Re: Brief question as to the Linux kernel in use in the Stable version of Etch
On Sunday 27 January 2008 00:48, dick thompson wrote: > I have looked all through the info and the best I can find is that Etch > uses version 2.6.18 of the Linux kernel. Since the stable version was > put out there in the early part of Jan 2008, that seems like a very old > version to be releasing. Am I right that this is the version in use? > If so that does not support my ethernet connection and I will have to > look elsewhere for a Linux to use. > > My ethernet adapter is an ATTANSIC Gigabyte L1 (also released since the > takeover of ATTANSIC by ATHEROS as the ATHEROS Gigabyte L1. It may be possible to find driver code that you can compile and insert into your server. I recently did this for an Attansic 10/100 L2 adapter that came built in to the motherboard of some new machines that I wanted to keep at "stable". The driver code was on the CD of software that came with the mobo, and worked fine -- in this case it was the "atl2" driver. A quick google reveals a link to a "vendor" version of your driver at <http://atl1.sourceforge.net/>, first link under the heading "Vendor version". I'm not linking to the thing itself, because there's lots of other good info on that SourceForge page that might help you. Another alternative, if you want to stay with a stock kernel, is to put a different NIC in the box. NICs are cheap, and there are lots of gigabit ethernet cards that have had Linux support in the default kernel for years. Or, as others have suggested, you can try Debian testing/"lenny", or upgrade the kernel only. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to send mails with attachments for each file in a directory ?
On Tuesday 29 January 2008 12:01, Jabka Atu wrote:
> Good day,..
>
>
> since i can't send find a fast way to send many pictures to Gmail /
> ISP mail (Quata limit for single mail).
>
> I thought it will be fun to do it in one line :
>
> find *.jpg -exec uuencode '{}' '{}' | mail [EMAIL PROTECTED] \;
>
> but this won't work since :
>
>
> find: missing argument to `-exec'
I think you're using "find" wrong. On my (debian "stable") system,
in a randomly selected directory, I get:
> # find *.jpg
> find: *.jpg: No such file or directory
... versus
> # find . -name "*.jpg"
> [big list of files]
Try that.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: OT:weird problem downloading big files
On Thursday 31 January 2008 21:51, Sergio Belkin wrote: > Hi, > > I've stuck with a weird problem... > > I can't download "big" files, I mean, I can't download well DVD iso files, > for example, if I try download any file of > http://linux.cucea.udg.mx/geeklog/staticpages/index.php?page=20080123170324 >195 I get something so: > [snip] This is probably a long shot, but a long time ago, some routers or cable modems that did Network Address Translation had a problem with packet fragmentation. The issue was that the NAT business would add a few bytes to the packets, and if they were already up against the MTU limit for the connection, they'd go over, and get fragmented, but the cable modem wouldn't recognize the packet fragments, so the connection would just hang, and this was common for big file transfers. This is my rather hazy memory of the problem, of course. The solution was to reset the MTU of the network interface to be smaller than the default 1500. Doing something like "ifconfig mtu 1492" would fix it. I haven't heard of anyone having this problem for many years, but it's possible there's a jumbo-frame analog of it that's gotten you. In any case, it's pretty easy to lower the mtu and give it a try. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Udev Installation Question
On Saturday 02 February 2008 14:00, David Baron wrote:
> What happens to the original contents of /dev?
>
> 1. Still there--the tmpfs simply mounts over them (kind of wasteful since a
> statis /dev had zillions of unused nodes).
>
> 2. Deleted. Want to go back ... well there is a make-devfs script somewhere
> to create all the zillions of nodes that Knoppix uses.
>
> 3. Tarred, feathered and stashed somewhere I had read that this does occur.
> Where?
3. Specifically, remounted on /dev/.static/dev.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: php and apache?
On Tuesday 19 February 2008 06:55, Zach wrote:
> Hello,
>
> I am trying to open some PHP test scripts but my webserver (running on
> localnet) prompts me to download them when I try to load one in
> apache. Here are the packages I have installed:
[snip]
Anything suspicious looking in your logs?
I had a weird Apache/PHP problem a while ago where the same
php module was loaded twice, once by the apache config file, and
then again in a "php.conf" file that was referred-to by the main
config file. This resulted in symptoms similar to yours, and the
Big Clue was that the logs complained about symbols being already
defined.
I'm afraid I don't recall the details very clearly. Check
the logs.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ASUS P5GC-MX mother board - Attensic network card
On Wednesday 20 February 2008 22:53, L.V.Gandhi wrote: > I have bought ASUS P5GC-MX mother board which has inbuilt Attensic > network card. During installation of debian etch, card was not > detected. Hence installed with out network only minimal system(with > only last option in software selection). I have googled. But I didn't > get anywhere near solution. I have only stock kernel of etch. Check the CD that came with the motherboard -- I recently installed etch on some P5GC-MX/1333 machines (which is *not* exactly the same mobo, I learned that...) and there's a "linux" directory on the CD with source for an atl2 module that works with the Debian "etch" 2.6.18 kernel. Of course, you'll need to get the linux-headers package and a compiler on to the system first, I'm not sure if they're in the Debian netinst CD or not. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ASUS P5GC-MX mother board - Attensic network card
On Thursday 21 February 2008 21:05, L.V.Gandhi wrote: > On Fri, Feb 22, 2008 at 6:25 AM, Sridhar M.A. <[EMAIL PROTECTED]> wrote: > >> and there's a "linux" directory > >> on the CD with source for an atl2 module that works with the > >> Debian "etch" 2.6.18 kernel. > > > > I am also using an ASUS board with Attansic network card. Kernel 2.6.18 > > does not support this card. Why not install 2.6.2[234] on your machine? > > One of them might even be available from backports? > > > > Regards, > > > > -- > > Sridhar M.A. GPG KeyID : F6A35935 > > Fingerprint: D172 22C4 7CDC D9CD 62B5 55C1 2A69 D5D8 F6A3 5935 > > Dear Sridhar, > Thanks for the response. I tried compiling with downloaded source for > atl2 after installing build-essential. I get msg linux kernel source > not found stop. Hi L.V. -- Sridhar's proposed solution and mine are different. Sridhar is suggesting installing a 2.6.2[234] kernel, which will include support for the Attansic network card, and not require you to compile the driver separately. My suggestion was to find the driver source and compile it against the 2.6.18 headers, allowing you to run a mostly-stock "etch" kernel. If you're getting "source not found", it may be that the soft-link in /lib/modules/2.6.18-/header or .../source is still missing. This can happen if you install the linux-headers package *after* the kernel, since that link is put in by the linux-image package. A possible solution to the link problem is to run dpkg-reconfigure on the linux-image package, which will notice the headers, and restore the link. Alternatively, you can just put the link in manually. You should consider the 2.6.2[234] idea seriously, it's probably easier, depending on the nature of the constraint that holds you to 2.6.18. Your call, obviously. -- A. constraint that -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Loading modules during startup
On Sunday 24 February 2008 09:13, L.V.Gandhi wrote: > I have put atl2 in /etc/modules and but after booting I see this in > messages. localhost:~# cat /var/log/messages |grep atl2 > Feb 21 12:16:11 localhost kernel: atl2: disagrees about version of > symbol struct_module > Feb 24 18:48:22 localhost kernel: atl2: disagrees about version of > symbol struct_module > Feb 24 18:52:37 localhost kernel: atl2: disagrees about version of > symbol struct_module > > But when I load manually as > insmod /lib/modules/2.6.18/kernel/drivers/net/atl2/atl2.ko > I get everythink OK and I could use /etc/init.d/networking restart to > start internet connection. > I also checked for anyother modules in /lib/modules using find. result is > localhost:/lib/modules# find . -name atl2.* > ./2.6.18/kernel/drivers/net/atl2/atl2.ko > Any reason why it happens. > What should I do to boot module during boot? Is /lib/modules/2.6.18/... the correct path? The reason I ask is that a truly "stock" Debian "etch" should be using the path /lib/modules/2.6.18-6-/, and if you built the atl2 module against the kernel sources, that's probably where it put it. On my system which had a similar problem, I didn't have to put it in /etc/modules, it was correctly detected and loaded at boot-time. Have you tried that? As a hack-ish workround, if nothing else works, you could always stick a "modprobe atl2" in /etc/init.d/networking. This is slightly dangerous, it might get removed by subsequent package updates, but it would work. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: /media and /mnt ownership and permissions
On Saturday 08 March 2008 21:35, Haines Brown wrote: > Be default on my system, both are owned by root/root, and since that got > in my way when I was in a hurry, I simply changed their ownership to > owner/owner. I know this isn't proper. My setting up a sidux on X61s > Thinkpad is an opportunity for me to start out the right way. > > My inclination would ge to assign these directories to a group and make > user a member of that group. But no default group name seems to fit right, > which makes me suspect this might not be the proper way after all. > > When I plug in a usb-stick, it is assigned the interface sdb, which on > sidux is owned by root/floppy. Should /media be owned by root/floppy? > How about /mnt? I don't know any "official" answer, but what I do is have /media and /mnt owned by root:root, but with open permissions. Then you can control the access and ownership of the mounted media through the mount mechanism or /etc/fstab. For FAT32 filesystems (like the USB stick), mount them with the appropriate username and groupname options, so that only that user can meddle with them. For Linux filesystems, you just have to hope that the numeric uids and gids of the files on the device are meaningful on your system, but in my experience, remote media are usually either iso9660 for FAT32, so practically speaking, this isn't an issue. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
OpenMP-aware compiler for etch?
Hi all --
I'm looking for a C/C++ compiler with OpenMP support
for Debian "etch". Ideally, I'd like a back-port of
gcc-4.2, but there doesn't seem to be an official one --
does anyone know of an unofficial one?
Are there other compilers that can do it? I'm aware
of the commercial Portland Group compilers, and also
the Intel C compiler -- these are options, but a FOSS
implementation would be best.
Security policy requirements prevent me, for the moment,
from just upgrading to "lenny".
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Palm TX Handheld and Debian
On Monday 17 March 2008 07:55, Thierry Chatelet wrote:
> Hi,
> I want to buy a Palm TX. Has anyone experience on running Debian on it?
> Thank you
I have one of these, and I successfully back it up on a Debian
"etch" system. I was never able to get the USB syncing to work
properly, but I'm able to do it over the wireless with
pilot-xfer using the "net:any" address.
However, I have never actually run Debian *on* my Palm TX, which
is what your question sounds like it might mean.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: problems booting
On Sunday 23 March 2008 01:57, Freddy Freeloader wrote:
> I assume I'm running into problems with udev not naming
> the devices consistently but am not quite sure of my diagnosis or how to
> fix it if that is the problem.
I don't think udev rules will fix it, since the udev rules
are on the root filesystem that it's not finding.
I recommend using volume management, so that the root
filesystem ends up on /dev/mapper/vg0-root or something
similar -- this all gets set up in the initramfs, and
elegantly avoids device-naming issues.
