Re: open port

2020-02-16 Thread Francis . Montagnac
On Mon, 17 Feb 2020 09:24:54 +1100 Cameron Simpson wrote: > Just to this part: > For things to which I connect regularly I allocate extra 127.0.0.n > addresses to my local interface. This lets you bind to a specific > address without conflict. ... > Our home server does similar (on a lesser

Re: open port

2020-02-16 Thread Francis . Montagnac
Hi. On Sun, 16 Feb 2020 23:07:28 +0100 "Patrick Dupre" wrote: > Now it works. I add to install additional packages for gnome. Good. If you encounter conflicts between components of the (eventual) native gnome session and the VNC one, choose another session (ex: MATE xfce openbox ...) for VNC.

[389-users] Re: ACI limiting read to groups a user is member of

2020-02-16 Thread Grant Byers
Got it.. (userattr = "uniqueMember#USERDN") Thanks! On 17/2/20 2:02 pm, Grant Byers wrote: > On 17/2/20 1:24 pm, William Brown wrote: >>> On 17 Feb 2020, at 12:19, Grant Byers wrote: >>> >>> Hi, >>> >>> In an effort to tighten search and read permissions on our internal >>> directory server,

[389-users] Re: ACI limiting read to groups a user is member of

2020-02-16 Thread William Brown
> On 17 Feb 2020, at 14:02, Grant Byers wrote: > > On 17/2/20 1:24 pm, William Brown wrote: >> >>> On 17 Feb 2020, at 12:19, Grant Byers wrote: >>> >>> Hi, >>> >>> In an effort to tighten search and read permissions on our internal >>> directory server, we've limited accounts to read

[389-users] Re: ACI limiting read to groups a user is member of

2020-02-16 Thread Grant Byers
On 17/2/20 1:24 pm, William Brown wrote: > >> On 17 Feb 2020, at 12:19, Grant Byers wrote: >> >> Hi, >> >> In an effort to tighten search and read permissions on our internal >> directory server, we've limited accounts to read certain attributes of >> "self". They have search on the entire tree,

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Tim via users
On Sun, 2020-02-16 at 19:55 -0600, Robert G (Doc) Savage via users wrote: > There is no technical reason for AT to lock this down. I might > understand this for the VOIP and IPTV segments of the gateway. Those > probably have very complex and proprietary DHCP configurations. But > for the Internet

[389-users] Re: ACI limiting read to groups a user is member of

2020-02-16 Thread William Brown
> On 17 Feb 2020, at 12:19, Grant Byers wrote: > > Hi, > > In an effort to tighten search and read permissions on our internal > directory server, we've limited accounts to read certain attributes of > "self". They have search on the entire tree, but otherwise no read > perms. This is all

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Robert G (Doc) Savage via users
On Sun, 2020-02-16 at 19:22 -0700, Joe Zeff wrote: > On 02/16/2020 06:55 PM, Robert G (Doc) Savage via users wrote: > > U-verse does not allow the user to change the Primary DNS address > > on the > > residential gateway's DHCP configuration page. It is hard-coded to > > 192.168.1.254, which is

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Joe Zeff
On 02/16/2020 06:55 PM, Robert G (Doc) Savage via users wrote: U-verse does not allow the user to change the Primary DNS address on the residential gateway's DHCP configuration page. It is hard-coded to 192.168.1.254, which is the gateway itself. I want to change that to 192.168.1.1 which is

wine staging?

2020-02-16 Thread ToddAndMargo via users
Hi All, What is the current policy regarding Wine versus Wine Staging now that Wine Staging has been absorbed by Wine? Are we sticking with Staging? -T My favorite was Staging as they actually fixed far more bugs than regular Wine. ___ users mailing

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Robert G (Doc) Savage via users
On Sun, 2020-02-16 at 14:43 -0700, Joe Zeff wrote: > On 02/16/2020 02:39 PM, Robert G (Doc) Savage via users wrote: > > AT U-verse customers are forced to use the DNS service in their > > residential gateway, which would be fine for IPTV and VOIP > > sessions. > > How? Does the router block

Re: open port

2020-02-16 Thread Ed Greshko
On 2020-02-17 07:27, Samuel Sieb wrote: > > I've never seen someone firewall localhost, not sure if that's even possible.  > So any port that isn't open will be closed, not filtered. Yes, but I was actually referring to when he stated that... From Client: nmap -v -n -P0 -p5900-5906 euripide

