eth0 interface down and up, manually, after the system is up and running, cause /etc/resolv.conf to be written correctly? I ask this question because the conditions during boot might be different from the conditions when one brings an interface up manually on a running system. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkzEBrcACgkQyc8Kn0p/AZSaHACgq8Dk/FG90y49SLoz1xB8NGhu FRMAniGdWyPJ2Iqyc6jH2IFOqB/6ivGc =UicA -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: More on DNS issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/23/2010 07:59 PM, Joe Zeff wrote: OK, I've now rebooted, and the problem manifested again. No surprise. Checking, both ifcfg-eth0 and ifcfg-lo have the proper DNS in them but resolf.conf claims they don't. [r...@khorlia etc]# ls -l resolv.conf -rw-r--r--. 2 root root 317 Oct 23 17:53 resolv.conf [r...@khorlia network-scripts]# ls -l ifcfg* -rw-r--r--. 8 root root 343 Oct 15 00:51 ifcfg-eth0 -rw-r--r--. 1 root root 293 Sep 15 12:30 ifcfg-lo Neither of them has changed recently, as you can see and resolv.conf was rebuilt at boot. Any ideas? Can you show your ifcfg-eth0, ifcfg-lo, and /etc/resolv.conf please? If you have anything you want kept private, please replace the private information with X, Y, ... -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkzDktsACgkQyc8Kn0p/AZTpfwCfYHvnGBIyDgN4Jkr+dBE+R+3b y9EAoKXiNG6g4Xa8mhVQykpIaTZq98To =0NH/ -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Suggestions about podcast apps (rhythmbox and vlc)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/16/2010 11:40 AM, Suvayu Ali wrote: Hi, I was looking for some application to listen to and maybe keep some of the podcasts I want to listen to. So far I have been using rhythmbox, it serves my purposes just right except when something goes wrong and the database (its in XML format) goes bad. Apparently there is no way of easily importing/combining databases for the podcast feeds for rhythmbox. So I tried out the latest feature enhancements in vlc, again it works perfectly except that I can't save any of the podcasts. Does anyone know how to solve either of these problems? Or is there some other application that meets my needs? I am open to trying new applications as long as they are light on the desktop (the reason I didn't like Miro). Thanks for any thoughts. I use gpodder for podcasts. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAky52SwACgkQyc8Kn0p/AZS6QACglZ44khJ1aGsjcVAWF8bp/UYh jI4AoKpXd5EM51E22gEgIEEW3AAlbCYf =rGyI -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[OT] To people with VoIP SIP Clients (twinkle, etc), friendly-scanner DOS attack
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is off topic, but I thought I should tell people. This past weekend, I suffered a DOS attack launched against VOIP SIP Clients. The attack came, at different times, from 3 separate IP addresses. I blocked the IP addresses using IP Tables when I discovered it. The attack was a bombardment of several hundred SIP REGISTER requests, per second, with a user agent of friendly-scanner. The attack was a sustained attack over three days. I contacted my ISP. They told me they have taken steps. I contacted 2 of the 3 owners of the offending IP addresses. The third owner of the IP address was a job site address in China, and I couldn't figure out how to contact them. In my case, I run the VOIP SIP program, twinkle. Twinkle started consuming vast amounts of memory, going from a normal 5 MiB usage to 500-600 MiB usage, before I realized what was happening. Twinkle attempted to respond to each incoming packet with an outgoing SIP error packet. I posted a message on the yahoo group used by twinkle asking what they could do to better handle such an attack. If you suddenly seem to have memory problems, I suggest running something like System Monitor to find out what applications have memory. I also be on the lookout for unexpectedly high internet traffic. This message is off-topic, because it is not specific to Fedora. I thought it wouldn't hurt to let people know of this type of attack. I hope people don't object to this off-topic post. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAky3WikACgkQyc8Kn0p/AZRr+QCgnpEL5nIS5JX+0AucTKeGyrbf ZDoAnjIFC7hVPW58sKM6tVVNSNwEN2xq =mLHd -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: [OT] To people with VoIP SIP Clients (twinkle, etc), friendly-scanner DOS attack
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/14/2010 02:58 PM, Patrick Lists wrote: On 10/14/2010 09:29 PM, Rick Sewill wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is off topic, but I thought I should tell people. This past weekend, I suffered a DOS attack launched against VOIP SIP Clients. The attack came, at different times, from 3 separate IP addresses. I don't see why you would want to attack a VoIP client. Maybe the dark side knows something I don't. Recently I have seen an increase in brute force register attacks from Chinese networks. But that was on Asterisk servers. I had to block the following networks from which most attacks originated: 60.0.0.0/255.248.0.0 60.8.0.0/255.254.0.0 60.10.0.0/255.255.0.0 Most other attacks came from the US, France and Brazil. Installing fail2ban may help where a single IP tries to brute force itself into a SIP server. But that does not apply to a VoIP client. Would you mind sharing which networks your attacks came from? I hesitate to answer, but will. The people who own 67.222.1.124 and 184.106.213.202 were very cooperative and interested. The Chinese IP address was 218.14.146.200. I could connect to 218.14.146.200 port 80 and saw, what I thought, was a Chinese job website...I don't know Chinese. I apologize if the website is not Chinese. The attack packets had a user agent name of friendly-scanner. I assumed it was a version of something found at http://blog.sipvicious.org/ I assume it was looking for an asterisk server. Unfortunately, my twinkle client decided to reply. I tried looking for a twinkle configuration option to tell twinkle to just ignore REGISTER requests, to no avail. A snippet of the twinkle log looked like the following: +++ 12-10-2010 09:12:24.764991 INFO SIP ::process_sip_msg Received from: udp:67.222.1.124:5092 REGISTER sip:24.111.191.152 SIP/2.0 Via: SIP/2.0/UDP 67.222.1.124:5092;branch=z9hG4bK-1019189801;rport Content-Length: 0 From: 2299812582 sip:2299812...@24.111.191.152 Accept: application/sdp User-Agent: friendly-scanner To: 2299812582 sip:2299812...@24.111.191.152 Contact: sip:1...@1.1.1.1 CSeq: 1 REGISTER Call-ID: 1066778109 Max-Forwards: 70 - --- +++ 12-10-2010 09:12:24.769299 INFO SIP ::send_sip_udp Send to: udp:218.14.146.200:5069 SIP/2.0 403 Forbidden Via: SIP/2.0/UDP 127.0.0.1:5069;received=218.14.146.200;rport=5069;branch=z9hG4bK-1124511546 To: 3096784503 sip:3096784...@24.111.191.152;tag=gusmt From: 3096784503 sip:3096784...@24.111.191.152 Call-ID: 497952175 CSeq: 1 REGISTER Server: Twinkle/1.4.2 Content-Length: 0 - --- +++ 12-10-2010 09:12:24.770028 INFO SIP ::send_sip_udp Send to: udp:218.14.146.200:5069 SIP/2.0 403 Forbidden Via: SIP/2.0/UDP 127.0.0.1:5069;received=218.14.146.200;rport=5069;branch=z9hG4bK-404923090 To: 3096784503 sip:3096784...@24.111.191.152;tag=yrkuk From: 3096784503 sip:3096784...@24.111.191.152 Call-ID: 1619872740 CSeq: 1 REGISTER Server: Twinkle/1.4.2 Content-Length: 0 - --- +++ 12-10-2010 09:12:24.770475 INFO SIP ::process_sip_msg Received from: udp:67.222.1.124:5092 REGISTER sip:24.111.191.152 SIP/2.0 Via: SIP/2.0/UDP 67.222.1.124:5092;branch=z9hG4bK-4261809208;rport Content-Length: 0 From: 2299812582 sip:2299812...@24.111.191.152 Accept: application/sdp User-Agent: friendly-scanner To: 2299812582 sip:2299812...@24.111.191.152 Contact: sip:1...@1.1.1.1 CSeq: 1 REGISTER Call-ID: 2728516634 Max-Forwards: 70 - --- +++ 12-10-2010 09:12:24.771846 INFO SIP ::process_sip_msg Received from: udp:218.14.146.200:5069 REGISTER sip:24.111.191.152 SIP/2.0 Via: SIP/2.0/UDP 127.0.0.1:5069;branch=z9hG4bK-2590771448;rport Content-Length: 0 From: 3096784503 sip:3096784...@24.111.191.152 Accept: application/sdp User-Agent: friendly-scanner To: 3096784503 sip:3096784...@24.111.191.152 Contact: sip:1...@1.1.1.1 CSeq: 1 REGISTER Call-ID: 3719869292 Max-Forwards: 70 - --- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAky3iqsACgkQyc8Kn0p/AZTGxgCfYOtgq3yP4qeaFTjv5gMwI6O1 4GkAoIjl3m7n5iOrNTEORClyYtUqf68E =MMlX -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: SSH can't connect
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/02/2010 11:32 AM, Jim wrote: Wether I run NX (nomachine) or SSH I get the same error message, no matter what host I try to connect to. And on the host servers SSHd is running. And so is the Client box. Running NX Error message: ssh: connect to host 70.236.39.98 port 22: Connection timed out Running $ ssh j...@70.236.39.98 ErrorMessage:ssh: connect to host 70.236.39.98 port 22: Connection timed out My concern about security makes me worry about asking too much about the host, 70.236.39.98 Unfortunately, a little more information about the host, 70.236.39.98, might help. Is it a dedicated always on the Internet host, or a dial-up host? I note, when I do, host -a 70.236.39.98 I get ;; ANSWER SECTION: 98.39.236.70.in-addr.arpa. 6995 IN PTR ppp-70-236-39-98.dsl.ipltin.ameritech.net. - From the answer, is the host, 70.236.39.98, using PPP and is the host always on the Internet, or only on the Internet when 70.236.39.98 has outgoing traffic? I also think I cannot get very close to the host when I do, traceroute -n 70.236.39.98 I shouldn't be surprised that I cannot ping 70.236.39.98 A number of firewalls don't respond to ping. Another, completely orthogonal possibility, is to ask about the ISP. Perhaps the ISP, Ameritech, is restricting ports? A number of ISPs restrict email ports (port 25). I haven't heard of ISP restricting ssh ports (port 22), but need to ask. Do you have access to iptables on 70.236.39.98? There is a way to see the count of the number of packets each iptable rule handles. I think, as root, one does iptables -L -v -n The -v verbose option causes counts to be shown. Please see man iptables If we believe the problem is iptables on 70.236.39.98, we should see a count for the iptables rule that is blocking the traffic increase. I would discourage one from showing their iptables rules willy-nilly. Please sanitize security information shown in open forums. People will argue, if the rules are correct, it doesn't matter if they are shown. I will counter by asking when does anyone, and I include myself in this list of people who are very imperfect, have the rules perfectly correct. I suspect the packet isn't even getting to 70.236.39.98...but don't know where, or why, the packet is getting dropped. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkynyo4ACgkQyc8Kn0p/AZSiRACgk7ObVoG/t1SOQCu6ZK5ul46w zjMAoI5SkD2AD27YCn5ymMmQPpimlLbJ =8D2u -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: I need a jabber client, like real fast
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/25/2010 11:30 AM, Robert Moskowitz wrote: On 08/25/2010 11:39 AM, Robert Moskowitz wrote: On 08/25/2010 11:27 AM, Máirín Duffy wrote: On Wed, 2010-08-25 at 11:11 -0400, Robert Moskowitz wrote: We are suppose to have a WebEX meeting going, but having problems. So the coordinator told everyone to jump on a jabber session. I don't know what to use for jabber on my FC12 system. Empathy or Pidgin work. I believe in at least one of them they call jabber 'XMPP' instead of using the word 'jabber' I can't figure out in Empathy how to join jabber.ietf.org to get into the core session. This is neat. I didn't realize the IETF was using jabber for chats. I'm using Pidgin because empathy doesn't support O-T-R. I have a Mac friend who uses O-T-R when talking to me. If I right click on Pidgin in my Notification Area, I get the option, Join Chat... A Window pops up, saying Join a Chat with Account...I select one of my Jabber accounts, such as my Google jabber account. The Window expands to the following: Account rsew...@gmail.com/pidgin... Room: Server: Handle: rsewill Password: I enter hallway for the room and jabber.ietf.org for the server getting Account rsew...@gmail.com/pidgin... Room: hallway Server: jabber.ietf.org Handle: rsewill Password: I click Join and I am in hallway chat room at jabber.ietf.org. The following URL describes how to set up google talk chat in Pidgin: http://google.com/support/chat/bin/answer.py?hl=enanswer=24073 I learn something new every day. Thank you! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkx1UVAACgkQyc8Kn0p/AZR1HACfak9Qgrt3qlSTHo3m9CDYw8n7 zjEAnjtactmPfiLTunMNz0I8o3FTYqEu =Vx72 -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Pulseaudio error on HP Probook 4515s
On 08/20/2010 11:14 AM, Zoltan Hoppar wrote: 2010/8/20 Rick Sewill rsew...@gmail.com mailto:rsew...@gmail.com On 08/19/2010 01:08 PM, Zoltan Hoppar wrote: Hi, This is an smaller problem around pulseaudio. I couldn't explain why is so, but I think this is an PA bug. Currently the playback works every way but, recording not. When I try to use Empathy jabber voice call option to my partner, then rings out with voice, but after pick up - for an shiny brief moment - the mic works, after that no more - and pops out an error that couldn't link source (maybe the thread makes itsef suicide, perhaps?). After that I have made an second try - I have attached an USB soundcard - what is widely usable on many linux (it uses Cystal Sound chipset). The result was disappointing - here the mic worked as should, but I heard no voice in my headphone, nor even at my speakers. Anybody could confirm this is an bug? Is there a known solution? PS: If needed, I'm ready to debug. Thanks, Zoltan -- PGP: 06853DF7 I have an idea about the microphone. When running pavucontrol, under Input Devices, do you have more than one port? I discovered I have, Microphone 1, Microphone 2, and Line-In when I look at Port: one of those names. Given where I plugged in my microphone, I believe I need to have Microphone 1 selected as the port for my microphone to work. Could you check if you have multiple ports, and try changing the port, and see if the microphone works if a certain port is selected? I would try this test without the second USB sound card. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Pulseaudio error on HP Probook 4515s
On 08/20/2010 12:35 PM, Zoltan Hoppar wrote: I think this will be the problem - I have only one input device called Analog Stereo. No line in or whatever... Next? I'm stuck. I expected to see, in pavucontrol, Input Devices, something like, Internal Audio Analog Stereo, ... a button to mute, a button to lock channels together, a button to set as fallback, and then under that Port: I have Microphone 1 selected, other choices Microphone 2, and Line-In And then Front Left volume slider Front Right volume Slider and then a bar showing audio activity. You might have something different than Front Left and Front Right...I don't know. I don't know how to proceed from here. Can others answer if it's normal to not have a Port:, if the card doesn't support multiple ports? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Pulseaudio error on HP Probook 4515s