Alternatively, you can mount the filesystems by label
or by UUID.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Starting NTP server: ntpd/usr/sbin/ntpd: invalid option -- p
On Monday 16 June 2008 22:08, David Christensen wrote: > Andrew Reid wrote: > > I'm afraid I'm not much of an expert on openntp. My first guess is > > that, as the system runs, the clock should sync up on its own, if > > ntpd is seeing valid servers and working properly. > > If it were a 24x7 box, then yes. But, it's a virtual machine that I fire > up, hack around, and then shut it down. In that case, perhaps what you want is ntpdate, after all. It works by putting a hook in /etc/network/if-up.d, so that the time gets set automatically when the network comes up. You can set the server list in /etc/default/ntpdate. Note that the Debianized ntpdate is a bit different from the "upstream", in particular in that the Debianized one is the one that's run by the if-up.d hook, and it uses the /etc/default/ntpdate file to find servers, whereas the "vanilla" one doesn't do either of these things. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: NOT ABLE TO INSTALL DEBIAN 4.0r3
On Saturday 21 June 2008 10:50, Praseen Preman wrote: > Hi guys, >I am an ardent fan of Debian after I saw it running on one > of my friends machines. I have been trying to install it for a few > months but without success . I am a newbie as far as Debian is > concerned. I have worked on Fedora Linux but it seems Debian is harder > to tame hence all the more fun. Here are the tech details. > > My Machine configuration is given below > > Intel Pentium Dual Core CPU 2.80 GHz > 256 MB RAM > Seagate 40GB hard disk > Intel original Chipset motherboard > NVIDIA GeForce 6200 TurboCache(TM) > ST380211AS SATA hard disk (seagate) > SAMSUNG 52X CD RW+DVD drive > > I wrote 3 CD iso images of the Debian 4.0r3 into 3 CDs and tried to > install on my system, > the following are the system logs. > > ata1: SATA link up 1.5Gbps (Status 113 Scontrol) > ata1.00:qc timeout (cmd 0xef) > ata1.00:failed to set xfermode (err_mask=0x4) > hdb:SAMSUNG CDRW/DVD SM-352F,ATAPI CD/DVD-ROM DRIVE > ide0 at 0x1f0-0x1f7,0x3f6 on irq14 > hdb:lost interrupt > hdb:ATAPI 52 X DVD-ROM Looks like the kernel can't see the hard drives. I had a similar issue with a DG33BU motherboard, the G33 chipset apparently has some new bells and whistles. My workaround was to go into the BIOS and set the hard-drive access mode to "ide" (might be called "legacy"), and then boot with the "pci=nommconf" kernel option. This isn't really a Debian-specific problem, it's due to the devices being newer than the kernel support. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [OT] GMail troubles [Was: Re: du-guidelines - point 7]
On Friday 18 July 2008 13:47, Andrei Popescu wrote: > On Sat,19.Jul.08, 00:43:13, Chris Bannister wrote: > > > I receive most of my emails through my ISPs POP server (ex. all list > > > traffic), but I can't use their SMTP server to relay as they don't > > > allow a different From, not even after authentication. > > > > I think you may be confusing "relay" with "open relay". > > I have no problem to identify myself as a paying user to their services > (they do use SMTP AUTH). But afterwards they just plainly end the > session if the From does not have the address they supply. > > Call it whatever you like, but they are still denying functionality to > paying users (which used to work before). I think this is a fairly common anti-spam measure -- I know that it's the official policy of Verizon for residential accounts. It might be possible to get a "business internet" account, for more money of course, which allows you to relay your own domain's e-mail through your ISP's servers. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Dual Core processor ?
On Friday 25 July 2008 11:07, Account for Debian group mail wrote: > Hello, > > I'm in the process of replacing one of our mail servers with a new > machine. Is Debian stable enough on the Intel or AMD dual core 64 bit > processors for a mail server? > > This machine will get heavy use and runs hard for 24 hrs a day. > > Any suggestion for something fast but very stable? I run a few multi-terrabyte file servers and a couple of application servers with two dual-core 64-bit chips per box, and it's been rock-solid running "etch", with a few minor caveats: - Watch the hardware -- "etch" is getting kind of old. I've had smooth sailing with Tyan motherboards, but of course my experience is anecdotal. "Server class" motherboards tend to be pretty conservative and have better standards compliance than "consumer class" motherboards, but you should still be careful. - For certain nVidia chipsets in combination with large XFS file systems, you need to boot with "iommu=soft" in order to avoid (infrequent) random filesystem errors. See the Debian "etch" release notes for details. The server world seems to me to be Linux in general and Debian in particular's strong suit. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Dual Core processor ?
On Saturday 26 July 2008 07:41, Ron Johnson wrote: > On 07/25/08 20:21, Andrew Reid wrote: > [snip] > > > - For certain nVidia chipsets in combination with large XFS > > file systems, you need to boot with "iommu=soft" in order > > to avoid (infrequent) random filesystem errors. See the > > Debian "etch" release notes for details. > > I don't see this mentioned in the i386 notes. Does it only affect > AMD64? And, specifically, AMD chips? > http://www.mail-archive.com/[EMAIL PROTECTED]/msg97076.html That's the one -- you're right that it's apparently only a 64-bit problem, I hadn't appreciated that, since all my servers are 64-bit at this point. I found it here: http://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#s-nvidia-iommu ... and it's the same one. > Also, has it been fixed in later kernels? The bugzilla page for kernel bug http://bugzilla.kernel.org/show_bug.cgi?id=7768";>#7768 says it's closed and resolved by code_fix, so apparently has been fixed, although one would have to dig deeper to say in which version the fix first appeared. > Lastly, what, in this instance, is "large"? I was having this problem intermittently with a cron-triggered rsync backup on a 4.2TB software RAID6 array hosting an xfs filesystem that was 80% full. The problem seemed to appear around the time the filesystem crossed the 80% threshold, so "large" might mean 3.2 TB or so. Booting with "iommu=soft" made the problem go away, with no evident loss of server performance. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: NFS is working again, but problem not solved.
On Sunday 03 August 2008 13:36, Hendrik Boom wrote:
> While mfs mounting wasn't working, our LAN was disconnected from the wider
> internet. Although all the machines in question could talk to each
> other, the DSL link to the rest of the world was down because of ISP
> failure. Now it's up again, and NFS mounting works fine again.
>
> So why does nfs need access to the wider internet?
Does something in your exports file depend on a network
service? NIS/LDAP database for host groups, name resolution
for allowed hosts, or for the NIS/LDAP host?
Just guessing.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: NFS is working again, but problem not solved.
On Sunday 03 August 2008 22:13, Andrew Reid wrote: > On Sunday 03 August 2008 13:36, Hendrik Boom wrote: > > While mfs mounting wasn't working, our LAN was disconnected from the > > wider internet. Although all the machines in question could talk to each > > other, the DSL link to the rest of the world was down because of ISP > > failure. Now it's up again, and NFS mounting works fine again. > > > > So why does nfs need access to the wider internet? > > Does something in your exports file depend on a network > service? NIS/LDAP database for host groups, name resolution > for allowed hosts, or for the NIS/LDAP host? Replying to myself here, I see that you already mentioned /etc/exports uses IP numbers, so my guess has already been eliminated. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CUPS problem
On Friday 15 August 2008 05:16, Alexander Petrov wrote:
> Hi everyone,I have Debian Etch 2.6.18-i686 on AMDSempron 3000+. I want to
> install my HP DeskJet 920C on it. I downloaded the recomended driver
> HP_deskjet_920C_hpijs.ppd from linuxprinting.org and installed it through
> CUPS installation. The printer appeared it the Gnome panel. When I tried to
> print nothing happened. The print jobs were in 'stopped' state. Any help
> would be appreciated.
Check the logs, cups is reasonably good about being informative
there. You can check them from the browser-client thing,
in which case you want "error logs", or just look in /var/log
for something plausible.
Sometimes ppd files depend on other things being installed --
I recently ran into this with a third-party ppd file for a Dell
printer that needed the "foomatic" driver package in order to
work.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Intel SATA RAID 82801IR/IO on debian etch'n half
On Friday 15 August 2008 15:52, Ivan Hernandez wrote:
> Hello. I'm installing debian on a server with a Intel Corporation SATA RAID
> called 82801IR/IO (ICH9R/DO) SATA RAID Controller that is shown on the
> Debian DeviceDatabase as managed by the ahci kernel module.
> The problem is that the installer sees the Two separate disks instead of
> the single RAID disk of the controller.
>
> Some ideas on how to make Debian installer see this SATA RAID Controller
> as One disk instead of the Two disks separated?
Check the BIOS, the controller may have several modes, including
a "looks like disks" mode if you want to do software RAID (or no RAID
at all).
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Automated downloads for duplicate laptops
On Friday 15 August 2008 21:12, ZephyrQ wrote:
> I'm trying to set up five (5) laptops for classroom use with limited
> menu options and specific programs that I use in my special ed
> classroom. I have numerous packages that I would like to automate the
> downloads (instead of picking and clicking), to the tune of about 850M
> worth.
>
> Any way to do this quicker/easier than pointing and clicking for every
> computer?
Set up one machine the way you like, and do
# dpkg --get-selections > selections.dat
Then do a basic set-up on each other machine, enough so they'll
boot and you can transfer the package selections file, and so they
can see the same source of packages. On each of the subsequent
machines, do:
# dpkg --clear-selections
# dpkg --set-selections < selections.dat
# apt-get dselect-upgrade
Then all machines will have the same package state.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: StartUp
On Wednesday 20 August 2008 05:17, Pol Hallen wrote:
> > This may sound pretty out of place but can anyone list ways on how
> > to make a program execute on startup?
>
> U can either add the program in /etc/init.d/ and link it in your favorite
> runlevel or add the program in your desktop manager config (if u using kde
> add the program in /home/user/.kde/Autostart)
If you go the /etc/init.d route, you should be aware that
/etc/rc.local exists for just this purpose -- for machine-specific
goodies, not part of the distro, that you want to start at
boot-time.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: External IP
On Tuesday 22 April 2008 19:39, Daniel Ngu wrote:
> Hi,
>
> How do I find out what's the dynamic IP I get when connected
> to my ISP? I'm not broadband BTW.
I use "www.whatsmyip.org", I have NAT at home, and the
"far side" of my DSL modem is a private class-A address
(10.0.something.something), so it's useful to have a utility
that cuts through the crap.
Of course, it does require that you have a working
web browser. If you (or I) were clever, we'd probably
do some tricky tracert thing.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: virtual text consoles gone
On Wednesday 23 April 2008 11:25, Hendrik Boom wrote: > > I have been upgrading. Could it be that three revisions of kernels have > passed me by unnoticed without a reboot? (I check /boot). Nope. Better > investigate why I'm not getting the upgrades. If you have both linux-image-2.6- and linux-image-2.6.18-- on your machine, then the usual "apt-get update; apt-get upgrade" won't do the kernel upgrade, it will instead "hold" the linux-image-2.6- package, because of the dependency coupling -- linux-image-2.6.18-- is a dependency of linux-image-2.6-. This is a very handy feature for those of us with custom modules in the kernel, it allows us to do the regular apt-get two-step without blitzing the kernel, so we can defer the kernel upgrade until after we've re-read the module installation instructions. To do the upgrade, you can explicitly "install" the latest version, or do "apt-get dist-upgrade", which takes a more aggressive approach to dependencies. I have no idea how aptitude handles this. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: subscription
On Thursday 24 April 2008 20:10, Rafael Fontenelle wrote:
> [EMAIL PROTECTED] also asked me to unsubscribe him from the list. When I
> replied to him informing that I was not the administrator, I received an
> email from his antispam or something like that asking me to click in a link
> to confirm that I'm not a robot. Of course I ignored this confirmation
> email.
>
> For me is pretty obvious that or he is fooling around with this list or he
> is not exactly human being.
I also got an unsubscribe request from the "rsiegel" address,
two days ago (Tuesday the 22nd).
I replied off-list with an explanation of how to unsubscribe, echoing the
unsubscribe instructions in the body of the message, on the assumption
that his mailer was cutting them off.
> Admin, could you ban him?
Seconded, if the behavior persists. Possibly the first line of
action is to manually unsubscribe him, and not resort to banning
until/unless he comes back and misbehaves again.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Howto mount a Debian disk (LVM, dm-crypt)?
On Friday 25 April 2008 20:27, Hans Martin wrote: > Hi, > > I installed an etch system the usual d-i way (using the complete disk, > one partition, LVM, dm-crypted), but now I have to mount this disk on > the same computer which now has a new (bigger) disk. I have an IDE/USB > adaptor for this, but of course the easy way (mount /dev/sda1 /mnt or > similar) does not work. > > Interestingly, when I connect the disk to my computer, I get a > filemanager window which shows me the initrds and kernels and I get a > passphrase prompt (is it gnome-mount?). I enter my passphrase, but > only the init stuff is mounted, not the crypted part of the disk. > > Many thanks in expectation! You can manually start up the encrypted virtual device using "cryptsetup luksOpen ", where is the base device, /dev/sd, and is the virtual device you want to create. Once the decrypted device is set up, you can then do "mount /dev/mapper/ ", where is the same name as the foregoing command, and is the mount point where you want to put it. It's also possible that, after the luksOpen step, the file manager will pop up with the new device, I'm not sure. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Howto mount a Debian disk (LVM, dm-crypt)?
On Saturday 26 April 2008 05:11, Hans Martin wrote: > > Once the decrypted device is set up, you can then do > > "mount /dev/mapper/ ", where is the same > > name as the foregoing command, and is the mount point > > where you want to put it. > > Thanks for the hint, but it does not work. > > [snippage] > How can I rename my VG? (vgchange warns about "Duplicate > VG name - and segfaults.) > > When I get my VG activated, mounting should be easy, but > now I'm lost. It turns out that there's a "vgrename" in the lvm2 package for Debian "etch" (and others, no doubt). The man page says the syntax is just "vgrename ". I've never done this, but that looks like your answer. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: External IP
On Saturday 26 April 2008 20:58, L.V.Gandhi wrote:
>
> To which package links2 belongs. How to find out for any command?