Re: open port

2020-02-16 Thread Samuel Sieb
On 2/16/20 2:08 AM, Ed Greshko wrote: On 2020-02-16 17:33, Samuel Sieb wrote: On 2/16/20 1:20 AM, Patrick Dupre wrote: nmap -v -n -Pn -p5900-5906 localhost PORT STATE  SERVICE 5900/tcp closed vnc 5901/tcp open   vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown

Re: open port

2020-02-16 Thread Samuel Sieb
On 2/16/20 2:53 AM, Patrick Dupre wrote: Two ways, From euripide (the "remote", ie: the server) 1. nmap nmap -v -n -Pn -p5900-5906 euripide Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-16 11:46 CET Initiating Connect Scan at 11:46 Scanning euripide (193.52.235.60) [7 ports]

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Tom Horsley
On Mon, 17 Feb 2020 06:47:42 +0800 Ed Greshko wrote: > # nmcli con mod net-eth0 ipv4.ignore-auto-dns yes Sounds like what I want, I've just resurrected an old system and installed f31 so I can try experimenting with network manager. I'll see how it goes. Thanks.

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Ed Greshko
On 2020-02-17 03:36, Tom Horsley wrote: > I keep seeing signs that "network" will someday disappear > entirely and I'll be forced to use NetworkManager, so the > first question I haven't been able to find an answer > for: > > What is the "proper" way to setup a network connection > using nmcli

Re: open port

2020-02-16 Thread Cameron Simpson
On 16Feb2020 13:44, Patrick Dupre wrote: I also tried: ssh -f -L 5901:localhost.fr:5901 euripide sleep 10 bind [127.0.0.1]:5901: Address already in use channel_setup_fwd_listener_tcpip: cannot listen to port: 5901 Could not request local forwarding. Just to this part: For things to which I

Re: open port

2020-02-16 Thread Patrick Dupre
Thanks Francis, Now it works. I add to install additional packages for gnome. === Patrick DUPRÉ | | email: pdu...@gmx.com Laboratoire interdisciplinaire Carnot de Bourgogne 9 Avenue Alain

Re: open port

2020-02-16 Thread Ed Greshko
On 2020-02-17 02:33, francis.montag...@inria.fr wrote: > With "vncviewer SERVERNAME:1 -via localhost" you are first opening an > ssh tunnel to localhost. This is useless. Yes, it is useless. The reason it worked for me is that the intermediate F/W which I thought had the vnc ports blocked,

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Joe Zeff
On 02/16/2020 02:39 PM, Robert G (Doc) Savage via users wrote: AT U-verse customers are forced to use the DNS service in their residential gateway, which would be fine for IPTV and VOIP sessions. How? Does the router block outgoing DNS requests? ___

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread Robert G (Doc) Savage via users
I would like to know the answer to this also, but probably for a different reason. AT U-verse customers are forced to use the DNS service in their residential gateway, which would be fine for IPTV and VOIP sessions. However, if I want to install a Raspberry Pi device running Pi-Hole as my primary

Re: open port

2020-02-16 Thread Francis . Montagnac
On Sun, 16 Feb 2020 21:53:53 +0100 "Patrick Dupre" wrote: >> On Sun, 16 Feb 2020 20:57:05 +0100 "Patrick Dupre" wrote: >> You have chosen to start "vncserver ;1" instead of >> "systemctl start vncserver@:1.service" ... arguable. > It works the same. Almost yes. >> Does it work now? Do you

Re: systemd-tty-ask-password-agent?

2020-02-16 Thread stan via users
On Sun, 16 Feb 2020 13:41:06 -0500 Tom Horsley wrote: > An infection seems to be spreading in systemd. First > I saw dhcpd taking forever to shut down: > > https://bugzilla.redhat.com/show_bug.cgi?id=1768604 > > Now I just saw the exact same thing with the apache > httpd service. > > I found

Re: NetworkManager and PEERDNS=no

2020-02-16 Thread stan via users
On Sun, 16 Feb 2020 14:36:42 -0500 Tom Horsley wrote: > I keep seeing signs that "network" will someday disappear > entirely and I'll be forced to use NetworkManager, so the > first question I haven't been able to find an answer > for: > > What is the "proper" way to setup a network connection

Re: open port

2020-02-16 Thread Patrick Dupre
> > On Sun, 16 Feb 2020 20:57:05 +0100 "Patrick Dupre" wrote: > >> Kill this Xvnc process and start again vncserver@:1.service. > > > I made vncserver -kill :1 > > and > > vncserver :1 > > You have chosen to start "vncserver ;1" instead of > "systemctl start vncserver@:1.service" ... arguable.