On 08/20/2010 01:06 PM, Zoltan Hoppar wrote: Rick, here is the pavucontrol input devices picture. http://img443.imageshack.us/img443/8031/inputdevices.png Zoltan It appears you have two input devices. One is the RS880 Audio Device. One is the Bels? hangforr?? Analog Stereo device. Please accept my apology for using ? for non-English characters. I don't know how to enter non-English characters. I'm not sure what the Monitor of ... entries are for. I ignore them (can someone tell us what they are for?). When you run paman (from rpm -q -i paman), it should show Server Information as the first tab, Devices as the second tab, Clients as the third tab, Modules as the fourth tab, and finally Sample Cache For Server Information, what is the Default Sink and what is the Default Source. I have, for Default Sink, alsa_output.pci-_00_10.1.analog-stereo Default Source, alsa_input.pci-_00_10.1.analog-stereo For devices, I have Sinks alsa_output.pci-_00_10.1.analog-stereo Internal Audio Analog Stereo Sources alsa_output.pci-_00_10.1.analog-stereo.monior Monitor of Internal Audio Analog Stereo alsa_input.pci-_00_10.1.analog-stereo Internal Audio Analog Stereo This leads to my questions: 1) do you have alsa_input.xxx... for each microphone input source? I would ignore the Monitor of ... entries. 2) On the Server Information tab, what is the default Source when you do not have the USB sound card in, and what is the default Source when you have the USB sound card. I still suspect you have to select your default source and default sink. I did another Internet search...don't know if it will help: http://wiki.archlinux.org/index.php/Allowing_Multiple_Programs_to_Play_Sound Please search for Random Lack of Sound: Random Lack of Sound If you randomly have no sound on startup, it may be because your system has multiple sound cards, and their order may sometimes change on startup. If this is the case, then change this section of /etc/asound.conf: ctl.dmixer { type hw card FOO } Replace FOO with the desired audio device, as reported in the /proc/asound/cards file. An example of the file is shown below. 0 [U0x46d0x9a1]: USB-Audio - USB Device 0x46d:0x9a1 USB Device 0x46d:0x9a1 at usb-:00:12.2-2, high speed 1 [SB ]: HDA-Intel - HDA ATI SB HDA ATI SB at 0xf9ff4000 irq 16 Device 0 is the microphone built into a webcam, while device 1 is the integrated sound card. If you've copied the /etc/asound.conf from above as is, alsa will attempt to initialize the microphone as an audio output device, but will fail and you will have no sound. Rather than setting FOO to the number, you set it to the name next to the number, like so: ctl.dmixer { type hw card SB } -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: No keyboard or mouse under X - How to debug udev?
On 08/19/2010 08:17 AM, Mike Fleetwood wrote: Hi, Quick background: I have Fedora 12 installation recently transferred to new hardware with embedded ATI Radeon HD 4250 GPU. The ATI/Radeon X11 driver didn't support the GPU and the VESA X11 driver just switched the monitor into power saving mode. Upgraded just X11 (and udev and kernel dependencies) to versions from Fedora 13. ATI/Radeon X11 driver now works and my desktop is displayed but X11 finds no keyboard or mouse. Worked around this by adding the following to /etc/X11/xorg.conf, to tell X11 not to rely on udev to provide keyboard and mouse details. Section ServerFlags Option AutoAddDevices off EndSection Question: How do I investigate udev to see why X11 isn't getting a keyboard and mouse? Thanks, Mike I do not think it's a good idea to mix/match Fedora 12 and Fedora 13 versions of X11, udev, and kernel dependencies. I would suggest doing a full upgrade to Fedora 13, if possible. Having expressed my concern, I'd suggest looking at /var/log/Xorg.0.log to see if there are any messages from X11 in regard to the mouse or keyboard. I'd also try booting Fedora 12 (or is it Fedora 13) in inittab 3, and start X11 manually using startx, to see if there are any messages printed when X11 starts/stops. I can think of little else. Others will be able to give better advice. They will probably ask which kernel dependencies were upgraded. Perhaps, to get others to give better advice, it might be good to explain why you need to mix/match between Fedora 12 and Fedora 13. Again, I think it's a bad idea to mix/match things from different versions. I doubt if one could ask developers or post a bugzilla report asking for help. Personally, I wouldn't do this. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Pulseaudio error on HP Probook 4515s
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/19/2010 01:08 PM, Zoltan Hoppar wrote: Hi, This is an smaller problem around pulseaudio. I couldn't explain why is so, but I think this is an PA bug. Currently the playback works every way but, recording not. When I try to use Empathy jabber voice call option to my partner, then rings out with voice, but after pick up - for an shiny brief moment - the mic works, after that no more - and pops out an error that couldn't link source (maybe the thread makes itsef suicide, perhaps?). After that I have made an second try - I have attached an USB soundcard - what is widely usable on many linux (it uses Cystal Sound chipset). The result was disappointing - here the mic worked as should, but I heard no voice in my headphone, nor even at my speakers. Anybody could confirm this is an bug? Is there a known solution? PS: If needed, I'm ready to debug. Thanks, Zoltan -- PGP: 06853DF7 Usually, when I say things about Pulse Audio, others gently correct me. Sounds like you have two separate problems...without the USB sound card, your microphone stops working. With the USB sound card, your speakers/headphones stop working. I think you need to debug each problem separately. Do you have pavucontrol installed? rpm -q -i pavucontrol -- yum install pavucontrol I'd check what pavucontrol tells you about the volume settings for your input devices and output devices. Please make sure nothing is muted. When you add the USB sound card, I'd expect separate controls for the second sound card. I only have one sound card...I'd expect Pulse Audio to supply a way to select the sink (speaker/headphone) and the source (microphone) to use when you have multiple sound cards. I'm not sure how to select the source or sink when one has multiple sound cards. Hopefully, others will answer. Before running empathy, does your microphone work when you do not have the USB sound card? After running empathy, do you need to reboot to get your microphone to work? If you look at the pavucontrol settings for the microphone before starting empathy and compare those settings after you start empathy, what changes? Before running empathy, your speaker/headphones work when you have a second sound card? After running empathy, do you need to reboot to have your speaker/microphones work? What pavucontrol settings change for your speaker/headphones? I always look at http://www.pulseaudio.org/wiki/PerfectSetup when I have problems with Pulse Audio...nothing jumps out at me that may help you. I'm curious what does Empathy think it's using for sound? Is it Alsa or what? Is there anything in /var/log/messages from pulseaudio when you run empathy? Some bug reports suggest doing pulseaudio -vvv. Normally, pulseaudio is running as a user startup application (or so I think). Can one do kill pulseaudio pulseaudio -vvv somefile.txt and see if there are any useful pulseaudio messages. I have no idea what pulseaudio -vvv produces...it may be lots of output. pulseaudio -vvv may have so many messages audio quality will be bad. My best guess, if the pavucontrols look correct after running empathy, but the microphone or speakers/headphones stop working, I'd suspect Pulse Audio or Alsa or both. If the volume controls are being changed, I'd wonder what empathy is doing. I haven't tried empathy yet...I should. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkxt59kACgkQyc8Kn0p/AZRxvQCeO2FsDl69Z74BgFSlbumycOzZ y3sAn2MeH/H1jcY7nxt8Dn+uluaICbPH =JgtC -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Sound Streaming Problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/30/2010 10:43 AM, Oliver Ruebenacker wrote: Hello, I have a recurring problem with sound streaming with Fedora 13 (and earlier versions - I am having this problem for quite a while, across different Fedora versions) on my Dell Latitude 820 laptop. This affects equally the sound of YouTube videos and music CDs. Sometimes it works flawlessly, sometimes there is no sound, and sometimes the sound cycles through short intervals, like a stuck record, but with faster repetitions. Someday, I will be proficient with Fedora Sound, but I'm not there yet. I think you looked for a pattern to get an idea what is happening. - From your message, I don't think you found any pattern. It can be quite frustrating. Could you be having multiple problems? When you said you had youtube videos stuttering, I thought of Internet latency, but you wouldn't have that issue with music CDs. When having a problem, I would focus on the simplest problem first. If possible, focus on the problem with music CDs to rule out networking. You might have music CD stuttering issues if a program were hogging the CPU. Is there any program, in the background, that might hog the CPU? Occasionally, restarting the application (Firefox, Rhythmbox, etc) helps, often it does not. Sometimes, logging out and back in helps, sometimes it does not help. On rare occasions, changing the volume control helps (when I'm not listening, I usually keep the volume at zero, and it sometimes seems as if the system has not noticed that the volume has been turned up, until I turn it up some more). Does the problem happen in the middle of playing something or always at the beginning? Does the problem ever clear itself, in the middle of playing something, without you intervening? There are multiple sound drivers in Linux. There are multiple sound servers in Linux. When I say sound system below, I am referring collectively to what sound drivers and sound servers you are using. What sound systems being used may have a bearing on your problem. As far as your configuration, what sound system are you using? Are you using Pulse Audio -or- are you using Alsa directly? Are you using something else? I am using pulseaudio so I have /usr/bin/pulseaudio running. I can also see that pulseaudio is running by using the pacmd. pacmd is in rpm -q -i pulseaudio-utils I can do pacmd stat to get a quick status of pulseaudio. I tried different plugins/add-ons with Firefox, and different application to play the music CD, but it does not seem to make a difference. - From this, I will assume it is the sound system, or something happening in the background in your PC, not a specific program. What can I do? Thanks! I will assume you keep your RPMs up to date. I believe more information on your configuration is needed. Please check what programs are running in the background. Try to rule out programs hogging the CPU. Please provide more information on your sound system configuration. Knowing your configuration, I would start looking through bugzilla. I would start searching the internet for people having similar problems. Assuming you are using Pulse Audio, I would look at http://pulseaudio.org/wiki/PerfectSetup http://pulseaudio.org/wiki/FAQ Your configuration might have sound going directly to Alsa. I'm not sure what to suggest in this case. Perhaps looking at http://alsa.opensrc.org/index.php/Main_Page Perhaps, http://alsa.opensrc.org/index.php/FAQ If you are using Pulse Audio, I believe the following: Currently, I believe Pulse Audio is an abstract layer acting like a generic interface for sound, providing certain higher level features. Pulse Audio talks to Alsa. Also, in turn, talks to the Alsa sound device drivers that talk to the hardware. Pulse Audio provides APIs for programs that think they are talking to Alsa so those programs really talk to Pulse Audio, which in turn, talks to Alsa. If you are using Alsa directly, I believe the following: Alsa provides its own API for programs. Alsa talks to the Alsa sound drivers which control the hardware. You might not be using Pulse Audio or Alsa at all. You might be using OSS. I believe OSS is a competitor to Alsa. http://en.wikipedia.org/wiki/Open_Sound_System I believe OSS has its own sound drivers that talk to the hardware. I found a URL talking about Linux sound, which predates Pulse Audio. http://www.linux.com/archive/articles/113775 It is old webpage, but still interesting. I think Linux sound is still evolving. I know my understanding of Linux sound is still evolving. I expect and welcome others correcting me each time I comment on sound. There are many people who stay with one sound server or another, one set of sound drivers or another, who are far more knowledgeable. Hopefully, they will be stirred to comment once they know more about your sound system configuration. -BEGIN PGP SIGNATURE- Version: GnuPG
Re: Crontab as alarm clock with ogg123
On 07/24/2010 02:55 PM, Robert Arkiletian wrote: Hi, Using 'crontab -e' I set crond to play an ogg music file with ogg123. But it only plays it if I'm logged in. How does one make it play even if a different user is logged in or nobody is logged in? To debug I tried su - to another user and play the file. I got error ALSA lib pulse.c:229:(pulse_connect) PulseAudio: Unable to connect: Connection refused === Could not load default driver and no driver specified in config file. Exiting. So I'm thinking it's the same infrastructure to prevent others music playing when you switch users. But in my case I *want* it to play. Any ideas? Ideas, yes. Solutions, no. Pulse Audio still confuses me. I'm almost afraid to comment. Give me courage. I am guessing, but think the Pulse Audio Daemon is normally per user. When a different user is logged in, that user starts Pulse Audio. Your cron job won't talk to the other user's Pulse Audio Daemon. Your cron job doesn't have the correct cookie. Your cron job won't be able to start a working Pulse Audio Daemon. The other user's Pulse Audio Daemon has the hardware. Please, someone who understands this better, tell me if I'm correct. If the above is the problem, there are, perhaps three ways to fix this. Two ways, are similar to Pulse Audio problems described in the FAQ. People wanted to know how to make sound work when switching users. In Linux, we have a User Switch Applet letting us switch users. http://www.pulseaudio.org/wiki/FAQ#Sounddoesntworkwhenswitchingusers The above suggests using ConsoleKit. I am guessing ConsoleKit defines cookies for sharing resources. If a user has the cookie, that user can use the resource. I don't understand how to use ConsoleKit cookies with Pulse Audio. The cookie must be somewhere in the user's home directory. People wanted to know how to configure Pulse Audio for over the network. The idea would be to have your cron job talk to the user's Pulse Audio as if your cron job audio were coming over the network. http://www.pulseaudio.org/wiki/FAQ#HowdoIusePulseAudiooverthenetwork I don't fully understand this choice either. I think, copy ~/.pulse-cookie to all clients that shall be allowed to connect may be necessary, but not sufficient. Another choice is to run the Pulse Audio Daemon in system mode. http://www.pulseaudio.org/wiki/SystemWideInstance The above URL warns people not to run Pulse Audio in system mode. I don't think I'd want to run Pulse Audio in system mode. If possible, I'd like to know how to use these cookies. It seems cookies are needed when switching users or over the network. Hopefully someone who understands these choices can explain them to us. Hopefully they can also explain which choice is best for you. Hopefully they will give us a cookbook for setting up the best choice. If these are not good choices, hopefully they will offer another choice. Some may say Pulse Audio is getting in the way and should not be used. I don't wish to participate in the Pulse Audio is good or bad debate. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Phone calls from laptop