Debian has an awesome search utility at
<http://www.debian.org/distrib/packages>. At the bottom of the
page, there's a "Search the contents of packages" tool, which will
tell you what package a given file comes from.
Alternatively, if you have the Debian-installed Konqueror,
you can use "deb:" to find packages (but not
files in packages).
You can also also use the shortcut
"http://packages.debian.org/file:" to find packages
containing files that end with .
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Network FUBAR
On Tuesday 29 April 2008 19:54, Daniel D Jones wrote:
[ Much snippage ]
> Anyone have any ideas before I wipe the hard drive and start from scratch?
Two possibilities:
One: Device name. Maybe the interface isn't "eth0" anymore,
because of the hardware change. This seems improbable to me,
because you said the interface was up and in the routing table.
I *have* seen a system come up with only one network card,
and with it being named "eth1", don't know what causes that.
Two: MAC addresses. These will have changed with the
hardware. Does your network have a MAC whitelist or filter
somewhere? Is there a local config file that depends on the
MAC address being right, e.g. to assign device names to
interfaces? Does your firewall do MAC filtering?
That's all I can think of.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: X gets killed immediately after successful graphical logon
On Wednesday 14 May 2008 07:47, Uwe Dippel wrote: > I can't get into any of my sessions, whatever I do. > > The machine starts up and shows kdm, as it has been doing for some years. > Only, whenever I logon, as any user, or any session (kde, gnome, > xfce), it starts, then some scrambling of the screen, and back I am at > login applet. > The only one that works is Failsafe. > Therefore, it can't be a problem of a wrong password; it rather looks > like any X session started after the successful logon must have some > setting that kills X. > Unfortunately, the Xorg.log does not show anything extraordinary. > > I wonder how to debug this further ...? If you are logging in successfully, then error messages are being sent to the ".xsession-errors" file in your home directory -- check there for more clues. Also, the default start-up runs the ".xsession" file in your home directory, if it exists and has appropriate permissions. Try removing/renaming that. -- A. > Please, Cc: to me in case of answers; due to the traffic on this list Gotcha, although I nearly missed this. -- A, again. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: X gets killed immediately after successful graphical logon
On Wednesday 14 May 2008 22:46, Uwe Dippel wrote: > On Thu, May 15, 2008 at 9:36 AM, Andrew Reid <[EMAIL PROTECTED]> wrote: > >> I wonder how to debug this further ...? > > > > If you are logging in successfully, then error messages are > > being sent to the ".xsession-errors" file in your home directory -- > > check there for more clues. > > It is empty: > > % ls -ltra > [...] > -rw--- 1 udippel udippel0 2008-05-15 10:39 .xsession-errors > -rw--- 1 udippel udippel 245 2008-05-15 10:39 .Xauthority > > > Also, the default start-up runs the ".xsession" file in your > > home directory, if it exists and has appropriate permissions. > > Try removing/renaming that. > > No change, I deleted it. It contained: > > exec esd & > exec /usr/bin/startxfce4 If a new user has the same problem, then it's probably a fault in the system. It's after log-in, but the errors don't show up in .xsession-errors. This means it's in a very narrow window, probably one or more of the start-up scripts in /etc/kde3/kdm. I forget which of Xstartup or Xsession is run as the user, but it's probably one of those two. They're shell scripts, so one thing to try is to put "set -x" in both of them, so they'll echo their output, and watch what happens. It's also possible that it's somehow running the startup scripts in /etc/X11/Xsession.d, and not writing errors to .xsession-error, so you might double-check those, but I think that's unlikely. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
CRLF (was Re: text file from Linux to windows.)
On Thursday 29 May 2008 21:28, Miles Fidelman wrote: > Ron Johnson wrote: > > Since 90% of all computers are DOS/Windows, and got that method from > > CP/M, which did it that way back in 1976/77, your "gratuitously > > different" comment is absurdly wrong. > > Actually, it dates back further than that, to ASR33 teletype machines, > where you needed to issue separate carriage return and line feed > characters to end a line - to i) physically return the carriage to the > beginning of the line, and ii) feed a line of paper (turn the platten). > (Anybody else out there old enough to remember when ASR33s where THE > standard i/o device? :-) I don't recall it being THE standard, but I recall that numerous research Unix servers used to have DECwriter consoles as late as the mid-1980s. These had one small advantage over modern consoles, namely, they were pretty loud. Sysadmins could use this to simulate psychic powers -- when the server wrote an error message to its console, you could hear it, subtly but distinctly, from several rooms away. You could then announce to your less-attentive colleagues, "there's a server problem," and they'd never figure out how you knew. Not that I ever did that. Purely hypothetical, you understand. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Civil engineering software
On Sunday 01 June 2008 09:52, Shams Fantar wrote:
> Hi,
>
> I'm looking for civil engineering sofwares. Do you know a software for
> the calculs of forces, the stability of forces, etc. ?
Not sure if this meets the bill, but I can't resist the
opportunity to plug open-source scientific software --
there is a free finite-element package available from
the US government's standards lab, NIST.
It's called Object-Oriented Finite-elements, or OOF.
It's primarily intended to model the behavior of
systems with fairly complex geometries, for a materials-science
audience, but it's a pretty general FE system.
So far only 2D, and only rudimentary nonlinear analysis,
but perhaps worth a look for you.
<http://www.ctcms.nist.gov/oof>
Disclaimer: I am one of the principal developers of this
software, and that web server has been the topic of posts
on this very list.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: .xsession-errors
On Thursday 05 June 2008 13:05, Manon Metten wrote:
> Hi,
>
> Today I noticed this '.xsession-errors' file in my home dir. It's
> telling me following:
[ Errors elided]
The .xsession-errors file is written as part of the normal
start-up sequence, so its mere presence is not automatically
a problem.
My experience is that X errors are notoriously hard to
diagnose, so unless you're seeing some pathology independently
of the error report, I'd ignore them.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mounting an smbfs as non superuser
On Thursday 05 June 2008 00:20, Tony Heal wrote: > I am trying to mount an smbfs as the backup user and something is not > right. I can run this as root and it works fine > > > > mount -t smbfs -o owner=backup -o lfs -o > username=administrator,password=XX //192.168.2.200/drobo /media/drobo/ > > > > yet when I mount it that way the backup user has no permissions. If I try > and mount it as the backup user I get a message stating only root can do > that. > > > > mount: only root can do that > > > > Anyone know how I can mount this so that the backup user can write to it I use smbmount for that. It's apt-gettable, and has a config file where you can configure defaults so that the actual command you have to issue is shorter. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Debian "etch" hardware compability list?
Hi all -- I regularly buy new machines for a computing cluster we run, which we try very hard to keep both homogeneous and stable. It's running Debian "etch" amd64 these days. Lately, I've been having trouble with some of the newer commodity mobos that have come with the new nodes. I got some Intel DG33BU boards, which initially didn't recognize their hard drives, but when booted with "pci=nommconf", eventually did, but then needed a custom e1000 driver for the on-board ethernet device. I also got some Asus P5GC-MX/1333 boards, and they needed a custom ethernet driver also, for which, fortunately, source code was on the provided CD. I also had some trouble with a one-off Asus P5VD2-VM SE board, that needed a custom sata_via module before it could see the hard drives. That one ended up not going in the cluster after all. But anyways, it seems to me that the bad old days of the mid-90s, when "know your hardware" was the mantra and the LHCL was the bible, are sort of coming back again. Ideally, what I'd like is a list of motherboards for which all on-board devices are known to work with the 2.6.18 kernel, but I'd settle for a list of chipsets, or even a list of SATA controllers and ethernet devices. I've googled around, but I haven't found a nice, compact source of all the info I want. Is there such a thing? -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian "etch" hardware compability list?
On Thursday 12 June 2008 21:19, Douglas A. Tutty wrote: > On Tue, Jun 10, 2008 at 06:34:36PM -0400, Andrew Reid wrote: > > I've googled around, but I haven't found a nice, compact source of > > all the info I want. Is there such a thing? > > I haven't seen any list. Since most people who get new hardware also > want the lastest software, they go straight for testing or Sid. > > You are not most people. > > Technology seems to move pretty fast these days and hardware vendors > seem to like to change things so that new hardware needs new drivers. > > Is there no way to get your hardware vendor to guarnatee availability of > hardware for a set length of time? > > Do you have to buy new hardware? i.e. would a skid of one-year-old > off-lease boxes work for your cluster? I do try to include 2.6.18 compatibility in the spec, but I'm part of a large organization, and our purchasing system is focussed on low bidders. We also have security policies that probably disqualify newer releases -- part of why we're "allowed" to run Debian is it's stellar security effort. Older boxes is an interesting idea, I might pursue that. In the meantime, I have my own list of "known-to-work" devices, I can expand on that. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Asus P5E-VM DO Motherboard Network Driver Availiable? Hardware compatibility with Debian?
On Saturday 14 June 2008 17:13, Odisseas-Nearxos Pasipoularidis wrote: > Greetings > > I own a PC with an Asus P5E-VM DO Motherboard and I am trying to install > Debian OS on it. > > I can't find the driver to configure the Ethernet Network port. I need it > so I can continue the OS installation over the Internet and be able to use > Internet later on. I'm assuming you're installing "etch", or the current "stable"? There are a few options. Firstly, consider installing "lenny" aka "testing". Secondly, consider slapping a cheap third-party ethernet card in there for which the kernel has drivers. If you have some requirement to use "etch" and the stock device (This happens to me from time to time -- corporate policy forbids "testing", and the device is a rackmount box with no room for extra cards...), you're not dead, there are still options: Check the CD that came with the board, if you have it, it may have drivers on it. You may have to compile the driver, if they only provide source code. ASUS claims to have downloadable Linux drivers for this board. Start from: <http://support.asus.com/download/download.aspx?SLanguage=en-us>, and use the widget on the left of that page to select the board model in the top text field and "Drivers" in the bottom one, and then go. The Linux drivers are near the bottom of the list of downloadable items. If that fails, ASUS's specificaton page <http://www.asus.com/products.aspx?modelmenu=2&model=1849&l1=3&l2=11&l3=571&l4=0> says that the LAN adapter is an "Intel 82566DM PCIe Gigabit LAN controller", so drivers may be available from Intel. Of course, you can't download anything onto this machine itself, because it's network device doesn't work. There are two ways around this chicken-and-egg problem that I'm aware of: (1) Download all the module-development packages directly from Debian, and manually install them on the system. You need gcc and its dependencies, and the header package matching the installation kernel and its dependencies. With the current net-install CD, this is linux-headers-2.6.18-5-, where is 686 or amd64. (2) Build the module on a different machine with the same architecture, and install it manually. Remember to run "depmod" and rebuild the initramfs when you install the module. I usually do (2), although I also have a USB stick with all the stuff for (1) on it. It looks a bit complicated when it's all written down like that, but it's actually not so bad. Probably "lenny" or a 3rd-party network card are your answer anyways. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Iceweasel 3 and gopher?