Re: open port

2020-02-16 Thread Francis . Montagnac
On Sun, 16 Feb 2020 20:57:05 +0100 "Patrick Dupre" wrote: >> Kill this Xvnc process and start again vncserver@:1.service. > I made vncserver -kill :1 > and > vncserver :1 You have chosen to start "vncserver ;1" instead of "systemctl start vncserver@:1.service" ... arguable. You haven't also

Re: open port

2020-02-16 Thread Patrick Dupre
> > > On Sun, 16 Feb 2020 20:12:55 +0100 "Patrick Dupre" wrote: > >> vncviewer -via pdupre@euripide :1 > > > Very good, I get > ... > > > I can connect, but I just get a xclock. > > Probably due to half brojen VNC session: > > > lsof -i tcp:5901 > > COMMAND PID USER FD TYPE DEVICE

NetworkManager and PEERDNS=no

2020-02-16 Thread Tom Horsley
I keep seeing signs that "network" will someday disappear entirely and I'll be forced to use NetworkManager, so the first question I haven't been able to find an answer for: What is the "proper" way to setup a network connection using nmcli which will get an IP via DHCP, but will ignore the DHCP

Re: open port

2020-02-16 Thread Francis . Montagnac
On Sun, 16 Feb 2020 20:12:55 +0100 "Patrick Dupre" wrote: >> vncviewer -via pdupre@euripide :1 > Very good, I get ... > I can connect, but I just get a xclock. Probably due to half brojen VNC session: > lsof -i tcp:5901 > COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME > Xvnc

Re: open port

2020-02-16 Thread Patrick Dupre
> > > vncviewer euripide:1 -via localhost > > Needs direct access to port 5901 on euripide > > > works as badly as > > > vncviewer -via pdupre@euripide:1 > > You missed a space before the :1 here: It should be: > > vncviewer -via pdupre@euripide :1 Very good, I get DecodeManager: Detected 4

Re: open port

2020-02-16 Thread Patrick Dupre
> > >>> On 2020-02-16 20:44, Patrick Dupre wrote: > I followed both options: > vncviewer -via euripide > >>> Shouldn't the format of the command be something like... > >>> vncviewer SERVERNAME:1 -via localhost > >> No: the -via option of vncviewer is a short way to setup an ssh tunnel >

systemd-tty-ask-password-agent?

2020-02-16 Thread Tom Horsley
An infection seems to be spreading in systemd. First I saw dhcpd taking forever to shut down: https://bugzilla.redhat.com/show_bug.cgi?id=1768604 Now I just saw the exact same thing with the apache httpd service. I found the systemctl --no-ask-password option, so I tried it, now it no longer

Re: open port

2020-02-16 Thread Francis . Montagnac
On Sun, 16 Feb 2020 19:27:56 +0100 "Patrick Dupre" wrote: > vncviewer euripide:1 -via localhost Needs direct access to port 5901 on euripide > works as badly as > vncviewer -via pdupre@euripide:1 You missed a space before the :1 here: It should be: vncviewer -via pdupre@euripide :1 --

Re: open port

2020-02-16 Thread Francis . Montagnac
On Mon, 17 Feb 2020 01:55:01 +0800 Ed Greshko wrote: > On 2020-02-16 23:05, francis.montag...@inria.fr wrote: >> On Sun, 16 Feb 2020 20:59:19 +0800 Ed Greshko wrote: >>> On 2020-02-16 20:44, Patrick Dupre wrote: I followed both options: vncviewer -via euripide >>> Shouldn't the format

Re: open port

2020-02-16 Thread Patrick Dupre
> On 2020-02-16 23:05, francis.montag...@inria.fr wrote: > > On Sun, 16 Feb 2020 20:59:19 +0800 Ed Greshko wrote: > > > >> On 2020-02-16 20:44, Patrick Dupre wrote: > >>> I followed both options: > >>> vncviewer -via euripide > >> Shouldn't the format of the command be something like... > >>

Re: open port

2020-02-16 Thread Patrick Dupre
> > On Sun, 16 Feb 2020 17:30:08 +0100 "Patrick Dupre" wrote: > >>> I suspect that you have specified the 3022 port fo connect to euripide > >>> in your ~/.ssh/config file. > > >> We should focus on runing vncviewer from the client machine to > >> euripide (running vncserver vith

Re: open port

2020-02-16 Thread Ed Greshko
On 2020-02-16 23:05, francis.montag...@inria.fr wrote: > On Sun, 16 Feb 2020 20:59:19 +0800 Ed Greshko wrote: > >> On 2020-02-16 20:44, Patrick Dupre wrote: >>> I followed both options: >>> vncviewer -via euripide >> Shouldn't the format of the command be something like... >> vncviewer

Re: open port

2020-02-16 Thread Francis . Montagnac
On Sun, 16 Feb 2020 17:30:08 +0100 "Patrick Dupre" wrote: >>> I suspect that you have specified the 3022 port fo connect to euripide >>> in your ~/.ssh/config file. >> We should focus on runing vncviewer from the client machine to >> euripide (running vncserver vith vncserver@:1.service) > Of

Re: How to modify/add compose (multi key) shortcuts and keyboard layout with wayland?

