On 2016-04-06 17:46, ChristianEhrhardt wrote:
> I did the task of identifying the remaining packages that are affected.
>
> $ apt-file search /etc/pm/sleep.d/
>
> aiccu: /etc/pm/sleep.d/60aiccu
There has been a bug out for this for 4 years already that this should
never ever have existed:
http
One also has to go to the website for this, little the package can make
clearer.
** Changed in: aiccu (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/797268
No replication of this "bug" possible.
Tested by installing a clean VM and then installing AICCU package,
debconf asks for password. Then install it again, and debconf does not
ask for it, as the username/password are stored in debconf and
aiccu.conf.
** Changed in: aiccu (Ubuntu)
Status:
** Changed in: aiccu (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1261653
Title:
aiccu can not route, looses route
To manage notifications about this bug
** Changed in: aiccu (Ubuntu)
Status: New => Opinion
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1099002
Title:
Remote upgrade over aiccu connection failed
To manage notifications about th
No fix has been released for this.
This bug is invalid.
User just typed in a wrong username/password as per this log message:.
> Response not accepted: Login failed, login/password mismatch.
Nothing the package or the software can do about.
--
You received this bug notification because you ar
Two years ago ( 2013-09-05) somebody typed a wrong password.
> From https://launchpadlibrarian.net/149425621/DpkgTerminalLog.txt
> Response not accepted: User rogerio does not exist in the DB..
Nothing that can be done about that in the package.
** Changed in: aiccu (Ubuntu)
Status: Conf
Did you stop AICCU? Or otherwise terminate it?
As that code path would sigsegv when there is a race in the shutdown
where the tun_reader thread is still going and g_aiccu is set to NULL as
the process is shutting down.
More details on the events surrounding would be useful.
More importantly: is
On 2014-10-11 10:24, rainkin wrote:
> ** Description changed:
>
> Recently, we are trying to find SSL security problems by static
> analysis. For example, as we all know, Hostname verification is an
> important step when verifying X509 certificates, however, people tend to
> miss the step
> /var/log/syslog told me that "TIC Server is currently not available".
There is likely another error above that message, as that is just the
general marker.
> It was just a misconfiguration at server site,
What kind of misconfiguration? How did you resolve that
misconfiguration?
> I could solv
Without the output of aiccu or the script that is calling it, there is
little to say as except for the line that says that the post-install
script failed, there is no actual error message.
You might want to check /var/log/* for aiccu related messages; and/or
try 'dpkg --configure aiccu' and/or try
> THEN TCPDUMP STOPS WHEN GIVING RESTART AICCU DUE SIXXS DROPS OUT
What do you mean with this sentence? Can you rephrase it? (possibly with
interpunction and possibly also in lowercase?)
It sounds like you are restarting things, why?
Note that, as stated on the contact page mentioned in a previo
> joni@mpi2:~$ sudo tcpdump -i sixxs
Dumping the tunneling interface will only show the traffic that goes
into the tunnel.
For any kind of tunneling protocol you need to look at the interface
that the tunneling happens over.
Also, using hostname resolving makes it difficult to see what is really
> I mean protocol level timeing, response time, missing packets,...
AICCU can do little about high latency or missing packets.
As for 'timing' except for the requirement that hosts are NTP synced, there is
no timing, AYIYA/proto-41 are lossless protocols, the tunneled protocols (eg
TCP) will tak
> Problem to supply any usefull is that it dose not happen every days
and sometimes twice
Then collect the information when the problem happens. How do you mean
that the problem happens 'twice'?
> Most likely this somekind of timeing / protocol,... related problem,
Unless your local system
> Joni-Pekka, would you please be so kind, and post the output of "sudo
> /usr/sbin/aiccu autotest" ?
> Best would be twice: One before changed IP and one after at least 2 minutes
> after connection is broken.
That does not do anything useful. The 'autotest' mode sets up the tunnel
again and thu
> If operator could block AYIA I belive aiccu did not start !
Even if AYIYA is blocked (or otherwise caused to be broken), AICCU can
still start.
This as AICCU fetches it's configuration using the TIC protocol, which
is independent of the tunnel protocol used afterwards (proto-41,
optionally with
> Technical detail is that fact operator changes IP time to time as well
> there can missing pacets due operator switches radio mode of conection
> between GRPS-UMTS-HSPA,
That is not a *technical* detail, that is merely a description of the
problem that you are seeing.
As stated, the AYIYA a
> AICCU dose not dedetect changes so it can not receive data, IPV4 network
> works but it can have brakes and IP can change,... conection is lost at IPV6
> to incoming direction and aiccu dose not find it.