On Saturday 14 June 2008 12:43, Peter Tynan wrote: > Just to summarise the problems - Iceweasel (and FireFox) is the only > "integrated" GUI gopher browser, most other gopher browsers just show > the gopher menu tree and in some cases plain text documents with > Iceweasel I can view images, html documents, flash files, sound files > etc (assuming I have the appropriate plug-in) where as other gopher > browsers would have to open another application, also other GUI gopher > browsers have suffered from a lack of development in recent years > (mainly (IMHO) because Iceweasel/FireFox did the job so well) which > means they can look quite dated and lack a certain user friendliness > (as far as I know the console gopher client -is the only dedicated > gopher client still under active development). I was looking for gopher sites to try out in response to this, and ran into this, which may be of interest: <http://www.tekeeze.com/fun-sites/7-fun-sites-you-can-only-find-on-the-gopher-internet> Evidently the gopher-internet is not at all dead. A little googling reveals that there's a kio tool for konqueror that's supposed to do "gopher", it might be worthwhile to file a feature-request on the KDE bug tracker for this. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: making bootup fsck more user-friendly
On Sunday 15 June 2008 06:16, David wrote: > Thanks for the continuing replies and suggestions. > > Why not just run fsck manually (i.e. shutdown -RF now) whenever you > > want. If you do it frequently enough, you'll never hit the automatic > > checking counter: you'll only get caught if you forget. Set up cron to > > send you an email reminder every week or something. > > This is a decent work-around. However, ideally I should be able to > configure the scheduled fscks to run at a more conveniant time, and > automatically, rather than having to work my own schedule around the > needs of the PC. > > Another problem is that I don't know how to setup mail relaying on my > workstation (so that mail from local accounts get queued, and then > forwarded to my gmail account when I dial up to the internet). I'm not > sure if it's worth the trouble to research and set that up :-) > > Finally, Exim MTA was setup by default on my PC, but I disabled it's > init.d script. Reason: My PC is not connected to the internet a lot of > the time, so I get a "MTA starting..." message that stalls the startup > for a long time. I really hate long delays during startup :-) (see > also: Apple Talk service installed by default. wth?) Now that you've admitted editing an init.d script, I can no longer resist mentioning my rather involved and hack-ish solution. You could add code to the /etc/init.d/checkfs.sh and/or /etc/init.d/checkroot.sh scripts to check for a custom kernel argument, and "exit 0" if they find it. These scripts run pretty early in rcS.d. If you're lucky, /proc has already been mounted by the time they run, and you can just grep /proc/cmdline for your argument. (I *think* /proc is mounted by the initramfs, so it's available to all the init scripts, but I'm not 100% sure.) You could then add your custom argument to the kernel boot line. Make sure to use one that's unique, so it doesn't confuse the other init scripts, like maybe "wizzardxfastboot" or something. Then, make a special stanza in /boot/grub/menu.lst that has this argument. Then, when you want to boot up quickly and skip the fsck, you can just cursor-down to the appropriate line in the grub menu, hit return, and you're away. This relies on a few things being true which I've only guessed at -- you should have an initramfs, you need to be using grub, /proc has to be mounted in time as already mentioned, and it has to be true that unrecognized kernel options are harmless, which I think is the case, although you need to watch out for scripts which use the argument-count for nefarious purposes. I'm not aware of any, but you never know. If it works, this seems to solve your problem, if I've understood it correctly. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Starting NTP server: ntpd/usr/sbin/ntpd: invalid option -- p
On Sunday 15 June 2008 13:48, David Christensen wrote:
> debian-user:
>
> I recently installed openntpd on a Debian 4.0 virtual machine
> (http://www.thoughtpolice.co.uk/vmware/#debian4.0) running on VMWare Server
> 1.0.4:
>
[Details elided]
> I dug through /etc/init.d/openntpd, /etc/default/openntpd, etc., but
> couldn't figure out if or where a -p option was being set (although I did
> set the -s option).
> Any suggestions?
Check if there is also an /etc/init.d/ntpd. If your box used
to have ntp, and that package was removed but not purged, the init
files will still be in place. /etc/init.d/ntpd will find
the openntp executable and try to run it, but with wierd/wrong
options.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Starting NTP server: ntpd/usr/sbin/ntpd: invalid option -- p
On Sunday 15 June 2008 17:10, David Christensen wrote: > Andrew Reid wrote: > > Check if there is also an /etc/init.d/ntpd. If your box used > > to have ntp, and that package was removed but not purged, the init > > files will still be in place. /etc/init.d/ntpd will find > > the openntp executable and try to run it, but with wierd/wrong > > options. > > Thanks for the clue. I see: > > 20080615-135040 [EMAIL PROTECTED] ~ > # l /etc/init.d/*ntp* > /etc/init.d/ntp* /etc/init.d/openntpd* /etc/init.d/openntpd-orig* > > > Reboot. I don't see the ntpd error message on the console. Looking for an > ntp process: > > 20080615-140103 [EMAIL PROTECTED] ~ > # ps -A | grep ntp > 2214 ?00:00:00 ntpdate > > > I don't know if NTP is running. It doesn't seem to be working. > > > Any suggestions? My guess at this point is that you have now removed but not purged both ntp and openntp. This means the init files are still present, but the executable (/usr/bin/ntpd or whatever) is absent, so the init files are effectively no-ops. This would explain the absence of an ntp process. What is the output of "dpkg -l '*ntp*'? That should tell you which packages are present. I'm betting "rc" for ntpd and openntp, and "ii" for ntpdate. What you want to to next, probably, is decide which package you want and then purge the other one, and install the desired one. I think ntp and ntpdate can co-exist safely, but if they can't, the package manager should tell you. To purge a package which has already been removed, I believe you can do "dpkg --purge " on the package file in /var/cache/apt/archives, but in your case, it's sufficient to remove the sym-links from /etc/rcX.d and the start-up file from /etc/init.d, since those are the files causing the problems. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [NOT SOLVED, BUT PROGRESS] Failure to boot after failed resume from s2something
On Thursday 16 July 2009 12:36:57 John wrote: > > So my questions are: > > 1) How does one get rid of an old s2disk/hibernate setting that > demands to run "PM: Starting manual resume from disk"? > 2) Can update-initramfs be instructed to ignore that old setting? > 3) Ideally, can this problem be addressed from within the busybox: > (initramfs) > into which one is dumped when trying to do it the wrong way/ Have you tried booting with "noresume"? The theory on this is that this should entirely bypass the resume process, so it won't matter what's in your resume partition. I dimly recall setting the resume partition in the initramfs.conf process somewhere, but can't seem to find documentation about that now. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [NOT SOLVED, BUT PROGRESS] Failure to boot after failed resume from s2something
On Thursday 16 July 2009 22:33:44 John wrote: > On (16/07/09 20:55), Andrew Reid wrote: > | I dimly recall setting the resume partition in the initramfs.conf > | process somewhere, but can't seem to find documentation about that > | now. > > I've looked at that documentation, without finding anything > helpful. /etc/initramfs-tools.conf.d/resume is set to the proper resume > partition. I can s2ram successfully from the one working kernel, but > of course can't experiment with the others because they won't boot. Hmm. So what happens if you set that to "None", or unset it entirely? I'm still stuck on the idea that bypassing the resume process is a useful strategy, but I'm probably out of my depth in the configuration-space sea... -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [NOT SOLVED, BUT PROGRESS] Failure to boot after failed resume from s2something
On Thursday 16 July 2009 22:33:44 John wrote: > On (16/07/09 20:55), Andrew Reid wrote: > | I dimly recall setting the resume partition in the initramfs.conf > | process somewhere, but can't seem to find documentation about that > | now. > > I've looked at that documentation, without finding anything > helpful. /etc/initramfs-tools.conf.d/resume is set to the proper resume > partition. I can s2ram successfully from the one working kernel, but > of course can't experiment with the others because they won't boot. Here's another thought -- what happens if you boot to single-user mode (or to a rescue disk) and re-run "mkswap" on that swap partition? This ought to blitz the troublesome resume image that's on there, and possibly allow the system to boot cleanly. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: proper place for iptables script
On Tuesday 28 July 2009 22:04:20 Rob Owens wrote: > In the interest of learning new things, I'm moving from shorewall to plain > old iptables. I've got my script made, but I'm not sure what the proper > procedure is for starting it automatically at boot. Is there a "Debian > way" to do this? What I do, which is Debian-compatible (i.e. the package manager won't break it) but may or may not be the Debian way, is to save the config to a file with iptables-save, and then load it at interface-start-time by putting a script in /etc/network/if-pre-up.d, which uses "iptables-restore" to set the firewall from the file you saved with iptables-save. One advantage of this is that you can make changes by editing the saved file (it's a simple plain-text file), and implement your changes just by cycling the network device, i.e. you don't have to do a full reboot just for a firewall edit. I recall reading an argument for why starting the firewall at boot is both different and worse than starting it at interface-start-time, but I didn't really understand it. I'm personally kind of pedantic, and find the "network things happen when the network changes state" thing aesthetically pleasing, and enjoy the small practical advantage I already mentioned. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Etch to 5.0.2 upgrade failed - Encrypted filesystem will not boot
On Wednesday 05 August 2009 19:54:50 line...@ruiner.halo.nu wrote:
> I tried configuring fstab to use the UUID from blkid, but I had the same
> problem. Could the problem be that the SCSI drives are not coming up until
> cryptsetup has loaded?
This could happen if the new kernel's initramfs doesn't have
the right modules, or if the module name has changed.
It may be related to the "driver sd needs updating" thing, but
it seems to be contradicted by your observation that /dev/sda appears
to be present and functional from within the busybox shell.
In principle, you should be able to run the commands to
set up the root FS from within the shell, have you tried that?
You might get a more informative error message.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Etch to 5.0.2 upgrade failed - Encrypted filesystem will not boot
On Thursday 06 August 2009 04:16:42 Siggy Brentrup wrote: > On Tue, Aug 04, 2009 at 18:50 -0500, line...@halo.nu wrote: > > Hi - > > > > I have a Debian Etch system which I recently upgraded to v5.0.2. > > The file system was encrypted with LUKS at install time. > > Please bear with me, I'm asking this out of curiousity. Why did you > encrypt the full root FS? I can understand that you want your $HOME > encrypted, to a lesser degree I can follow you even with /etc, /tmp > and /var, but why do you take the performance penalty on publically > available stuff? I'm not the OP, but we do this at work because of policy -- we require full-disk encryption for portable systems, and the dm-crypt scheme doing everything except /boot is considered acceptable under the guidelines. I think the policy is this way partially because it's an easy line to draw, and doesn't involve a lot of guesswork. There can also be "leakage" out of your home directory -- applications sometimes store lists of recently-viewed documents in /var, and of course the system logs are in /var/log, plus there are dynamic entries in some config files, which might expose details of your network enviornment -- where are *your* WPA credentials cached? So, encrypting as much as you can meets the confidentially need in an easy-to-describe, easy-to-enforce, and relatively easy-to-implement way. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Etch to 5.0.2 upgrade failed - Encrypted filesystem will not boot
On Wednesday 05 August 2009 19:54:50 line...@ruiner.halo.nu wrote: > I tried configuring fstab to use the UUID from blkid, but I had the same > problem. Could the problem be that the SCSI drives are not coming up until > cryptsetup has loaded? Hi again lineman (and list). Just for another data-point, I have just now finished upgrading my laptop, with the dm-crypt-encrypted hard drive, from etch to lenny. There were several minor issues with packages, but the crypto part worked fine. (Anticipating doing this myself is part of why I was following this thread...) I *do* see the "Driver 'sd' needs updating" message, but my system boots, so that's apparently unrelated. My /etc/fstab file doesn't use UUIDs, it lists the device-mapper names of all the devices, and it works. This shouldn't matter in any case for the root FS, it's mounted before /etc/fstab is read, and the device name is taken from the kernel args. I tried booting with the "break" boot option, which drops you into the busybox shell at the init-premount step, and tried to see if I could manually set up the crypto, but it's a bit complicated, and relies on environment variables which are set for the scripts, but apparently not set in the shell. One thing you *can* do easily is, boot with the "break" option, and from within the resulting shell, run /scripts/init-premount/udev, which will create all the devices. You can then do an "ls" in /dev, and see if the relevant hard drive partition (/dev/sda5, in your case) is are present -- this tests the udev step pretty directly. Hope this helps. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Unable to install mencoder debian package from debian-multimedia.org.
On Tuesday 11 August 2009 17:58:48 Thomas Anderson wrote:
> I have the following entry in my sources.list file:
>
> deb http://www.debian-multimedia.org lenny main
>
> But I cannot install any package from that repository.
Try a mirror, there's a list of them at:
http://debian-multimedia.org/debian-m.php
> I've got an Intel quadcore CPU (which means I'm on the AMD64
> architecture, right?) and am running Debian stable (Lenny).