2020-02-16 Thread stan via users
On Sun, 16 Feb 2020 14:15:28 - "Gregory Salvan" wrote: > Hi, > I've failed these last days to edit my keyboard layout and add > compose shortcuts on a fedora 30 (5.4.17-100.fc30.x86_64) with gnome > 3.32.2 on wayland. For keyboard layout when editing > /usr/share/X11/xkb files I can replace

Re: open port

2020-02-16 Thread Patrick Dupre
> > >> I suspect that you have specified the 3022 port fo connect to euripide > >> in your ~/.ssh/config file. > > > 1) > > I do have an issue with vncserver: > > I can run remmina (ssh) on 2 machines, but never vncserver > > We should focus on runing vncviewer from the client machine to >

Re: open port

2020-02-16 Thread Francis . Montagnac
On Sun, 16 Feb 2020 16:33:34 +0100 "Patrick Dupre" wrote: >>> ssh: connect to host euripide.u-bourgogne.fr port 3022: Connection refused >> I suspect that you have specified the 3022 port fo connect to euripide >> in your ~/.ssh/config file. > 1) > I do have an issue with vncserver: > I can run

Re: open port

2020-02-16 Thread Patrick Dupre
> >> vncviewer -via euripide > > > Shouldn't the format of the command be something like... > > > vncviewer SERVERNAME:1 -via localhost > > No: the -via option of vncviewer is a short way to setup an ssh tunnel > to the SERVER running Xvnc (vncserver). > > On Sun, 16 Feb 2020 13:44:43 +0100

Re: open port

2020-02-16 Thread Francis . Montagnac
On Sun, 16 Feb 2020 20:59:19 +0800 Ed Greshko wrote: > On 2020-02-16 20:44, Patrick Dupre wrote: >> I followed both options: >> vncviewer -via euripide > Shouldn't the format of the command be something like... > vncviewer SERVERNAME:1 -via localhost No: the -via option of vncviewer is a

Re: open port

2020-02-16 Thread Patrick Dupre
Hello, The bizarre thing is that I can connect with remmina (ssh), but not with vncserver. However, connecting with remmina, I get a blue screen, It looks like that it does not start a gnome session. Do I need to startx ? start a gnome daemon?

How to modify/add compose (multi key) shortcuts and keyboard layout with wayland?

2020-02-16 Thread Gregory Salvan
Hi, I've failed these last days to edit my keyboard layout and add compose shortcuts on a fedora 30 (5.4.17-100.fc30.x86_64) with gnome 3.32.2 on wayland. For keyboard layout when editing /usr/share/X11/xkb files I can replace some keys, but I would prefer do it at user level to not have my

Re: open port

2020-02-16 Thread Ed Greshko
On 2020-02-16 20:44, Patrick Dupre wrote: > Thanks. > I followed both options: > > TightVNC > vncviewer -via euripide > Shouldn't the format of the command be something like... vncviewer SERVERNAME:1 -via localhost Assuming you have sshd running on the localhost. -- The key to getting good

Re: open port

2020-02-16 Thread Patrick Dupre
Thanks. I followed both options: TightVNC vncviewer -via euripide TigerVNC Viewer 64-bit v1.10.1 Built on: 2020-01-13 09:16 Copyright (C) 1999-2019 TigerVNC Team and many others (see README.rst) See https://www.tigervnc.org for information on TigerVNC. ssh: connect to host

Re: open port

2020-02-16 Thread Ed Greshko
On 2020-02-16 20:04, Patrick Dupre wrote: >> On 2020-02-16 19:12, Patrick Dupre wrote: >>> Yes, there is probably it another device/firewall between the client and >>> server. >>> But the ssh works fine >> Well, sure. >> >> But ssh is on port 22.  If that port is open/configured but not the port