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/16/2010 01:13 AM, RAMAKISHOREBABU KOPPULA wrote: On Thu, Jul 15, 2010 at 11:54 PM, JD jd1...@gmail.com mailto:jd1...@gmail.com wrote: On 07/15/2010 11:20 AM, Frank Murphy wrote: On 15/07/10 10:37, RAMAKISHOREBABU KOPPULA wrote: My laptop has a internal modem and RJ-11 connector. I want to connect the phone line to the laptop and by using head phones I want to make calls. How to do this? Is there any software available to do this? Kishore Maybe? yum install ekiga Upstream: http://www.ekiga.org/ That's not what the user wants. He just wants an app that will use the regular standard phone line to make person to person calls using the local telco service. He is not asking for a VOIP solution. Ekiga (formerly called GnomeMeeting) is a VoIP and video conferencing application for GNOME and Windows. ... Yes, you are correct. Kishore -- Not quite what you what, but something interesting to look at. The Fedoraproject is trying to use VoIP for communications. Please see, http://talk.fedoraproject.org/ For VoIP software, please see http://talk.fedoraproject.org/setup-local-system twinkle, empathy, ekiga, are VoIP softphones. They are tools. They use the SIP VoIP protocol. Ekiga used to be gnome-meeting, compatible with Microsoft Netmeeting, running the H.323 protocol Microsoft Netmeeting used. Ekiga supports both the H.323 protocol and the SIP VoIP protocol. In order to do what you want, if you wish to use a SIP softphone, you would need an account with a provider, that works with SIP softphones, who let's you make landline calls from your VoIP softphone. You would configure your VoIP softphone to use that provider. In the case of most SIP VoIP softphones, you can configure multiple providers. There will be multiple providers. You will need to search the Internet to comparison shop. I have not tried empathy. I tried ekiga and twinkle. I had better luck with twinkle and currently have twinkle running with accounts on talk.fedoraproject.org and sipphone.com. There are a large number of VoIP SIP providers. They come and go. Each VoIP SIP provider can be thought of as an island of VoIP SIP users. There is a community that is trying to join these islands together. Please see URL, http://sipbroker.com/sipbroker/action/login The list of VoIP SIP providers, that I have found, is http://www.sipbroker.com/sipbroker/action/providerWhitePages The list of PSTN access numbers, that I have found, is http://www.sipbroker.com/sipbroker/action/pstnNumbers I should mention what a PSTN access number is. Some SIP providers have PSTN access numbers. People, who do not near their VoIP SIP softphones can call these PSTN access numbers to get into the SIP provider's network letting the person call a PC from a landline or mobile phone. Please note what I said about each provider being an island. The provider may (or may not) let one use the provider's PSTN access number to call a person's softphone in a different island. Hopefully, they do, but it is their service and they do what they wish. I do not make landline calls so can't answer what provider I'd use for landline calls. People have mentioned Skype. Skype can also be thought of as an island of people who use Skype for VoIP. Partly, skype defines a proprietary protocol for doing VoIP over the Internet. Skype's protocol is proprietary, so we don't get to see what their protocol actually is. Skype is more than just a proprietary protocol and software running on your PC. Skype is run by one company. That company is your provider and will make landline calls when you use Skype. You will need to check their prices for providing this service. I tried running Skype to talk to other people who were using Skype, as a communications tool, at a place where I worked. I found it was better to install Skype on the Windows PC, they provided, rather than install it on my Fedora Linux PC. I had problems with Skype on my Fedora Linux PC. This was some years ago. Hopefully, Skype works better on Fedora Linux now. Other notes: I had problems, using the VoIP SIP protocol, through firewalls and behind NAT, in the past. Hopefully, those problems have been fixed. Currently, I am not behind NAT, so I can't give an answer. What I will say about Skype...when it works...it just works. It is easy to install. It works around firewalls and NAT and everything. Personally, I do not trust Skype. It is proprietary. It works very hard to get around security mechanisms. Given my current Internet configuration, I would become a Skype supernode if I ran Skype on my Linux PC. Couple that with the fact my ISP is going the bandwidth CAP route, I would probably exceed my ISP's bandwidth CAP and suffer the consequences. Off the topic, I am in the process of trying to switch ISPs.
Re: sshd Authentication refused
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The keys work except for ssh Fedora 12 - Fedora 13. If you ssh Fedora 13 - Fedora 12 or ssh Fedora 12 - Fedora 12 they work. If you provide a password when sshing Fedora 13 - Fedora 12 it works. Just need to solve the issue of needing to provide a password. I assume ssh Fedora 13 - Fedora 13 works. Could you compare the /etc/ssh/sshd_config file on Fedora 12 with the /etc/ssh/sshd_config file in Fedora 13? Just guessing, but perhaps there is some option in the Fedora 13 sshd_config that needs tweaking. I looked at http://www.openssh.org/faq.html The faq said, 3.14 - I copied my public key to authorized_keys but public-key authentication still doesn't work. Typically this is caused by the file permissions on $HOME, $HOME/.ssh or $HOME/.ssh/authorized_keys being more permissive than sshd allows by default. In this case, it can be solved by executing the following on the server. $ chmod go-w $HOME $HOME/.ssh $ chmod 600 $HOME/.ssh/authorized_keys $ chown `whoami` $HOME/.ssh/authorized_keys If this is not possible for some reason, an alternative is to set StrictModes no in sshd_config, however this is not recommended. I am wondering what happens if you put StrictModes no in the Fedora 13 /etc/ssh/sshd_config file. This would only be for a test. They specifically said they do not recommend doing this so I wouldn't leave this option set this way, but I'm curious what happens. Clarification please: is it true public key authentication doesn't work, Fedora 12 - Fedora 13? Does password authentication work, Fedora 12 - Fedora 13? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkw9a70ACgkQyc8Kn0p/AZTcBwCfRbs3EwkbC5acm2jWwYS4M8pv B/gAnj16vKbcIxswBfyx4BXagwKfhBhB =JXkJ -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: SSH / permissions problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/13/2010 10:49 AM, Gary Stainburn wrote: Hi folks, This seems like de ja vu, but I can't find anything in the archives. I've got F13 on my laptop, and also on a new virtual server. I've copied my home directory from my old server to my new one and then tried to ssh to the new server. However, I have a problem If I ssh to root on the new server everything is fine, but if I ssh to my user I get errors and X forwarding doesn't work. Can anyone suggest things for me to look at / try. Gary [g...@dcomp5 ~]$ ssh -Y -C lcomp3 -l root r...@lcomp3's password: Last login: Tue Jul 13 16:04:20 2010 from gary.ringways.co.uk [r...@lcomp3 ~]# kcalc [r...@lcomp3 ~]# logout [g...@dcomp5 ~]$ ssh -Y -C lcomp3 g...@lcomp3's password: Last login: Tue Jul 13 15:55:16 2010 from gary.ringways.co.uk /usr/bin/xauth: timeout in locking authority file /home/gary/.Xauthority [g...@lcomp3 ~]$ kcalc X11 connection rejected because of wrong authentication. kcalc: cannot connect to X server localhost:11.0 [g...@lcomp3 ~]$ If root works, but your local user does not, and you appear to have gotten beyond the initial login sequence--it seemed to accept password authentication in both cases--I would suspect something in one of your ~/.bash* files. I've been burned, multiple times, having something in my .bashrc or .bash_profile that does something interactive, forgetting an ssh shell is batch. I have the same problem when I try to do things in a cron job when I forget a cron job is also batch. I have carefully separated my .bash_profile and .bashrc file into those parts I always want done and those parts that are interactive. I place a check in my .bashrc file to prevent interactive stuff being done in a batch job. # check for shell is not interactive [ -z ${PS1} ] return As a quick test, could you save your .bash_profile and .bashrc files, get the default files, and see if you can ssh in? The default files should be found /etc/skel/.bash_profile and /etc/skel/.bashrc Also, I strongly recommend you disable ssh root login and have people first log into their own account and then su to root. To disable root login, please look at /etc/ssh/sshd_config. In this file, I have PermitRootLogin no -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkw8swIACgkQyc8Kn0p/AZRgbACffvA3UUlqVw4ICErb/H7NfLk0 8AcAoKe0WgTDz7OwcDb6gPjjXvjNxJz8 =K3YZ -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: sshd Authentication refused
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/13/2010 01:43 PM, Kevin Fenzi wrote: On Tue, 13 Jul 2010 11:16:46 -0700 (PDT) David Highley dhigh...@highley-recommended.com wrote: New install of Fedora 13 we get the following /var/log/secure entry when we ssh from a Fedora 12 system to the Fedora 13 system: Authentication refused: bad ownership or modes for file /home/dhighley/.ssh/authorized_keys We have checked and tried different modes until we are blue in the face. Have read the upates notes for openssh and Fedora 13 release. Googled the net for know issues and bugzilla.redhat.com. We did check for selinux blocks and found none. User home directory is auto NFS mounted and we use NIS. This works Fedora 12 to Fedora 12. You may want to use 'ssh-copy-id' to copy the key over to the f13 system. That will setup the right permissions and such automatically for you. Also, you will want to see if there are any selinux alerts on the f13 machine. 'ausearch -m avc -ts today' can list the ones from today. kevin I cannot explain how f12 -- f12 works, but f12 -- f13 does not. I can only guess there is something different for the NFS mount -or- something different regarding NIS. = One possibility, which I consider very, very remote is the following. I may be wrong but I think the ownership and modes for all the parent directories from your /home/dhighley/.ssh directory also matter. I assume you made sure /home/dhighley/.ssh is mode 700. What is the mode of /home/dhlighley? Is it 755 (I think that's okay). I think any write mode for group or other would be bad. I assume /home/dhlighley is owned by you, the user. What about /home? Who owns it? What is it's mode? I think root must own it. I think only root should have write access to it. I actually assume the ownership and modes are all correct...the possibility of this being the problem seems exceedingly rare to me, but please check. = Another possibility, which I also consider remote, but is worth asking. On the f13 machine, when you log in as dhlighley, is the user name only found in NIS? On occasion, if one is testing something new, one might put in a local account in the /etc/passwd file, and forget it is there. Depending on your /etc/nsswitch.conf file, the local file is probably checked before NIS. Sorry, can't think of anything else. Others have already mentioned selinux. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkw8ubMACgkQyc8Kn0p/AZSC9wCePd3r5B52EBYAQ7mQtRsPWeql 99AAn2UBA4uvL7lvX9zBF2mm82OYObu9 =xTPl -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Help me troubleshoot this problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Having said the above, if you suspect an acpi or apic problem, the URL: http://fedoraproject.org/wiki/KernelCommonProblems says, acpi=off is a big hammer, and if that works, narrowing down by trying pci=noacpi instead may yield clues It also says, nolapic and noapic are sometimes useful A quick update. I tried the acpi=no option and so far, so good. I have even brought it back into X windows and ran some yum updates to apply some stress. I'll leave it in this state until tomorrow evening just to make sure. Then I'll try the smaller hammers. Question showing my ignorance of what acpi is. If pci=noacpi works or does not work, what clues is that giving me? I didn't respond earlier because we've reached my level of ignorance too. If I were you, I might try to narrow the problem a little further. Eventually I would write a Bugzilla bug report telling the maintainers the symptoms, what I had done, including things that didn't work as well as things that seemed to work. If I had a workaround, I wouldn't expect much help from a maintainer because I would assume they have other problems to solve where a workaround is not known. If my Bugzilla bug report happened to be in an area a maintainer was already digging in, the maintainer might take an interest and ask me to do things to help gather more information. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkw0eoUACgkQyc8Kn0p/AZR50wCcDs5oxFPA5YEY7WxUzXnx5y1w YQQAnRj/zLTrSXXOVqxTsHfkP2golkvs =LcJc -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: no sound on F11, F12 and now F13 but sound on Omega 12 live??? wtf??