Yes, those chips are amd64 architecture.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Etch to 5.0.2 upgrade failed - Encrypted filesystem will not boot
On Tuesday 11 August 2009 17:41:48 line...@ruiner.halo.nu wrote: > Ok I guess the system is just hosed. If no one has any more suggestions in > the next couple days I will reinstall. > > > I will never trust Debian upgrades again, at least not when encrypted > filesystems are in use. Well, all I can say is that it worked for me. It's pretty clearly an initramfs problem, since it works for your other kernel. It's also very weird (as you've remarked) that you can apparently initialize the encrypted partition via luksOpen from within the initramfs, but then not mount it -- I'm assuming you checked all the obvious things, like whether or not your candidate mount point (/a in your example) existed. I have one more nontrivial suggestion -- I suggest installing the 2.6.24 "etchnhalf" kernel. You'll have to pull it from the "etch" repositories. It's possible that running a new kernel install and corresponding update-grub and so forth will either (a) work, or (b) give a more meaningful error message. Also, please understand that I mean no disrespect, but I feel compelled to remind you of some possible stupid-mistake solutions: - Does your 2.6.26 kernel have the same boot options in menu.lst as the one that works? Are they the default "kopt" options, so they get propagated to new kernels by update-grub? If you manually added encryption after your "etch" install, they might not be. - Is the menu.lst that's modified by the package manager the same one that the boot-loader is actually using? I once had a system that had somehow gotten both /grub and /boot/grub directories, both with menu.lst files in them, only one of which mattered. - Along similar lines, is update-initramfs writing its files to the correct place so they're read at boot time? That's about all I can think of. Good luck. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Strange log-rotate problem
Hi all -- This is a long shot, but I thought I'd ask here. I have a multiply-upgraded Debian "etch" box, which is also a log host (i.e. many other hosts log on it via the UDP port that syslog provides), and our policies regarding log retention have recently changed. My problem is that I can't figure out who is rotating /var/log/auth.log. It's currently being rotated every day, and retained for a week. I spent a lot of quality time today with the logrotate documentation, and I'm confident that it's not in any logrotate scripts. I also checked out the cron-driven log rotation that's done by the scripts that come with the sysklogd package, and that package seems to be set up to rotate it weekly -- this may be working, but never getting the chance, because the daily rotations are colliding with the weekly effort. I know that rsyslogd provides logrotate packages, many of my systems work that way, but this system does not have rsyslogd installed. There are also some residual syslog-ng scripts, but they don't appear to be active. What I *do* know is that whatever is rotating the auth logs is cron-triggered -- they all have 06:25 time-stamps, suggesting they're run from /etc/cron.daily somewhere. But I've looked at all those scripts, and none of them seem to do it. Possibly relevant is that this system is very old, and has been transplanted to new hardware several times -- I think it started out as Debian "potato", and has been steadily upgraded over the years, so it could be left-over functionality from some ancient package that's mucking things up. So, my specific question is, is there anything *else* besides logrotate or sysklogd scripts that can do log rotations? Some obscure cron thing that doesn't show up when I grep for "auth" or "log", because it's doing some kind of crazy pattern-matching thing? Thanks in advance... -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: help for kernel panic
On Friday 21 August 2009 18:11:27 Alan Greenberger wrote: > I have a system with Lenny installed from the KDE installer CD. It was > working fine for half a year. Powering it on after being off for two > weeks, it starts to load Lenny then dies with: > Failed to execute /init > can't open auto > Kernel panic - not syncing: Attempted to kill init! > iA linux-image-2.6.26-1-686 > Version 2.6.26-13 > The md5sum of /boot/vmlinuz-2.6.26-1-686 is > 824cfba2eac12d0c09747c0bd3426e4e I think your checksum is OK, with a caveat -- it's the right checksum for the advertised 2.6.26-13 version of that package, which is distinct from 2.6.26-13lenny2, the latter being the most recent 2.6.26-1 kernel for Debian lenny, which in turn is not the most 2.6.26 kernel, there is a 2.6.26-2 out. I checksummed it by pulling the file out of /var/cache/apt/archives, manually unpacking it in a working directory, and running md5sum on the resulting $DIR/boot/vmlinuz-2.6.26-1 file. So, you're apparently behind on kernel updates, but your kernel does not seem to be corrupt. That would seem to narrow it down to a corrupt initramfs, or, as you already suggested, motherboard hardware issues. I don't have a huge amount of experience with this, but I did once have a similar issue -- I had a server that wouldn't fully boot, it would just hang, always in different places in the boot sequence. But, it could boot to single-user mode, and if you then started all the /etc/init.d services manually, it would run fine for months at a time. I never did figure that one out, I eventually got rid of the machine. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Strange log-rotate problem
On Saturday 22 August 2009 02:09:09 Sven Joachim wrote: > On 2009-08-22 01:08 +0200, Andrew Reid wrote: > > My problem is that I can't figure out who is rotating > > /var/log/auth.log. > > > > It's currently being rotated every day, and retained for a week. > > > If you are using sysklogd (the standard syslog daemon in Etch), the > answer is that it uses savelog, not logrotate. See bug #44523¹. > > The good news is that in Lenny and later, rsyslog² is the standard > syslog daemon, and it uses logrotate. Of course, upgrading an existing > system will not change your syslog daemon. Thanks, this is helpful. I found the sysklogd cron entries, but I further thought the daily one (in /etc/cron.daily/sysklogd) wasn't rotating auth.log -- it uses "syslogd-listfiles" to get the set of files to rotate daily, and when I ran it interactively, it returned an empty string. However, as a sanity check, I instrumented /etc/cron.daily/sysklogd, and sure enough, it *is* doing the mystery rotation. So, now I can adjust it to comply with policy, which solves the immediate problem. The remaining mystery is, why does the "syslogd-listfiles" give different answers interactively versus inside a cron script? Probably some environment thing. > > There is also an Etch backport of rsyslog, if you would like to use it > without upgrading to Lenny. I'll probably be upgrading to Lenny in a few weeks anyways, so I'll just wait, I think. However, I did want to mention that I am a big fan of backports, they've helped me out a lot over the years. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: help for kernel panic
On Monday 24 August 2009 11:12:49 Alan Greenberger wrote: > On 2009-08-22, Andrew Reid wrote: > > That would seem to narrow it down to a corrupt initramfs, > > or, as you already suggested, motherboard hardware issues. > > Thanks for confirming the md5sum and the suggestion. It also fails boot > to level 1. I used rescue to turn on /etc/default/bootlogd but nothing > gets logged to /var/log so I guess it doesn't get that far. I would > have liked to know where it fails, since it does boot rescue CDs. I am > giving up assuming it is the motherboard. That's probably a good bet, but if you're feeling adventuresome/insane, there's still that initramfs angle to explore. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [Debian] Re: Grub boot problems
On Monday 24 August 2009 22:46:55 Glen Lee Edwards wrote: > Emanoil Kotsev wrote: > > Glen Lee Edwards wrote: > >> kernel /boot/vmlinuz-2.6.26-2-686 root=/dev/sdb1 ro quiet > > > > you have the root already > > > > root(hd1,0) is used for setup, I think. > > The only reason I posed the question is because all my Dell PCs have > this problem, and every time Debian upgrades the kernel APT redoes > munu.lst, so the computers won't boot. It doesn't take long to fix the > problem, but it would seem that a better solution rather than constantly > having to modify menu.lst would be to fix the problem once and for all > on the PC end. What is "groot" set to in your menu.lst? It's possible/likely that just setting the right "groot" and re-running update-grub will fix things. If leaving it out works, then (hd0,0) is a likely candidate for the right answer. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: why can't i use grub with an ext3 /boot partition?
On Sunday 13 September 2009 03:33:50 Robert P. J. Day wrote:
> possibly related to an earlier post that discussed grub but, when
> installing lenny, if i choose to create a separate, primary partition
> for /boot (a long-time habit), if i select ext3 for that partition, i
> am not offered the chance to use grub as a bootloader.
>
> as best i can tell, that /boot partition must be both:
I conjecture that you are doing Something Else wrong.
I have many machines that have ext3 /boot partitions, including
several that were set up initially as lenny machines. I also have
this habit, and I generally intend to use ext2, but sometimes
I forget to switch it from the installer's filesystem default,
which is ext3.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: why can't i use grub with an ext3 /boot partition?
On Sunday 13 September 2009 18:58:17 Robert P. J. Day wrote:
> ok, so let's move beyond anecdotes and get into conjecture -- does
> anyone know the debian installer well enough to know *what*
> circumstances will cause said installer to refuse to offer grub as a
> bootloader, and only present lilo?
A potentially useful experiment is to try installing grub manually
on the partition, and see if it works, or if it doesn't, what errors
it reports.
The installer may be suppressing error reports. I believe you can
view the installation log during the install, from an alt console, but
I'm not 100% sure it's possible, and I certainly don't remember how.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Lenny upgrade -- kcheckpass behavior change
I've just completed the "lenny" upgrade on my main box at home, and ran into an interesting glitch. The initial symptom was, I couldn't unlock the screen from the screensaver. The logs complained about "user not found", but id showed it, PAM config looked OK, /etc/nsswitch.conf was fine, and /etc/passwd and /etc/shadow hadn't changed. Other log entries showed the complaint was coming from kcheckpass, and indeed, interactive use showed that it was failing, even with the correct password. Running "strace" on this showed it was getting "permission denied" trying to read /etc/shadow. On this system, I had set /etc/shadow to be permission 400, as recommended in a system hardening guide (don't recall now which one), and then more or less forgotten about it. Evidently the behavior of kcheckpass has changed, it must run as group "shadow" now, and not as user root. Opening up permissions on /etc/shadow (I changed it to 440) fixed it. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Lenny sun-java6-doc installation issue
Hi all -- I'm experimenting with various Java versions on one of my new Lenny installs, and I'm having a problem with the "sun-java6-doc" package. This package says it's an installer package only, and doesn't provide the actual docs, but prompts the user to go to http://java.sun.com/javase/downloads, and get one of two files (jdk-6u12-docs.zip or jdk-6u12-docs-ja.zip), put it in /tmp owned by root:root, and then continue the package installation. This is all fine, I understand (at least in theory) why this is necessary, but the problem is, I can't find that file on the download site. Part of the problem, of course, is that the Sun download site is oriented around their bundles, and is about acquiring particular functionality from Sun, so they're not motivated to help me find actual files. There is a "documentation" link there, but it's two updates old, it refers to jdk-6u10-docs.zip. My second guess was that the docs are inside the JDK bundle, so I downloaded that, but it's not obvious to me how to extract the stand-alone docs file from this thing, with or without installing it. Has anyone done this already? How does it work? My other idea, which I haven't tried yet, is to download that jdk-6u10-docs.zip file and just rename it to satisfy the package installer, but this is not a satisfying solution to me. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: how to find why packages are automatically installed?
On Saturday 21 February 2009 20:34:09 Michael M. Moore wrote: > Maybe there is no "magic package" that is keeping these things installed > and I just need to selectively remove them one-by-one, along with the > packages that will break but that I don't want anymore. I just thought > I might be missing something obvious about the best way to take care of > getting rid of a bunch of automatically installed packages relatively > quickly. > > Any advice? I can't answer the "why" question, but I use "apt-get autoremove" and deborphan to prune the installed package list. Deborphan has to be installed first, and if you're very brave, you do: > apt-get remove --purge `deborphan` ... repeatedly until it "converges", i.e. runs out of packages to remove. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [OT] Bloatware and how to make Programs smaller
On Saturday 21 February 2009 20:25:46 Michelle Konzack wrote: > OK, we have the night from Saturday to Sunday and for those peoples who > are not hanging arround in Discotheks, but being alone at home I have > something to read for you: > > <http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html> > > Thanks, Greetings and nice Day/Evening Awesome. Reminds me of my hobbyist/hacker days. And as long as we're already OT: It also reminds me of a great book I read years ago, "Windows Assembly Language and Systems Programming", by Barry Kauler, which shows, along similar lines to the article you referenced, how to build a 32-bit executable for Windows 95 "by hand" -- they're a good deal larger than ELFs, of course, since on that platform, the window handles and GUI event callbacks are mandatory. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: problem with IPTABLEs
On Wednesday 25 February 2009 19:28:35 Long Wind wrote: > I want to specify a domain name in rules > but the domain name often changes IP > Is there anything I can do about it? Can you meet your need with tcpwrappers? They work quite well with domain names, and if you're trying to selectively allow a particular service, are probably the right choice. Check the man-pages of /etc/hosts.allow and /etc/hosts.deny for details. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: grub locked
On Friday 27 February 2009 02:18:26 Celejar wrote: > Hi, > > I was just greatly disturbed to find that I am unable to edit my grub > command lines (with 'e') or to get a command shell (with 'c'). This > used to work, although I can't remember the last time I tried it. > Googling indicates that this is what happens when grub is locked, with > 'password' command in menu.lst, but I have not done that! What could > be causing this? I can still select a kernel choice with the cursor > keys and the carriage return. Well, that is precisely the locked behavior. I can think of two things to try. Firstly, the "is it plugged in" question is, are you *sure* that's your menu.lst file? Might there be another one, maybe in /grub (as opposed to /boot/grub)? Have you accidentally mounted something overtop of the root FS's /boot directory, so the menu.lst that grub sees and the one you see are different? Secondly, if this is indeed the right menu.lst, try setting a password, and see if it works, and then unsetting it. Also, I noticed you have some Windows entries -- I suppose it's possible that Windows has messed things up somehow. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Streaming Video from a Debian box
On Saturday 21 March 2009 10:54:09 Kent West wrote: > Do I understand that there's no pre-packaged Debian solution for > streaming videos from the Debian/apache box to other clients, similar to > how YouTube streams videos? > > I found Icecast, but the official site indicated it's an audio streamer > only, although I saw a reference or two elsewhere about it possibly > streaming theora files. (Which would work, if I can convert my > Mac-generated .mp4 file into theora. (I only used the Mac for its iMovie > app; openmovieeditor crashed on me, and seemed ... "weak".)) > > I also found Apple's Darwin, but that just seems .., tainted ,.. > somehow, and I'm not sure it would work anyway. > > So, what's the solution for setting up my own Youtube-like service on my > Debian box? I've never done it myself, but I understand that "ffmpeg" is the streaming server of choice for open-source applications, and that it's good for both live feeds like a webcam, and archived content like YouTube. <http://www.oav.net/mirrors/video-streaming-servers.html> It's also packaged for lenny, and probably others. If you want non-open formats, you might have to get codecs from debian-multimedia, they won't be in the main repos. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: any image viewer for etch that you can recommend?