Re: open port

2020-02-16 Thread Patrick Dupre
I tried: ssh -L 5900:localhost:5900 -N -f -l pdupre euripide (and ssh -L 5901:localhost:5901 -N -f -l pdupre euripide) It works, and then vncviewer -via pdupre@euripide (A passwd is required) I try to connect (again a passwd is required). but again: Sun Feb 16 13:08:08 2020 DecodeManager:

Re: fc31: howto play music on remote headless

2020-02-16 Thread sean darcy
On 2/15/20 8:01 AM, Ed Greshko wrote: On 2020-02-14 10:54, sean darcy wrote: I've got an old laptop on fc31. I'd like to ssh in and stream music that plays on the remote. I can ssh in to the remote and bring up firefox, but it tries to play music on the ssh client, not the remote. Any

Re: open port

2020-02-16 Thread Patrick Dupre
> > On 2020-02-16 19:12, Patrick Dupre wrote: > > Yes, there is probably it another device/firewall between the client and > > server. > > But the ssh works fine > > Well, sure. > > But ssh is on port 22.  If that port is open/configured but not the port > needed for VNC you won't be > able to

Re: open port

2020-02-16 Thread Ed Greshko
On 2020-02-16 19:12, Patrick Dupre wrote: > Yes, there is probably it another device/firewall between the client and > server. > But the ssh works fine Well, sure. But ssh is on port 22.  If that port is open/configured but not the port needed for VNC you won't be able to connect. However,

Re: open port

2020-02-16 Thread Patrick Dupre
Yes, there is probably it another device/firewall between the client and server. But the ssh works fine > Sent: Sunday, February 16, 2020 at 11:08 AM > From: "Ed Greshko" > To: users@lists.fedoraproject.org > Subject: Re: open port > > On 2020-02-16 17:33, Samuel Sieb wrote: > > On 2/16/20 1:20

Re: open port

2020-02-16 Thread Patrick Dupre
> ... > > > Now you have it running, so the next step is to figure out how to ask > > firewalld to allow connections to that port. > > I would first verify that Xvnc is not only listening on localhost. > > Two ways, From euripide (the "remote", ie: the server) > > 1. nmap > >nmap -v -n

Re: Fedora 31 Selinux MLS problems and errors

2020-02-16 Thread Ed Greshko
On 2020-02-16 17:50, Cătălin George Feștilă wrote: > I try to use the Selinux MLS with Fedora 31, > After relabel the files and start the environment I get multiple errors... FWIW, I would suggest posting this question to the seli...@lists.fedoraproject.org list. I have found the most

Re: open port

2020-02-16 Thread Ed Greshko
On 2020-02-16 17:33, Samuel Sieb wrote: > On 2/16/20 1:20 AM, Patrick Dupre wrote: >> nmap -v -n -Pn -p5900-5906 localhost >> PORT STATE  SERVICE >> 5900/tcp closed vnc >> 5901/tcp open   vnc-1 >> 5902/tcp closed vnc-2 >> 5903/tcp closed vnc-3 >> 5904/tcp closed unknown >> 5905/tcp closed

Re: open port

2020-02-16 Thread Francis . Montagnac
Hi On Sun, 16 Feb 2020 01:33:56 -0800 Samuel Sieb wrote: > On 2/16/20 1:20 AM, Patrick Dupre wrote: >> nmap -v -n -Pn -p5900-5906 localhost >> PORT STATE SERVICE >> 5900/tcp closed vnc >> 5901/tcp open vnc-1 ... > Now you have it running, so the next step is to figure out how to ask >

Fedora 31 Selinux MLS problems and errors

2020-02-16 Thread Cătălin George Feștilă
I try to use the Selinux MLS with Fedora 31, After relabel the files and start the environment I get multiple errors... This is one example of the MLS issue. SELinux is preventing su from open access on the file /var/log/lastlog. * Plugin catchall (100. confidence) suggests

Re: open port

2020-02-16 Thread Samuel Sieb
On 2/16/20 1:20 AM, Patrick Dupre wrote: nmap -v -n -Pn -p5900-5906 localhost PORT STATE SERVICE 5900/tcp closed vnc 5901/tcp open vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5905/tcp closed unknown 5906/tcp closed unknown Now you have it running, so the

Re: open port

2020-02-16 Thread Patrick Dupre
I am a bit confuse. I tried to follow https://docs.fedoraproject.org/en-US/Fedora/21/html/System_Administrators_Guide/ch-TigerVNC.html On the remote I set: I edited /etc/systemd/system/vncserver@.service ExecStart=/usr/bin/vncserver_wrapper pdupre %i run systemctl start vncserver@:1.service in