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/06/2010 10:38 AM, Bill Davidsen wrote: Rick Sewill wrote: On 07/05/2010 10:23 PM, Rick Sewill wrote: . I am wondering if OSS is enabled on your system. Please look for things related to OSS in /etc/modprobe.conf (if it exists) and /etc/modprobe.d Please make sure the line in /etc/modprobe.d/dist-oss.conf is commented out. Please do, lsmod | grep snd Please make sure there is nothing like snd-pcm-oss or snd-seq-oss installed. I think you have this totally backward. There are many applications which use the /dev/dsp* devices, and which will produce no sound unless they are present. In fact, I think the majority of older hardware does not have support for sound other than oss. As I look at my newest TV card it has stuff in /dev/dvb, while the other 4-5 cards which have been happily in use do not. To test (as root): modprobe -v snd-pcm-oss {test applications for sound here} A lot of people have functional old hardware they can't replace, for financial or technical reasons. That's why there is oss support, to support the hardware which needs it. This is something I didn't know. As I said, audio still confuses me. Our goal should be to help the original poster. In this regard, this new information raises a number of questions. I am hoping someone will say there is a wiki or web page that answers these questions (and questions I didn't think of). The questions, I hope, which might be of use to the original poster are as follows: 1) for what hardware should one use OSS as opposed to Pulse Audio. I did a quick internet search, but failed to find such a list. I am hoping others can help. This question is to help the original poster decide if they should switch to OSS and see if it works. 2) How does one tell if OSS is being used? I assume, if I do lsmod | grep oss, I will see if the OSS modules are being loaded. 3) How does one switch from Pulse Audio to OSS? I assume one needs to edit files in /etc/modules.d/*.conf or /etc/modules.conf. Files to be edited might include dist-oss.conf and blacklist.conf and others? Am I right? Are there other files one needs to edit? Are there any rpms one needs to install? Are there any rpms one needs to remove? Are there any application configuration changes one needs to make? I assume applications can be configured to use the OSS api, as well as the ALSA api and/or Pulse Audio API. 4) How does one switch from OSS back to Pulse Audio? Is the answer to this the inverse of the answer to question 3? I.e., edit files /etc/modules.d/*.conf or /etc/modules.conf Install certain rpms? Remove certain rpms? 5) is there a web page that describes the tools one uses when using OSS? Are these the tools: http://www.opensound.com/ossapps.html#mixer -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkw0f/IACgkQyc8Kn0p/AZRCogCgqMIl3yxUUveNk+MNcnvhq0um sRkAoIsCgZcczEiEWmrk2gY+ZxljtbJf =Uu8V -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: no sound on F11, F12 and now F13 but sound on Omega 12 live??? wtf??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On a different track, again to help the original poster. In other messages on this thread, it sounded like the original poster was using a driver, ens1370, which some people thought was suspect. Is there a tool that can talk directly to the driver, bypassing Alsa, OSS, Pulse Audio, everything, so one can see if the driver can generate sound through the card? We will probably need to know all the steps to use such a tool? For example, wouldn't we need to stop certain services or applications that might have exclusive use of the driver/device/card? == Another question, in regard to this ens1370 driver, are there any /var/log/messages regarding this driver. == Another question, should the original poster try OSS? - From the /var/log/messages in another message from the original poster, Jul 4 14:55:03 davehost pulseaudio[2120]: alsa-util.c: snd_pcm_avail() returned a value that is exceptionally large: 18446744073709522368 bytes (418293516244 ms). Jul 4 14:55:03 davehost pulseaudio[2120]: alsa-util.c: Most likely this is a bug in the ALSA driver 'snd_ens1370'. Please report this issue to the ALSA developers. Is it possible OSS would use a different driver and have more success with that driver? Is the ens1370 driver an ALSA driver? == Another question regarding what is in the /var/log/messages please? Are there many Pulse Audio messages just prior to this message that says value that is exceptionally large? I ask, because, I tried searching Bugzilla for similar bugs. Some bug reports indicate sound continued to work, but there was stuttering. Others said sound stopped working after a few minutes. One said sound did not work. Following said sound stopped working after a yum update: https://bugzilla.redhat.com/show_bug.cgi?id=572322 Following said log of alsa-util's messages about snd_hda_intel malfunction and When I try to obtain Surround 4.0 sound instead of classic Stereo sound from a soundcard capable of Surround 5.1 I see in /var/log/messages https://bugzilla.redhat.com/show_bug.cgi?id=537714 This bug report brings up a question about the Sound Blaster card, (again I am showing my ignorance), does the Sound Blaster Card support multiple variations in sound (Surround sound, classic stereo, etc)? Do any of these other variations in sound work? Finally, is the Pulse Audio server crashing? I found the following bug report, which said pulseaudio is crashing? https://bugzilla.redhat.com/show_bug.cgi?id=530650 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkw0ikQACgkQyc8Kn0p/AZRb8ACfWi9Ky/zE8Wbfgtl6uZPD4pqd I2EAoJVwUAL7JjzBF2RZX/Xovp0udAfw =nNgw -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: no sound on F11, F12 and now F13 but sound on Omega 12 live??? wtf??
On 07/05/2010 10:23 PM, Rick Sewill wrote: On 07/05/2010 09:26 PM, Dave Stevens wrote: Quoting JD jd1...@gmail.com: Can you post output of lspci? sure, here: 00:00.0 RAM memory: nVidia Corporation MCP55 Memory Controller (rev a2) 00:01.0 ISA bridge: nVidia Corporation MCP55 LPC Bridge (rev a3) 00:01.1 SMBus: nVidia Corporation MCP55 SMBus (rev a3) 00:02.0 USB Controller: nVidia Corporation MCP55 USB Controller (rev a1) 00:02.1 USB Controller: nVidia Corporation MCP55 USB Controller (rev a2) 00:04.0 IDE interface: nVidia Corporation MCP55 IDE (rev a1) 00:05.0 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.1 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.2 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:06.0 PCI bridge: nVidia Corporation MCP55 PCI bridge (rev a2) 00:08.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:09.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:0a.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0b.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0c.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0d.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0e.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0f.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:18.0 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] HyperTransport Technology Configuration 00:18.1 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Address Map 00:18.2 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] DRAM Controller 00:18.3 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Miscellaneous Control 01:06.0 Multimedia audio controller: Ensoniq ES1370 [AudioPCI] 05:00.0 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 07) 05:00.1 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 07) 08:00.0 VGA compatible controller: ATI Technologies Inc Radeon HD 4770 [RV740] 08:00.1 Audio device: ATI Technologies Inc RV710/730 and for what it's worth I'm curious why my video card shows up as an audio device. I don't know if it will be useful, but can you do, as root, lspci -vvv -s 8:00.1 I assume there will be a kernel driver in use. Sound has always confused me. Let me see if I can get this right this time. Every time I try to explain sound, someone (correctly!) dings me. Pulse Audio provides a framework through which applications should do audio (microphone/speakers/etc). Pulse Audio speaks to Alsa. Alsa speaks to the driver that actually drives the audio hardware. Then there is the driver, itself, which drives the hardware. Pulse Audio is supposed to provide a consistent interface to audio. Before we had Pulse Audio, applications would speak with alsa (or with ESD which also was supposed to provide a consistent interface to audio). I guess an application could also talk to the driver itself, but I would hope this to be rare. Now, I believe, we have the following: Pulse Audio provides the consistent interface. Pulse Audio uses Alsa. Alsa talks to the hardware driver. Applications, that think they are talking directly to Alsa can actually be talking to Pulse Audio through a plugin, rpm -q -i alsa-plugins-pulseaudio Applications that think they are talking directly to Esound can actually be talking to Pulse Audio through a plugin, rpm -q -i pulseaudio-esound-compat I believe, Applications should, over time, be changed to talk to Pulse Audio. Why this background? We need to follow the audio path. We need to see what Pulse Audio thinks. We need to see what Alsa thinks. We need to see if a driver has the hardware. Pulse Audio can mute the audio. Alsa should be controlled by Pulse Audio, but is still best to make sure Alsa isn't muting the audio. I assume we have a kernel driver for the audio hardware. Pulse Audio might have sound muted. From xterm (gnome-terminal) please run pavucontrol, or from the menu, Applications, Sound Video, please start Pulse Volume Control, Please check the Output Devices tab to see if you have volume and make sure it is not muted. pavucontrol is provided by rpm -q -i pavucontrol, yum install pavucontrol if necessary. You may have more than one Port...I have two ports. I have Analog Output and I have Analog Headphones. Please make sure you have volume and it is not muted on all ports. By the way, if you don't mind me asking, what ports do you have? If Pulse Audio is happy, please see what Alsa thinks. rpm -q -i alsa-utils (yum install alsa-utils if necessary) From xterm (gnome-terminal) please run: alsamixer provided by alsa-utils Controls for alsamixer can be found in the upper right corner. F1 for help, F3 for Playback, F4 for Capture, Esc for exit
Re: Help me troubleshoot this problem
On 07/05/2010 06:15 PM, awrobinson...@nc.rr.com wrote: Geoffrey Leach ge...@hughes.net wrote: On 07/05/2010 03:28:20 PM, awrobinson...@nc.rr.com wrote: Geoffrey Leach ge...@hughes.net wrote: On 07/05/2010 01:27:01 PM, awrobinson...@nc.rr.com wrote: I am trying to install Fedora on a PC I built. I had Windows XP running on it for more than a year without any apparent problems. snip Hardware: Motherboard: BIOSTAR TFORCE TF520-A2 AM2 NVIDIA nForce 520 MCP ATX AMD Processor: AMD Athlon 64 X2 4200+ Brisbane 2.2GHz Socket AM2 65W Dual-Core Processor Video Card: MSI NX8400GS-TD256E GeForce 8400 GS 256MB 64-bit GDDR2 PCI Express Memory: A-DATA 2GB (2 x 1GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Memory: A-DATA 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel (6 GB total) Hard drive: SAMSUNG EcoGreen F2 HD103SI 1TB 5400 RPM SATA 3.0Gb/s 3.5 snip I wasn't able to discover anyything about Fedora compatibility with your Biostar MB, so you might well be in unexplored territory. It appears that the hardware compatibility lists for Fedora are no longer maintained, alas. The Nvidia FOSS driver for X (NV) might be a problem for you. I suggest you stay at runlevel 3 until your problems are resolved. If R/L 5 causes you a problem after that, try the proprietary driver. I've found that it works well. You didn't say where your Fedora came from. Are you sure that it's clean? Pretty sure. I used the netinstall CD for both 13 and 12. I checked the md256sum for the Fedora 13 iso. I downloaded both from the Fedora site, so they came from a Fedora-specific mirror. And there is the fact that I got the same behaviour from both. Again, please keep the questions coming. I really want to resolve this. May I suggest looking at the URL: http://fedoraproject.org/wiki/KernelCommonProblems It is where I would start when trying to debug Fedora panic/crash problems. From this webpage, in the Crashes/Hangs section, they seem to suggest setting kernel boot parameters to try to narrow the problem or work around the problem. For more information on kernel boot parameters, the web page says, The full list of kernel options is in the file /usr/share/doc/kernel-doc-version/Documentation/kernel-parameters.txt, which is installed with the kernel-doc package I assume one can find the correct kernel-parameters.txt file either looking in the local file system assuming Fedora is usable -or- searching the internet for kernel-parameters.txt If one finds it with an internet search, please make sure the kernel-parameters.txt more or less match the correct version of the Fedora kernel. Having said the above, if you suspect an acpi or apic problem, the URL: http://fedoraproject.org/wiki/KernelCommonProblems says, acpi=off is a big hammer, and if that works, narrowing down by trying pci=noacpi instead may yield clues It also says, nolapic and noapic are sometimes useful You need to look at kernel-parameters.txt to see what these parameters do before using them. Please don't try a parameter just to try it. Using a kernel boot parameter could make matters worse. If you suspect a video problem...and I believe they are trying to phase out support for the kernel boot parameter, nomodeset--I believe they have already phased out support for Intel, but still have some code support for AMD which you have, I would still try that boot parameter to see what happens. You will need to search the internet to find out about the parameter nomodeset. I don't consider using nomodeset as a solution, but rather as a way to gather a data point or work around a problem. I would suggest trying one kernel boot parameter at a time, with the hope of better isolating what is happening if a parameter seems to work. If you discover a kernel boot parameter that acts as a workaround, it may or may not provide a clue, to start isolating what is happening. I would also look at the /var/log/messages for clues what was happening a little before the failure/panic...you may hate me for suggesting looking at /var/log/messages, sometimes there is nothing there and sometimes there is too much there. If you find a kernel boot parameter that works around the problem, you will need to decide whether or not to write a bugzilla bug report. If you do not find a kernel boot parameter, you may still wish to write a bugzilla bug report. A bugzilla bug report is the way, I believe, for communcating problems with the maintainers. I hope they ask you for information, and I hope they suggest how to get what they ask for. I would encourage you to write a bugzilla bug report, unless the problem is a hardware failure, in which case, I don't know what to do. Sometimes, if a problem is a hardware failure, nothing can be done. Sometimes, if a problem is a hardware failure, the software can be more graceful when the problem happens. I would also look at other sections of the web page,
Re: no sound on F11, F12 and now F13 but sound on Omega 12 live??? wtf??