On Sunday 29 March 2009 19:31:23 Long Wind wrote:
> I want a image viewer
> It should be small (use less disk space)
> It does not depend on KDE or GNOME because I use neither
> It can show image in full size by default (thumbnail isn't important)
> It can let me delete image file that I don't like
> Thanks!
The "display" command, from the ImageMagick suite,
can do all of these.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: new problem - networking is strange
On Saturday 04 April 2009 19:07:53 Miles Fidelman wrote:
> H.S. wrote:
> > Miles Fidelman wrote:
> > Is udev giving your interface a new name (ethx instead of, say eth0)?
>
> how would I check that, and why would it just start doing that?
I ran into this recently.
It does that because udev maintains a list of network devices
listed by MAC address in a file somewhere -- I thought it was
obvious in /etc/udev, but I can't seem to find it on my system
here -- maybe it's different in lenny?
Anyways, it certainly did this in "etch".
When you transplant a system image including this file onto new
hardware, udev notices the difference in MAC address, and gives the
interfaces it finds names that won't conflict with the MAC address
assigned for eth0.
Obviously this system is designed to maintain name integrity
when you drop a new network card into an existing system, but
it does have unexpected behavior for transplanted images.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: new problem - networking is strange
On Saturday 04 April 2009 19:07:53 Miles Fidelman wrote: > H.S. wrote: > > Miles Fidelman wrote: > > Is udev giving your interface a new name (ethx instead of, say eth0)? > > how would I check that, and why would it just start doing that? I ran into this a while ago. In "etch" systems, udev maintains a list of mappings between MAC addresses and network device names -- it's in a file with a name like "persistent-net.rules" or something. If you transplant a system image including this file onto new hardware, the system refuses to assign an existing device name to a "conflicting" MAC address, and increments the device name instead. If (as is very likely) your transplanted system image includes /etc/network/interface files and/or firewall rules which refer to the interface by name, they break. The solution is to edit the file and remove the stanza with the "conflicting" MAC address. I just tried to find the exact file name on my current "lenny" system, but things appear to be more complicated -- maybe this behavior is fixed in lenny? -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: new problem - networking is strange
On Saturday 04 April 2009 23:45:48 Andrew Reid wrote: > On Saturday 04 April 2009 19:07:53 Miles Fidelman wrote: > > H.S. wrote: > > > Miles Fidelman wrote: > > > > > > Is udev giving your interface a new name (ethx instead of, say eth0)? > > > > how would I check that, and why would it just start doing that? > > It does that because udev maintains a list of network devices > listed by MAC address in a file somewhere -- I thought it was > obvious in /etc/udev, but I can't seem to find it on my system > here -- maybe it's different in lenny? Pardon my self-reply, obviously I shouldn't try to do this stuff late at night. Not only did I get confused and send a redundant message, I can now confirm that it's not fixed in lenny. The file is /etc/udev/rules.d/70-persistent-net.rules. I also remembered that the change in device name can leak into your initramfs, if you're net-booting, so you might need to rebuild that after you fix it. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: "X includes" missing
On Sunday 05 April 2009 14:09:50 Itay wrote: > I am trying to install the latest stable digikam (0.9.5) from source. > (Because stock digikam on lenny, 0.9.4, has some issues in handling > tiffs.) > > ./configure bailed with: > > checking for X... configure: error: Can't find X includes. \ > Please check your installation and add the correct paths! > > Could you please get me started: where should I find > "X includes", and what would be the debian-way to add them? The debian way is to have include files in a package whose prefix is the same as the libraries, but with the suffix "-dev". In this case, installing the package "xorg-dev" and its dependencies will almost certainly solve this problem. -- A -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
HAL and KDE mounting USB drives
Hi all -- I'm trying to implement a security policy in which portable devices, especially USB drives, are not auto-run. My idea is to go one better, and have all of these devices automatically mounted with "noexec,nodev,nosuid" by default. I also want users to still be able to choose their desktops, so setting the extra mount options in the desktop automounter isn't my preferred solution. This chain of requirements has lead to me to HAL, and so far, I have worked out how to edit the /etc/hal/fdi/policy/preferences.fdi file to isolate the device, and add properties to it. My stanza for doing this looks like this: > > > > > true > true > > > > The "match" operations select hot-pluggable removable devices which HAL thinks are partitions, which is right, it should work for both flash sticks and actual disk drives on both USB and FireWire. I've also confirmed that my policy options are getting set -- if you run "hal-device" after inserting a USB stick, it reports that the volume.policy stuff is set up as I meant it to be, and only on the devices I meant. The problem I have run into is that, on KDE at least, the desktop mounting gizmo is not respecting the policy options, and is mounting stuff without my additional options. What I'd mostly like is some kind of documentation about how KDE interprets these things. The "hal-doc" package was awesome for the first part, but I can't seem to find an equivalent for the second part. Does anyone know where to find docs on KDE/HAL interactions, or what the answer is? This is all on Debian "lenny". -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: tftpd-hpa fails to start.
On Friday 17 April 2009 12:14:52 Nuno Magalhães wrote:
> Hi, i'm having a slight issue following this article [1]. My client
> will boot through PXE and find the host, then it won't find an image
> and keeps on showing TFTP timeouts.
I ran into this recently -- it turned out that the non-hpa TFTP
had previously been installed on the machine, but even though it
had been removed and purged, there was still a tftp entry in
/etc/inetd.conf. Consequently, inetd was listening on the tftp
port, and prevented the tftp-hpa from starting.
I only found it by doing "netstat" -- because it's inetd
triggered, the "bad" tftp doesn't show up in the process list.
The fix, of course, is to just remove that line from
inetd.conf.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Bash Session
On Saturday 25 April 2009 12:57:08 Kurian Thayil wrote:
> Hi All,
>
> Planning to give a small demo on BASH scripting in a LUG community.
> Audience will be school teachers and basic home users and thus are
> beginners. Thinking on how to present simple and some example scripts that
> will make them more interesting and love command line. Need some
> suggestions.
>
> Its always difficult to think simple and easy. :-) So I've quite confused
> here on how and what to present. Any help?
I'd focus on a variety of contexts where scripting is
handy -- .bashrc and cron leap to mind.
What can you do in your .bashrc file? Set environment
variables, extend/modify your path, detect the local
architecture, and so forth.
What's useful in cron? Parse /etc/passwd or /etc/shadow
and send yourself an e-mail expiry notice, maybe.
Automatic creation and testing of back-ups, maybe.
Simple scripts, and in an environment (especially in .bashrc)
where other tools just aren't as good.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Bash Session
On Saturday 25 April 2009 22:24:15 Kurian Thayil wrote:
> Hi Andrew,
>
> I guess parsing /etc/passwd and /etc/shadow file and sending an email
> notification is a good one. But don't you think, that .bashrc concept and
> inclusion of tasks in it will be quite confusing and complicated for a
> beginner? I will have to explain about login and non-login shell, startup
> scripts which will make them more confusing. Don't you think?
Well, you know your audience better than I do, of course, so
you may well be right.
My motivation for thinking that .bashrc is a good place to start
is that it's the one place where, if you want to customize at
that level, there's really no alternative to using bash scripting.
The same is true of the system init scripts, but those
are definitely too scary for scripting beginners.
For everything else (even cron, etc.), there's always an
alternative -- you could write a custom program in another
scripting or compiled language to do what you want, but in the
.bashrc, bash-scripting is really the only way to do anything.
There wasn't any more profound idea to it than that.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Out of memory crashes ssh
On Wednesday 20 May 2009 17:17:35 Maicon Faria wrote: > Package: OpenSSH_5.1p1 Debian-5 > > When I run a program, as user, that uses more then the memory > avaliable the OOM(OUT-OF-MEMORY) kill this job. > After that, ssh crashes and must be restarted by the root. > > Anyone has experienced something like that ? > This happens in computers in a cluster where the nodes system comes > from a nfs service. The kernel is a vanilla 2.6.26 one. I have hacked around a similar problem, also on a cluster, but not really solved it. I have a cron job that looks for the SSH process (by trying to ssh to localhost and run "echo"), and if it ever fails, it assumes sshd has crashed, and restarts it. The problem with this approach is that, when the system runs out of memory, services tend to fail unpredictably, and it sometimes happens that both cron *and* sshd fail. That's much more rare, of course. Somewhere on my "todo" list is to figure out memory management, and try to set up sshd so that it doesn't get sacrificed when resources run low. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: XFS frequent crashes on PE1950 with perc 5/e and 2xMD1000
On Tuesday 09 June 2009 08:16:35 Tomek Kruszona wrote: > Hello! > > I have a problem with system in the configuration described in subject > (Dell PE1950 III + PERC 5/E + 2xMD1000) > > System is running Debian Lenny AMD64 version with all available updates. > > I have 6 VD's 2TB each (for 32bit system compatibility). Each VD is a > LVM2 PV > > I made a LVM2 volume and formatted this into XFS. Previously it was only > one MD1000 connected to PERC controller. > > But two days ago i added next MD1000 added new PV's to LVM2 and extended > XFS with xfs_growfs. > > After some time I got kernel panic like this: This strongly resembles an issue I had on a file server -- I don't have my notes handy, but it had to do with an issue in which the kernel was interacting badly with a particular motherboard chipset. The workaround was to reboot with the "iommu=soft" option passed to the kernel. My problem was with an "etch" kernel, and it was my understanding that newer kernels were not expected to have this problem, so I may be off-base, but that's my experience. It sounds like this is at least an easy thing to try -- I really wish I could find my notes... -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: When you needed newer software than Sid/Backports provide...
On Tuesday 07 July 2009 19:07:32 Akira Kitada wrote: > My solution for this is easy and typical. Building from source and put > it on /usr/local. > That way, I can keep stable system while using the latest software. > However, it didn't take so long to make /usr/local a mess. > There's no easy way to track what I've installed because they're > installed manually. > It'd be nice if I could manage those software with apt but I suppose > that might conflicts with ones Lenny provides. > > So here's my question. How can you manage new softwares while keeping > the system stable? Use stow. Make a directory, /usr/local/stow, and build your software into subdirectories, using "config --prefix=/usr/local/stow/packagename" Then do make, make install, as usual, and then go to /usr/local/stow and do "stow packagename". What this does is create symlinks in /usr/local that point to the files in /usr/local/stow/. You don't have to edit paths, everything stays POSIXly-correct, but you can remove packages by doing "stow -D", and you can always tell where a file came from by looking at the real location -- built software remains organized by package subdirectories. It's not a panacea, some build schemes are not stow-friendly, but generally if it would work in /usr/local, it'll work with stow. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
HIDS recommendations?