>From this sentence I understand you claim that AICCU does not handle
IPv4 address changes,
>From https://launchpadlibrarian.net/149425621/DpkgTerminalLog.txt
> Response not accepted: User rogerio does not exist in the DB..
When wrong user/pass is given, AICCU won't start, and thus indeed it
fails.
Nothing that can be fixed in the package (except may be providing a way
to not start whe
>From the DpkgTerminalLog.gz :
--
Setting up aiccu (20070115-15.1ubuntu1) ...
Response not accepted: Login failed, login/password mismatch.
Files /usr/share/aiccu/conf-templates/aiccu.conf and /etc/aiccu.conf differ
start: Job failed to start
-
If you enter a wrong username/pas
> > Note that the way that ssh "solves" this is to run an other binary
on a different port,
> OK. I don't understand how that is done transparently, but I guess I
can read about it somewhere.
It is a feature of update-manager-core, debian's default "apt-get dist-
upgrade" style of upgrading for i
> So it looks lot like aiccu dropped te connction during the upgrade.
Replacing a package (and thus the binary) implies restarting AICCU to
get the new binary up and running.
The only way to figure out what happened and what failed is to see the
log, which is not attached.
> preserve connection
Entering a valid username would resolve this problem:
-
Setting up aiccu (20070115-14.1ubuntu3.2) ...
Response not accepted: User r37u2a49ci does not exist in the DB..
Files /usr/share/aiccu/conf-templates/aiccu.conf and /etc/aiccu.conf di
> When the daemon starts, it will terminate if it cannot contact the
tunneling service
At failures it will always log the error and terminate. This as that is
the way that a user will notice things and start looking into logs.
Unfortunately people seem to think that everything needs the Win95
trea
[Caleb: thanks for finding the origin of this "fix"]
So it seems this sleep "fix", by just restarting (I thought Debian was
not an ancient Microsoft product where one just reboots all the time),
which was not tested is now causing issues for people:
https://bugs.launchpad.net/bugs/1058883
Would i
> Looking at the Debian changelog, it appears this resume script has its
> origins in this bug report:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531003
Thus instead of having a log or output or anything else to actually
figure out what goes wrong the 'solution' is a restart right.
--
> I'm not sure why the restart is there. Perhaps it's trying to guarantee the
> routing tables are correct.
Why would they not be?
> Or perhaps it's intended to start up the aiccu
> daemon if the computer is suspended on a network with native IPv6 support,
> then resumed on a network without nati
> I found the file
`/etc/pm/sleep.d/60aiccu`. This appears to be the offending line:
>
> $P6 -I $INT -c 1 f.root-servers.net >/dev/null 2>&1 || invoke-rc.d aiccu
restart
And the million dollar prize question becomes: why is there a restart
there?
> If I comment out the offending line and use th
> aiccu doesn't (re)start
AICCU should just kept on running during a resume, no need to stop it
before and start it after it, nothing is changing for it (except maybe
network, and that it can handle).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscri
You might want to check what syslog daemon you are running and how it is
configured, as when AICCU is in verbose mode it will log everything to
syslog when daemonize is not false, thus if you do not see anything in
syslog, something there is misconfigured and/or broken...
--
You received this bug
> The error message means actually "Access to file denied", it looks
like only root user can read from the config file.
That is how it should be as there are passwords in that file that should
not go to third parties.
> Setting verbose to true does not change anything that I can find in
log files
> if adding account data ("username","password") to /etc/aiccu.conf
doesn't help, please try to run "sudo aiccu stop; sudo aiccu autotest
>/tmp/aiccu_autotest; sudo aiccu start" and post the file /tmp/aiccu-
autotest here.
One also needs to specify a 'tunnel_id' if one has multiple tunnels.
thus
Filed as http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685550
** Bug watch added: Debian Bug tracker #685550
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685550
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https:/
Debian is upto 3.2.12-1, which is almost upto date, see
http://packages.debian.org/sid/nsd3
As such, one can easily take their details as usual, no extra work
needed for Ubuntu for this...
>From the UpdateProcedure page:
---
The Ubuntu Security team also tracks issues in universe and multiver
3.2.13 is out for a month already, might be nice to get an updated
package...
https://www.nlnetlabs.nl/projects/nsd/
{{{
NSD 3.2.13
Jul 27, 2012
Bugfixes
Bugfix #461 (VU#517036 CVE-2012-2979): NSD denial of service vulnerability from
DNS packet when using --enable-zone-stats.