On 07/05/2010 09:26 PM, Dave Stevens wrote: Quoting JD jd1...@gmail.com: Can you post output of lspci? sure, here: 00:00.0 RAM memory: nVidia Corporation MCP55 Memory Controller (rev a2) 00:01.0 ISA bridge: nVidia Corporation MCP55 LPC Bridge (rev a3) 00:01.1 SMBus: nVidia Corporation MCP55 SMBus (rev a3) 00:02.0 USB Controller: nVidia Corporation MCP55 USB Controller (rev a1) 00:02.1 USB Controller: nVidia Corporation MCP55 USB Controller (rev a2) 00:04.0 IDE interface: nVidia Corporation MCP55 IDE (rev a1) 00:05.0 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.1 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.2 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:06.0 PCI bridge: nVidia Corporation MCP55 PCI bridge (rev a2) 00:08.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:09.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:0a.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0b.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0c.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0d.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0e.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0f.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:18.0 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] HyperTransport Technology Configuration 00:18.1 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Address Map 00:18.2 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] DRAM Controller 00:18.3 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Miscellaneous Control 01:06.0 Multimedia audio controller: Ensoniq ES1370 [AudioPCI] 05:00.0 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 07) 05:00.1 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 07) 08:00.0 VGA compatible controller: ATI Technologies Inc Radeon HD 4770 [RV740] 08:00.1 Audio device: ATI Technologies Inc RV710/730 and for what it's worth I'm curious why my video card shows up as an audio device. I don't know if it will be useful, but can you do, as root, lspci -vvv -s 8:00.1 I assume there will be a kernel driver in use. Sound has always confused me. Let me see if I can get this right this time. Every time I try to explain sound, someone (correctly!) dings me. Pulse Audio provides a framework through which applications should do audio (microphone/speakers/etc). Pulse Audio speaks to Alsa. Alsa speaks to the driver that actually drives the audio hardware. Then there is the driver, itself, which drives the hardware. Pulse Audio is supposed to provide a consistent interface to audio. Before we had Pulse Audio, applications would speak with alsa (or with ESD which also was supposed to provide a consistent interface to audio). I guess an application could also talk to the driver itself, but I would hope this to be rare. Now, I believe, we have the following: Pulse Audio provides the consistent interface. Pulse Audio uses Alsa. Alsa talks to the hardware driver. Applications, that think they are talking directly to Alsa can actually be talking to Pulse Audio through a plugin, rpm -q -i alsa-plugins-pulseaudio Applications that think they are talking directly to Esound can actually be talking to Pulse Audio through a plugin, rpm -q -i pulseaudio-esound-compat I believe, Applications should, over time, be changed to talk to Pulse Audio. Why this background? We need to follow the audio path. We need to see what Pulse Audio thinks. We need to see what Alsa thinks. We need to see if a driver has the hardware. Pulse Audio can mute the audio. Alsa should be controlled by Pulse Audio, but is still best to make sure Alsa isn't muting the audio. I assume we have a kernel driver for the audio hardware. Pulse Audio might have sound muted. From xterm (gnome-terminal) please run pavucontrol, or from the menu, Applications, Sound Video, please start Pulse Volume Control, Please check the Output Devices tab to see if you have volume and make sure it is not muted. pavucontrol is provided by rpm -q -i pavucontrol, yum install pavucontrol if necessary. You may have more than one Port...I have two ports. I have Analog Output and I have Analog Headphones. Please make sure you have volume and it is not muted on all ports. By the way, if you don't mind me asking, what ports do you have? If Pulse Audio is happy, please see what Alsa thinks. rpm -q -i alsa-utils (yum install alsa-utils if necessary) From xterm (gnome-terminal) please run: alsamixer provided by alsa-utils Controls for alsamixer can be found in the upper right corner. F1 for help, F3 for Playback, F4 for Capture, Esc for exit. I'd be curious to know what alsamixer shows you. For me, I only have a [Playback] Master for audio output and a
Re: Ideas for integrating a SIP account, N900, Magic Jack, Linux, etc...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/23/2010 05:33 PM, Linuxguy123 wrote: People are using PAP2 devices to connect to Magic Jack accounts, thus removing the need to use the Magic Jack USB dongle. Where does Google Voice fit into this ? I was actually wondering if Google Voice might be useful for you. If my understanding is correct, you can do the following: 1) You can have a google voice number act as the number everyone dials. This would be the number you give people to call you. 2) You can tell google which phones to ring when someone calls the google voice number. 3) I believe, but am not certain, google supports some sort of voice mail. In my mind, Google Voice is like having a main number for a business. People call the main number. Individual phones are called by Google. You can program which phones ring when this main number is called. If caller-id is working, you can control what happens based on caller. The individual phones still have their own phone numbers. The individual phones still can place or receive calls. I could be wrong, but believe you can have a home phone, a cell phone, and a SIP phone through sipphone.com associated with a Google Voice number. I'm not sure if you can have more than one of each or not. I believe, one can also, somehow, dial out from the Google Voice number. I was looking into Google Voice. It may or may not work for you. As always, please do your own research to see if it works for you! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkwikOEACgkQyc8Kn0p/AZTPIQCggDNzy8uePoKjuagW6d2SsK7T LK8AnRBuxM0Mt9c0Y8pyARNmHCbf8OVR =BLAv -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: No sound from Amarok (phonon/ pulseaudio)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/05/2010 01:18 PM, Rex Dieter wrote: Linuxguy123 wrote: On Wed, 2010-05-05 at 11:54 -0500, Rex Dieter wrote: Linuxguy123 wrote: F12 /x86, fully up to date, except I can't boot the most recent kernel. $uname -a Linux localhost.localdomain 2.6.32.10-90.fc12.i686.PAE #1 SMP Tue Mar 23 10:04:28 UTC 2010 i686 i686 i386 GNU/Linux Sound works for everything except Amarok. Settings - Configure Amarok - Playback - Sound System Configuration shows Configure Phonon which then lists pulse Audio as my sole option. Does the 'test' button work or do anything? Nope. $ yum list phonon Installed Packages phonon.i686 4.4.0-3.fc12 @updates ... How do I get sound working for Amarok ? What does pavucontrol say is your PA output device? Internal Audio Digital Stereo (IEC958) On the Configuration tab, Internal Audio is shown as Digital Stereo Duplex (IE958) On the Playback tab, Amarok is the only application shown, other than System Sounds. While playing, does pavucontrol show any activity for the amarok stream? Either way, I'd venture there is a volume problem here, something got muted or set to 0 somehwere. -- Rex Hmm. While digging around when I had sound problems, I found the following URL of interest: http://pulseaudio.org/wiki/PerfectSetup It claims, Amarok ¶ Amarok is a KDE media player. It supports multiple engines, which can be changed within the menu: Settings - Configure Amarok... - Engines. The GStreamer engine supports PulseAudio (refer to the general GStreamer section on this page for more information), while the Xine engine supports both PulseAudio (1.1.2 and newer) and Esound (older versions). Going further down for the Gstreamer section, GStreamer Applications ¶ Applications using the modern GStreamer media framework such as Rhythmbox or Totem can make use of the PulseAudio through gst-pulse, the PulseAudio plugin for GStreamer in gst-plugins-good. After installing it, you have to enable it as default audio sink and source for all GNOME applications by changing the GConf keys /system/gstreamer/0.10/default/audiosink and /system/gstreamer/0.10/default/audiosrc: gconftool -t string --set /system/gstreamer/0.10/default/audiosink pulsesink gconftool -t string --set /system/gstreamer/0.10/default/audiosrc pulsesrc Alternatively, you can make these changes with the GUI tool gstreamer-properties. The GStreamer plugin wraps playback, recording and the mixer interface. I don't know where gconftool can be found. I used gsteamer-properties to set the default audio sink and source. gstreamer-properties is a binary provided by gnome-media-apps $ rpm -q gnome-media-apps gnome-media-apps-2.28.5-1.fc12.x86_64 The gstreamer Pulse Audio Plugin is found in $ rpm -q gstreamer-plugins-good gstreamer-plugins-good-0.10.21-1.fc12.x86_64 $ rpm -q -l gstreamer-plugins-good|grep -i pulse /usr/lib64/gstreamer-0.10/libgstpulse.so In the end I believe Pulse Audio will be a good thing. I like the idea of this abstraction layer and what it tries to do. I tried switching a number of programs to using Pulse Audio native. I think I still have some programs trying to go to Alsa. I believe programs trying to go to Alsa are being intercepted by $ rpm -q alsa-plugins-pulseaudio alsa-plugins-pulseaudio-1.0.22-1.fc12.x86_64 I have things, more or less, working now. Stuff could still be better. Like me, your mileage will vary. I wish you luck. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvhwlkACgkQyc8Kn0p/AZSlxQCcDNIHC601ZIvq2eGtPqtT3zMF u1wAoIMx6sPIeW+UhSebTnNfhSQMTsk4 =Eej1 -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Sound Problems FC12
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/30/2010 06:30 PM, Jim wrote: On 04/28/2010 05:48 PM, Jim wrote: On 04/28/2010 01:18 PM, Jim wrote: On 04/28/2010 12:59 PM, Jim wrote: Fc12-X86_64/KDE No sound at all. Pulseaudio volume is set to 100% , alsamixer is set to 80% and in System Settings Multimedia it shows Dummy for devices, no sound using test I have a Ensoniq ens-1371 and it has a driver snd-ens1371 the module is being loaded at boot time. See below. Where is the system-config-soundcard package for Fedora 12. I don't know where the system-config-soundcard package is either. Sound worked perfect in Fedora 11 , did upgrade to Fedora 12 and no sound. ... rtkit-daemon[1596]: Sucessfully made thread 1946 of process 1946 (/usr/bin/pulseaudio) owned by '500' high priority at nice level -11. pulseaudio[1946]: pid.c: Daemon already running. rtkit-daemon[1596]: Sucessfully made thread 1952 of process 1952 (/usr/bin/pulseaudio) owned by '500' high priority at nice level -11. pulseaudio[1952]: pid.c: Daemon already running. gnome-keyring-daemon[1957]: couldn't set environment variable in session: The name org.gnome.SessionManager was not provided by any .service files pulseaudio[1593]: module.c: Module module-device-manager should be loaded once at most. Refusing to load. pulseaudio[1593]: module-x11-xsmp.c: module-x11-xsmp may no be loaded twice. pulseaudio[1593]: module.c: Failed to load module module-x11-xsmp (argument: display=:1006 session_manager=local/unix:@/tmp/.ICE-unix/1889,unix/unix:/tmp/.ICE-unix/1889): initialization failed. In the /var/log/messages it says that module-x11-xsmp is not loading. In /etc/pulse/default.pa it shows the paragraph; /etc/pulse/default.pa ### Register ourselves in the X11 session manager #load-module module-x11-xsmp It appears here that the module is not ment to be loaded. And here is the only place I can find about xsmp; locate xsmp /usr/lib/pulse-0.9.21/modules/module-x11-xsmp.so Why is this module interfering with my not getting any sound ?? I don't know the answer to your questions. It sounds as if pulseaudio is already running when your session starts. You wouldn't, by any chance, be running pulse audio in system mode? Please see URL: http://pulseaudio.org/wiki/SystemWideInstance I am guessing you are not running pulse audio in system mode. I don't understand how pulse audio can already be running. Do you have something in your .bash_profile or .bashrc file, maybe? I found two pulse audio commands useful when I had sound problems: pavucontrol -- yum info pavucontrol and to a lesser extent, paman -- yum info paman Please install pavucontrol if you haven't already: yum install pavucontrol Please run pavucontrol -- it is GUI based (please note I use Gnome; I assume it works fine on KDE) You will see the following tabs: Playback Recording Output Devices Input Devices Configuration Please select the Output Devices tab. One possibility, and it is probably a long-shot, you may have multiple output devices. One output device might have good volume. The other might not. The output devices are selected by changing the Port: ... item. For me, I have Port: Analog Output and Port: Headphones The volume is always the same for both devices for me...but you might be changing the volume of one and not the other...I don't know. For grins, please install paman if you haven't already. yum install paman Please run paman -- it is GUI based It has the following tabs: Server Information Devices Clients Modules Sample Cache I am wondering if you can find module-x11-xsmp under Modules. I am curious to know what is listed in Clients, and, if something is listed under devices. I assume, under Server Information, it is not disconnected or anything. I have since found another pulse audio command. yum info padevchooser -- it is GUI based. If I am not mistaken, one can advertise one's sound devices over the network with pulse audio and one can select a pulse audio sound device on another host. I doubt if you have done this, but is interesting if it can be done. I better add a disclaimer. I don't know or understand the workings of pulse audio and alsa and sound devices very well. I looked at lots of stuff when I upgraded to Fedora 12 and my sound wasn't working. I got sound to work so I am happy. I can't remember what was wrong. It would be nice if someone who knows and understands pulse audio and alsa better would chime in with better advice than I can give. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvblngACgkQyc8Kn0p/AZS6ewCgpNvRHIqviP7ICXxctOCvE92p NFQAn2koSTkg5Vod2FPqnaZSiQEBkOzK =lI8x -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options:
Re: GW (LAN1, LAN2, ADSL) config
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/20/2010 05:48 PM, j.halifax . wrote: Is IP forwarding on? Yes, it is. Původní zpráva Od: Terry Polzin foxec...@wowway.com Předmět: Re: GW (LAN1, LAN2, ADSL) config Datum: 20.4.2010 19:03:39 On Tue, 2010-04-20 at 15:31 +0200, j.halifax . wrote: Hi All, please help me kindly to reconfig my default GW (Fedora 12). The GW has 3 active Ethernet cards: eth0 - connected to Internet ADSL router (incl. VPN, pptpd) eth1 - not used eth2 - LAN1 eth3 - LAN2. I had everything working fine but due to some problems I lost the configuration of the GW and I can't get it working again. (1) The Internet access (LAN1 - GW - Internet) is working fine. (2) The access of (Internet - GW - LAN1 / LAN2) is ok incl. VPN (3) I can not access LAN2 neither from LAN1 nor from GW box Traceroute shows that for (3) packets don't go to eth3 (LAN2) as they should, but they fall down to eth0 (default gw). Can you please advise me what I need to set-up (iptables) in the GW? Thank you so much for your kind help. Regards, jh Is IP forwarding on? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines As another person asked, please do netstat -rn Please also do /sbin/ifconfig -a When debugging a routing problem, we need to see your routing table. It's also good to see the interfaces. I would be surprised if the problem were iptables related. Sounds more like the problem is routing table related. I'm assuming you haven't done anything with the /sbin/ip command like policy routing. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvOM/sACgkQyc8Kn0p/AZSWmQCfTd7Anw2fdFOLrxgWSjen40oh dWAAoKJcsXKaL7HEvRyMdNoxQbLoMQZS =8n1a -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: GW (LAN1, LAN2, ADSL) config
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/20/2010 07:15 PM, j.halifax . wrote: .please do netstat -rn Please also do /sbin/ifconfig -a == netstat == # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.180.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3 10.255.253.010.255.250.250 255.255.255.0 UG0 0 0 eth2 10.1.1.010.255.250.250 255.255.255.0 UG0 0 0 eth2 195.39.130.00.0.0.0 255.255.255.0 U 0 0 0 eth0 10.255.250.00.0.0.0 255.255.255.0 U 0 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth3 172.17.0.0 192.168.180.1 255.255.0.0 UG0 0 0 eth3 192.168.0.0 192.168.180.1 255.255.0.0 UG0 0 0 eth3 0.0.0.0 195.39.130.89 0.0.0.0 UG0 0 0 eth0 == ifconfig == ifconfig -a eth0 Link encap:Ethernet HWaddr 00:1B:11:B1:5D:0D inet addr:195.39.130.92 Bcast:195.39.130.255 Mask:255.255.255.0 inet6 addr: fe80::21b:11ff:feb1:5d0d/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:24299910 errors:0 dropped:0 overruns:0 frame:0 TX packets:15282420 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:16111717780 (15.0 GiB) TX bytes:2946725879 (2.7 GiB) Interrupt:21 Base address:0xca00 eth1 Link encap:Ethernet HWaddr 00:19:D1:9D:E6:14 BROADCAST PROMISC MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Memory:9220-9222 eth2 Link encap:Ethernet HWaddr 00:19:5B:38:B7:36 inet addr:10.255.250.37 Bcast:10.255.250.255 Mask:255.255.255.0 inet6 addr: fe80::219:5bff:fe38:b736/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:53693057 errors:0 dropped:0 overruns:0 frame:0 TX packets:15359524 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5565104705 (5.1 GiB) TX bytes:13115812080 (12.2 GiB) Interrupt:22 Base address:0xa900 eth3 Link encap:Ethernet HWaddr 00:1B:11:B1:1C:D4 inet addr:192.168.180.100 Bcast:192.168.180.255 Mask:255.255.255.0 inet6 addr: fe80::21b:11ff:feb1:1cd4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4068329 errors:0 dropped:0 overruns:0 frame:0 TX packets:60337 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:417749601 (398.3 MiB) TX bytes:4328913 (4.1 MiB) Interrupt:18 Base address:0x6800 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:431338 errors:0 dropped:0 overruns:0 frame:0 TX packets:431338 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:41551814 (39.6 MiB) TX bytes:41551814 (39.6 MiB) sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Thank you so much... :) jh The routing table and interfaces look okay. I am confused. I have questions below. Původní zpráva Od: Rick Sewill rsew...@gmail.com Předmět: Re: GW (LAN1, LAN2, ADSL) config Datum: 21.4.2010 01:10:47 On 04/20/2010 05:48 PM, j.halifax . wrote: Is IP forwarding on? Yes, it is. Povodní zpráva Od: Terry Polzin foxec...@wowway.com PYedmt: Re: GW (LAN1, LAN2, ADSL) config Datum: 20.4.2010 19:03:39 On Tue, 2010-04-20 at 15:31 +0200, j.halifax . wrote: Hi All, please help me kindly to reconfig my default GW (Fedora 12). The GW has 3 active Ethernet cards: eth0 - connected to Internet ADSL router (incl. VPN, pptpd) I expected to see something in the routing table or interfaces for pptpd. Isn't there a ppp0 (or something like that) interface for pptpd. What is added to the routing table (netstat -rn) or interfaces
Re: SSH tunnel for ssh traffic
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/15/2010 09:12 AM, Christoph Höger wrote: Hi, I need to ssh to some remote VM that sit in a private LAN. For any other service (e.g. RDP) I'd use ssh tunneling just normal. But what do I do for ssh traffic? Since ssh is not host agnostic, it will always complain about localhost having a different RSA key. I just do not want to edit the known_hosts every time I need to connecto to a new machine! Is there some way to tell ssh to use a tunnel directly for a connection? regards Christoph I'm afraid I do not understand what you are asking. Let me try to answer what I think you are asking. I apologize if I'm wrong. Let us say I want to ssh tunnel to a remote machine on a remote lan. Let us say I want to tunnel ssh traffic through this ssh tunnel to still a third machine on that remote lan. Could I do something like the following in my ~/.ssh/config file: Host remote HostKeyAlias myAliasForRemote HostName remote.com LocalForward veryremotehost:22 Host veryremote HostKeyAlias myAliasForVeryRemote HostName localhost port Now, could I do ssh remote and myAliasForRemote is what is associated with the host in my ~/.ssh/known_hosts file. and as long as this connection is open, could I do ssh veryremote and myAliasForVeryRemote is what is associated with the host, veryremotehost, in my ~/.ssh/known_hosts file. I am not sure if the DNS name, veryremotehost needs to be resolved locally or remotely. I think it is remotely, but you would need to check. Normally, I would have used IP addresses because the hosts on the company's internal lan did not have DNS entries. The HostKeyAlias controls the name used for the host that is stored in the ~/.ssh/known_hosts file. Is this what you are asking? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvHWB0ACgkQyc8Kn0p/AZT9LACcDNo/uJxnV1fx4JEbboAIgFt2 fMYAoK62YhEtG/Oc45hZs1hAED9tLBOe =aTns -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: authentication problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/15/2010 11:51 AM, jack craig wrote: Hi Folks, I have an authentication issue with ssh that i'd like to ask for clues on solving? i have created a local host key, id_rsa.pub. i have copied that to the remote host, .ssh/authorized_keys, and checked the perms for both ~/.ssh .ssh/authorized_keys. yet i get the below, ... ssh -v -l jackc sby1.extraview.com OpenSSH_5.2p1, OpenSSL 0.9.8k-fips 25 Mar 2009 ... publickey,gssapi-with-mic,password ! ... No credentials cache found ... No credentials cache found ... debug1: Next authentication method: publickey debug1: Offering public key: /home/jackc/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 Agent admitted failure to sign using the key. debug1: Next authentication method: password ja...@sby1.extraview.com's password: my naive reading of the above looks like it fulfilled one authentication method, but then goes on to ask for another, in this case, a password. my wag is that there is an /etc/pam.d config that is wrong, but this isn't my strong suite and i don't want to guess/mess around. also, this phrase, ... debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found I wouldn't worry about GSS failure. You haven't set it up. - From URL: http://www.ssh.com/support/documentation/online/ssh/adminguide/53/userauth-gssapi.html it explains the idea behind GSS. I tend to think of GSS as Kerberos. where do i find the minor code its referring to? any ssh guru's out there to provide a clue? Not sure. When it says, Agent admitted failure to sign using the key., is it referring to ssh-agent? There is a program, ssh-add, which talks to ssh-agent. I haven't used ssh-add or ssh-agent in a long time. Before I take us down this path which might be a wild good chase, I better ask are you using these? Whenever I have publickey authentication problems, it usually is file and directory permissions. You indicated you checked ~/.ssh and ~/.ssh/authorized_keys As a test, could you make certain your $HOME directories, on both the local and remote machine, are not writable by anyone, but owner? Could you make sure ~/.ssh on both machines is only read/write by owner? Could you make sure the files in ~/.ssh, such as authorized_keys, config, id_rsa, known_hosts, are only read/write by owner? For me, anything in ~/.ssh should only be read/write by owner. Call me paranoid but only owner should have access to these files. The one kicker, I'm asking you to do, is make sure both $HOME directories are, at most, readable, by others, and not writable. If you want someone to put files in your $HOME directory area, can you set up $HOME/droparea and give them read/write access to $HOME/droparea? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvHX68ACgkQyc8Kn0p/AZSq7gCfemQ7xhl7GwPnlC1Hcrj+XlI0 dREAn16BFmZbHBeQ8ZvcX2Hp+iCVoBy3 =l5hs -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: SSH tunnel for ssh traffic
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/15/2010 04:38 PM, Christoph Höger wrote: Host remote HostKeyAlias myAliasForRemote HostName remote.com LocalForward veryremotehost:22 Host veryremote HostKeyAlias myAliasForVeryRemote HostName localhost port This comes very close to my needs. Only one thing left: Is there any way to trigger ssh remote just by running ssh veryremote? I always started ssh remote manually. Could you create a bash shell script that starts ssh remote in the background, and then starts ssh veryremote? - From the man ssh page, there is a suggestion about using The following example tunnels an IRC session from client machine “127.0.0.1” (localhost) to remote server “server.example.com”: $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10 $ irc -c ’#users’ -p 1234 pinky 127.0.0.1 Perhaps you could do something like: # Please note...I have not tested this. #!/bin/bash # establish the initial ssh tunnel putting it in the background ssh -f remote sleep 10 # wait 2 seconds for ssh to set up the tunnel, hopefully long enough sleep 2 # establish the ssh tunnel to the very remote machine. ssh veryremote I prefer starting ssh -f remote sleep 10 manually to know the ssh tunnel is actually started before I start using it to forward traffic. Other than using a bash script, I can't think of a way to trigger the starting of ssh remote. On another note, they added a ~/.ssh/config option that is new to me. For those having problems with a home directory shared across multiple machines, from man ssh_config, they added NoHostAuthenticationForLocalhost NoHostAuthenticationForLocalhost This option can be used if the home directory is shared across machines. In this case localhost will refer to a different machine on each of the machines and the user will get many warn- ings about changed host keys. However, this option disables host authentication for localhost. The argument to this keyword must be “yes” or “no”. The default is to check the host key for localhost. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvHmV4ACgkQyc8Kn0p/AZQpuQCfXK3UcWOd8LR0FkHbRK0uqH9n mYMAn0XVzkFoD7y4Cxkq3NLGpWyHp2x3 =YRkG -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Sftp does not work after upgrade fo F12