Hi all -- I run a small network of several hosts, mostly Debian, and I've become frustrated with the host-based intrustion detection system I'm using. It works, but the GUI tools is very slow, and package/security updates generate a lot of noise. We're expanding the number of hosts we monitor, and it seems to be scaling poorly. In my ideal world, I'd like a Debian-smart integrity checker. Basic features: - FOSS. I don't mind paying money for support or docs, but I'd like the code to be open. - Separate central monitoring host, integrity agents on client hosts. - Tunable/configurable to ignore rapidly-changing files, give low-severity for enlarged/rotated log files, good SUID and world-writable detection. Desirable features: - A fast, intuitive GUI that lets me isolate false positives quickly (you can never tune these things perfectly), and preferrably allows browsing by directory tree. Dream feature: - Debian-smart, so when I do security updates, it automatically white-lists the files changed by the package manager, and doesn't bug me about them. I have direct experience with Samhain/Beltane/Yule, tripwire, and recently road-tested ossec. They all do the basic features, and S/B/Y and ossec have web-based GUI interfaces, but they seem clunky to me, and scale poorly -- I end up manually scanning huge lists of violations by eye, looking for the change that's *not* in the /usr/changed-package/zillion-files tree, which is error-prone. Searching the Debian package lists, I see references to "osiris" "aide", and "prelude", although prelude appears to be more of a combined log-analyzer and network IDS, and what I really want is a file-system integrity tool. A good GUI for tripwire might meet the need, and I'd also be interested in people's experience with other tools, particulary for monitoring about 50 hosts. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: boot failure "mount: mounting /dev/sda1 on /root failed: no such device"
On Tuesday 07 July 2009 15:26:54 Kelly Clowers wrote: > Is there a way to get a shell inside the initramfs, to > look around? You can boot with "break=mount" as a kernel option, it will drop you into a busybox shell just before mounting the root directory. The initramfs environment doesn't inherit environment variables from the boot scripts, but you can browse the file system and run the scripts and stuff. I've run into similar problems when the initramfs didn't include the right driver module for the disk drive -- the result is that the BIOS can see the drive, and GRUB can see it, but the kernel can't -- you get symptoms similar to what you describe, and it's also consistent with the LiveCD working, as it presumably has a full kernel. The solution in that case is to get the right module into the initramfs, most simply by just listing it by name in /etc/initramfs-tools/modules and rebuilding the initramfs. I haven't mentioned it because it doesn't make sense in your case -- you're restoring an RMA'd drive on an old box, where presumably the motherboard SATA device hasn't changed, so the initramfs you restored from back-up should work, plus you said you rebuilt the initramfs several times. The other way to investigate the initramfs, incidentally, is to just unpack it somehwere -- it's a cpio archive, you can google for instructions. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: boot failure "mount: mounting /dev/sda1 on /root failed: no such device"
On Monday 13 July 2009 21:13:16 Kelly Clowers wrote:
> On Mon, Jul 13, 2009 at 17:52, Kelly Clowers wrote:
> > On Mon, Jul 13, 2009 at 16:38, Andrew Reid wrote:
> >> The other way to investigate the initramfs, incidentally,
> >> is to just unpack it somehwere -- it's a cpio archive, you
> >> can google for instructions.
> >
> > Also good to know.
>
> Going to try this now, since break= does not seem to work for
> some reason...
That strikes me as an Important Clue, although I'm not
sure what to make of it. Are you *sure* you're running an
initramfs? ("Is it plugged in?") Does your bootloader know
you want an initramfs? How did you get the bootloader on
to the disk? It's not part of the filesystem, so it didn't
come on with the restore-from-backup unless you used "dd"
to image it. For grub, you have to do a "grub-install"
incantation.
Anyways, assuming you *are* using an initramfs, there are
other predefined breakpoints -- they are:
top, modules, premount, mount, bottom, init.
You might try "break=top", that drops into the busybox shell
immediately after the initrd is unpacked, before running any
scripts at all. It's also before modules are loaded, so it
wouldn't be a huge surprise if the disks are missing at that
point, but at least you could check the integrity if your
initramfs environment, and run some stuff manually, maybe.
"modules" breaks before any modules are loaded.
"premount" is the default, and it'll break here if you
just provide a "break" kernel argument, with no value.
Posting to the list, because this info about initramfs
breakpoints should be in more places.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: How to enable Debian to automatically clear the tmp directory
On Thursday 28 August 2008 11:39, Ryan Klein wrote:
> I have been searching for a way to have Debian automatically remove
> files in the /tmp directory after a period of time. We need it mainly
> for removing old session files that grow quite rapidly (a rate of 10 per
> second). I am hoping Debian has a built in utility, otherwise a package
> will suffice if not a simple bash script. Thanks for your input.
If you're using "etch", you can use the "tmpreaper" package.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Setup problem with Old sony vaio PCG-Z505SX notebook
On Thursday 02 October 2008 23:32, J.H.Kim wrote: > Hi, everyone > I'm trying to install debian to old sony vaio PCG-Z505SX notebook which has > no bootable cd-rom drive. > So, I'm installing debian with USB floppy drive. > When I setup debian using installing diskette, it displays following > messages in setup procedures: [edited] This probably isn't what you want to hear, but I recently installed Debian "etch" on a PCG-R505TS, which is similar, and I couldn't get any of the bootable devices to work. What I eventually did was pulled the hard drive out of it, and installed a basic system onto it through a USB-to-IDE adapter off another computer using debootstrap. So, I don't know how to solve your problem, but there's a workaround for you. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Any suggest on NFS server in product environment?
On Wednesday 08 October 2008 10:01, Ding Honghui wrote:
> hi list,
>
> Any suggest on NFS server in product environment?
> nfs-user-server or nfs-kernel-server?
> We need stable nfs server.
I use nfs-kernel-server, I use it to run an 8 TB primary server and
a 4-ish TB secondary server. It's used to export the filesystems for
diskless nodes for our cluster, and for user home directories for
about forty users, of whom about ten are fairly heavy users.
When we run into performance problems, we are usually disk-bound,
and sometimes network-bound, when (for instance) someone decides to do
multiple sequential "grep" operations on a multi-gigabyte file
over NFS.
Having said that, I've never actually used nfs-user-server,
because nfs-kernel-server has always worked fine.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Any suggest on NFS server in product environment?
On Thursday 09 October 2008 06:53, Alex Samad wrote: > > When we run into performance problems, we are usually disk-bound, > > and sometimes network-bound, when (for instance) someone decides to do > > multiple sequential "grep" operations on a multi-gigabyte file > > over NFS. > > what options are you using, nfs4 or 3, udp or tcp any r/wsize async/sync > ? We just run NFS3, mostly for legacy reasons, I haven't really investigated NFS4, but I like what I've heard. Most user directories are mounted sync, it seems to me like the only safe way. There are some size adjustments also, but I've forgotten what they are or what motivated them. The NFS performance HOWTO is useful for setting these things. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: whole disk encryption -- not prompting for passphrase
On Monday 20 October 2008 19:13, Hatta wrote: > Yes, I have run 'update-initramfs -v -u -k 2.6.24-1-686' > > This had no effect. > > I cannot find any documentation as to how the system is supposed to find > and > unencrypt encrypted drives. When in the boot process is the system > supposed to load these drives? What commands does it use? In what files > do those commands > reside? Where is the documentation for this stuff? All I can find are > HOWTOs, > which contain absolutely no theory, and so are absolutely useless for > troubleshooting. > > Can *anybody* help me with this? I'm not sure how helpful this will be, but you can investigate from within busybox, within limits, of course -- the "mount" command is available, and you can step through the various start-up scripts in the initramfs. Try booting with "break=mount" as a kernel argument, and see how things look from inside -- this will dump you into busybox just before the root fs gets mounted. The kernel command line is in /proc/cmdline, so you can see if the bootloader maybe made hamburger out of your parameters. Failing that, you can unpack the initramfs (it's a cpio archive) onto a convenient system and step through the boot process manually -- almost everything in there is a shell script, and I think they start with /sbin/init, or something equally obvious. The initramfs's search strategy has got to be in there, and I bet it's not complicated. I recently untangled some net-booting issues this way. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: intrusion detection
On Tuesday 28 October 2008 11:25, David Bernier wrote: > Dear Debian users, > > Now, I'm using Ubuntu and the firestarter firewall. > > I'd like to know about ideas for security, including for example > intrusion-detection systems. There are (at least) two kinds of these, the "network based" intrusion detection, like firewalls and "snort", and "host-based", which maintain a database of the sizes, ownership, location, inode number, and so forth, of files on the system, and report on changes to these systems. In the host-based category, I'm aware of two -- there's the samhain/yule/beltane family, which are really one intrustion detection apparatus. Samhain is the daemon that runs on the clients being monitored, yule is the server that maintains the (remote from the client) database, and beltane is the web app you can use to monitor changes. Beltane costs a small amount of money, and the others are free (as in beer). The other one I know of is "tripwire", which is packaged for Debian, and which is a single stand-alone application, but can report to a remote monitoring host. Both of these require a fair amount of configuration, and it can be a challenge to tune them so that routine file changes don't set off the alarms, but anomalous ones do. They can potentially be spoofed by sophisticated rootkits, as well, but samhain at least has ways of dealing with that. I recommend checking out the docs on these (googling the names will get you there), as I'm not really an expert, just a user and sometime-tuner of these. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
How to reposition the K desktop unlocking widget?
Hi all -- I've recently set up a Debian system for a colleague with an NVidia video card that can do dual-monitors. This was spectacularly easy to set up with "TwinView", it seemed to automatically get most things right, with two exceptions. The KDM log-in widget and the kdesktop_lock unlocking widget are centered in the "virtual desktop", which means there's half of them on each monitor. I fixed the KDM thing by adjusting the "GreeterPos" datum in the "X-*-Greeter" section of /etc/kde3/kdm/kdmrc, it's now centered in the primary monitor. But I cannot for the life of me figure out how to do the same thing for the unlocking widget. There doesn't seem to be any documentation at all. It doesn't seem to be settable from the GUI. kdesktop_lock has a "--help" that mentions that the app takes the standard X-style "-geometry" argument, but experimentation shows that this doesn't control the position of the unlocking widget, which is not a surprise, since it applies to kdesktop_lock itself, which presumably runs in the root window. It's clear from "strace" that kdesktop_lock gets configuration data from the ~/.kde/share/config/kdesktoprc file, and also looks in kdeglobals (same directory) and looks for, but doesn't find, kdesktop_lockrc (same directory, again). Does anyone know if there's a section or variable I can set in one of these files that controls this? Or what the legal entries are for a kdesktop_lockrc file, if I wanted to build one? I've never learned much about DCOP, can I query the thing "live" via DCOP and learn about its options? I'd be happy with a referral to the appropriate KDE mailing list as well, of course. I realize this is an aesthetic, rather than functional, issue, but we sometimes have visitors (from funding agencies, even) in our lab, and it would be nice if the computers could convey a sense of professionalism, to them and to us. Oh, and it's a Debian "etch" x86_64 system running KDE 3.5. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Reinstalling Packages after Rebuilding System with Etch
On Monday 24 November 2008 15:05, Martin McCormick wrote: > I am going to backup my sarge system, install with the > etch-and-a-half CDROM and then I want to put back all the extra > packages such as alsa, calc and many more that I have installed > over time but, of course, do this as automatically as practical > as well as get the etch versions of everything. > > The plan is to do dpkg -l on the existing system to list > everything that is installed and then use dpkg to go get > comparable packages to replace what was there before. > > A. Will this work? > > B. Is there a better text-based way? I have done this using > dpkg --get-selections >file ... on the original machine, to record the package state, and then using the sequence: > dpkg --clear-selections > dpkg --set-selections < file > apt-get dselect-upgrade This particular sequence will identically clone the package state of the system -- you probably don't want that, since that would remove your hard-won new kernel, so you might want to skip the clear-selections step, and/or you may want to edit the file. I think in either case, installing already-installed packages is harmless. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Reinstalling Packages after Rebuilding System with Etch
On Monday 24 November 2008 21:13, Andrew Reid wrote: > On Monday 24 November 2008 15:05, Martin McCormick wrote: > > I am going to backup my sarge system, install with the > > etch-and-a-half CDROM and then I want to put back all the extra > > packages such as alsa, calc and many more that I have installed > > over time but, of course, do this as automatically as practical > > as well as get the etch versions of everything. > > > > The plan is to do dpkg -l on the existing system to list > > everything that is installed and then use dpkg to go get > > comparable packages to replace what was there before. > > > > A. Will this work? > > > > B. Is there a better text-based way? [ Cloning technique... ] OK, hit "send" too fast -- I hadn't appreciated that you are migrating from "Sarge" to "Etchnhalf" while doing this. The package-cloning idea still might work, but I have never tried it as an upgrade technique, only to restore the package state when recovering from disk failure. Probably if you take some care with editing the package list, it would be fine. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: advice on cloning system
On Wednesday 26 November 2008 03:39, tom arnall wrote: > I want to put linux on a new computer, without having to rebuild > all my applications. Following are the steps I plan to take: > > Install a base system with the same network installer > that I used for the source machine and without getting > anything from the network. > > Copy to the new machine from old with: > > su > mount /dev/sda3 /sD > cp -dRvpu / /sD > > The drive on the new machine is bigger and of a > different brand. For the copy, the new drive is > attached to the old machine as a usb drive. > > am i missing anything? Sometimes persistent network card info gets stored in /etc/udev/rules.d/z25_persistent-net.rules. Your copy operation will copy the MAC-address-indexed entry for a device on the old system, and when the new system boots up, it will think that the old device name is taken, and will assign a new device name for its network card. So, you might discover that the network interface that was eth0 when you did the base install will suddenly become eth1 when you boot the copied system. The work-around, of course, is to remove the about-to-be-wrong entry from that file after doing the copy. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: OT: volt and current (ALSA sound recording frustration)
On Friday 28 November 2008 14:10, lee wrote:
> On Fri, Nov 28, 2008 at 06:59:06PM +, Tzafrir Cohen wrote:
> > A voltmeter has two connectors and shows the potential differences
> > between them.