Bugfix #460: man pa
Clint: you are mixing two "proposals", there is a) one for upstart, b)
the network-based one
The upstart one indeed does not have that issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/223825
Titl
> Jeroen, his upstart job does not use the 'respawn' keyword, so it will not be
> "automatically restarted" like daemontools does.
> This is only started when there is a real network interface (something I
> would think necessary for this daemon to work!),
> and stopped when the system is going d
> Attached is an updated work-around script that emits net-device-up
/net-device-down events.
I am really wondering if you know what the function of AICCU is, because
if you did you would not be stopping it when the network goes down and
starting it automatically when the network goes up.
Also ob
If there was something wrong, I am very sure that the 'behindnat' option
had anything to do with "solving" it ;)
As for problems with connectivity, don't hesitate to report those in the
proper place as per http://www.sixxs.net/contact/ and of course, with
the details as per requested there.
--
Y
The 'behindnat' option only disables a warning, for the rest it does
absolutely nothing.
It figures out that it is behind NAT (well, it checks if that address is
RFC1918) it that is the case and when that is the case it warns the user
about this, 'behindnat' disables that warning, that is it.
Thi
Dear Derek, there is a way to fix this problem in your large corporate
network, like we did for that small corporate network that I am using:
fix the resolvers. As you are claiming to have a large corporate
network, you most likely have only a handful of recursors but you might
have a 100k clients,
WORKING FIX (run as root of course):
apt-get install pdns-recursor resolvconf
echo "nameserver 127.0.0.1" >> /etc/resolvconf/resolv.conf.d/base
resolvconf -u
1) This will effectively install pdns_recursor which is a DNS recursor that
simply works(tm) and it installs the resolvconf framework (whi
@ Per Heldal / #43
glibc 2.10 does +A queries in parallel. I don't know if it does that
also for the ones in the search path, which seems to be the problem you
are describing above.
Nevertheless, search path should (afaik) only be applied to non-FQDN
hostnames (eg 'www' or 'hostname') not to
@ Jordan.sc #135
> I cannot, nor am I authorized to do firmware upgrades at the local coffee shop
> at the airport and at my place of business
And generally these locations have neutered DNS already anyway, eg they
only allow HTTP/HTTPS and generally only after authenticating (after
being hijacke
@cosmo #76, of course it is "just" a work around. The problem lies in
your DSL/cable modem, not in Ubuntu. Thus ubuntu can only work around
this issue. You didn't see the issue before as you where not using all
the features of the Internet (IPv6 ;)
--
[karmic regression] all network apps / browse
The solution is to use a working DNS server.
A couple of ways to accomplish this:
- use your ISP DNS servers directly
- use OpenDNS or a similar provider
- local caching resolver: put 127.0.0.1 as the nameserver (/etc/resolv.conf)
and install pdns-recursor
The latter can be done per default i
#64 Tim Coffey,
Just try the following: dig @
www.bingabongobango.com
That will take quite a long time to return.
The problem is that when you install Karmic, you get IPv6, because of
that, programs that are IPv6-capable will start asking for records
As the DNS Server is broken it will
Of course it fixes the problem, this as the problem lies in the DNS
resolver that is inside the DSL/cable/etc modem.
Thus by entering/using OTHER dns servers, preferably the ones from your
ISP, otherwise the ones from the OpenDNS or similar providers, you
bypass the DNS resolver in the modem, and
(Thanks to swmike for pointing this one out to me)
Something one could try is to add in /etc/network/interfaces at the interfaces
with the issues, add:
pre-down ip -6 addr flush dev
pre-down ip -6 ro flush dev
Then that should fully flush it. That is a hack and should be done by
the ifup/dow
*** This bug is a duplicate of bug 417757 ***
https://bugs.launchpad.net/bugs/417757
Top right: Duplicate of bug #417757
--
Internet ping very slow on Karmic Koala
https://bugs.launchpad.net/bugs/433972
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
@ Zack Evans #40
I quickly looked at the Privoxy 3.0.12 IPv6-patch included in Debian
(and probably the same thing in Ubuntu) and it seems that it is quite
incomplete and has quite a number of broken assumptions. One of the
primary brokeness is actually documented in the patch with: /* TODO:
Allow
@ Nech / #38
As you have the same DNS server for both wired and wireless, most very
likely _your problem_ is not a DNS issue* like what the others show
here.
* = unless an upstream of your DNS server has the "drop unknown DNS
records" problem and your resolver caches the negative answer correctly
@ Nech / #36
> I work better using wifi than using wired connection.