On 03/30/2010 05:57 AM, Gianfranco Durin wrote: ... = Googling a little, I see I am not the only one to have a similar problem: http://www.experts-exchange.com/OS/Linux/Setup/Q_24958525.html http://support.expandrive.com/discussions/expandrive-mac/361-can-ssh-connect-on-the-comandline-but-expandrive-connection-allways-dies So, finally I tried: === sftp -vvv localhost ... debug1: Sending subsystem: sftp debug2: channel 0: request subsystem confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug3: Wrote 192 bytes for a total of 1941 debug2: channel 0: rcvd adjust 2097152 debug2: channel_input_status_confirm: type 99 id 0 debug2: subsystem request accepted on channel 0 debug3: Wrote 48 bytes for a total of 1989 debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0 debug1: client_input_channel_req: channel 0 rtype e...@openssh.com reply 0 debug2: channel 0: rcvd eow debug2: channel 0: close_read debug2: channel 0: input open - closed debug2: channel 0: rcvd eof debug2: channel 0: output open - drain debug2: channel 0: obuf empty debug2: channel 0: close_write debug2: channel 0: output drain - closed debug2: channel 0: rcvd close debug3: channel 0: will not send data after close debug2: channel 0: almost dead debug2: channel 0: gc: notify user debug2: channel 0: gc: user detached debug2: channel 0: send close debug2: channel 0: is dead debug2: channel 0: garbage collecting debug1: channel 0: free: client-session, nchannels 1 debug3: channel 0: status: The following connections are open: #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1) debug3: channel 0: close_fds r -1 w -1 e 6 c -1 debug3: Wrote 32 bytes for a total of 2021 debug3: Wrote 64 bytes for a total of 2085 debug1: fd 0 clearing O_NONBLOCK debug3: fd 1 is not O_NONBLOCK Transferred: sent 1872, received 2040 bytes, in 0.1 seconds Bytes per second: sent 22414.6, received 24426.1 debug1: Exit status -1 Connection closed = Honestly, I am little confused... Thanks to all, Gianfranco I am confused too. Just a guess...might be a wild goose chase... for the user account you are trying to sftp to, could you save your bash startup files on the server machine and set up the default bash startup files? My memory is vague, or it might be my imagination, but I seem to remember having a problem, a very long time ago, about having things in my bash startup files that were interfering with my ability to do things through ssh. Whatever problem I had may no longer be a problem. I finally fixed my problem by stopping my .bashrc file from doing certain things if not interactive. I came to the conclusion my problem had something to do with things in my .bashrc file intercepting input from the standard input and creating unexpected output on standard output. I still try to separate my bash startup files into stuff I always want to do and stuff I only want to do when interactive. I still put the following line in an appropriate place in my .bashrc file to stop doing certain things when I am not interactive: # check for shell is not interactive [ -z ${PS1} ] return It's just a guess...but it would be quick and easy to test. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Sftp does not work after upgrade fo F12
On 03/29/2010 10:23 AM, Gianfranco Durin wrote: On 03/29/2010 03:28 PM, Aaron Konstam wrote: On Mon, 2010-03-29 at 11:07 +0200, Gianfranco Durin wrote: On 03/25/2010 03:51 PM, Marvin Kosmal wrote: Could start with which sftp on the Fedora machine. YMMV Marvin Thanks, I use openssh and I have Subsystem sftp /usr/libexec/sftp-server enable in my sshd.config file. Is it enough? Gianfranco This is the line in my sshd.conf file Subsystem sftp/usr/libexec/openssh/sftp-server The file you reference does not exist on my machine. Yes, sorry, you are right, this is the very same I have Gianfranco Can you ssh successfully from the client side to the server side? Sorry if you already answered this question. I started looking at this thread in the middle. If you cannot ssh, that will give us some hints. If you can ssh successfully, please check your /etc/hosts.allow and /etc/hosts.deny files on the server side. I believe openssh-server is built to examine those files. I believe those files can authenticate or block connections on a per service per user per host basis. On the client side, can you do sftp -v Does anyone know if multiple sftp -v -v -v increase the logging level as it does in ssh -v -v -v ? If using multiple -v does increase the logging level, can you do sftp -v -v -v ... -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: log in through root
On 03/28/2010 03:29 AM, Rajanish Kumar wrote: Hi! I have already installed Fedora 12 .I have given root password...and finally added a user name rajanish .I am log in through rajanishbut i have not accessing throgh root...I want to log in through root because i want to learn administrative property. please help me to guide log in through root.. Rajanish Kumar Fedora User Others will answer how to log in through root. I would express a different concern. Please forgive me if this sounds like a rant. I don't wish it to be such. The following is what I believe. Linux has a different mindset from Windows. I think of Windows as being single-user focused. One user, at a time, does things on Windows. That user, is, for all intents and purposes, god on the PC. That user, invariably, runs with administrator privileges. I realize I am being unfair to Windows. One can have multiple Windows users active at the same time. One can leave one user active and log in as another user. Windows users can be restricted from administrator privileges. Windows users are coerced into running with administrator privileges. Windows users run programs that try to do upgrades automatically. Windows users visit websites that try to do installs immediately. Linux is multi-user. People are expected to run as normal users. People should be root only long enough to do system things. Program developers create downloads with this in mind. People can download and compile and build programs as normal users. Only when people need to install, do people need to become root. For most things, people should run as a normal user. When I see a person running normal programs, as root, I shudder. People have arguments, which is more secure, Windows or Linux. I believe it is not the operating system that is secure or insecure. I believe it is the way people use the operating system. I believe one can take an insecure Windows operating system and make it secure. One can argue, it will also be annoying to use, or unusable, but that is another discussion. I believe one can take a secure Linux operating system and make it insecure. What am I trying to say? Please be very, very careful what you do as root. You can make a terrible mess if you don't know what you are doing. This is the end of my rant...wishing it didn't sound like a rant. To help this person and me and others, can someone suggest some reasonable websites that explain how to keep Linux secure and how to be a Linux administrator for beginners? What I found, when searching the Internet, was rather dated. I'm not looking for information on selinux or the intricacies of iptables. I'd rather find a tutorial saying things like... only run services (chkconfig service ...) you need, only open firewall ports (iptables ...) you really want opened, only install software from sources you trust, don't run user programs or games as root, get a USB drive for backups and how to do backups, etc. I have a personal reason for asking for this information. My sister keeps bringing her Windows XP PC to me for fixing. It takes her less than a week to get viruses on her PC. I've reloaded from the factory partition twice already. The second time, she got viruses, really frustrated me. Before giving her back her PC, I made sure all the patches were in. I had Norton Utilities running with all updates. I made sure her firewall was enabled. Did me little good. Her PC currently has some viruses on it (this is the third time). Again, I made sure all patches were in and all updates were in. Norton Utilities can detect the viruses, but not remove them. I told her I wanted to install Linux on her PC. She is bucking. She knows how to find notepad. She wants to be able to run a Creative Memories program. She has both Internet Explorer and firefox (I tried to get her to use firefox) set to go to her favorite website, as her home page. I only find out she has a problem when she can't do her usual routine. The first two times, I found out, because the malware was demanding money and wouldn't let her do anything with her PC. This last time, I found out, because, when she clicked the web browser icon, it went to the wrong web page, not her home page. Even if I force her to switch to Linux, I will have problems. She will fuss and fuss until I give her the root password. I won't want to give her the root password...for obvious reasons. She will take a secure Linux system and make it vulnerable. She won't know what she is doing. You may think I'm being unfair to her...and I am. She is not computer literate. She is literate in other things. She calls her PC her brain because someone explained the PC was the brain. She doesn't know what a hard disk is...she doesn't know the difference between program and data...she doesn't know how to find things unless those things are icons on the desktop...she needs help configuring her printer and ethernet. Once configured, she is happy. As I say, I
Re: log in through root
On 03/28/2010 12:04 PM, bruce wrote: hey... as a guy who's been running different variants of unix/sun/vax vma for ~25 years... you can run as root/user with equal ability to screw up if you don't know what you're doing! running as a user implies that you can't do certain things/apps on a system.. but who's to say that someone didn't open up the system to allow users to run thoses dangerous apps as a user! bottom line, people should know what the heck they're doing when they start to play on the system.. as to your issues with windows... what kind of virus system/apps are you running to prevent viruses from being able to be downloaded on the box??? if you have good anti-virus apps running, and they're updated on a frequent basis.. the system should be ok, unless she's going to sites that are probably good breeding grounds for getting infected. in which case, you should tell her to stay the hell away from those sites... peace.. It was Norton anti-virus...and I updated to the latest patches. I updated Windows to the latest patches. I updated IE to IE 8, hoping that would slow down problems. Unfortunately, you hit the nail on the head. Took her only a few days to get infected again. She told me she was visiting hundreds of web sites looking for pictures. I don't think any anti-virus apps, even if kept up to date, could help. I am stuck what to do. She doesn't want me switching her to Linux. She wants her Creative Memories software to work. She is comfortable clicking the IE icon to get to Yahoo! mail. She's learned how to find pictures and how to print pictures. She wants to go to hundreds of web sites looking for pictures. It's something, she believe, the PC should be able to do. She doesn't understand why her PC can't be kept safe. I was hoping against hope, switching her to Linux would slow the problem down. I doubt if anything can be done to prevent it. I'm afraid I took this off-topic. Sorry to everyone for doing that. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: log in through root
On 03/28/2010 02:49 PM, Sam Sharpe wrote: On 28 March 2010 20:26, agraham agra...@g-b.net wrote: On 28/03/10 09:29, Rajanish Kumar wrote: Hi! I have already installed Fedora 12 .I have given root password...and finally added a user name rajanish .I am log in through rajanishbut i have not accessing throgh root...I want to log in through root because i want to learn administrative property. please help me to guide log in through root.. At the login prompt (or your graphical login program - gdm, kdm etc) use the username root and password that you set when installing Fedora. Nice idea, but it won't work unless you enable it: http://linuxers.org/quick-tips/fedora-12-enable-root-login-gui Please ignore all those that present horror stories and FUD about root, you have to learn somehow and the best way is to mess around as root. I disagree and I am a professional Linux sysadmin. I never login as root. Unlike a normal user, your path with will include /sbin so you won't need to prepend root commands with a path e.g. /sbin/ifconfig. You can add /sbin and /usr/sbin to your normal path if this is a problem for you. I do this and then I login as a normal user and use sudo or su -c to prefix any commands I want to run as root. And if you happen to do something like rm -rf /, just re-install and start-over, I'm sure you'll learn from your mistakes like we all did. No comment ;o) -- Sam rm -rf / doesn't just happen on Linux...one of my coworkers did rm -rf * on Solaris...he thought he was one place, but he was at / You should have heard his language. On second thought...no you shouldn't. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: ogm video
On 03/28/2010 03:46 PM, Michael Miles wrote: Can anyone tell me how to get codec for ogm video files Vlc no mplayer no smplayer no xine no I have tried to convert I used all I could find All say no codec I can't seem to find codec Not heard of ogm before. yum search ogm gave a number of choices, including ogmtools. yum install ogmtools followed by man ogmdemux seems to imply ogmdemux can extract streams from an OGM. Please read the notes part of the man page...it says, What not works: * Headers created by older OggDS (DirectShow) filter versions are not supported (and probably never will be). First see if ogminfo name-of-your-file gives any useful information to see if these tools work on the file. Perhaps you can extract the streams and play them separately? Not sure if this will help or not. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: ogm video
On 03/28/2010 05:50 PM, Michael Miles wrote: On 03/28/2010 03:06 PM, Tim wrote: Can you supply a sample OGM video (a weblink to one)? I don't recall having problems playing them in the past, but I can't find one at the moment. Limite de Segurança.ogm unfortunately this has to be downloaded with torrent http://www.kickasstorrents.com/t524772.html try it I do believe it is an older file Good quality but it is only a codec that is stopping it ogmdemux splits it and ogmjoin reassembles I have changed the format to avi and changed fourcc to xvid but the players still wont work sound is there but no video I have installed every codec under the sun but no joy there I opened a virtual windows os and intalled klite codec pack xillisoft converted it no problem on the linux side no way Michael Miles It may not help, but I am curious. When you split it, you get a number of files. If you do the command, file name of files you got by splitting what does the file command tell you? I am hoping the file command can identify the video file type. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Routing choice under user control per application instance?