> >
> > This is unlike an Ampermeter that shows the current flowing through it.
>
> If you have a multimeter that can measure voltage or current, both
> modes are basically the same. The difference is only in where most of
> the current flows.
>
> Is it even possible to measure a mere potential?
You mean, in principle? Of course.
Put your two wires of unknown potential difference at
opposite ends of an evacuated tube. Arrange the geometry
so that the electric field between them is linear in space.
You can do this by hooking them up to big plates and putting
the plates close enough together, making basically a
vacuum capacitor.
Then, shoot charged particles into the space between
the electrodes. From the way they deflect, and their
charge-to-mass ratio, you can deduce the electric field
strength, and from that, the potential difference between
the electrodes giving rise to the field.
Alternate method: Place a piezoelectric crystal of
known characteristics in the gap, and measure the
change in shape. From this, you can deduce the degree
of polarization, and thus the externally-applied field,
and from that, again, the voltage difference between
the electrodes.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: OT: volt and current (ALSA sound recording frustration)
On Friday 28 November 2008 16:28, lee wrote: > On Fri, Nov 28, 2008 at 04:13:21PM -0500, Andrew Reid wrote: > > On Friday 28 November 2008 14:10, lee wrote: > > > Is it even possible to measure a mere potential? > > > > You mean, in principle? Of course. > > > > Put your two wires of unknown potential difference at > > opposite ends of an evacuated tube. Arrange the geometry > > so that the electric field between them is linear in space. > > You can do this by hooking them up to big plates and putting > > the plates close enough together, making basically a > > vacuum capacitor. > > > > Then, shoot charged particles into the space between > > the electrodes. > > It takes energy to defect particles or to change the shape of a > crystal, doesn't it? You would be observing/measuring effects and > *deduce* that there is a potential, but that is different from > observing/measuring the potential itself, isn't it? It needn't -- if the deflection is purely elastic, then the particle comes out with the same energy as when it went in, and there's no energy transfer. There is a momentum transfer, of course. Then again, "deducing that there is a potential" is a pretty good definition of measurement, I think. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to reposition the K desktop unlocking widget?
On Tuesday 25 November 2008 02:00, Boyd Stephen Smith Jr. wrote: > On Friday 2008 November 21 21:50, Andrew Reid wrote: > > I've recently set up a Debian system for a colleague with > > an NVidia video card that can do dual-monitors. > > This was spectacularly easy to set up with "TwinView", it > > seemed to automatically get most things right, with two > > exceptions. > > The KDM log-in widget and the kdesktop_lock unlocking > > widget are centered in the "virtual desktop", which means > > there's half of them on each monitor. > > I'm running KDE 3.5.x across two differently-sized monitors (using > TwinView) and I don't have these issues. Apologies to the list, but I'm > attaching my 4k xorg.conf, so you can see if there are options you might be > able to employ to get you system working. I'm on Debian Lenny. Thanks for this -- I'm not in front of the problem system just at the moment, but I think the difference might be that I used a TwinView screen directly, and didn't use a ServerLayout section, so by the time KDE gets to it, all the low-level structure has been virtualized away. Interestingly, I did ask on the KDE list, and they encouraged me to file a bug report, which I did, mere moments ago. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to reposition the K desktop unlocking widget?
On Friday 28 November 2008 19:47, Andrew Reid wrote:
> Thanks for this -- I'm not in front of the problem system
> just at the moment, but I think the difference might be that I
> used a TwinView screen directly, and didn't use a ServerLayout
> section, so by the time KDE gets to it, all the low-level
> structure has been virtualized away.
Replying to myself here, the foregoing paragraph is
thoroughly wrong. I've now examined the xorg.conf file,
and of course it does have a ServerLayout section. It's a good
deal simpler than the one thoughtfully provided here, but
looks pretty similar.
I think my next step is to spend some quality time
with the TwinView docs and see if I can isolate the
important differences.
-- A.
--
Andrew Reid / [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to stop an active network connection
On Tuesday 02 December 2008 17:26, T o n g wrote: > Hi, > > How can I stop an active network connection? e.g., > > $ netstat > Active Internet connections (w/o servers) > Proto Recv-Q Send-Q Local Address Foreign Address > State > tcp0 0 192.168.0.100:ssh ip-72-55-146-217.:35911 > ESTABLISHED > > Because barbarians are pounding at my sshd gate again: > > . . . > Dec 2 16:41:37 helios sshd[9201]: Invalid user chad from 72.55.146.217 > Dec 2 16:41:37 helios sshd[9201]: pam_unix(sshd:auth): check pass; user > unknown > Dec 2 16:41:37 helios sshd[9201]: pam_unix(sshd:auth): authentication > failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=ip-72-55-146-217.static.privatedns.com > Dec 2 16:41:39 helios sshd[9201]: Failed password for invalid user chad > from 72.55.146.217 port 42328 ssh2 > . . . > > I shut down my sshd daemon, but the network bandwidth did not drop. The > active connection went away in the netstat output, which is wrong, and > iftop was able to reveal the still-live connection. I use a thing called "fail2ban", which will monitor log entries and dynamically update your firewall to block IP addresses which are the source of too many failures. I set it up years ago, and don't recall the specifics, but it's packaged for Debian, and I recall it being reasonably straightforward to set up. The way I have it set up, it will block particular users who can't get their password right after three tries. I believe it can also be set up to block particular IP addresses that try multiple usernames, but I'm not 100% sure. -- A. -- Andrew Reid / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: read only nfs root and var
On Sunday 18 January 2009 17:30, Micha Feigin wrote: > I'm trying to setup a server that export root over a read only nfs file > system. I managed to enable local settings for each machine by mounting > it's own disk and then linking some files from etc. > > The only problem I'm running into is var which should be partially from the > head node (looks like most of var/lib) and some local (var/run it seems). > How do I setup var to play nicely with a readonly root file system (it is > possible to symlink what needs to be write enabled to the local disk if > needed) I've used unionfs for this -- it's a scheme that lets you mount a read-only file system and a read-write "overlay", with copy-on-write semantics, which is to say, when you write a file, it creates a new copy of the file on the rw filesystem, and uses that in the future. It's mainly used for overlaying RAMFS filesystems over CD-ROMs on various LiveCD distros, but it also works for rw local disk over ro NFS. It's fairly straightforward to mount, and fstab understands it. It's provided by a kernel module, but the modules are packaged for Debian "etch", and I think the functionality is included in the kernel source itself for 2.6.24 (etchnhalf) and 2.6.26 (lenny), but I'm not 100% sure of that -- the machines I do this for are still vanilla "etch", so as I say, I'm not sure of the etchnhalf or lenny status. My limited experience (I inherited this configuration from the previous sysadmin) is that you definitely need to write to parts of "var" (/var/run, /var/tmp, and of course /var/log, but possibly elsewhere), you may need to write to parts of /etc (the famous /etc/udev/rules.d/z25_persistent-net.rules), and if you run a graphical desktop, it might want to put lock-files in /media when it mounts CDs and things. And there's /tmp, of course, which however might be a separate filesystem. The configuration I'm maintaining uses two unionfs overlays, one for /var and one for /etc, a small ramfs for /media, and a separate filesystem for /tmp. <http://www.filesystems.org/project-unionfs.html> <http://packages.debian.org/search?keywords=unionfs&searchon=names&version=all&release=all> <http://en.wikipedia.org/wiki/UnionFS> -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: read only nfs root and var
On Sunday 18 January 2009 21:21, Andrew Reid wrote: > On Sunday 18 January 2009 17:30, Micha Feigin wrote: > > I'm trying to setup a server that export root over a read only nfs file > > system. I managed to enable local settings for each machine by mounting > > it's own disk and then linking some files from etc. > It's provided by a kernel module, but the modules are packaged > for Debian "etch", and I think the functionality is included in > the kernel source itself for 2.6.24 (etchnhalf) and 2.6.26 (lenny), > but I'm not 100% sure of that -- the machines I do this for > are still vanilla "etch", so as I say, I'm not sure of the > etchnhalf or lenny status. > OK, replying to myself here, I just had a quick look around, and it seems that lenny has migrated to "aufs", which is an alternate implementation of "stackable" filesystems, but as far as I can tell, stackable file-system functionality is not packaged in etchnhalf -- is that right, or am I missing something? Neither aufs nor unionfs are built by the source package linux-modules-extra-2.6-etchnhalf, and the user-space versions (unionfs-fuse, and/or funionfs) only appear in lenny and sid. So, let me pass this on -- anyone know how to do unionfs in etchnhalf? -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Installing FreeBSD under Xen on Debian Lenny
Hi all -- I'm attempting to install a FreeBSD domU HVM under Xen using the stock Xen packages in Debian "lenny" (Xen version 3.2), and I'm running into a problem trying to boot the FreeBSD install CD on the VM. I'm getting a "BTX halted" error, which seems to indicate a misconfigured BIOS, but I'm getting nowhere beyond that with Google. The dom0 is Debian "lenny" amd64, on an ASUS P5Q Pro motherboard, which has hardware support for Intel virtualization tech. (Enabling this is the most commonly reported solution to the BTX error I've seen, but it was eanbled out of the box for me.) The CPU is an Intel Core2 Quad Q9400, which also has the necessary hardware support, so I don't think there's a hardware problem. The scheme I am trying to use is to have the VM boot off an image of the install CD, and then run the installer inside the VM to get everything set up. I have done this successfully for a Debian HVM domU, although there were some networking issues which I think are unrelated. The FreeBSD CD image I'm using boots successfully in VirtualBox, so I know it can at least get that far. Has anyone done this successfully? Can you share your VM config file and/or provide clues? I can of course provide arbitrarily terrifying levels of additional detail. Thanks in advance. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: unionfs
On Sunday 07 February 2010 17:32:45 Alex Samad wrote:
> Hi
>
> I am looking at trying out unionfs, I notice there is onlythe
> unionfs-fuse package - is this the way debian is going with unionfs or
> how do you use the kernel version - can't seem to find any comparisons
> between the 2
The Debian-packaged kernel overlay file system is "aufs", which
seem to be a fork and/or successor of unionfs.
I have had some difficulties with overlay file systems in "lenny",
I have a diskless cluster where I wanted to overlay two different
NFS-mounted file-systems, and was not able to solve the problem
within the scope of lenny-packaged tools. Aufs does work in general,
but not in the case where I wanted it.
I'm not aware of any comparisons between unionfs and aufs,
but my intuition is that the kernel system should have better
performance.
-- A.
--
Andrew Reid / rei...@bellatlantic.net
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