So, like I ask everybody else, check to see if there is a huge latency
time difference when doing:
for i in `cat /etc/resolv.conf | grep ^nameserver | cut -f2 -d' '`; do
dig @$i www.microsoft.com ; done
Over the wired or w
> ErrorMessage: subproces post-installation script werd gedood door
signaal (Interrupt)
Is Dutch for: "subprocess post-installation script was killed by signal
(Interrupt)"
I assume somebody thus hit CTRL-C.
Note that the Terminal Log contains:
"Warning: Couldn't find global Tunnel Brokers List
@ csulok / #32
What that does is avoid fixing the problem. You disable IPv6, and thus
glibc plays smart and does not resolve records anymore.
Your DNS resolver though is still broken. You might not notice it now,
but if for instance per next year DNSSEC gets turned on you will run
into it ag
@ Pconfig / #20
> You can't tell your grandmother to edit some config files because her
internet is slow
Does your grandmother use Ubuntu then? If so, then just help her out in
fixing the issue :)
@ Zack Evans / #23
> I have a Draytek so blaming the router isn't practical - these have a
MASSIVE
For everybody not reading the other comments, #7 actually explains what
goes on
Yes, indeed, probably the best solution is to use just install a local
DNS resolver (pdns-resolver), which hits the roots/gtld's etc itself.
This is not very friendly to the general Internet, but heck, with the
lar
@ Markus's #8 comment: as I mentioned "Note that the DNS queries go over
IPv4 (transport), there is no IPv6 _connectivity_ involved here.".
You also state 'so all IPv6 requests are answered by an IPv6 enabled DNS
server."; well, unless you configured IPv6 DNS resolver addresses in
your /etc/resolv
This is a problem with the DNS resolver.
This problem will occur for any DNS request which the DNS resolver does not
support.
The proper solution is to fix the DNS resolver.
What happens:
- Program is IPv6 enabled.
- When it looks up a hostname, getaddrinfo() asks first for a record
- th
Given motivation (and no nasty crap coming my way) I'll try to finish up the
all brand new AICCU this weekend.
This one will have a GUI on all platforms and will also resolve a lot of other
tiny tidbits, including 're-connect'. One can then just run the daemon, and it
will make sure that connect
Jeroen Massar wrote:
> Unfortunately one can't make a 'generic-latest-on-the-buildbox' control
> file as far as I know. If one knows how, yell.
[..]
${shlibs:Depends} already includes libgnutlsXX it seesms:
Depends: libc6 (>= 2.3.6-6), libgnutls13 (>= 1.4.0-0), iput
Markus Vuori wrote:
> No. It doesn't work for dapper because libgnutls13 is not available.
>
> The following packages have unmet dependencies:
> aiccu: Depends: libc6 (>= 2.3.6-6) but 2.3.6-0ubuntu20 is to be installed
> Depends: libgnutls13 (>= 1.4.0-0) but it is not installable
>
According to the news page at SixXS all old versions where deprecated
when 2007.01.07 was released, that is probably the problem there.
But fortunately the version from the download page simply works.
Just use a extra apt-repository in /etc/apt/sources.list and done ;)
It would be great though if
Laurent Bigonville wrote:
> I see this new version too.
>
> Moreover I think that previous versions don't work anymore due to
> changed to the authentication system.
Can you elaborate on "changes to the authentication system" ?
As as far as I know nothing has changed there at all...
Greets,
Je
Public bug reported:
Binary package hint: aiccu
New package available from upstream at http://www.sixxs.net/tools/aiccu/
Including amd64, i386 and arm builds, based on Debian unstable, but run
perfectly fine on Ubuntu.
Debian Package can be built verbatim on Ubuntu from the tarball which is
sup
Richard Johnson wrote:
[..]
Short reply, maybe a bit less nasty:
Did you TRY the code that results from your patches?
It might compile, yes, but does it actually work? -> NO
And every person knowing how tunneling code works can tell you that by
just reading the source.
Do you understand the cha
Richard Johnson wrote:
> Jeroen,
>
> First I apologize for finger-fumbling your name. I did not know that the
> "Current" or the 2005 version was in fact wrong.
Which is why I am reporting this issue before it goes any further.
And I sincerely hope that it gets resolved in a proper manner.
Th
Richard Johnson wrote:
> Joeroen,
I know, it is a difficult name to cut&paste...
Constructive & important part below, if you don't want to read the rant
part, hit CTRL-F/the search menu/emacs-s/slash-s whatever and look for
"Constructive Part".
I hope that you understand why the tone of this me
I, as the author of AICCU am really wondering:
* Why you are using diff's for this thing, while the original source tarball
already contains perfectly working Debian packages
(which are also available on the official site:
http://www.sixxs.net/tools/aiccu/)
* Why the LICENSE file is missing,
70 matches
Mail list logo