On Thu, 2010-03-18 at 14:07 -0600, S P Arif Sahari Wibowo wrote: Hi! I am wondering whether it is possible to choose TCP/IP routing for a specific instance of an application - chosen on user-level when the application is started? More specifically I have a workstation with 2 Internet connections (different devices), and I would like to have some applications connecting to Internet using one connection while other applications connecting to Internet using the other connection, where I choose which application instance use which connection. I control the whole workstation (root, hardware) so I can do whatever on the machine, but not the router / connection. Any idea? I have not done what you are requesting. I did an Internet search and came to the following conclusions: 1) You can mark packets using iptables. The marking can be based on type of traffic, ex: html, smtp, etc. 2) You then use ip routing to do what is called policy routing. You have multiple routing tables. The routing table to be used will be selected based on the marking. I will suggest you look at the following URL and see if it helps you. This URL is not for the faint of heart: http://linux-ip.net/html/adv-multi-internet.html The key overview to understand this URL is the summary near the top: Quoting from the URL, ...Before beginning let's outline the process we are going to follow. * Copy the main routing table to another routing table and set the alternate default route [38]. * Use iptables/ipchains to mark traffic with fwmark. * Add a rule to the routing policy database. * Test! I have not personally done this. I can't do much more than give you the URL reference. You will need to determine if this as a possible solution for you. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Backup, what system files are *really* important?
/opt (and /usr/local) are likely to contain stuff that wasn't installed via rpm or yum, thus needs to be preserved. That's all. YMMV. what about /var ? /var/www/html /var/www/named /var/lib/dhcpd /var/lib/imap /var/cache/samba Did they move /var/named to /var/www/named? At one time I needed to do my own DNS and have a /var/named laying around. I guess it depends what's in the /etc/named.conf file. Probably all of /var/lib should be examined -- I don't know where asterisk, mysql, or other packages keep their data. And /var/spool/cron -- if you have any user cron jobs. All of /var/spool should be examined for directories to back up. And ... /sbin/ifup-local and /sbin/ifdown-local if you have those files. Those files, if present, are referenced from files in the /etc/sysconfig/network-scripts directory. I'm sure there's a good reason those files are in /sbin; I wish they were in /usr/local/sbin. And consider /root -- it's up to you whether you want to back this up And /boot/grub/grub.conf -- /etc/grub.conf is a symbolic link. I dual boot so my grub.conf has other boot directives in it. Hopefully, /etc/grub.conf is the only symbolic link to worry about. I did find /etc -type l and grub.conf was the only symbolic link pointing to something I needed to worry about. I'd check for symbolic links in the directories you back up. Do hard links cause backup problems? Are there any hard links one has to worry about when doing backups? At this moment, I can't think of any. I haven't had to create any block or character special files in the /dev directory in a while. I suggest you keep a text file detailing any special /dev files you might have created. I am thinking of the case where you are doing something with a device driver for something that is not supported in FC12. Hopefully, this won't apply. I'd keep a text file detailing anything like this in my /root. Finally, I'd examine the sub-directories in /usr/src. Before FC12, my webcam wasn't supported. I kept source code in /usr/src/redhat/SOURCES for building a driver for my webcam. You may have something in /usr/src/redhat/SOURCES or /usr/src/redhat/RPMS that you need to add to FC12. If possible, keep information in a text file describing where you got the code rather than try to back up /usr/src/redhat...but as a last resort, be prepared to back up stuff, if necessary. I'd actually keep a text file detailing any changes I make that are not part of standard Fedora. It's easier to go to a text file where I keep a list of things from livnia or source files I need to get something working that isn't supported, then to discover something is missing and have to remember where I got it and how I had to install it. I'd also generate a text file, on a regular basis, yum list all /root/yum-list-$(date '+%Y%m%d').lst so I have a list of Fedora packages that were in my system. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Fedora 12: Cannot boot with kernel-2.6.32.9-67.fc12.x86_64
On Mon, 2010-03-08 at 09:19 -0600, John Thompson wrote: On 03/08/2010 03:32 AM, Fred Williams wrote: If all I need to do is try running without the proprietary NVidia driver, please let me know specifically how to disable that driver the easiest possible way. �Translation: so that I can just boot back into an older kernel and continue using the proprietary NVidia driver if I decide to do that. In your /etc/X11/xorg.conf you need to change the driver from nvidia (the proprietary driver) to nv (the open source driver). Section Device Identifier Device0 Driver nvidia # = THIS LINE VendorName NVIDIA Corporation BoardName GeForce 6600 GT Option AccelMethod XAA # not EXA BTW, what I do when I update the kernel is first boot into runlevel 3, then build the proprietary driver modules, and then change to runlevel 5. -- -John (j...@os2.dhs.org) When I upgraded to Fedora 12, I had an error, to the effect, hardware was already in use. I found the nouveau driver had the hardware. My xorg.conf file was using the nv driver. Not thinking, I changed from the nv driver to the nouveau driver. Searching the Internet, for the words, blacklist nouveau, I found the following comment at URL: http://linux.derkeiler.com/Mailing-Lists/Fedora/2010-01/msg02113.html The summary of the comment was, if you use the rpmfusion repository, for the nvidia module, it will automatically blacklist nouveau? If I do an Internet, search for the words, blacklist nouveau nv, I find indications some people, not sure who, claimed the nouveau driver has passed up the nv driver, and has been made the default. Questions please: 1) Are there 3 drivers, nvidia, nv, nouveau? 2) If there are 3 drivers, how did people decide which driver to use? My questions on this subject, are as follows: a) Is the nouveau driver now considered better than the nv driver? If the nouveau driver is considered better, I am curious why? b) Is it true the nvidia driver is faster than the nouveau driver? I wanted to use the free driver, if possible, so I was using nv. I switched to nouveau because that seemed to be the new default. I am wondering what I am giving up not using the nvidia driver. -Rick -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: ssh to my computer behind NAT
On Tue, 2010-03-09 at 00:49 +0300, Hiisi wrote: Dear list! I would like to be able to ssh to my home computer located behind my ISP' NAT. I know, I can tunnel to it through some middle host and actually I'm doing it at the moment. But I'm fancy is there a better solution? Is there a possibility of not using any computer at the middle to connect to my home system from the outside world? Can I connect to it directly using some magic setup? Any thoughts? -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/ -- Spandex is a privilege, not a right. You said something about a middle host. This middle host confuses me. Is this middle host controlled by the ISP? What is this middle host? When I worked for a certain company, I had to ssh to a gateway host. They didn't want anyone able to ssh directly to their internal LAN. When you said middle host, I thought of that company and their gateway. I would be surprised if an ISP requires you to go to a middle host. I would expect an ISP to use the NAT where only IP addresses change. I would expect an ISP to forward all ports to your assigned IP address. If the ISP provided a router to you, that is doing NAT, you should be able to configure that router to forward your ssh port. I would not be surprised if a company requires you to go to a gateway. If it's a company gateway, we mustn't help you defeat their security. I don't want to discuss whether having a gateway adds to security. Personally, I believe all devices in the internal LAN must be secure. I do not believe security can be done solely at the border of a LAN. Do you control the device that is doing NAT for you or does the ISP? If controlled by the ISP, did the ISP provide a way to configure it? As others have said and will say, one needs to have the NAT device port forward the appropriate port (whatever port you use for ssh) to your host. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: ssh to my computer behind NAT
On Tue, 2010-03-09 at 08:40 +0300, Hiisi wrote: 2010/3/9 Rick Sewill rsew...@gmail.com: On Tue, 2010-03-09 at 00:49 +0300, Hiisi wrote: Dear list! I would like to be able to ssh to my home computer located behind my ISP' NAT. I know, I can tunnel to it through some middle host and actually I'm doing it at the moment. But I'm fancy is there a better solution? Is there a possibility of not using any computer at the --SNIP-- If it's a company gateway, we mustn't help you defeat their security. I don't want to discuss whether having a gateway adds to security. Personally, I believe all devices in the internal LAN must be secure. I do not believe security can be done solely at the border of a LAN. Do you control the device that is doing NAT for you or does the ISP? If controlled by the ISP, did the ISP provide a way to configure it? As others have said and will say, one needs to have the NAT device port forward the appropriate port (whatever port you use for ssh) to your host. You and other, thank for your responses. Sorry I didn't make it clear. I don't have any router. I'm connected to Internet via LAN. My IP address is something like 192.168.3.20 and I use ISP' router IP (192.168.0.1) as a gateway (I don't have any access to the router). So, I decided its called NAT. Am I wrong here? I don't know. I know only that I can't reach my computer from the outside of the LAN. So, I did the following: on the target computer I ran: ssh -R 10002:localhost:22 u...@middle.host (it's a computer somewhere and I have ssh access there) Now I can connect to the target computer in a few steps: 1. connect to middle.host: ssh u...@middle.host 2. and from there: ssh hi...@home.computer -p 10002 See, it's not very convenient and I'm not sure whether it's possible to use VNC using this setup (as I would like to). So, is there any better solution? -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/ -- Spandex is a privilege, not a right. Your explanation of a middle host is good. I didn't understand what you were doing, previously. Your description of NAT is fine. Your ISP is doing NAT. My first thought is to say, talk to the ISP. The ISP should have a way for you to configure their NAT router to forward the ssh port to your host. I have difficulty thinking why the ISP wouldn't let you configure their NAT router to forward the ssh port to your host...unless. I hadn't thought of it before, but putting customers behind a NAT router, and not letting customers configure the NAT router to forward ports, might be a way to prevent customers running servers. Is this what the ISP is trying to do? Stop customers running servers? If a customer wants to run a server, even an ssh server, which is what you wish to do, does the ISP wish to charge more money? If the ISP is deliberately stopping you, I'd say get another ISP. If you can't get another ISP, I don't know what to suggest. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: ssh to my computer behind NAT
On Tue, 2010-03-09 at 00:08 -0600, Rick Sewill wrote: On Tue, 2010-03-09 at 08:40 +0300, Hiisi wrote: 2010/3/9 Rick Sewill rsew...@gmail.com: On Tue, 2010-03-09 at 00:49 +0300, Hiisi wrote: Dear list! I would like to be able to ssh to my home computer located behind my ISP' NAT. I know, I can tunnel to it through some middle host and actually I'm doing it at the moment. But I'm fancy is there a better solution? Is there a possibility of not using any computer at the --SNIP-- If it's a company gateway, we mustn't help you defeat their security. I don't want to discuss whether having a gateway adds to security. Personally, I believe all devices in the internal LAN must be secure. I do not believe security can be done solely at the border of a LAN. Do you control the device that is doing NAT for you or does the ISP? If controlled by the ISP, did the ISP provide a way to configure it? As others have said and will say, one needs to have the NAT device port forward the appropriate port (whatever port you use for ssh) to your host. You and other, thank for your responses. Sorry I didn't make it clear. I don't have any router. I'm connected to Internet via LAN. My IP address is something like 192.168.3.20 and I use ISP' router IP (192.168.0.1) as a gateway (I don't have any access to the router). So, I decided its called NAT. Am I wrong here? I don't know. I know only that I can't reach my computer from the outside of the LAN. So, I did the following: on the target computer I ran: ssh -R 10002:localhost:22 u...@middle.host (it's a computer somewhere and I have ssh access there) Now I can connect to the target computer in a few steps: 1. connect to middle.host: ssh u...@middle.host 2. and from there: ssh hi...@home.computer -p 10002 See, it's not very convenient and I'm not sure whether it's possible to use VNC using this setup (as I would like to). So, is there any better solution? -- Hiisi. Registered Linux User #487982. Be counted at: http://counter.li.org/ -- Spandex is a privilege, not a right. Your explanation of a middle host is good. I didn't understand what you were doing, previously. Your description of NAT is fine. Your ISP is doing NAT. My first thought is to say, talk to the ISP. The ISP should have a way for you to configure their NAT router to forward the ssh port to your host. I have difficulty thinking why the ISP wouldn't let you configure their NAT router to forward the ssh port to your host...unless. I hadn't thought of it before, but putting customers behind a NAT router, and not letting customers configure the NAT router to forward ports, might be a way to prevent customers running servers. Is this what the ISP is trying to do? Stop customers running servers? If a customer wants to run a server, even an ssh server, which is what you wish to do, does the ISP wish to charge more money? If the ISP is deliberately stopping you, I'd say get another ISP. If you can't get another ISP, I don't know what to suggest. I just thought of another possibility the ISP might be doing. Are you, and some other customers of the ISP, sharing the same public IP address? Doing so would reduce the number of public IP addresses the ISP would need. I'd be very, very surprised if an ISP did this. I'd be more than surprised. I'd be shocked. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines